github.com/inspektor-gadget/inspektor-gadget@v0.28.1/pkg/gadgets/trace/sni/tracer/bpf/snisnoop.h (about) 1 #ifndef GADGET_SNISNOOP_H 2 #define GADGET_SNISNOOP_H 3 4 #define TLS_CONTENT_TYPE_HANDSHAKE 0x16 5 #define TLS_HANDSHAKE_TYPE_CLIENT_HELLO 0x1 6 #define TLS_EXTENSION_SERVER_NAME 0x0 7 // TODO: Figure out real max number according to RFC. 8 #define TLS_MAX_EXTENSION_COUNT 20 9 // TODO: figure out the right value. 10 #define TLS_MAX_SERVER_NAME_LEN 128 11 12 // The length of the session ID length field. 13 #define TLS_SESSION_ID_LENGTH_LEN 1 14 // The length of the cipher suites length field. 15 #define TLS_CIPHER_SUITES_LENGTH_LEN 2 16 // The length of the compression methods length field. 17 #define TLS_COMPRESSION_METHODS_LENGTH_LEN 1 18 // The length of the extensions length field. 19 #define TLS_EXTENSIONS_LENGTH_LEN 2 20 // The length of the extension type field. 21 #define TLS_EXTENSION_TYPE_LEN 2 22 // The length of the extension length field (a single extension). 23 #define TLS_EXTENSION_LENGTH_LEN 2 24 25 // The offset of the server name length field from the start of the server_name 26 // TLS extension. 27 #define TLS_SERVER_NAME_LENGTH_OFF 7 28 // The offset of the server name field from the start of the server_name TLS 29 // extension. 30 #define TLS_SERVER_NAME_OFF 9 31 32 // The offset of the handshake type field from the start of the TLS payload. 33 #define TLS_HANDSHAKE_TYPE_OFF 5 34 // The offset of the session ID length field from the start of the TLS payload. 35 #define TLS_SESSION_ID_LENGTH_OFF 43 36 37 #define TASK_COMM_LEN 16 38 39 struct event_t { 40 // Keep netns at the top: networktracer depends on it 41 __u32 netns; 42 43 __u64 mount_ns_id; 44 __u32 pid; 45 __u32 tid; 46 __u32 uid; 47 __u32 gid; 48 __u8 task[TASK_COMM_LEN]; 49 __u8 name[TLS_MAX_SERVER_NAME_LEN]; 50 __u64 timestamp; 51 }; 52 53 #endif