Unable to access network,ERR SSLDataEvent's fd is 0 address= fd=0 pid=9059

[wwf1227]

设备信息：小米14

houji:/data/local/tmp # uname -a
Linux localhost 6.1.57-android14-11-gd8b333a26dfd-ab11564698 #1 SMP PREEMPT Tue Mar 12 18:33:08 UTC 2024 aarch64 Toybox

houji:/data/local/tmp # ./ecapture tls
2024-10-24T09:10:36Z INF AppName="eCapture(旁观者)"
2024-10-24T09:10:36Z INF HomePage=https://ecapture.cc
2024-10-24T09:10:36Z INF Repository=https://github.com/gojue/ecapture
2024-10-24T09:10:36Z INF Author="CFC4N cfc4ncs@gmail.com"
2024-10-24T09:10:36Z INF Description="Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64."
2024-10-24T09:10:36Z INF Version=androidgki_arm64:v0.8.8:6.5.0-1025-azure
2024-10-24T09:10:36Z INF Listen=localhost:28256
2024-10-24T09:10:36Z INF eCapture running logs logger=
2024-10-24T09:10:36Z INF the file handler that receives the captured event eventCollector=
2024-10-24T09:10:36Z WRN ========== module starting. ==========
2024-10-24T09:10:36Z INF Kernel Info=6.1.57 Pid=27697
2024-10-24T09:10:36Z INF listen=localhost:28256
2024-10-24T09:10:36Z WRN Your environment is like a container. We won't be able to detect the BTF configuration.
If eCapture fails to run, try specifying the BTF mode. use -b 2 to specify non-CORE mode.
2024-10-24T09:10:36Z INF https server starting...You can update the configuration file via the HTTP interface.
2024-10-24T09:10:36Z INF BTF bytecode mode: CORE. btfMode=0
2024-10-24T09:10:36Z INF master key keylogger has been set. eBPFProgramType=Text keylogger=
2024-10-24T09:10:36Z INF module initialization. isReload=false moduleName=EBPFProbeOPENSSL
2024-10-24T09:10:36Z INF Module.Run()
2024-10-24T09:10:36Z INF OpenSSL/BoringSSL version found BoringSSL Version=14
2024-10-24T09:10:36Z INF Hook masterKey function ElfType=2 Functions=["SSL_in_init"] binrayPath=/apex/com.android.conscrypt/lib64/libssl.so
2024-10-24T09:10:36Z INF target all process.
2024-10-24T09:10:36Z INF target all users.
2024-10-24T09:10:36Z INF setupManagers eBPFProgramType=Text
2024-10-24T09:10:36Z INF BPF bytecode file is matched. bpfFileName=user/bytecode/boringssl_a_14_kern_core.o
2024-10-24T09:10:36Z INF perfEventReader created mapSize(MB)=4
2024-10-24T09:10:36Z INF perfEventReader created mapSize(MB)=4
2024-10-24T09:10:36Z INF module started successfully. isReload=false moduleName=EBPFProbeOPENSSL
2024-10-24T09:11:02Z ERR SSLDataEvent's fd is 0 address= fd=0 pid=9059
2024-10-24T09:11:02Z ERR SSLDataEvent's fd is 0 address= fd=0 pid=9059

[cfc4n]

SSLDataEvent's fd is 0 address= fd=0 pid=9059

In fact, this information does not affect the normal operation of the software. Just a reminder, I will adjust the error level of this message to INF in the next version.

[yuweizzz]

try the master branch. it should be fix by #642

[cfc4n]

or try v0.8.9

[xxxxxliil]

@yuweizzz 如果在 0.8.9 的 debug 日志中可以显示 bio 模式但 fd 仍为 0 是预期行为吗？

[yuweizzz]

参考对应的 bio 类型，不大于 BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR 的值，num 不用于表示 fd

[xxxxxliil]

参考对应的 bio 类型，不大于 BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR 的值，num 不用于表示 fd

这种 bio 类型无法获取 fd 是预期行为吗？

[yuweizzz]

我认为是预期的。

[cfc4n]

No response for a long time, closed.