Open xieyuschen opened 2 years ago
@derekcollison If nats-server has such plan, I am interested to add this feature. Thanks.
We don't at this time, but looped in @philpennock
Get it. Thanks @philpennock @derekcollison
You submitted a PR yes?
You submitted a PR yes?
Submitted a draft PR.
Feature Request
Currently, nats only provides flags to specify the cert key and so on and init in the function
func overrideTLS(opts *Options) error
:However, nats doesn't provide any way to get the keys during the TLS handshake and it also doesn't provide a way to pass a
tls.Config
struct.So for debugging(especially for QUIC development), I think it is necessary to add a new flag to enable output key log. Note that it should enable only in debug mode.
Use Case:
From this way, we could get the key log with the format:
Here also provides a way to get the log and let wireshark decrypts the packets.
Proposed Change:
Add a new flag in function
func ConfigureOptions(fs *flag.FlagSet, args []string, printVersion, printHelp, printTLSHelp func()) (*Options, error)
.Who Benefits From The Change(s)?
Developers who are developing the QUIC can use wireshark to capture the packets and this new feature helps wireshark to decrypt the encryted packets.