Bug 1183318 - Disable logging of TLS/SSL key material by default in optimized builds, patch v2, r=martin.thomson
--- a/lib/ssl/Makefile
+++ b/lib/ssl/Makefile
@@ -34,16 +34,23 @@ DEFINES += -DIN_LIBSSL
else
ifeq ($(OS_TARGET),OS2)
CSRCS += os2_err.c
else
CSRCS += unix_err.c
endif
endif
+# Enable key logging by default in debug builds, but not opt builds.
+# Logging still needs to be enabled at runtime through env vars.
+NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1)
+ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE))
+DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1
+endif
+
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -6327,29 +6327,31 @@ install:
}
loser:
done:
PZ_Unlock(symWrapKeysLock);
return unwrappedWrappingKey;
}
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
/* hexEncode hex encodes |length| bytes from |in| and writes it as |length*2|
* bytes to |out|. */
static void
hexEncode(char *out, const unsigned char *in, unsigned int length)
{
static const char hextable[] = "0123456789abcdef";
unsigned int i;
for (i = 0; i < length; i++) {
*(out++) = hextable[in[i] >> 4];
*(out++) = hextable[in[i] & 15];
}
}
+#endif
/* Called from ssl3_SendClientKeyExchange(). */
/* Presently, this always uses PKCS11. There is no bypass for this. */
static SECStatus
sendRSAClientKeyExchange(sslSocket *ss, SECKEYPublicKey *svrPubKey)
{
PK11SymKey *pms = NULL;
SECStatus rv = SECFailure;
@@ -6379,16 +6381,17 @@ sendRSAClientKeyExchange(sslSocket *ss,
/* wrap pre-master secret in server's public key. */
rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, pms, &enc_pms);
if (rv != SECSuccess) {
ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
goto loser;
}
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
if (ssl_keylog_iob) {
SECStatus extractRV = PK11_ExtractKeyValue(pms);
if (extractRV == SECSuccess) {
SECItem *keyData = PK11_GetKeyData(pms);
if (keyData && keyData->data && keyData->len) {
#ifdef TRACE
if (ssl_trace >= 100) {
ssl_PrintBuf(ss, "Pre-Master Secret",
@@ -6410,16 +6413,17 @@ sendRSAClientKeyExchange(sslSocket *ss,
buf[sizeof(buf) - 1] = '\n';
fwrite(buf, sizeof(buf), 1, ssl_keylog_iob);
fflush(ssl_keylog_iob);
}
}
}
}
+#endif
rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
isTLS ? enc_pms.len + 2
: enc_pms.len);
if (rv != SECSuccess) {
goto loser; /* err set by ssl3_AppendHandshake* */
}
if (isTLS) {
@@ -11721,16 +11725,17 @@ ssl3_SendNextProto(sslSocket *ss)
/* called from ssl3_SendFinished
*
* This function is simply a debugging aid and therefore does not return a
* SECStatus. */
static void
ssl3_RecordKeyLog(sslSocket *ss)
{
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
SECStatus rv;
SECItem *keyData;
char buf[14 /* "CLIENT_RANDOM " */ +
SSL3_RANDOM_LENGTH * 2 /* client_random */ +
1 /* " " */ +
48 * 2 /* master secret */ +
1 /* new line */];
unsigned int j;
@@ -11771,16 +11776,17 @@ ssl3_RecordKeyLog(sslSocket *ss)
PORT_Assert(j == sizeof(buf));
ssl_ReleaseSpecReadLock(ss);
if (fwrite(buf, sizeof(buf), 1, ssl_keylog_iob) != 1)
return;
fflush(ssl_keylog_iob);
return;
+#endif
}
/* called from ssl3_SendClientSecondRound
* ssl3_HandleClientHello
* ssl3_HandleFinished
*/
static SECStatus
ssl3_SendFinished(sslSocket *ss, PRInt32 flags)
--- a/lib/ssl/sslsock.c
+++ b/lib/ssl/sslsock.c
@@ -122,17 +122,21 @@ static PRBool ssl_inited = PR_FALSE;
static PRDescIdentity ssl_layer_id;
PRBool locksEverDisabled; /* implicitly PR_FALSE */
PRBool ssl_force_locks; /* implicitly PR_FALSE */
int ssl_lock_readers = 1; /* default true. */
char ssl_debug;
char ssl_trace;
FILE *ssl_trace_iob;
+
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
FILE *ssl_keylog_iob;
+#endif
+
char lockStatus[] = "Locks are ENABLED. ";
#define LOCKSTATUS_OFFSET 10 /* offset of ENABLED */
/* SRTP_NULL_HMAC_SHA1_80 and SRTP_NULL_HMAC_SHA1_32 are not implemented. */
static const PRUint16 srtpCiphers[] = {
SRTP_AES128_CM_HMAC_SHA1_80,
SRTP_AES128_CM_HMAC_SHA1_32,
0
@@ -3287,29 +3291,31 @@ ssl_SetDefaultsFromEnvironment(void)
}
#endif /* TRACE */
ev = PR_GetEnvSecure("SSLDEBUG");
if (ev && ev[0]) {
ssl_debug = atoi(ev);
SSL_TRACE(("SSL: debugging set to %d", ssl_debug));
}
#endif /* DEBUG */
+#ifdef NSS_ALLOW_SSLKEYLOGFILE
ev = PR_GetEnvSecure("SSLKEYLOGFILE");
if (ev && ev[0]) {
ssl_keylog_iob = fopen(ev, "a");
if (!ssl_keylog_iob) {
SSL_TRACE(("SSL: failed to open key log file"));
} else {
if (ftell(ssl_keylog_iob) == 0) {
fputs("# SSL/TLS secrets log file, generated by NSS\n",
ssl_keylog_iob);
}
SSL_TRACE(("SSL: logging SSL/TLS secrets to %s", ev));
}
}
+#endif
#ifndef NO_PKCS11_BYPASS
ev = PR_GetEnvSecure("SSLBYPASS");
if (ev && ev[0]) {
ssl_defaults.bypassPKCS11 = (ev[0] == '1');
SSL_TRACE(("SSL: bypass default set to %d",
ssl_defaults.bypassPKCS11));
}
#endif /* NO_PKCS11_BYPASS */