gojue · cfc4n · Sep 15, 2024 · Sep 15, 2024
diff --git a/kern/openssl_3_1_0_kern.c b/kern/openssl_3_1_0_kern.c
@@ -0,0 +1,61 @@
+#ifndef ECAPTURE_OPENSSL_3_0_0_KERN_H
+#define ECAPTURE_OPENSSL_3_0_0_KERN_H
+
+/* OPENSSL_VERSION_TEXT: OpenSSL 3.1.5 30 Jan 2024 */
+/* OPENSSL_VERSION_NUMBER: 806355024 */
+
+// ssl_st->version
+#define SSL_ST_VERSION 0x0
+
+// ssl_st->session
+#define SSL_ST_SESSION 0x918
+
+// ssl_st->s3
+#define SSL_ST_S3 0xa8
+
+// ssl_st->rbio
+#define SSL_ST_RBIO 0x10
+
+// ssl_st->wbio
+#define SSL_ST_WBIO 0x18
+
+// ssl_st->server
+#define SSL_ST_SERVER 0x38
+
+// ssl_session_st->master_key
+#define SSL_SESSION_ST_MASTER_KEY 0x50
+
+// ssl_st->s3.client_random
+#define SSL_ST_S3_CLIENT_RANDOM 0x160
+
+// ssl_session_st->cipher
+#define SSL_SESSION_ST_CIPHER 0x2f8
+
+// ssl_session_st->cipher_id
+#define SSL_SESSION_ST_CIPHER_ID 0x300
+
+// ssl_cipher_st->id
+#define SSL_CIPHER_ST_ID 0x18
+
+// ssl_st->handshake_secret
+#define SSL_ST_HANDSHAKE_SECRET 0x584
+
+// ssl_st->handshake_traffic_hash
+#define SSL_ST_HANDSHAKE_TRAFFIC_HASH 0x704
+
+// ssl_st->client_app_traffic_secret
+#define SSL_ST_CLIENT_APP_TRAFFIC_SECRET 0x744
+
+// ssl_st->server_app_traffic_secret
+#define SSL_ST_SERVER_APP_TRAFFIC_SECRET 0x784
+
+// ssl_st->exporter_master_secret
+#define SSL_ST_EXPORTER_MASTER_SECRET 0x7c4
+
+// bio_st->num
+#define BIO_ST_NUM 0x38
+
+#include "openssl.h"
+#include "openssl_masterkey_3.0.h"
+
+#endif
diff --git a/kern/openssl_3_2_3_kern.c b/kern/openssl_3_2_3_kern.c
@@ -0,0 +1,74 @@
+#ifndef ECAPTURE_OPENSSL_3_2_3_KERN_H
+#define ECAPTURE_OPENSSL_3_2_3_KERN_H
+
+/* OPENSSL_VERSION_TEXT: OpenSSL 3.2.3 3 Sep 2024 */
+/* OPENSSL_VERSION_NUMBER: 807403568 */
+
+// ssl_st->type
+#define SSL_ST_TYPE 0x0
+
+// ssl_connection_st->version
+#define SSL_CONNECTION_ST_VERSION 0x40
+
+// ssl_connection_st->session
+#define SSL_CONNECTION_ST_SESSION 0x880
+
+// ssl_connection_st->s3
+#define SSL_CONNECTION_ST_S3 0x118
+
+// ssl_connection_st->rbio
+#define SSL_CONNECTION_ST_RBIO 0x48
+
+// ssl_connection_st->wbio
+#define SSL_CONNECTION_ST_WBIO 0x50
+
+// ssl_connection_st->server
+#define SSL_CONNECTION_ST_SERVER 0x70
+
+// ssl_session_st->master_key
+#define SSL_SESSION_ST_MASTER_KEY 0x50
+
+// ssl_connection_st->s3.client_random
+#define SSL_CONNECTION_ST_S3_CLIENT_RANDOM 0x140
+
+// ssl_session_st->cipher
+#define SSL_SESSION_ST_CIPHER 0x2f8
+
+// ssl_session_st->cipher_id
+#define SSL_SESSION_ST_CIPHER_ID 0x300
+
+// ssl_cipher_st->id
+#define SSL_CIPHER_ST_ID 0x18
+
+// ssl_connection_st->handshake_secret
+#define SSL_CONNECTION_ST_HANDSHAKE_SECRET 0x53c
+
+// ssl_connection_st->handshake_traffic_hash
+#define SSL_CONNECTION_ST_HANDSHAKE_TRAFFIC_HASH 0x6bc
+
+// ssl_connection_st->client_app_traffic_secret
+#define SSL_CONNECTION_ST_CLIENT_APP_TRAFFIC_SECRET 0x6fc
+
+// ssl_connection_st->server_app_traffic_secret
+#define SSL_CONNECTION_ST_SERVER_APP_TRAFFIC_SECRET 0x73c
