From 8c8b2105544920d49268e9283317bad28c5ff3d4 Mon Sep 17 00:00:00 2001 From: idawda Date: Thu, 11 Jul 2024 18:21:56 +0530 Subject: [PATCH 1/4] NR-288606: Fix for bug NR-250981 where false API reported for CXF framework --- .../instrumentation/helpers/URLMappingsHelper.java | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java index 037fb4fab..50529294c 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java @@ -27,6 +27,14 @@ public class URLMappingsHelper { add("org.apache.catalina.servlets.DefaultServlet"); add("org.eclipse.jetty.servlet.DefaultServlet"); add("grails.plugin.databasemigration.DbdocController"); + add("org.apache.cxf.transport.servlet.CXFServlet"); + add("javax.faces.webapp.FacesServlet"); + add("jakarta.faces.webapp.FacesServlet"); + add("weblogic.servlet.JSPServlet"); + add("weblogic.servlet.FileServlet"); + add("weblogic.management.rest.JerseyServlet"); + add("com.caucho.jsp.XtpServlet"); + add("com.caucho.jsp.JspServlet"); }}; public static Set getApplicationURLMappings() { From f825c6453a83e3f5cf10af560331ba048a11580e Mon Sep 17 00:00:00 2001 From: idawda Date: Fri, 26 Jul 2024 23:05:25 +0530 Subject: [PATCH 2/4] NR-293077: API Endpoint support for resin server --- instrumentation-security/resin-4/build.gradle | 22 ++++++++ .../resin-4/lib/.gitignore | 2 + .../java/com/caucho/server/webapp/WebApp.java | 14 ++++++ .../resin4/HttpServletHelper.java | 50 +++++++++++++++++++ settings.gradle | 1 + 5 files changed, 89 insertions(+) create mode 100644 instrumentation-security/resin-4/build.gradle create mode 100644 instrumentation-security/resin-4/lib/.gitignore create mode 100644 instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebApp.java create mode 100644 instrumentation-security/resin-4/src/main/java/com/newrelic/agent/security/instrumentation/resin4/HttpServletHelper.java diff --git a/instrumentation-security/resin-4/build.gradle b/instrumentation-security/resin-4/build.gradle new file mode 100644 index 000000000..5f1644bb3 --- /dev/null +++ b/instrumentation-security/resin-4/build.gradle @@ -0,0 +1,22 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("javax.servlet:javax.servlet-api:3.0.1") + implementation("com.caucho:resin:4.0.66") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.resin-4' } +} + +verifyInstrumentation { + passes 'com.caucho:resin:[4.0.52,)' + verifyClasspath = false +} + +site { + title 'Resin' + type 'Appserver' + versionOverride '[4.0.0,)' +} diff --git a/instrumentation-security/resin-4/lib/.gitignore b/instrumentation-security/resin-4/lib/.gitignore new file mode 100644 index 000000000..d6b7ef32c --- /dev/null +++ b/instrumentation-security/resin-4/lib/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore diff --git a/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebApp.java b/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebApp.java new file mode 100644 index 000000000..3b075a59b --- /dev/null +++ b/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebApp.java @@ -0,0 +1,14 @@ +package com.caucho.server.webapp; + +import com.newrelic.agent.security.instrumentation.resin4.HttpServletHelper; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; + +@Weave +public abstract class WebApp extends ServletContextImpl{ + + public void init() { + Weaver.callOriginal(); + HttpServletHelper.gatherURLMappings(this); + } +} diff --git a/instrumentation-security/resin-4/src/main/java/com/newrelic/agent/security/instrumentation/resin4/HttpServletHelper.java b/instrumentation-security/resin-4/src/main/java/com/newrelic/agent/security/instrumentation/resin4/HttpServletHelper.java new file mode 100644 index 000000000..a2222b50b --- /dev/null +++ b/instrumentation-security/resin-4/src/main/java/com/newrelic/agent/security/instrumentation/resin4/HttpServletHelper.java @@ -0,0 +1,50 @@ +package com.newrelic.agent.security.instrumentation.resin4; + + +import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.utils.logging.LogLevel; + +import javax.servlet.ServletContext; +import javax.servlet.ServletRegistration; +import java.util.Collection; +import java.util.Map; + +public class HttpServletHelper { + public static final String RESIN_40 = "RESIN-4.0"; + + public static void gatherURLMappings(ServletContext servletContext) { + try { + Map servletRegistrations = servletContext.getServletRegistrations(); + getJSPMappings(servletContext, URLMappingsHelper.SEPARATOR); + + for (ServletRegistration servletRegistration : servletRegistrations.values()) { + for (String s : servletRegistration.getMappings()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, s, servletRegistration.getClassName())); + } + } + } catch (Exception e){ + NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, RESIN_40, e.getMessage()), e, HttpServletHelper.class.getName()); + } + } + + public static void getJSPMappings(ServletContext servletContext, String dir) { + try { + if(dir.endsWith(URLMappingsHelper.SEPARATOR)){ + Collection resourcePaths = servletContext.getResourcePaths(dir); + for (String path : resourcePaths) { + if(path.endsWith(URLMappingsHelper.SEPARATOR)) { + getJSPMappings(servletContext, path); + } + else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP") || path.endsWith(".JSPX")) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, path)); + } + } + } + } catch (Exception e){ + NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, RESIN_40, e.getMessage()), e, HttpServletHelper.class.getName()); + } + } +} diff --git a/settings.gradle b/settings.gradle index ca13695b0..61e9bec6c 100644 --- a/settings.gradle +++ b/settings.gradle @@ -209,3 +209,4 @@ include 'instrumentation:weblogic-12.2' include 'instrumentation:jedis-4.0.0' include 'instrumentation:jedis-3.0.0' include 'instrumentation:jedis-2.7.1_2.7.2' +include 'instrumentation:resin-4' \ No newline at end of file From 0044931b7d6265d42c228413af946671084db8ed Mon Sep 17 00:00:00 2001 From: idawda Date: Thu, 1 Aug 2024 13:44:46 +0530 Subject: [PATCH 3/4] Remove reporting of false API reported for resin API --- .../security/instrumentation/helpers/URLMappingsHelper.java | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java index 50529294c..62b8ed398 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java @@ -35,6 +35,12 @@ public class URLMappingsHelper { add("weblogic.management.rest.JerseyServlet"); add("com.caucho.jsp.XtpServlet"); add("com.caucho.jsp.JspServlet"); + add("com.caucho.xtpdoc.ResinDocServlet"); + add("com.caucho.quercus.servlet.QuercusServlet"); + add("com.caucho.servlets.FileServlet"); + add("com.caucho.doc.JavadocRedirectServlet"); + add("com.caucho.xtpdoc.ReferenceServlet"); + add("com.caucho.doc.ViewFileServlet"); }}; public static Set getApplicationURLMappings() { From 1f5d13d3af2c65c8f27d4286a32c6c2c9fafe678 Mon Sep 17 00:00:00 2001 From: idawda Date: Wed, 14 Aug 2024 18:07:47 +0530 Subject: [PATCH 4/4] [NR-302757] Fix for NR-299202, where annotations based APIs were missing --- .../java/com/caucho/server/webapp/WebApp.java | 9 +-------- .../caucho/server/webapp/WebAppContainer.java | 20 +++++++++++++++++++ .../resin4/HttpServletHelper.java | 17 ++++++++++++++-- 3 files changed, 36 insertions(+), 10 deletions(-) create mode 100644 instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebAppContainer.java diff --git a/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebApp.java b/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebApp.java index 3b075a59b..771cf5434 100644 --- a/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebApp.java +++ b/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebApp.java @@ -1,14 +1,7 @@ package com.caucho.server.webapp; -import com.newrelic.agent.security.instrumentation.resin4.HttpServletHelper; import com.newrelic.api.agent.weaver.Weave; -import com.newrelic.api.agent.weaver.Weaver; @Weave -public abstract class WebApp extends ServletContextImpl{ - - public void init() { - Weaver.callOriginal(); - HttpServletHelper.gatherURLMappings(this); - } +public class WebApp extends ServletContextImpl { } diff --git a/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebAppContainer.java b/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebAppContainer.java new file mode 100644 index 000000000..8e233f1fa --- /dev/null +++ b/instrumentation-security/resin-4/src/main/java/com/caucho/server/webapp/WebAppContainer.java @@ -0,0 +1,20 @@ +package com.caucho.server.webapp; + +import com.newrelic.agent.security.instrumentation.resin4.HttpServletHelper; +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; + +@Weave(type = MatchType.BaseClass) +public class WebAppContainer { + + public WebAppController[] getWebAppList() { + return Weaver.callOriginal(); + } + + public void start() { + Weaver.callOriginal(); + HttpServletHelper.gatherURLMappings(getWebAppList()); + } + +} diff --git a/instrumentation-security/resin-4/src/main/java/com/newrelic/agent/security/instrumentation/resin4/HttpServletHelper.java b/instrumentation-security/resin-4/src/main/java/com/newrelic/agent/security/instrumentation/resin4/HttpServletHelper.java index a2222b50b..5dd0aff6f 100644 --- a/instrumentation-security/resin-4/src/main/java/com/newrelic/agent/security/instrumentation/resin4/HttpServletHelper.java +++ b/instrumentation-security/resin-4/src/main/java/com/newrelic/agent/security/instrumentation/resin4/HttpServletHelper.java @@ -1,6 +1,7 @@ package com.newrelic.agent.security.instrumentation.resin4; +import com.caucho.server.webapp.WebAppController; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; @@ -15,7 +16,7 @@ public class HttpServletHelper { public static final String RESIN_40 = "RESIN-4.0"; - public static void gatherURLMappings(ServletContext servletContext) { + private static void gatherURLMappings(ServletContext servletContext) { try { Map servletRegistrations = servletContext.getServletRegistrations(); getJSPMappings(servletContext, URLMappingsHelper.SEPARATOR); @@ -30,7 +31,7 @@ public static void gatherURLMappings(ServletContext servletContext) { } } - public static void getJSPMappings(ServletContext servletContext, String dir) { + private static void getJSPMappings(ServletContext servletContext, String dir) { try { if(dir.endsWith(URLMappingsHelper.SEPARATOR)){ Collection resourcePaths = servletContext.getResourcePaths(dir); @@ -47,4 +48,16 @@ else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP") NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, RESIN_40, e.getMessage()), e, HttpServletHelper.class.getName()); } } + + public static void gatherURLMappings(WebAppController[] webAppList) { + if (webAppList == null){ + return; + } + for (WebAppController webAppController : webAppList) { + if (webAppController.getWebApp() == null){ + continue; + } + gatherURLMappings(webAppController.getWebApp()); + } + } }