Skip to content

Commit

Permalink
Merge pull request #39 from newrelic/dev
Browse files Browse the repository at this point in the history 
Release v1.1.0
  • Loading branch information
@aayush-ap
aayush-ap authored Mar 26, 2024
2 parents 105ce11 + 299212a commit 97dfc89
Show file tree
Hide file tree
Showing 9 changed files with 82 additions and 16 deletions.
9 changes: 9 additions & 0 deletions Changelog.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,14 @@
# Changelog

## [v1.1.0] - 2024-03-26
### Features
* Functionality to report API endpoints of the application
### Bug fixes
* Updated permissions for file/directory created by security agent
### Miscellaneous chores
* Bumped google.golang.org/protobuf from v1.32.0 to v1.33.0
* Improved logging.

## [v1.0.0] - 2024-02-07
### Changes
* Added env variable to print logs on stdout.
Expand Down
4 changes: 2 additions & 2 deletions instrumentation/csec_grpc/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_grpc
go 1.17

require (
github.com/newrelic/csec-go-agent v1.0.0
github.com/newrelic/csec-go-agent v1.1.0
google.golang.org/grpc v1.58.3
google.golang.org/protobuf v1.32.0
google.golang.org/protobuf v1.33.0
github.com/golang/protobuf v1.5.3
)

Expand Down
2 changes: 1 addition & 1 deletion internal/security_logs/initLogging.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ func InitLogger() *logFile {
}

func EndStage(stageId, logs interface{}) {
print := fmt.Sprintf("[STEP-%s] %s", stageId, logs)
print := fmt.Sprintf("[STEP-%s] => %s", stageId, logs)
PrintInitlog(print)
}
func PrintInitlog(logs interface{}) {
Expand Down
12 changes: 7 additions & 5 deletions internal/security_logs/rotateFileHook.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,21 +38,22 @@ func (config *RotateFileConfig) createLogDir() (io.Writer, error) {
return nil, err
}

err = os.Chmod(config.Filepath, 0777)
err = os.Chmod(config.Filepath, 0770)
if err != nil {
return nil, err
}

err = os.Chmod(filepath.Dir(config.Filepath), 0777)
err = os.Chmod(filepath.Dir(config.Filepath), 0770)
if err != nil {
return nil, err
}

logfile, err := os.OpenFile(config.Filename, os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0777)
logfile, err := os.OpenFile(config.Filename, os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0660)

if err != nil {
return nil, err
}
logfile.Chmod(0660)
return logfile, nil

}
Expand Down Expand Up @@ -112,7 +113,7 @@ func (hook *RotateFileHook) logrollover() error {
pid := secUtils.IntToString(os.Getpid())

if !secUtils.IsFileExist(lockFile) {
err := os.WriteFile(lockFile, []byte(pid), 777)
err := os.WriteFile(lockFile, []byte(pid), 0660)
if err != nil {
return err
}
Expand Down Expand Up @@ -143,7 +144,8 @@ func (hook *RotateFileHook) filerollover() error {
}

timeStamp := time.Now().Unix()
rolloverLogFile, err := os.OpenFile(hook.Config.Filename+"."+strconv.FormatInt(timeStamp, 10), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0777)
rolloverLogFile, err := os.OpenFile(hook.Config.Filename+"."+strconv.FormatInt(timeStamp, 10), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0660)
rolloverLogFile.Chmod(0660)
if err != nil {
return err
}
Expand Down
4 changes: 2 additions & 2 deletions internal/security_utils/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@
package security_utils

const (
CollectorVersion = "1.0.0"
CollectorVersion = "1.1.0"
JsonVersion = "1.1.1"
CollectorType = "GOLANG"
BuildNumber = "157"
BuildNumber = "158"
)
21 changes: 21 additions & 0 deletions security_config/global_config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ var SecureWS secUtils.SecureWSiface

type Info_struct struct {
EventData eventData
ApiData []Urlmappings
ApiDataMutex sync.Mutex
EnvironmentInfo EnvironmentInfo
ApplicationInfo runningApplicationInfo
InstrumentationData Instrumentation
Expand Down Expand Up @@ -131,6 +133,19 @@ func (info *Info_struct) SetBodyLimit(bodyLimit int) {
return
}

func (info *Info_struct) GetApiData() []Urlmappings {
info.ApiDataMutex.Lock()
defer info.ApiDataMutex.Unlock()
return info.ApiData
}

func (info *Info_struct) SetApiData(data Urlmappings) {
info.ApiDataMutex.Lock()
defer info.ApiDataMutex.Unlock()
info.ApiData = append(info.ApiData, data)
return
}

type metaData struct {
linkingMetadata interface{}
accountID string
Expand Down Expand Up @@ -360,6 +375,12 @@ func (e *EventStats) IncreaseEventErrorCount() {
}
}

type Urlmappings struct {
Method string `json:"method"`
Path string `json:"path"`
Handler string `json:"handler"`
}

type EnvironmentInfo struct {
ID string
NodeId string
Expand Down
16 changes: 16 additions & 0 deletions security_event_generation/event_generation.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ func InitHcScheduler() {
logging.EndStage("5", "Security agent components started")
SendSecHealthCheck()
sendBufferLogMessage()
sendUrlMappingEvent()
t := time.NewTicker(5 * time.Minute)
for {
select {
Expand Down Expand Up @@ -251,6 +252,21 @@ func SendFuzzFailEvent(fuzzHeader string) {
}
}

func sendUrlMappingEvent() {
var urlMappingBeen UrlMappingBeen
urlMappingBeen.EventType = "sec-application-url-mapping"
urlMappingBeen.ApplicationIdentifiers = getApplicationIdentifiers("sec-application-url-mapping")
mappings := secConfig.GlobalInfo.GetApiData()
if len(mappings) <= 0 {
return
}
urlMappingBeen.Mappings = secConfig.GlobalInfo.GetApiData()
_, err := sendEvent(urlMappingBeen, "", "")
if err != nil {
logger.Errorln(err)
}
}

func SendVulnerableEvent(req *secUtils.Info_req, category string, args interface{}, vulnerabilityDetails secUtils.VulnerabilityDetails, eventId string) *secUtils.EventTracker {
var tmp_event eventJson

Expand Down
11 changes: 6 additions & 5 deletions security_event_generation/event_generation_utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,8 +176,8 @@ type IASTDataRequestBeen struct {

type UrlMappingBeen struct {
ApplicationIdentifiers
EventType string `json:"eventType"`
Mappings []Urlmappings `json:"mappings"`
EventType string `json:"eventType"`
Mappings interface{} `json:"mappings"`
}

type Urlmappings struct {
Expand Down Expand Up @@ -250,14 +250,15 @@ func populateStatusLogs(service, process map[string]interface{}) {
logger.Errorln(err)
return
}
err = os.Chmod(statusFilePath, 0777)
err = os.Chmod(statusFilePath, 0770)
if err != nil {
SendLogMessage(err.Error(), "populateStatusLogs", "SEVERE")
logger.Errorln(err)
return
}
statusFilePath1 := filepath.Join(statusFilePath, fmt.Sprintf("go-security-collector-status-%s.log", secConfig.GlobalInfo.ApplicationInfo.GetAppUUID()))
f, err := os.OpenFile(statusFilePath1, os.O_RDWR|os.O_CREATE, 0777)
f, err := os.OpenFile(statusFilePath1, os.O_RDWR|os.O_CREATE, 0660)
f.Chmod(0660)
if err != nil {
SendLogMessage(err.Error(), "populateStatusLogs", "SEVERE")
logger.Errorln(err)
Expand Down Expand Up @@ -306,7 +307,7 @@ func wsStatus() string {
}

func isLogAccessible(fileName string) string {
file, err := os.OpenFile(fileName, os.O_WRONLY, 0777)
file, err := os.OpenFile(fileName, os.O_WRONLY, 0660)
if err == nil {
defer file.Close()
return "OK"
Expand Down
19 changes: 18 additions & 1 deletion security_intercept/intercept.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -575,7 +575,7 @@ func createFuzzFile(fuzzheaders string) (tmpFiles []string) {
tmpFiles = append(tmpFiles, fileName)
dir := filepath.Dir(fileName)
if dir != "" {
err := os.MkdirAll(dir, os.ModePerm)
err := os.MkdirAll(dir, 0770)
if err != nil {
logger.Debugln("Error while creating file : ", err.Error())
}
Expand Down Expand Up @@ -726,6 +726,8 @@ func SendEvent(caseType string, data ...interface{}) interface{} {
httpresponseHandler(data...)
case "OUTBOUND":
return outboundcallHandler(data[0])
case "API_END_POINTS":
apiEndPointsHandler(data...)
case "GRPC":
grpcRequestHandler(data...)
case "GRPC_INFO":
Expand Down Expand Up @@ -853,7 +855,22 @@ func grpcRequestHandler(data ...interface{}) {
} else {
secConfig.Secure.AssociateGrpcQueryParam(data[0], "", "v2")
}
}

func apiEndPointsHandler(data ...interface{}) {
if data == nil || !isAgentInitialized() {
return
}
if len(data) >= 3 {
path, _ := data[0].(string)
method, _ := data[1].(string)
handler, _ := data[2].(string)
secConfig.GlobalInfo.SetApiData(secConfig.Urlmappings{
Path: path,
Method: method,
Handler: handler,
})
}
}

func grpcInfoHandler(data ...interface{}) {
Expand Down

0 comments on commit 97dfc89

Please sign in to comment.