CIFS: add CONFIG_CIFS_DEBUG_KEYS to dump encryption keys Add new config option that dumps AES keys to the console when they are generated. This is obviously for debugging purposes only, and should not be enabled otherwise. Signed-off-by: Aurelien Aptel <aaptel@suse.com> Signed-off-by: Steve French <smfrench@gmail.com>

commit: d38de3c6156b97e4900a345124d06b6ead2d6bee [log] [tgz]
author: Aurélien Aptel <aaptel@suse.com> Wed May 24 16:13:25 2017 +0200
committer: Steve French <smfrench@gmail.com> Wed Jul 05 19:51:04 2017 -0500
tree: 6ed6293bbf4eb877aa6c06cf79fb4f48be0491e8
parent: 97b37f241672c6b369486ac270de5ab14eb354ea [diff] [blame]
diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig
index 034f00f..afeefe7 100644
--- a/fs/cifs/Kconfig
+++ b/fs/cifs/Kconfig

@@ -146,6 +146,15 @@
 	   option can be turned off unless you are debugging
 	   cifs problems.  If unsure, say N.
 
+config CIFS_DEBUG_DUMP_KEYS
+	bool "Dump encryption keys for offline decryption (Unsafe)"
+	depends on CIFS_DEBUG && CIFS_SMB2
+	help
+	   Enabling this will dump the encryption and decryption keys
+	   used to communicate on an encrypted share connection on the
+	   console. This allows Wireshark to decrypt and dissect
+	   encrypted network captures. Enable this carefully.
+
 config CIFS_DFS_UPCALL
 	  bool "DFS feature support"
 	  depends on CIFS && KEYS
commit	d38de3c6156b97e4900a345124d06b6ead2d6bee	[log] [tgz]
author	Aurélien Aptel <aaptel@suse.com>	Wed May 24 16:13:25 2017 +0200
committer	Steve French <smfrench@gmail.com>	Wed Jul 05 19:51:04 2017 -0500
tree	6ed6293bbf4eb877aa6c06cf79fb4f48be0491e8
parent	97b37f241672c6b369486ac270de5ab14eb354ea [diff] [blame]