Finished dynamic accessors. GnuTLS and NSS should now be supported out of the box if you have the appropriate debugging symbols installed.

* Added dependency on libdw (from Fedora elfutils)

Author: Jethro Beekman

Makefile

@@ -1,15 +1,15 @@
-SOURCES=ssltrace.cpp openssl.cpp nss.cpp gnutls.cpp
-HEADERS=ssltrace.h nssimpl.h nsstypes.h gnutlstypes.h
+SOURCES=ssltrace.cpp openssl.cpp nss.cpp gnutls.cpp symbols.cpp
+HEADERS=ssltrace.h nssimpl.h nsstypes.h gnutlstypes.h symbols.h
 OBJECTS=$(SOURCES:.cpp=.o)
 OUTPUT=ssltrace.so
 
 all: $(SOURCES) $(HEADERS) $(OUTPUT) Makefile
 
 $(OUTPUT): $(OBJECTS)
-	g++ -g -shared -Wall $(OBJECTS) -o $@ -ldl
+	g++ -g -shared -Wall $(OBJECTS) -o $@ -ldl -ldw
 
 .cpp.o:
-	g++ -g -fPIC -std=gnu++11 -Wall -I/usr/include/nspr -c $< -o $@
+	g++ -g -fPIC -std=gnu++11 -Wall -D_GNU_SOURCE -I/usr/include/nspr -I/usr/include/elfutils -c $< -o $@
 
 clean:
 	rm -f $(OBJECTS) $(OUTPUT)

gnutls.cpp

@@ -18,8 +18,10 @@
  */
 
 #include "ssltrace.h"
+#include "symbols.h"
 
 #include <gnutls/gnutls.h>
+#include <dlfcn.h>
 
 namespace gnutlstypes
 {
@@ -34,17 +36,26 @@ namespace gnutlstypes
 };
 using namespace gnutlstypes::__accessor;
 
-static __attribute__((constructor)) void init_offsets()
+static void load_offsets(void* fn)
 {
-	//libgnutls26:amd64=2.12.23-1ubuntu4.2
-	__set_offset("security_parameters_st.master_secret",   0x16,48);
-	__set_offset("security_parameters_st.client_random",   0x46,32);
-	__set_offset("gnutls_session_int.security_parameters",    0,0/*TODO*/);
+	static bool load=false;
+	if (!load)
+	{
+		Dl_info dli={0};
+		if (dladdr(fn,&dli)==0)
+		{
+			ssltrace_die("Unable to get libgnutls.so filename");
+		}
+		else
+		{
+			load=symbols_load_all(dli.dli_fname,__get_parameter_names(),ssltrace_debug,__set_offset,__set_offset);
+		}
+	}
 }
 
 WRAP(int,gnutls_handshake,(::gnutls_session_t session))
 {
-	WRAPINIT(gnutls_handshake);
+	WRAPINIT_FN(gnutls_handshake,load_offsets);
 
 	int ret=_gnutls_handshake(session);
 

magic3.hpp

@@ -172,10 +172,10 @@
 				}
 			}
 
-			operator T&()
+			T* operator&()
 			{
-				if (bitfieldTable[parameter]) __accessor_exit("Attempted to obtain a reference/pointer to a bitfield");
-				return *(T*)this;
+				if (bitfieldTable[parameter]) __accessor_exit("Attempted to obtain a pointer to a bitfield");
+				return (T*)this;
 			}
 
 			BitfieldAccessor<T,parameter>& operator=(const T v)

nss.cpp

@@ -18,11 +18,14 @@
  */
 
 #include "ssltrace.h"
+#include "symbols.h"
 
 #include <nss/ssl.h>
 #include <nss/pk11pub.h>
 #include <nss/nssrwlk.h>
+#include <dlfcn.h>
 #include <stdlib.h>
+#include <string.h>
 
 namespace nsstypes
 {
@@ -39,25 +42,21 @@ using namespace nsstypes::__accessor;
 
 #include "nssimpl.h"
 
