Google Git
Sign in
boringssl / boringssl.git / d28f59c27bac60d3206f0c302b7cb37f9cd88f43^! / . / ssl / internal.h
commitd28f59c27bac60d3206f0c302b7cb37f9cd88f43[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Tue Nov 17 22:32:50 2015 -0500
committerAdam Langley <agl@google.com>Thu Nov 19 01:23:49 2015 +0000
treed4c7e0e7e0cb3db43279f45a8d2f987c4ba8ac4b
parentfba735cfd879514aa150ee02f0be37a283bfbdde [diff] [blame]
Switch the keylog BIO to a callback.

The keylog BIO is internally synchronized by the SSL_CTX lock, but an
application may wish to log keys from multiple SSL_CTXs. This is in
preparation for switching Chromium to use a separate SSL_CTX per profile
to more naturally split up the session caches.

It will also be useful for routing up SSLKEYLOGFILE in WebRTC. There,
each log line must be converted to an IPC up from the renderer
processes.

This will require changes in Chromium when we roll BoringSSL.

BUG=458365,webrtc:4417

Change-Id: I2945bdb4def0a9c36e751eab3d5b06c330d66b54
Reviewed-on: https://boringssl-review.googlesource.com/6514
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/internal.h b/ssl/internal.h
index 77d8e58..e278aea 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h

@@ -1233,21 +1233,21 @@
 
 int tls1_record_handshake_hashes_for_channel_id(SSL *s);
 
-/* ssl_ctx_log_rsa_client_key_exchange logs |premaster| to |ctx|, if logging is
- * enabled. It returns one on success and zero on failure. The entry is
- * identified by the first 8 bytes of |encrypted_premaster|. */
-int ssl_ctx_log_rsa_client_key_exchange(SSL_CTX *ctx,
-                                        const uint8_t *encrypted_premaster,
-                                        size_t encrypted_premaster_len,
-                                        const uint8_t *premaster,
-                                        size_t premaster_len);
+/* ssl_log_rsa_client_key_exchange logs |premaster|, if logging is enabled for
+ * |ssl|. It returns one on success and zero on failure. The entry is identified
+ * by the first 8 bytes of |encrypted_premaster|. */
+int ssl_log_rsa_client_key_exchange(const SSL *ssl,
+                                    const uint8_t *encrypted_premaster,
+                                    size_t encrypted_premaster_len,
+                                    const uint8_t *premaster,
+                                    size_t premaster_len);
 
-/* ssl_ctx_log_master_secret logs |master| to |ctx|, if logging is enabled. It
+/* ssl_log_master_secret logs |master|, if logging is enabled for |ssl|. It
  * returns one on success and zero on failure. The entry is identified by
  * |client_random|. */
-int ssl_ctx_log_master_secret(SSL_CTX *ctx, const uint8_t *client_random,
-                              size_t client_random_len, const uint8_t *master,
-                              size_t master_len);
+int ssl_log_master_secret(const SSL *ssl, const uint8_t *client_random,
+                          size_t client_random_len, const uint8_t *master,
+                          size_t master_len);
 
 /* ssl3_can_false_start returns one if |s| is allowed to False Start and zero
  * otherwise. */