From b140956c6b472317874340166f989f0f38f58ae1 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Wed, 24 May 2023 19:30:16 +0530 Subject: [PATCH 01/80] [FEATURE] added instrumentation for commons.jxpath library --- .../commons-jxpath/build.gradle | 20 +++ .../xpath/commons/jxpath/XPATHUtils.java | 9 ++ ...hContextReferenceImpl_Instrumentation.java | 133 ++++++++++++++++++ settings.gradle | 1 + 4 files changed, 163 insertions(+) create mode 100644 instrumentation-security/commons-jxpath/build.gradle create mode 100644 instrumentation-security/commons-jxpath/src/main/java/com/nr/instrumentation/security/xpath/commons/jxpath/XPATHUtils.java create mode 100644 instrumentation-security/commons-jxpath/src/main/java/org/apache/commons/jxpath/ri/compiler/JXPathContextReferenceImpl_Instrumentation.java diff --git a/instrumentation-security/commons-jxpath/build.gradle b/instrumentation-security/commons-jxpath/build.gradle new file mode 100644 index 000000000..c789a3e78 --- /dev/null +++ b/instrumentation-security/commons-jxpath/build.gradle @@ -0,0 +1,20 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("commons-jxpath:commons-jxpath:1.3") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.commons-jxpath' } +} + +verifyInstrumentation { + passesOnly 'commons-jxpath:commons-jxpath:[0,)' +} + + +site { + title 'XPATH' + type 'Messaging' +} \ No newline at end of file diff --git a/instrumentation-security/commons-jxpath/src/main/java/com/nr/instrumentation/security/xpath/commons/jxpath/XPATHUtils.java b/instrumentation-security/commons-jxpath/src/main/java/com/nr/instrumentation/security/xpath/commons/jxpath/XPATHUtils.java new file mode 100644 index 000000000..1cae168f3 --- /dev/null +++ b/instrumentation-security/commons-jxpath/src/main/java/com/nr/instrumentation/security/xpath/commons/jxpath/XPATHUtils.java @@ -0,0 +1,9 @@ +package com.nr.instrumentation.security.xpath.commons.jxpath; + +public class XPATHUtils { + public static final String NR_SEC_CUSTOM_ATTRIB_NAME = "XPATH_OPERATION_LOCK_COMMONS_JXPATH-"; + public static final String METHOD_GETVALUE = "getValue"; + public static final String METHOD_ITERATE = "iterate"; + public static final String METHOD_REMOVE_PATH = "removePath"; + public static final String METHOD_REMOVE_ALL = "removeAll"; +} diff --git a/instrumentation-security/commons-jxpath/src/main/java/org/apache/commons/jxpath/ri/compiler/JXPathContextReferenceImpl_Instrumentation.java b/instrumentation-security/commons-jxpath/src/main/java/org/apache/commons/jxpath/ri/compiler/JXPathContextReferenceImpl_Instrumentation.java new file mode 100644 index 000000000..a0ddb3649 --- /dev/null +++ b/instrumentation-security/commons-jxpath/src/main/java/org/apache/commons/jxpath/ri/compiler/JXPathContextReferenceImpl_Instrumentation.java @@ -0,0 +1,133 @@ +package org.apache.commons.jxpath.ri.compiler; + +import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; +import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.StringUtils; +import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; +import com.newrelic.api.agent.security.schema.operation.XPathOperation; +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.xpath.commons.jxpath.XPATHUtils; +import org.apache.commons.jxpath.ri.EvalContext; + +import java.util.Iterator; + +@Weave(type = MatchType.ExactClass, originalName = "org.apache.commons.jxpath.ri.JXPathContextReferenceImpl") +public class JXPathContextReferenceImpl_Instrumentation { + + public Object getValue(String xpath, Expression expr) { + boolean isLockAcquired = acquireLockIfPossible(); + AbstractOperation operation = null; + if(isLockAcquired) { + operation = preprocessSecurityHook(xpath, XPATHUtils.METHOD_GETVALUE); + } + + Object returnVal = null; + try { + returnVal = Weaver.callOriginal(); + } finally { + if(isLockAcquired){ + releaseLock(); + } + } + registerExitOperation(isLockAcquired, operation); + return returnVal; + } + + public Iterator iterate(String xpath, Expression expr) { + boolean isLockAcquired = acquireLockIfPossible(); + AbstractOperation operation = null; + if(isLockAcquired) { + operation = preprocessSecurityHook(xpath, XPATHUtils.METHOD_ITERATE); + } + + Iterator returnVal = null; + try { + returnVal = Weaver.callOriginal(); + } finally { + if(isLockAcquired){ + releaseLock(); + } + } + registerExitOperation(isLockAcquired, operation); + return returnVal; + } + + public void removePath(String xpath, Expression expr) { + boolean isLockAcquired = acquireLockIfPossible(); + AbstractOperation operation = null; + if(isLockAcquired) { + operation = preprocessSecurityHook(xpath, XPATHUtils.METHOD_REMOVE_PATH); + } + + try { + Weaver.callOriginal(); + } finally { + if(isLockAcquired){ + releaseLock(); + } + } + registerExitOperation(isLockAcquired, operation); + } + + public void removeAll(String xpath, Expression expr) { + boolean isLockAcquired = acquireLockIfPossible(); + AbstractOperation operation = null; + if(isLockAcquired) { + operation = preprocessSecurityHook(xpath, XPATHUtils.METHOD_REMOVE_ALL); + } + + try { + Weaver.callOriginal(); + } finally { + if(isLockAcquired){ + releaseLock(); + } + } + registerExitOperation(isLockAcquired, operation); + } + + private void registerExitOperation(boolean isProcessingAllowed, AbstractOperation operation) { + try { + if (operation == null || !isProcessingAllowed || !NewRelicSecurity.isHookProcessingActive() || + NewRelicSecurity.getAgent().getSecurityMetaData().getRequest().isEmpty() || GenericHelper.skipExistsEvent() + ) { + return; + } + NewRelicSecurity.getAgent().registerExitEvent(operation); + } catch (Throwable ignored){} + } + + private AbstractOperation preprocessSecurityHook (String patternString, String methodName){ + try { + if (!NewRelicSecurity.isHookProcessingActive() || + NewRelicSecurity.getAgent().getSecurityMetaData().getRequest().isEmpty() || + StringUtils.isBlank(patternString)){ + return null; + } + XPathOperation xPathOperation = new XPathOperation(patternString, this.getClass().getName(), methodName); + NewRelicSecurity.getAgent().registerOperation(xPathOperation); + return xPathOperation; + } catch (Throwable e) { + if (e instanceof NewRelicSecurityException) { + throw e; + } + } + return null; + } + + private void releaseLock() { + try { + GenericHelper.releaseLock(XPATHUtils.NR_SEC_CUSTOM_ATTRIB_NAME); + } catch (Throwable ignored) {} + } + + private boolean acquireLockIfPossible() { + try { + return GenericHelper.acquireLockIfPossible(XPATHUtils.NR_SEC_CUSTOM_ATTRIB_NAME); + } catch (Throwable ignored) {} + return false; + } +} diff --git a/settings.gradle b/settings.gradle index d97187553..04a4df3eb 100644 --- a/settings.gradle +++ b/settings.gradle @@ -134,4 +134,5 @@ include 'instrumentation:jdbc-inet-merlia' include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' +include 'instrumentation:commons-jxpath' From 3d6f4158fe04dc401a9030d8f367876cff5611b0 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Wed, 24 May 2023 19:32:29 +0530 Subject: [PATCH 02/80] [TEST] added unit test cases for commons.jxpath library --- .../src/test/java/JXPathTest.java | 101 ++++++++++++++++++ .../src/test/resources/students.xml | 25 +++++ 2 files changed, 126 insertions(+) create mode 100644 instrumentation-security/commons-jxpath/src/test/java/JXPathTest.java create mode 100644 instrumentation-security/commons-jxpath/src/test/resources/students.xml diff --git a/instrumentation-security/commons-jxpath/src/test/java/JXPathTest.java b/instrumentation-security/commons-jxpath/src/test/java/JXPathTest.java new file mode 100644 index 000000000..fa48a72b4 --- /dev/null +++ b/instrumentation-security/commons-jxpath/src/test/java/JXPathTest.java @@ -0,0 +1,101 @@ +import com.newrelic.agent.security.introspec.InstrumentationTestConfig; +import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; +import com.newrelic.agent.security.introspec.SecurityIntrospector; +import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; +import com.newrelic.api.agent.security.schema.operation.XPathOperation; +import org.apache.commons.jxpath.Container; +import org.apache.commons.jxpath.JXPathContext; +import org.apache.commons.jxpath.ri.compiler.Expression; +import org.apache.commons.jxpath.xml.DocumentContainer; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; + +import java.net.URL; +import java.util.List; + +@RunWith(SecurityInstrumentationTestRunner.class) +@InstrumentationTestConfig(includePrefixes = "org.apache.commons.jxpath") +public class JXPathTest { + + @Test + public void testGetValue() { + URL url = JXPathTest.class.getResource("/students.xml"); + + Container container = new DocumentContainer(url); + + JXPathContext context = JXPathContext.newContext(container); + String expr = "/studentClass/student_list/student[@id='1']"; + context.getValue(expr); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + + List operations = introspector.getOperations(); + Assert.assertTrue("No operations detected", operations.size() > 0); + XPathOperation operation = (XPathOperation) operations.get(0); + Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.XPATH, operation.getCaseType()); + Assert.assertEquals("Invalid expression.", expr, operation.getExpression()); + Assert.assertEquals("Invalid method name.", "getValue", operation.getMethodName()); + } + + @Test + public void testIterate() { + URL url = JXPathTest.class.getResource("/students.xml"); + + Container container = new DocumentContainer(url); + + JXPathContext context = JXPathContext.newContext(container); + String expr = "/studentClass"; + context.iterate(expr); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + + List operations = introspector.getOperations(); + Assert.assertTrue("No operations detected", operations.size() > 0); + XPathOperation operation = (XPathOperation) operations.get(0); + Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.XPATH, operation.getCaseType()); + Assert.assertEquals("Invalid expression.", expr, operation.getExpression()); + Assert.assertEquals("Invalid method name.", "iterate", operation.getMethodName()); + } + + @Test + public void testRemovePath() { + URL url = JXPathTest.class.getResource("/students.xml"); + + Container container = new DocumentContainer(url); + + JXPathContext context = JXPathContext.newContext(container); + String expr = "/studentClass/student_list/student[@id='1']"; + context.removePath(expr); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + + List operations = introspector.getOperations(); + Assert.assertTrue("No operations detected", operations.size() > 0); + XPathOperation operation = (XPathOperation) operations.get(0); + Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.XPATH, operation.getCaseType()); + Assert.assertEquals("Invalid expression.", expr, operation.getExpression()); + Assert.assertEquals("Invalid method name.", "removePath", operation.getMethodName()); + } + + @Test + public void testRemoveAll() { + URL url = JXPathTest.class.getResource("/students.xml"); + + Container container = new DocumentContainer(url); + + JXPathContext context = JXPathContext.newContext(container); + String expr = "/studentClass/student_list/student[@id='2']"; + context.removeAll(expr); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + + List operations = introspector.getOperations(); + Assert.assertTrue("No operations detected", operations.size() > 0); + XPathOperation operation = (XPathOperation) operations.get(0); + Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.XPATH, operation.getCaseType()); + Assert.assertEquals("Invalid expression.", expr, operation.getExpression()); + Assert.assertEquals("Invalid method name.", "removeAll", operation.getMethodName()); + } +} diff --git a/instrumentation-security/commons-jxpath/src/test/resources/students.xml b/instrumentation-security/commons-jxpath/src/test/resources/students.xml new file mode 100644 index 000000000..3dcd1862c --- /dev/null +++ b/instrumentation-security/commons-jxpath/src/test/resources/students.xml @@ -0,0 +1,25 @@ + + + MPC + + Maths + Physics + Chemistry + + + + 2 + 2011-09-25T16:41:56.250+05:30 + Sriram + Painting + Kasireddi + + + 26 + 2011-09-25T16:41:56.250+05:30 + Sudhakar + Coding + Kasireddi + + + \ No newline at end of file From 364f66b8c35e03493449562d059a6cd98b294016 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Wed, 24 May 2023 21:52:48 +0530 Subject: [PATCH 03/80] Added application url mapping POJO --- .../schema/ApplicationURLMapping.java | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java new file mode 100644 index 000000000..569b64210 --- /dev/null +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java @@ -0,0 +1,43 @@ +package com.newrelic.api.agent.security.schema; + +public class ApplicationURLMapping { + private String method; + private String url; + + public ApplicationURLMapping(String method, String url) { + this.method = method; + this.url = url; + } + + public String getMethod() { + return method; + } + + public void setMethod(String method) { + this.method = method; + } + + public String getUrl() { + return url; + } + + public void setUrl(String url) { + this.url = url; + } + + public boolean equals(Object obj) { + if (obj == this) { + return true; + } + + if (obj instanceof ApplicationURLMapping) { + ApplicationURLMapping mapping = (ApplicationURLMapping) obj; + return url.equals(mapping.url) && method.equals(mapping.method); + } + return false; + } + + public String toString() { + return "Method: " + method + ", Url: " + url; + } +} From 8f9509ed7f98ba4c204d672c761a2fd9a884eb70 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Wed, 24 May 2023 21:53:29 +0530 Subject: [PATCH 04/80] Added APIs for application url mapping --- .../newrelic/api/agent/security/Agent.java | 44 +++++++++++++++++-- .../newrelic/api/agent/security/Agent.java | 12 +++++ .../api/agent/security/NoOpAgent.java | 14 ++++++ .../api/agent/security/SecurityAgent.java | 6 +++ 4 files changed, 73 insertions(+), 3 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index ed81888e8..82de7db13 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -6,7 +6,12 @@ import com.newrelic.agent.security.instrumentator.dispatcher.Dispatcher; import com.newrelic.agent.security.instrumentator.dispatcher.DispatcherPool; import com.newrelic.agent.security.instrumentator.os.OsVariablesInstance; -import com.newrelic.agent.security.instrumentator.utils.*; +import com.newrelic.agent.security.instrumentator.utils.AgentUtils; +import com.newrelic.agent.security.instrumentator.utils.ApplicationInfoUtils; +import com.newrelic.agent.security.instrumentator.utils.CollectorConfigurationUtils; +import com.newrelic.agent.security.instrumentator.utils.ExecutionIDGenerator; +import com.newrelic.agent.security.instrumentator.utils.HashGenerator; +import com.newrelic.agent.security.instrumentator.utils.INRSettingsKey; import com.newrelic.agent.security.intcodeagent.constants.AgentServices; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; @@ -24,7 +29,14 @@ import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.Transaction; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; -import com.newrelic.api.agent.security.schema.*; +import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.schema.HttpRequest; +import com.newrelic.api.agent.security.schema.K2RequestIdentifier; +import com.newrelic.api.agent.security.schema.SecurityMetaData; +import com.newrelic.api.agent.security.schema.UserClassEntity; +import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import org.apache.commons.lang3.StringUtils; @@ -40,7 +52,10 @@ import java.util.concurrent.atomic.AtomicBoolean; import java.util.logging.Level; -import static com.newrelic.agent.security.intcodeagent.logging.IAgentConstants.*; +import static com.newrelic.agent.security.intcodeagent.logging.IAgentConstants.AGENT_INIT_LOG_STEP_FIVE_END; +import static com.newrelic.agent.security.intcodeagent.logging.IAgentConstants.COM_SUN; +import static com.newrelic.agent.security.intcodeagent.logging.IAgentConstants.STARTED_MODULE_LOG; +import static com.newrelic.agent.security.intcodeagent.logging.IAgentConstants.SUN_REFLECT; public class Agent implements SecurityAgent { @@ -71,6 +86,8 @@ public class Agent implements SecurityAgent { private java.net.URL agentJarURL; private Instrumentation instrumentation; + private static List mappings = new ArrayList<>(); + public static SecurityAgent getInstance() { if(instance == null) { synchronized (lock){ @@ -146,6 +163,18 @@ private void initialise() { info.agentStatTrigger(); System.out.printf("This application instance is now being protected by New Relic Security under id %s\n", info.getApplicationUUID()); + + try { + List mappings = getURLMappings(); + System.out.println("Size :: "+mappings.size()); + + for (ApplicationURLMapping mapping : mappings) { + System.out.println(mapping.getMethod() + " => " + mapping.getUrl()); + } + } + catch (Exception ex){ + ex.printStackTrace(); + } } private BuildInfo readCollectorBuildInfo() { @@ -469,4 +498,13 @@ public void setInitialised(boolean initialised) { public Instrumentation getInstrumentation() { return this.instrumentation; } + + public List getURLMappings() { + return mappings; + } + + public void addURLMapping(ApplicationURLMapping obj) { + if(!mappings.contains(obj)) + this.mappings.add(obj); + } } \ No newline at end of file diff --git a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java index 18045c4ea..3db77abf4 100644 --- a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -3,6 +3,7 @@ import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.Transaction; import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; @@ -10,6 +11,7 @@ import java.net.URL; import java.time.Instant; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; @@ -132,4 +134,14 @@ public Instrumentation getInstrumentation() { return null; } + @Override + public List getURLMappings() { + return null; + } + + @Override + public void addURLMapping(ApplicationURLMapping mapping) { + + } + } \ No newline at end of file diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java index c3131db9b..cb8a75c00 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java @@ -8,11 +8,15 @@ package com.newrelic.api.agent.security; import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import java.lang.instrument.Instrumentation; import java.net.URL; +import java.util.Collection; +import java.util.List; +import java.util.Map; /** * Provides NoOps for API objects to avoid returning null. Do not call these objects directly. @@ -72,4 +76,14 @@ public Instrumentation getInstrumentation() { return null; } + @Override + public List getURLMappings() { + return null; + } + + @Override + public void addURLMapping(ApplicationURLMapping mapping) { + + } + } diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java index bc9ad3dfd..eea8791ca 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java @@ -8,11 +8,13 @@ package com.newrelic.api.agent.security; import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import java.lang.instrument.Instrumentation; import java.net.URL; +import java.util.List; /** * The New Relic Security Java Agent's API. @@ -43,4 +45,8 @@ public interface SecurityAgent { String getAgentTempDir(); Instrumentation getInstrumentation(); + + List getURLMappings(); + + void addURLMapping(ApplicationURLMapping mapping); } From 79e198fa493d2bbfba4fc16363fcfbf48fe5a6d7 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Wed, 24 May 2023 22:03:55 +0530 Subject: [PATCH 05/80] Added settings.gradle --- settings.gradle | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/settings.gradle b/settings.gradle index d97187553..77c8ef7aa 100644 --- a/settings.gradle +++ b/settings.gradle @@ -85,6 +85,9 @@ include 'instrumentation:jdbc-ojdbc-tns-12.1.0.2' include 'instrumentation:jdbc-ojdbc-tns-21.1.0.0' include 'instrumentation:jdbc-ojdbc-tns-21.6.0.0' include 'instrumentation:spring-web' +include 'instrumentation:spring-webmvc-3.1.0' +include 'instrumentation:spring-webmvc-5.3.0' +include 'instrumentation:spring-webflux' include 'instrumentation:http-async-client-4' include 'instrumentation:jax-rs-1.0' include 'instrumentation:jax-rs-3.0' @@ -134,4 +137,6 @@ include 'instrumentation:jdbc-inet-merlia' include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' +include 'instrumentation:apache-struts2' +include 'instrumentation:jersey' From 440f811ac3486bc2ebc13906c88320f564650c87 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Fri, 26 May 2023 17:53:03 +0530 Subject: [PATCH 06/80] send application url mapping to validator Co-authored-by: Harshit Singh Lodha --- .../intcodeagent/logging/IAgentConstants.java | 1 + .../models/javaagent/AgentBasicInfo.java | 3 +++ .../javaagent/ApplicationURLMappings.java | 22 ++++++++++++++++ .../newrelic/api/agent/security/Agent.java | 25 ++++++++---------- .../newrelic/api/agent/security/Agent.java | 1 - .../api/agent/security/NoOpAgent.java | 14 ---------- .../api/agent/security/SecurityAgent.java | 6 ----- .../helpers/URLMappingHelper.java | 26 +++++++++++++++++++ .../schema/ApplicationURLMapping.java | 11 ++++++++ 9 files changed, 74 insertions(+), 35 deletions(-) create mode 100644 newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ApplicationURLMappings.java create mode 100644 newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingHelper.java diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java index b0c296679..04b38b3f2 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java @@ -521,6 +521,7 @@ public interface IAgentConstants { String JSON_NAME_HTTP_CONNECTION_STAT = "http-connection-stat"; String JSON_NAME_EXIT_EVENT = "exit-event"; + String JSON_SEC_APPLICATION_URL_MAPPING = "sec-application-url-mapping"; String INVOKE_0 = "invoke0"; diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/AgentBasicInfo.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/AgentBasicInfo.java index 2412bdfe0..99d27a4af 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/AgentBasicInfo.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/AgentBasicInfo.java @@ -91,6 +91,9 @@ public AgentBasicInfo() { setJsonName(FETCH_POLICY); } else if (this instanceof ExitEventBean) { setJsonName(JSON_NAME_EXIT_EVENT); + } else if (this instanceof ApplicationURLMappings) { + setJsonName(JSON_SEC_APPLICATION_URL_MAPPING); + setEventType(JSON_SEC_APPLICATION_URL_MAPPING); } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ApplicationURLMappings.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ApplicationURLMappings.java new file mode 100644 index 000000000..64078e00b --- /dev/null +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ApplicationURLMappings.java @@ -0,0 +1,22 @@ +package com.newrelic.agent.security.intcodeagent.models.javaagent; + +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +import java.util.Set; + +public class ApplicationURLMappings extends AgentBasicInfo{ + + private Set applicationURLMappings; + + public ApplicationURLMappings(Set applicationURLMappings) { + this.applicationURLMappings = applicationURLMappings; + } + + public Set getApplicationURLMappings() { + return applicationURLMappings; + } + + public void setApplicationURLMappings(Set applicationURLMappings) { + this.applicationURLMappings = applicationURLMappings; + } +} diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 82de7db13..99a27792f 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -17,18 +17,17 @@ import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.logging.HealthCheckScheduleThread; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; +import com.newrelic.agent.security.intcodeagent.models.javaagent.ApplicationURLMappings; import com.newrelic.agent.security.intcodeagent.models.javaagent.ExitEventBean; import com.newrelic.agent.security.intcodeagent.properties.BuildInfo; import com.newrelic.agent.security.intcodeagent.schedulers.FileCleaner; import com.newrelic.agent.security.intcodeagent.schedulers.SchedulerHelper; import com.newrelic.agent.security.intcodeagent.utils.CommonUtils; -import com.newrelic.agent.security.intcodeagent.websocket.EventSendPool; -import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter; -import com.newrelic.agent.security.intcodeagent.websocket.WSClient; -import com.newrelic.agent.security.intcodeagent.websocket.WSReconnectionST; +import com.newrelic.agent.security.intcodeagent.websocket.*; import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.Transaction; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.ApplicationURLMapping; @@ -162,19 +161,17 @@ private void initialise() { startK2Services(); info.agentStatTrigger(); + sendApplicationURLMappings(); + System.out.printf("This application instance is now being protected by New Relic Security under id %s\n", info.getApplicationUUID()); - try { - List mappings = getURLMappings(); - System.out.println("Size :: "+mappings.size()); + } - for (ApplicationURLMapping mapping : mappings) { - System.out.println(mapping.getMethod() + " => " + mapping.getUrl()); - } - } - catch (Exception ex){ - ex.printStackTrace(); - } + private static void sendApplicationURLMappings() { + ApplicationURLMappings applicationURLMappings = new ApplicationURLMappings(URLMappingHelper.getApplicationURLMappings()); + String urlMappings = JsonConverter.toJSON(applicationURLMappings); + logger.logInit(LogLevel.INFO, String.format("Collected application url mappings %s", urlMappings), Agent.class.getName()); + EventSendPool.getInstance().sendEvent(urlMappings); } private BuildInfo readCollectorBuildInfo() { diff --git a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java index 3db77abf4..875d8a0d0 100644 --- a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -11,7 +11,6 @@ import java.net.URL; import java.time.Instant; import java.util.ArrayList; -import java.util.Collection; import java.util.List; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java index cb8a75c00..c3131db9b 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java @@ -8,15 +8,11 @@ package com.newrelic.api.agent.security; import com.newrelic.api.agent.security.schema.AbstractOperation; -import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import java.lang.instrument.Instrumentation; import java.net.URL; -import java.util.Collection; -import java.util.List; -import java.util.Map; /** * Provides NoOps for API objects to avoid returning null. Do not call these objects directly. @@ -76,14 +72,4 @@ public Instrumentation getInstrumentation() { return null; } - @Override - public List getURLMappings() { - return null; - } - - @Override - public void addURLMapping(ApplicationURLMapping mapping) { - - } - } diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java index eea8791ca..bc9ad3dfd 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java @@ -8,13 +8,11 @@ package com.newrelic.api.agent.security; import com.newrelic.api.agent.security.schema.AbstractOperation; -import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import java.lang.instrument.Instrumentation; import java.net.URL; -import java.util.List; /** * The New Relic Security Java Agent's API. @@ -45,8 +43,4 @@ public interface SecurityAgent { String getAgentTempDir(); Instrumentation getInstrumentation(); - - List getURLMappings(); - - void addURLMapping(ApplicationURLMapping mapping); } diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingHelper.java new file mode 100644 index 000000000..4f7f2620c --- /dev/null +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingHelper.java @@ -0,0 +1,26 @@ +package com.newrelic.api.agent.security.instrumentation.helpers; + +import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; + +public class URLMappingHelper { + + private static Set applicationURLMappings = ConcurrentHashMap.newKeySet(); + + public static Set getApplicationURLMappings() { + return applicationURLMappings; + } + + public static void addApplicationURLMappings(ApplicationURLMapping applicationURLMappings) { + URLMappingHelper.applicationURLMappings.add(applicationURLMappings); + } + + private static void triggerSend(){ + if(NewRelicSecurity.getAgent().isSecurityActive()){ + + } + } +} diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java index 569b64210..25464b09b 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java @@ -4,6 +4,8 @@ public class ApplicationURLMapping { private String method; private String url; + private String handler; + public ApplicationURLMapping(String method, String url) { this.method = method; this.url = url; @@ -25,6 +27,14 @@ public void setUrl(String url) { this.url = url; } + public String getHandler() { + return handler; + } + + public void setHandler(String handler) { + this.handler = handler; + } + public boolean equals(Object obj) { if (obj == this) { return true; @@ -40,4 +50,5 @@ public boolean equals(Object obj) { public String toString() { return "Method: " + method + ", Url: " + url; } + } From 60e38a7f033bdba0d10391a5b9db3ad328b83c52 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Fri, 26 May 2023 19:37:30 +0530 Subject: [PATCH 07/80] Updated POJO and changed location for sending application url mappings --- .../instrumentator/utils/AgentUtils.java | 8 ++++++ .../javaagent/ApplicationURLMappings.java | 20 +++++++++----- .../intcodeagent/websocket/WSClient.java | 2 ++ .../newrelic/api/agent/security/Agent.java | 4 +-- .../newrelic/api/agent/security/Agent.java | 12 --------- .../helpers/URLMappingHelper.java | 26 ------------------- .../helpers/URLMappingsHelper.java | 18 +++++++++++++ .../schema/ApplicationURLMapping.java | 9 +++++++ 8 files changed, 52 insertions(+), 47 deletions(-) delete mode 100644 newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingHelper.java create mode 100644 newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java index d73e39856..1b473847c 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java @@ -8,6 +8,7 @@ import com.newrelic.agent.security.intcodeagent.logging.DeployedApplication; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; import com.newrelic.agent.security.intcodeagent.models.config.AgentPolicyParameters; +import com.newrelic.agent.security.intcodeagent.models.javaagent.ApplicationURLMappings; import com.newrelic.agent.security.intcodeagent.models.javaagent.EventResponse; import com.newrelic.agent.security.intcodeagent.websocket.EventSendPool; import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter; @@ -15,6 +16,7 @@ import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.Agent; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import com.sun.jna.Pointer; import com.sun.jna.platform.win32.Kernel32; @@ -644,4 +646,10 @@ private void applyNRPolicyOverride() { this.setPolicyOverridden(override); } + + public static void sendApplicationURLMappings() { + ApplicationURLMappings applicationURLMappings = new ApplicationURLMappings(URLMappingsHelper.getApplicationURLMappings()); + logger.logInit(LogLevel.INFO, String.format("Collected application url mappings %s", applicationURLMappings.toString()), Agent.class.getName()); + EventSendPool.getInstance().sendEvent(applicationURLMappings); + } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ApplicationURLMappings.