From 170158a65b4513136d995c91f3c3d0862268ca67 Mon Sep 17 00:00:00 2001
From: mathewmarcus <mathewmarcus456@gmail.com>
Date: Mon, 2 Jul 2018 10:36:54 -0500
Subject: [PATCH] add l option for SSLKEYLOGFILE

---
 base/pcap-snoop.c | 9 +++++++--
 ssl/ssl_analyze.c | 1 +
 ssl/ssl_analyze.h | 1 +
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/base/pcap-snoop.c b/base/pcap-snoop.c
index e0c9b62..27b47c8 100644
--- a/base/pcap-snoop.c
+++ b/base/pcap-snoop.c
@@ -104,7 +104,7 @@ int err_exit(str,num)
 
 int usage()
   {
-    fprintf(stderr,"Usage: ssldump [-r dumpfile] [-i interface] \n");
+    fprintf(stderr,"Usage: ssldump [-r dumpfile] [-i interface] [-l sslkeylogfile] \n");
     fprintf(stderr,"               [-k keyfile] [-p password] [-vtaTnsAxVNde]\n");
     fprintf(stderr,"               [filter]\n");
     exit(0);
@@ -293,7 +293,7 @@ int main(argc,argv)
 
     signal(SIGINT,sig_handler);
     
-    while((c=getopt(argc,argv,"vr:F:f:S:yTt:ai:k:p:nsAxXhHVNdqem:P"))!=EOF){
+    while((c=getopt(argc,argv,"vr:F:f:S:yTt:ai:k:l:p:nsAxXhHVNdqem:P"))!=EOF){
       switch(c){
         case 'v':
           print_version();
@@ -326,6 +326,9 @@ int main(argc,argv)
         case 'k':
           SSL_keyfile=strdup(optarg);
           break;
+        case 'l':
+	  SSL_keylogfile=strdup(optarg);
+	  break;
         case 'p':
           SSL_password=strdup(optarg);
           break;
@@ -465,6 +468,8 @@ int main(argc,argv)
         free(interface_name);
     if(SSL_keyfile)
         free(SSL_keyfile);
+    if(SSL_keylogfile)
+        free(SSL_keylogfile);
     if(SSL_password)
         free(SSL_password);
 
diff --git a/ssl/ssl_analyze.c b/ssl/ssl_analyze.c
index 67b1f73..f5b91fa 100644
--- a/ssl/ssl_analyze.c
+++ b/ssl/ssl_analyze.c
@@ -77,6 +77,7 @@ static int print_ssl_record PROTO_LIST((ssl_obj *obj,int direction,
   segment *q,UCHAR *data,int len));
 char *SSL_keyfile=0;
 char *SSL_password=0;
+char *SSL_keylogfile=0;
 
 #define NEGATE 0x800000
 
diff --git a/ssl/ssl_analyze.h b/ssl/ssl_analyze.h
index d985218..20d2e64 100644
--- a/ssl/ssl_analyze.h
+++ b/ssl/ssl_analyze.h
@@ -82,6 +82,7 @@ extern proto_mod ssl_mod;
 extern UINT4 SSL_print_flags;
 extern char *SSL_keyfile;
 extern char *SSL_password;
+extern char *SSL_keylogfile;
 
 #endif