Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bugfix: Hook the ssl_set_fd function to get FD. #399

Merged
merged 3 commits into from
Oct 8, 2023
Merged

Conversation

cfc4n
Copy link
Member

@cfc4n cfc4n commented Oct 5, 2023

This block of logic will be used when wbio's FD is empty.

This block of logic will be used when wbio's FD is empty.

Signed-off-by: cfc4n <cfc4n.cs@gmail.com>
@cfc4n cfc4n added the 🐞 bug Something isn't working label Oct 5, 2023
cfc4n added 2 commits October 6, 2023 22:41
Signed-off-by: cfc4n <cfc4n.cs@gmail.com>
sudo ../veristat/src/veristat -d user/bytecode/openssl_3_0_0_kern.o

Signed-off-by: cfc4n <cfc4n.cs@gmail.com>
@cfc4n cfc4n merged commit 85d5368 into master Oct 8, 2023
6 checks passed
@cfc4n cfc4n deleted the openssl_fd_fix branch October 8, 2023 15:59
@ii64
Copy link

ii64 commented Aug 2, 2024

I think this fallback fd hooks should be optional to make the required symbols uprobe to hook small, or perhaps we could try to use SSL_set_bio instead of SSL_set_{,w,r}fd?

@cfc4n
Copy link
Member Author

cfc4n commented Aug 2, 2024

SSL_set_bio and SSL_set_{,w,r}fd are not mutually exclusive. Different usage modes and versions of OpenSSL trigger different functions during the HTTPS handshake.

For instance, when OpenSSL is called in a non-BIO mode, then SSL_set{,w,r}fd? comes into play; at this point, hooking the SSL_set_bio function would be ineffective.

However, I cannot provide a definitive conclusion either. If you have expertise in this area and would like to offer better suggestions, your input is welcome.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🐞 bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants