On Sun, Jun 30, 2024 at 9:35 PM Lee <ler...@gmail.com> wrote: > > On Sat, Jun 29, 2024 at 4:45 PM Jeffrey Walton wrote: > > > > On Sat, Jun 29, 2024 at 4:13 PM Lee wrote: > > > > > > [...] Debian firefox does NOT allow one to do > > > TLS intercept - ie. this does not work: > > > C:\UTIL>cat firefox-tlsdecode.bat > > > set SSLKEYLOGFILE=C:\Users\Lee\AppData\Local\Temp\FF-SSLkeys.txt > > > start C:\"Program Files\Firefox\Firefox.exe" > > > > > > @rem wireshark: > > > @rem edit / preferences > > > @rem protocols / tls (v2.6: protocols / ssl) > > > @rem paste SSLKEYLOGFILE filename into (Pre)-Master-Secret log > > > filename (was SSL debug file entry) > > > > I'm not sure who your complaint is against -- Debian, Firefox or > > Linux. I'm also not sure that it is a valid complaint. > > It is 100% a valid complaint. And it's a complaint against Debian > because they're the ones that turned off that functionality. > They have <reasons>, I disagree, I'm free to build Firefox for myself, > get somebody else to doit for me, or get it somewhere else.
It looks like the change is due to NSS (Network Security Services), not Firefox: <https://bugzilla.mozilla.org/show_bug.cgi?id=908046> and <https://bugzilla.mozilla.org/show_bug.cgi?id=1183318>. I think the 3318 bug is most relevant, but I may be mistaken. If I am parsing the various bug reports properly, it looks like SSLKEYLOGFILE was disabled by default for release builds. It looks like you might have to perform your own debug build to gain access again. Or maybe the nightly builds of Firefox will have it. > ... which is the downside of free software. Technically, yes, I'm > free to build the software with whatever I want enabled, with whatever > changes I want added/deleted. > In practice, my ability to build Firefox is .. lacking :( Yeah, trying to build some of these projects is the pits. Jeff
