git:master:79a76ca6: tls: add init flag for keylog_mode - sr-dev

24 Jul 2025

Module: kamailio
Branch: master
Commit: 79a76ca6dde85c477890e28b5ce4132458060b0d
URL: https://github.com/kamailio/kamailio/commit/79a76ca6dde85c477890e28b5ce41324...
Author: Daniel-Constantin Mierla miconda@gmail.com
Committer: Daniel-Constantin Mierla miconda@gmail.com
Date: 2025-07-24T14:21:20+02:00
tls: add init flag for keylog_mode
- used to initialized key logging without active flag
---
Modified: src/modules/tls/tls_domain.c
Modified: src/modules/tls/tls_util.c
Modified: src/modules/tls/tls_util.h
---
Diff:  https://github.com/kamailio/kamailio/commit/79a76ca6dde85c477890e28b5ce41324...
Patch: https://github.com/kamailio/kamailio/commit/79a76ca6dde85c477890e28b5ce41324...
---

diff --git a/src/modules/tls/tls_domain.c b/src/modules/tls/tls_domain.c
index 0bb91734d3d..b58aaf09006 100644
--- a/src/modules/tls/tls_domain.c
+++ b/src/modules/tls/tls_domain.c
@@ -1091,6 +1091,9 @@ static int tls_server_name_cb(SSL *ssl, int *ad, void *private)
static void ksr_tls_keylog_callback(const SSL *ssl, const char *line)
 {
+	if(!(ksr_tls_keylog_mode & KSR_TLS_KEYLOG_MODE_ACTIVE)) {
+		return;
+	}
    if(ksr_tls_keylog_mode & KSR_TLS_KEYLOG_MODE_MLOG) {
    	LM_NOTICE("tlskeylog: %s\n", line);
    }
@@ -1161,7 +1164,7 @@ static int ksr_tls_fix_domain(tls_domain_t *d, tls_domain_t *def)
    				ERR_reason_error_string(e));
    		return -1;
    	}
-		if(ksr_tls_keylog_mode & KSR_TLS_KEYLOG_MODE_ACTIVE) {
+		if(ksr_tls_keylog_mode & KSR_TLS_KEYLOG_MODE_INIT) {
    		SSL_CTX_set_keylog_callback(d->ctx[i], ksr_tls_keylog_callback);
    	}
    	if(d->method > TLS_USE_TLSvRANGE) {
diff --git a/src/modules/tls/tls_util.c b/src/modules/tls/tls_util.c
index 89b3ccb3b2d..21b63bb19f8 100644
--- a/src/modules/tls/tls_util.c
+++ b/src/modules/tls/tls_util.c
@@ -124,7 +124,7 @@ void tls_openssl_clear_errors(void)
  */
 int ksr_tls_keylog_file_init(void)
 {
-	if(!((ksr_tls_keylog_mode & KSR_TLS_KEYLOG_MODE_ACTIVE)
+	if(!((ksr_tls_keylog_mode & KSR_TLS_KEYLOG_MODE_INIT)
    		   && (ksr_tls_keylog_mode & KSR_TLS_KEYLOG_MODE_FILE))) {
    	return 0;
    }
diff --git a/src/modules/tls/tls_util.h b/src/modules/tls/tls_util.h
index 6a24c039794..dc575cdfe7b 100644
--- a/src/modules/tls/tls_util.h
+++ b/src/modules/tls/tls_util.h
@@ -32,9 +32,10 @@
 #include "../../core/str.h"
 #include "tls_domain.h"
-#define KSR_TLS_KEYLOG_MODE_ACTIVE (1)
-#define KSR_TLS_KEYLOG_MODE_MLOG (1 << 1)
-#define KSR_TLS_KEYLOG_MODE_FILE (1 << 2)
+#define KSR_TLS_KEYLOG_MODE_INIT (1)
+#define KSR_TLS_KEYLOG_MODE_ACTIVE (1 << 1)
+#define KSR_TLS_KEYLOG_MODE_MLOG (1 << 2)
+#define KSR_TLS_KEYLOG_MODE_FILE (1 << 3)
static inline int tls_err_ret(
    	char *s, SSL *ssl, tls_domains_cfg_t **tls_domains_cfg)

    