+
+void
+ssl_load_keyfile(const gchar *tls_keylog_filename, FILE **keylog_file,
+ const ssl_master_key_map_t *mk_map)
+{
+ /* no need to try if no key log file is configured. */
+ if (!tls_keylog_filename || !*tls_keylog_filename) {
+ ssl_debug_printf("%s dtls/tls.keylog_file is not configured!\n",
+ G_STRFUNC);
+ return;
+ }
+
+ /* Validate regexes before even trying to use it. */
+ if (!ssl_compile_keyfile_regex()) {
+ return;
+ }
+
+ ssl_debug_printf("trying to use TLS keylog in %s\n", tls_keylog_filename);
+
+ /* if the keylog file was deleted, re-open it */
+ if (*keylog_file && file_needs_reopen(*keylog_file, tls_keylog_filename)) {
+ ssl_debug_printf("%s file got deleted, trying to re-open\n", G_STRFUNC);
+ fclose(*keylog_file);
+ *keylog_file = NULL;
+ }
+
+ if (*keylog_file == NULL) {
+ *keylog_file = ws_fopen(tls_keylog_filename, "r");
+ if (!*keylog_file) {
+ ssl_debug_printf("%s failed to open SSL keylog\n", G_STRFUNC);
+ return;
+ }
+ }
+
+ for (;;) {
+ char buf[512], *line;
+ line = fgets(buf, sizeof(buf), *keylog_file);
+ if (!line) {
+ if (feof(*keylog_file)) {
+ /* Ensure that newly appended keys can be read in the future. */
+ clearerr(*keylog_file);
+ } else if (ferror(*keylog_file)) {
+ ssl_debug_printf("%s Error while reading key log file, closing it!\n", G_STRFUNC);
+ fclose(*keylog_file);
+ *keylog_file = NULL;
+ }
+ break;
+ }
+ tls_keylog_process_lines(mk_map, line);
+ }
+}