Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

kern: Adjust the timing of key acquisition to distinguish between TLS #576

Merged
merged 1 commit into from
Jul 5, 2024
Merged

kern: Adjust the timing of key acquisition to distinguish between TLS #576

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 28 additions & 3 deletions kern/boringssl_masterkey.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,27 @@ struct ssl3_state_st {
unsigned char client_random[SSL3_RANDOM_SIZE];
};

/*
* 最好的办法是先判断当前SSL的模式,是server还是client。 目前ssl->server 字段是bool类型,offsetof方法不太好读取
* 暂时使用state的最小值代替, 下面 TLS 1.3的判断机制也是这样。
*
* The best way is to first determine the current SSL mode, whether it is server or client. Currently,
* the ssl->server field is of bool type, and using the offsetof method is not very readable.
* Therefore, the minimum value of the state is temporarily used instead.
* The judgment mechanism for TLS 1.3 follows the same approach.
*/
// constant of boringssl SSL state
#define CLIENT_STATE13_READ_SERVER_FINISHED 8 // ssl/tls13_client.cc line 51: state_read_server_finished
#define CLIENT_STATE13_DONE 14 // ssl/tls13_client.cc line 51: state_done
#define SERVER_STATE13_READ_CLIENT_FINISHED 14 // ssl/internal.h line 1786: state13_read_client_finished
#define SERVER_STATE13_SEND_NEW_SESSION_TICKET 15 // ssl/internal.h line 1786: state13_send_new_session_ticket
#define SERVER_STATE13_DONE 16 // ssl/internal.h line 1786: state13_done

#define CLIENT_STATE12_SEND_CLIENT_FINISHED 16 // ssl/handshake_client.cc line 201: state_send_client_finished
#define CLIENT_STATE12_DONE 22 // ssl/handshake_client.cc line 201: state_done
#define SERVER_STATE12_READ_CLIENT_FINISHED 18 // ssl/internal.h line 1766: state12_read_client_finished
#define SERVER_STATE12_DONE 21 // ssl/internal.h line 1766: state12_done

struct ssl3_handshake_st {
// state is the internal state for the TLS 1.2 and below handshake. Its
// values depend on |do_handshake| but the starting state is always zero.
Expand Down Expand Up @@ -294,9 +315,7 @@ int probe_ssl_master_key(struct pt_regs *ctx) {

///////////////////////// get TLS 1.2 master secret ////////////////////
if (mastersecret->version != TLS1_3_VERSION) {
// state12_finish_server_handshake
// state12_done
if (ssl3_hs_state.state < 20) {
if (ssl3_hs_state.state < CLIENT_STATE12_SEND_CLIENT_FINISHED) {
// not finished yet.
return 0;
}
Expand Down Expand Up @@ -346,6 +365,12 @@ int probe_ssl_master_key(struct pt_regs *ctx) {
return 0;
}

// ssl 1.3 server and client mode.
if (ssl3_hs_state.tls13_state < CLIENT_STATE13_READ_SERVER_FINISHED) {
// not finished yet.
return 0;
}

void *hs_ptr_tls13 =
(void *)(ssl_hs_st_addr + SSL_HANDSHAKE_CLIENT_HANDSHAKE_SECRET_);
ret = bpf_probe_read_user(&mastersecret->client_handshake_secret_,
Expand Down
Loading