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ApplicationURLMappings.java index 64078e00b..6dec9b791 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ApplicationURLMappings.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ApplicationURLMappings.java @@ -1,22 +1,28 @@ package com.newrelic.agent.security.intcodeagent.models.javaagent; +import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter; import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import java.util.Set; public class ApplicationURLMappings extends AgentBasicInfo{ - private Set applicationURLMappings; + private Set mappings; - public ApplicationURLMappings(Set applicationURLMappings) { - this.applicationURLMappings = applicationURLMappings; + public ApplicationURLMappings(Set mappings) { + this.mappings = mappings; } - public Set getApplicationURLMappings() { - return applicationURLMappings; + public Set getMappings() { + return mappings; } - public void setApplicationURLMappings(Set applicationURLMappings) { - this.applicationURLMappings = applicationURLMappings; + public void setMappings(Set mappings) { + this.mappings = mappings; + } + + @Override + public String toString() { + return JsonConverter.toJSON(this); } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java index 2e6782c3b..ed8a8def4 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java @@ -2,6 +2,7 @@ import com.newrelic.agent.security.AgentConfig; import com.newrelic.agent.security.AgentInfo; +import com.newrelic.agent.security.instrumentator.utils.AgentUtils; import com.newrelic.agent.security.instrumentator.utils.INRSettingsKey; import com.newrelic.agent.security.intcodeagent.controlcommand.ControlCommandProcessor; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; @@ -184,6 +185,7 @@ public void onOpen(ServerHandshake handshakedata) { WSUtils.getInstance().notifyAll(); } WSUtils.getInstance().setConnected(true); + AgentUtils.sendApplicationURLMappings(); logger.logInit(LogLevel.INFO, String.format(IAgentConstants.APPLICATION_INFO_SENT_ON_WS_CONNECT, AgentInfo.getInstance().getApplicationInfo()), WSClient.class.getName()); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 99a27792f..b7cdcd99f 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -27,7 +27,7 @@ import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.Transaction; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; -import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.ApplicationURLMapping; @@ -168,7 +168,7 @@ private void initialise() { } private static void sendApplicationURLMappings() { - ApplicationURLMappings applicationURLMappings = new ApplicationURLMappings(URLMappingHelper.getApplicationURLMappings()); + ApplicationURLMappings applicationURLMappings = new ApplicationURLMappings(URLMappingsHelper.getApplicationURLMappings()); String urlMappings = JsonConverter.toJSON(applicationURLMappings); logger.logInit(LogLevel.INFO, String.format("Collected application url mappings %s", urlMappings), Agent.class.getName()); EventSendPool.getInstance().sendEvent(urlMappings); diff --git a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java index 875d8a0d0..cf67441cb 100644 --- a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -3,7 +3,6 @@ import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.Transaction; import com.newrelic.api.agent.security.schema.AbstractOperation; -import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; @@ -132,15 +131,4 @@ public String getAgentTempDir() { public Instrumentation getInstrumentation() { return null; } - - @Override - public List getURLMappings() { - return null; - } - - @Override - public void addURLMapping(ApplicationURLMapping mapping) { - - } - } \ No newline at end of file diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingHelper.java deleted file mode 100644 index 4f7f2620c..000000000 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingHelper.java +++ /dev/null @@ -1,26 +0,0 @@ -package com.newrelic.api.agent.security.instrumentation.helpers; - -import com.newrelic.api.agent.security.NewRelicSecurity; -import com.newrelic.api.agent.security.schema.ApplicationURLMapping; - -import java.util.Set; -import java.util.concurrent.ConcurrentHashMap; - -public class URLMappingHelper { - - private static Set applicationURLMappings = ConcurrentHashMap.newKeySet(); - - public static Set getApplicationURLMappings() { - return applicationURLMappings; - } - - public static void addApplicationURLMappings(ApplicationURLMapping applicationURLMappings) { - URLMappingHelper.applicationURLMappings.add(applicationURLMappings); - } - - private static void triggerSend(){ - if(NewRelicSecurity.getAgent().isSecurityActive()){ - - } - } -} diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java new file mode 100644 index 000000000..ed20364ce --- /dev/null +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java @@ -0,0 +1,18 @@ +package com.newrelic.api.agent.security.instrumentation.helpers; + +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; + +public class URLMappingsHelper { + private static Set mappings = ConcurrentHashMap.newKeySet(); + + public static Set getApplicationURLMappings() { + return mappings; + } + + public static void addApplicationURLMapping(ApplicationURLMapping obj) { + mappings.add(obj); + } +} diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java index 25464b09b..c61fe11cb 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java @@ -3,6 +3,7 @@ public class ApplicationURLMapping { private String method; private String url; + private String handler; private String handler; @@ -11,6 +12,14 @@ public ApplicationURLMapping(String method, String url) { this.url = url; } + public String getHandler() { + return handler; + } + + public void setHandler(String handler) { + this.handler = handler; + } + public String getMethod() { return method; } From 533435a960d76209f11b4b805e28d45ef908c318 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Fri, 26 May 2023 21:17:06 +0530 Subject: [PATCH 08/80] Minor fixes --- .../security/schema/ApplicationURLMapping.java | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java index c61fe11cb..fd8e33b91 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java @@ -5,13 +5,17 @@ public class ApplicationURLMapping { private String url; private String handler; - private String handler; - public ApplicationURLMapping(String method, String url) { this.method = method; this.url = url; } + public ApplicationURLMapping(String method, String url, String handler) { + this.method = method; + this.url = url; + this.handler = handler; + } + public String getHandler() { return handler; } @@ -36,14 +40,6 @@ public void setUrl(String url) { this.url = url; } - public String getHandler() { - return handler; - } - - public void setHandler(String handler) { - this.handler = handler; - } - public boolean equals(Object obj) { if (obj == this) { return true; From 174b5e00a0a0168952dfbabaf927297606bcd05c Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Fri, 26 May 2023 22:56:49 +0530 Subject: [PATCH 09/80] Minor fixes --- .../java/com/newrelic/api/agent/security/Agent.java | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index b7cdcd99f..93352fc43 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -161,17 +161,7 @@ private void initialise() { startK2Services(); info.agentStatTrigger(); - sendApplicationURLMappings(); - System.out.printf("This application instance is now being protected by New Relic Security under id %s\n", info.getApplicationUUID()); - - } - - private static void sendApplicationURLMappings() { - ApplicationURLMappings applicationURLMappings = new ApplicationURLMappings(URLMappingsHelper.getApplicationURLMappings()); - String urlMappings = JsonConverter.toJSON(applicationURLMappings); - logger.logInit(LogLevel.INFO, String.format("Collected application url mappings %s", urlMappings), Agent.class.getName()); - EventSendPool.getInstance().sendEvent(urlMappings); } private BuildInfo readCollectorBuildInfo() { From 1ead1f6bdb360eac1f299b4f073af5dd294028c1 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Fri, 26 May 2023 23:01:35 +0530 Subject: [PATCH 10/80] Minor fixes --- .../java/com/newrelic/api/agent/security/Agent.java | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 93352fc43..332a7fbae 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -85,8 +85,6 @@ public class Agent implements SecurityAgent { private java.net.URL agentJarURL; private Instrumentation instrumentation; - private static List mappings = new ArrayList<>(); - public static SecurityAgent getInstance() { if(instance == null) { synchronized (lock){ @@ -485,13 +483,4 @@ public void setInitialised(boolean initialised) { public Instrumentation getInstrumentation() { return this.instrumentation; } - - public List getURLMappings() { - return mappings; - } - - public void addURLMapping(ApplicationURLMapping obj) { - if(!mappings.contains(obj)) - this.mappings.add(obj); - } } \ No newline at end of file From 76c9d96a372a7f8e92d7b6d467f11ee3bba04220 Mon Sep 17 00:00:00 2001 From: idawda Date: Mon, 29 May 2023 14:31:35 +0530 Subject: [PATCH 11/80] Updated methods impl. in Application-URLMapping POJO --- .../agent/security/schema/ApplicationURLMapping.java | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java index fd8e33b91..fb6e5ca04 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java @@ -1,5 +1,7 @@ package com.newrelic.api.agent.security.schema; +import java.util.Objects; + public class ApplicationURLMapping { private String method; private String url; @@ -40,6 +42,7 @@ public void setUrl(String url) { this.url = url; } + @Override public boolean equals(Object obj) { if (obj == this) { return true; @@ -47,13 +50,18 @@ public boolean equals(Object obj) { if (obj instanceof ApplicationURLMapping) { ApplicationURLMapping mapping = (ApplicationURLMapping) obj; - return url.equals(mapping.url) && method.equals(mapping.method); + return url.equals(mapping.url) && method.equals(mapping.method) && handler.equals(mapping.handler); } return false; } + @Override public String toString() { - return "Method: " + method + ", Url: " + url; + return String.format("Method: %s, Url: %s, Handler: %s", method, url, handler); } + @Override + public int hashCode() { + return Objects.hash(method, url, handler); + } } From 611043b68cdf55096c10caae414390f6caee07cf Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Mon, 29 May 2023 19:41:58 +0530 Subject: [PATCH 12/80] [FIX] SA HC stats empty issue --- .../logging/HealthCheckScheduleThread.java | 53 +++++++++---------- 1 file changed, 25 insertions(+), 28 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java index 62b68f74c..4970dfb30 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java @@ -17,19 +17,21 @@ import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.math.NumberUtils; import org.apache.commons.text.StringSubstitutor; -import oshi.SystemInfo; -import oshi.hardware.HardwareAbstractionLayer; -import oshi.software.os.OperatingSystem; import java.io.File; import java.io.IOException; +import java.lang.management.ManagementFactory; +import java.lang.management.MemoryMXBean; +import java.lang.management.MemoryUsage; +import com.sun.management.OperatingSystemMXBean; +import java.lang.management.RuntimeMXBean; +import java.lang.management.ThreadMXBean; import java.math.RoundingMode; import java.nio.charset.StandardCharsets; import java.time.Instant; import java.util.HashMap; import java.util.Map; import java.util.concurrent.*; -import java.util.concurrent.atomic.AtomicInteger; import java.util.stream.Collectors; public class HealthCheckScheduleThread { @@ -171,36 +173,32 @@ private static Map getServiceStatus() { private static Map populateJVMStats() { Map stats = new HashMap<>(); - try { - SystemInfo systemInfo = new SystemInfo(); - OperatingSystem os = systemInfo.getOperatingSystem(); - HardwareAbstractionLayer hal = systemInfo.getHardware(); - - long totalMemory = hal.getMemory().getTotal(); - long processMemory = os.getProcess(os.getProcessId()).getResidentSetSize(); - stats.put("processHeapUsageMB", NumberUtils.toScaledBigDecimal((Runtime.getRuntime().totalMemory()-Runtime.getRuntime().freeMemory()) / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); - stats.put("processMaxHeapMB", NumberUtils.toScaledBigDecimal(Runtime.getRuntime().maxMemory() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); - stats.put("processRssMB", NumberUtils.toScaledBigDecimal(processMemory / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); - - stats.put("processFreeMemoryMB", NumberUtils.toScaledBigDecimal(Runtime.getRuntime().freeMemory() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); - setOsStats(stats, totalMemory, hal.getMemory().getAvailable(), systemInfo.getOperatingSystem().getCurrentProcess().getProcessCpuLoadCumulative()); - stats.put("nCores", Runtime.getRuntime().availableProcessors()); - - stats.put("rootDiskFreeSpaceMB", NumberUtils.toScaledBigDecimal(osVariables.getRootDir().getFreeSpace() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); - stats.put("processDirDiskFreeSpaceMB", NumberUtils.toScaledBigDecimal(new File(".").getFreeSpace() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); - } catch (Throwable ignored){} + MemoryMXBean memoryMXBean = ManagementFactory.getMemoryMXBean(); + + stats.put("processHeapUsageMB", NumberUtils.toScaledBigDecimal(memoryMXBean.getHeapMemoryUsage().getUsed() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); + stats.put("processMaxHeapMB", NumberUtils.toScaledBigDecimal(memoryMXBean.getHeapMemoryUsage().getMax() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); + stats.put("processRssMB", NumberUtils.toScaledBigDecimal((memoryMXBean.getHeapMemoryUsage().getUsed() + memoryMXBean.getNonHeapMemoryUsage().getUsed()) / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); + + stats.put("processFreeMemoryMB", NumberUtils.toScaledBigDecimal(Runtime.getRuntime().freeMemory() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); + setOsStats(stats); + stats.put("nCores", Runtime.getRuntime().availableProcessors()); + + stats.put("rootDiskFreeSpaceMB", NumberUtils.toScaledBigDecimal(osVariables.getRootDir().getFreeSpace() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); + stats.put("processDirDiskFreeSpaceMB", NumberUtils.toScaledBigDecimal(new File(".").getFreeSpace() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); + return stats; } - private static void setOsStats(Map stats, long totalMemory, long systemFreeMemory, double processCpuLoadCumulative) { + private static void setOsStats(Map stats) { try { - stats.put("processCpuUsage", NumberUtils.toScaledBigDecimal(processCpuLoadCumulative, 2, RoundingMode.HALF_DOWN).doubleValue()); + OperatingSystemMXBean osBean = (OperatingSystemMXBean) ManagementFactory.getOperatingSystemMXBean(); - stats.put("systemFreeMemoryMB", NumberUtils.toScaledBigDecimal(systemFreeMemory / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); - stats.put("systemTotalMemoryMB", NumberUtils.toScaledBigDecimal(totalMemory / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); + stats.put("systemCpuLoad", NumberUtils.toScaledBigDecimal(osBean.getSystemLoadAverage(), 2, RoundingMode.HALF_DOWN).doubleValue()); + stats.put("processCpuUsage", NumberUtils.toScaledBigDecimal(osBean.getProcessCpuLoad()*100, 2, RoundingMode.HALF_DOWN).doubleValue()); + stats.put("systemFreeMemoryMB", NumberUtils.toScaledBigDecimal(osBean.getFreePhysicalMemorySize() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); + stats.put("systemTotalMemoryMB", NumberUtils.toScaledBigDecimal(osBean.getTotalPhysicalMemorySize() / 1048576.0, 2, RoundingMode.HALF_DOWN).doubleValue()); } catch (Throwable e) { -// logger.log(LogLevel.ERROR, "Error while populating OS related resource usage stats : " + e.toString(), HealthCheckScheduleThread.class.getName()); logger.log(LogLevel.FINER, "Error while populating OS related resource usage stats : ", e, HealthCheckScheduleThread.class.getName()); } } @@ -215,5 +213,4 @@ public static HealthCheckScheduleThread getInstance() { } throw null; } - } \ No newline at end of file From d9dd9a7e6534c57f56f2691d400ae944f7e5cc68 Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Thu, 1 Jun 2023 15:37:56 +0530 Subject: [PATCH 13/80] Set next target version 1.0.4 --- gradle.properties | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gradle.properties b/gradle.properties index 17c23f230..9b458a914 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,5 +1,5 @@ # The agent version. -agentVersion=1.0.3 +agentVersion=1.0.4 jsonVersion=1.0.1 # Updated exposed NR APM API version. nrAPIVersion=8.3.0-SNAPSHOT @@ -13,4 +13,4 @@ org.gradle.jvmargs=-Xmx4g org.gradle.caching=true file.encoding=utf-8 commitId=dev -buildNumber=0 \ No newline at end of file +buildNumber=0 From f2e8d3001b6beaac27a9fc2c8f3e8da3cb0a4f6f Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Thu, 22 Jun 2023 09:51:12 +0530 Subject: [PATCH 14/80] Update build.gradle Limiting the version range for Apache log4j due to the new version release of Apache log4j on 21 June 2023 --- instrumentation-security/apache-log4j-2.17.2/build.gradle | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/instrumentation-security/apache-log4j-2.17.2/build.gradle b/instrumentation-security/apache-log4j-2.17.2/build.gradle index bb150f5d2..14f8b7678 100644 --- a/instrumentation-security/apache-log4j-2.17.2/build.gradle +++ b/instrumentation-security/apache-log4j-2.17.2/build.gradle @@ -10,7 +10,7 @@ dependencies { } verifyInstrumentation { - passes("org.apache.logging.log4j:log4j-core:[2.17.2,)") + passes("org.apache.logging.log4j:log4j-core:[2.17.2,2.20.0]") } site { @@ -20,4 +20,4 @@ site { //test { // useJUnitPlatform() -//} \ No newline at end of file +//} From 3879646ba6c55c110039838b33e0b488240cf0b3 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Fri, 23 Jun 2023 09:57:20 +0530 Subject: [PATCH 15/80] Update README.md Updated support matrix --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 755528519..afaefd347 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ The agent automatically instruments the following frameworks. - JAX-RS 1.0 to latest - Spring Boot 1.4 to latest - Struts 2.0.5 to latest -- Log4j from 2.0 to latest +- Log4j from 2.0 to 2.20.0 - Servlet from 2.4 to latest - Spring from 0 to latest @@ -139,4 +139,4 @@ If you would like to contribute to this project, review [these guidelines](https New Relic Security Agent for Java is licensed under the New Relic Pre-Release Software Notice. -The New Relic Security Agent for Java also uses source code from third-party libraries. You can find full details on which libraries are used and the terms under which they are licensed in the third-party notices document. \ No newline at end of file +The New Relic Security Agent for Java also uses source code from third-party libraries. You can find full details on which libraries are used and the terms under which they are licensed in the third-party notices document. From 0d41a5feb9d198ab57afc63c5494f3c8637c0b2a Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Fri, 23 Jun 2023 10:03:30 +0530 Subject: [PATCH 16/80] Update Changelog.md --- Changelog.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index ea755192b..754beb75d 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,6 +4,10 @@ Noteworthy changes to the agent are documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.0.4-limited-preview] - UPCOMING +### Changes +- Limiting the supported version range for Apache log4j due to the new version release of Apache log4j on 21 June 2023 + ## [1.0.3-limited-preview] - 2023-05-23 ### Changes - License update @@ -71,4 +75,4 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Reset CSEC component version to 1.0.0 - Reset CSEC json version to 1.0.0 - Set WS TCP connect timeout to 15 -- Update WS header to include correct NR-LICENSE-KEY & NR-AGENT-RUN-TOKEN \ No newline at end of file +- Update WS header to include correct NR-LICENSE-KEY & NR-AGENT-RUN-TOKEN From 7837865e2b34b316f5d16dff91092c16bca258cd Mon Sep 17 00:00:00 2001 From: idawda Date: Mon, 26 Jun 2023 19:51:31 +0530 Subject: [PATCH 17/80] Added restEasy modules to settings.gradle --- settings.gradle | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/settings.gradle b/settings.gradle index 77c8ef7aa..00a1d7701 100644 --- a/settings.gradle +++ b/settings.gradle @@ -139,4 +139,6 @@ include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' include 'instrumentation:apache-struts2' include 'instrumentation:jersey' - +include 'instrumentation:resteasy-2.2' +include 'instrumentation:resteasy-3' +include 'instrumentation:resteasy-4' From ab676b259df1db333c5166742cc222e1a6f7dd9d Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Mon, 10 Jul 2023 15:42:00 +0530 Subject: [PATCH 18/80] Add log for the IAST scan start of every API ID Co-authored-by: Harshit Singh Lodha --- .../security/instrumentator/utils/AgentUtils.java | 7 +++++++ .../java/com/newrelic/api/agent/security/Agent.java | 11 +++++++++++ 2 files changed, 18 insertions(+) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java index d73e39856..4a4a20eaf 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java @@ -88,6 +88,8 @@ public class AgentUtils { private Map eventResponseSet; + private Set scannedAPIIds; + private Set rxssSentUrls; private Set deployedApplicationUnderProcessing; @@ -128,6 +130,7 @@ public Set getProtectedVulnerabilties() { private AgentUtils() { eventResponseSet = new ConcurrentHashMap<>(); classLoaderRecord = new ConcurrentHashMap<>(); + scannedAPIIds = ConcurrentHashMap.newKeySet(); rxssSentUrls = new HashSet<>(); deployedApplicationUnderProcessing = new HashSet<>(); TRACE_PATTERN = Pattern.compile(IAgentConstants.TRACE_REGEX); @@ -153,6 +156,10 @@ public Map getEventResponseSet() { return eventResponseSet; } + public Set getScannedAPIIds() { + return scannedAPIIds; + } + public int incrementOutboundHttpConnectionId() { return this.outboundHttpConnectionId.getAndIncrement(); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index ed81888e8..ee1d2324c 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -262,6 +262,9 @@ public void registerOperation(AbstractOperation operation) { Dispatcher.class.getName()); return; } + + logIfIastScanForFirstTime(securityMetaData.getFuzzRequestIdentifier()); + setRequiredStackTrace(operation, securityMetaData); setUserClassEntity(operation, securityMetaData); processStackTrace(operation); @@ -284,6 +287,14 @@ public void registerOperation(AbstractOperation operation) { // checkIfClientIPBlocked(); } + private void logIfIastScanForFirstTime(K2RequestIdentifier fuzzRequestIdentifier) { + + if(StringUtils.isNotBlank(fuzzRequestIdentifier.getApiRecordId()) && !AgentUtils.getInstance().getScannedAPIIds().contains(fuzzRequestIdentifier.getApiRecordId())){ + AgentUtils.getInstance().getScannedAPIIds().add(fuzzRequestIdentifier.getApiRecordId()); + logger.log(LogLevel.INFO, String.format("IAST Scan for API ID : %s started.", fuzzRequestIdentifier.getApiRecordId()), Agent.class.getName()); + } + } + private static boolean checkIfNRGeneratedEvent(AbstractOperation operation, SecurityMetaData securityMetaData) { for (int i = 1, j = 0; i < operation.getStackTrace().length; i++) { // Only remove consecutive top com.newrelic and com.nr. elements from stack. From 1750d9c29ae1ff2420431a358b8964c678ab0e5d Mon Sep 17 00:00:00 2001 From: Harshit Singh Lodha Date: Mon, 10 Jul 2023 15:50:00 +0530 Subject: [PATCH 19/80] Making WS reconnect interval 15 seconds in all cases. --- .../ControlCommandProcessor.java | 4 +-- .../intcodeagent/websocket/WSClient.java | 29 ------------------- .../newrelic/api/agent/security/Agent.java | 1 + 3 files changed, 3 insertions(+), 31 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java index 8749400d4..c48676973 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java @@ -18,10 +18,10 @@ import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter; import com.newrelic.agent.security.intcodeagent.websocket.WSClient; import com.newrelic.agent.security.intcodeagent.websocket.WSUtils; -import com.newrelic.api.agent.security.Agent; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; import org.apache.commons.lang3.StringUtils; +import org.java_websocket.framing.CloseFrame; import org.json.simple.JSONObject; import org.json.simple.parser.JSONParser; @@ -226,7 +226,7 @@ public void run() { } logger.log(LogLevel.FINER, WS_RECONNECT_IAST_REQUEST_REPLAY_POOL_DRAINED, this.getClass().getName()); } - WSClient.tryWebsocketConnection(-1); + WSClient.getInstance().close(CloseFrame.SERVICE_RESTART, "Reconnecting to service"); } catch (Throwable e) { logger.log(LogLevel.SEVERE, String.format(ERROR_WHILE_PROCESSING_RECONNECTION_CC_S_S, e.getMessage(), e.getCause()), this.getClass().getName()); logger.log(LogLevel.SEVERE, ERROR_WHILE_PROCESSING_RECONNECTION_CC, e, this.getClass().getName()); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java index b19a98c69..0ee15dabb 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java @@ -285,33 +285,4 @@ public static void shutDownWSClient() { instance = null; } - public static void tryWebsocketConnection(int numberOfRetries) { - try { - int retries = numberOfRetries; - WSClient.reconnectWSClient(); - while (numberOfRetries < 0 || retries > 0) { - try { - if (!WSUtils.isConnected()) { - retries--; - int timeout = 15; - logger.logInit(LogLevel.INFO, String.format("WS client connection failed will retry after %s second(s)", timeout), WSClient.class.getName()); - TimeUnit.SECONDS.sleep(timeout); - WSClient.reconnectWSClient(); - } else { - break; - } - } catch (Throwable e) { - logger.log(LogLevel.SEVERE, ERROR_OCCURED_WHILE_TRYING_TO_CONNECT_TO_WSOCKET, e, - WSClient.class.getName()); - logger.postLogMessageIfNecessary(LogLevel.SEVERE, ERROR_OCCURED_WHILE_TRYING_TO_CONNECT_TO_WSOCKET, e, - WSClient.class.getName()); - } - } - if (!WSUtils.isConnected()) { - throw new RuntimeException("Websocket not connected!!!"); - } - } catch (Exception e) { - throw new RuntimeException(e); - } - } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index ee1d2324c..d1d289017 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -396,6 +396,7 @@ public void registerExitEvent(AbstractOperation operation) { K2RequestIdentifier k2RequestIdentifier = NewRelicSecurity.getAgent().getSecurityMetaData().getFuzzRequestIdentifier(); HttpRequest request = NewRelicSecurity.getAgent().getSecurityMetaData().getRequest(); + // TODO: Generate for only native payloads if (!request.isEmpty() && !operation.isEmpty() && k2RequestIdentifier.getK2Request()) { if (StringUtils.equals(k2RequestIdentifier.getApiRecordId(), operation.getApiID()) && StringUtils.equals(k2RequestIdentifier.getNextStage().getStatus(), IAgentConstants.VULNERABLE)) { From 139d6d711261f09074caccb2ab4bc11936c72c57 Mon Sep 17 00:00:00 2001 From: idawda Date: Wed, 12 Jul 2023 10:45:06 +0530 Subject: [PATCH 20/80] Added apache-wicket modules to settings.gradle --- settings.gradle | 3 +++ 1 file changed, 3 insertions(+) diff --git a/settings.gradle b/settings.gradle index 00a1d7701..273037f41 100644 --- a/settings.gradle +++ b/settings.gradle @@ -142,3 +142,6 @@ include 'instrumentation:jersey' include 'instrumentation:resteasy-2.2' include 'instrumentation:resteasy-3' include 'instrumentation:resteasy-4' +include 'instrumentation:apache-wicket-6.4' +include 'instrumentation:apache-wicket-7.0' +include 'instrumentation:apache-wicket-8.0' From 2f83962e256713f31830f4a18c62b28ddba947c5 Mon Sep 17 00:00:00 2001 From: idawda Date: Wed, 12 Jul 2023 10:45:54 +0530 Subject: [PATCH 21/80] Added grails modules to settings.gradle --- settings.gradle | 3 +++ 1 file changed, 3 insertions(+) diff --git a/settings.gradle b/settings.gradle index 273037f41..a1f15385e 100644 --- a/settings.gradle +++ b/settings.gradle @@ -145,3 +145,6 @@ include 'instrumentation:resteasy-4' include 'instrumentation:apache-wicket-6.4' include 'instrumentation:apache-wicket-7.0' include 'instrumentation:apache-wicket-8.0' +include 'instrumentation:grails-1.3' +include 'instrumentation:grails-2.0' +include 'instrumentation:grails-3.0' \ No newline at end of file From efbdd726eaf90b30b8b25a832d961efb44da98ef Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Wed, 12 Jul 2023 11:01:18 +0530 Subject: [PATCH 22/80] NR-141422 : fix by minor updates in logger --- .../main/java/com/newrelic/agent/security/AgentInfo.java | 6 ++++++ .../main/java/com/newrelic/api/agent/security/Agent.java | 2 -- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java index 0b50f2bed..c6cbe01ee 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java @@ -49,6 +49,7 @@ public class AgentInfo { private BuildInfo buildInfo = new BuildInfo(); private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance(); + private boolean processProtected = false; private