Add TLS 1.3 EXPORTER_SECRET to SSLKEYLOGFILE.

Per discussion in https://bugzilla.mozilla.org/show_bug.cgi?id=1287711. Otherwise this feature won't work for QUIC. Change-Id: Ia799bfd1e29c01161c4298fb3124c96f62ada9c5 Reviewed-on: https://boringssl-review.googlesource.com/21104 Commit-Queue: Steven Valdez <svaldez@google.com> Reviewed-by: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Tw3akG33k · Oct 4, 2017 · 1c58471 · 1c58471
1 parent e7136a9
commit 1c58471
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/ssl/tls13_enc.cc b/ssl/tls13_enc.cc
@@ -236,7 +236,9 @@ int tls13_derive_application_secrets(SSL_HANDSHAKE *hs) {
                         hs->server_traffic_secret_0, hs->hash_len) &&
          derive_secret(hs, ssl->s3->exporter_secret, hs->hash_len,
                        (const uint8_t *)kTLS13LabelExporter,
-                       strlen(kTLS13LabelExporter));
+                       strlen(kTLS13LabelExporter)) &&
+         ssl_log_secret(ssl, "EXPORTER_SECRET", ssl->s3->exporter_secret,
+                        hs->hash_len);
 }
 
 static const char kTLS13LabelApplicationTraffic[] =