+
+// ssl_connection_st->exporter_master_secret
+#define SSL_CONNECTION_ST_EXPORTER_MASTER_SECRET 0x77c
+
+// bio_st->num
+#define BIO_ST_NUM 0x38
+
+// quic_conn_st->tls
+#define QUIC_CONN_ST_TLS 0x40
+
+#define SSL_ST_VERSION SSL_CONNECTION_ST_VERSION
+
+#define SSL_ST_WBIO SSL_CONNECTION_ST_WBIO
+
+#define SSL_ST_RBIO SSL_CONNECTION_ST_RBIO
+
+
+#include "openssl.h"
+#include "openssl_masterkey_3.2.h"
+
+#endif
diff --git a/kern/openssl_3_3_0_kern.c b/kern/openssl_3_3_0_kern.c
@@ -0,0 +1,74 @@
+#ifndef ECAPTURE_OPENSSL_3_2_2_KERN_H
+#define ECAPTURE_OPENSSL_3_2_2_KERN_H
+
+/* OPENSSL_VERSION_TEXT: OpenSSL 3.2.2 4 Jun 2024 */
+/* OPENSSL_VERSION_NUMBER: 807403552 */
+
+// ssl_st->type
+#define SSL_ST_TYPE 0x0
+
+// ssl_connection_st->version
+#define SSL_CONNECTION_ST_VERSION 0x40
+
+// ssl_connection_st->session
+#define SSL_CONNECTION_ST_SESSION 0x880
+
+// ssl_connection_st->s3
+#define SSL_CONNECTION_ST_S3 0x118
+
+// ssl_connection_st->rbio
+#define SSL_CONNECTION_ST_RBIO 0x48
+
+// ssl_connection_st->wbio
+#define SSL_CONNECTION_ST_WBIO 0x50
+
+// ssl_connection_st->server
+#define SSL_CONNECTION_ST_SERVER 0x70
+
+// ssl_session_st->master_key
+#define SSL_SESSION_ST_MASTER_KEY 0x50
+
+// ssl_connection_st->s3.client_random
+#define SSL_CONNECTION_ST_S3_CLIENT_RANDOM 0x140
+
+// ssl_session_st->cipher
+#define SSL_SESSION_ST_CIPHER 0x300
+
+// ssl_session_st->cipher_id
+#define SSL_SESSION_ST_CIPHER_ID 0x308
+
+// ssl_cipher_st->id
+#define SSL_CIPHER_ST_ID 0x18
+
+// ssl_connection_st->handshake_secret
+#define SSL_CONNECTION_ST_HANDSHAKE_SECRET 0x53c
+
+// ssl_connection_st->handshake_traffic_hash
+#define SSL_CONNECTION_ST_HANDSHAKE_TRAFFIC_HASH 0x6bc
+
+// ssl_connection_st->client_app_traffic_secret
+#define SSL_CONNECTION_ST_CLIENT_APP_TRAFFIC_SECRET 0x6fc
+
+// ssl_connection_st->server_app_traffic_secret
+#define SSL_CONNECTION_ST_SERVER_APP_TRAFFIC_SECRET 0x73c
+
+// ssl_connection_st->exporter_master_secret
+#define SSL_CONNECTION_ST_EXPORTER_MASTER_SECRET 0x77c
+
+// bio_st->num
+#define BIO_ST_NUM 0x38
+
+// quic_conn_st->tls
+#define QUIC_CONN_ST_TLS 0x40
+
+#define SSL_ST_VERSION SSL_CONNECTION_ST_VERSION
+
+#define SSL_ST_WBIO SSL_CONNECTION_ST_WBIO
+
+#define SSL_ST_RBIO SSL_CONNECTION_ST_RBIO
+
+
+#include "openssl.h"
+#include "openssl_masterkey_3.2.h"
+
+#endif
diff --git a/user/module/probe_openssl_lib.go b/user/module/probe_openssl_lib.go
@@ -40,10 +40,11 @@ const (
 	MaxSupportedOpenSSL102Version = 'u'
 	MaxSupportedOpenSSL110Version = 'l'
 	MaxSupportedOpenSSL111Version = 'w'
-	MaxSupportedOpenSSL30Version  = 14
-	MaxSupportedOpenSSL31Version  = 6
-	MaxSupportedOpenSSL32Version  = 2
-	MaxSupportedOpenSSL33Version  = 1
+	MaxSupportedOpenSSL30Version  = 15
+	MaxSupportedOpenSSL31Version  = 7
+	SupportedOpenSSL32Version2    = 2 // openssl 3.2.0 ~ 3.2.2
+	MaxSupportedOpenSSL32Version  = 3 // openssl 3.2.3 ~ newer
+	MaxSupportedOpenSSL33Version  = 2
 )
 
