From 192ed8959304058bf9eaccca567b7fa86bca0c03 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Date: Wed, 10 Apr 2024 14:26:56 +0400
Subject: [PATCH] qemu-rdp: add SSLKEYLOGFILE support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
 qemu-rdp/src/server/mod.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/qemu-rdp/src/server/mod.rs b/qemu-rdp/src/server/mod.rs
index c5be28e..e056cb4 100644
--- a/qemu-rdp/src/server/mod.rs
+++ b/qemu-rdp/src/server/mod.rs
@@ -51,11 +51,14 @@ fn acceptor(cert_path: &str, key_path: &str) -> Result<TlsAcceptor, Error> {
     let cert = certs(&mut BufReader::new(File::open(cert_path)?))?[0].clone();
     let key = pkcs8_private_keys(&mut BufReader::new(File::open(key_path)?))?[0].clone();
 
-    let server_config = ServerConfig::builder()
+    let mut server_config = ServerConfig::builder()
         .with_safe_defaults()
         .with_no_client_auth()
         .with_single_cert(vec![rustls::Certificate(cert)], rustls::PrivateKey(key))
         .expect("bad certificate/key");
 
+    // This adds support for the SSLKEYLOGFILE env variable (https://wiki.wireshark.org/TLS#using-the-pre-master-secret)
+    server_config.key_log = Arc::new(rustls::KeyLogFile::new());
+
     Ok(TlsAcceptor::from(Arc::new(server_config)))
 }