[SR-Users] Re: SSL key logger for Diffie-Hellman cipher

You can check this PR https://github.com/kamailio/kamailio/pull/2785 On Fri, Jan 26, 2024 at 8:58 PM Calvin E. via sr-users <sr-users(a)lists.kamailio.org> wrote: > > I've been tasked to use LD_PRELOAD to log SSL keys for TLS connections using a Diffie-Hellman cipher. The first attempt did not work, so I wanted to sanity check whether Kamailio's TLS support is built in such a way that would defeat LD_PRELOAD. > > The instructions from the vendor are to update /etc/init.d/kamailio like this: > > env SSLKEYLOG_UDP='127.0.0.1:1234' LD_PRELOAD="/usr/local/src/voipmonitor-git/tools/ssl_keylogger/sslkeylog.so /usr/lib/x86_64-linux-gnu/libssl.so.3" \ > start-stop-daemon --start --quiet --pidfile $PIDFILE \ > --exec $DAEMON -- $OPTIONS || log_failure_msg " already running" > > Is there anything special in Kamailio (5.7.3 on Debian 12) that would prevent this from working? Not necessarily something to defeat a keylogger, but maybe the way tls.so gets loaded? > > The only discrepancy I've noticed is the vendor docs refer to libssl.so.3 not libssl.so.1, but the vendor said that should be OK. > > I'd love to hear from someone already using VoIPmonitor with Diffie-Hellman ciphers and Kamailio. > > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to sr-users-leave(a)lists.kamailio.org > Important: keep the mailing list in the recipients, do not reply only to the sender! > Edit mailing list options or unsubscribe: