Skip to content

Commit

Permalink
feat(user/module): add ossl version 3.4.0 support (#660)
Browse files Browse the repository at this point in the history
fix  #656
  • Loading branch information
xxxxxliil authored Nov 8, 2024
1 parent b8bacc7 commit 19af845
Show file tree
Hide file tree
Showing 5 changed files with 168 additions and 0 deletions.
80 changes: 80 additions & 0 deletions kern/openssl_3_4_0_kern.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
#ifndef ECAPTURE_OPENSSL_3_4_0_KERN_H
#define ECAPTURE_OPENSSL_3_4_0_KERN_H

/* OPENSSL_VERSION_TEXT: OpenSSL 3.4.0 22 Oct 2024 */
/* OPENSSL_VERSION_NUMBER: 809500672 */

// ssl_st->type
#define SSL_ST_TYPE 0x0

// ssl_connection_st->version
#define SSL_CONNECTION_ST_VERSION 0x40

// ssl_connection_st->session
#define SSL_CONNECTION_ST_SESSION 0x880

// ssl_connection_st->s3
#define SSL_CONNECTION_ST_S3 0x118

// ssl_connection_st->rbio
#define SSL_CONNECTION_ST_RBIO 0x48

// ssl_connection_st->wbio
#define SSL_CONNECTION_ST_WBIO 0x50

// ssl_connection_st->server
#define SSL_CONNECTION_ST_SERVER 0x70

// ssl_session_st->master_key
#define SSL_SESSION_ST_MASTER_KEY 0x50

// ssl_connection_st->s3.client_random
#define SSL_CONNECTION_ST_S3_CLIENT_RANDOM 0x140

// ssl_session_st->cipher
#define SSL_SESSION_ST_CIPHER 0x2f8

// ssl_session_st->cipher_id
#define SSL_SESSION_ST_CIPHER_ID 0x300

// ssl_cipher_st->id
#define SSL_CIPHER_ST_ID 0x18

// ssl_connection_st->handshake_secret
#define SSL_CONNECTION_ST_HANDSHAKE_SECRET 0x53c

// ssl_connection_st->handshake_traffic_hash
#define SSL_CONNECTION_ST_HANDSHAKE_TRAFFIC_HASH 0x6bc

// ssl_connection_st->client_app_traffic_secret
#define SSL_CONNECTION_ST_CLIENT_APP_TRAFFIC_SECRET 0x6fc

// ssl_connection_st->server_app_traffic_secret
#define SSL_CONNECTION_ST_SERVER_APP_TRAFFIC_SECRET 0x73c

// ssl_connection_st->exporter_master_secret
#define SSL_CONNECTION_ST_EXPORTER_MASTER_SECRET 0x77c

// bio_st->num
#define BIO_ST_NUM 0x38

// bio_st->method
#define BIO_ST_METHOD 0x8

// bio_method_st->type
#define BIO_METHOD_ST_TYPE 0x0

// quic_conn_st->tls
#define QUIC_CONN_ST_TLS 0x40

#define SSL_ST_VERSION SSL_CONNECTION_ST_VERSION

#define SSL_ST_WBIO SSL_CONNECTION_ST_WBIO

#define SSL_ST_RBIO SSL_CONNECTION_ST_RBIO


#include "openssl.h"
#include "openssl_masterkey_3.2.h"

#endif
7 changes: 7 additions & 0 deletions user/module/probe_openssl_lib.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ const (
Linuxdefaulefilename31 = "linux_default_3_0"
Linuxdefaulefilename320 = "linux_default_3_2"
Linuxdefaulefilename330 = "linux_default_3_3"
Linuxdefaulefilename340 = "linux_default_3_4"
AndroidDefauleFilename = "android_default"

OpenSslVersionLen = 30 // openssl version string length
Expand All @@ -46,6 +47,7 @@ const (
MaxSupportedOpenSSL32Version = 3 // openssl 3.2.3 ~ newer
SupportedOpenSSL33Version1 = 1 // openssl 3.3.0 ~ 3.3.1
MaxSupportedOpenSSL33Version = 2 // openssl 3.3.2
SupportedOpenSSL34Version0 = 0 // openssl 3.4.0
)

// initOpensslOffset initial BpfMap
Expand Down Expand Up @@ -128,6 +130,11 @@ func (m *MOpenSSLProbe) initOpensslOffset() {
m.sslVersionBpfMap[fmt.Sprintf("openssl 3.3.%d", ch)] = "openssl_3_3_2_kern.o"
}

// openssl 3.4.0
for ch := 0; ch <= SupportedOpenSSL34Version0; ch++ {
m.sslVersionBpfMap[fmt.Sprintf("openssl 3.4.%d", ch)] = "openssl_3_4_0_kern.o"
}

// openssl 1.1.0a - 1.1.0l
for ch := 'a'; ch <= MaxSupportedOpenSSL110Version; ch++ {
m.sslVersionBpfMap["openssl 1.1.0"+string(ch)] = "openssl_1_1_0a_kern.o"
Expand Down
1 change: 1 addition & 0 deletions utils/openssl_3_2_0_offset.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
#include <ssl/ssl_local.h>
#include <stddef.h>
#include <stdio.h>
#include <ctype.h>

#define SSL_STRUCT_OFFSETS \
X(ssl_st, type) \
Expand Down
79 changes: 79 additions & 0 deletions utils/openssl_offset_3.4.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
#!/usr/bin/env bash
set -e

PROJECT_ROOT_DIR=$(pwd)
OPENSSL_DIR="${PROJECT_ROOT_DIR}/deps/openssl"
OUTPUT_DIR="${PROJECT_ROOT_DIR}/kern"

if [[ ! -f "go.mod" ]]; then
echo "Run the script from the project root directory"
exit 1
fi

echo "check file exists: ${OPENSSL_DIR}/.git"
# skip cloning if the header file of the max supported version is already generated
if [[ ! -f "${OPENSSL_DIR}/.git" ]]; then
echo "check directory exists: ${OPENSSL_DIR}"
# skip cloning if the openssl directory already exists
if [[ ! -d "${OPENSSL_DIR}" ]]; then
echo "git clone openssl to ${OPENSSL_DIR}"
git clone https://github.com/openssl/openssl.git ${OPENSSL_DIR}
fi
fi

# openssl 3.3.*/3.4.* 跟 3.2.* 的offset一致。
function run() {
git fetch --tags
cp -f ${PROJECT_ROOT_DIR}/utils/openssl_3_2_0_offset.c ${OPENSSL_DIR}/offset.c
declare -A sslVerMap=()
sslVerMap["0"]="0"
# sslVerMap["1"]="0"
# sslVerMap["2"]="2"

# shellcheck disable=SC2068
for ver in ${!sslVerMap[@]}; do
tag="openssl-3.4.${ver}"
val=${sslVerMap[$ver]}
header_file="${OUTPUT_DIR}/openssl_3_4_${val}_kern.c"
header_define="OPENSSL_3_4_$(echo ${val} | tr "[:lower:]" "[:upper:]")_KERN_H"

if [[ -f ${header_file} ]]; then
echo "Skip ${header_file}"
continue
fi
echo "git checkout ${tag}"
git checkout ${tag}
echo "Generating ${header_file}"


# ./Configure and make openssl/opensslconf.h
./Configure
make clean
make build_generated


clang -I /usr/include -I include/ -I . offset.c -o offset

echo -e "#ifndef ECAPTURE_${header_define}" >${header_file}
echo -e "#define ECAPTURE_${header_define}\n" >>${header_file}
./offset >>${header_file}
echo -e "#define SSL_ST_VERSION SSL_CONNECTION_ST_VERSION\n" >>${header_file}
echo -e "#define SSL_ST_WBIO SSL_CONNECTION_ST_WBIO\n" >>${header_file}
echo -e "#define SSL_ST_RBIO SSL_CONNECTION_ST_RBIO\n" >>${header_file}
echo -e "\n#include \"openssl.h\"" >>${header_file}
echo -e "#include \"openssl_masterkey_3.2.h\"" >>${header_file}
echo -e "\n#endif" >>${header_file}

# clean up
make clean

done

rm offset.c
}

# TODO Check if the directory for OpenSSL exists
pushd ${OPENSSL_DIR}
(run)
[[ "$?" != 0 ]] && popd
popd
1 change: 1 addition & 0 deletions variables.mk
Original file line number Diff line number Diff line change
Expand Up @@ -200,6 +200,7 @@ TARGETS += kern/openssl_3_2_0
TARGETS += kern/openssl_3_2_3
TARGETS += kern/openssl_3_3_0
TARGETS += kern/openssl_3_3_2
TARGETS += kern/openssl_3_4_0
TARGETS += kern/gotls

ifeq ($(ANDROID),0)
Expand Down

0 comments on commit 19af845

Please sign in to comment.