AgentInfo() { RuntimeMXBean runtimeMXBean = ManagementFactory.getRuntimeMXBean(); @@ -168,6 +169,11 @@ else if (!AgentConfig.getInstance().isNRSecurityEnabled()) { if(state) { logger.logInit(LogLevel.INFO, String.format("Security Agent is now ACTIVE for %s", applicationUUID), AgentInfo.class.getName()); } + + if(state && !processProtected){ + processProtected = true; + System.out.printf("This application instance is now being protected by New Relic Security under id %s\n", getApplicationUUID()); + } setAgentActive(state); return state; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index d1d289017..77139da7c 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -144,8 +144,6 @@ private void initialise() { startK2Services(); info.agentStatTrigger(); - - System.out.printf("This application instance is now being protected by New Relic Security under id %s\n", info.getApplicationUUID()); } private BuildInfo readCollectorBuildInfo() { From 8a1f7b20f27a5fac63b1842716fb5baef610123d Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Wed, 12 Jul 2023 11:05:05 +0530 Subject: [PATCH 23/80] Update to main branch for APM and use new proprietary jars (#75) * Update to main branch for APM and use new proprietary jars * Remove Check version compatibility Co-authored-by: Harshit Singh Lodha --- .../action.yml | 2 +- .github/actions/setup-environment/action.yml | 4 +-- .../X-Reusable-Build-Security-Agent.yml | 26 ++----------------- .github/workflows/build-integrated-jar.yml | 24 +---------------- .../publish-main-snapshot-to-maven.yml | 2 +- .../workflows/publish-release-to-maven.yml | 2 +- .github/workflows/publish-to-maven.yml | 26 ++----------------- 7 files changed, 10 insertions(+), 76 deletions(-) diff --git a/.github/actions/setup-environment-inst-verifier/action.yml b/.github/actions/setup-environment-inst-verifier/action.yml index 71b93bc60..0e307833c 100644 --- a/.github/actions/setup-environment-inst-verifier/action.yml +++ b/.github/actions/setup-environment-inst-verifier/action.yml @@ -52,7 +52,7 @@ runs: - name: Download S3 instrumentation jar zip shell: bash run: | - aws s3 cp s3://nr-java-agent-s3-instrumentation/proprietary-jars-20220805.zip proprietary-jars.zip && unzip proprietary-jars.zip && cp -rf instrumentation/** instrumentation-security/ + aws s3 cp s3://nr-java-agent-s3-instrumentation/proprietary-jars-20230623.zip proprietary-jars.zip && unzip proprietary-jars.zip && cp -rf instrumentation/** instrumentation-security/ if [ $? -ne 0 ]; then echo "Instrumentation jar zip unavailable." >> $GITHUB_STEP_SUMMARY fi \ No newline at end of file diff --git a/.github/actions/setup-environment/action.yml b/.github/actions/setup-environment/action.yml index f65db28c9..87240a375 100644 --- a/.github/actions/setup-environment/action.yml +++ b/.github/actions/setup-environment/action.yml @@ -8,7 +8,7 @@ inputs: apm-branch: description: 'The branch of APM source code to use' required: true - default: 'k2-integration' + default: 'main' apm-aws-access-key-id: description: 'APM AWS S3 access key id' apm-aws-secret-access-key: @@ -103,7 +103,7 @@ runs: - name: Download S3 instrumentation jar zip shell: bash run: | - aws s3 cp s3://nr-java-agent-s3-instrumentation/proprietary-jars-20220805.zip proprietary-jars.zip && unzip proprietary-jars.zip && cp -rf instrumentation/** instrumentation-security/ && unzip -d newrelic-java-agent proprietary-jars.zip + aws s3 cp s3://nr-java-agent-s3-instrumentation/proprietary-jars-20230623.zip proprietary-jars.zip && unzip proprietary-jars.zip && cp -rf instrumentation/** instrumentation-security/ && unzip -d newrelic-java-agent proprietary-jars.zip if [ $? -ne 0 ]; then echo "Instrumentation jar zip unavailable." >> $GITHUB_STEP_SUMMARY fi diff --git a/.github/workflows/X-Reusable-Build-Security-Agent.yml b/.github/workflows/X-Reusable-Build-Security-Agent.yml index 07259bdd5..9deb74300 100644 --- a/.github/workflows/X-Reusable-Build-Security-Agent.yml +++ b/.github/workflows/X-Reusable-Build-Security-Agent.yml @@ -11,7 +11,7 @@ on: description: 'The source-ref of APM source code to use' required: true type: string - default: 'k2-integration' + default: 'main' run-unit-test: description: 'Run instrumentation unit tests ?' required: true @@ -38,7 +38,7 @@ on: description: 'The source-ref of APM source code to use' required: true type: string - default: 'k2-integration' + default: 'main' run-unit-test: description: 'Run instrumentation unit tests ?' required: true @@ -74,28 +74,6 @@ jobs: apm-aws-secret-access-key: ${{ secrets.APM_AWS_SECRET_ACCESS_KEY }} apm-aws-region: us-east-2 - - name: Check version compatibility - shell: bash - run: | - APM_CONFIGURED_CSEC_VERSION=$(./gradlew ${GRADLE_OPTIONS} -p newrelic-java-agent/ properties | grep 'csecCollectorVersion:' | awk -F': ' '{print $2}') - CSEC_CONFIGURED_APM_VERSION=$(./gradlew ${GRADLE_OPTIONS} properties | grep 'nrAPIVersion:' | awk -F': ' '{print $2}') - - if [[ "${APM_VERSION}" != "${CSEC_CONFIGURED_APM_VERSION}" ]] - then - printf "${RED}Version mismatch regarding APM: ${NONE}\n" - printf "${RED}Version of APM to build: ${APM_VERSION} ${NONE}\n" - printf "${RED}Version of APM API used by CSEC: ${CSEC_CONFIGURED_APM_VERSION} ${NONE}\n" - exit 1 - fi - - if [[ "${SECURITY_VERSION}" != "${APM_CONFIGURED_CSEC_VERSION}" ]] - then - printf "${RED}Version mismatch regarding Security: ${NONE}\n" - printf "${RED}Version of CSEC to build: ${SECURITY_VERSION} ${NONE}\n" - printf "${RED}Version of CSEC API used by APM: ${APM_CONFIGURED_CSEC_VERSION} ${NONE}\n" - exit 2 - fi - - name: Publish CSEC to local uses: ./.github/actions/publish-csec-local diff --git a/.github/workflows/build-integrated-jar.yml b/.github/workflows/build-integrated-jar.yml index 5761b9acb..d35cb0a42 100644 --- a/.github/workflows/build-integrated-jar.yml +++ b/.github/workflows/build-integrated-jar.yml @@ -9,7 +9,7 @@ on: apm-source-ref: description: 'The source-ref of APM source code to use' required: true - default: 'k2-integration' + default: 'main' csec-run-unittest: description: 'Whether to run CSEC instrumentation unit tests' required: true @@ -71,28 +71,6 @@ jobs: apm-aws-secret-access-key: ${{ secrets.APM_AWS_SECRET_ACCESS_KEY }} apm-aws-region: us-east-2 - - name: Check version compatibility - shell: bash - run: | - APM_CONFIGURED_CSEC_VERSION=$(./gradlew ${GRADLE_OPTIONS} -p newrelic-java-agent/ properties | grep 'csecCollectorVersion:' | awk -F': ' '{print $2}') - CSEC_CONFIGURED_APM_VERSION=$(./gradlew ${GRADLE_OPTIONS} properties | grep 'nrAPIVersion:' | awk -F': ' '{print $2}') - - if [[ "${APM_VERSION}" != "${CSEC_CONFIGURED_APM_VERSION}" ]] - then - printf "${RED}Version mismatch regarding APM: ${NONE}\n" - printf "${RED}Version of APM to build: ${APM_VERSION} ${NONE}\n" - printf "${RED}Version of APM API used by CSEC: ${CSEC_CONFIGURED_APM_VERSION} ${NONE}\n" - exit 1 - fi - - if [[ "${SECURITY_VERSION}" != "${APM_CONFIGURED_CSEC_VERSION}" ]] - then - printf "${RED}Version mismatch regarding Security: ${NONE}\n" - printf "${RED}Version of CSEC to build: ${SECURITY_VERSION} ${NONE}\n" - printf "${RED}Version of CSEC API used by APM: ${APM_CONFIGURED_CSEC_VERSION} ${NONE}\n" - exit 2 - fi - - name: Build Integrated Agent Jar uses: ./.github/actions/build-apm-jar diff --git a/.github/workflows/publish-main-snapshot-to-maven.yml b/.github/workflows/publish-main-snapshot-to-maven.yml index 73b425a25..6f7f1e6c5 100644 --- a/.github/workflows/publish-main-snapshot-to-maven.yml +++ b/.github/workflows/publish-main-snapshot-to-maven.yml @@ -10,7 +10,7 @@ jobs: secrets: inherit with: apm-repo: 'newrelic/newrelic-java-agent' - apm-source-ref: 'k2-integration' + apm-source-ref: 'main' csec-run-unittest: 'true' csec-run-instrumentation-verify: 'true' is-release: 'false' diff --git a/.github/workflows/publish-release-to-maven.yml b/.github/workflows/publish-release-to-maven.yml index 6e72c2e86..4b82d1090 100644 --- a/.github/workflows/publish-release-to-maven.yml +++ b/.github/workflows/publish-release-to-maven.yml @@ -11,7 +11,7 @@ jobs: secrets: inherit with: apm-repo: 'newrelic/newrelic-java-agent' - apm-source-ref: 'k2-integration' + apm-source-ref: 'main' csec-run-unittest: 'true' csec-run-instrumentation-verify: 'true' is-release: 'true' diff --git a/.github/workflows/publish-to-maven.yml b/.github/workflows/publish-to-maven.yml index 89eae7084..a962c3903 100644 --- a/.github/workflows/publish-to-maven.yml +++ b/.github/workflows/publish-to-maven.yml @@ -9,7 +9,7 @@ on: apm-source-ref: description: 'The source-ref of APM source code to use' required: true - default: 'k2-integration' + default: 'main' csec-run-unittest: description: 'Whether to run CSEC instrumentation unit tests' required: true @@ -41,7 +41,7 @@ on: description: 'The source-ref of APM source code to use' required: true type: string - default: 'k2-integration' + default: 'main' csec-run-unittest: description: 'Whether to run CSEC instrumentation unit tests' required: true @@ -108,28 +108,6 @@ jobs: is-release: ${{ inputs.is-release }} version-suffix: ${{ inputs.version-suffix }} - - name: Check version compatibility - shell: bash - run: | - APM_CONFIGURED_CSEC_VERSION=$(./gradlew ${GRADLE_OPTIONS} -p newrelic-java-agent/ properties | grep 'csecCollectorVersion:' | awk -F': ' '{print $2}') - CSEC_CONFIGURED_APM_VERSION=$(./gradlew ${GRADLE_OPTIONS} properties | grep 'nrAPIVersion:' | awk -F': ' '{print $2}') - - if [[ "${APM_VERSION}" != "${CSEC_CONFIGURED_APM_VERSION}" ]] - then - printf "${RED}Version mismatch regarding APM: ${NONE}\n" - printf "${RED}Version of APM to build: ${APM_VERSION} ${NONE}\n" - printf "${RED}Version of APM API used by CSEC: ${CSEC_CONFIGURED_APM_VERSION} ${NONE}\n" - exit 1 - fi - - if [[ "${SECURITY_VERSION}" != "${APM_CONFIGURED_CSEC_VERSION}" ]] - then - printf "${RED}Version mismatch regarding Security: ${NONE}\n" - printf "${RED}Version of CSEC to build: ${SECURITY_VERSION} ${NONE}\n" - printf "${RED}Version of CSEC API used by APM: ${APM_CONFIGURED_CSEC_VERSION} ${NONE}\n" - exit 2 - fi - - name: Publish CSEC agent API shell: bash run: ./gradlew ${GRADLE_OPTIONS} :newrelic-security-api:publish -PbuildNumber=${{ github.run_id }}-${{ github.run_number }} -PcommitId=${{ github.sha }} --parallel From dcd2ffb805e496bac614e6aba74c842e386bc852 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 12 Jul 2023 13:13:41 +0530 Subject: [PATCH 24/80] add url to the log Co-authored-by: Harshit Singh Lodha --- .../java/com/newrelic/api/agent/security/Agent.java | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 77139da7c..6387e75f7 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -261,7 +261,7 @@ public void registerOperation(AbstractOperation operation) { return; } - logIfIastScanForFirstTime(securityMetaData.getFuzzRequestIdentifier()); + logIfIastScanForFirstTime(securityMetaData.getFuzzRequestIdentifier(), securityMetaData.getRequest()); setRequiredStackTrace(operation, securityMetaData); setUserClassEntity(operation, securityMetaData); @@ -285,11 +285,16 @@ public void registerOperation(AbstractOperation operation) { // checkIfClientIPBlocked(); } - private void logIfIastScanForFirstTime(K2RequestIdentifier fuzzRequestIdentifier) { + private void logIfIastScanForFirstTime(K2RequestIdentifier fuzzRequestIdentifier, HttpRequest request) { + + String url = StringUtils.EMPTY; + if(request != null && StringUtils.isNotBlank(request.getUrl())) { + url = request.getUrl(); + } if(StringUtils.isNotBlank(fuzzRequestIdentifier.getApiRecordId()) && !AgentUtils.getInstance().getScannedAPIIds().contains(fuzzRequestIdentifier.getApiRecordId())){ AgentUtils.getInstance().getScannedAPIIds().add(fuzzRequestIdentifier.getApiRecordId()); - logger.log(LogLevel.INFO, String.format("IAST Scan for API ID : %s started.", fuzzRequestIdentifier.getApiRecordId()), Agent.class.getName()); + logger.log(LogLevel.INFO, String.format("IAST Scan for API %s with ID : %s started.", url, fuzzRequestIdentifier.getApiRecordId()), Agent.class.getName()); } } From 06d86180937367375f2783659531cba78328c669 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Thu, 13 Jul 2023 12:28:29 +0530 Subject: [PATCH 25/80] Update pull mechanism to include processing ids and event ids in completed requests Co-authored-by: Harshit Singh Lodha --- gradle.properties | 6 +-- .../scaladsl/HttpExt_Instrumentation.java | 6 +++ .../scaladsl/HttpExt_Instrumentation.java | 6 +++ .../HttpAsyncClient4_Instrumentation.java | 6 +++ .../HttpMethodBase_Instrumentation.java | 6 +++ .../HttpClient_Instrumentation.java | 6 +++ .../http/HttpClientImpl_Instrumentation.java | 6 +++ .../jetty11/server/HttpServletHelper.java | 4 ++ .../security/jetty9/HttpServletHelper.java | 5 ++ .../io/netty400/utils/NettyUtils.java | 5 ++ .../okhttp30/internal/OkhttpHelper.java | 7 +++ .../okhttp35/internal/OkhttpHelper.java | 6 +++ .../okhttp40/internal/http/OkhttpHelper.java | 6 +++ .../security/servlet24/HttpServletHelper.java | 7 ++- .../security/servlet5/HttpServletHelper.java | 5 ++ .../security/servlet6/HttpServletHelper.java | 5 ++ .../URLConnection_Instrumentation.java | 6 +++ .../instrumentator/dispatcher/Dispatcher.java | 2 + .../dispatcher/DispatcherPool.java | 9 ++++ .../IASTDataTransferRequestProcessor.java | 11 ++-- .../httpclient/RestRequestProcessor.java | 12 ++--- .../httpclient/RestRequestThreadPool.java | 51 +++++++++++++++++-- .../models/IASTDataTransferRequest.java | 23 ++++++--- .../models/javaagent/JavaAgentEventBean.java | 9 ++++ .../helpers/GenericHelper.java | 1 + .../agent/security/schema/policy/Probing.java | 4 +- 26 files changed, 191 insertions(+), 29 deletions(-) diff --git a/gradle.properties b/gradle.properties index 9b458a914..4f088fb82 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,13 +1,13 @@ # The agent version. agentVersion=1.0.4 -jsonVersion=1.0.1 +jsonVersion=1.1.0 # Updated exposed NR APM API version. -nrAPIVersion=8.3.0-SNAPSHOT +nrAPIVersion=8.3.0 # Actual NR APM Agent version # This is intentionally kept to an older NR agent version since it is only used as dependency for unit test framework & # verify instrumentation plugin. This will only be updated when either of these functions require the update. -nrAgentVersion=8.2.0 +nrAgentVersion=8.3.0 #org.gradle.jvmargs=-Xmx2048m org.gradle.jvmargs=-Xmx4g org.gradle.caching=true diff --git a/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java b/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java index c8891e81a..aebfc59a1 100644 --- a/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java +++ b/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java @@ -18,6 +18,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -50,6 +51,11 @@ public Future singleRequest(HttpRequest httpRequest, HttpsConnecti httpRequest = (HttpRequest) httpRequest.addHeader(RawHeader.apply(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader)); } + String csecParaentId = securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + httpRequest = (HttpRequest) httpRequest.addHeader(RawHeader.apply(GenericHelper.CSEC_PARENT_ID, csecParaentId)); + } + try { NewRelicSecurity.getAgent().registerOperation(operation); } finally { diff --git a/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java b/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java index 90d7ba947..0ba6aa38f 100644 --- a/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java +++ b/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java @@ -17,6 +17,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -49,6 +50,11 @@ public Future singleRequestImpl(HttpRequest httpRequest, HttpsConn httpRequest = (HttpRequest) httpRequest.addHeader(RawHeader.apply(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader)); } + String csecParaentId = securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + httpRequest = (HttpRequest) httpRequest.addHeader(RawHeader.apply(GenericHelper.CSEC_PARENT_ID, csecParaentId)); + } + try { NewRelicSecurity.getAgent().registerOperation(operation); } finally { diff --git a/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpAsyncClient4_Instrumentation.java b/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpAsyncClient4_Instrumentation.java index a20c24b1a..d8a84d242 100644 --- a/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpAsyncClient4_Instrumentation.java +++ b/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpAsyncClient4_Instrumentation.java @@ -12,6 +12,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -206,6 +207,11 @@ private AbstractOperation preprocessSecurityHook(HttpRequest request, String uri request.setHeader(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } + String csecParaentId = securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + request.setHeader(GenericHelper.CSEC_PARENT_ID, csecParaentId); + } + SSRFOperation operation = new SSRFOperation(uri, this.getClass().getName(), methodName); try { diff --git a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java b/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java index 044da5aa5..ada34b350 100644 --- a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java +++ b/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java @@ -12,6 +12,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -106,6 +107,11 @@ private AbstractOperation preprocessSecurityHook(HttpConnection conn, String met this.setRequestHeader(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } + String csecParaentId = securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + this.setRequestHeader(GenericHelper.CSEC_PARENT_ID, csecParaentId); + } + SSRFOperation operation = new SSRFOperation(uri, this.getClass().getName(), methodName); try { diff --git a/instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/HttpClient_Instrumentation.java b/instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/HttpClient_Instrumentation.java index d0e178806..e76201de5 100644 --- a/instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/HttpClient_Instrumentation.java +++ b/instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/HttpClient_Instrumentation.java @@ -12,6 +12,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -242,6 +243,11 @@ private AbstractOperation preprocessSecurityHook(HttpRequest request, String uri request.setHeader(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } + String csecParaentId = securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + request.setHeader(GenericHelper.CSEC_PARENT_ID, csecParaentId); + } + SSRFOperation operation = new SSRFOperation(uri, this.getClass().getName(), methodName); try { diff --git a/instrumentation-security/httpclient-jdk11/src/main/java/nr/jdk/internal/net/http/HttpClientImpl_Instrumentation.java b/instrumentation-security/httpclient-jdk11/src/main/java/nr/jdk/internal/net/http/HttpClientImpl_Instrumentation.java index c2c62bbfc..bcf3932d0 100644 --- a/instrumentation-security/httpclient-jdk11/src/main/java/nr/jdk/internal/net/http/HttpClientImpl_Instrumentation.java +++ b/instrumentation-security/httpclient-jdk11/src/main/java/nr/jdk/internal/net/http/HttpClientImpl_Instrumentation.java @@ -6,6 +6,7 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -104,6 +105,11 @@ private static HttpRequest addSecurityHeader(AbstractOperation operation, HttpRe if (iastHeader != null && !iastHeader.trim().isEmpty()) { builder.setHeader(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } + String csecParaentId = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + builder.setHeader(GenericHelper.CSEC_PARENT_ID, csecParaentId); + } + if (operation.getApiID() != null && !operation.getApiID().trim().isEmpty() && operation.getExecutionId() != null && !operation.getExecutionId().trim().isEmpty()) { updatedRequest = builder.setHeader(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER, diff --git a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/HttpServletHelper.java b/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/HttpServletHelper.java index bfedd4cf3..bc1b55fde 100644 --- a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/HttpServletHelper.java +++ b/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/HttpServletHelper.java @@ -1,6 +1,7 @@ package security.org.eclipse.jetty11.server; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; @@ -44,6 +45,9 @@ public static void processHttpRequestHeader(HttpServletRequest request, HttpRequ } else if (ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID.equals(headerKey)) { // TODO: May think of removing this intermediate obj and directly create K2 Identifier. NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(ServletHelper.parseFuzzRequestIdentifierHeader(request.getHeader(headerKey))); + } else if(GenericHelper.CSEC_PARENT_ID.equals(headerKey)) { + NewRelicSecurity.getAgent().getSecurityMetaData() + .addCustomAttribute(GenericHelper.CSEC_PARENT_ID, request.getHeader(headerKey)); } String headerFullValue = EMPTY; Enumeration headerElements = request.getHeaders(headerKey); diff --git a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/HttpServletHelper.java b/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/HttpServletHelper.java index d87310070..4a0335e1d 100644 --- a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/HttpServletHelper.java +++ b/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/HttpServletHelper.java @@ -1,6 +1,7 @@ package com.nr.instrumentation.security.jetty9; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; @@ -43,7 +44,11 @@ public static void processHttpRequestHeader(HttpServletRequest request, HttpRequ } else if (ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID.equals(headerKey)) { // TODO: May think of removing this intermediate obj and directly create K2 Identifier. NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(ServletHelper.parseFuzzRequestIdentifierHeader(request.getHeader(headerKey))); + } else if(GenericHelper.CSEC_PARENT_ID.equals(headerKey)) { + NewRelicSecurity.getAgent().getSecurityMetaData() + .addCustomAttribute(GenericHelper.CSEC_PARENT_ID, request.getHeader(headerKey)); } + String headerFullValue = EMPTY; Enumeration headerElements = request.getHeaders(headerKey); while (headerElements.hasMoreElements()) { diff --git a/instrumentation-security/netty-4.0.0/src/main/java/security/io/netty400/utils/NettyUtils.java b/instrumentation-security/netty-4.0.0/src/main/java/security/io/netty400/utils/NettyUtils.java index 0b893b8da..b4e022fec 100644 --- a/instrumentation-security/netty-4.0.0/src/main/java/security/io/netty400/utils/NettyUtils.java +++ b/instrumentation-security/netty-4.0.0/src/main/java/security/io/netty400/utils/NettyUtils.java @@ -3,6 +3,7 @@ import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.Transaction; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; @@ -123,7 +124,11 @@ public static void processHttpRequestHeader(HttpRequest request, com.newrelic.ap } else if (ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID.equals(headerKey)) { // TODO: May think of removing this intermediate obj and directly create K2 Identifier. NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(ServletHelper.parseFuzzRequestIdentifierHeader(request.headers().get(headerKey))); + } else if(GenericHelper.CSEC_PARENT_ID.equals(headerKey)) { + NewRelicSecurity.getAgent().getSecurityMetaData() + .addCustomAttribute(GenericHelper.CSEC_PARENT_ID, request.headers().get(headerKey)); } + String headerFullValue = EMPTY; List headerElements = request.headers().getAll(headerKey); for (String headerValue : headerElements) { diff --git a/instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/OkhttpHelper.java b/instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/OkhttpHelper.java index 3d145dc0e..dd694ec90 100644 --- a/instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/OkhttpHelper.java +++ b/instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/OkhttpHelper.java @@ -1,8 +1,10 @@ package com.nr.agent.instrumentation.security.okhttp30.internal; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -99,6 +101,11 @@ public static Request addSecurityHeaders(Request.Builder requestBuilder, Abstrac requestBuilder.addHeader(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } + String csecParaentId = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + requestBuilder.addHeader(GenericHelper.CSEC_PARENT_ID, csecParaentId); + } + if (operation.getApiID() != null && !operation.getApiID().trim().isEmpty() && operation.getExecutionId() != null && !operation.getExecutionId().trim().isEmpty()) { // Add Security distributed tracing header diff --git a/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/OkhttpHelper.java b/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/OkhttpHelper.java index a1279eb11..6b1dd623f 100644 --- a/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/OkhttpHelper.java +++ b/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/OkhttpHelper.java @@ -1,8 +1,10 @@ package com.nr.agent.instrumentation.security.okhttp35.internal; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -96,6 +98,10 @@ public static Request addSecurityHeaders(Request.Builder requestBuilder, Abstrac if (iastHeader != null && !iastHeader.trim().isEmpty()) { requestBuilder.addHeader(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } + String csecParaentId = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + requestBuilder.addHeader(GenericHelper.CSEC_PARENT_ID, csecParaentId); + } if (operation.getApiID() != null && !operation.getApiID().trim().isEmpty() && operation.getExecutionId() != null && !operation.getExecutionId().trim().isEmpty()) { diff --git a/instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/OkhttpHelper.java b/instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/OkhttpHelper.java index 057ce5035..438c09fd2 100644 --- a/instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/OkhttpHelper.java +++ b/instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/OkhttpHelper.java @@ -1,8 +1,10 @@ package com.nr.agent.instrumentation.security.okhttp40.internal.http; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -97,6 +99,10 @@ public static Request addSecurityHeaders(Request.Builder requestBuilder, Abstrac if (iastHeader != null && !iastHeader.trim().isEmpty()) { requestBuilder.addHeader(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } + String csecParaentId = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + requestBuilder.addHeader(GenericHelper.CSEC_PARENT_ID, csecParaentId); + } if (operation.getApiID() != null && !operation.getApiID().trim().isEmpty() && operation.getExecutionId() != null && !operation.getExecutionId().trim().isEmpty()) { diff --git a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java b/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java index 299b71207..56dfd7392 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java +++ b/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java @@ -1,6 +1,7 @@ package com.nr.instrumentation.security.servlet24; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; @@ -37,7 +38,11 @@ public static void processHttpRequestHeader(HttpServletRequest request, HttpRequ takeNextValue = true; } else if (ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID.equals(headerKey)) { // TODO: May think of removing this intermediate obj and directly create K2 Identifier. - NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(ServletHelper.parseFuzzRequestIdentifierHeader(request.getHeader(headerKey))); + NewRelicSecurity.getAgent().getSecurityMetaData() + .setFuzzRequestIdentifier(ServletHelper.parseFuzzRequestIdentifierHeader(request.getHeader(headerKey))); + } else if(GenericHelper.CSEC_PARENT_ID.equals(headerKey)) { + NewRelicSecurity.getAgent().getSecurityMetaData() + .addCustomAttribute(GenericHelper.CSEC_PARENT_ID, request.getHeader(headerKey)); } String headerFullValue = EMPTY; Enumeration headerElements = request.getHeaders(headerKey); diff --git a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java b/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java index 7b6bfbef6..00e870b17 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java +++ b/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java @@ -1,6 +1,7 @@ package com.nr.instrumentation.security.servlet5; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; @@ -38,7 +39,11 @@ public static void processHttpRequestHeader(HttpServletRequest request, HttpRequ } else if (ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID.equals(headerKey)) { // TODO: May think of removing this intermediate obj and directly create K2 Identifier. NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(ServletHelper.parseFuzzRequestIdentifierHeader(request.getHeader(headerKey))); + } else if(GenericHelper.CSEC_PARENT_ID.equals(headerKey)) { + NewRelicSecurity.getAgent().getSecurityMetaData() + .addCustomAttribute(GenericHelper.CSEC_PARENT_ID, request.getHeader(headerKey)); } + String headerFullValue = EMPTY; Enumeration headerElements = request.getHeaders(headerKey); while (headerElements.hasMoreElements()) { diff --git a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java b/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java index 0ca53efd5..5dd746dda 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java +++ b/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java @@ -1,6 +1,7 @@ package com.nr.instrumentation.security.servlet6; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.HttpRequest; @@ -38,7 +39,11 @@ public static void processHttpRequestHeader(HttpServletRequest request, HttpRequ } else if (ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID.equals(headerKey)) { // TODO: May think of removing this intermediate obj and directly create K2 Identifier. NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(ServletHelper.parseFuzzRequestIdentifierHeader(request.getHeader(headerKey))); + } else if(GenericHelper.CSEC_PARENT_ID.equals(headerKey)) { + NewRelicSecurity.getAgent().getSecurityMetaData() + .addCustomAttribute(GenericHelper.CSEC_PARENT_ID, request.getHeader(headerKey)); } + String headerFullValue = EMPTY; Enumeration headerElements = request.getHeaders(headerKey); while (headerElements.hasMoreElements()) { diff --git a/instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/URLConnection_Instrumentation.java b/instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/URLConnection_Instrumentation.java index 3aa1a92ca..b3a0711cf 100644 --- a/instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/URLConnection_Instrumentation.java +++ b/instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/URLConnection_Instrumentation.java @@ -8,9 +8,11 @@ package com.nr.agent.instrumentation.security.urlconnection; import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; +import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -144,6 +146,10 @@ private AbstractOperation preprocessSecurityHook(boolean currentCascadedCall, St if(iastHeader != null && !iastHeader.trim().isEmpty()) { this.setRequestProperty(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } + String csecParaentId = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(StringUtils.isNotBlank(csecParaentId)){ + this.setRequestProperty(GenericHelper.CSEC_PARENT_ID, csecParaentId); + } SSRFOperation operation = new SSRFOperation(callArgs, this.getClass().getName(), methodName); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java index b1fc5202b..101b2bc0f 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java @@ -12,6 +12,7 @@ import com.newrelic.agent.security.intcodeagent.models.javaagent.JavaAgentEventBean; import com.newrelic.agent.security.intcodeagent.websocket.EventSendPool; import com.newrelic.api.agent.NewRelic; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.schema.