Configuration System
Relevant source files
The following files were used as context for generating this wiki page:
The Configuration System manages module-specific settings, platform detection, library discovery, and parameter validation for ecapture's various capture modules. This system provides a unified interface for configuring TLS/SSL interception across different libraries (OpenSSL, Go TLS, GnuTLS, NSPR) and platforms (Linux, Android).
For information about how configurations are applied during module execution, see Capture Modules. For build-time configuration and compilation settings, see Build System.
Architecture Overview
The configuration system follows a hierarchical design with base configuration inherited by module-specific implementations:
Sources: user/config/config_gotls.go:77-93, user/config/config_openssl.go:39-53, user/config/config_gnutls.go:20-31, user/config/config_nspr.go:20-25
Base Configuration Structure
All module configurations inherit from BaseConfig, which provides common functionality:
| Field | Type | Purpose |
|---|---|---|
PerCpuMapSize | int | eBPF map size per CPU core |
Pid | uint32 | Target process ID filter |
Uid | uint32 | Target user ID filter |
Debug | bool | Enable debug logging |
Sources: user/config/config_gotls.go:96-100, user/config/config_openssl.go:55-59, user/config/config_gnutls.go:33-37
Go TLS Configuration
The GoTLSConfig provides the most complex configuration logic, performing binary analysis of Go applications to extract symbol addresses and function offsets:
Binary Analysis Pipeline
Sources: user/config/config_gotls.go:102-190, user/config/config_gotls.go:281-325, user/config/config_gotls.go:327-357
Symbol Address Resolution
The Go configuration resolves specific function addresses for uprobe attachment:
| Function | Constant | Purpose |
|---|---|---|
crypto/tls.(*Conn).Read | GoTlsReadFunc | TLS read interception |
crypto/tls.(*Conn).writeRecordLocked | GoTlsWriteFunc | TLS write interception |
crypto/tls.(*Config).writeKeyLog | GoTlsMasterSecretFunc | Master secret extraction |
Sources: user/config/config_gotls.go:31-35, user/config/config_gotls.go:88-91, user/config/config_gotls.go:168-182
OpenSSL Configuration
OpenSSL configuration handles library discovery across different platforms and versions:
Library Discovery Process
Sources: user/config/config_openssl_linux.go:38-67, user/config/config_openssl_androidgki.go:34-71, user/config/config_openssl.go:74-111
Platform-Specific Paths
| Platform | Default Library Path | Interface |
|---|---|---|
| Linux | /usr/lib/x86_64-linux-gnu/libssl.so.3 | eth0 |
| Android | /apex/com.android.conscrypt/lib64/libssl.so | wlan0 |
Sources: user/config/config_openssl_linux.go:28-36, user/config/config_openssl_androidgki.go:26-32
Capture Model Selection
All TLS modules support multiple capture models through the checkModel() method:
Sources: user/config/config_gotls.go:264-279, user/config/config_openssl.go:61-72, user/config/config_gnutls.go:39-50
Configuration Validation
Each module implements a Check() method that performs comprehensive validation:
Validation Flow
Sources: user/config/config_gotls.go:102-190, user/config/config_openssl_linux.go:69-103, user/config/config_gnutls_linux.go:27-63
Module Integration
Configuration objects are created and used by CLI commands and passed to modules:
Sources: cli/cmd/gotls.go:26-58, user/module/probe_gotls_text.go:31-118, user/module/probe_gotls_keylog.go:31-104