FS#49727 - [nss] re-enable SSLKEYLOGFILE functionality

Attached to Project: Arch Linux
Opened by Peter Wu (Lekensteyn) - Thursday, 16 June 2016, 00:00 GMT
Last edited by Jan Alexander Steffens (heftig) - Thursday, 16 June 2016, 18:24 GMT
Task Type Feature Request
Category Packages: Core
Status Closed
Assigned To Jan de Groot (JGC)
Jan Alexander Steffens (heftig)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
Since NSS 3.24 the debug feature SSLKEYLOGFILE is disabled. This feature is useful to obtain SSL secrets that can be used for decrypting SSL sessions in Wireshark.

Upstream disabled this by default for security reasons, but this is nonsense as the ability to set environment variables has other more severe issues (think of LD_PRELOAD). Please re-enable this in NSS such that Firefox can dump SSL keys again.

Links:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.24_release_notes
https://bugzilla.mozilla.org/show_bug.cgi?id=1188657 (enables SSLKEYLOGFILE for official Firefox builds again)
https://bugzilla.mozilla.org/show_bug.cgi?id=1183318 (broke SSLKEYLOGFILE in NSS 3.24 by default)
This task depends upon

Closed by  Jan Alexander Steffens (heftig)
Thursday, 16 June 2016, 18:24 GMT
Reason for closing:  Implemented
Additional comments about closing:  3.24-2

Loading...