feat(boringssl): add support Android15 BoringSSL

fix(gojue#659) via: https://android.googlesource.com/platform/external/boringssl/+/refs/heads/android15-release
cfc4n · Jan 24, 2025 · f387d35 · f387d35
1 parent 0c8b6c9
commit f387d35
Show file tree

Hide file tree

Showing 4 changed files with 119 additions and 23 deletions.
diff --git a/kern/boringssl_a_15_kern.c b/kern/boringssl_a_15_kern.c
@@ -0,0 +1,80 @@
+#ifndef ECAPTURE_BORINGSSL_A_15_KERN_H
+#define ECAPTURE_BORINGSSL_A_15_KERN_H
+
+/* OPENSSL_VERSION_TEXT: OpenSSL 1.1.1 (compatible; BoringSSL) */
+/* OPENSSL_VERSION_NUMBER: 269488255 */
+
+// ssl_st->version
+#define SSL_ST_VERSION 0x10
+
+// ssl_st->session
+#define SSL_ST_SESSION 0x58
+
+// ssl_st->rbio
+#define SSL_ST_RBIO 0x18
+
+// ssl_st->wbio
+#define SSL_ST_WBIO 0x20
+
+// ssl_st->s3
+#define SSL_ST_S3 0x30
+
+// ssl_session_st->secret_length
+#define SSL_SESSION_ST_SECRET_LENGTH 0xa
+
+// ssl_session_st->secret
+#define SSL_SESSION_ST_SECRET 0xb
+
+// ssl_session_st->cipher
+#define SSL_SESSION_ST_CIPHER 0xc8
+
+// bio_st->num
+#define BIO_ST_NUM 0x20
+
+// bio_st->method
+#define BIO_ST_METHOD 0x0
+
+// bio_method_st->type
+#define BIO_METHOD_ST_TYPE 0x0
+
+// ssl_cipher_st->id
+#define SSL_CIPHER_ST_ID 0x10
+
+// bssl::SSL3_STATE->hs
+#define BSSL__SSL3_STATE_HS 0x118
+
+// bssl::SSL3_STATE->client_random
+#define BSSL__SSL3_STATE_CLIENT_RANDOM 0x30
+
+// bssl::SSL3_STATE->exporter_secret
+#define BSSL__SSL3_STATE_EXPORTER_SECRET 0x180
+
+// bssl::SSL3_STATE->established_session
+#define BSSL__SSL3_STATE_ESTABLISHED_SESSION 0x1d0
+
+// bssl::SSL_HANDSHAKE->new_session
+#define BSSL__SSL_HANDSHAKE_NEW_SESSION 0x5e0
+
+// bssl::SSL_HANDSHAKE->early_session
+#define BSSL__SSL_HANDSHAKE_EARLY_SESSION 0x5e8
+
+// bssl::SSL_HANDSHAKE->hints
+#define BSSL__SSL_HANDSHAKE_HINTS 0x618
+
+// bssl::SSL_HANDSHAKE->client_version
+#define BSSL__SSL_HANDSHAKE_CLIENT_VERSION 0x624
+
+// bssl::SSL_HANDSHAKE->state
+#define BSSL__SSL_HANDSHAKE_STATE 0x14
+
+// bssl::SSL_HANDSHAKE->tls13_state
+#define BSSL__SSL_HANDSHAKE_TLS13_STATE 0x18
+
+// bssl::SSL_HANDSHAKE->max_version
+#define BSSL__SSL_HANDSHAKE_MAX_VERSION 0x1e
+
+#include "boringssl_const.h"
+#include "boringssl_masterkey.h"
+#include "openssl.h"
+
+#endif
diff --git a/user/module/probe_openssl_lib.go b/user/module/probe_openssl_lib.go
@@ -18,22 +18,23 @@ import (
 	"debug/elf"
 	"errors"
 	"fmt"
-	"github.com/gojue/ecapture/user/config"
 	"os"
 	"regexp"
 	"strings"
+
+	"github.com/gojue/ecapture/user/config"
 )
 
 const (
-	Linuxdefaulefilename102 = "linux_default_1_0_2"
-	Linuxdefaulefilename110 = "linux_default_1_1_0"
-	Linuxdefaulefilename111 = "linux_default_1_1_1"
-	Linuxdefaulefilename30  = "linux_default_3_0"
-	Linuxdefaulefilename31  = "linux_default_3_0"
-	Linuxdefaulefilename320 = "linux_default_3_2"
-	Linuxdefaulefilename330 = "linux_default_3_3"
-	Linuxdefaulefilename340 = "linux_default_3_4"
-	AndroidDefauleFilename  = "android_default"
+	LinuxDefaultFilename102 = "linux_default_1_0_2"
+	LinuxDefaultFilename110 = "linux_default_1_1_0"
+	LinuxDefaultFilename111 = "linux_default_1_1_1"
+	LinuxDefaultFilename30  = "linux_default_3_0"
+	LinuxDefaultFilename31  = "linux_default_3_0"
+	LinuxDefaultFilename320 = "linux_default_3_2"
+	LinuxDefaultFilename330 = "linux_default_3_3"
+	LinuxdDfaultFilename340 = "linux_default_3_4"
+	AndroidDefaultFilename  = "android_default"
 
 	OpenSslVersionLen = 30 // openssl version string length
 )
@@ -63,26 +64,27 @@ var (
 func (m *MOpenSSLProbe) initOpensslOffset() {
 	m.sslVersionBpfMap = map[string]string{
 		// openssl 1.0.2*
-		Linuxdefaulefilename102: "openssl_1_0_2a_kern.o",
+		LinuxDefaultFilename102: "openssl_1_0_2a_kern.o",
 
 		// openssl 1.1.0*
-		Linuxdefaulefilename110: "openssl_1_1_0a_kern.o",
+		LinuxDefaultFilename110: "openssl_1_1_0a_kern.o",
 
 		// openssl 1.1.1*
-		Linuxdefaulefilename111: "openssl_1_1_1j_kern.o",
+		LinuxDefaultFilename111: "openssl_1_1_1j_kern.o",
 
 		// openssl 3.0.* and openssl 3.1.*
-		Linuxdefaulefilename30: "openssl_3_0_0_kern.o",
+		LinuxDefaultFilename30: "openssl_3_0_0_kern.o",
 
 		// openssl 3.2.*
-		Linuxdefaulefilename320: "openssl_3_2_0_kern.o",
+		LinuxDefaultFilename320: "openssl_3_2_0_kern.o",
 
 		// boringssl
 		// git repo: https://android.googlesource.com/platform/external/boringssl/+/refs/heads/android12-release
 		"boringssl 1.1.1":      "boringssl_a_13_kern.o",
 		"boringssl_a_13":       "boringssl_a_13_kern.o",
 		"boringssl_a_14":       "boringssl_a_14_kern.o",
-		AndroidDefauleFilename: "boringssl_a_13_kern.o",
+		"boringssl_a_15":       "boringssl_a_15_kern.o",
+		AndroidDefaultFilename: "boringssl_a_13_kern.o",
 
 		// non-Android boringssl
 		// "boringssl na" is a special version for non-android
@@ -253,22 +255,34 @@ func (m *MOpenSSLProbe) detectOpenssl(soPath string) (error, string) {
 
 func (m *MOpenSSLProbe) getSoDefaultBytecode(soPath string, isAndroid bool) string {
 	var bpfFile string
-
+	var found bool
 	// if not found, use default
 	if isAndroid {
-		m.conf.(*config.OpensslConfig).SslVersion = AndroidDefauleFilename
-		bpfFile, _ = m.sslVersionBpfMap[AndroidDefauleFilename]
+		m.conf.(*config.OpensslConfig).SslVersion = AndroidDefaultFilename
+		androidVer := m.conf.(*config.OpensslConfig).AndroidVer
+		if androidVer != "" {
+			bpfFileKey := fmt.Sprintf("boringssl_a_%s", androidVer)
+			bpfFile, found = m.sslVersionBpfMap[bpfFileKey]
+			if found {
+				return bpfFile
+			}
+		}
+		bpfFile, found = m.sslVersionBpfMap[AndroidDefaultFilename]
+		if !found {
+			m.logger.Warn().Str("BoringSSL Version", AndroidDefaultFilename).Msg("Can not find Default BoringSSL version")
+			return ""
+		}
 		//m.logger.Warn().Str("BoringSSL Version", AndroidDefauleFilename).Msg("OpenSSL/BoringSSL version not found, used default version")
 		return bpfFile
 	}
 
 	if strings.Contains(soPath, "libssl.so.3") {
-		m.conf.(*config.OpensslConfig).SslVersion = Linuxdefaulefilename30
-		bpfFile, _ = m.sslVersionBpfMap[Linuxdefaulefilename30]
+		m.conf.(*config.OpensslConfig).SslVersion = LinuxDefaultFilename30
+		bpfFile, _ = m.sslVersionBpfMap[LinuxDefaultFilename30]
 		//m.logger.Warn().Str("OpenSSL Version", Linuxdefaulefilename30).Msg("OpenSSL/BoringSSL version not found from shared library file, used default version")
 	} else {
-		m.conf.(*config.OpensslConfig).SslVersion = Linuxdefaulefilename111
-		bpfFile, _ = m.sslVersionBpfMap[Linuxdefaulefilename111]
+		m.conf.(*config.OpensslConfig).SslVersion = LinuxDefaultFilename111
+		bpfFile, _ = m.sslVersionBpfMap[LinuxDefaultFilename111]
 		//m.logger.Warn().Str("OpenSSL Version", Linuxdefaulefilename111).Msg("OpenSSL/BoringSSL version not found from shared library file, used default version")
 	}
 	return bpfFile

diff --git a/utils/boringssl_android_offset.sh b/utils/boringssl_android_offset.sh
@@ -29,6 +29,7 @@ function run() {
   # this repo is different from https://boringssl.googlesource.com/boringssl
   sslVerMap["1"]="13" # android13-release
   sslVerMap["2"]="14" # android14-release
+  sslVerMap["3"]="15" # android15-release
 
   # shellcheck disable=SC2068
   # shellcheck disable=SC2034

diff --git a/variables.mk b/variables.mk
@@ -190,6 +190,7 @@ BPF_NOCORE_TAG = $(subst .,_,$(KERN_RELEASE)):$(subst .,_,$(VERSION_NUM))
 TARGETS := kern/boringssl_na
 TARGETS += kern/boringssl_a_13
 TARGETS += kern/boringssl_a_14
+TARGETS += kern/boringssl_a_15
 TARGETS += kern/openssl_1_1_1a
 TARGETS += kern/openssl_1_1_1b
 TARGETS += kern/openssl_1_1_1d