github/kubeshark
1
0
Fork 0
mirror of https://github.com/kubeshark/kubeshark.git synced 2025-08-19 17:07:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
feat/bfl-syntax-highlighting
kubeshark/tap/tlstapper/ssllib_hooks.go
Nimrod Gilboa Markevich 692c500b0f
Improve Go TLS address availability (#1207) 
Fetch source and destination addresses with bpf from tcp kprobes, similar to how it is done for openssl lib.
Chunk contains both source address and destination address.
FD is no longer used to obtain addresses.
2022-07-19 14:31:27 +03:00

154 lines
3.5 KiB
Go
Raw Permalink Blame History

package tlstapper
import (
"github.com/cilium/ebpf/link"
"github.com/go-errors/errors"
)
type sslHooks struct {
sslWriteProbe link.Link
sslWriteRetProbe link.Link
sslReadProbe link.Link
sslReadRetProbe link.Link
sslWriteExProbe link.Link
sslWriteExRetProbe link.Link
sslReadExProbe link.Link
sslReadExRetProbe link.Link
}
func (s *sslHooks) installUprobes(bpfObjects *tlsTapperObjects, sslLibraryPath string) error {
sslLibrary, err := link.OpenExecutable(sslLibraryPath)
if err != nil {
return errors.Wrap(err, 0)
}
sslOffsets, err := getSslOffsets(sslLibraryPath)
if err != nil {
return errors.Wrap(err, 0)
}
return s.installSslHooks(bpfObjects, sslLibrary, sslOffsets)
}
func (s *sslHooks) installSslHooks(bpfObjects *tlsTapperObjects, sslLibrary *link.Executable, offsets sslOffsets) error {
var err error
s.sslWriteProbe, err = sslLibrary.Uprobe("SSL_write", bpfObjects.SslWrite, &link.UprobeOptions{
Offset: offsets.SslWriteOffset,
})
if err != nil {
return errors.Wrap(err, 0)
}
s.sslWriteRetProbe, err = sslLibrary.Uretprobe("SSL_write", bpfObjects.SslRetWrite, &link.UprobeOptions{
Offset: offsets.SslWriteOffset,
})
if err != nil {
return errors.Wrap(err, 0)
}
s.sslReadProbe, err = sslLibrary.Uprobe("SSL_read", bpfObjects.SslRead, &link.UprobeOptions{
Offset: offsets.SslReadOffset,
})
if err != nil {
return errors.Wrap(err, 0)
}
s.sslReadRetProbe, err = sslLibrary.Uretprobe("SSL_read", bpfObjects.SslRetRead, &link.UprobeOptions{
Offset: offsets.SslReadOffset,
})
if err != nil {
return errors.Wrap(err, 0)
}
if offsets.SslWriteExOffset != 0 {
s.sslWriteExProbe, err = sslLibrary.Uprobe("SSL_write_ex", bpfObjects.SslWriteEx, &link.UprobeOptions{
Offset: offsets.SslWriteExOffset,
})
if err != nil {
return errors.Wrap(err, 0)
}
s.sslWriteExRetProbe, err = sslLibrary.Uretprobe("SSL_write_ex", bpfObjects.SslRetWriteEx, &link.UprobeOptions{
Offset: offsets.SslWriteExOffset,
})
if err != nil {
return errors.Wrap(err, 0)
}
}
if offsets.SslReadExOffset != 0 {
s.sslReadExProbe, err = sslLibrary.Uprobe("SSL_read_ex", bpfObjects.SslReadEx, &link.UprobeOptions{
Offset: offsets.SslReadExOffset,
})
if err != nil {
return errors.Wrap(err, 0)
}
s.sslReadExRetProbe, err = sslLibrary.Uretprobe("SSL_read_ex", bpfObjects.SslRetReadEx, &link.UprobeOptions{
Offset: offsets.SslReadExOffset,
})
if err != nil {
return errors.Wrap(err, 0)
}
}
return nil
}
func (s *sslHooks) close() []error {
returnValue := make([]error, 0)
if err := s.sslWriteProbe.Close(); err != nil {
returnValue = append(returnValue, err)
}
if err := s.sslWriteRetProbe.Close(); err != nil {
returnValue = append(returnValue, err)
}
if err := s.sslReadProbe.Close(); err != nil {
returnValue = append(returnValue, err)
}
if err := s.sslReadRetProbe.Close(); err != nil {
returnValue = append(returnValue, err)
}
if s.sslWriteExProbe != nil {
if err := s.sslWriteExProbe.Close(); err != nil {
returnValue = append(returnValue, err)
}
}
if s.sslWriteExRetProbe != nil {
if err := s.sslWriteExRetProbe.Close(); err != nil {
returnValue = append(returnValue, err)
}
}
if s.sslReadExProbe != nil {
if err := s.sslReadExProbe.Close(); err != nil {
returnValue = append(returnValue, err)
}
}
if s.sslReadExRetProbe != nil {
if err := s.sslReadExRetProbe.Close(); err != nil {
returnValue = append(returnValue, err)
}
}
return returnValue
}
Reference in New Issue View Git Blame Copy Permalink