From 090e00e3374f77c65a76c3384a7934436139efae Mon Sep 17 00:00:00 2001
From: CFC4N <cfc4n.cs@gmail.com>
Date: Fri, 26 Jan 2024 23:16:55 +0800
Subject: [PATCH] utils: support openssl 3.1.0-3.1.4 and 3.0.9-3.0.12

Since 3.0.x has the same offsets as the other properties of the 3.1.x series ssl_st structs, the 3.0.x kern file is used uniformly.

Signed-off-by: CFC4N <cfc4n.cs@gmail.com>
---
 user/module/probe_openssl_lib.go | 17 +++++--
 utils/openssl_offset_1.0.2.sh    |  3 ++
 utils/openssl_offset_3.0.sh      | 11 ++++-
 utils/openssl_offset_3.1.sh      | 82 ++++++++++++++++++++++++++++++++
 4 files changed, 106 insertions(+), 7 deletions(-)
 create mode 100755 utils/openssl_offset_3.1.sh

diff --git a/user/module/probe_openssl_lib.go b/user/module/probe_openssl_lib.go
index fa7255026..720789d89 100644
--- a/user/module/probe_openssl_lib.go
+++ b/user/module/probe_openssl_lib.go
@@ -28,6 +28,7 @@ const (
 	LinuxDefauleFilename_1_1_0 = "linux_default_1_1_0"
 	LinuxDefauleFilename_1_1_1 = "linux_default_1_1_1"
 	LinuxDefauleFilename_3_0   = "linux_default_3_0"
+	LinuxDefauleFilename_3_1   = "linux_default_3_0"
 	AndroidDefauleFilename     = "android_default"
 
 	OpenSslVersionLen = 30 // openssl version string length
@@ -37,7 +38,8 @@ const (
 	MaxSupportedOpenSSL102Version = 'u'
 	MaxSupportedOpenSSL110Version = 'l'
 	MaxSupportedOpenSSL111Version = 'u'
-	MaxSupportedOpenSSL30Version  = '9'
+	MaxSupportedOpenSSL30Version  = 12
+	MaxSupportedOpenSSL31Version  = 4
 )
 
 // initOpensslOffset initial BpfMap
@@ -52,7 +54,7 @@ func (m *MOpenSSLProbe) initOpensslOffset() {
 		// openssl 1.1.1*
 		LinuxDefauleFilename_1_1_1: "openssl_1_1_1j_kern.o",
 
-		// openssl 3.0.*
+		// openssl 3.0.* and openssl 3.1.*
 		LinuxDefauleFilename_3_0: "openssl_3_0_0_kern.o",
 
 		// boringssl
@@ -80,9 +82,14 @@ func (m *MOpenSSLProbe) initOpensslOffset() {
 		m.sslVersionBpfMap["openssl 1.1.1"+string(ch)] = "openssl_1_1_1j_kern.o"
 	}
 
-	// openssl 3.0.0 - 3.0.7
-	for ch := '0'; ch <= MaxSupportedOpenSSL30Version; ch++ {
-		m.sslVersionBpfMap["openssl 3.0."+string(ch)] = "openssl_3_0_0_kern.o"
+	// openssl 3.0.0 - 3.0.12
+	for ch := 0; ch <= MaxSupportedOpenSSL30Version; ch++ {
+		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.0.%d", ch)] = "openssl_3_0_0_kern.o"
+	}
+
+	// openssl 3.1.0 - 3.1.4
+	for ch := 0; ch <= MaxSupportedOpenSSL31Version; ch++ {
+		m.sslVersionBpfMap[fmt.Sprintf("openssl 3.1.%d", ch)] = "openssl_3_0_0_kern.o"
 	}
 
 	// openssl 1.1.0a - 1.1.0l
diff --git a/utils/openssl_offset_1.0.2.sh b/utils/openssl_offset_1.0.2.sh
index a31834ab8..b38a62087 100755
--- a/utils/openssl_offset_1.0.2.sh
+++ b/utils/openssl_offset_1.0.2.sh
@@ -11,9 +11,12 @@ if [[ ! -f "go.mod" ]]; then
 fi
 
 # skip cloning if the header file of the max supported version is already generated
+echo "check file exists: ${OPENSSL_DIR}/.git"
 if [[ ! -f "${OPENSSL_DIR}/.git" ]]; then
   # skip cloning if the openssl directory already exists
+  echo "check directory exists: ${OPENSSL_DIR}"
   if [[ ! -d "${OPENSSL_DIR}" ]]; then
+    echo "git clone openssl to ${OPENSSL_DIR}"
     git clone https://github.com/openssl/openssl.git ${OPENSSL_DIR}
   fi
 fi
diff --git a/utils/openssl_offset_3.0.sh b/utils/openssl_offset_3.0.sh
index 88c3eae75..20ecb5d56 100755
--- a/utils/openssl_offset_3.0.sh
+++ b/utils/openssl_offset_3.0.sh
@@ -10,10 +10,13 @@ if [[ ! -f "go.mod" ]]; then
   exit 1
 fi
 
