Add DebugTLSHandshake option

dmwm · Jul 17, 2024 · 1de226e · 1de226e
1 parent 2825273
commit 1de226e
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/data.go b/data.go
@@ -68,6 +68,7 @@ type Configuration struct {
 	MaxTLSVersion       string          `json:"maxTLSVersion"`          // maximum TLS version
 	CipherSuites        string          `json:"cipher_suites"`          // use custom CipherSuites
 	InsecureSkipVerify  bool            `json:"insecureSkipVerify"`     // tls configuration option
+	DebugTLSHandshake   bool            `json:"debugTLSHandshake"`      // enable TLS handshake debug info on stdout
 
 	KeepAlive           bool `json:"keepAlive"`           // keep alive for http proxy transport
 	KeepAliveTimeout    int  `json:"keepAliveTimeout"`    // keep alive timeout

diff --git a/utils.go b/utils.go
@@ -228,6 +228,10 @@ func getServer(serverCrt, serverKey string, customVerify bool) (*http.Server, er
 			VerifyPeerCertificate: VerifyPeerCertificate,
 		}
 	}
+	// enable debugging of TLS handshake
+	if Config.DebugTLSHandshake {
+		tlsConfig.KeyLogWriter = os.Stdout
+	}
 	// set min/max TLS version only if they are provided in configuration
 	if Config.MinTLSVersion != "" {
 		log.Println("use minTLSVersion", minVer)