*; import com.newrelic.api.agent.security.schema.helper.DynamoDBRequest; import com.newrelic.api.agent.security.schema.operation.*; @@ -571,6 +572,7 @@ private JavaAgentEventBean setGenericProperties(AbstractOperation objectBean, Ja eventBean.setPid(AgentInfo.getInstance().getVMPID()); eventBean.setSourceMethod(objectBean.getSourceMethod()); eventBean.setId(objectBean.getExecutionId()); + eventBean.setParentId(securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class)); eventBean.setStartTime(objectBean.getStartTime()); eventBean.setBlockingProcessingTime((Long) extraInfo.get(BLOCKING_END_TIME) - eventBean.getStartTime()); eventBean.setApiId(objectBean.getApiID()); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java index b26627e3d..19dd3b084 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java @@ -1,10 +1,12 @@ package com.newrelic.agent.security.instrumentator.dispatcher; import com.newrelic.agent.security.AgentInfo; +import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; import com.newrelic.agent.security.intcodeagent.models.javaagent.ExitEventBean; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; import org.apache.commons.lang3.StringUtils; @@ -132,6 +134,13 @@ public void dispatchEvent(AbstractOperation operation, SecurityMetaData security eid.add(operation.getExecutionId()); } } + + // Register in Processed CC map + if(StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { + RestRequestThreadPool.getInstance() + .registerEventForProcessedCC(securityMetaData.getCustomAttribute( + GenericHelper.CSEC_PARENT_ID, String.class), operation.getExecutionId()); + } this.executor.submit(new Dispatcher(operation, new SecurityMetaData(securityMetaData))); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java index 40c41b0aa..daee5defd 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java @@ -1,19 +1,17 @@ package com.newrelic.agent.security.instrumentator.httpclient; -import com.newrelic.agent.security.intcodeagent.controlcommand.ControlCommandProcessorThreadPool; +import com.newrelic.agent.security.intcodeagent.executor.CustomFutureTask; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; -import com.newrelic.agent.security.intcodeagent.logging.HealthCheckScheduleThread; -import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; import com.newrelic.agent.security.intcodeagent.models.IASTDataTransferRequest; import com.newrelic.agent.security.intcodeagent.websocket.WSClient; import com.newrelic.agent.security.intcodeagent.websocket.WSUtils; import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; -import org.jetbrains.annotations.NotNull; import java.time.Instant; -import java.util.ArrayList; +import java.util.HashMap; +import java.util.HashSet; import java.util.concurrent.*; import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicLong; @@ -67,7 +65,8 @@ private void task() { if (batchSize > 100 && remainingRecordCapacity > batchSize) { request = new IASTDataTransferRequest(NewRelicSecurity.getAgent().getAgentUUID()); request.setBatchSize(batchSize); - request.setCompletedRequestIds(new ArrayList<>(RestRequestThreadPool.getInstance().getProcessedIds())); + request.setCompletedRequests(new HashMap<>(RestRequestThreadPool.getInstance().getProcessedIds())); + request.setPendingRequestIds(new HashSet<>(RestRequestThreadPool.getInstance().getPendingIds())); WSClient.getInstance().send(request.toString()); } } catch (Throwable e) { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java index 3ab4f5b7c..261f4364e 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java @@ -7,11 +7,11 @@ import com.newrelic.agent.security.intcodeagent.models.FuzzRequestBean; import com.newrelic.agent.security.intcodeagent.models.javaagent.IntCodeControlCommand; import com.newrelic.agent.security.intcodeagent.websocket.WSUtils; -import com.sun.org.apache.xpath.internal.operations.Bool; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import org.apache.commons.lang3.StringUtils; import java.util.concurrent.Callable; -import java.util.concurrent.RejectedExecutionException; /** * Request repeater for IAST @@ -56,6 +56,8 @@ public Boolean call() { } String req = StringUtils.replace(controlCommand.getArguments().get(0), NR_CSEC_VALIDATOR_HOME_TMP, OsVariablesInstance.getInstance().getOsVariables().getTmpDirectory()); httpRequest = objectMapper.readValue(req, FuzzRequestBean.class); + httpRequest.getHeaders().put(GenericHelper.CSEC_PARENT_ID, controlCommand.getId()); + RestRequestThreadPool.getInstance().removeFromProcessedCC(controlCommand.getId()); RestClient.getInstance().fireRequest(RequestUtils.generateK2Request(httpRequest), repeatCount); return true; } catch (Throwable e) { @@ -72,11 +74,7 @@ public Boolean call() { public static void processControlCommand(IntCodeControlCommand command) { RestRequestThreadPool.getInstance().executor .submit(new RestRequestProcessor(command, MAX_REPETITION)); - } - - public static void processControlCommand(IntCodeControlCommand command, int repeat) { - RestRequestThreadPool.getInstance().executor - .submit(new RestRequestProcessor(command, repeat)); + RestRequestThreadPool.getInstance().getPendingIds().add(command.getId()); } public IntCodeControlCommand getControlCommand() { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index f8cad51f3..31076fbed 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -6,6 +6,8 @@ import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import org.apache.commons.lang3.StringUtils; +import java.util.Collections; +import java.util.Map; import java.util.Set; import java.util.concurrent.*; import java.util.concurrent.atomic.AtomicBoolean; @@ -32,7 +34,11 @@ public class RestRequestThreadPool { private static final AtomicBoolean isWaiting = new AtomicBoolean(false); - private Set processedIds = ConcurrentHashMap.newKeySet(); + private final Map> processedIds = new ConcurrentHashMap(); + + private final Map> currentProcessingIds = new ConcurrentHashMap(); + + private final Set pendingIds = ConcurrentHashMap.newKeySet(); private RestRequestThreadPool() { LinkedBlockingQueue processQueue; @@ -44,8 +50,15 @@ private RestRequestThreadPool() { protected void afterExecute(Runnable r, Throwable t) { if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof RestRequestProcessor) { RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); - if(StringUtils.isNotBlank(task.getControlCommand().getId())){ - processedIds.add(task.getControlCommand().getId()); + String controlCommandId = task.getControlCommand().getId(); + if(StringUtils.isNotBlank(controlCommandId)){ + if(!currentProcessingIds.containsKey(controlCommandId)) { + processedIds.put(controlCommandId, Collections.emptySet()); + } else { + processedIds.put(controlCommandId, currentProcessingIds.get(controlCommandId)); + } + pendingIds.remove(controlCommandId); + currentProcessingIds.remove(controlCommandId); } } super.afterExecute(r, t); @@ -119,8 +132,38 @@ public ThreadPoolExecutor getExecutor() { return executor; } - public Set getProcessedIds() { + public Map> getProcessedIds() { return processedIds; } + public Set getPendingIds() { + return pendingIds; + } + + public void registerEventForProcessedCC(String controlCommandId, String eventId) { + if(StringUtils.isAnyBlank(controlCommandId, eventId)){ + return; + } + Set registeredEvents; + if(!currentProcessingIds.containsKey(controlCommandId)){ + synchronized (currentProcessingIds) { + if(!currentProcessingIds.containsKey(controlCommandId)){ + registeredEvents = ConcurrentHashMap.newKeySet(); + currentProcessingIds.put(controlCommandId, registeredEvents); + } else { + registeredEvents = currentProcessingIds.get(controlCommandId); + } + } + } else { + registeredEvents = currentProcessingIds.get(controlCommandId); + } + registeredEvents.add(eventId); + } + + public void removeFromProcessedCC(String controlCommandId) { + if(StringUtils.isNotBlank(controlCommandId)){ + processedIds.remove(controlCommandId); + } + } + } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/IASTDataTransferRequest.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/IASTDataTransferRequest.java index 0d1a14d09..9a7fe3b02 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/IASTDataTransferRequest.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/IASTDataTransferRequest.java @@ -4,7 +4,8 @@ import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter; import org.apache.commons.lang3.StringUtils; -import java.util.List; +import java.util.Map; +import java.util.Set; @JsonIgnoreProperties(ignoreUnknown = true) public class IASTDataTransferRequest { @@ -13,7 +14,9 @@ public class IASTDataTransferRequest { private int batchSize; - private List completedRequestIds; + private Set pendingRequestIds; + + private Map> completedRequests; private String sequenceNumber; @@ -38,12 +41,20 @@ public void setBatchSize(int batchSize) { this.batchSize = batchSize; } - public List getCompletedRequestIds() { - return completedRequestIds; + public Map> getCompletedRequests() { + return completedRequests; + } + + public void setCompletedRequests(Map> completedRequests) { + this.completedRequests = completedRequests; + } + + public Set getPendingRequestIds() { + return pendingRequestIds; } - public void setCompletedRequestIds(List completedRequestIds) { - this.completedRequestIds = completedRequestIds; + public void setPendingRequestIds(Set pendingRequestIds) { + this.pendingRequestIds = pendingRequestIds; } public String getJsonName() { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JavaAgentEventBean.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JavaAgentEventBean.java index 6459ee236..0641729b6 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JavaAgentEventBean.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JavaAgentEventBean.java @@ -20,6 +20,7 @@ public class JavaAgentEventBean extends AgentBasicInfo { private Long eventGenerationTime; private HttpRequest httpRequest; private String id; + private String parentId; private StackTraceElement[] stacktrace; private String caseType; private String eventCategory; @@ -294,4 +295,12 @@ public boolean getIsIASTRequest() { public void setIsIASTRequest(boolean isIASTRequest) { this.isIASTRequest = isIASTRequest; } + + public String getParentId() { + return parentId; + } + + public void setParentId(String parentId) { + this.parentId = parentId; + } } diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/GenericHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/GenericHelper.java index 92a2d5f68..c900be431 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/GenericHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/GenericHelper.java @@ -3,6 +3,7 @@ import com.newrelic.api.agent.security.NewRelicSecurity; public class GenericHelper { + public static final String CSEC_PARENT_ID = "nr-csec-parent-id"; public static boolean skipExistsEvent() { if (!(NewRelicSecurity.getAgent().getCurrentPolicy().getVulnerabilityScan().getEnabled() && diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/policy/Probing.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/policy/Probing.java index 43550f5fc..7afef484b 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/policy/Probing.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/policy/Probing.java @@ -4,8 +4,8 @@ import java.util.Objects; public class Probing { - private Integer interval = 1; - private Integer batchSize = 10; + private Integer interval = 5; + private Integer batchSize = 50; /** * No args constructor for use in serialization From a9ce5cbca4440f49155e73e60f43c020cee3e3f3 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Thu, 13 Jul 2023 12:59:35 +0530 Subject: [PATCH 26/80] Move use of getCustomAttr in helper to fix VerifyError Co-authored-by: Harshit Singh Lodha --- .../httpclient3/HttpMethodBase_Instrumentation.java | 11 ++++++----- .../security/httpclient3/SecurityHelper.java | 7 +++++++ 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java b/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java index ada34b350..051286999 100644 --- a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java +++ b/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java @@ -12,7 +12,6 @@ import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; -import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; import com.newrelic.api.agent.security.utils.SSRFUtils; @@ -24,7 +23,9 @@ import java.io.IOException; @Weave(type = MatchType.ExactClass, originalName = "org.apache.commons.httpclient.HttpMethodBase") -public abstract class HttpMethodBase_Instrumentation implements HttpMethod { +public abstract class HttpMethodBase_Instrumentation { + + public abstract URI getURI() throws URIException; public abstract void setRequestHeader(String headerName, String headerValue); public int execute(HttpState state, HttpConnection conn) throws HttpException, IOException { @@ -107,9 +108,9 @@ private AbstractOperation preprocessSecurityHook(HttpConnection conn, String met this.setRequestHeader(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, iastHeader); } - String csecParaentId = securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); - if(StringUtils.isNotBlank(csecParaentId)){ - this.setRequestHeader(GenericHelper.CSEC_PARENT_ID, csecParaentId); + String csecParentId = SecurityHelper.getParentId(); + if(csecParentId!= null && !csecParentId.isEmpty()){ + this.setRequestHeader(GenericHelper.CSEC_PARENT_ID, csecParentId); } SSRFOperation operation = new SSRFOperation(uri, diff --git a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/SecurityHelper.java b/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/SecurityHelper.java index b303c1816..942a99abd 100644 --- a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/SecurityHelper.java +++ b/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/SecurityHelper.java @@ -1,5 +1,8 @@ package com.nr.agent.instrumentation.security.httpclient3; +import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; + public class SecurityHelper { public static final String METHOD_NAME_EXECUTE = "execute"; @@ -26,4 +29,8 @@ public static String getURI(String scheme, String host, int port, String path) { } return sb.toString(); } + + public static String getParentId(){ + return NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + } } From f6cbd74859fcfe909b338f0fba8a063e65259b03 Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Thu, 13 Jul 2023 13:07:18 +0530 Subject: [PATCH 27/80] Update default repo and branch (#76) * Update default repo and branch Co-authored-by: Harshit Singh Lodha --- .github/actions/setup-environment/action.yml | 4 ++-- .github/workflows/X-Reusable-Build-Security-Agent.yml | 8 ++++---- .github/workflows/build-integrated-jar.yml | 4 ++-- .github/workflows/publish-main-snapshot-to-maven.yml | 4 ++-- .github/workflows/publish-release-to-maven.yml | 4 ++-- .github/workflows/publish-to-maven.yml | 8 ++++---- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/actions/setup-environment/action.yml b/.github/actions/setup-environment/action.yml index 87240a375..e8734b4ae 100644 --- a/.github/actions/setup-environment/action.yml +++ b/.github/actions/setup-environment/action.yml @@ -4,11 +4,11 @@ inputs: apm-repo: description: 'The repo of APM source code to use' required: true - default: 'newrelic/newrelic-java-agent' + default: 'k2io/newrelic-java-agent' apm-branch: description: 'The branch of APM source code to use' required: true - default: 'main' + default: 'csec-dev' apm-aws-access-key-id: description: 'APM AWS S3 access key id' apm-aws-secret-access-key: diff --git a/.github/workflows/X-Reusable-Build-Security-Agent.yml b/.github/workflows/X-Reusable-Build-Security-Agent.yml index 9deb74300..a084d358d 100644 --- a/.github/workflows/X-Reusable-Build-Security-Agent.yml +++ b/.github/workflows/X-Reusable-Build-Security-Agent.yml @@ -6,12 +6,12 @@ on: description: 'The repo of APM source code to use' required: true type: string - default: 'newrelic/newrelic-java-agent' + default: 'k2io/newrelic-java-agent' apm-source-ref: description: 'The source-ref of APM source code to use' required: true type: string - default: 'main' + default: 'csec-dev' run-unit-test: description: 'Run instrumentation unit tests ?' required: true @@ -33,12 +33,12 @@ on: description: 'The repo of APM source code to use' required: true type: string - default: 'newrelic/newrelic-java-agent' + default: 'k2io/newrelic-java-agent' apm-source-ref: description: 'The source-ref of APM source code to use' required: true type: string - default: 'main' + default: 'csec-dev' run-unit-test: description: 'Run instrumentation unit tests ?' required: true diff --git a/.github/workflows/build-integrated-jar.yml b/.github/workflows/build-integrated-jar.yml index d35cb0a42..6d5fc9751 100644 --- a/.github/workflows/build-integrated-jar.yml +++ b/.github/workflows/build-integrated-jar.yml @@ -5,11 +5,11 @@ on: apm-repo: description: 'The repo of APM source code to use' required: true - default: 'newrelic/newrelic-java-agent' + default: 'k2io/newrelic-java-agent' apm-source-ref: description: 'The source-ref of APM source code to use' required: true - default: 'main' + default: 'csec-dev' csec-run-unittest: description: 'Whether to run CSEC instrumentation unit tests' required: true diff --git a/.github/workflows/publish-main-snapshot-to-maven.yml b/.github/workflows/publish-main-snapshot-to-maven.yml index 6f7f1e6c5..1ebd2410f 100644 --- a/.github/workflows/publish-main-snapshot-to-maven.yml +++ b/.github/workflows/publish-main-snapshot-to-maven.yml @@ -9,8 +9,8 @@ jobs: uses: ./.github/workflows/publish-to-maven.yml secrets: inherit with: - apm-repo: 'newrelic/newrelic-java-agent' - apm-source-ref: 'main' + apm-repo: 'k2io/newrelic-java-agent' + apm-source-ref: 'csec-dev' csec-run-unittest: 'true' csec-run-instrumentation-verify: 'true' is-release: 'false' diff --git a/.github/workflows/publish-release-to-maven.yml b/.github/workflows/publish-release-to-maven.yml index 4b82d1090..2be4c1973 100644 --- a/.github/workflows/publish-release-to-maven.yml +++ b/.github/workflows/publish-release-to-maven.yml @@ -10,8 +10,8 @@ jobs: uses: ./.github/workflows/publish-to-maven.yml secrets: inherit with: - apm-repo: 'newrelic/newrelic-java-agent' - apm-source-ref: 'main' + apm-repo: 'k2io/newrelic-java-agent' + apm-source-ref: 'csec-dev' csec-run-unittest: 'true' csec-run-instrumentation-verify: 'true' is-release: 'true' diff --git a/.github/workflows/publish-to-maven.yml b/.github/workflows/publish-to-maven.yml index a962c3903..896d1563a 100644 --- a/.github/workflows/publish-to-maven.yml +++ b/.github/workflows/publish-to-maven.yml @@ -5,11 +5,11 @@ on: apm-repo: description: 'The repo of APM source code to use' required: true - default: 'newrelic/newrelic-java-agent' + default: 'k2io/newrelic-java-agent' apm-source-ref: description: 'The source-ref of APM source code to use' required: true - default: 'main' + default: 'csec-dev' csec-run-unittest: description: 'Whether to run CSEC instrumentation unit tests' required: true @@ -36,12 +36,12 @@ on: description: 'The repo of APM source code to use' required: true type: string - default: 'newrelic/newrelic-java-agent' + default: 'k2io/newrelic-java-agent' apm-source-ref: description: 'The source-ref of APM source code to use' required: true type: string - default: 'main' + default: 'csec-dev' csec-run-unittest: description: 'Whether to run CSEC instrumentation unit tests' required: true From 6c6b6949697b7b07c2aaa12d087ffe6b7a270be2 Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Wed, 19 Jul 2023 13:57:56 +0530 Subject: [PATCH 28/80] Update gradle.properties APM bump to 8.3.0 --- gradle.properties | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gradle.properties b/gradle.properties index 9b458a914..e8338ef7b 100644 --- a/gradle.properties +++ b/gradle.properties @@ -2,12 +2,12 @@ agentVersion=1.0.4 jsonVersion=1.0.1 # Updated exposed NR APM API version. -nrAPIVersion=8.3.0-SNAPSHOT +nrAPIVersion=8.3.0 # Actual NR APM Agent version # This is intentionally kept to an older NR agent version since it is only used as dependency for unit test framework & # verify instrumentation plugin. This will only be updated when either of these functions require the update. -nrAgentVersion=8.2.0 +nrAgentVersion=8.3.0 #org.gradle.jvmargs=-Xmx2048m org.gradle.jvmargs=-Xmx4g org.gradle.caching=true From 3122b7317e34dfab5d8b1f034de7d9637c2da574 Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Wed, 19 Jul 2023 16:37:32 +0530 Subject: [PATCH 29/80] 1.0.4 release change logs --- Changelog.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index 754beb75d..bb1d01c74 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,9 +4,10 @@ Noteworthy changes to the agent are documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## [1.0.4-limited-preview] - UPCOMING +## [1.0.4-limited-preview] - 2023-06-19 ### Changes - Limiting the supported version range for Apache log4j due to the new version release of Apache log4j on 21 June 2023 +- Support for indication what all API-IDs are scanned or being scanned. ## [1.0.3-limited-preview] - 2023-05-23 ### Changes From 352c1b4cc9707d318ead19edc4fbdad6ab3949c0 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 19 Jul 2023 17:30:23 +0530 Subject: [PATCH 30/80] Add matric for eventRejectionCount, eventProcessingErrorCount, eventSendRejectionCount, eventSendErrorCount Co-authored-by: Harshit Singh Lodha --- .../dispatcher/DispatcherPool.java | 17 ++++-- .../IASTDataTransferRequestProcessor.java | 3 + .../httpclient/RestRequestThreadPool.java | 12 +--- .../models/javaagent/JAHealthCheck.java | 56 +++++++++++++++++++ .../intcodeagent/websocket/EventSendPool.java | 2 + 5 files changed, 75 insertions(+), 15 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java index 19dd3b084..337b4afde 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java @@ -58,6 +58,7 @@ public EventAbortPolicy() { public void rejectedExecution(Runnable r, ThreadPoolExecutor e) { AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); AgentInfo.getInstance().getJaHealthCheck().incrementProcessedCount(); + AgentInfo.getInstance().getJaHealthCheck().incrementEventRejectionCount(); // logger.log(LogLevel.FINE,"Event Task " + r.toString() + " rejected from " + e.toString(), EventThreadPool.class.getName()); } } @@ -81,6 +82,7 @@ protected void afterExecute(Runnable r, Throwable t) { } } catch (Throwable e) { AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); + AgentInfo.getInstance().getJaHealthCheck().incrementEventProcessingErrorCount(); } } super.afterExecute(r, t); @@ -135,11 +137,16 @@ public void dispatchEvent(AbstractOperation operation, SecurityMetaData security } } - // Register in Processed CC map - if(StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { - RestRequestThreadPool.getInstance() - .registerEventForProcessedCC(securityMetaData.getCustomAttribute( - GenericHelper.CSEC_PARENT_ID, String.class), operation.getExecutionId()); + try { + // Register in Processed CC map + if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { + RestRequestThreadPool.getInstance() + .registerEventForProcessedCC(securityMetaData.getCustomAttribute( + GenericHelper.CSEC_PARENT_ID, String.class), operation.getExecutionId()); + } + } catch (Throwable e) { + // TODO : remove before merge + e.printStackTrace(); } this.executor.submit(new Dispatcher(operation, new SecurityMetaData(securityMetaData))); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java index daee5defd..3956c2de6 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java @@ -62,6 +62,9 @@ private void task() { int remainingRecordCapacity = RestRequestThreadPool.getInstance().getQueue().remainingCapacity(); int currentRecordBacklog = RestRequestThreadPool.getInstance().getQueue().size(); int batchSize = currentFetchThreshold - currentRecordBacklog; + + // Take dispatcher and eventSender queues into account + if (batchSize > 100 && remainingRecordCapacity > batchSize) { request = new IASTDataTransferRequest(NewRelicSecurity.getAgent().getAgentUUID()); request.setBatchSize(batchSize); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index 31076fbed..c4e7c32b6 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -146,17 +146,9 @@ public void registerEventForProcessedCC(String controlCommandId, String eventId) } Set registeredEvents; if(!currentProcessingIds.containsKey(controlCommandId)){ - synchronized (currentProcessingIds) { - if(!currentProcessingIds.containsKey(controlCommandId)){ - registeredEvents = ConcurrentHashMap.newKeySet(); - currentProcessingIds.put(controlCommandId, registeredEvents); - } else { - registeredEvents = currentProcessingIds.get(controlCommandId); - } - } - } else { - registeredEvents = currentProcessingIds.get(controlCommandId); + currentProcessingIds.putIfAbsent(controlCommandId, ConcurrentHashMap.newKeySet()); } + registeredEvents = currentProcessingIds.get(controlCommandId); registeredEvents.add(eventId); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java index 6a91d52fc..140a5da8a 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java @@ -22,6 +22,14 @@ public class JAHealthCheck extends AgentBasicInfo { private AtomicInteger eventDropCount; + private AtomicInteger eventRejectionCount; + + private AtomicInteger eventProcessingErrorCount; + + private AtomicInteger eventSendRejectionCount; + + private AtomicInteger eventSendErrorCount; + private IdentifierEnvs kind; private AtomicInteger eventProcessed; @@ -109,6 +117,54 @@ public void incrementDropCount() { this.eventDropCount.getAndIncrement(); } + public AtomicInteger getEventRejectionCount() { + return eventRejectionCount; + } + + public void setEventRejectionCount(int eventRejectionCount) { + this.eventRejectionCount.set(eventRejectionCount); + } + + public int incrementEventRejectionCount(){ + return eventRejectionCount.incrementAndGet(); + } + + public AtomicInteger getEventProcessingErrorCount() { + return eventProcessingErrorCount; + } + + public void setEventProcessingErrorCount(int eventProcessingErrorCount) { + this.eventProcessingErrorCount.set(eventProcessingErrorCount); + } + + public int incrementEventProcessingErrorCount() { + return eventProcessingErrorCount.incrementAndGet(); + } + + public AtomicInteger getEventSendRejectionCount() { + return eventSendRejectionCount; + } + + public void setEventSendRejectionCount(int eventSendRejectionCount) { + this.eventSendRejectionCount.set(eventSendRejectionCount); + } + + public int incrementEventSendRejectionCount() { + return this.eventSendRejectionCount.incrementAndGet(); + } + + public AtomicInteger getEventSendErrorCount() { + return eventSendErrorCount; + } + + public void setEventSendErrorCount(int eventSendErrorCount) { + this.eventSendErrorCount.set(eventSendErrorCount); + } + + public int incrementEventSendErrorCount() { + return this.eventSendErrorCount.incrementAndGet(); + } + public void incrementProcessedCount() { this.eventProcessed.getAndIncrement(); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java index f90c7def8..fba86445b 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java @@ -50,6 +50,7 @@ protected void afterExecute(Runnable r, Throwable t) { } } catch (Throwable e) { AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); + AgentInfo.getInstance().getJaHealthCheck().incrementEventSendErrorCount(); } } super.afterExecute(r, t); @@ -134,6 +135,7 @@ public void rejectedExecution(Runnable r, ThreadPoolExecutor e) { logger.log(LogLevel.FINER, "Event Task " + r.toString() + " rejected from " + e.toString(), EventSendPool.class.getName()); AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); AgentInfo.getInstance().getJaHealthCheck().incrementProcessedCount(); + AgentInfo.getInstance().getJaHealthCheck().incrementEventSendRejectionCount(); } } From d7c372ddade98784cfd325558d733993b3b41f32 Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Thu, 20 Jul 2023 10:57:31 +0530 Subject: [PATCH 31/80] Update Changelog.md --- Changelog.