diff --git a/gradle.properties b/gradle.properties index 808489c5a..60f520ebb 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,5 +1,5 @@ # The agent version. -agentVersion=1.2.1 +agentVersion=1.4.0 jsonVersion=2.0.0 # Updated exposed NR APM API version. nrAPIVersion=8.4.0 diff --git a/instrumentation-security/akka-http-2.11_10.0.0/src/main/scala/akka/http/scaladsl/server/AkkaCoreUtils.java b/instrumentation-security/akka-http-2.11_10.0.0/src/main/scala/akka/http/scaladsl/server/AkkaCoreUtils.java index 2d6c3c0ee..f35eae777 100644 --- a/instrumentation-security/akka-http-2.11_10.0.0/src/main/scala/akka/http/scaladsl/server/AkkaCoreUtils.java +++ b/instrumentation-security/akka-http-2.11_10.0.0/src/main/scala/akka/http/scaladsl/server/AkkaCoreUtils.java @@ -8,6 +8,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; @@ -16,7 +17,6 @@ import com.newrelic.api.agent.security.utils.logging.LogLevel; import java.util.Iterator; -import java.util.Map; import java.util.NoSuchElementException; public class AkkaCoreUtils { @@ -116,7 +116,7 @@ public static void preProcessHttpRequest (Boolean isServletLockAcquired, HttpReq securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(getProtocol(httpRequest.protocol().value())); diff --git a/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java b/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java index 4941f6bbb..6a616a40c 100644 --- a/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java +++ b/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java @@ -8,6 +8,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; @@ -121,7 +122,7 @@ public static void preProcessHttpRequest (Boolean isServletLockAcquired, HttpReq securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), - securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(getProtocol(httpRequest.protocol().value())); diff --git a/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java b/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java index ce4ca328e..19cad3b35 100644 --- a/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java +++ b/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java @@ -8,6 +8,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; @@ -120,7 +121,7 @@ public static void preProcessHttpRequest (Boolean isServletLockAcquired, HttpReq securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(getProtocol(httpRequest.protocol().value())); diff --git a/instrumentation-security/akka-http-core-2.13_10.2.0/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java b/instrumentation-security/akka-http-core-2.13_10.2.0/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java index fbd0018a1..5c64cc160 100644 --- a/instrumentation-security/akka-http-core-2.13_10.2.0/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java +++ b/instrumentation-security/akka-http-core-2.13_10.2.0/src/main/scala/akka/http/scaladsl/AkkaCoreUtils.java @@ -1,6 +1,5 @@ package akka.http.scaladsl; -import akka.Done; import akka.http.javadsl.model.HttpHeader; import akka.http.scaladsl.model.HttpRequest; import com.newrelic.api.agent.Token; @@ -9,6 +8,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; @@ -120,7 +120,7 @@ public static void preProcessHttpRequest (Boolean isServletLockAcquired, HttpReq securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(getProtocol(httpRequest.protocol().value())); diff --git a/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/GrpcServerUtils.java b/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/GrpcServerUtils.java index a225f67f6..9de43eeba 100644 --- a/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/GrpcServerUtils.java +++ b/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/GrpcServerUtils.java @@ -8,6 +8,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -72,7 +73,7 @@ public static void preprocessSecurityHook(ServerStream_Instrumentat securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.GRPC); if (call.getAttributes().get(Grpc.TRANSPORT_ATTR_SSL_SESSION) != null) { securityRequest.setProtocol("https"); diff --git a/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/client/GrpcClient.java b/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/client/GrpcClient.java index 54e02b882..1e66f55ef 100644 --- a/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/client/GrpcClient.java +++ b/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/client/GrpcClient.java @@ -7,6 +7,7 @@ import com.google.protobuf.Message; import com.google.protobuf.util.JsonFormat; import com.newrelic.agent.security.instrumentation.grpc1220.GrpcServerUtils; +import com.newrelic.agent.security.instrumentation.grpc1220.processor.GrpcRequestProcessor; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GrpcHelper; import com.newrelic.api.agent.security.schema.ControlCommandDto; @@ -55,7 +56,9 @@ protected ManagedChannel initialValue() { } }; - public Object fireRequest(ControlCommandDto controlCommandDto, int repeatCount) { + public Object fireRequest(GrpcRequestProcessor grpcRequestProcessor) { + ControlCommandDto controlCommandDto = grpcRequestProcessor.getControlCommandDto(); + int repeatCount = grpcRequestProcessor.getRepeatCount(); try { FuzzRequestBean requestBean = controlCommandDto.getRequestBean(); List payloads = controlCommandDto.getRequestPayloads(); @@ -82,13 +85,20 @@ public Object fireRequest(ControlCommandDto controlCommandDto, int repeatCount) isSuccess = customBiDiStream(channel, requestBean, payloads); break; } + grpcRequestProcessor.setSuccessful(true); + return isSuccess; } catch (InterruptedException e) { + grpcRequestProcessor.setExceptionRaised(true); + grpcRequestProcessor.setError(e); + if (repeatCount >= 0) { - return fireRequest(controlCommandDto, --repeatCount); + return fireRequest(grpcRequestProcessor); } return false; } catch (Throwable e) { + grpcRequestProcessor.setExceptionRaised(true); + grpcRequestProcessor.setError(e); return e; } } diff --git a/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/processor/GrpcRequestProcessor.java b/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/processor/GrpcRequestProcessor.java index b81f9444b..97808a7d5 100644 --- a/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/processor/GrpcRequestProcessor.java +++ b/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/processor/GrpcRequestProcessor.java @@ -1,13 +1,9 @@ package com.newrelic.agent.security.instrumentation.grpc1220.processor; import com.newrelic.agent.security.instrumentation.grpc1220.client.GrpcClient; -import com.newrelic.api.agent.security.NewRelicSecurity; -import com.newrelic.api.agent.security.instrumentation.helpers.GrpcClientRequestReplayHelper; import com.newrelic.api.agent.security.schema.ControlCommandDto; -import com.newrelic.api.agent.security.utils.logging.LogLevel; import java.util.concurrent.Callable; -import java.util.concurrent.Future; public class GrpcRequestProcessor implements Callable { public static final String CALL_FAILED_REQUEST_S_REASON = "Call failed : request %s reason : "; @@ -15,6 +11,14 @@ public class GrpcRequestProcessor implements Callable { private int repeatCount; private static final int MAX_REPETITION = 3; + private boolean isSuccessful = false; + + private int responseCode; + + private boolean exceptionRaised = false; + + private Throwable error; + public GrpcRequestProcessor(ControlCommandDto controlCommandDto, int repeatCount) { this.controlCommandDto = controlCommandDto; this.repeatCount = repeatCount; @@ -22,33 +26,55 @@ public GrpcRequestProcessor(ControlCommandDto controlCommandDto, int repeatCount @Override public Object call() throws Exception { - return