chore: remove unused flags BuildRequires in rpmBuild.spec (#666)

delete unused images. changed the constant to the camel style. typos. Signed-off-by: CFC4N <[email protected]>
gojue · Nov 13, 2024 · 400afe0 · 400afe0
1 parent 29bff39
commit 400afe0
Show file tree

Hide file tree

Showing 12 changed files with 243 additions and 31 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -192,7 +192,7 @@ eCapture支持[Pcap Filter Syntax](https://www.tcpdump.org/manpages/pcap-filter.
 ecapture tls -m pcap -i wlan0 -w save.pcapng host 192.168.1.1 and tcp port 443
 ```
 
-![](https://github.com/gojue/ecapture/blob/master/images/ecapture-help-v0.7.4.png)
+![](https://github.com/gojue/ecapture/blob/master/images/ecapture-help-v0.8.9.svg)
 
 ## What's Changed
 * Update probe_bash.go by @sancppp in https://github.com/gojue/ecapture/pull/479

diff --git a/README.md b/README.md
@@ -39,8 +39,7 @@
 * bash audit, capture bash command for Host Security Audit.
 * mysql query SQL audit, support mysqld 5.6\5.7\8.0, and mariadDB.
 
-
-![](./images/ecapture-help-v0.7.4.png)
+![](./images/ecapture-help-v0.8.9.svg)
 
 # Getting started
 

diff --git a/README_CN.md b/README_CN.md
@@ -41,6 +41,7 @@
 eCapture的中文名字为**旁观者**，即「**当局者迷，旁观者清**」，与其本身功能**旁路、观察**
 契合，且发音与英文有相似之处。eCapture使用eBPF `Uprobe`/`Traffic Control`技术，实现各种用户空间/内核空间的数据捕获，无需改动原程序。
 
+
 # 快速上手
 
 ## 下载
@@ -66,6 +67,8 @@ docker run --rm --privileged=true --net=host -v ${宿主机文件路径}:${容
 
 ## 小试身手
 
+![](./images/ecapture-help-v0.8.9.svg)
+
 捕获基于Openssl动态链接库加密的网络通讯。
 
 ```shell

diff --git a/README_JA.md b/README_JA.md
@@ -67,6 +67,8 @@ docker run --rm --privileged=true --net=host -v ${ホスト側のファイルパ
 