-static __attribute__((constructor)) void init_offsets()
+static void load_offsets(void* fn)
 {
-	//libnss3:amd64=2:3.15.4-0ubuntu0.13.10.2
-	__set_offset("ssl3CipherSpec.master_secret",     0x80,0/*TODO*/);
-	__set_offset("SSL3Random.rand",                     0,32);
-	__set_offset("SSL3HandshakeState.client_random", 0x20,0/*TODO*/);
-	__set_offset("ssl3State.cwSpec",                 0x10,0/*TODO*/);
-	__set_offset("ssl3State.hs",                     0x60,0/*TODO*/);
-	__set_offset("sslOptions.noLocks",               0x18,16,0);
-	__set_offset("sslSocket.fd",                        0,0/*TODO*/);
-	__set_offset("sslSocket.opt",                    0x10,0/*TODO*/);
-	__set_offset("sslSocket.handshakeCallback",     0x308,0/*TODO*/);
-	__set_offset("sslSocket.handshakeCallbackData", 0x310,0/*TODO*/);
-	__set_offset("sslSocket.recvBufLock",           0x360,0/*TODO*/);
-	__set_offset("sslSocket.xmitBufLock",           0x368,0/*TODO*/);
-	__set_offset("sslSocket.firstHandshakeLock",    0x370,0/*TODO*/);
-	__set_offset("sslSocket.ssl3HandshakeLock",     0x378,0/*TODO*/);
-	__set_offset("sslSocket.specLock",              0x380,0/*TODO*/);
-	__set_offset("sslSocket.ssl3",                  0x608,0/*TODO*/);
+	static bool load=false;
+	if (!load)
+	{
+		Dl_info dli={0};
+		if (dladdr(fn,&dli)==0)
+		{
+			ssltrace_die("Unable to get libssl3.so filename");
+		}
+		else
+		{
+			load=symbols_load_all(dli.dli_fname,__get_parameter_names(),ssltrace_debug,__set_offset,__set_offset);
+		}
+	}
 }
 
 static int strsame(const char* a,const char* b)
@@ -141,7 +140,7 @@ void nss_SSLHandshakeCallback(PRFileDesc *fd,void *client_data)
 
 WRAP(SECStatus,SSL_HandshakeCallback,(PRFileDesc *fd,SSLHandshakeCallback cb,void *client_data))
 {
-	WRAPINIT(SSL_HandshakeCallback);
+	WRAPINIT_FN(SSL_HandshakeCallback,load_offsets);
 
 	if (cb)
 	{
@@ -162,7 +161,7 @@ WRAP(SECStatus,SSL_HandshakeCallback,(PRFileDesc *fd,SSLHandshakeCallback cb,voi
 
 WRAP(PRFileDesc*,SSL_ImportFD,(PRFileDesc *model, PRFileDesc *fd))
 {
-	WRAPINIT(SSL_ImportFD);
+	WRAPINIT_FN(SSL_ImportFD,load_offsets);
 
 	PRFileDesc* ret=_SSL_ImportFD(model,fd);
 

ssltrace.cpp

@@ -19,12 +19,11 @@
 
 #include "ssltrace.h"
 
-#define _GNU_SOURCE
-
 #include <dlfcn.h>
 #include <link.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdarg.h>
 #include <string.h>
 #include <errno.h>
 
@@ -112,6 +111,16 @@ void *ssltrace_dlsym(const char *symbol)
 	return ret;
 }
 
+void ssltrace_debug(const char* fmt, ...)
+{
+	va_list ap;
+
+	fputs(SSLTRACE ": ",ssltrace_log_handle());
+	va_start(ap, fmt);vfprintf(stderr, fmt, ap);va_end(ap);
+	fputc('\n',ssltrace_log_handle());
+	fflush(ssltrace_log_handle());
+}
+
 void ssltrace_die(const char* message)
 {
 	fprintf(ssltrace_log_handle(),SSLTRACE ": %s\n",message);

ssltrace.h

@@ -35,8 +35,13 @@
 		ssltrace_die("Unable to resolve symbol " #name); \
 	}
 
+#define WRAPINIT_FN(name,fn) \
+	WRAPINIT(name); \
+	fn((void*)_##name);
+
 void *ssltrace_dlsym(const char *symbol);
 void ssltrace_die(const char* message);
+void ssltrace_debug(const char* fmt, ...);
 void ssltrace_trace_sessionid(unsigned char* sessionid, unsigned int sessionid_length, unsigned char* masterkey, unsigned int masterkey_length);
 void ssltrace_trace_clientrandom(unsigned char* clientrandom, unsigned int clientrandom_length, unsigned char* masterkey, unsigned int masterkey_length);