GrpcClient.getInstance().fireRequest(controlCommandDto, repeatCount); + return GrpcClient.getInstance().fireRequest(this); } public static void executeGrpcRequest(ControlCommandDto controlCommandDto) { - Future future = GrpcRequestThreadPool.getInstance().executor + GrpcRequestThreadPool.getInstance().executor .submit(new GrpcRequestProcessor(controlCommandDto, MAX_REPETITION)); - try { - Object futureResult = future.get(); - if (futureResult instanceof Throwable) { - NewRelicSecurity.getAgent().log(LogLevel.FINER, String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getRequestBean()), (Throwable) futureResult, GrpcClient.class.getName()); - NewRelicSecurity.getAgent().reportIncident(LogLevel.WARNING, - String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getId()), - (Throwable) futureResult, GrpcClient.class.getName()); - GrpcClientRequestReplayHelper.getInstance().addFuzzFailEventToQueue(controlCommandDto.getRequestBean(), (Throwable) futureResult); - } else { - GrpcClientRequestReplayHelper.getInstance().getPendingIds().remove(controlCommandDto.getId()); - } - } catch (Throwable e) { - NewRelicSecurity.getAgent().log(LogLevel.SEVERE, String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getRequestBean()), e, GrpcRequestProcessor.class.getName()); - NewRelicSecurity.getAgent().reportIncident(LogLevel.SEVERE, - String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getId()), - e, GrpcRequestProcessor.class.getName()); - GrpcClientRequestReplayHelper.getInstance().addFuzzFailEventToQueue(controlCommandDto.getRequestBean(), e); - } } public ControlCommandDto getPartialControlCommand() { return controlCommandDto; } + + public boolean isSuccessful() { + return isSuccessful; + } + + public void setSuccessful(boolean successful) { + isSuccessful = successful; + } + + public int getResponseCode() { + return responseCode; + } + + public void setResponseCode(int responseCode) { + this.responseCode = responseCode; + } + + public boolean isExceptionRaised() { + return exceptionRaised; + } + + public void setExceptionRaised(boolean exceptionRaised) { + this.exceptionRaised = exceptionRaised; + } + + public Throwable getError() { + return error; + } + + public void setError(Throwable error) { + this.error = error; + } + + public ControlCommandDto getControlCommandDto() { + return controlCommandDto; + } + + public int getRepeatCount() { + return repeatCount; + } } \ No newline at end of file diff --git a/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/processor/GrpcRequestThreadPool.java b/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/processor/GrpcRequestThreadPool.java index 178defe2c..ac03062c2 100644 --- a/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/processor/GrpcRequestThreadPool.java +++ b/instrumentation-security/grpc-1.22.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1220/processor/GrpcRequestThreadPool.java @@ -5,10 +5,9 @@ import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.utils.logging.LogLevel; -import java.util.HashSet; +import java.io.InterruptedIOException; import java.util.concurrent.BlockingQueue; import java.util.concurrent.Callable; -import java.util.concurrent.ExecutionException; import java.util.concurrent.LinkedBlockingQueue; import java.util.concurrent.RunnableFuture; import java.util.concurrent.ThreadFactory; @@ -50,21 +49,23 @@ protected void afterExecute(Runnable r, Throwable t) { GrpcClientRequestReplayHelper.getInstance().setInProcessRequestQueue(getQueue()); controlCommandId = null; if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof GrpcRequestProcessor) { - Object result = (Object) ((CustomFutureTask) r).get(); GrpcRequestProcessor task = (GrpcRequestProcessor) ((CustomFutureTask) r).getTask(); controlCommandId = task.getPartialControlCommand().getId(); - if (t != null || result != null) { - if (StringUtils.isNotBlank(controlCommandId)) { - GrpcClientRequestReplayHelper.getInstance().getRejectedIds().add(controlCommandId); - } + + if (task.isSuccessful()) { + GrpcClientRequestReplayHelper.getInstance().getCompletedReplay().add(controlCommandId); + } else if (task.isExceptionRaised() && task.getError() instanceof InterruptedIOException) { + GrpcClientRequestReplayHelper.getInstance().getClearFromPending().add(controlCommandId); + } else if(task.isExceptionRaised()) { + GrpcClientRequestReplayHelper.getInstance().getErrorInReplay().add(controlCommandId); } else { - GrpcClientRequestReplayHelper.getInstance().getProcessedIds().putIfAbsent(controlCommandId, new HashSet<>()); + GrpcClientRequestReplayHelper.getInstance().getClearFromPending().add(controlCommandId); + } + if (StringUtils.isBlank(controlCommandId)) { + GrpcClientRequestReplayHelper.getInstance().getRejectedIds().add(controlCommandId); } } - if (StringUtils.isNotBlank(controlCommandId)) { - GrpcClientRequestReplayHelper.getInstance().getPendingIds().remove(controlCommandId); - } - } catch (InterruptedException | ExecutionException ignored) { + } catch (Exception ignored) { } } diff --git a/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/GrpcServerUtils.java b/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/GrpcServerUtils.java index d04a458b1..694bd3b9e 100644 --- a/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/GrpcServerUtils.java +++ b/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/GrpcServerUtils.java @@ -8,6 +8,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -22,7 +23,6 @@ import java.net.URISyntaxException; import java.util.Arrays; import java.util.HashSet; -import java.util.Map; import java.util.Set; public class GrpcServerUtils { @@ -72,7 +72,7 @@ public static void preprocessSecurityHook(ServerStream_Instrumentat securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.GRPC); if (call.getAttributes().get(Grpc.TRANSPORT_ATTR_SSL_SESSION) != null) { securityRequest.setProtocol("https"); diff --git a/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/client/GrpcClient.java b/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/client/GrpcClient.java index 774550bf5..ce19b06c6 100644 --- a/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/client/GrpcClient.java +++ b/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/client/GrpcClient.java @@ -7,6 +7,7 @@ import com.google.protobuf.Message; import com.google.protobuf.util.JsonFormat; import com.newrelic.agent.security.instrumentation.grpc140.GrpcServerUtils; +import com.newrelic.agent.security.instrumentation.grpc140.processor.GrpcRequestProcessor; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GrpcHelper; import com.newrelic.api.agent.security.schema.ControlCommandDto; @@ -55,7 +56,9 @@ protected ManagedChannel initialValue() { } }; - public Object fireRequest(ControlCommandDto controlCommandDto, int repeatCount) { + public Object fireRequest(GrpcRequestProcessor grpcRequestProcessor) { + ControlCommandDto controlCommandDto = grpcRequestProcessor.getControlCommandDto(); + int repeatCount = grpcRequestProcessor.getRepeatCount(); try { FuzzRequestBean requestBean = controlCommandDto.getRequestBean(); List payloads = controlCommandDto.getRequestPayloads(); @@ -82,13 +85,20 @@ public Object fireRequest(ControlCommandDto controlCommandDto, int repeatCount) isSuccess = customBiDiStream(channel, requestBean, payloads); break; } + grpcRequestProcessor.setSuccessful(true); + return isSuccess; } catch (InterruptedException e) { + grpcRequestProcessor.setExceptionRaised(true); + grpcRequestProcessor.setError(e); + if (repeatCount >= 0) { - return fireRequest(controlCommandDto, --repeatCount); + return fireRequest(grpcRequestProcessor); } return false; } catch (Throwable e) { + grpcRequestProcessor.setExceptionRaised(true); + grpcRequestProcessor.setError(e); return e; } } diff --git a/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/processor/GrpcRequestProcessor.java b/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/processor/GrpcRequestProcessor.java index 242b46e43..6524ea72e 100644 --- a/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/processor/GrpcRequestProcessor.java +++ b/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/processor/GrpcRequestProcessor.java @@ -15,6 +15,14 @@ public class GrpcRequestProcessor implements Callable { private int repeatCount; private static final int MAX_REPETITION = 3; + private boolean isSuccessful = false; + + private int responseCode; + + private boolean exceptionRaised = false; + + private Throwable error; + public GrpcRequestProcessor(ControlCommandDto controlCommandDto, int repeatCount) { this.controlCommandDto = controlCommandDto; this.repeatCount = repeatCount; @@ -22,33 +30,55 @@ public GrpcRequestProcessor(ControlCommandDto controlCommandDto, int repeatCount @Override public Object call() throws Exception { - return GrpcClient.getInstance().fireRequest(controlCommandDto, repeatCount); + return GrpcClient.getInstance().fireRequest(this); } public static void executeGrpcRequest(ControlCommandDto controlCommandDto) { - Future future = GrpcRequestThreadPool.getInstance().executor + GrpcRequestThreadPool.getInstance().executor .submit(new GrpcRequestProcessor(controlCommandDto, MAX_REPETITION)); - try { - Object futureResult = future.get(); - if (futureResult instanceof Throwable) { - NewRelicSecurity.getAgent().log(LogLevel.FINER, String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getRequestBean()), (Throwable) futureResult, GrpcClient.class.getName()); - NewRelicSecurity.getAgent().reportIncident(LogLevel.WARNING, - String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getId()), - (Throwable) futureResult, GrpcClient.class.getName()); - GrpcClientRequestReplayHelper.getInstance().addFuzzFailEventToQueue(controlCommandDto.getRequestBean(), (Throwable) futureResult); - } else { - GrpcClientRequestReplayHelper.getInstance().getPendingIds().remove(controlCommandDto.getId()); - } - } catch (Throwable e) { - NewRelicSecurity.getAgent().log(LogLevel.SEVERE, String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getRequestBean()), e, GrpcRequestProcessor.class.getName()); - NewRelicSecurity.getAgent().reportIncident(LogLevel.SEVERE, - String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getId()), - e, GrpcRequestProcessor.class.getName()); - GrpcClientRequestReplayHelper.getInstance().addFuzzFailEventToQueue(controlCommandDto.getRequestBean(), e); - } } public ControlCommandDto getPartialControlCommand() { return controlCommandDto; } + + public boolean isSuccessful() { + return isSuccessful; + } + + public void setSuccessful(boolean successful) { + isSuccessful = successful; + } + + public int getResponseCode() { + return responseCode; + } + + public void setResponseCode(int responseCode) { + this.responseCode = responseCode; + } + + public boolean isExceptionRaised() { + return exceptionRaised; + } + + public void setExceptionRaised(boolean exceptionRaised) { + this.exceptionRaised = exceptionRaised; + } + + public Throwable getError() { + return error; + } + + public void setError(Throwable error) { + this.error = error; + } + + public ControlCommandDto getControlCommandDto() { + return controlCommandDto; + } + + public int getRepeatCount() { + return repeatCount; + } } \ No newline at end of file diff --git a/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/processor/GrpcRequestThreadPool.java b/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/processor/GrpcRequestThreadPool.java index a2e8fceef..3dd7014ed 100644 --- a/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/processor/GrpcRequestThreadPool.java +++ b/instrumentation-security/grpc-1.4.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc140/processor/GrpcRequestThreadPool.java @@ -5,10 +5,9 @@ import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.utils.logging.LogLevel; -import java.util.HashSet; +import java.io.InterruptedIOException; import java.util.concurrent.BlockingQueue; import java.util.concurrent.Callable; -import java.util.concurrent.ExecutionException; import java.util.concurrent.LinkedBlockingQueue; import java.util.concurrent.RunnableFuture; import java.util.concurrent.ThreadFactory; @@ -50,21 +49,22 @@ protected void afterExecute(Runnable r, Throwable t) { GrpcClientRequestReplayHelper.getInstance().setInProcessRequestQueue(getQueue()); controlCommandId = null; if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof GrpcRequestProcessor) { - Object result = (Object) ((CustomFutureTask) r).get(); GrpcRequestProcessor task = (GrpcRequestProcessor) ((CustomFutureTask) r).getTask(); controlCommandId = task.getPartialControlCommand().getId(); - if (t != null || result != null) { - if (StringUtils.isNotBlank(controlCommandId)) { - GrpcClientRequestReplayHelper.getInstance().getRejectedIds().add(controlCommandId); - } + if (task.isSuccessful()) { + GrpcClientRequestReplayHelper.getInstance().getCompletedReplay().add(controlCommandId); + } else if (task.isExceptionRaised() && task.getError() instanceof InterruptedIOException) { + GrpcClientRequestReplayHelper.getInstance().getClearFromPending().add(controlCommandId); + } else if(task.isExceptionRaised()) { + GrpcClientRequestReplayHelper.getInstance().getErrorInReplay().add(controlCommandId); } else { - GrpcClientRequestReplayHelper.getInstance().getProcessedIds().putIfAbsent(controlCommandId, new HashSet<>()); + GrpcClientRequestReplayHelper.getInstance().getClearFromPending().add(controlCommandId); + } + if (StringUtils.isBlank(controlCommandId)) { + GrpcClientRequestReplayHelper.getInstance().getRejectedIds().add(controlCommandId); } } - if (StringUtils.isNotBlank(controlCommandId)) { - GrpcClientRequestReplayHelper.getInstance().getPendingIds().remove(controlCommandId); - } - } catch (InterruptedException | ExecutionException ignored) { + } catch (Exception ignored) { } } diff --git a/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/GrpcServerUtils.java b/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/GrpcServerUtils.java index ba1dcc71c..68cb208cf 100644 --- a/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/GrpcServerUtils.java +++ b/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/GrpcServerUtils.java @@ -8,6 +8,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -21,7 +22,6 @@ import java.net.URI; import java.net.URISyntaxException; import java.util.HashSet; -import java.util.Map; import java.util.Set; public class GrpcServerUtils { @@ -71,7 +71,8 @@ public static void preprocessSecurityHook(ServerStream_Instrumentat securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)) + , RequestCategory.GRPC); if (call.getAttributes().get(Grpc.TRANSPORT_ATTR_SSL_SESSION) != null) { securityRequest.setProtocol("https"); diff --git a/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/client/GrpcClient.java b/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/client/GrpcClient.java index cc544b482..3ade38035 100644 --- a/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/client/GrpcClient.java +++ b/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/client/GrpcClient.java @@ -7,6 +7,7 @@ import com.google.protobuf.Message; import com.google.protobuf.util.JsonFormat; import com.newrelic.agent.security.instrumentation.grpc1400.GrpcServerUtils; +import com.newrelic.agent.security.instrumentation.grpc1400.processor.GrpcRequestProcessor; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GrpcHelper; import com.newrelic.api.agent.security.schema.ControlCommandDto; @@ -56,8 +57,10 @@ protected ManagedChannel initialValue() { } }; - public Object fireRequest(ControlCommandDto controlCommandDto, int repeatCount) { + public Object fireRequest(GrpcRequestProcessor grpcRequestProcessor) { FuzzRequestBean requestBean = null; + ControlCommandDto controlCommandDto = grpcRequestProcessor.getControlCommandDto(); + int repeatCount = grpcRequestProcessor.getRepeatCount(); try { requestBean = controlCommandDto.getRequestBean(); List payloads = controlCommandDto.getRequestPayloads(); @@ -84,13 +87,21 @@ public Object fireRequest(ControlCommandDto controlCommandDto, int repeatCount) isSuccess = customBiDiStream(channel, requestBean, payloads); break; } + grpcRequestProcessor.setSuccessful(true); + return isSuccess; } catch (InterruptedException e) { + grpcRequestProcessor.setExceptionRaised(true); + grpcRequestProcessor.setError(e); + if (repeatCount >= 0) { - return fireRequest(controlCommandDto, --repeatCount); + return fireRequest(grpcRequestProcessor); } return false; } catch (Throwable e) { + grpcRequestProcessor.setExceptionRaised(true); + grpcRequestProcessor.setError(e); + return e; } } diff --git a/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/processor/GrpcRequestProcessor.java b/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/processor/GrpcRequestProcessor.java index f9321adad..72a7b5bf0 100644 --- a/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/processor/GrpcRequestProcessor.java +++ b/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/processor/GrpcRequestProcessor.java @@ -1,13 +1,9 @@ package com.newrelic.agent.security.instrumentation.grpc1400.processor; import com.newrelic.agent.security.instrumentation.grpc1400.client.GrpcClient; -import com.newrelic.api.agent.security.NewRelicSecurity; -import com.newrelic.api.agent.security.instrumentation.helpers.GrpcClientRequestReplayHelper; import com.newrelic.api.agent.security.schema.ControlCommandDto; -import com.newrelic.api.agent.security.utils.logging.LogLevel; import java.util.concurrent.Callable; -import java.util.concurrent.Future; public class GrpcRequestProcessor implements Callable { public static final String CALL_FAILED_REQUEST_S_REASON = "Call failed : request %s reason : "; @@ -15,6 +11,14 @@ public class GrpcRequestProcessor implements Callable { private int repeatCount; private static final int MAX_REPETITION = 3; + private boolean isSuccessful = false; + + private int responseCode; + + private boolean exceptionRaised = false; + + private Throwable error; + public GrpcRequestProcessor(ControlCommandDto controlCommandDto, int repeatCount) { this.controlCommandDto = controlCommandDto; this.repeatCount = repeatCount; @@ -22,33 +26,55 @@ public GrpcRequestProcessor(ControlCommandDto controlCommandDto, int repeatCount @Override public Object call() throws Exception { - return GrpcClient.getInstance().fireRequest(controlCommandDto, repeatCount); + return GrpcClient.getInstance().fireRequest(this); } public static void executeGrpcRequest(ControlCommandDto controlCommandDto) { - Future future = GrpcRequestThreadPool.getInstance().executor + GrpcRequestThreadPool.getInstance().executor .submit(new GrpcRequestProcessor(controlCommandDto, MAX_REPETITION)); - try { - Object futureResult = future.get(); - if (futureResult instanceof Throwable) { - NewRelicSecurity.getAgent().log(LogLevel.FINER, String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getRequestBean()), (Throwable) futureResult, GrpcClient.class.getName()); - NewRelicSecurity.getAgent().reportIncident(LogLevel.WARNING, - String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getId()), - (Throwable) futureResult, GrpcClient.class.getName()); - GrpcClientRequestReplayHelper.getInstance().addFuzzFailEventToQueue(controlCommandDto.getRequestBean(), (Throwable) futureResult); - } else { - GrpcClientRequestReplayHelper.getInstance().getPendingIds().remove(controlCommandDto.getId()); - } - } catch (Throwable e) { - NewRelicSecurity.getAgent().log(LogLevel.SEVERE, String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getRequestBean()), e, GrpcRequestProcessor.class.getName()); - NewRelicSecurity.getAgent().reportIncident(LogLevel.SEVERE, - String.format(CALL_FAILED_REQUEST_S_REASON, controlCommandDto.getId()), - e, GrpcRequestProcessor.class.getName()); - GrpcClientRequestReplayHelper.getInstance().addFuzzFailEventToQueue(controlCommandDto.getRequestBean(), e); - } } public ControlCommandDto getPartialControlCommand() { return controlCommandDto; } + + public void setSuccessful(boolean successful) { + isSuccessful = successful; + } + + public void setResponseCode(int responseCode) { + this.responseCode = responseCode; + } + + public void setExceptionRaised(boolean exceptionRaised) { + this.exceptionRaised = exceptionRaised; + } + + public void setError(Throwable error) { + this.error = error; + } + + public ControlCommandDto getControlCommandDto() { + return controlCommandDto; + } + + public int getRepeatCount() { + return repeatCount; + } + + public boolean isSuccessful() { + return isSuccessful; + } + + public int getResponseCode() { + return responseCode; + } + + public boolean isExceptionRaised() { + return exceptionRaised; + } + + public Throwable getError() { + return error; + } } \ No newline at end of file diff --git a/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/processor/GrpcRequestThreadPool.java b/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/processor/GrpcRequestThreadPool.java index 1e23a656b..9b0445fd5 100644 --- a/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/processor/GrpcRequestThreadPool.java +++ b/instrumentation-security/grpc-1.40.0/src/main/java/com/newrelic/agent/security/instrumentation/grpc1400/processor/GrpcRequestThreadPool.java @@ -5,10 +5,9 @@ import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.utils.logging.LogLevel; -import java.util.HashSet; +import java.io.InterruptedIOException; import java.util.concurrent.BlockingQueue; import java.util.concurrent.Callable; -import java.util.concurrent.ExecutionException; import java.util.concurrent.LinkedBlockingQueue; import java.util.concurrent.RunnableFuture; import java.util.concurrent.ThreadFactory; @@ -47,21 +46,22 @@ protected void afterExecute(Runnable r, Throwable t) { GrpcClientRequestReplayHelper.getInstance().setInProcessRequestQueue(getQueue()); String controlCommandId = null; if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof GrpcRequestProcessor) { - Object result = (Object) ((CustomFutureTask) r).get(); GrpcRequestProcessor task = (GrpcRequestProcessor) ((CustomFutureTask) r).getTask(); controlCommandId = task.getPartialControlCommand().getId(); - if (t != null || result != null) { - if (StringUtils.isNotBlank(controlCommandId)) { - GrpcClientRequestReplayHelper.getInstance().getRejectedIds().add(controlCommandId); - } + if (task.isSuccessful()) { + GrpcClientRequestReplayHelper.getInstance().getCompletedReplay().add(controlCommandId); + } else if (task.isExceptionRaised() && task.getError() instanceof InterruptedIOException) { + GrpcClientRequestReplayHelper.getInstance().getClearFromPending().add(controlCommandId); + } else if(task.isExceptionRaised()) { + GrpcClientRequestReplayHelper.getInstance().getErrorInReplay().add(controlCommandId); } else { - GrpcClientRequestReplayHelper.getInstance().getProcessedIds().putIfAbsent(controlCommandId, new HashSet<>()); + GrpcClientRequestReplayHelper.getInstance().getClearFromPending().add(controlCommandId); + } + if (StringUtils.isBlank(controlCommandId)) { + GrpcClientRequestReplayHelper.getInstance().getRejectedIds().add(controlCommandId); } } - if (StringUtils.isNotBlank(controlCommandId)) { - GrpcClientRequestReplayHelper.getInstance().getPendingIds().remove(controlCommandId); - } - } catch (InterruptedException | ExecutionException e) { + } catch (Exception e) { } } diff --git a/instrumentation-security/jersey-2.16/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java b/instrumentation-security/jersey-2.16/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java index 6264c6ee4..1e5b0235a 100644 --- a/instrumentation-security/jersey-2.16/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java +++ b/instrumentation-security/jersey-2.16/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java @@ -4,10 +4,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; -import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.newrelic.api.agent.security.schema.HttpRequest; -import com.newrelic.api.agent.security.schema.SecurityMetaData; -import com.newrelic.api.agent.security.schema.StringUtils; +import com.newrelic.api.agent.security.schema.*; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; @@ -78,7 +75,7 @@ public static void preprocessSecurityHook(ContainerRequest requestContext) { securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setUrl(requestContext.getRequestUri().toString()); diff --git a/instrumentation-security/jersey-2/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java b/instrumentation-security/jersey-2/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java index 4f3468aa5..9e9649638 100644 --- a/instrumentation-security/jersey-2/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java +++ b/instrumentation-security/jersey-2/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java @@ -4,10 +4,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; -import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.newrelic.api.agent.security.schema.HttpRequest; -import com.newrelic.api.agent.security.schema.SecurityMetaData; -import com.newrelic.api.agent.security.schema.StringUtils; +import com.newrelic.api.agent.security.schema.*; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; @@ -80,7 +77,7 @@ public static void preprocessSecurityHook(ContainerRequest requestContext) { securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setUrl(requestContext.getRequestUri().toString()); diff --git a/instrumentation-security/jersey-3/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java b/instrumentation-security/jersey-3/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java index a80932212..4eaed52b2 100644 --- a/instrumentation-security/jersey-3/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java +++ b/instrumentation-security/jersey-3/src/main/java/com/newrelic/agent/security/instrumentation/jersey2/HttpRequestHelper.java @@ -4,10 +4,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; -import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.newrelic.api.agent.security.schema.HttpRequest; -import com.newrelic.api.agent.security.schema.SecurityMetaData; -import com.newrelic.api.agent.security.schema.StringUtils; +import com.newrelic.api.agent.security.schema.*; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; @@ -78,7 +75,7 @@ public static void preprocessSecurityHook(ContainerRequest requestContext) { securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setUrl(requestContext.getRequestUri().toString()); diff --git a/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/HttpServletHelper.java b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/HttpServletHelper.java index 82c335842..a48724fa2 100644 --- a/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/HttpServletHelper.java +++ b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/HttpServletHelper.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -16,7 +17,6 @@ import java.util.Arrays; import java.util.Enumeration; -import java.util.Map; public class HttpServletHelper { @@ -138,7 +138,7 @@ public static void preprocessSecurityHook(HttpServletRequest httpServletRequest) securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/jetty-12/src/main/java/com/newrelic/agent/security/instrumentation/jetty12/server/HttpServletHelper.java b/instrumentation-security/jetty-12/src/main/java/com/newrelic/agent/security/instrumentation/jetty12/server/HttpServletHelper.java index 8832268de..303a1157c 100644 --- a/instrumentation-security/jetty-12/src/main/java/com/newrelic/agent/security/instrumentation/jetty12/server/HttpServletHelper.java +++ b/instrumentation-security/jetty-12/src/main/java/com/newrelic/agent/security/instrumentation/jetty12/server/HttpServletHelper.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -18,7 +19,6 @@ import java.util.Arrays; import java.util.Iterator; -import java.util.Map; import java.util.Set; public class HttpServletHelper { @@ -142,7 +142,7 @@ public static void preprocessSecurityHook(Request request) { securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(request.getHttpURI().getScheme()); diff --git a/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/HttpServletHelper.java b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/HttpServletHelper.java index 5da129373..8268db78a 100644 --- a/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/HttpServletHelper.java +++ b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/HttpServletHelper.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -16,7 +17,6 @@ import javax.servlet.http.HttpServletResponse; import java.util.Arrays; import java.util.Enumeration; -import java.util.Map; public class HttpServletHelper { @@ -138,7 +138,7 @@ public static void preprocessSecurityHook(HttpServletRequest httpServletRequest) securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java index 101e44fb4..b04f5ce8e 100644 --- a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java +++ b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -72,7 +73,7 @@ private static void preprocessSecurityHook(HttpRequestContext requestContext) { MuleHelper.processHttpRequestHeader(httpRequest, securityRequest); securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(requestContext.getScheme()); securityRequest.setUrl(httpRequest.getUri()); diff --git a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java index 4af0d5319..820804a28 100644 --- a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java +++ b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -66,7 +67,7 @@ private void preprocessSecurityHook(HttpRequestContext requestContext) { MuleHelper.processHttpRequestHeader(httpRequest, securityRequest); securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(requestContext.getScheme()); securityRequest.setUrl(httpRequest.getUri()); diff --git a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java index ed68bd37b..fcdd980b4 100644 --- a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java +++ b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -72,7 +73,7 @@ private static void preprocessSecurityHook(HttpRequestContext requestContext) { MuleHelper.processHttpRequestHeader(httpRequest, securityRequest); securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(requestContext.getScheme()); securityRequest.setUrl(httpRequest.getUri()); diff --git a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java index 9c1c2ad33..d4e48fb62 100644 --- a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java +++ b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -66,7 +67,7 @@ private void preprocessSecurityHook(HttpRequestContext requestContext) { MuleHelper.processHttpRequestHeader(httpRequest, securityRequest); securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(requestContext.getScheme()); securityRequest.setUrl(httpRequest.getUri()); diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java index ef91005d1..0f05c6ce2 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -69,7 +70,7 @@ private void preprocessSecurityHook(ServletRequest request, ServletResponse resp securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java index 96c187744..cbe1adb55 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -71,7 +72,7 @@ private void preprocessSecurityHook(ServletRequest request, ServletResponse resp securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java index ca6959ae0..d26e79ba3 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java @@ -13,6 +13,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -75,7 +76,7 @@ private void preprocessSecurityHook(ServletRequest_Instrumentation request, Serv securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java index 6d30b78d9..0ac623d42 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -69,7 +70,7 @@ private void preprocessSecurityHook(ServletRequest request, ServletResponse resp securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java index 7586a1043..dd9995cfb 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -70,7 +71,7 @@ private void preprocessSecurityHook(ServletRequest request, ServletResponse resp securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java index f1e0e18c5..806a5e606 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java @@ -13,6 +13,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -75,7 +76,7 @@ private void preprocessSecurityHook(ServletRequest_Instrumentation request, Serv securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java index 757b56f4f..011b1e850 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -69,7 +70,7 @@ private void preprocessSecurityHook(ServletRequest request, ServletResponse resp securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java index 8b757e62d..3e40b86d4 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -70,7 +71,7 @@ private void preprocessSecurityHook(ServletRequest request, ServletResponse resp securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java index 6a06730bf..a3c4ef79f 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java @@ -13,6 +13,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -75,7 +76,7 @@ private void preprocessSecurityHook(ServletRequest_Instrumentation request, Serv securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(httpServletRequest.getScheme()); securityRequest.setUrl(httpServletRequest.getRequestURI()); diff --git a/instrumentation-security/sun-net-httpserver/src/main/java/com/sun/net/httpserver/Filter_Instrumentation.java b/instrumentation-security/sun-net-httpserver/src/main/java/com/sun/net/httpserver/Filter_Instrumentation.java index 6f27c4477..627215040 100644 --- a/instrumentation-security/sun-net-httpserver/src/main/java/com/sun/net/httpserver/Filter_Instrumentation.java +++ b/instrumentation-security/sun-net-httpserver/src/main/java/com/sun/net/httpserver/Filter_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -61,7 +62,7 @@ private void preprocessSecurityHook(HttpExchange exchange) { HttpServerHelper.processHttpRequestHeaders(exchange.getRequestHeaders(), securityRequest); securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(HttpServerHelper.getProtocol(exchange)); securityRequest.setUrl(String.valueOf(exchange.getRequestURI())); diff --git a/instrumentation-security/sun-net-httpserver/src/main/java/com/sun/net/httpserver/HttpHandler_Instrumentation.java b/instrumentation-security/sun-net-httpserver/src/main/java/com/sun/net/httpserver/HttpHandler_Instrumentation.java index 6ca9fc78e..abc8e25a9 100644 --- a/instrumentation-security/sun-net-httpserver/src/main/java/com/sun/net/httpserver/HttpHandler_Instrumentation.java +++ b/instrumentation-security/sun-net-httpserver/src/main/java/com/sun/net/httpserver/HttpHandler_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; @@ -61,7 +62,7 @@ private void preprocessSecurityHook(HttpExchange exchange) { HttpServerHelper.processHttpRequestHeaders(exchange.getRequestHeaders(), securityRequest); securityMetaData.setTracingHeaderValue(ServletHelper.getTraceHeader(securityRequest.getHeaders())); - NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class))); + NewRelicSecurity.getAgent().setEmptyIastDataRequestEntry(ServletHelper.iastDataRequestAddEmptyEntry(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getTracingHeaderValue(), securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)), RequestCategory.HTTP); securityRequest.setProtocol(HttpServerHelper.getProtocol(exchange)); securityRequest.setUrl(String.valueOf(exchange.getRequestURI())); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java index f9fb4e45f..6bd38f6b5 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java @@ -215,9 +215,12 @@ public void dispatchEvent(AbstractOperation operation, SecurityMetaData security String parentId = securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); if (StringUtils.isNotBlank(parentId)) { if (securityMetaData.getRequest().getIsGrpc()) { - GrpcClientRequestReplayHelper.getInstance().getProcessedIds().putIfAbsent(parentId, new HashSet<>()); if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { - GrpcClientRequestReplayHelper.getInstance().registerEventForProcessedCC(parentId, operation.getExecutionId()); + String originAppUUID = securityMetaData.getFuzzRequestIdentifier().getOriginApplicationUUID(); + if(StringUtils.isBlank(originAppUUID)){ + originAppUUID = AgentInfo.getInstance().getApplicationUUID(); + } + GrpcClientRequestReplayHelper.getInstance().registerEventForProcessedCC(parentId, operation.getExecutionId(), originAppUUID); } } else { if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java index d51431777..4177fffc8 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java @@ -13,6 +13,7 @@ import java.time.Instant; import java.util.HashMap; +import java.util.HashSet; import java.util.Map; import java.util.Set; import java.util.concurrent.Executors; @@ -73,7 +74,6 @@ private void task() { int currentFetchThreshold = NewRelic.getAgent().getConfig() .getValue(SECURITY_POLICY_VULNERABILITY_SCAN_IAST_SCAN_PROBING_THRESHOLD, 300); - //TODO Update MicrosService Arch int remainingRecordCapacityRest = RestRequestThreadPool.getInstance().getQueue().remainingCapacity(); int currentRecordBacklogRest = RestRequestThreadPool.getInstance().getQueue().size(); int remainingRecordCapacityGrpc = GrpcClientRequestReplayHelper.getInstance().getRequestQueue().remainingCapacity(); @@ -92,9 +92,9 @@ private void task() { request.setBatchSize(batchSize); request.setGeneratedEvent(getEffectiveCompletedRequests()); - request.setClearFromPending(RestRequestThreadPool.getInstance().getClearFromPending()); - request.setCompletedReplay(RestRequestThreadPool.getInstance().getCompletedReplay()); - request.setErrorInReplay(RestRequestThreadPool.getInstance().getErrorInReplay()); + request.setClearFromPending(getEffectiveClearFromPending()); + request.setCompletedReplay(getEffectiveCompletedReplay()); + request.setErrorInReplay(getEffectiveErrorInReplay()); WSClient.getInstance().send(request.toString()); } } catch (Throwable e) { @@ -104,20 +104,52 @@ private void task() { } } + private Set getEffectiveErrorInReplay() { + Set errorInReplay = new HashSet<>(); + errorInReplay.addAll(RestRequestThreadPool.getInstance().getErrorInReplay()); + errorInReplay.addAll(GrpcClientRequestReplayHelper.getInstance().getErrorInReplay()); + return errorInReplay; + } + + private Set getEffectiveCompletedReplay() { + Set effectiveReplay = new HashSet<>(); + effectiveReplay.addAll(RestRequestThreadPool.getInstance().getCompletedReplay()); + effectiveReplay.addAll(GrpcClientRequestReplayHelper.getInstance().getCompletedReplay()); + return effectiveReplay; + } + + private Set getEffectiveClearFromPending() { + Set effectiveClearFromPending = new HashSet<>(); + effectiveClearFromPending.addAll(RestRequestThreadPool.getInstance().getClearFromPending()); + effectiveClearFromPending.addAll(GrpcClientRequestReplayHelper.getInstance().getClearFromPending()); + return effectiveClearFromPending; + } + private Map>> getEffectiveCompletedRequests() { Map>> generatedEvents = new HashMap<>(); - generatedEvents.putAll(RestRequestThreadPool.getInstance().getGeneratedEvents()); + for (String rejectedId : RestRequestThreadPool.getInstance().getRejectedIds()) { - for (Map.Entry>> applicationMap : generatedEvents.entrySet()) { + for (Map.Entry>> applicationMap : RestRequestThreadPool.getInstance().getGeneratedEvent().entrySet()) { applicationMap.getValue().remove(rejectedId); } } + generatedEvents.putAll(RestRequestThreadPool.getInstance().getGeneratedEvent()); RestRequestThreadPool.getInstance().getRejectedIds().clear(); + for (String rejectedId : GrpcClientRequestReplayHelper.getInstance().getRejectedIds()) { - for (Map.Entry>> applicationMap : generatedEvents.entrySet()) { + for (Map.Entry>> applicationMap : GrpcClientRequestReplayHelper.getInstance().getGeneratedEvent().entrySet()) { applicationMap.getValue().remove(rejectedId); } } + + for (Map.Entry>> applicationMap : GrpcClientRequestReplayHelper.getInstance().getGeneratedEvent().entrySet()) { + if(generatedEvents.containsKey(applicationMap.getKey())){ + generatedEvents.get(applicationMap.getKey()).putAll(applicationMap.getValue()); + } else { + generatedEvents.put(applicationMap.getKey(),applicationMap.getValue()); + } + } + GrpcClientRequestReplayHelper.getInstance().getRejectedIds().clear(); return generatedEvents; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index 4f9523b19..6a62d9c21 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -43,12 +43,12 @@ public class RestRequestThreadPool { * "ORIGIN_APPUUID_1" : {"FUZZ_ID_1":["EVENT_ID_1"], "FUZZ_ID_2":["EVENT_ID_2"]}, * } * */ - private final Map>> generatedEvents = new ConcurrentHashMap(); + private final Map>> generatedEvent = new ConcurrentHashMap(); public void resetIASTProcessing() { - getAllControlCommandID(generatedEvents); - generatedEvents.clear(); + getAllControlCommandID(generatedEvent); + generatedEvent.clear(); completedReplay.clear(); clearFromPending.clear(); errorInReplay.clear(); @@ -180,18 +180,16 @@ public void registerEventForProcessedCC(String controlCommandId, String eventId, if(StringUtils.isAnyBlank(controlCommandId, eventId)){ return; } - if(!generatedEvents.containsKey(originAppUuid)){ - logger.log(LogLevel.FINE, String.format("Entry from map of generatedEvents for %s is missing. generatedEvents are : %s", originAppUuid, generatedEvents), RestRequestThreadPool.class.getName()); + if(!generatedEvent.containsKey(originAppUuid)){ + logger.log(LogLevel.FINE, String.format("Entry from map of generatedEvents for %s is missing. generatedEvents are : %s", originAppUuid, generatedEvent), RestRequestThreadPool.class.getName()); } - if(generatedEvents.get(originAppUuid).containsKey(controlCommandId)) { - generatedEvents.get(originAppUuid).get(controlCommandId).add(eventId); - } else { - System.out.println("controlCommandId is not present for : "+controlCommandId); + if(generatedEvent.get(originAppUuid).containsKey(controlCommandId)) { + generatedEvent.get(originAppUuid).get(controlCommandId).add(eventId); } } - public Map>> getGeneratedEvents() { - return generatedEvents; + public Map>> getGeneratedEvent() { + return generatedEvent; } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java index e67b88a30..d74e89b50 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java @@ -261,10 +261,8 @@ public void run() { controlCommand.getArguments().size()), this.getClass().getName()); logger.log(LogLevel.FINEST, String.format(PURGING_CONFIRMED_IAST_PROCESSED_RECORDS_S, controlCommand.getArguments()), this.getClass().getName()); - //TODO Update MicrosService Arch IASTDataTransferRequest requestForPurge = objectMapper.convertValue(controlCommand.getData(), IASTDataTransferRequest.class); purgeIastDataTransferRequest(requestForPurge); - controlCommand.getArguments().forEach(GrpcClientRequestReplayHelper.getInstance().getProcessedIds()::remove); break; default: logger.log(LogLevel.WARNING, String.format(UNKNOWN_CONTROL_COMMAND_S, controlCommandMessage), @@ -274,10 +272,21 @@ public void run() { } private static void purgeIastDataTransferRequest(IASTDataTransferRequest requestForPurge) { + + GrpcClientRequestReplayHelper.getInstance().getCompletedReplay().removeAll(requestForPurge.getCompletedReplay()); + GrpcClientRequestReplayHelper.getInstance().getErrorInReplay().removeAll(requestForPurge.getErrorInReplay()); + GrpcClientRequestReplayHelper.getInstance().getClearFromPending().removeAll(requestForPurge.getClearFromPending()); + for (Map.Entry>> applicationMap : GrpcClientRequestReplayHelper.getInstance().getGeneratedEvent().entrySet()) { + String originAppUUID = applicationMap.getKey(); + Map> purgeApplicationMap = requestForPurge.getGeneratedEvent().get(originAppUUID); + purgeApplicationMap.forEach(applicationMap.getValue()::remove); + } + + RestRequestThreadPool.getInstance().getCompletedReplay().removeAll(requestForPurge.getCompletedReplay()); RestRequestThreadPool.getInstance().getErrorInReplay().removeAll(requestForPurge.getErrorInReplay()); RestRequestThreadPool.getInstance().getClearFromPending().removeAll(requestForPurge.getClearFromPending()); - for (Map.Entry>> applicationMap : RestRequestThreadPool.getInstance().getGeneratedEvents().entrySet()) { + for (Map.Entry>> applicationMap : RestRequestThreadPool.getInstance().getGeneratedEvent().entrySet()) { String originAppUUID = applicationMap.getKey(); Map> purgeApplicationMap = requestForPurge.getGeneratedEvent().get(originAppUUID); purgeApplicationMap.forEach(applicationMap.getValue()::remove); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 0be4e07a0..77919fcbf 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -684,7 +684,20 @@ public String decryptAndVerify(String encryptedData, String hashVerifier) { } @Override - public void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry fuzzRequestEmptyEntry) { + public void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry fuzzRequestEmptyEntry, RequestCategory category) { + switch (category) { + case GRPC: + setEmptyIastDataRequestEntry(fuzzRequestEmptyEntry, GrpcClientRequestReplayHelper.getInstance().getGeneratedEvent()); + break; + case HTTP: + default: + setEmptyIastDataRequestEntry(fuzzRequestEmptyEntry, RestRequestThreadPool.getInstance().getGeneratedEvent()); + break; + } + } + + + private void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry fuzzRequestEmptyEntry, Map>> generatedEvent) { String currentEntityGuid = AgentInfo.getInstance().getLinkingMetadata().getOrDefault(INRSettingsKey.NR_ENTITY_GUID, StringUtils.EMPTY); String originAppUUID = fuzzRequestEmptyEntry.getOriginAppUuid(); if(StringUtils.isBlank(originAppUUID)){ @@ -692,13 +705,14 @@ public void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry fuzzRequestEmptyE } String shaDigestOfCurrentEntityGuid = HashGenerator.getSHA256HexDigest(currentEntityGuid); if(StringUtils.equals(shaDigestOfCurrentEntityGuid, fuzzRequestEmptyEntry.getOriginEntityGuid())){ - if(RestRequestThreadPool.getInstance().getGeneratedEvents().containsKey(originAppUUID)) { - RestRequestThreadPool.getInstance().getGeneratedEvents().get(originAppUUID).put(fuzzRequestEmptyEntry.getControlCommandId(), ConcurrentHashMap.newKeySet()); + if(generatedEvent.containsKey(originAppUUID)) { + generatedEvent.get(originAppUUID).put(fuzzRequestEmptyEntry.getControlCommandId(), ConcurrentHashMap.newKeySet()); } else { Map> emptyEntry = new ConcurrentHashMap<>(); emptyEntry.put(fuzzRequestEmptyEntry.getControlCommandId(), ConcurrentHashMap.newKeySet()); - RestRequestThreadPool.getInstance().getGeneratedEvents().put(originAppUUID, emptyEntry); + generatedEvent.put(originAppUUID, emptyEntry); } } } + } \ No newline at end of file diff --git a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java index f1f840ae5..a2708cb6c 100644 --- a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -4,6 +4,7 @@ import com.newrelic.api.agent.Transaction; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.FuzzRequestEmptyEntry; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.operation.FileIntegrityOperation; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; @@ -194,7 +195,8 @@ public String decryptAndVerify(String encryptedData, String hashVerifier) { } @Override - public void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry emptyEntry) { + public void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry fuzzRequestEmptyEntry, RequestCategory category) { } + } \ No newline at end of file diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java index 3de9fc53d..3e0d40c20 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java @@ -9,6 +9,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.FuzzRequestEmptyEntry; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import com.newrelic.api.agent.security.utils.logging.LogLevel; @@ -17,6 +18,7 @@ import java.net.URL; import java.util.Collections; import java.util.Map; +import java.util.Set; /** * Provides NoOps for API objects to avoid returning null. Do not call these objects directly. @@ -127,7 +129,7 @@ public String decryptAndVerify(String encryptedData, String hashVerifier) { } @Override - public void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry emptyEntry) { + public void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry fuzzRequestEmptyEntry, RequestCategory category) { } diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java index a90781783..3740e8355 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java @@ -9,6 +9,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.FuzzRequestEmptyEntry; +import com.newrelic.api.agent.security.schema.RequestCategory; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import com.newrelic.api.agent.security.utils.logging.LogLevel; @@ -70,5 +71,5 @@ public interface SecurityAgent { String decryptAndVerify(String encryptedData, String hashVerifier); - void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry emptyEntry); + void setEmptyIastDataRequestEntry(FuzzRequestEmptyEntry fuzzRequestEmptyEntry, RequestCategory category); } diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/GrpcClientRequestReplayHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/GrpcClientRequestReplayHelper.java index 5fef7c098..d977ee34d 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/GrpcClientRequestReplayHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/GrpcClientRequestReplayHelper.java @@ -1,8 +1,10 @@ package com.newrelic.api.agent.security.instrumentation.helpers; +import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.schema.ControlCommandDto; import com.newrelic.api.agent.security.schema.FuzzRequestBean; import com.newrelic.api.agent.security.schema.StringUtils; +import com.newrelic.api.agent.security.utils.logging.LogLevel; import java.util.Collections; import java.util.Map; @@ -17,9 +19,23 @@ public class GrpcClientRequestReplayHelper { private BlockingQueue inProcessRequestQueue = new LinkedBlockingQueue(1000); private BlockingQueue> fuzzFailRequestQueue = new LinkedBlockingQueue(1000); private boolean isGrpcRequestExecutorStarted = false; - private final Map> processedIds = new ConcurrentHashMap(); - private final Set pendingIds = ConcurrentHashMap.newKeySet(); + private final Set rejectedIds = ConcurrentHashMap.newKeySet(); + + private Set completedReplay = ConcurrentHashMap.newKeySet(); + + private Set errorInReplay = ConcurrentHashMap.newKeySet(); + + private Set clearFromPending = ConcurrentHashMap.newKeySet(); + + /** + * "generatedEvents": + * { + * "ORIGIN_APPUUID_1" : {"FUZZ_ID_1":["EVENT_ID_1"], "FUZZ_ID_2":["EVENT_ID_2"]}, + * } + * */ + private final Map>> generatedEvent = new ConcurrentHashMap(); + private static final AtomicBoolean isWaiting = new AtomicBoolean(false); public static GrpcClientRequestReplayHelper getInstance(){ @@ -30,11 +46,22 @@ private static final class InstanceHolder { static final GrpcClientRequestReplayHelper instance = new GrpcClientRequestReplayHelper(); } - //TODO Update MicrosService Arch + private void getAllControlCommandID(Map>> generatedEvents) { + if(generatedEvents == null || generatedEvents.isEmpty()) { + return; + } + + for (Map> applicationMap : generatedEvents.values()) { + rejectedIds.addAll(applicationMap.keySet()); + } + } + public void resetIASTProcessing() { - rejectedIds.addAll(processedIds.keySet()); - processedIds.clear(); - pendingIds.clear(); + getAllControlCommandID(generatedEvent); + generatedEvent.clear(); + completedReplay.clear(); + clearFromPending.clear(); + errorInReplay.clear(); requestQueue.clear(); } @@ -82,33 +109,48 @@ public Map getSingleRequestFromFuzzFailRequestQueue( return fuzzFailRequestQueue.take(); } - public Map> getProcessedIds() { - return processedIds; - } - public Set getRejectedIds() { return rejectedIds; } - public Set getPendingIds() { - return pendingIds; - } - - public void registerEventForProcessedCC(String controlCommandId, String eventId) { - //TODO Update MicrosService Arch + public void registerEventForProcessedCC(String controlCommandId, String eventId, String originAppUuid) { if(StringUtils.isAnyBlank(controlCommandId, eventId)){ return; } - Set registeredEvents = processedIds.get(controlCommandId); - if(registeredEvents != null) { - registeredEvents.add(eventId); + if(!generatedEvent.containsKey(originAppUuid)){ + NewRelicSecurity.getAgent().log(LogLevel.FINE, String.format("Entry from map of generatedEvents for %s is missing. generatedEvents are : %s", originAppUuid, generatedEvent), GrpcClientRequestReplayHelper.class.getName()); } - } - public void removeFromProcessedCC(String controlCommandId) { - //TODO Update MicrosService Arch - if(StringUtils.isNotBlank(controlCommandId)){ - processedIds.remove(controlCommandId); + if(generatedEvent.get(originAppUuid).containsKey(controlCommandId)) { + generatedEvent.get(originAppUuid).get(controlCommandId).add(eventId); } } + + public Set getCompletedReplay() { + return completedReplay; + } + + public void setCompletedReplay(Set completedReplay) { + this.completedReplay = completedReplay; + } + + public Set getErrorInReplay() { + return errorInReplay; + } + + public void setErrorInReplay(Set errorInReplay) { + this.errorInReplay = errorInReplay; + } + + public Set getClearFromPending() { + return clearFromPending; + } + + public void setClearFromPending(Set clearFromPending) { + this.clearFromPending = clearFromPending; + } + + public Map>> getGeneratedEvent() { + return generatedEvent; + } } diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/RequestCategory.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/RequestCategory.java new file mode 100644 index 000000000..216de5910 --- /dev/null +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/RequestCategory.java @@ -0,0 +1,9 @@ +package com.newrelic.api.agent.security.schema; + +public enum RequestCategory { + + HTTP, + + GRPC; + +}