 // initOpensslOffset initial BpfMap
@@ -95,26 +96,31 @@ func (m *MOpenSSLProbe) initOpensslOffset() {
 		m.sslVersionBpfMap["openssl 1.1.1"+string(ch)] = "openssl_1_1_1j_kern.o"
 	}
 
-	// openssl 3.0.0 - 3.0.12
+	// openssl 3.0.0 - 3.0.15
 	for ch := 0; ch <= MaxSupportedOpenSSL30Version; ch++ {
 		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.0.%d", ch)] = "openssl_3_0_0_kern.o"
 	}
 
 	// openssl 3.1.0 - 3.1.4
 	for ch := 0; ch <= MaxSupportedOpenSSL31Version; ch++ {
 		// The OpenSSL 3.0 series is the same as the 3.1 series of offsets
-		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.1.%d", ch)] = "openssl_3_0_0_kern.o"
+		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.1.%d", ch)] = "openssl_3_1_0_kern.o"
 	}
 
 	// openssl 3.2.0
-	for ch := 0; ch <= MaxSupportedOpenSSL32Version; ch++ {
+	for ch := 0; ch <= SupportedOpenSSL32Version2; ch++ {
 		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.2.%d", ch)] = "openssl_3_2_0_kern.o"
 	}
 
-	// openssl 3.3.0
+	// openssl 3.2.3 - newer
+	for ch := 3; ch <= MaxSupportedOpenSSL32Version; ch++ {
+		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.2.%d", ch)] = "openssl_3_2_3_kern.o"
+	}
+
+	// openssl 3.3.0 - newer
 	for ch := 0; ch <= MaxSupportedOpenSSL33Version; ch++ {
 		// The OpenSSL 3.3.* series is the same as the 3.2.* series of offsets
-		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.3.%d", ch)] = "openssl_3_2_0_kern.o"
+		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.3.%d", ch)] = "openssl_3_3_0_kern.o"
 	}
 
 	// openssl 1.1.0a - 1.1.0l

diff --git a/utils/openssl_offset_3.0.sh b/utils/openssl_offset_3.0.sh
@@ -40,6 +40,7 @@ function run() {
   sslVerMap["12"]="0"
   sslVerMap["13"]="0"
   sslVerMap["14"]="0"
+  sslVerMap["15"]="15"
 
   # shellcheck disable=SC2068
   for ver in ${!sslVerMap[@]}; do

diff --git a/utils/openssl_offset_3.1.sh b/utils/openssl_offset_3.1.sh
@@ -32,6 +32,7 @@ function run() {
   sslVerMap["4"]="0"
   sslVerMap["5"]="0"
   sslVerMap["6"]="0"
+  sslVerMap["7"]="0"
 
   # shellcheck disable=SC2068
   for ver in ${!sslVerMap[@]}; do

diff --git a/utils/openssl_offset_3.2.sh b/utils/openssl_offset_3.2.sh
@@ -28,6 +28,7 @@ function run() {
   sslVerMap["0"]="0"
   sslVerMap["1"]="0"
   sslVerMap["2"]="0"
+  sslVerMap["3"]="3"
 
   # shellcheck disable=SC2068
   for ver in ${!sslVerMap[@]}; do

diff --git a/utils/openssl_offset_3.3.sh b/utils/openssl_offset_3.3.sh
@@ -21,19 +21,20 @@ if [[ ! -f "${OPENSSL_DIR}/.git" ]]; then
   fi
 fi
 
-# openssl 3.3.* 跟 3.2.* 的offset一致，故这里采用 3.2的文件名。
+# openssl 3.3.* 跟 3.2.* 的offset一致。
 function run() {
   git fetch --tags
   cp -f ${PROJECT_ROOT_DIR}/utils/openssl_3_2_0_offset.c ${OPENSSL_DIR}/offset.c
   declare -A sslVerMap=()
   sslVerMap["0"]="0"
-  sslVerMap["1"]="1"
+  sslVerMap["1"]="0"
+  sslVerMap["2"]="0"
 
   # shellcheck disable=SC2068
   for ver in ${!sslVerMap[@]}; do
     tag="openssl-3.3.${ver}"
     val=${sslVerMap[$ver]}
-    header_file="${OUTPUT_DIR}/openssl_3_2_${val}_kern.c"
+    header_file="${OUTPUT_DIR}/openssl_3_3_${val}_kern.c"
     header_define="OPENSSL_3_2_$(echo ${val} | tr "[:lower:]" "[:upper:]")_KERN_H"
 
     if [[ -f ${header_file} ]]; then