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index bb1d01c74..9a8ed6c47 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,7 +4,7 @@ Noteworthy changes to the agent are documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## [1.0.4-limited-preview] - 2023-06-19 +## [1.0.4-public-preview] - 2023-06-20 ### Changes - Limiting the supported version range for Apache log4j due to the new version release of Apache log4j on 21 June 2023 - Support for indication what all API-IDs are scanned or being scanned. From 3ee6f1d18c165175079ba9eba15d0f1f93d8aa65 Mon Sep 17 00:00:00 2001 From: Harshit Singh Lodha Date: Thu, 20 Jul 2023 11:33:38 +0530 Subject: [PATCH 32/80] Change in release prefix. --- .github/workflows/publish-release-to-maven.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-release-to-maven.yml b/.github/workflows/publish-release-to-maven.yml index 2be4c1973..435e0c623 100644 --- a/.github/workflows/publish-release-to-maven.yml +++ b/.github/workflows/publish-release-to-maven.yml @@ -15,5 +15,5 @@ jobs: csec-run-unittest: 'true' csec-run-instrumentation-verify: 'true' is-release: 'true' - version-suffix: '-limited-preview' + version-suffix: '-public-preview' slack-notify: 'true' \ No newline at end of file From cd505adeb3f63275237d598243f869f4feaf6d76 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Fri, 21 Jul 2023 17:42:21 +0530 Subject: [PATCH 33/80] Updated url mapping pojo for the final approved fields --- .../schema/ApplicationURLMapping.java | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java index fb6e5ca04..8b48ab5da 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ApplicationURLMapping.java @@ -4,17 +4,17 @@ public class ApplicationURLMapping { private String method; - private String url; + private String path; private String handler; public ApplicationURLMapping(String method, String url) { this.method = method; - this.url = url; + this.path = url; } public ApplicationURLMapping(String method, String url, String handler) { this.method = method; - this.url = url; + this.path = url; this.handler = handler; } @@ -34,12 +34,12 @@ public void setMethod(String method) { this.method = method; } - public String getUrl() { - return url; + public String getPath() { + return path; } - public void setUrl(String url) { - this.url = url; + public void setPath(String path) { + this.path = path; } @Override @@ -50,18 +50,18 @@ public boolean equals(Object obj) { if (obj instanceof ApplicationURLMapping) { ApplicationURLMapping mapping = (ApplicationURLMapping) obj; - return url.equals(mapping.url) && method.equals(mapping.method) && handler.equals(mapping.handler); + return path.equals(mapping.path) && method.equals(mapping.method) && handler.equals(mapping.handler); } return false; } @Override public String toString() { - return String.format("Method: %s, Url: %s, Handler: %s", method, url, handler); + return String.format("Method: %s, Url: %s, Handler: %s", method, path, handler); } @Override public int hashCode() { - return Objects.hash(method, url, handler); + return Objects.hash(method, path, handler); } } From 985b6b666630ba189c4665c2359dadaaa4c40e58 Mon Sep 17 00:00:00 2001 From: Harshit Singh Lodha Date: Wed, 26 Jul 2023 12:39:35 +0530 Subject: [PATCH 34/80] Introduced random reconnection delay in WS connection --- .../security/intcodeagent/utils/CommonUtils.java | 14 ++++++++++++++ .../security/intcodeagent/websocket/WSClient.java | 4 +++- .../intcodeagent/websocket/WSReconnectionST.java | 6 +++++- .../security/intcodeagent/websocket/WSUtils.java | 1 + 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/CommonUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/CommonUtils.java index f65e74937..d518684bb 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/CommonUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/CommonUtils.java @@ -24,6 +24,7 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.nio.file.attribute.PosixFilePermissions; +import java.security.SecureRandom; import java.util.Arrays; import java.util.Collection; import java.util.Stack; @@ -34,6 +35,8 @@ public class CommonUtils { public static final String POLICY_WRITE_FAILED = "policy write failed : "; public static final String POLICY_WRITTEN_TO_FILE = "policy written to file : "; + public static SecureRandom secureRandom = new SecureRandom(); + public static boolean validateCollectorPolicyParameterSchema(AgentPolicyParameters policyParameters) { try { @@ -149,4 +152,15 @@ public static void deleteRolloverLogFiles(String fileName, int max) { } } } + + + /** + * Generate random int between range start to end. Both inclusive. + * @param start lower bound + * @param end upper bound + * @return random int + */ + public static int generateSecureRandomBetween(int start, int end) { + return secureRandom.nextInt(end-start) + start; + } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java index 0ee15dabb..f84ba0e66 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java @@ -212,7 +212,9 @@ public void onClose(int code, String reason, boolean remote) { } if (code != CloseFrame.POLICY_VALIDATION && code != CloseFrame.NORMAL) { - WSReconnectionST.getInstance().submitNewTaskSchedule(15); + int delay = CommonUtils.generateSecureRandomBetween(5, 15); + logger.log(LogLevel.INFO, String.format(WSUtils.NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS, delay), WSReconnectionST.class.getName()); + WSReconnectionST.getInstance().submitNewTaskSchedule(delay); } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java index c20ba1f3f..d42a23091 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java @@ -3,7 +3,9 @@ import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; +import com.newrelic.agent.security.intcodeagent.utils.CommonUtils; +import java.security.SecureRandom; import java.util.concurrent.*; import java.util.concurrent.atomic.AtomicInteger; @@ -31,7 +33,9 @@ public void run() { logger.postLogMessageIfNecessary(LogLevel.SEVERE, ERROR_WHILE_WS_RECONNECTION + e.getMessage() + COLON_SEPARATOR + e.getCause(), e, WSClient.class.getName()); } finally { if (!WSUtils.isConnected()) { - futureTask = scheduledService.schedule(runnable, 15, TimeUnit.SECONDS); + int delay = CommonUtils.generateSecureRandomBetween(5, 15); + logger.log(LogLevel.INFO, String.format(WSUtils.NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS, delay), WSReconnectionST.class.getName()); + futureTask = scheduledService.schedule(runnable, delay, TimeUnit.SECONDS); } } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java index 05fc88741..66ef0e301 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java @@ -5,6 +5,7 @@ import java.util.concurrent.atomic.AtomicBoolean; public class WSUtils { + public static final String NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS = "Next WS connection attempt will be in %s seconds"; private static WSUtils instance; private static final Object lock = new Object(); From d92d3b60dcc6b3ecaa9b2e44bd642b5d37e47012 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 26 Jul 2023 12:44:27 +0530 Subject: [PATCH 35/80] Add Usage matrics for RASP and IAST events. Updated rejection policies Reserve space for RASP events in Dispatcher and EventSend Pool Co-authored-by: Harshit Singh Lodha --- .../instrumentator/dispatcher/Dispatcher.java | 35 +++++++++++++------ .../dispatcher/DispatcherPool.java | 20 ++++++++++- .../IASTDataTransferRequestProcessor.java | 9 +++++ .../httpclient/RestRequestThreadPool.java | 4 +++ .../intcodeagent/websocket/EventSendPool.java | 23 +++++++++++- .../intcodeagent/websocket/EventSender.java | 4 +++ .../agent/security/util/AgentUsageMetric.java | 24 +++++++++++++ 7 files changed, 106 insertions(+), 13 deletions(-) create mode 100644 newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/AgentUsageMetric.java diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java index 101b2bc0f..a6900813c 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java @@ -26,6 +26,7 @@ import java.io.File; import java.io.ObjectInputStream; import java.util.*; +import java.util.concurrent.Callable; import java.util.concurrent.atomic.AtomicBoolean; import static com.newrelic.agent.security.intcodeagent.logging.IAgentConstants.*; @@ -33,7 +34,7 @@ /** * Agent utility for out of band processing and sending of events to K2 validator. */ -public class Dispatcher implements Runnable { +public class Dispatcher implements Callable { private static final String SEPARATOR_QUESTIONMARK = "?"; private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance(); @@ -55,6 +56,18 @@ public class Dispatcher implements Runnable { private boolean isNRCode = false; private static AtomicBoolean firstEventSent = new AtomicBoolean(false); + public ExitEventBean getExitEventBean() { + return exitEventBean; + } + + public AbstractOperation getOperation() { + return operation; + } + + public SecurityMetaData getSecurityMetaData() { + return securityMetaData; + } + public Dispatcher(AbstractOperation operation, SecurityMetaData securityMetaData) { this.securityMetaData = securityMetaData; this.operation = operation; @@ -72,11 +85,11 @@ public Dispatcher(ExitEventBean exitEventBean) { * Followed by delegated sending of event. */ @Override - public void run() { + public Object call() throws Exception { try { if (this.exitEventBean != null) { EventSendPool.getInstance().sendEvent(exitEventBean); - return; + return null; } if (!firstEventSent.get()) { logger.logInit(LogLevel.INFO, SENDING_EVENT_ZERO, this.getClass().getName()); @@ -84,7 +97,7 @@ public void run() { if (operation == null) { // Invalid Event. Just drop. - return; + return null; } JavaAgentEventBean eventBean = prepareEvent(securityMetaData.getRequest(), securityMetaData.getMetaData(), @@ -93,12 +106,12 @@ public void run() { switch (operation.getCaseType()) { case REFLECTED_XSS: processReflectedXSSEvent(eventBean); - return; + return null; case FILE_OPERATION: FileOperation fileOperationalBean = (FileOperation) operation; eventBean = processFileOperationEvent(eventBean, fileOperationalBean); if (eventBean == null) { - return; + return null; } break; case SYSTEM_COMMAND: @@ -118,7 +131,7 @@ public void run() { try { eventBean = prepareNoSQLEvent(eventBean, noSQLOperationalBean); } catch (Throwable e) { - return; + return null; } break; @@ -127,10 +140,10 @@ public void run() { try { eventBean = prepareDynamoDBEvent(eventBean, dynamoDBOperation); if (eventBean == null) { - return; + return null; } } catch (Throwable e) { - return; + return null; } break; @@ -190,7 +203,7 @@ public void run() { eventBean = processStackTrace(eventBean, operation.getCaseType(), true); } if (eventBean == null) { - return; + return null; } } @@ -203,6 +216,7 @@ public void run() { } catch (Throwable e) { e.printStackTrace(); } + return null; } @Nullable @@ -596,5 +610,4 @@ private JavaAgentEventBean prepareEvent(HttpRequest httpRequestBean, AgentMetaDa } return eventBean; } - } \ No newline at end of file diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java index 337b4afde..45446b719 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java @@ -2,10 +2,13 @@ import com.newrelic.agent.security.AgentInfo; import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool; +import com.newrelic.agent.security.intcodeagent.executor.CustomFutureTask; +import com.newrelic.agent.security.intcodeagent.executor.CustomThreadPoolExecutor; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; import com.newrelic.agent.security.intcodeagent.models.javaagent.ExitEventBean; +import com.newrelic.agent.security.util.AgentUsageMetric; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; @@ -56,6 +59,15 @@ public EventAbortPolicy() { * @throws RejectedExecutionException always */ public void rejectedExecution(Runnable r, ThreadPoolExecutor e) { + if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof Dispatcher) { + Dispatcher dispatcher = (Dispatcher) ((CustomFutureTask) r).getTask(); + if(dispatcher.getSecurityMetaData()!= null && dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getK2Request()){ + String fuzzRequestId = dispatcher.getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); + if(RestRequestThreadPool.getInstance().getCurrentProcessingIds().containsKey(fuzzRequestId)){ + RestRequestThreadPool.getInstance().getCurrentProcessingIds().remove(fuzzRequestId); + } + } + } AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); AgentInfo.getInstance().getJaHealthCheck().incrementProcessedCount(); AgentInfo.getInstance().getJaHealthCheck().incrementEventRejectionCount(); @@ -68,7 +80,7 @@ private DispatcherPool() { // load the settings processQueue = new LinkedBlockingQueue<>(queueSize); eid = ConcurrentHashMap.newKeySet(); - executor = new ThreadPoolExecutor(corePoolSize, maxPoolSize, keepAliveTime, timeUnit, processQueue, + executor = new CustomThreadPoolExecutor(corePoolSize, maxPoolSize, keepAliveTime, timeUnit, processQueue, new EventAbortPolicy()) { @Override @@ -131,6 +143,12 @@ public void dispatchEvent(AbstractOperation operation, SecurityMetaData security if (executor.isShutdown()) { return; } + + if(!securityMetaData.getFuzzRequestIdentifier().getK2Request() && !AgentUsageMetric.isRASPProcessingActive()){ + AgentInfo.getInstance().getJaHealthCheck().incrementEventRejectionCount(); + return; + } + if (!operation.isEmpty() && securityMetaData.getFuzzRequestIdentifier().getK2Request()) { if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID()) && StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getNextStage().getStatus(), IAgentConstants.VULNERABLE)) { eid.add(operation.getExecutionId()); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java index 3956c2de6..b253fcd7e 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java @@ -1,11 +1,13 @@ package com.newrelic.agent.security.instrumentator.httpclient; +import com.newrelic.agent.security.AgentInfo; import com.newrelic.agent.security.intcodeagent.executor.CustomFutureTask; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.models.IASTDataTransferRequest; import com.newrelic.agent.security.intcodeagent.websocket.WSClient; import com.newrelic.agent.security.intcodeagent.websocket.WSUtils; +import com.newrelic.agent.security.util.AgentUsageMetric; import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; @@ -38,6 +40,10 @@ public class IASTDataTransferRequestProcessor { private void task() { IASTDataTransferRequest request = null; try { + if(!AgentUsageMetric.isIASTRequestProcessingActive()){ + return; + } + if (WSUtils.getInstance().isReconnecting() || !WSClient.getInstance().isOpen()) { synchronized (WSUtils.getInstance()) { @@ -59,6 +65,9 @@ private void task() { int currentFetchThreshold = NewRelic.getAgent().getConfig() .getValue(SECURITY_POLICY_VULNERABILITY_SCAN_IAST_SCAN_PROBING_THRESHOLD, 300); + if(!AgentUsageMetric.isRASPProcessingActive()){ + currentFetchThreshold /= 2; + } int remainingRecordCapacity = RestRequestThreadPool.getInstance().getQueue().remainingCapacity(); int currentRecordBacklog = RestRequestThreadPool.getInstance().getQueue().size(); int batchSize = currentFetchThreshold - currentRecordBacklog; diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index c4e7c32b6..2e9f48d56 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -136,6 +136,10 @@ public Map> getProcessedIds() { return processedIds; } + public Map> getCurrentProcessingIds() { + return currentProcessingIds; + } + public Set getPendingIds() { return pendingIds; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java index fba86445b..5589803ed 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java @@ -1,9 +1,13 @@ package com.newrelic.agent.security.intcodeagent.websocket; import com.newrelic.agent.security.AgentInfo; +import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool; +import com.newrelic.agent.security.intcodeagent.executor.CustomFutureTask; +import com.newrelic.agent.security.intcodeagent.executor.CustomThreadPoolExecutor; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.models.javaagent.JavaAgentEventBean; +import com.newrelic.agent.security.util.AgentUsageMetric; import java.util.Map; import java.util.concurrent.*; @@ -38,7 +42,7 @@ private EventSendPool() { boolean allowCoreThreadTimeOut = false; - executor = new ThreadPoolExecutor(corePoolSize, maxPoolSize, keepAliveTime, timeUnit, + executor = new CustomThreadPoolExecutor(corePoolSize, maxPoolSize, keepAliveTime, timeUnit, new LinkedBlockingQueue(queueSize), new EventAbortPolicy()) { @Override protected void afterExecute(Runnable r, Throwable t) { @@ -82,6 +86,10 @@ public void sendEvent(String event) { } public void sendEvent(JavaAgentEventBean event) { + if(!event.getIsIASTRequest() && !AgentUsageMetric.isRASPProcessingActive()){ + AgentInfo.getInstance().getJaHealthCheck().incrementEventSendRejectionCount(); + return; + } executor.submit(new EventSender(event)); AgentInfo.getInstance().getJaHealthCheck().incrementEventSentCount(); } @@ -132,6 +140,19 @@ public EventAbortPolicy() { * @throws RejectedExecutionException always */ public void rejectedExecution(Runnable r, ThreadPoolExecutor e) { + if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof EventSender) { + EventSender eventSender = (EventSender) ((CustomFutureTask) r).getTask(); + if (eventSender.getEvent() instanceof JavaAgentEventBean) { + JavaAgentEventBean event = (JavaAgentEventBean) eventSender.getEvent(); + if(event.getIsIASTRequest()){ + String fuzzRequestId = event.getParentId(); + if(RestRequestThreadPool.getInstance().getCurrentProcessingIds().containsKey(fuzzRequestId)){ + RestRequestThreadPool.getInstance().getCurrentProcessingIds().remove(fuzzRequestId); + } + } + } + } + logger.log(LogLevel.FINER, "Event Task " + r.toString() + " rejected from " + e.toString(), EventSendPool.class.getName()); AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); AgentInfo.getInstance().getJaHealthCheck().incrementProcessedCount(); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSender.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSender.java index 8657f03a4..893f5687a 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSender.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSender.java @@ -19,6 +19,10 @@ public EventSender(JavaAgentEventBean event) { this.event = event; } + public Object getEvent() { + return event; + } + public EventSender(Object event) { this.event = event; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/AgentUsageMetric.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/AgentUsageMetric.java new file mode 100644 index 000000000..56023756f --- /dev/null +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/AgentUsageMetric.java @@ -0,0 +1,24 @@ +package com.newrelic.agent.security.util; + +import com.newrelic.agent.security.intcodeagent.websocket.EventSendPool; + +public class AgentUsageMetric { + + public static Boolean isRASPProcessingActive() { + if(EventSendPool.getInstance().getExecutor().getQueue().size() > + EventSendPool.getInstance().getExecutor().getMaximumPoolSize()/2){ + return false; + } + return true; + } + + public static Boolean isIASTRequestProcessingActive() { + if(EventSendPool.getInstance().getExecutor().getQueue().size() > + EventSendPool.getInstance().getExecutor().getMaximumPoolSize()*2/3){ + return false; + } + return true; + } + + +} From 375a068c0d29acd0e96a243175085c80eb6fdedc Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 26 Jul 2023 12:56:12 +0530 Subject: [PATCH 36/80] Version update to 1.0.5 Add Supported Vulnerabilities to README.md Co-authored-by: Harshit Singh Lodha --- Changelog.md | 3 +++ README.md | 20 ++++++++++++++++++++ gradle.properties | 4 ++-- 3 files changed, 25 insertions(+), 2 deletions(-) diff --git a/Changelog.md b/Changelog.md index 9a8ed6c47..80959a77e 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,6 +4,9 @@ Noteworthy changes to the agent are documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.0.5-public-preview] - To Be Decided +### Changes + ## [1.0.4-public-preview] - 2023-06-20 ### Changes - Limiting the supported version range for Apache log4j due to the new version release of Apache log4j on 21 June 2023 diff --git a/README.md b/README.md index afaefd347..3307c5396 100644 --- a/README.md +++ b/README.md @@ -84,6 +84,26 @@ The agent automatically instruments the following HTTP clients and messaging ser - DynamoDB-1.11.80 to latest - DyanamoDB-2.1.0 to latest +## **Supported Vulnerabilities** +* Remote Code Execution +* SQL Injection +* NoSQL Injection +* Stored XSS +* Reflected XSS +* Reverse Shell attack +* File Access +* SSRF +* Application Integrity Violation +* LDAP Injection +* XPath Injection +* Weak Cryptographic Algorithm +* Weak Hash Algorithm +* Insecure Randomness +* Trust Boundary Violation +* Secure Cookie +* XQuery Injection +* JavaScript Code Injection + ## **Building** #### **JDK requirements** diff --git a/gradle.properties b/gradle.properties index e8338ef7b..d5295ac62 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,6 +1,6 @@ # The agent version. -agentVersion=1.0.4 -jsonVersion=1.0.1 +agentVersion=1.0.5 +jsonVersion=1.1.0 # Updated exposed NR APM API version. nrAPIVersion=8.3.0 From 083e55b802d3e7f5b58230d82ac484501a53d4c2 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 26 Jul 2023 13:00:58 +0530 Subject: [PATCH 37/80] Minor update to initialisation Co-authored-by: Harshit Singh Lodha --- .../intcodeagent/models/javaagent/JAHealthCheck.java | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java index 140a5da8a..3437891ea 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java @@ -56,6 +56,10 @@ public JAHealthCheck(String applicationUUID) { this.eventSentCount = new AtomicInteger(0); this.httpRequestCount = new AtomicInteger(0); this.exitEventSentCount = new AtomicInteger(0); + this.eventRejectionCount = new AtomicInteger(0); + this.eventProcessingErrorCount = new AtomicInteger(0); + this.eventSendRejectionCount = new AtomicInteger(0); + this.eventSendErrorCount = new AtomicInteger(0); this.stats = new HashMap<>(); this.serviceStatus = new HashMap<>(); this.setKind(AgentInfo.getInstance().getApplicationInfo().getIdentifier().getKind()); @@ -70,6 +74,10 @@ public JAHealthCheck(JAHealthCheck jaHealthCheck) { this.eventSentCount = jaHealthCheck.eventSentCount; this.exitEventSentCount = jaHealthCheck.exitEventSentCount; this.httpRequestCount = jaHealthCheck.httpRequestCount; + this.eventRejectionCount = jaHealthCheck.eventRejectionCount; + this.eventProcessingErrorCount = jaHealthCheck.eventProcessingErrorCount; + this.eventSendRejectionCount = jaHealthCheck.eventSendRejectionCount; + this.eventSendErrorCount = jaHealthCheck.eventSendErrorCount; this.kind = jaHealthCheck.kind; this.stats = jaHealthCheck.stats; this.serviceStatus = jaHealthCheck.serviceStatus; From 4604b737d8bee16ad789c7f7c008236da90deac5 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Thu, 27 Jul 2023 16:27:44 +0530 Subject: [PATCH 38/80] HealthCheck matric improvements Include DispatcherPool stats in consideration to mark IAST/RASP processing active/deactive Co-authored-by: Harshit Singh Lodha --- .../dispatcher/DispatcherPool.java | 92 ++++++++++++++----- .../IASTDataTransferRequestProcessor.java | 9 +- .../logging/HealthCheckScheduleThread.java | 23 +++-- .../models/javaagent/EventStats.java | 91 ++++++++++++++++++ .../models/javaagent/JAHealthCheck.java | 82 +++++++++++++++++ .../models/javaagent/ThreadPoolStats.java | 44 +++++++++ .../intcodeagent/websocket/EventSendPool.java | 68 +++++++++++--- .../agent/security/util/AgentUsageMetric.java | 9 ++ .../agent/security/util/IUtilConstants.java | 4 + 9 files changed, 374 insertions(+), 48 deletions(-) create mode 100644 newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/EventStats.java create mode 100644 newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ThreadPoolStats.java diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java index 45446b719..b6294f5cc 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java @@ -7,8 +7,10 @@ import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; +import com.newrelic.agent.security.intcodeagent.models.javaagent.EventStats; import com.newrelic.agent.security.intcodeagent.models.javaagent.ExitEventBean; import com.newrelic.agent.security.util.AgentUsageMetric; +import com.newrelic.agent.security.util.IUtilConstants; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; @@ -39,6 +41,10 @@ public class DispatcherPool { private Set eid; + public ThreadPoolExecutor getExecutor() { + return executor; + } + /** * A handler for rejected tasks that throws a @@ -63,15 +69,22 @@ public void rejectedExecution(Runnable r, ThreadPoolExecutor e) { Dispatcher dispatcher = (Dispatcher) ((CustomFutureTask) r).getTask(); if(dispatcher.getSecurityMetaData()!= null && dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getK2Request()){ String fuzzRequestId = dispatcher.getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); - if(RestRequestThreadPool.getInstance().getCurrentProcessingIds().containsKey(fuzzRequestId)){ - RestRequestThreadPool.getInstance().getCurrentProcessingIds().remove(fuzzRequestId); + RestRequestThreadPool.getInstance().getCurrentProcessingIds().remove(fuzzRequestId); + } + + if(dispatcher.getSecurityMetaData() != null) { + if(dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getK2Request()){ + AgentInfo.getInstance().getJaHealthCheck().getIastEventStats().incrementRejectedCount(); + } else { + AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats().incrementRejectedCount(); } + } else if (dispatcher.getExitEventBean() != null) { + AgentInfo.getInstance().getJaHealthCheck().getExitEventStats().incrementRejectedCount(); } } AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); - AgentInfo.getInstance().getJaHealthCheck().incrementProcessedCount(); AgentInfo.getInstance().getJaHealthCheck().incrementEventRejectionCount(); -// logger.log(LogLevel.FINE,"Event Task " + r.toString() + " rejected from " + e.toString(), EventThreadPool.class.getName()); + logger.log(LogLevel.FINEST,"Event Dispatch Task " + r.toString() + " rejected from " + e.toString(), DispatcherPool.class.getName()); } } @@ -85,24 +98,23 @@ private DispatcherPool() { @Override protected void afterExecute(Runnable r, Throwable t) { - if (r instanceof Future) { - try { - Future future = (Future) r; - if (future.isDone()) { - AgentInfo.getInstance().getJaHealthCheck().incrementProcessedCount(); - future.get(); - } - } catch (Throwable e) { + try { + if( t != null) { AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); AgentInfo.getInstance().getJaHealthCheck().incrementEventProcessingErrorCount(); + incrementCount(r, IUtilConstants.ERROR); + } else { + AgentInfo.getInstance().getJaHealthCheck().incrementProcessedCount(); + incrementCount(r, IUtilConstants.PROCESSED); } + } catch (Throwable ignored) { + logger.log(LogLevel.FINEST, "Error while Dispatcher matric processing", ignored, DispatcherPool.class.getName()); } super.afterExecute(r, t); } @Override protected void beforeExecute(Thread t, Runnable r) { - // TODO increment event proccessed count super.beforeExecute(t, r); } @@ -121,6 +133,41 @@ public Thread newThread(Runnable r) { }); } + private void incrementCount(Runnable r, String type) { + EventStats eventStats = null; + if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof Dispatcher) { + Dispatcher dispatcher = (Dispatcher) ((CustomFutureTask) r).getTask(); + if(dispatcher.getSecurityMetaData() != null) { + if(dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getK2Request()){ + eventStats = AgentInfo.getInstance().getJaHealthCheck().getIastEventStats(); + } else { + eventStats = AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats(); + } + } else if (dispatcher.getExitEventBean() != null) { + eventStats = AgentInfo.getInstance().getJaHealthCheck().getExitEventStats(); + } + } + if(eventStats == null){ + return; + } + switch (type){ + case IUtilConstants.ERROR: + eventStats.incrementErrorCount(); + break; + case IUtilConstants.PROCESSED: + eventStats.incrementProcessedCount(); + break; + case IUtilConstants.SENT: + eventStats.incrementSentCount(); + break; + case IUtilConstants.REJECTED: + eventStats.incrementRejectedCount(); + break; + default: + logger.log(LogLevel.FINEST, String.format("Couldn't update event matric for task :%s and type : %s", r, type), DispatcherPool.class.getName()); + } + } + public static DispatcherPool getInstance() { if (instance == null) { @@ -140,11 +187,14 @@ public Set getEid() { public void dispatchEvent(AbstractOperation operation, SecurityMetaData securityMetaData) { + AgentInfo.getInstance().getJaHealthCheck().incrementInvokedHookCount(); + if (executor.isShutdown()) { return; } if(!securityMetaData.getFuzzRequestIdentifier().getK2Request() && !AgentUsageMetric.isRASPProcessingActive()){ + AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats().incrementRejectedCount(); AgentInfo.getInstance().getJaHealthCheck().incrementEventRejectionCount(); return; } @@ -154,17 +204,11 @@ public void dispatchEvent(AbstractOperation operation, SecurityMetaData security eid.add(operation.getExecutionId()); } } - - try { - // Register in Processed CC map - if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { - RestRequestThreadPool.getInstance() - .registerEventForProcessedCC(securityMetaData.getCustomAttribute( - GenericHelper.CSEC_PARENT_ID, String.class), operation.getExecutionId()); - } - } catch (Throwable e) { - // TODO : remove before merge - e.printStackTrace(); + // Register in Processed CC map + if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { + RestRequestThreadPool.getInstance() + .registerEventForProcessedCC(securityMetaData.getCustomAttribute( + GenericHelper.CSEC_PARENT_ID, String.class), operation.getExecutionId()); } this.executor.submit(new Dispatcher(operation, new SecurityMetaData(securityMetaData))); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java index b253fcd7e..83db6e9c7 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java @@ -65,14 +65,13 @@ private void task() { int currentFetchThreshold = NewRelic.getAgent().getConfig() .getValue(SECURITY_POLICY_VULNERABILITY_SCAN_IAST_SCAN_PROBING_THRESHOLD, 300); - if(!AgentUsageMetric.isRASPProcessingActive()){ - currentFetchThreshold /= 2; - } + int remainingRecordCapacity = RestRequestThreadPool.getInstance().getQueue().remainingCapacity(); int currentRecordBacklog = RestRequestThreadPool.getInstance().getQueue().size(); int batchSize = currentFetchThreshold - currentRecordBacklog; - - // Take dispatcher and eventSender queues into account + if(!AgentUsageMetric.isRASPProcessingActive()){ + batchSize /= 2; + } if (batchSize > 100 && remainingRecordCapacity > batchSize) { request = new IASTDataTransferRequest(NewRelicSecurity.getAgent().getAgentUUID()); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java index 62b68f74c..417901b96 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java @@ -1,6 +1,7 @@ package com.newrelic.agent.security.intcodeagent.logging; import com.newrelic.agent.security.AgentInfo; +import com.newrelic.agent.security.instrumentator.dispatcher.DispatcherPool; import com.newrelic.agent.security.instrumentator.httpclient.RestClient; import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool; import com.newrelic.agent.security.instrumentator.os.OSVariables; @@ -9,7 +10,9 @@ import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.models.javaagent.JAHealthCheck; +import com.newrelic.agent.security.intcodeagent.models.javaagent.ThreadPoolStats; import com.newrelic.agent.security.intcodeagent.schedulers.SchedulerHelper; +import com.newrelic.agent.security.intcodeagent.websocket.EventSendPool; import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter; import com.newrelic.agent.security.intcodeagent.websocket.WSClient; import com.newrelic.agent.security.intcodeagent.websocket.WSUtils; @@ -67,6 +70,7 @@ public void run() { AgentInfo.getInstance().getJaHealthCheck().setStats(populateJVMStats()); AgentInfo.getInstance().getJaHealthCheck().setServiceStatus(getServiceStatus()); + AgentInfo.getInstance().getJaHealthCheck().setThreadPoolStats(populateThreadPoolStats()); if (!AgentInfo.getInstance().isAgentActive()) { return; @@ -77,12 +81,12 @@ public void run() { AgentUtils.getInstance().getStatusLogMostRecentHCs().add(AgentInfo.getInstance().getJaHealthCheck().toString()); // channel.write(ByteBuffer.wrap(new JAHealthCheck(AgentNew.JA_HEALTH_CHECK).toString().getBytes())); if (WSClient.getInstance().isOpen()) { - WSClient.getInstance().send(JsonConverter.toJSON(new JAHealthCheck(AgentInfo.getInstance().getJaHealthCheck()))); - AgentInfo.getInstance().getJaHealthCheck().setEventDropCount(0); - AgentInfo.getInstance().getJaHealthCheck().setEventProcessed(0); - AgentInfo.getInstance().getJaHealthCheck().setEventSentCount(0); - AgentInfo.getInstance().getJaHealthCheck().setHttpRequestCount(0); - AgentInfo.getInstance().getJaHealthCheck().setExitEventSentCount(0); + JAHealthCheck sendJaHealthCheck; + synchronized (AgentInfo.getInstance().getJaHealthCheck()){ + sendJaHealthCheck = new JAHealthCheck(AgentInfo.getInstance().getJaHealthCheck()); + AgentInfo.getInstance().getJaHealthCheck().reset(); + } + WSClient.getInstance().send(JsonConverter.toJSON(sendJaHealthCheck)); } } catch (NullPointerException ex) { @@ -97,6 +101,13 @@ public void run() { } }; + private ThreadPoolStats populateThreadPoolStats() { + ThreadPoolStats threadPoolStats = new ThreadPoolStats(); + threadPoolStats.setDispatcherQueueSize(DispatcherPool.getInstance().getExecutor().getQueue().size()); + threadPoolStats.setEventSendQueueSize(EventSendPool.getInstance().getExecutor().getQueue().size()); + return threadPoolStats; + } + private HealthCheckScheduleThread() {} public void scheduleNewTask() { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/EventStats.