Python - Requests HTTP Library SSL Key

Question

I am using requests library to complete communication with https websites. This works great, my only problem is that wireshark no longer captures plain text information in the "Decrypted SSL Data" tab as it does after following this instructional :

https://jimshaver.net/2015/02/11/decrypting-tls-browser-traffic-with-wireshark-the-easy-way/

Setup enviromental variable that allows chrome and firefox to store ssl keys in file, wireshark uses this file in real time.

Is their a way I can modify a simple https request script such as this :

import requests
resp = requests.get("https://www.google.com", allow_redirects=True)

to also store the ssl key into file as chrome and firefox do?

From what I understand about OpenSSL implementations that would do similar, you'd have to find the master secret and session key in memory - is this doable when running from cmd or practical?

Answer 1

This appears to be possible now with Requests.

I have set SSLKEYLOGFILE=secrets.log and then ran a request via requests.get() and secrets.log is now populated with TLS secrets. I am using requests v2.25.1 and urllib3 v1.26.3.

Apparently, it took a while for OpenSSL to provide APIs necessary to extract keying information, and then time for bindings to be created in pyOpenSSL to utilize those APIs and then for that to bubble up to urllib3.

See this issue for more details: https://github.com/psf/requests/issues/3674