Skip to content

Instantly share code, notes, and snippets.

@outsinre

outsinre/sslkeylogfile.Dockerfile Secret

Last active December 24, 2024 14:40
Show Gist options
  • Save outsinre/bde97c641b1830bb2d4207176ab29969 to your computer and use it in GitHub Desktop.
Save outsinre/bde97c641b1830bb2d4207176ab29969 to your computer and use it in GitHub Desktop.
Download ZIP
Use sslkeylog.c to Decrypt TLS Traffic
Raw
sslkeylogfile.Dockerfile
# https://git.lekensteyn.nl/peter/wireshark-notes/plain/src/sslkeylog.c
# https://github.com/Lekensteyn/wireshark-notes/blob/master/src/sslkeylog.c
ARG KONG_BASE_IMAGE="kong/kong-gateway:3.9.0.0"
ARG BUILD_DIR="/wireshark-notes"
ARG TARGET_OBJ="libsslkeylog.so"
# Stage build
FROM --platform=${BUILDPLATFORM} ${KONG_BASE_IMAGE} AS build
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
USER root
WORKDIR /
ARG DEBIAN_FRONTEND=noninteractive
RUN <<-EOF
set -ex
apt-get update
apt-get install -y \
build-essential \
git \
curl
EOF
ARG BUILD_DIR
ARG TARGET_OBJ
ARG REPO_URL="https://github.com/Lekensteyn/wireshark-notes.git"
RUN <<-EOF
set -ex
git clone --depth=1 https://github.com/Lekensteyn/wireshark-notes.git ${BUILD_DIR}
cd ${BUILD_DIR}/src
cc -I/usr/local/kong/include sslkeylog.c -shared -o ${TARGET_OBJ} -fPIC -ldl -L/usr/local/kong/lib
# test the build
./sslkeylog.sh curl -sI https://www.google.com
EOF
# Stage runtime
FROM --platform=${BUILDPLATFORM} ${KONG_BASE_IMAGE} AS runtime
ARG BUILD_DIR
ARG TARGET_OBJ
COPY --from=build ${BUILD_DIR}/src/${TARGET_OBJ} /usr/local/kong/lib/libsslkeylog.so
@outsinre
Copy link
Author

outsinre commented Dec 24, 2024
edited
Loading

Sample runtime declarative config sslkeylogfile.yml.

---
_format_version: '3.0'
_transform: true

services:
- name: google
  url: https://www.google.com
  routes:
  - name: sslkeylogfile
    paths:
    - /sslkeylogfile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment