Merge pull request #42 from gojue/master

refactor: Use camel case instead of snake case.
fengjixuchui · Feb 27, 2023 · 32b13c2 · 32b13c2
2 parents 4e6d718 + 3a813ac
commit 32b13c2
Show file tree

Hide file tree

Showing 54 changed files with 577 additions and 440 deletions.
diff --git a/Makefile b/Makefile
@@ -196,7 +196,7 @@ TARGETS += kern/gnutls
 TARGETS += kern/nspr
 TARGETS += kern/mysqld
 TARGETS += kern/postgres
-TARGETS += kern/gossl
+TARGETS += kern/gotls
 
 # Generate file name-scheme based on TARGETS
 KERN_SOURCES = ${TARGETS:=_kern.c}

diff --git a/cli/cmd/bash.go b/cli/cmd/bash.go
@@ -39,7 +39,7 @@ Auto find the bash of the current env as the capture target.`,
 func init() {
 	bashCmd.PersistentFlags().StringVar(&bc.Bashpath, "bash", "", "$SHELL file path, eg: /bin/bash , will automatically find it from $ENV default.")
 	bashCmd.PersistentFlags().StringVar(&bc.Readline, "readlineso", "", "readline.so file path, will automatically find it from $BASH_PATH default.")
-	bashCmd.Flags().IntVarP(&bc.ErrNo, "errnumber", "e", module.BASH_ERRNO_DEFAULT, "only show the command which exec reulst equals err number.")
+	bashCmd.Flags().IntVarP(&bc.ErrNo, "errnumber", "e", module.BashErrnoDefault, "only show the command which exec reulst equals err number.")
 	rootCmd.AddCommand(bashCmd)
 
 	// Here you will define your flags and configuration settings.
@@ -59,7 +59,7 @@ func bashCommandFunc(command *cobra.Command, args []string) {
 	signal.Notify(stopper, os.Interrupt, syscall.SIGTERM)
 	ctx, cancelFun := context.WithCancel(context.TODO())
 
-	mod := module.GetModuleByName(module.MODULE_NAME_BASH)
+	mod := module.GetModuleByName(module.ModuleNameBash)
 
 	logger := log.New(os.Stdout, "bash_", log.LstdFlags)
 	logger.Printf("ECAPTURE :: version :%s", GitVersion)

diff --git a/cli/cmd/gotls.go b/cli/cmd/gotls.go
@@ -0,0 +1,138 @@
+// Copyright 2022 CFC4N <[email protected]>. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cmd
+
+import (
+	"context"
+	"ecapture/pkg/util/kernel"
+	"ecapture/user/config"
+	"ecapture/user/module"
+	"errors"
+	"log"
+	"os"
+	"os/signal"
+	"syscall"
+
+	"github.com/spf13/cobra"
+)
+
+var goc = config.NewGoTLSConfig()
+
+// gotlsCmd represents the openssl command
+var gotlsCmd = &cobra.Command{
+	Use:     "gotls",
+	Aliases: []string{"tlsgo"},
+	Short:   "capture golang tls/https text content without CA cert for ELF compile by Golang toolchain",
+	Long: `use eBPF uprobe/TC to capture process event data and network data. also support pcap-NG format.
+ecapture gotls
+ecapture gotls --gobin=/home/cfc4n/go_https_client --hex --pid=3423
+ecapture gotls --gobin=/home/cfc4n/go_https_client -l save.log --pid=3423
+ecapture gotls -w save_android.pcapng -i wlan0 --port 443 --gobin=/home/cfc4n/go_https_client
+`,
+	Run: goTLSCommandFunc,
+}
+
+func init() {
+	gotlsCmd.PersistentFlags().StringVarP(&goc.Path, "elfpath", "e", "", "ELF path to binary built with Go toolchain.")
+	gotlsCmd.PersistentFlags().StringVarP(&goc.Write, "write", "w", "", "write the  raw packets to file as pcapng format.")
+	gotlsCmd.PersistentFlags().StringVarP(&goc.Ifname, "ifname", "i", "", "(TC Classifier) Interface name on which the probe will be attached.")
+	gotlsCmd.PersistentFlags().Uint16Var(&goc.Port, "port", 443, "port number to capture, default:443.")
+	rootCmd.AddCommand(gotlsCmd)
+}
+
+// goTLSCommandFunc executes the "bash" command.
+func goTLSCommandFunc(command *cobra.Command, args []string) {
+	stopper := make(chan os.Signal, 1)
+	signal.Notify(stopper, os.Interrupt, syscall.SIGTERM)
+
+	logger := log.New(os.Stdout, "tls_", log.LstdFlags)
+
+	// save global config
+	gConf, err := getGlobalConf(command)
+	if err != nil {
+		logger.Fatal(err)
+	}
+	if gConf.loggerFile != "" {
+		f, e := os.Create(gConf.loggerFile)
+		if e != nil {
+			logger.Fatal(e)
+			return
+		}
+		logger.SetOutput(f)
+	}
+	logger.Printf("ECAPTURE :: %s Version : %s", cliName, GitVersion)
+	logger.Printf("ECAPTURE :: Pid Info : %d", os.Getpid())
+	var version kernel.Version
+	version, err = kernel.HostVersion()
+	logger.Printf("ECAPTURE :: Kernel Info : %s", version.String())
+
+	mod := module.GetModuleByName(module.ModuleNameGotls)
+	if mod == nil {
+		logger.Printf("ECAPTURE :: \tcant found module: %s", module.ModuleNameGotls)
+		return
+	}
+
+	var conf config.IConfig
+	conf = goc
+	if conf == nil {
+		logger.Printf("ECAPTURE :: \tcant found module %s config info.", mod.Name())
+		return
+	}
+
+	conf.SetPid(gConf.Pid)
+	conf.SetUid(gConf.Uid)
+	conf.SetDebug(gConf.Debug)
+	conf.SetHex(gConf.IsHex)
+	conf.SetNoSearch(gConf.NoSearch)
+
+	err = conf.Check()
+
+	if err != nil {
+		// ErrorGoBINNotSET is a special error, we should not print it.
+		if errors.Is(err, config.ErrorGoBINNotSET) {
+			logger.Printf("%s\tmodule [disabled].", mod.Name())
+			return
+		}
+
+		logger.Printf("%s\tmodule initialization failed. [skip it]. error:%+v", mod.Name(), err)
+		return
+	}
+
+	logger.Printf("%s\tmodule initialization", mod.Name())
+
+	//初始化
+	err = mod.Init(context.TODO(), logger, conf)
+	if err != nil {
+		logger.Printf("%s\tmodule initialization failed, [skip it]. error:%+v", mod.Name(), err)
+		return
+	}
+
+	err = mod.Run()
+	if err != nil {
+		logger.Printf("%s\tmodule run failed, [skip it]. error:%+v", mod.Name(), err)
+		return
+	}
+
+	logger.Printf("%s\tmodule started successfully.", mod.Name())
+
+	<-stopper
+
+	// clean up
+	err = mod.Close()
+	if err != nil {
+		logger.Fatalf("%s\tmodule close failed. error:%+v", mod.Name(), err)
+	}
+	os.Exit(0)
+}
diff --git a/cli/cmd/mysqld.go b/cli/cmd/mysqld.go
@@ -54,7 +54,7 @@ func mysqldCommandFunc(command *cobra.Command, args []string) {
 	signal.Notify(stopper, os.Interrupt, syscall.SIGTERM)
 	ctx, cancelFun := context.WithCancel(context.TODO())
 
-	mod := module.GetModuleByName(module.MODULE_NAME_MYSQLD)
+	mod := module.GetModuleByName(module.ModuleNameMysqld)
 
 	logger := log.New(os.Stdout, "mysqld_", log.LstdFlags)
 	logger.Printf("ECAPTURE :: version :%s", GitVersion)

diff --git a/cli/cmd/postgres.go b/cli/cmd/postgres.go
@@ -31,7 +31,7 @@ import (
 
 var postgresConfig = config.NewPostgresConfig()
 
-//postgres Cmd represents the postgres command
+// postgres Cmd represents the postgres command
 var postgresCmd = &cobra.Command{
 	Use:   "postgres",
 	Short: "capture sql queries from postgres 10+.",
@@ -50,7 +50,7 @@ func postgresCommandFunc(command *cobra.Command, args []string) {
 	signal.Notify(stopper, os.Interrupt, syscall.SIGTERM)
 	ctx, cancelFun := context.WithCancel(context.TODO())
 
-	mod := module.GetModuleByName(module.MODULE_NAME_POSTGRES)
+	mod := module.GetModuleByName(module.ModuleNamePostgres)
 
 	logger := log.New(os.Stdout, "postgress_", log.LstdFlags)
 	logger.Printf("ECAPTURE :: version :%s", GitVersion)

diff --git a/cli/cmd/tls.go b/cli/cmd/tls.go
@@ -32,7 +32,6 @@ import (
 var oc = config.NewOpensslConfig()
 var gc = config.NewGnutlsConfig()
 var nc = config.NewNsprConfig()
-var goc = config.NewGoSSLConfig()
 
 // opensslCmd represents the openssl command
 var opensslCmd = &cobra.Command{
@@ -57,7 +56,6 @@ func init() {
 	opensslCmd.PersistentFlags().StringVar(&gc.Curlpath, "wget", "", "wget file path, default: /usr/bin/wget. (Deprecated)")
 	opensslCmd.PersistentFlags().StringVar(&nc.Firefoxpath, "firefox", "", "firefox file path, default: /usr/lib/firefox/firefox. (Deprecated)")
 	opensslCmd.PersistentFlags().StringVar(&nc.Nsprpath, "nspr", "", "libnspr44.so file path, will automatically find it from curl default.")
-	opensslCmd.PersistentFlags().StringVar(&goc.Path, "gobin", "", "path to binary built with Go toolchain.")
 	opensslCmd.PersistentFlags().StringVarP(&oc.Write, "write", "w", "", "write the  raw packets to file as pcapng format.")
 	opensslCmd.PersistentFlags().StringVarP(&oc.Ifname, "ifname", "i", "", "(TC Classifier) Interface name on which the probe will be attached.")
 	opensslCmd.PersistentFlags().Uint16Var(&oc.Port, "port", 443, "port number to capture, default:443.")
@@ -94,10 +92,10 @@ func openSSLCommandFunc(command *cobra.Command, args []string) {
 	logger.Printf("ECAPTURE :: Kernel Info : %s", version.String())
 
 	modNames := []string{}
-	if config.ELF_ARCH_ISANDROID {
-		modNames = []string{module.MODULE_NAME_OPENSSL}
+	if config.ElfArchIsandroid {
+		modNames = []string{module.ModuleNameOpenssl}
 	} else {
-		modNames = []string{module.MODULE_NAME_OPENSSL, module.MODULE_NAME_GNUTLS, module.MODULE_NAME_NSPR, module.MODULE_NAME_GOSSL}
+		modNames = []string{module.ModuleNameOpenssl, module.ModuleNameGnutls, module.ModuleNameNspr, module.ModuleNameGotls}
 	}
 
 	var runMods uint8
@@ -113,14 +111,12 @@ func openSSLCommandFunc(command *cobra.Command, args []string) {
 
 		var conf config.IConfig
 		switch mod.Name() {
-		case module.MODULE_NAME_OPENSSL:
+		case module.ModuleNameOpenssl:
 			conf = oc
-		case module.MODULE_NAME_GNUTLS:
+		case module.ModuleNameGnutls:
 			conf = gc
-		case module.MODULE_NAME_NSPR:
+		case module.ModuleNameNspr:
 			conf = nc
-		case module.MODULE_NAME_GOSSL:
-			conf = goc
 		default:
 		}
 

diff --git a/go.mod b/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/spf13/cobra v1.4.0
 	github.com/spf13/pflag v1.0.5
 	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa
-	golang.org/x/sys v0.2.0
+	golang.org/x/sys v0.5.0
 )
 
 require (
@@ -26,7 +26,7 @@ require (
 	github.com/stretchr/testify v1.7.0 // indirect
 	github.com/vishvananda/netlink v1.1.0 // indirect
 	github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f // indirect
-	golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 // indirect
+	golang.org/x/net v0.7.0 // indirect
 )
 
 replace github.com/google/gopacket v1.1.19 => github.com/cfc4n/gopacket v1.1.20
diff --git a/go.sum b/go.sum
@@ -101,8 +101,8 @@ golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE=
-golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
+golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -126,8 +126,8 @@ golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A=
-golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=

diff --git a/kern/gossl_kern.c → kern/gotls_kern.c b/kern/gossl_kern.c → kern/gotls_kern.c
diff --git a/main.go b/main.go
@@ -10,7 +10,7 @@ import (
 )
 
 const (
-	BTF_NOT_SUPPORT = "You can compile a no BTF version by youeself with command `make nocore`,Please read Makefile for more info."
+	BtfNotSupport = "You can compile a no BTF version by youeself with command `make nocore`,Please read Makefile for more info."
 )
 
 var (
@@ -61,11 +61,11 @@ func main() {
 			// BTF支持情况检测
 			enable, e := ebpf.IsEnableBTF()
 			if e != nil {
-				log.Fatalf("Can't found BTF config with error:%v.\n"+BTF_NOT_SUPPORT, e)
+				log.Fatalf("Can't found BTF config with error:%v.\n"+BtfNotSupport, e)
 			}
 			if !enable {
 				log.Fatal("BTF not support, please check it. shell: cat /boot/config-`uname -r` | grep CONFIG_DEBUG_INFO_BTF \n " +
-					BTF_NOT_SUPPORT)
+					BtfNotSupport)
 			}
 		}
 	}