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/EventStats.java new file mode 100644 index 000000000..86d3037cf --- /dev/null +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/EventStats.java @@ -0,0 +1,91 @@ +package com.newrelic.agent.security.intcodeagent.models.javaagent; + +import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter; + +import java.util.concurrent.atomic.AtomicInteger; + +public class EventStats { + + private AtomicInteger processed; + + private AtomicInteger sent; + + private AtomicInteger rejected; + + private AtomicInteger errorCount; + + public EventStats() { + this.processed = new AtomicInteger(0); + this.sent = new AtomicInteger(0); + this.rejected = new AtomicInteger(0); + this.errorCount = new AtomicInteger(0); + } + + public EventStats(EventStats eventStats) { + this.processed = new AtomicInteger(eventStats.processed.intValue()); + this.sent = new AtomicInteger(eventStats.sent.intValue()); + this.rejected = new AtomicInteger(eventStats.rejected.intValue()); + this.errorCount = new AtomicInteger(eventStats.errorCount.intValue()); + } + + public AtomicInteger getProcessed() { + return processed; + } + + public void setProcessed(AtomicInteger processed) { + this.processed = processed; + } + + public AtomicInteger getSent() { + return sent; + } + + public void setSent(AtomicInteger sent) { + this.sent = sent; + } + + public AtomicInteger getRejected() { + return rejected; + } + + public void setRejected(AtomicInteger rejected) { + this.rejected = rejected; + } + + public int incrementRejectedCount(){ + return this.rejected.incrementAndGet(); + } + + public int incrementSentCount(){ + return this.sent.incrementAndGet(); + } + + public int incrementProcessedCount(){ + return this.processed.incrementAndGet(); + } + + public int incrementErrorCount(){ + return this.errorCount.incrementAndGet(); + } + + public AtomicInteger getErrorCount() { + return errorCount; + } + + public void setErrorCount(AtomicInteger errorCount) { + this.errorCount = errorCount; + } + + public void reset(){ + this.processed.set(0); + this.sent.set(0); + this.errorCount.set(0); + this.rejected.set(0); + } + + + + public String toString() { + return JsonConverter.toJSON(this); + } +} diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java index 3437891ea..df6f649a1 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java @@ -20,6 +20,8 @@ public class JAHealthCheck extends AgentBasicInfo { // private Set protectedDB; + private AtomicInteger invokedHookCount; + private AtomicInteger eventDropCount; private AtomicInteger eventRejectionCount; @@ -40,6 +42,14 @@ public class JAHealthCheck extends AgentBasicInfo { private AtomicInteger httpRequestCount; + private EventStats raspEventStats; + + private EventStats iastEventStats; + + private EventStats exitEventStats; + + private ThreadPoolStats threadPoolStats; + private Map stats; private Map serviceStatus; @@ -51,6 +61,7 @@ public class JAHealthCheck extends AgentBasicInfo { public JAHealthCheck(String applicationUUID) { super(); this.applicationUUID = applicationUUID; + this.invokedHookCount = new AtomicInteger(0); this.eventDropCount = new AtomicInteger(0); this.eventProcessed = new AtomicInteger(0); this.eventSentCount = new AtomicInteger(0); @@ -60,6 +71,10 @@ public JAHealthCheck(String applicationUUID) { this.eventProcessingErrorCount = new AtomicInteger(0); this.eventSendRejectionCount = new AtomicInteger(0); this.eventSendErrorCount = new AtomicInteger(0); + this.raspEventStats = new EventStats(); + this.iastEventStats = new EventStats(); + this.exitEventStats = new EventStats(); + this.threadPoolStats = new ThreadPoolStats(); this.stats = new HashMap<>(); this.serviceStatus = new HashMap<>(); this.setKind(AgentInfo.getInstance().getApplicationInfo().getIdentifier().getKind()); @@ -69,6 +84,7 @@ public JAHealthCheck(String applicationUUID) { public JAHealthCheck(JAHealthCheck jaHealthCheck) { super(); this.applicationUUID = jaHealthCheck.applicationUUID; + this.invokedHookCount = jaHealthCheck.invokedHookCount; this.eventDropCount = jaHealthCheck.eventDropCount; this.eventProcessed = jaHealthCheck.eventProcessed; this.eventSentCount = jaHealthCheck.eventSentCount; @@ -78,6 +94,10 @@ public JAHealthCheck(JAHealthCheck jaHealthCheck) { this.eventProcessingErrorCount = jaHealthCheck.eventProcessingErrorCount; this.eventSendRejectionCount = jaHealthCheck.eventSendRejectionCount; this.eventSendErrorCount = jaHealthCheck.eventSendErrorCount; + this.raspEventStats = new EventStats(jaHealthCheck.raspEventStats); + this.iastEventStats = new EventStats(jaHealthCheck.iastEventStats); + this.exitEventStats = new EventStats(jaHealthCheck.exitEventStats); + this.threadPoolStats = new ThreadPoolStats(jaHealthCheck.threadPoolStats); this.kind = jaHealthCheck.kind; this.stats = jaHealthCheck.stats; this.serviceStatus = jaHealthCheck.serviceStatus; @@ -273,4 +293,66 @@ public Map getServiceStatus() { public void setServiceStatus(Map serviceStatus) { this.serviceStatus = serviceStatus; } + + public EventStats getRaspEventStats() { + return raspEventStats; + } + + public void setRaspEventStats(EventStats raspEventStats) { + this.raspEventStats = raspEventStats; + } + + public EventStats getIastEventStats() { + return iastEventStats; + } + + public void setIastEventStats(EventStats iastEventStats) { + this.iastEventStats = iastEventStats; + } + + public ThreadPoolStats getThreadPoolStats() { + return threadPoolStats; + } + + public void setThreadPoolStats(ThreadPoolStats threadPoolStats) { + this.threadPoolStats = threadPoolStats; + } + + public EventStats getExitEventStats() { + return exitEventStats; + } + + public void setExitEventStats(EventStats exitEventStats) { + this.exitEventStats = exitEventStats; + } + + public int getInvokedHookCount() { + return invokedHookCount.get(); + } + + public void setInvokedHookCount(int invokedHookCount) { + this.invokedHookCount.set(invokedHookCount); + } + + public int incrementInvokedHookCount() { + return invokedHookCount.incrementAndGet(); + } + + public void reset(){ + this.setEventDropCount(0); + this.setInvokedHookCount(0); + this.setEventProcessed(0); + this.setEventSentCount(0); + this.setHttpRequestCount(0); + this.setExitEventSentCount(0); + this.setEventRejectionCount(0); + this.setEventProcessingErrorCount(0); + this.setEventSendRejectionCount(0); + this.setEventSendErrorCount(0); + this.raspEventStats.reset(); + this.iastEventStats.reset(); + this.exitEventStats.reset(); + this.stats.clear(); + this.serviceStatus.clear(); + } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ThreadPoolStats.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ThreadPoolStats.java new file mode 100644 index 000000000..880284e87 --- /dev/null +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/ThreadPoolStats.java @@ -0,0 +1,44 @@ +package com.newrelic.agent.security.intcodeagent.models.javaagent; + +import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter; + +public class ThreadPoolStats { + + private Integer dispatcherQueueSize; + + private Integer eventSendQueueSize; + + public ThreadPoolStats() { + } + + public ThreadPoolStats(Integer dispatcherQueueSize, Integer eventSendQueueSize) { + this.dispatcherQueueSize = dispatcherQueueSize; + this.eventSendQueueSize = eventSendQueueSize; + } + + public ThreadPoolStats(ThreadPoolStats threadPoolStats) { + this.dispatcherQueueSize = threadPoolStats.dispatcherQueueSize; + this.eventSendQueueSize = threadPoolStats.eventSendQueueSize; + } + + public Integer getDispatcherQueueSize() { + return dispatcherQueueSize; + } + + public void setDispatcherQueueSize(Integer dispatcherQueueSize) { + this.dispatcherQueueSize = dispatcherQueueSize; + } + + public Integer getEventSendQueueSize() { + return eventSendQueueSize; + } + + public void setEventSendQueueSize(Integer eventSendQueueSize) { + this.eventSendQueueSize = eventSendQueueSize; + } + + + public String toString() { + return JsonConverter.toJSON(this); + } +} diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java index 5589803ed..cffee707f 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java @@ -1,13 +1,17 @@ package com.newrelic.agent.security.intcodeagent.websocket; import com.newrelic.agent.security.AgentInfo; +import com.newrelic.agent.security.instrumentator.dispatcher.DispatcherPool; import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool; import com.newrelic.agent.security.intcodeagent.executor.CustomFutureTask; import com.newrelic.agent.security.intcodeagent.executor.CustomThreadPoolExecutor; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; +import com.newrelic.agent.security.intcodeagent.models.javaagent.EventStats; +import com.newrelic.agent.security.intcodeagent.models.javaagent.ExitEventBean; import com.newrelic.agent.security.intcodeagent.models.javaagent.JavaAgentEventBean; import com.newrelic.agent.security.util.AgentUsageMetric; +import com.newrelic.agent.security.util.IUtilConstants; import java.util.Map; import java.util.concurrent.*; @@ -46,17 +50,15 @@ private EventSendPool() { new LinkedBlockingQueue(queueSize), new EventAbortPolicy()) { @Override protected void afterExecute(Runnable r, Throwable t) { - if (r instanceof Future) { - try { - Future future = (Future) r; - if (future.isDone()) { - future.get(); - } - } catch (Throwable e) { + try { + if (t != null) { AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); AgentInfo.getInstance().getJaHealthCheck().incrementEventSendErrorCount(); + incrementCount(r, IUtilConstants.ERROR); + } else { + incrementCount(r, IUtilConstants.SENT); } - } + } catch (Throwable ignored){} super.afterExecute(r, t); } }; @@ -87,6 +89,7 @@ public void sendEvent(String event) { public void sendEvent(JavaAgentEventBean event) { if(!event.getIsIASTRequest() && !AgentUsageMetric.isRASPProcessingActive()){ + AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats().incrementRejectedCount(); AgentInfo.getInstance().getJaHealthCheck().incrementEventSendRejectionCount(); return; } @@ -146,16 +149,18 @@ public void rejectedExecution(Runnable r, ThreadPoolExecutor e) { JavaAgentEventBean event = (JavaAgentEventBean) eventSender.getEvent(); if(event.getIsIASTRequest()){ String fuzzRequestId = event.getParentId(); - if(RestRequestThreadPool.getInstance().getCurrentProcessingIds().containsKey(fuzzRequestId)){ - RestRequestThreadPool.getInstance().getCurrentProcessingIds().remove(fuzzRequestId); - } + RestRequestThreadPool.getInstance().getCurrentProcessingIds().remove(fuzzRequestId); + AgentInfo.getInstance().getJaHealthCheck().getIastEventStats().incrementRejectedCount(); + } else { + AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats().incrementRejectedCount(); } + } else if (eventSender.getEvent() instanceof ExitEventBean) { + AgentInfo.getInstance().getJaHealthCheck().getExitEventStats().incrementRejectedCount(); } } - logger.log(LogLevel.FINER, "Event Task " + r.toString() + " rejected from " + e.toString(), EventSendPool.class.getName()); + logger.log(LogLevel.FINER, "Event Send Task " + r.toString() + " rejected from " + e.toString(), EventSendPool.class.getName()); AgentInfo.getInstance().getJaHealthCheck().incrementDropCount(); - AgentInfo.getInstance().getJaHealthCheck().incrementProcessedCount(); AgentInfo.getInstance().getJaHealthCheck().incrementEventSendRejectionCount(); } } @@ -167,4 +172,41 @@ public AtomicBoolean isWaiting() { public ThreadPoolExecutor getExecutor() { return executor; } + + private void incrementCount(Runnable r, String type) { + EventStats eventStats = null; + if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof EventSender) { + EventSender eventSender = (EventSender) ((CustomFutureTask) r).getTask(); + if (eventSender.getEvent() instanceof JavaAgentEventBean) { + JavaAgentEventBean event = (JavaAgentEventBean) eventSender.getEvent(); + if (event.getIsIASTRequest()) { + eventStats = AgentInfo.getInstance().getJaHealthCheck().getIastEventStats(); + } else { + eventStats = AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats(); + } + } else if (eventSender.getEvent() instanceof ExitEventBean) { + eventStats = AgentInfo.getInstance().getJaHealthCheck().getExitEventStats(); + } + } + + if(eventStats == null){ + return; + } + switch (type){ + case IUtilConstants.ERROR: + eventStats.incrementErrorCount(); + break; + case IUtilConstants.PROCESSED: + eventStats.incrementProcessedCount(); + break; + case IUtilConstants.SENT: + eventStats.incrementSentCount(); + break; + case IUtilConstants.REJECTED: + eventStats.incrementRejectedCount(); + break; + default: + logger.log(LogLevel.FINEST, String.format("Couldn't update event matric for task :%s and type : %s", r, type), DispatcherPool.class.getName()); + } + } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/AgentUsageMetric.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/AgentUsageMetric.java index 56023756f..f08d988c4 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/AgentUsageMetric.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/AgentUsageMetric.java @@ -1,5 +1,6 @@ package com.newrelic.agent.security.util; +import com.newrelic.agent.security.instrumentator.dispatcher.DispatcherPool; import com.newrelic.agent.security.intcodeagent.websocket.EventSendPool; public class AgentUsageMetric { @@ -9,6 +10,10 @@ public static Boolean isRASPProcessingActive() { EventSendPool.getInstance().getExecutor().getMaximumPoolSize()/2){ return false; } + if(DispatcherPool.getInstance().getExecutor().getQueue().size() > + DispatcherPool.getInstance().getExecutor().getMaximumPoolSize()*2/3){ + return false; + } return true; } @@ -17,6 +22,10 @@ public static Boolean isIASTRequestProcessingActive() { EventSendPool.getInstance().getExecutor().getMaximumPoolSize()*2/3){ return false; } + if(DispatcherPool.getInstance().getExecutor().getQueue().size() > + DispatcherPool.getInstance().getExecutor().getMaximumPoolSize()*0.75){ + return false; + } return true; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java index 23f349c96..b9cee9f65 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java @@ -22,4 +22,8 @@ public interface IUtilConstants { String NR_CSEC_DEBUG_LOGFILE_SIZE = "NR_CSEC_DEBUG_LOGFILE_SIZE"; String NR_CSEC_DEBUG_LOGFILE_MAX_COUNT = "NR_CSEC_DEBUG_LOGFILE_MAX_COUNT"; String NR_SECURITY_HOME = "nr-security-home"; + String PROCESSED = "PROCESSED"; + String ERROR = "ERROR"; + String SENT = "SENT"; + String REJECTED = "REJECTED"; } From dd23764342f6c6c52d69149e27f6de4c10d52994 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Mon, 31 Jul 2023 11:10:28 +0530 Subject: [PATCH 39/80] Update seters of current processing ids and processed ids Add logtime and milisecond in logger Add instance holder to Agent config and Agent info Co-authored-by: Harshit Singh Lodha --- .../newrelic/agent/security/AgentConfig.java | 15 ++++-------- .../newrelic/agent/security/AgentInfo.java | 15 ++++-------- .../httpclient/RestRequestThreadPool.java | 24 ++++++++++++++----- .../ControlCommandProcessor.java | 2 ++ .../intcodeagent/filelogging/LogWriter.java | 7 ++++-- .../newrelic/api/agent/security/Agent.java | 11 ++++----- 6 files changed, 39 insertions(+), 35 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java index 27bf7c374..bb60e3047 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java @@ -28,8 +28,6 @@ public class AgentConfig { public static final String CLEANING_STATUS_SNAPSHOTS_FROM_LOG_DIRECTORY_MAX_S_FILE_COUNT_REACHED_REMOVED_S = "Cleaning status-snapshots from snapshots directory, max %s file count reached removed : %s"; - private static AgentConfig instance; - private static final Object lock = new Object(); private String K2_HOME; @@ -61,15 +59,12 @@ public void instantiate(){ osVariables = OsVariablesInstance.instantiate().getOsVariables(); } + private static final class InstanceHolder { + static final AgentConfig instance = new AgentConfig(); + } + public static AgentConfig getInstance(){ - if (instance == null) { - synchronized (lock) { - if (instance == null) { - instance = new AgentConfig(); - } - } - } - return instance; + return InstanceHolder.instance; } private String applyRequiredGroup() { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java index c6cbe01ee..d58830bcb 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java @@ -28,8 +28,6 @@ public class AgentInfo { private static final String APP_INFO_BEAN_NOT_CREATED = "[APP_INFO] Error application info bean not created."; - private static AgentInfo instance; - private static final Object lock = new Object(); private ApplicationInfoBean applicationInfo; @@ -59,15 +57,12 @@ private AgentInfo() { applicationUUID = UUID.randomUUID().toString(); } + private static final class InstanceHolder { + static final AgentInfo instance = new AgentInfo(); + } + public static AgentInfo getInstance(){ - if (instance == null) { - synchronized (lock) { - if (instance == null) { - instance = new AgentInfo(); - } - } - } - return instance; + return InstanceHolder.instance; } public void initialiseHC(){ diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index 2e9f48d56..29a31a324 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -6,7 +6,7 @@ import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import org.apache.commons.lang3.StringUtils; -import java.util.Collections; +import java.util.HashSet; import java.util.Map; import java.util.Set; import java.util.concurrent.*; @@ -40,6 +40,13 @@ public class RestRequestThreadPool { private final Set pendingIds = ConcurrentHashMap.newKeySet(); + public void resetIASTProcessing() { + processedIds.clear(); + currentProcessingIds.clear(); + pendingIds.clear(); + executor.getQueue().clear(); + } + private RestRequestThreadPool() { LinkedBlockingQueue processQueue; // load the settings @@ -52,13 +59,11 @@ protected void afterExecute(Runnable r, Throwable t) { RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); String controlCommandId = task.getControlCommand().getId(); if(StringUtils.isNotBlank(controlCommandId)){ - if(!currentProcessingIds.containsKey(controlCommandId)) { - processedIds.put(controlCommandId, Collections.emptySet()); - } else { + if(currentProcessingIds.containsKey(controlCommandId)) { processedIds.put(controlCommandId, currentProcessingIds.get(controlCommandId)); + pendingIds.remove(controlCommandId); + currentProcessingIds.remove(controlCommandId); } - pendingIds.remove(controlCommandId); - currentProcessingIds.remove(controlCommandId); } } super.afterExecute(r, t); @@ -66,6 +71,13 @@ protected void afterExecute(Runnable r, Throwable t) { @Override protected void beforeExecute(Thread t, Runnable r) { + if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof RestRequestProcessor) { + RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); + String controlCommandId = task.getControlCommand().getId(); + if (StringUtils.isNotBlank(controlCommandId)) { + currentProcessingIds.put(controlCommandId, new HashSet<>()); + } + } super.beforeExecute(t, r); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java index c48676973..b7f24bed4 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/controlcommand/ControlCommandProcessor.java @@ -211,6 +211,7 @@ public void run() { * Post reconnect: reset 'reconnecting phase' in WSClient. */ try { + //TODO no need for draining IAST since last leg has complete ledger. logger.log(LogLevel.INFO, RECEIVED_WS_RECONNECT_COMMAND_FROM_SERVER_INITIATING_SEQUENCE, this.getClass().getName()); if (NewRelicSecurity.getAgent().getCurrentPolicy().getVulnerabilityScan().getEnabled() && NewRelicSecurity.getAgent().getCurrentPolicy().getVulnerabilityScan().getIastScan().getEnabled() @@ -226,6 +227,7 @@ public void run() { } logger.log(LogLevel.FINER, WS_RECONNECT_IAST_REQUEST_REPLAY_POOL_DRAINED, this.getClass().getName()); } + RestRequestThreadPool.getInstance().resetIASTProcessing(); WSClient.getInstance().close(CloseFrame.SERVICE_RESTART, "Reconnecting to service"); } catch (Throwable e) { logger.log(LogLevel.SEVERE, String.format(ERROR_WHILE_PROCESSING_RECONNECTION_CC_S_S, e.getMessage(), e.getCause()), this.getClass().getName()); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogWriter.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogWriter.java index df9dea201..276ab9f35 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogWriter.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogWriter.java @@ -46,7 +46,7 @@ public class LogWriter implements Runnable { Calendar cal = Calendar.getInstance(); SimpleDateFormat sdf = new SimpleDateFormat(DATE_FORMAT_NOW); - public static final String DATE_FORMAT_NOW = "yyyy-MM-dd HH:mm:ss"; + public static final String DATE_FORMAT_NOW = "yyyy-MM-dd HH:mm:ss.SSS"; private static final String fileName; @@ -59,6 +59,7 @@ public class LogWriter implements Runnable { private String threadName; private static OSVariables osVariables = OsVariablesInstance.getInstance().getOsVariables(); + private String logTime; private static boolean createLogFile() { CommonUtils.forceMkdirs(currentLogFile.getParentFile().toPath(), "rwxrwxrwx"); @@ -102,6 +103,7 @@ public LogWriter(LogLevel logLevel, String logEntry, String loggingClassName, St this.logLevelName = logLevel.name(); this.loggingClassName = loggingClassName; this.threadName = threadName; + this.logTime = sdf.format(cal.getTime()); } public LogWriter(LogLevel logLevel, String logEntry, Throwable throwableLogEntry, String loggingClassName, String threadName) { @@ -111,6 +113,7 @@ public LogWriter(LogLevel logLevel, String logEntry, Throwable throwableLogEntry this.logLevelName = logLevel.name(); this.loggingClassName = loggingClassName; this.threadName = threadName; + this.logTime = sdf.format(cal.getTime()); } @Override @@ -120,7 +123,7 @@ public void run() { } StringBuilder sb = new StringBuilder(); // sb.append(K2_LOG); - sb.append(sdf.format(cal.getTime())); + sb.append(logTime); sb.append(STR_COLON); sb.append(String.format(THREAD_NAME_TEMPLATE, AgentInfo.getInstance().getVMPID(), threadName)); sb.append(this.logLevelName); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 6387e75f7..4ac222251 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -248,6 +248,9 @@ public void registerOperation(AbstractOperation operation) { operation.setExecutionId(executionId); operation.setStartTime(Instant.now().toEpochMilli()); SecurityMetaData securityMetaData = NewRelicSecurity.getAgent().getSecurityMetaData(); + if(securityMetaData.getFuzzRequestIdentifier().getK2Request()){ + logger.log(LogLevel.FINEST, String.format("New Event generation with id %s of type %s", operation.getExecutionId(), operation.getClass().getSimpleName()), Agent.class.getName()); + } if (operation instanceof RXSSOperation) { operation.setStackTrace(securityMetaData.getMetaData().getServiceTrace()); } else { @@ -257,7 +260,7 @@ public void registerOperation(AbstractOperation operation) { if(checkIfNRGeneratedEvent(operation, securityMetaData)) { logger.log(LogLevel.FINEST, DROPPING_EVENT_AS_IT_WAS_GENERATED_BY_K_2_INTERNAL_API_CALL + JsonConverter.toJSON(operation), - Dispatcher.class.getName()); + Agent.class.getName()); return; } @@ -276,13 +279,7 @@ public void registerOperation(AbstractOperation operation) { this.getClass().getName()); firstEventProcessed.set(true); } - } else { - return; } -// if (blockNeeded) { -// blockForResponse(operation.getExecutionId()); -// } -// checkIfClientIPBlocked(); } private void logIfIastScanForFirstTime(K2RequestIdentifier fuzzRequestIdentifier, HttpRequest request) { From bb54129db60b1a79a01550317da355fd7baaf476 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Mon, 31 Jul 2023 17:26:43 +0530 Subject: [PATCH 40/80] Update WS close connection Reset all pools on Shutdown and Open WS connection Co-authored-by: Harshit Singh Lodha --- .../dispatcher/DispatcherPool.java | 26 ++++------- .../instrumentator/httpclient/RestClient.java | 2 +- .../httpclient/RestRequestProcessor.java | 20 +++++++-- .../httpclient/RestRequestThreadPool.java | 43 +++++++++---------- .../intcodeagent/websocket/EventSendPool.java | 23 ++++------ .../intcodeagent/websocket/WSClient.java | 9 +++- .../intcodeagent/websocket/WSUtils.java | 19 +++----- .../newrelic/api/agent/security/Agent.java | 2 + 8 files changed, 71 insertions(+), 73 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java index b6294f5cc..aff2f94e2 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java @@ -28,16 +28,12 @@ public class DispatcherPool { private ThreadPoolExecutor executor; private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance(); - - private static DispatcherPool instance; - final int queueSize = 300; final int maxPoolSize = 7; final int corePoolSize = 4; final long keepAliveTime = 10; final TimeUnit timeUnit = TimeUnit.SECONDS; final boolean allowCoreThreadTimeOut = false; - private static Object mutex = new Object(); private Set eid; @@ -168,17 +164,11 @@ private void incrementCount(Runnable r, String type) { } } + private static final class InstanceHolder { + static final DispatcherPool instance = new DispatcherPool(); + } public static DispatcherPool getInstance() { - - if (instance == null) { - synchronized (mutex) { - if (instance == null) { - instance = new DispatcherPool(); - } - return instance; - } - } - return instance; + return InstanceHolder.instance; } public Set getEid() { @@ -221,9 +211,7 @@ public void dispatchExitEvent(ExitEventBean exitEventBean) { } public static void shutDownPool() { - if (instance != null) { - instance.shutDownThreadPoolExecutor(); - } + InstanceHolder.instance.shutDownThreadPoolExecutor(); } public void shutDownThreadPoolExecutor() { @@ -246,4 +234,8 @@ public void shutDownThreadPoolExecutor() { } + public void reset() { + executor.getQueue().clear(); + } + } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestClient.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestClient.java index 34e6d3dcb..caa5ba38e 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestClient.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestClient.java @@ -114,7 +114,7 @@ public OkHttpClient getClient() { return clientThreadLocal.get(); } - public void fireRequest(Request request, int repeatCount) throws InterruptedIOException { + public void fireRequest(Request request, int repeatCount) { OkHttpClient client = clientThreadLocal.get(); logger.log(LogLevel.FINER, String.format(FIRING_REQUEST_METHOD_S, request.method()), RestClient.class.getName()); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java index 261f4364e..edf65d215 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java @@ -1,6 +1,8 @@ package com.newrelic.agent.security.instrumentator.httpclient; +import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; +import com.newrelic.agent.security.AgentInfo; import com.newrelic.agent.security.instrumentator.os.OsVariablesInstance; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; @@ -21,6 +23,8 @@ public class RestRequestProcessor implements Callable { public static final String NR_CSEC_VALIDATOR_HOME_TMP = "{{NR_CSEC_VALIDATOR_HOME_TMP}}"; public static final String ERROR_WHILE_PROCESSING_FUZZING_REQUEST_S = "Error while processing fuzzing request : %s"; + + public static final String JSON_PARSING_ERROR_WHILE_PROCESSING_FUZZING_REQUEST_S = "JSON parsing error while processing fuzzing request : %s"; private static final int MAX_REPETITION = 3; private IntCodeControlCommand controlCommand; @@ -40,12 +44,15 @@ public RestRequestProcessor(IntCodeControlCommand controlCommand, int repeatCoun * Does the request replay in IAST mode. */ @Override - public Boolean call() { - if (controlCommand.getArguments().size() < 2) { + public Boolean call() throws InterruptedException { + if (controlCommand.getArguments().size() < 2 ) { return true; } + if( !AgentInfo.getInstance().isAgentActive()) { + return false; + } - FuzzRequestBean httpRequest = null; + FuzzRequestBean httpRequest; try { if (WSUtils.getInstance().isReconnecting()) { synchronized (WSUtils.getInstance()) { @@ -60,6 +67,10 @@ public Boolean call() { RestRequestThreadPool.getInstance().removeFromProcessedCC(controlCommand.getId()); RestClient.getInstance().fireRequest(RequestUtils.generateK2Request(httpRequest), repeatCount); return true; + } catch (JsonProcessingException e){ + logger.log(LogLevel.SEVERE, + String.format(JSON_PARSING_ERROR_WHILE_PROCESSING_FUZZING_REQUEST_S, controlCommand.getArguments().get(0)), + e, RestRequestProcessor.class.getName()); } catch (Throwable e) { logger.log(LogLevel.SEVERE, String.format(ERROR_WHILE_PROCESSING_FUZZING_REQUEST_S, controlCommand.getArguments().get(0)), @@ -67,8 +78,9 @@ public Boolean call() { logger.postLogMessageIfNecessary(LogLevel.SEVERE, String.format(ERROR_WHILE_PROCESSING_FUZZING_REQUEST_S, controlCommand.getArguments().get(0)), e, RestRequestProcessor.class.getName()); + throw e; } - return false; + return true; } public static void processControlCommand(IntCodeControlCommand command) { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index 29a31a324..72931e0d3 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -21,16 +21,12 @@ public class RestRequestThreadPool { protected ThreadPoolExecutor executor; private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance(); - - private static RestRequestThreadPool instance; - private final int queueSize = 1000; private final int maxPoolSize = 5; private final int corePoolSize = 3; private final long keepAliveTime = 10; private final TimeUnit timeUnit = TimeUnit.SECONDS; private final boolean allowCoreThreadTimeOut = false; - private static final Object mutex = new Object(); private static final AtomicBoolean isWaiting = new AtomicBoolean(false); @@ -55,18 +51,25 @@ private RestRequestThreadPool() { @Override protected void afterExecute(Runnable r, Throwable t) { - if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof RestRequestProcessor) { - RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); - String controlCommandId = task.getControlCommand().getId(); - if(StringUtils.isNotBlank(controlCommandId)){ - if(currentProcessingIds.containsKey(controlCommandId)) { - processedIds.put(controlCommandId, currentProcessingIds.get(controlCommandId)); - pendingIds.remove(controlCommandId); - currentProcessingIds.remove(controlCommandId); + try { + super.afterExecute(r, t); + if (t != null && r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof RestRequestProcessor) { + Boolean result = (Boolean) ((CustomFutureTask) r).get(); + if(result) { + RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); + String controlCommandId = task.getControlCommand().getId(); + if (StringUtils.isNotBlank(controlCommandId)) { + if (currentProcessingIds.containsKey(controlCommandId)) { + processedIds.put(controlCommandId, currentProcessingIds.get(controlCommandId)); + pendingIds.remove(controlCommandId); + currentProcessingIds.remove(controlCommandId); + } + } } } + } catch (ExecutionException | InterruptedException e) { + throw new RuntimeException(e); } - super.afterExecute(r, t); } @Override @@ -96,17 +99,11 @@ public Thread newThread(Runnable r) { }); } + private static final class InstanceHolder { + static final RestRequestThreadPool instance = new RestRequestThreadPool(); + } public static RestRequestThreadPool getInstance() { - - if (instance == null) { - synchronized (mutex) { - if (instance == null) { - instance = new RestRequestThreadPool(); - } - return instance; - } - } - return instance; + return InstanceHolder.instance; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java index cffee707f..3e122289d 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java @@ -24,15 +24,8 @@ public class EventSendPool { */ private ThreadPoolExecutor executor; - private static EventSendPool instance; - private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance(); - public Map getEventMap() { - return eventMap; - } - - private Map eventMap = new ConcurrentHashMap<>(); private AtomicBoolean isWaiting = new AtomicBoolean(false); private EventSendPool() { @@ -74,13 +67,14 @@ public Thread newThread(Runnable r) { }); } + private static final class InstanceHolder { + static final EventSendPool instance = new EventSendPool(); + } /** * @return the instance */ public static EventSendPool getInstance() { - if (instance == null) - instance = new EventSendPool(); - return instance; + return InstanceHolder.instance; } public void sendEvent(String event) { @@ -102,10 +96,7 @@ public void sendEvent(Object event) { } public static void shutDownPool() { - if (instance != null) { - instance.shutDownThreadPoolExecutor(); - } - instance = null; + InstanceHolder.instance.shutDownThreadPoolExecutor(); } public void shutDownThreadPoolExecutor() { @@ -209,4 +200,8 @@ private void incrementCount(Runnable r, String type) { logger.log(LogLevel.FINEST, String.format("Couldn't update event matric for task :%s and type : %s", r, type), DispatcherPool.class.getName()); } } + + public void reset() { + executor.getQueue().clear(); + } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java index f84ba0e66..3e39e0760 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java @@ -2,6 +2,8 @@ import com.newrelic.agent.security.AgentConfig; import com.newrelic.agent.security.AgentInfo; +import com.newrelic.agent.security.instrumentator.dispatcher.DispatcherPool; +import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool; import com.newrelic.agent.security.instrumentator.utils.INRSettingsKey; import com.newrelic.agent.security.intcodeagent.controlcommand.ControlCommandProcessor; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; @@ -10,7 +12,6 @@ import com.newrelic.agent.security.intcodeagent.utils.CommonUtils; import com.newrelic.agent.security.util.IUtilConstants; import com.newrelic.api.agent.NewRelic; -import com.newrelic.api.agent.security.Agent; import org.apache.commons.lang3.StringUtils; import org.java_websocket.WebSocket; import org.java_websocket.WebSocketImpl; @@ -178,6 +179,9 @@ public void onOpen(ServerHandshake handshakedata) { logger.logInit(LogLevel.INFO, String.format(IAgentConstants.INIT_WS_CONNECTION, AgentConfig.getInstance().getConfig().getK2ServiceInfo().getValidatorServiceEndpointURL()), WSClient.class.getName()); logger.logInit(LogLevel.INFO, String.format(IAgentConstants.SENDING_APPLICATION_INFO_ON_WS_CONNECT, AgentInfo.getInstance().getApplicationInfo()), WSClient.class.getName()); + RestRequestThreadPool.getInstance().resetIASTProcessing(); + DispatcherPool.getInstance().reset(); + EventSendPool.getInstance().reset(); super.send(JsonConverter.toJSON(AgentInfo.getInstance().getApplicationInfo())); WSUtils.getInstance().setReconnecting(false); synchronized (WSUtils.getInstance()) { @@ -281,8 +285,9 @@ public static WSClient reconnectWSClient() throws URISyntaxException, Interrupte public static void shutDownWSClient() { logger.log(LogLevel.WARNING, "Disconnecting WS client", WSClient.class.getName()); + RestRequestThreadPool.getInstance().resetIASTProcessing(); if (instance != null) { - instance.close(); + instance.closeConnection(CloseFrame.NORMAL, "Client disconnecting forced by APM"); } instance = null; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java index 66ef0e301..79f968dbd 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java @@ -6,8 +6,6 @@ public class WSUtils { public static final String NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS = "Next WS connection attempt will be in %s seconds"; - private static WSUtils instance; - private static final Object lock = new Object(); private boolean isConnected = false; private AtomicBoolean isReconnecting = new AtomicBoolean(false); @@ -15,15 +13,12 @@ public class WSUtils { private WSUtils() { } + private static final class InstanceHolder { + static final WSUtils instance = new WSUtils(); + } + public static WSUtils getInstance() { - if (instance == null) { - synchronized (lock) { - if (instance == null) { - instance = new WSUtils(); - } - } - } - return instance; + return InstanceHolder.instance; } @@ -33,8 +28,8 @@ void setConnected(boolean connected) { } public static boolean isConnected() { - if (instance != null) { - return instance.isConnected; + if (InstanceHolder.instance != null) { + return InstanceHolder.instance.isConnected; } return false; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 4ac222251..4e214afd1 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -5,6 +5,7 @@ import com.newrelic.agent.security.AgentInfo; import com.newrelic.agent.security.instrumentator.dispatcher.Dispatcher; import com.newrelic.agent.security.instrumentator.dispatcher.DispatcherPool; +import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool; import com.newrelic.agent.security.instrumentator.os.OsVariablesInstance; import com.newrelic.agent.security.instrumentator.utils.*; import com.newrelic.agent.security.intcodeagent.constants.AgentServices; @@ -205,6 +206,7 @@ public boolean refreshState(java.net.URL agentJarURL, Instrumentation instrument private void cancelActiveServiceTasks() { /** + * Drain the pools (RestClient, EventSend, Dispatcher) before websocket close * Websocket * policy * HealthCheck From db84ea19de728e10ea43b8ef44b52c28dc39f03a Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Tue, 1 Aug 2023 14:26:40 +0530 Subject: [PATCH 41/80] Always remove from current processing ids after rest request processing. Co-authored-by: Harshit Singh Lodha --- .../httpclient/RestRequestThreadPool.java | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index 72931e0d3..dec6a062e 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -53,22 +53,24 @@ private RestRequestThreadPool() { protected void afterExecute(Runnable r, Throwable t) { try { super.afterExecute(r, t); + String controlCommandId = null; if (t != null && r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof RestRequestProcessor) { Boolean result = (Boolean) ((CustomFutureTask) r).get(); if(result) { RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); - String controlCommandId = task.getControlCommand().getId(); + controlCommandId = task.getControlCommand().getId(); if (StringUtils.isNotBlank(controlCommandId)) { if (currentProcessingIds.containsKey(controlCommandId)) { processedIds.put(controlCommandId, currentProcessingIds.get(controlCommandId)); pendingIds.remove(controlCommandId); - currentProcessingIds.remove(controlCommandId); } } } } - } catch (ExecutionException | InterruptedException e) { - throw new RuntimeException(e); + if(StringUtils.isNotBlank(controlCommandId)){ + currentProcessingIds.remove(controlCommandId); + } + } catch (ExecutionException | InterruptedException ignored) { } } From c0a41274e1622fd74276a5670b67430d46b837ea Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Tue, 1 Aug 2023 17:35:12 +0530 Subject: [PATCH 42/80] Always remove from pending ids after rest request processing. Co-authored-by: Harshit Singh Lodha --- .../instrumentator/httpclient/RestRequestThreadPool.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index dec6a062e..d5d737948 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -62,13 +62,13 @@ protected void afterExecute(Runnable r, Throwable t) { if (StringUtils.isNotBlank(controlCommandId)) { if (currentProcessingIds.containsKey(controlCommandId)) { processedIds.put(controlCommandId, currentProcessingIds.get(controlCommandId)); - pendingIds.remove(controlCommandId); } } } } if(StringUtils.isNotBlank(controlCommandId)){ currentProcessingIds.remove(controlCommandId); + pendingIds.remove(controlCommandId); } } catch (ExecutionException | InterruptedException ignored) { } From 4c35ed5222fabc800037790351e8d0b99981286f Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Thu, 3 Aug 2023 15:40:22 +0530 Subject: [PATCH 43/80] minor improvement to condition for after execute. Co-authored-by: Harshit Singh Lodha --- .../instrumentator/httpclient/RestRequestThreadPool.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index d5d737948..fac6edfa2 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -54,11 +54,11 @@ protected void afterExecute(Runnable r, Throwable t) { try { super.afterExecute(r, t); String controlCommandId = null; - if (t != null && r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof RestRequestProcessor) { + if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof RestRequestProcessor) { Boolean result = (Boolean) ((CustomFutureTask) r).get(); - if(result) { - RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); - controlCommandId = task.getControlCommand().getId(); + RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); + controlCommandId = task.getControlCommand().getId(); + if(t == null && result) { if (StringUtils.isNotBlank(controlCommandId)) { if (currentProcessingIds.containsKey(controlCommandId)) { processedIds.put(controlCommandId, currentProcessingIds.get(controlCommandId)); From 6a49c6ab1505d8f6f9efb62288213041db0ffdcf Mon Sep 17 00:00:00 2001 From: Harshit Singh Lodha Date: Tue, 8 Aug 2023 11:13:58 +0530 Subject: [PATCH 44/80] Logical separation between WSClient callbacks and WS Reconnection logic. Fixes race condition possibility of unclean WS close. Co-authored-by: Lovesh Baya --- .../intcodeagent/websocket/WSClient.java | 17 +++++++---------- .../websocket/WSReconnectionST.java | 16 ++++++++-------- 2 files changed, 15 insertions(+), 18 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java index 3e39e0760..d932e7b46 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java @@ -208,17 +208,14 @@ public void onMessage(String message) { @Override public void onClose(int code, String reason, boolean remote) { - WSUtils.getInstance().setConnected(false); logger.log(LogLevel.WARNING, CONNECTION_CLOSED_BY + (remote ? REMOTE_PEER : LOCAL) + CODE + code + REASON + reason, WSClient.class.getName()); if (code == CloseFrame.NEVER_CONNECTED) { return; } - - if (code != CloseFrame.POLICY_VALIDATION && code != CloseFrame.NORMAL) { - int delay = CommonUtils.generateSecureRandomBetween(5, 15); - logger.log(LogLevel.INFO, String.format(WSUtils.NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS, delay), WSReconnectionST.class.getName()); - WSReconnectionST.getInstance().submitNewTaskSchedule(delay); + WSUtils.getInstance().setConnected(false); + if (code == CloseFrame.POLICY_VALIDATION) { + WSReconnectionST.cancelTask(true); } } @@ -272,7 +269,7 @@ public static WSClient getInstance() throws URISyntaxException, InterruptedExcep * @throws InterruptedException */ public static WSClient reconnectWSClient() throws URISyntaxException, InterruptedException { - logger.log(LogLevel.WARNING, RECONNECTING_TO_IC, + logger.log(LogLevel.INFO, RECONNECTING_TO_IC, WSClient.class.getName()); if (instance != null && instance.isOpen()) { instance.closeBlocking(); @@ -283,13 +280,13 @@ public static WSClient reconnectWSClient() throws URISyntaxException, Interrupte } public static void shutDownWSClient() { - logger.log(LogLevel.WARNING, "Disconnecting WS client", + logger.log(LogLevel.WARNING, "Disconnecting WS client forced by APM", WSClient.class.getName()); + WSUtils.getInstance().setConnected(false); RestRequestThreadPool.getInstance().resetIASTProcessing(); if (instance != null) { - instance.closeConnection(CloseFrame.NORMAL, "Client disconnecting forced by APM"); + instance.close(CloseFrame.ABNORMAL_CLOSE, "Client disconnecting forced by APM"); } - instance = null; } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java index d42a23091..66bc65fa4 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java @@ -26,17 +26,17 @@ public class WSReconnectionST { @Override public void run() { try { - WSClient.reconnectWSClient(); - } catch (Exception e) { + if(!WSClient.getInstance().isOpen() || !WSUtils.isConnected()) { + logger.log(LogLevel.INFO, "WS is marked disconnected, reconnecting ...", WSReconnectionST.class.getName()); + WSClient.reconnectWSClient(); + } + } catch (Throwable e) { logger.log(LogLevel.SEVERE, ERROR_WHILE_WS_RECONNECTION + e.getMessage() + COLON_SEPARATOR + e.getCause(), WSClient.class.getName()); logger.log(LogLevel.FINER, ERROR_WHILE_WS_RECONNECTION, e, WSClient.class.getName()); logger.postLogMessageIfNecessary(LogLevel.SEVERE, ERROR_WHILE_WS_RECONNECTION + e.getMessage() + COLON_SEPARATOR + e.getCause(), e, WSClient.class.getName()); } finally { - if (!WSUtils.isConnected()) { - int delay = CommonUtils.generateSecureRandomBetween(5, 15); - logger.log(LogLevel.INFO, String.format(WSUtils.NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS, delay), WSReconnectionST.class.getName()); - futureTask = scheduledService.schedule(runnable, delay, TimeUnit.SECONDS); - } + int delay = CommonUtils.generateSecureRandomBetween(5, 15); + futureTask = scheduledService.schedule(runnable, delay, TimeUnit.SECONDS); } } }; @@ -90,7 +90,7 @@ public static void cancelTask(boolean force) { if (instance.futureTask == null) { return; } - if (instance.futureTask != null && (force || instance.futureTask.isDone())) { + if (force || !instance.futureTask.isDone()) { instance.futureTask.cancel(force); } } From bb8cbd7425dfbb6a8e2278eaad5980005c0e6451 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Tue, 8 Aug 2023 22:05:23 +0530 Subject: [PATCH 45/80] minor improvement to set completed events in current processing list Co-authored-by: Harshit Singh Lodha --- .../instrumentator/httpclient/RestRequestThreadPool.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index fac6edfa2..5bd1225a1 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -161,10 +161,9 @@ public void registerEventForProcessedCC(String controlCommandId, String eventId) } Set registeredEvents; if(!currentProcessingIds.containsKey(controlCommandId)){ - currentProcessingIds.putIfAbsent(controlCommandId, ConcurrentHashMap.newKeySet()); + registeredEvents = currentProcessingIds.get(controlCommandId); + registeredEvents.add(eventId); } - registeredEvents = currentProcessingIds.get(controlCommandId); - registeredEvents.add(eventId); } public void removeFromProcessedCC(String controlCommandId) { From 694574769ed5830f038a703166ad6a1adfbbb70e Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 9 Aug 2023 11:33:59 +0530 Subject: [PATCH 46/80] minor improvement in condition Co-authored-by: Harshit Singh Lodha --- .../instrumentator/httpclient/RestRequestThreadPool.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index 5bd1225a1..26698d366 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -160,7 +160,7 @@ public void registerEventForProcessedCC(String controlCommandId, String eventId) return; } Set registeredEvents; - if(!currentProcessingIds.containsKey(controlCommandId)){ + if(currentProcessingIds.containsKey(controlCommandId)){ registeredEvents = currentProcessingIds.get(controlCommandId); registeredEvents.add(eventId); } From c893329ed1ccbc87a8c4c5b8e885d21e231ff9dd Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 9 Aug 2023 14:51:27 +0530 Subject: [PATCH 47/80] Updates in data pull mechanism introduced rejection list Co-authored-by: Harshit Singh Lodha --- .../newrelic/agent/security/AgentInfo.java | 3 ++ .../dispatcher/DispatcherPool.java | 2 +- .../IASTDataTransferRequestProcessor.java | 13 +++++++- .../httpclient/RestRequestThreadPool.java | 31 ++++++------------- .../intcodeagent/websocket/EventSendPool.java | 2 +- 5 files changed, 27 insertions(+), 24 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java index d58830bcb..ebec66251 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentInfo.java @@ -1,5 +1,6 @@ package com.newrelic.agent.security; +import com.newrelic.agent.security.instrumentator.httpclient.RestRequestThreadPool; import com.newrelic.agent.security.instrumentator.utils.AgentUtils; import com.newrelic.agent.security.instrumentator.utils.ApplicationInfoUtils; import com.newrelic.agent.security.instrumentator.utils.INRSettingsKey; @@ -163,6 +164,8 @@ else if (!AgentConfig.getInstance().isNRSecurityEnabled()) { } if(state) { logger.logInit(LogLevel.INFO, String.format("Security Agent is now ACTIVE for %s", applicationUUID), AgentInfo.class.getName()); + } else { + RestRequestThreadPool.getInstance().resetIASTProcessing(); } if(state && !processProtected){ diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java index aff2f94e2..40a34e72f 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java @@ -65,7 +65,7 @@ public void rejectedExecution(Runnable r, ThreadPoolExecutor e) { Dispatcher dispatcher = (Dispatcher) ((CustomFutureTask) r).getTask(); if(dispatcher.getSecurityMetaData()!= null && dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getK2Request()){ String fuzzRequestId = dispatcher.getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class); - RestRequestThreadPool.getInstance().getCurrentProcessingIds().remove(fuzzRequestId); + RestRequestThreadPool.getInstance().getRejectedIds().add(fuzzRequestId); } if(dispatcher.getSecurityMetaData() != null) { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java index 83db6e9c7..b96666aec 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/IASTDataTransferRequestProcessor.java @@ -14,6 +14,8 @@ import java.time.Instant; import java.util.HashMap; import java.util.HashSet; +import java.util.Map; +import java.util.Set; import java.util.concurrent.*; import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicLong; @@ -76,7 +78,7 @@ private void task() { if (batchSize > 100 && remainingRecordCapacity > batchSize) { request = new IASTDataTransferRequest(NewRelicSecurity.getAgent().getAgentUUID()); request.setBatchSize(batchSize); - request.setCompletedRequests(new HashMap<>(RestRequestThreadPool.getInstance().getProcessedIds())); + request.setCompletedRequests(getEffectiveCompletedRequests()); request.setPendingRequestIds(new HashSet<>(RestRequestThreadPool.getInstance().getPendingIds())); WSClient.getInstance().send(request.toString()); } @@ -86,6 +88,15 @@ private void task() { } } + private Map> getEffectiveCompletedRequests() { + Map> completedRequest = new HashMap<>(RestRequestThreadPool.getInstance().getProcessedIds()); + for (String rejectedId : RestRequestThreadPool.getInstance().getRejectedIds()) { + completedRequest.remove(rejectedId); + } + RestRequestThreadPool.getInstance().getRejectedIds().clear(); + return completedRequest; + } + private IASTDataTransferRequestProcessor() { executorService = Executors.newSingleThreadScheduledExecutor(new ThreadFactory() { private final AtomicInteger threadNumber = new AtomicInteger(1); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index 26698d366..2cbac32de 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -32,13 +32,13 @@ public class RestRequestThreadPool { private final Map> processedIds = new ConcurrentHashMap(); - private final Map> currentProcessingIds = new ConcurrentHashMap(); - private final Set pendingIds = ConcurrentHashMap.newKeySet(); + private final Set rejectedIds = ConcurrentHashMap.newKeySet(); + public void resetIASTProcessing() { + rejectedIds.addAll(processedIds.keySet()); processedIds.clear(); - currentProcessingIds.clear(); pendingIds.clear(); executor.getQueue().clear(); } @@ -58,16 +58,13 @@ protected void afterExecute(Runnable r, Throwable t) { Boolean result = (Boolean) ((CustomFutureTask) r).get(); RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); controlCommandId = task.getControlCommand().getId(); - if(t == null && result) { + if(t != null || !result) { if (StringUtils.isNotBlank(controlCommandId)) { - if (currentProcessingIds.containsKey(controlCommandId)) { - processedIds.put(controlCommandId, currentProcessingIds.get(controlCommandId)); - } + rejectedIds.add(controlCommandId); } } } if(StringUtils.isNotBlank(controlCommandId)){ - currentProcessingIds.remove(controlCommandId); pendingIds.remove(controlCommandId); } } catch (ExecutionException | InterruptedException ignored) { @@ -76,13 +73,6 @@ protected void afterExecute(Runnable r, Throwable t) { @Override protected void beforeExecute(Thread t, Runnable r) { - if (r instanceof CustomFutureTask && ((CustomFutureTask) r).getTask() instanceof RestRequestProcessor) { - RestRequestProcessor task = (RestRequestProcessor) ((CustomFutureTask) r).getTask(); - String controlCommandId = task.getControlCommand().getId(); - if (StringUtils.isNotBlank(controlCommandId)) { - currentProcessingIds.put(controlCommandId, new HashSet<>()); - } - } super.beforeExecute(t, r); } @@ -147,8 +137,8 @@ public Map> getProcessedIds() { return processedIds; } - public Map> getCurrentProcessingIds() { - return currentProcessingIds; + public Set getRejectedIds() { + return rejectedIds; } public Set getPendingIds() { @@ -160,10 +150,9 @@ public void registerEventForProcessedCC(String controlCommandId, String eventId) return; } Set registeredEvents; - if(currentProcessingIds.containsKey(controlCommandId)){ - registeredEvents = currentProcessingIds.get(controlCommandId); - registeredEvents.add(eventId); - } + processedIds.putIfAbsent(controlCommandId, new HashSet<>()); + registeredEvents = processedIds.get(controlCommandId); + registeredEvents.add(eventId); } public void removeFromProcessedCC(String controlCommandId) { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java index 3e122289d..e98092e8f 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/EventSendPool.java @@ -140,7 +140,7 @@ public void rejectedExecution(Runnable r, ThreadPoolExecutor e) { JavaAgentEventBean event = (JavaAgentEventBean) eventSender.getEvent(); if(event.getIsIASTRequest()){ String fuzzRequestId = event.getParentId(); - RestRequestThreadPool.getInstance().getCurrentProcessingIds().remove(fuzzRequestId); + RestRequestThreadPool.getInstance().getRejectedIds().add(fuzzRequestId); AgentInfo.getInstance().getJaHealthCheck().getIastEventStats().incrementRejectedCount(); } else { AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats().incrementRejectedCount(); From 611947e022fdc4fb7269fe920e4679e3c2d4e327 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 9 Aug 2023 17:29:54 +0530 Subject: [PATCH 48/80] Updates and set empty processid. fail safe for non micro service arch Co-authored-by: Harshit Singh Lodha --- .../instrumentator/dispatcher/DispatcherPool.java | 15 +++++++++++---- .../httpclient/RestRequestThreadPool.java | 10 ++++++---- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java index 40a34e72f..f20637495 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/DispatcherPool.java @@ -16,6 +16,7 @@ import com.newrelic.api.agent.security.schema.SecurityMetaData; import org.apache.commons.lang3.StringUtils; +import java.util.HashSet; import java.util.Set; import java.util.concurrent.*; import java.util.concurrent.atomic.AtomicInteger; @@ -195,10 +196,16 @@ public void dispatchEvent(AbstractOperation operation, SecurityMetaData security } } // Register in Processed CC map - if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { - RestRequestThreadPool.getInstance() - .registerEventForProcessedCC(securityMetaData.getCustomAttribute( - GenericHelper.CSEC_PARENT_ID, String.class), operation.getExecutionId()); + if(securityMetaData.getFuzzRequestIdentifier().getK2Request()) { + String parentId = securityMetaData.getCustomAttribute( + GenericHelper.CSEC_PARENT_ID, String.class); + if (StringUtils.isNotBlank(parentId)) { + RestRequestThreadPool.getInstance().getProcessedIds().putIfAbsent(parentId, new HashSet<>()); + } + if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID())) { + RestRequestThreadPool.getInstance() + .registerEventForProcessedCC(parentId, operation.getExecutionId()); + } } this.executor.submit(new Dispatcher(operation, new SecurityMetaData(securityMetaData))); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java index 2cbac32de..3d3ab17f3 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestThreadPool.java @@ -62,6 +62,8 @@ protected void afterExecute(Runnable r, Throwable t) { if (StringUtils.isNotBlank(controlCommandId)) { rejectedIds.add(controlCommandId); } + } else { + processedIds.putIfAbsent(controlCommandId, new HashSet<>()); } } if(StringUtils.isNotBlank(controlCommandId)){ @@ -149,10 +151,10 @@ public void registerEventForProcessedCC(String controlCommandId, String eventId) if(StringUtils.isAnyBlank(controlCommandId, eventId)){ return; } - Set registeredEvents; - processedIds.putIfAbsent(controlCommandId, new HashSet<>()); - registeredEvents = processedIds.get(controlCommandId); - registeredEvents.add(eventId); + Set registeredEvents = processedIds.get(controlCommandId); + if(registeredEvents != null) { + registeredEvents.add(eventId); + } } public void removeFromProcessedCC(String controlCommandId) { From 710fb2bc4bcb8d35cf9db31503e88d3aa3ce1761 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Thu, 10 Aug 2023 15:45:22 +0530 Subject: [PATCH 49/80] Removed .toString() --- .../agent/security/instrumentator/utils/AgentUtils.