+echo "check file exists: ${OPENSSL_DIR}/.git"
 # skip cloning if the header file of the max supported version is already generated
-if [[ ! -f "${OUTPUT_DIR}/openssl_3_0_0_kern.c" ]]; then
+if [[ ! -f "${OPENSSL_DIR}/.git" ]]; then
+  echo "check directory exists: ${OPENSSL_DIR}"
   # skip cloning if the openssl directory already exists
   if [[ ! -d "${OPENSSL_DIR}" ]]; then
+    echo "git clone openssl to ${OPENSSL_DIR}"
     git clone https://github.com/openssl/openssl.git ${OPENSSL_DIR}
   fi
 fi
@@ -32,6 +35,9 @@ function run() {
   sslVerMap["7"]="0"
   sslVerMap["8"]="0"
   sslVerMap["9"]="0"
+  sslVerMap["10"]="0"
+  sslVerMap["11"]="0"
+  sslVerMap["12"]="0"
 
   # shellcheck disable=SC2068
   for ver in ${!sslVerMap[@]}; do
@@ -44,7 +50,7 @@ function run() {
       echo "Skip ${header_file}"
       continue
     fi
-
+    echo "git checkout ${tag}"
     git checkout ${tag}
     echo "Generating ${header_file}"
 
@@ -76,6 +82,7 @@ function run() {
   rm offset.c
 }
 
+# TODO Check if the directory for OpenSSL exists
 pushd ${OPENSSL_DIR}
 (run)
 [[ "$?" != 0 ]] && popd
diff --git a/utils/openssl_offset_3.1.sh b/utils/openssl_offset_3.1.sh
new file mode 100755
index 000000000..ada9b2bb1
--- /dev/null
+++ b/utils/openssl_offset_3.1.sh
@@ -0,0 +1,82 @@
+#!/usr/bin/env bash
+set -e
+
+PROJECT_ROOT_DIR=$(pwd)
+OPENSSL_DIR="${PROJECT_ROOT_DIR}/deps/openssl"
+OUTPUT_DIR="${PROJECT_ROOT_DIR}/kern"
+
+if [[ ! -f "go.mod" ]]; then
+  echo "Run the script from the project root directory"
+  exit 1
+fi
+
+echo "check file exists: ${OPENSSL_DIR}/.git"
+# skip cloning if the header file of the max supported version is already generated
+if [[ ! -f "${OPENSSL_DIR}/.git" ]]; then
+  echo "check directory exists: ${OPENSSL_DIR}"
+  # skip cloning if the openssl directory already exists
+  if [[ ! -d "${OPENSSL_DIR}" ]]; then
+    echo "git clone openssl to ${OPENSSL_DIR}"
+    git clone https://github.com/openssl/openssl.git ${OPENSSL_DIR}
+  fi
+fi
+
+function run() {
+  git fetch --tags
+  cp -f ${PROJECT_ROOT_DIR}/utils/openssl_3_0_offset.c ${OPENSSL_DIR}/offset.c
+  declare -A sslVerMap=()
+  sslVerMap["0"]="0"
+  sslVerMap["1"]="0"
+  sslVerMap["2"]="0"
+  sslVerMap["3"]="0"
+  sslVerMap["4"]="0"
+
+  # shellcheck disable=SC2068
+  for ver in ${!sslVerMap[@]}; do
+    tag="openssl-3.1.${ver}"
+    val=${sslVerMap[$ver]}
+    # 3.1.X and 3.0.X OFFSET is the same, use the same for the time being
+    header_file="${OUTPUT_DIR}/openssl_3_0_${val}_kern.c"
+    header_define="OPENSSL_3_0_$(echo ${val} | tr "[:lower:]" "[:upper:]")_KERN_H"
+
+    if [[ -f ${header_file} ]]; then
+      echo "Skip ${header_file}"
+      continue
+    fi
+    echo "git checkout ${tag}"
+    git checkout ${tag}
+    echo "Generating ${header_file}"
+
+
+    # config and make openssl/opensslconf.h
+    ./config
+
+#    make reconfigure reconf
+    make clean
+    make include/openssl/opensslconf.h
+    make include/openssl/configuration.h
+    make build_generated
+
+
+    clang -I include/ -I . offset.c -o offset
+
+    echo -e "#ifndef ECAPTURE_${header_define}" >${header_file}
+    echo -e "#define ECAPTURE_${header_define}\n" >>${header_file}
+    ./offset >>${header_file}
+    echo -e "#include \"openssl.h\"" >>${header_file}
+    echo -e "#include \"openssl_masterkey_3.0.h\"" >>${header_file}
+    echo -e "\n#endif" >>${header_file}
+
+    # clean up
+    make clean
+
+  done
+
+  rm offset.c
+}
+
+# TODO Check if the directory for OpenSSL exists
+pushd ${OPENSSL_DIR}
+(run)
+[[ "$?" != 0 ]] && popd
+popd