Today I wanted to sniff on TLS traffic of hell, a “mastodon client” that seemed to not want to work with things that aren’t Mastodon. The network calls are mostly made from within a library, hellclient-go-mastodon fork of go-mastodon.
SSLKEYLOGFILE turned out to be a standard, now even RFC 9850, for TLS client instrumentation. But Go standard library doesn’t simply write the secrets to a log file in coupling with the obscure environment variable. Not much libraries seem to do it — just programs like major web browsers and curl. (Perhaps bizarrely, this Haskell package adds it coupled with an environment variable — introduced to one’s Haskell code by means of adding nothing more than an import statement.)