 ## 使用例
 
+![](./images/ecapture-help-v0.8.9.svg)
+
 Openssl動的リンクライブラリに基づくネットワーク通信をキャプチャします。
 
 ```shell

diff --git a/builder/rpmBuild.spec b/builder/rpmBuild.spec
@@ -9,11 +9,6 @@ Source0:    %{name}-%{version}.tar.gz
 %global _missing_build_ids_terminate_build 0
 %define debug_package %{nil}
 
-BuildRequires: make
-BuildRequires: clang
-BuildRequires: golang
-BuildRequires: elfutils
-
 
 %description
 SSL/TLS plaintext capture,

diff --git a/cli/cmd/gnutls.go b/cli/cmd/gnutls.go
@@ -37,7 +37,7 @@ ecapture gnutls
 ecapture gnutls --hex --pid=3423
 ecapture gnutls -l save.log --pid=3423
 ecapture gnutls --gnutls=/lib/x86_64-linux-gnu/libgnutls.so
-ecapture gnutls -m keylog -k ecapture_gnutls_key.og --ssl_version=3.7.9
+ecapture gnutls -m keylog -k ecapture_gnutls_key.log --ssl_version=3.7.9
 ecapture gnutls -m pcap --pcapfile save.pcapng -i eth0 --gnutls=/lib/x86_64-linux-gnu/libgnutls.so tcp port 443
 `,
 	Run: gnuTlsCommandFunc,

diff --git a/cli/cmd/nss.go b/cli/cmd/nss.go
@@ -40,7 +40,6 @@ ecapture nss --nspr=/lib/x86_64-linux-gnu/libnspr44.so
 }
 
 func init() {
-	//nssCmd.PersistentFlags().StringVar(&nc.Firefoxpath, "firefox", "", "firefox file path, default: /usr/lib/firefox/firefox. (Deprecated)")
 	nssCmd.PersistentFlags().StringVar(&nc.Nsprpath, "nspr", "", "libnspr44.so file path, will automatically find it from curl default.")
 	rootCmd.AddCommand(nssCmd)
 }

diff --git a/cli/cmd/tls.go b/cli/cmd/tls.go
@@ -46,11 +46,10 @@ docker run --rm --privileged=true --net=host -v /etc:/etc -v /usr:/usr -v ${PWD}
 }
 
 func init() {
-	// opensslCmd.PersistentFlags().StringVar(&oc.Curlpath, "curl", "", "curl or wget file path, use to dectet openssl.so path, default:/usr/bin/curl. (Deprecated)")
 	opensslCmd.PersistentFlags().StringVar(&oc.Openssl, "libssl", "", "libssl.so file path, will automatically find it from curl default.")
 	opensslCmd.PersistentFlags().StringVar(&oc.CGroupPath, "cgroup_path", "/sys/fs/cgroup", "cgroup path, default: /sys/fs/cgroup.")
 	opensslCmd.PersistentFlags().StringVarP(&oc.Model, "model", "m", "text", "capture model, such as : text, pcap/pcapng, key/keylog")
-	opensslCmd.PersistentFlags().StringVarP(&oc.KeylogFile, "keylogfile", "k", "ecapture_openssl_key.og", "The file stores SSL/TLS keys, and eCapture captures these keys during encrypted traffic communication and saves them to the file.")
+	opensslCmd.PersistentFlags().StringVarP(&oc.KeylogFile, "keylogfile", "k", "ecapture_openssl_key.log", "The file stores SSL/TLS keys, and eCapture captures these keys during encrypted traffic communication and saves them to the file.")
 	opensslCmd.PersistentFlags().StringVarP(&oc.PcapFile, "pcapfile", "w", "save.pcapng", "write the raw packets to file as pcapng format.")
 	opensslCmd.PersistentFlags().StringVarP(&oc.Ifname, "ifname", "i", "", "(TC Classifier) Interface name on which the probe will be attached.")
 	opensslCmd.PersistentFlags().StringVar(&oc.SslVersion, "ssl_version", "", "openssl/boringssl version， e.g: --ssl_version=\"openssl 1.1.1g\" or  --ssl_version=\"boringssl 1.1.1\"")

diff --git a/images/ecapture-help-v0.8.9.svg b/images/ecapture-help-v0.8.9.svg
diff --git a/images/openssl-example.jpg b/images/openssl-example.jpg
diff --git a/images/wechat-group.jpg b/images/wechat-group.jpg
diff --git a/user/module/probe_gnutls_keylog.go b/user/module/probe_gnutls_keylog.go
@@ -31,24 +31,24 @@ import (
 // gnutls_protocol_t: https://github.com/gnutls/gnutls/blob/master/lib/includes/gnutls/gnutls.h.in#L822
 
 const (
-	_                             = iota
-	GNUTLS_SSL3, GNUTLS_DTLS1_0   = iota, iota + 200
-	GNUTLS_TLS1_0, GNUTLS_DTLS1_2 = iota, iota + 200
-	GNUTLS_TLS1_1                 = iota
-	GNUTLS_TLS1_2
-	GNUTLS_TLS1_3
-	GNUTLS_MAC_SHA256
-	GNUTLS_MAC_SHA384
+	_                         = iota
+	GnutlsSsl3, GnutlsDtls10  = iota, iota + 200
+	GnutlsTls10, GnutlsDtls12 = iota, iota + 200
+	GnutlsTls11               = iota
+	GnutlsTls12
+	GnutlsTls13
+	GnutlsMacSha256
+	GnutlsMacSha384
 )
 
 var GnutlsVersionToString = map[int32]string{
-	GNUTLS_SSL3:    "GNUTLS_SSL3",
-	GNUTLS_TLS1_0:  "GNUTLS_TLS1_0",
-	GNUTLS_TLS1_1:  "GNUTLS_TLS1_1",
-	GNUTLS_TLS1_2:  "GNUTLS_TLS1_2",
-	GNUTLS_TLS1_3:  "GNUTLS_TLS1_3",
-	GNUTLS_DTLS1_0: "GNUTLS_DTLS1_0",
-	GNUTLS_DTLS1_2: "GNUTLS_DTLS1_2",
+	GnutlsSsl3:   "GNUTLS_SSL3",
+	GnutlsTls10:  "GNUTLS_TLS1_0",
+	GnutlsTls11:  "GNUTLS_TLS1_1",
+	GnutlsTls12:  "GNUTLS_TLS1_2",
+	GnutlsTls13:  "GNUTLS_TLS1_3",
+	GnutlsDtls10: "GNUTLS_DTLS1_0",
+	GnutlsDtls12: "GNUTLS_DTLS1_2",
 }
 
 func (g *MGnutlsProbe) setupManagersKeylog() error {
@@ -129,12 +129,12 @@ func (g *MGnutlsProbe) saveMasterSecret(secretEvent *event.MasterSecretGnutlsEve
 	buf := bytes.NewBuffer(nil)
 	switch secretEvent.Version {
 	// tls1.3
-	case GNUTLS_TLS1_3:
+	case GnutlsTls13:
 		var length int
 		switch secretEvent.CipherId {
-		case GNUTLS_MAC_SHA384:
+		case GnutlsMacSha384:
 			length = 48
-		case GNUTLS_MAC_SHA256:
+		case GnutlsMacSha256:
 			fallthrough
 		default:
 			// default MAC output length: 32 -- SHA256
@@ -151,7 +151,7 @@ func (g *MGnutlsProbe) saveMasterSecret(secretEvent *event.MasterSecretGnutlsEve
 		stSecret := secretEvent.ServerTrafficSecret[0:length]
 		buf.WriteString(fmt.Sprintf("%s %s %02x\n", "SERVER_TRAFFIC_SECRET_0", clientRandomHex, stSecret))
 	// tls1.2
-	case GNUTLS_TLS1_2:
+	case GnutlsTls12:
 		fallthrough
 	// tls1.1, tls1.0, ssl3.0, dtls 1.0 and dtls 1.2
 	default: