Fix the mixed offsets and dissection preparation

2025-08-25 11:59:35 +00:00 · 2022-05-31 00:10:32 +03:00 · 2022-05-31 00:10:32 +03:00 · 3b27c5c704
commit 3b27c5c704
parent f54d9a453f
7 changed files with 20 additions and 7 deletions
--- a/tap/extensions/http/main.go
+++ b/tap/extensions/http/main.go
@ -186,6 +186,8 @@ func (d dissecting) Dissect(b *bufio.Reader, reader api.TcpReader, options *api.
 			}
 		} else {
 			switchingProtocolsHTTP2, err = handleHTTP1ServerStream(b, reader.GetReadProgress(), reader.GetParent().GetOrigin(), reader.GetTcpID(), reader.GetCounterPair(), reader.GetCaptureTime(), reader.GetEmitter(), options, reqResMatcher)
+			// TODO: Golang TLS malformed HTTP response
+			fmt.Printf("err: %v\n", err)
 			if err == io.EOF || err == io.ErrUnexpectedEOF {
 				break
 			} else if err != nil {
--- a/tap/tlstapper/bpf/golang_uprobes.c
+++ b/tap/tlstapper/bpf/golang_uprobes.c
@ -137,7 +137,7 @@ static __always_inline int golang_net_http_dialconn_uprobe(struct pt_regs *ctx)
    __u64 key_socket = (pid << 32) + ctx->r14;
    status = bpf_map_update_elem(&golang_socket_dials, &key_socket, &b, BPF_ANY);
    if (status != 0) {
-        bpf_printk("[golang_net_socket_uprobe] error setting socket: %d", status);
+        bpf_printk("[golang_net_http_dialconn_uprobe] error setting socket: %d", status);
    }

    return 0;
--- a/tap/tlstapper/golang_hooks.go
+++ b/tap/tlstapper/golang_hooks.go
@ -34,7 +34,7 @@ func (s *golangHooks) installHooks(bpfObjects *tlsTapperObjects, ex *link.Execut
 	// Relative offset points to
 	// [`net/http.(*Transport).dialConn+412`](https://github.com/golang/go/blob/fe4de36198794c447fbd9d7cc2d7199a506c76a5/src/net/http/transport.go#L1564)
 	s.golangDialProbe, err = ex.Uprobe(golangDialSymbol, bpfObjects.GolangNetHttpDialconnUprobe, &link.UprobeOptions{
-		Offset: offsets.GolangWriteOffset + 0x19c,
+		Offset: offsets.GolangDialOffset + 0x19c,
 	})

 	if err != nil {
@ -44,7 +44,7 @@ func (s *golangHooks) installHooks(bpfObjects *tlsTapperObjects, ex *link.Execut
 	// Relative offset points to
 	// [`net.socket+127`](https://github.com/golang/go/blob/fe4de36198794c447fbd9d7cc2d7199a506c76a5/src/net/sock_posix.go#L23)
 	s.golangSocketProbe, err = ex.Uprobe(golangSocketSymbol, bpfObjects.GolangNetSocketUprobe, &link.UprobeOptions{
-		Offset: offsets.GolangWriteOffset + 0x7f,
+		Offset: offsets.GolangSocketOffset + 0x7f,
 	})

 	if err != nil {
@ -63,7 +63,7 @@ func (s *golangHooks) installHooks(bpfObjects *tlsTapperObjects, ex *link.Execut

 	// Relative offset points to
 	// [`net/http.(*persistConn).Read+92`](https://github.com/golang/go/blob/fe4de36198794c447fbd9d7cc2d7199a506c76a5/src/net/http/transport.go#L1929)
-	s.golangReadProbe, err = ex.Uprobe(golangWriteSymbol, bpfObjects.GolangNetHttpReadUprobe, &link.UprobeOptions{
+	s.golangReadProbe, err = ex.Uprobe(golangReadSymbol, bpfObjects.GolangNetHttpReadUprobe, &link.UprobeOptions{
 		Offset: offsets.GolangReadOffset + 0x5c,
 	})

--- a/tap/tlstapper/golang_offsets.go
+++ b/tap/tlstapper/golang_offsets.go
@ -67,10 +67,10 @@ func findGolangOffsets(filePath string) (golangOffsets, error) {
 	}

 	return golangOffsets{
+		GolangDialOffset:   dialOffset,
+		GolangSocketOffset: socketOffset,
 		GolangWriteOffset:  writeOffset,
 		GolangReadOffset:   readOffset,
-		GolangSocketOffset: socketOffset,
-		GolangDialOffset:   dialOffset,
 	}, nil
 }

--- a/tap/tlstapper/tls_poller.go
+++ b/tap/tlstapper/tls_poller.go
@ -172,6 +172,16 @@ func (p *tlsPoller) pollGolangReadWrite(rd *ringbuf.Reader, emitter api.Emitter,
 		}

 		if connection.GotRequest && connection.GotResponse {
+			// TODO: Remove these comments
+			// fmt.Printf("\n\nconnection.Pid: %v\n", connection.Pid)
+			// fmt.Printf("connection.ConnAddr: 0x%x\n", connection.ConnAddr)
+			// fmt.Printf("connection.AddressPair.srcIp: %v\n", connection.AddressPair.srcIp)
+			// fmt.Printf("connection.AddressPair.srcPort: %v\n", connection.AddressPair.srcPort)
+			// fmt.Printf("connection.AddressPair.dstIp: %v\n", connection.AddressPair.dstIp)
+			// fmt.Printf("connection.AddressPair.dstPort: %v\n", connection.AddressPair.dstPort)
+			// fmt.Printf("connection.Request:\n%v\n", unix.ByteSliceToString(connection.Request))
+			// fmt.Printf("connection.Response:\n%v\n", unix.ByteSliceToString(connection.Response))
+
 			tcpid := p.buildTcpId(&connection.AddressPair)

 			tlsEmitter := &tlsEmitter{
@ -188,7 +198,7 @@ func (p *tlsPoller) pollGolangReadWrite(rd *ringbuf.Reader, emitter api.Emitter,
 				extension:     p.extension,
 				emitter:       tlsEmitter,
 				counterPair:   &api.CounterPair{},
-				reqResMatcher: p.reqResMatcher,
+				reqResMatcher: p.extension.Dissector.NewResponseRequestMatcher(),
 			}

 			stream := &tlsStream{
@ -211,6 +221,7 @@ func (p *tlsPoller) pollGolangReadWrite(rd *ringbuf.Reader, emitter api.Emitter,
 				SrcPort: reader.tcpID.DstPort,
 				DstPort: reader.tcpID.SrcPort,
 			}
+			reader.progress = &api.ReadProgress{}

 			err = p.extension.Dissector.Dissect(bufio.NewReader(bytes.NewReader(connection.Response)), reader, options)

--- a/tap/tlstapper/tlstapper_bpfeb.o
+++ b/tap/tlstapper/tlstapper_bpfeb.o
--- a/tap/tlstapper/tlstapper_bpfel.o
+++ b/tap/tlstapper/tlstapper_bpfel.o