fix(ja4ebpf): split bpf2go generate into Ja4Tc + Ja4Ssl, fix RPM systemd-rpm-macros

- Use two separate //go:generate directives (Ja4Tc for tc_capture.c, Ja4Ssl for uprobe_ssl.c) to avoid duplicate LICENSE symbol and multi-file clang issue - Update loader.go to hold tcObjs/sslObjs separately with correct field names: UprobeSslSetFd, UprobeSslReadEntry, UretprobeSslReadExit, KprobeAccept4Entry, KretprobeAccept4Exit - Add systemd-rpm-macros to all three RPM build stages (el8/el9/el10) so that %{_unitdir} macro resolves correctly - RPMs now build successfully for el8, el9, el10 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-11 23:21:11 +02:00
parent a1e4c1dad5
commit 3b047b680a
155 changed files with 197011 additions and 599 deletions
--- a/tests/integration/apache/platform/httpd-ssl.conf
+++ b/tests/integration/apache/platform/httpd-ssl.conf
@ -0,0 +1,57 @@
+# Configuration Apache HTTPD — HTTPS + HTTP/2 pour les tests ja4ebpf
+# Remplace /etc/httpd/conf.d/ssl.conf
+
+Listen 443 https
+
+SSLPassPhraseDialog  exec:/usr/libexec/httpd-ssl-pass-dialog
+SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
+SSLSessionCacheTimeout  300
+SSLCryptoDevice builtin
+
+# Désactiver SSLv2/v3 et TLSv1.0/1.1 pour forcer JA4 modernes
+SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
+
+# Suites de chiffrement compatibles HTTP/2 + TLS 1.2/1.3
+SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384
+SSLHonorCipherOrder off
+
+<VirtualHost _default_:443>
+    ServerName platform.test
+    DocumentRoot /var/www/html
+
+    # Activation HTTP/2 (ALPN h2)
+    Protocols h2 http/1.1
+
+    SSLEngine on
+    SSLCertificateFile    /etc/pki/tls/certs/apache.crt
+    SSLCertificateKeyFile /etc/pki/tls/private/apache.key
+
+    <Directory /var/www/html>
+        AllowOverride None
+        Require all granted
+    </Directory>
+
+    # Route healthcheck
+    Alias /health /var/www/html/health
+    <Location /health>
+        Header always set Content-Type "application/json"
+    </Location>
+
+    # Logs
+    ErrorLog  /var/log/httpd/ssl_error.log
+    CustomLog /var/log/httpd/ssl_access.log combined
+</VirtualHost>
+
+# VirtualHost HTTP (port 80) pour capturer le trafic en clair
+<VirtualHost *:80>
+    ServerName platform.test
+    DocumentRoot /var/www/html
+
+    <Directory /var/www/html>
+        AllowOverride None
+        Require all granted
+    </Directory>
+
+    ErrorLog  /var/log/httpd/access_error.log
+    CustomLog /var/log/httpd/access_log combined
+</VirtualHost>