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java index 1b473847c..61fa7a8d0 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java @@ -649,7 +649,7 @@ private void applyNRPolicyOverride() { public static void sendApplicationURLMappings() { ApplicationURLMappings applicationURLMappings = new ApplicationURLMappings(URLMappingsHelper.getApplicationURLMappings()); - logger.logInit(LogLevel.INFO, String.format("Collected application url mappings %s", applicationURLMappings.toString()), Agent.class.getName()); + logger.logInit(LogLevel.INFO, String.format("Collected application url mappings %s", applicationURLMappings), Agent.class.getName()); EventSendPool.getInstance().sendEvent(applicationURLMappings); } } From 9857ffafd07c9ddf29c145b1b2213b6869e77c8e Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Thu, 10 Aug 2023 15:47:29 +0530 Subject: [PATCH 50/80] Updated variable name --- .../security/instrumentation/helpers/URLMappingsHelper.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java index ed20364ce..4e5f5df4c 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java @@ -12,7 +12,7 @@ public static Set getApplicationURLMappings() { return mappings; } - public static void addApplicationURLMapping(ApplicationURLMapping obj) { - mappings.add(obj); + public static void addApplicationURLMapping(ApplicationURLMapping mapping) { + mappings.add(mapping); } } From 0add19a2c8698f3de7b6613647780482163d7e5b Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Thu, 10 Aug 2023 15:51:40 +0530 Subject: [PATCH 51/80] Removed unnecessary modules from settings.gradle --- settings.gradle | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/settings.gradle b/settings.gradle index a1f15385e..ca787c8b5 100644 --- a/settings.gradle +++ b/settings.gradle @@ -85,9 +85,6 @@ include 'instrumentation:jdbc-ojdbc-tns-12.1.0.2' include 'instrumentation:jdbc-ojdbc-tns-21.1.0.0' include 'instrumentation:jdbc-ojdbc-tns-21.6.0.0' include 'instrumentation:spring-web' -include 'instrumentation:spring-webmvc-3.1.0' -include 'instrumentation:spring-webmvc-5.3.0' -include 'instrumentation:spring-webflux' include 'instrumentation:http-async-client-4' include 'instrumentation:jax-rs-1.0' include 'instrumentation:jax-rs-3.0' @@ -137,14 +134,3 @@ include 'instrumentation:jdbc-inet-merlia' include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' -include 'instrumentation:apache-struts2' -include 'instrumentation:jersey' -include 'instrumentation:resteasy-2.2' -include 'instrumentation:resteasy-3' -include 'instrumentation:resteasy-4' -include 'instrumentation:apache-wicket-6.4' -include 'instrumentation:apache-wicket-7.0' -include 'instrumentation:apache-wicket-8.0' -include 'instrumentation:grails-1.3' -include 'instrumentation:grails-2.0' -include 'instrumentation:grails-3.0' \ No newline at end of file From d69ef600eb89b58073e3b072ac3d557e4ed4f6c3 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Thu, 10 Aug 2023 16:09:00 +0530 Subject: [PATCH 52/80] Prevent forever loop when the fuzz request build is failed. Co-authored-by: Harshit Singh Lodha --- .../httpclient/RequestUtils.java | 66 ++++++++++--------- .../httpclient/RestRequestProcessor.java | 6 +- 2 files changed, 41 insertions(+), 31 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RequestUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RequestUtils.java index 8f1d20c3e..062441690 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RequestUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RequestUtils.java @@ -14,44 +14,50 @@ public class RequestUtils { private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance(); + public static final String ERROR_IN_FUZZ_REQUEST_GENERATION = "Error in fuzz request generation {}"; public static Request generateK2Request(FuzzRequestBean httpRequest) { - logger.log(LogLevel.FINER, String.format("Firing request : %s", httpRequest), RequestUtils.class.getName()); - StringBuilder url = new StringBuilder(String.format("%s://localhost", httpRequest.getProtocol())); - url.append(":"); - url.append(httpRequest.getServerPort()); - url.append(httpRequest.getUrl()); - - RequestBody requestBody = null; - - if (StringUtils.isNotBlank(httpRequest.getContentType())) { - if (httpRequest.getParameterMap() != null && !httpRequest.getParameterMap().isEmpty()) { - FormBody.Builder builder = new FormBody.Builder(); - for (Entry param : httpRequest.getParameterMap().entrySet()) { - for (int i = 0; i < param.getValue().length; i++) { - builder.add(param.getKey(), param.getValue()[i]); + try { + logger.log(LogLevel.FINER, String.format("Firing request : %s", httpRequest), RequestUtils.class.getName()); + StringBuilder url = new StringBuilder(String.format("%s://localhost", httpRequest.getProtocol())); + url.append(":"); + url.append(httpRequest.getServerPort()); + url.append(httpRequest.getUrl()); + + RequestBody requestBody = null; + + if (StringUtils.isNotBlank(httpRequest.getContentType())) { + if (httpRequest.getParameterMap() != null && !httpRequest.getParameterMap().isEmpty()) { + FormBody.Builder builder = new FormBody.Builder(); + for (Entry param : httpRequest.getParameterMap().entrySet()) { + for (int i = 0; i < param.getValue().length; i++) { + builder.add(param.getKey(), param.getValue()[i]); + } } + requestBody = builder.build(); + } else { + requestBody = RequestBody.create(httpRequest.getBody().toString(), + MediaType.parse(httpRequest.getContentType())); } - requestBody = builder.build(); - } else { - requestBody = RequestBody.create(httpRequest.getBody().toString(), - MediaType.parse(httpRequest.getContentType())); + } else if (StringUtils.equalsIgnoreCase(httpRequest.getMethod(), "POST")) { + requestBody = RequestBody.create(httpRequest.getBody().toString(), null); } - } else if (StringUtils.equalsIgnoreCase(httpRequest.getMethod(), "POST")) { - requestBody = RequestBody.create(httpRequest.getBody().toString(), null); - } - Builder requestBuilder = new Request.Builder(); - requestBuilder = requestBuilder.url(url.toString()); + Builder requestBuilder = new Request.Builder(); + requestBuilder = requestBuilder.url(url.toString()); - if (HttpMethod.permitsRequestBody(httpRequest.getMethod())) { - requestBuilder = requestBuilder.method(httpRequest.getMethod(), requestBody); - } else { - requestBuilder = requestBuilder.method(httpRequest.getMethod(), null); - } - requestBuilder = requestBuilder.headers(Headers.of((Map) httpRequest.getHeaders())); + if (HttpMethod.permitsRequestBody(httpRequest.getMethod())) { + requestBuilder = requestBuilder.method(httpRequest.getMethod(), requestBody); + } else { + requestBuilder = requestBuilder.method(httpRequest.getMethod(), null); + } + requestBuilder = requestBuilder.headers(Headers.of((Map) httpRequest.getHeaders())); - return requestBuilder.build(); + return requestBuilder.build(); + } catch (Exception e){ + logger.log(LogLevel.FINEST, String.format(ERROR_IN_FUZZ_REQUEST_GENERATION, e.getMessage()), RequestUtils.class.getSimpleName()); + } + return null; } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java index edf65d215..b185c37a3 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java @@ -11,6 +11,7 @@ import com.newrelic.agent.security.intcodeagent.websocket.WSUtils; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; +import okhttp3.Request; import org.apache.commons.lang3.StringUtils; import java.util.concurrent.Callable; @@ -65,7 +66,10 @@ public Boolean call() throws InterruptedException { httpRequest = objectMapper.readValue(req, FuzzRequestBean.class); httpRequest.getHeaders().put(GenericHelper.CSEC_PARENT_ID, controlCommand.getId()); RestRequestThreadPool.getInstance().removeFromProcessedCC(controlCommand.getId()); - RestClient.getInstance().fireRequest(RequestUtils.generateK2Request(httpRequest), repeatCount); + Request request = RequestUtils.generateK2Request(httpRequest); + if(request != null) { + RestClient.getInstance().fireRequest(request, repeatCount); + } return true; } catch (JsonProcessingException e){ logger.log(LogLevel.SEVERE, From 0f6936209602d04e4ee02daa90a83e54e1c35370 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Mon, 14 Aug 2023 15:17:26 +0530 Subject: [PATCH 53/80] [NEW] URL mappings for spring-webflux (#54) * Getting url mappings for spring-webflux --- .../spring-webflux/build.gradle | 26 +++++++++++++++++++ ...tHandlerMethodMapping_Instrumentation.java | 19 ++++++++++++++ .../reactive/result/method/SpringHelper.java | 24 +++++++++++++++++ settings.gradle | 1 + 4 files changed, 70 insertions(+) create mode 100644 instrumentation-security/spring-webflux/build.gradle create mode 100644 instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/AbstractHandlerMethodMapping_Instrumentation.java create mode 100644 instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/SpringHelper.java diff --git a/instrumentation-security/spring-webflux/build.gradle b/instrumentation-security/spring-webflux/build.gradle new file mode 100644 index 000000000..90c8f5746 --- /dev/null +++ b/instrumentation-security/spring-webflux/build.gradle @@ -0,0 +1,26 @@ +plugins { + id "org.jetbrains.kotlin.jvm" +} + +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.springframework:spring-webflux:5.0.0.RELEASE") +} + +jar { + manifest { + attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.spring-webflux' + } +} + +verifyInstrumentation { + passesOnly 'org.springframework:spring-webflux:[0,)' + excludeRegex 'org.springframework:spring-webflux:.*(rc|m|RC|SEC|M)[0-9]*$' +} + +site { + title 'Spring' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/AbstractHandlerMethodMapping_Instrumentation.java b/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/AbstractHandlerMethodMapping_Instrumentation.java new file mode 100644 index 000000000..a488b2be4 --- /dev/null +++ b/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/AbstractHandlerMethodMapping_Instrumentation.java @@ -0,0 +1,19 @@ +package org.springframework.web.reactive.result.method; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; + +import java.lang.reflect.Method; + +@Weave(type = MatchType.ExactClass, originalName = "org.springframework.web.reactive.result.method.AbstractHandlerMethodMapping") +public abstract class AbstractHandlerMethodMapping_Instrumentation { + + protected void registerHandlerMethod(Object handler, Method method, T mapping) { + try { + Weaver.callOriginal(); + } finally { + SpringHelper.gatherURLMappings(mapping); + } + } +} \ No newline at end of file diff --git a/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/SpringHelper.java b/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/SpringHelper.java new file mode 100644 index 000000000..0f8e04af7 --- /dev/null +++ b/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/SpringHelper.java @@ -0,0 +1,24 @@ +package org.springframework.web.reactive.result.method; + +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.instrumentation.helpers.*; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.reactive.result.condition.PatternsRequestCondition; +import org.springframework.web.util.pattern.PathPattern; + +public class SpringHelper { + public static void gatherURLMappings(T mapping){ + try { + RequestMappingInfo mappingInfo = (RequestMappingInfo) mapping; + PatternsRequestCondition patternsCondition = mappingInfo.getPatternsCondition(); + if(patternsCondition!=null) { + for (RequestMethod requestMethod : mappingInfo.getMethodsCondition().getMethods()) { + for (PathPattern url : patternsCondition.getPatterns()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(requestMethod.name(), url.getPatternString())); + } + } + } + } catch (Throwable ignored){ + } + } +} diff --git a/settings.gradle b/settings.gradle index da6557ff2..0585f53d0 100644 --- a/settings.gradle +++ b/settings.gradle @@ -135,3 +135,4 @@ include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' include 'instrumentation:commons-jxpath' +include 'instrumentation:spring-webflux' \ No newline at end of file From aedc456dd200fa37f6b56ba6a6cacc08ec19a058 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Mon, 14 Aug 2023 16:30:37 +0530 Subject: [PATCH 54/80] [NEW] URL mappings for apache-struts2 (#55) Getting url mappings for apache-struts2 Co-authored-by: idawda Co-authored-by: Lovesh Baya --- .../apache-struts2/build.gradle | 21 +++++++++++++ .../security/apache/struts2/StrutsHelper.java | 31 +++++++++++++++++++ .../config/Configuration_Instrumentation.java | 23 ++++++++++++++ settings.gradle | 3 +- 4 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 instrumentation-security/apache-struts2/build.gradle create mode 100644 instrumentation-security/apache-struts2/src/main/java/com/nr/instrumentation/security/apache/struts2/StrutsHelper.java create mode 100644 instrumentation-security/apache-struts2/src/main/java/com/opensymphony/xwork2/config/Configuration_Instrumentation.java diff --git a/instrumentation-security/apache-struts2/build.gradle b/instrumentation-security/apache-struts2/build.gradle new file mode 100644 index 000000000..c6d47ff7e --- /dev/null +++ b/instrumentation-security/apache-struts2/build.gradle @@ -0,0 +1,21 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation('org.apache.struts:struts2-core:6.1.2') +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.apache-struts2' } +} + +verifyInstrumentation { + passesOnly 'org.apache.struts.xwork:xwork-core:[0,)' + passesOnly 'org.apache.struts:struts2-core:[2.1.2,)' + excludeRegex 'org.apache.struts:struts2-core:2.3.15.1-atlassian-[4-5]$' +} + +site { + title 'Struts2' + type 'Framework' +} diff --git a/instrumentation-security/apache-struts2/src/main/java/com/nr/instrumentation/security/apache/struts2/StrutsHelper.java b/instrumentation-security/apache-struts2/src/main/java/com/nr/instrumentation/security/apache/struts2/StrutsHelper.java new file mode 100644 index 000000000..a36fee7cd --- /dev/null +++ b/instrumentation-security/apache-struts2/src/main/java/com/nr/instrumentation/security/apache/struts2/StrutsHelper.java @@ -0,0 +1,31 @@ +package com.nr.instrumentation.security.apache.struts2; + +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.instrumentation.helpers.*; +import com.opensymphony.xwork2.config.RuntimeConfiguration; +import com.opensymphony.xwork2.config.entities.ActionConfig; +import java.util.Map; + +public class StrutsHelper { + + private static final String SEPARATOR = "/"; + private static final String WILDCARD = "*"; + public static void gatherURLMappings(RuntimeConfiguration runtimeConfig) { + try { + Map> namespaces = runtimeConfig.getActionConfigs(); + for (Map.Entry> namespace : namespaces.entrySet()) { + String url = namespace.getKey(); + for (ActionConfig actionConfig : namespace.getValue().values()) { + String mapping; + if(url.endsWith(SEPARATOR)){ + mapping = url + actionConfig.getName(); + } else { + mapping = url + SEPARATOR + actionConfig.getName(); + } + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, mapping, actionConfig.getClassName())); + } + } + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/apache-struts2/src/main/java/com/opensymphony/xwork2/config/Configuration_Instrumentation.java b/instrumentation-security/apache-struts2/src/main/java/com/opensymphony/xwork2/config/Configuration_Instrumentation.java new file mode 100644 index 000000000..136f3ea81 --- /dev/null +++ b/instrumentation-security/apache-struts2/src/main/java/com/opensymphony/xwork2/config/Configuration_Instrumentation.java @@ -0,0 +1,23 @@ +package com.opensymphony.xwork2.config; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.apache.struts2.StrutsHelper; +import java.util.List; + +@Weave(type = MatchType.Interface, originalName = "com.opensymphony.xwork2.config.Configuration") +public abstract class Configuration_Instrumentation { + abstract public RuntimeConfiguration getRuntimeConfiguration(); + + // TODO: Need extract action extension + public List reloadContainer(List containerProviders) throws ConfigurationException { + List returnVal; + try { + returnVal = Weaver.callOriginal(); + } finally { + StrutsHelper.gatherURLMappings(getRuntimeConfiguration()); + } + return returnVal; + } +} diff --git a/settings.gradle b/settings.gradle index 0585f53d0..011f307c6 100644 --- a/settings.gradle +++ b/settings.gradle @@ -135,4 +135,5 @@ include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' include 'instrumentation:commons-jxpath' -include 'instrumentation:spring-webflux' \ No newline at end of file +include 'instrumentation:apache-struts2' +include 'instrumentation:spring-webflux' From de13305ebfde46d47aa8239c2664ad11b8e6af41 Mon Sep 17 00:00:00 2001 From: Ishika Dawda <112611034+IshikaDawda@users.noreply.github.com> Date: Mon, 14 Aug 2023 17:02:01 +0530 Subject: [PATCH 55/80] URL mappings for RestEasy (#74) * Getting URL Mappings for RestEasy 2.2 * Getting URL Mappings for RestEasy 3 * Getting URL Mappings for RestEasy 4 Co-authored-by: Monu Lakshkar Co-authored-by: Lovesh Baya --- .../resteasy-2.2/build.gradle | 23 +++++++++++ .../security/resteasy2/RestEasyHelper.java | 37 ++++++++++++++++++ .../registry/RootSegment_Instrumentation.java | 18 +++++++++ .../resteasy-3/build.gradle | 20 ++++++++++ .../security/resteasy3/RestEasyHelper.java | 38 +++++++++++++++++++ .../RootClassNode_Instrumentation.java | 18 +++++++++ .../resteasy-4/build.gradle | 19 ++++++++++ .../security/resteasy4/RestEasyHelper.java | 34 +++++++++++++++++ .../RootClassNode_Instrumentation.java | 18 +++++++++ settings.gradle | 3 ++ 10 files changed, 228 insertions(+) create mode 100644 instrumentation-security/resteasy-2.2/build.gradle create mode 100644 instrumentation-security/resteasy-2.2/src/main/java/com/nr/instrumentation/security/resteasy2/RestEasyHelper.java create mode 100644 instrumentation-security/resteasy-2.2/src/main/java/org/jboss/resteasy/core/registry/RootSegment_Instrumentation.java create mode 100644 instrumentation-security/resteasy-3/build.gradle create mode 100644 instrumentation-security/resteasy-3/src/main/java/com/nr/instrumentation/security/resteasy3/RestEasyHelper.java create mode 100644 instrumentation-security/resteasy-3/src/main/java/org/jboss/resteasy/core/registry/RootClassNode_Instrumentation.java create mode 100644 instrumentation-security/resteasy-4/build.gradle create mode 100644 instrumentation-security/resteasy-4/src/main/java/com/nr/instrumentation/security/resteasy4/RestEasyHelper.java create mode 100644 instrumentation-security/resteasy-4/src/main/java/org/jboss/resteasy/core/registry/RootClassNode_Instrumentation.java diff --git a/instrumentation-security/resteasy-2.2/build.gradle b/instrumentation-security/resteasy-2.2/build.gradle new file mode 100644 index 000000000..1e74c9fb7 --- /dev/null +++ b/instrumentation-security/resteasy-2.2/build.gradle @@ -0,0 +1,23 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.jboss.resteasy:resteasy-jaxrs:2.3.3.Final") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.resteasy-2.2' } +} + +verifyInstrumentation { + passesOnly 'org.jboss.resteasy:resteasy-jaxrs:[2.2-RC-1,3.0-beta-1)' + excludeRegex '.*beta-[0-9]$' + excludeRegex 'org.jboss.resteasy:resteasy-jaxrs:1.*' + excludeRegex 'org.jboss.resteasy:resteasy-jaxrs:2.1.*' + excludeRegex 'org.jboss.resteasy:resteasy-jaxrs:2.0.*' +} + +site { + title 'RESTEasy' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/resteasy-2.2/src/main/java/com/nr/instrumentation/security/resteasy2/RestEasyHelper.java b/instrumentation-security/resteasy-2.2/src/main/java/com/nr/instrumentation/security/resteasy2/RestEasyHelper.java new file mode 100644 index 000000000..958816739 --- /dev/null +++ b/instrumentation-security/resteasy-2.2/src/main/java/com/nr/instrumentation/security/resteasy2/RestEasyHelper.java @@ -0,0 +1,37 @@ +package com.nr.instrumentation.security.resteasy2; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import org.jboss.resteasy.core.ResourceInvoker; +import org.jboss.resteasy.core.ResourceLocator; +import org.jboss.resteasy.core.ResourceMethod; + +public class RestEasyHelper { + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; + public static void gatherUrlMappings(String path, ResourceInvoker invoker) { + try{ + if(!path.startsWith(SEPARATOR)) { + path = SEPARATOR + path; + } + + if(invoker instanceof ResourceMethod) { + ResourceMethod methodInvoker = (ResourceMethod) invoker; + String handler = methodInvoker.getResourceClass().getName(); + + for (String httpMethod: methodInvoker.getHttpMethods()){ + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(httpMethod, path, handler)); + } + } + // case of SubResources + else if(invoker instanceof ResourceLocator) { + ResourceLocator locatorInvoker = (ResourceLocator) invoker; + String handler = locatorInvoker.getMethod().getDeclaringClass().getName(); + String finalPath = path + (path.endsWith(SEPARATOR) ? WILDCARD : SEPARATOR + WILDCARD); + + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, finalPath, handler)); + } + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/resteasy-2.2/src/main/java/org/jboss/resteasy/core/registry/RootSegment_Instrumentation.java b/instrumentation-security/resteasy-2.2/src/main/java/org/jboss/resteasy/core/registry/RootSegment_Instrumentation.java new file mode 100644 index 000000000..08e784376 --- /dev/null +++ b/instrumentation-security/resteasy-2.2/src/main/java/org/jboss/resteasy/core/registry/RootSegment_Instrumentation.java @@ -0,0 +1,18 @@ +package org.jboss.resteasy.core.registry; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.resteasy2.RestEasyHelper; +import org.jboss.resteasy.core.ResourceInvoker; + +@Weave(type = MatchType.ExactClass, originalName = "org.jboss.resteasy.core.registry.RootSegment") +public class RootSegment_Instrumentation { + public void addPath(String path, ResourceInvoker invoker){ + try { + Weaver.callOriginal(); + } finally { + RestEasyHelper.gatherUrlMappings(path, invoker); + } + } +} diff --git a/instrumentation-security/resteasy-3/build.gradle b/instrumentation-security/resteasy-3/build.gradle new file mode 100644 index 000000000..7f7c8100f --- /dev/null +++ b/instrumentation-security/resteasy-3/build.gradle @@ -0,0 +1,20 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.jboss.resteasy:resteasy-jaxrs:3.0.0.Final") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.resteasy-3' } +} + +verifyInstrumentation { + passesOnly 'org.jboss.resteasy:resteasy-jaxrs:[3.0-beta-1,)' + excludeRegex ".*(rc|beta|alpha).*" +} + +site { + title 'RESTEasy' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/resteasy-3/src/main/java/com/nr/instrumentation/security/resteasy3/RestEasyHelper.java b/instrumentation-security/resteasy-3/src/main/java/com/nr/instrumentation/security/resteasy3/RestEasyHelper.java new file mode 100644 index 000000000..b79372d3d --- /dev/null +++ b/instrumentation-security/resteasy-3/src/main/java/com/nr/instrumentation/security/resteasy3/RestEasyHelper.java @@ -0,0 +1,38 @@ +package com.nr.instrumentation.security.resteasy3; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import org.jboss.resteasy.core.ResourceInvoker; +import org.jboss.resteasy.core.ResourceLocatorInvoker; +import org.jboss.resteasy.core.ResourceMethodInvoker; + +public class RestEasyHelper { + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; + + public static void gatherUrlMappings(String path, ResourceInvoker invoker) { + try{ + if(!path.startsWith(SEPARATOR)) { + path = SEPARATOR + path; + } + + if(invoker instanceof ResourceMethodInvoker) { + ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) invoker; + String handler = methodInvoker.getResourceClass().getName(); + + for (String httpMethod: methodInvoker.getHttpMethods()){ + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(httpMethod, path, handler)); + } + } + // case of SubResource + else if(invoker instanceof ResourceLocatorInvoker) { + ResourceLocatorInvoker locatorInvoker = (ResourceLocatorInvoker) invoker; + String handler = locatorInvoker.getMethod().getDeclaringClass().getName(); + String finalPath = path + (path.endsWith(SEPARATOR) ? WILDCARD : SEPARATOR + WILDCARD); + + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, finalPath, handler)); + } + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/resteasy-3/src/main/java/org/jboss/resteasy/core/registry/RootClassNode_Instrumentation.java b/instrumentation-security/resteasy-3/src/main/java/org/jboss/resteasy/core/registry/RootClassNode_Instrumentation.java new file mode 100644 index 000000000..82261a01f --- /dev/null +++ b/instrumentation-security/resteasy-3/src/main/java/org/jboss/resteasy/core/registry/RootClassNode_Instrumentation.java @@ -0,0 +1,18 @@ +package org.jboss.resteasy.core.registry; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.resteasy3.RestEasyHelper; +import org.jboss.resteasy.core.ResourceInvoker; + +@Weave(type = MatchType.ExactClass, originalName = "org.jboss.resteasy.core.registry.RootClassNode") +public class RootClassNode_Instrumentation { + public void addInvoker(String classExpression, String fullpath, ResourceInvoker invoker){ + try { + Weaver.callOriginal(); + } finally { + RestEasyHelper.gatherUrlMappings(fullpath, invoker); + } + } +} diff --git a/instrumentation-security/resteasy-4/build.gradle b/instrumentation-security/resteasy-4/build.gradle new file mode 100644 index 000000000..f8626ac84 --- /dev/null +++ b/instrumentation-security/resteasy-4/build.gradle @@ -0,0 +1,19 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.jboss.resteasy:resteasy-core:4.0.0.Final") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.resteasy-4' } +} + +verifyInstrumentation { + passesOnly 'org.jboss.resteasy:resteasy-core:[0,)' +} + +site { + title 'RESTEasy' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/resteasy-4/src/main/java/com/nr/instrumentation/security/resteasy4/RestEasyHelper.java b/instrumentation-security/resteasy-4/src/main/java/com/nr/instrumentation/security/resteasy4/RestEasyHelper.java new file mode 100644 index 000000000..c7230d733 --- /dev/null +++ b/instrumentation-security/resteasy-4/src/main/java/com/nr/instrumentation/security/resteasy4/RestEasyHelper.java @@ -0,0 +1,34 @@ +package com.nr.instrumentation.security.resteasy4; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import org.jboss.resteasy.core.ResourceLocatorInvoker; +import org.jboss.resteasy.core.ResourceMethodInvoker; +import org.jboss.resteasy.spi.ResourceInvoker; + +public class RestEasyHelper { + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; + + public static void gatherUrlMappings(String path, ResourceInvoker invoker) { + try{ + if(!path.startsWith(SEPARATOR)) path = SEPARATOR + path; + String handler; + if(invoker instanceof ResourceMethodInvoker) { + ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) invoker; + handler = methodInvoker.getResourceClass().getName(); + + for (String httpMethod: methodInvoker.getHttpMethods()){ + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(httpMethod, path, handler)); + } + } + // case of SubResource + else if(invoker instanceof ResourceLocatorInvoker) { + handler = invoker.getMethod().getDeclaringClass().getName(); + String finalPath = path + (path.endsWith(SEPARATOR) ? WILDCARD : SEPARATOR + WILDCARD); + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, finalPath, handler)); + } + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/resteasy-4/src/main/java/org/jboss/resteasy/core/registry/RootClassNode_Instrumentation.java b/instrumentation-security/resteasy-4/src/main/java/org/jboss/resteasy/core/registry/RootClassNode_Instrumentation.java new file mode 100644 index 000000000..2a98b0b9f --- /dev/null +++ b/instrumentation-security/resteasy-4/src/main/java/org/jboss/resteasy/core/registry/RootClassNode_Instrumentation.java @@ -0,0 +1,18 @@ +package org.jboss.resteasy.core.registry; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.resteasy4.RestEasyHelper; +import org.jboss.resteasy.spi.ResourceInvoker; + +@Weave(type = MatchType.ExactClass, originalName = "org.jboss.resteasy.core.registry.RootClassNode") +public class RootClassNode_Instrumentation { + public void addInvoker(String classExpression, String fullpath, ResourceInvoker invoker){ + try { + Weaver.callOriginal(); + } finally { + RestEasyHelper.gatherUrlMappings(fullpath, invoker); + } + } +} diff --git a/settings.gradle b/settings.gradle index 011f307c6..ae2faabc9 100644 --- a/settings.gradle +++ b/settings.gradle @@ -135,5 +135,8 @@ include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' include 'instrumentation:commons-jxpath' +include 'instrumentation:resteasy-2.2' +include 'instrumentation:resteasy-3' +include 'instrumentation:resteasy-4' include 'instrumentation:apache-struts2' include 'instrumentation:spring-webflux' From d55dadd6bcdd1017e1934d6b4043fcef51ef054a Mon Sep 17 00:00:00 2001 From: Ishika Dawda <112611034+IshikaDawda@users.noreply.github.com> Date: Mon, 14 Aug 2023 17:46:50 +0530 Subject: [PATCH 56/80] [NEW] URL mappings for Grails (#83) * Getting URL Mappings for Grails 2.0 * Getting URL Mappings for Grails 3.0 * Getting URL Mappings for Grails 1.3 Co-authored-by: Monu Lakshkar Co-authored-by: Lovesh Baya --- .../grails-1.3/build.gradle | 21 ++++++++++++++++ .../security/grails13/GrailsHelper.java | 18 ++++++++++++++ ...faultGrailsController_Instrumentation.java | 22 +++++++++++++++++ .../grails-2.0/build.gradle | 22 +++++++++++++++++ .../security/grails2/GrailsHelper.java | 18 ++++++++++++++ ...faultGrailsController_Instrumentation.java | 24 +++++++++++++++++++ .../grails-3.0/build.gradle | 20 ++++++++++++++++ .../security/grails3/GrailsHelper.java | 24 +++++++++++++++++++ ...faultGrailsController_Instrumentation.java | 22 +++++++++++++++++ settings.gradle | 3 +++ 10 files changed, 194 insertions(+) create mode 100644 instrumentation-security/grails-1.3/build.gradle create mode 100644 instrumentation-security/grails-1.3/src/main/java/com/nr/instrumentation/security/grails13/GrailsHelper.java create mode 100644 instrumentation-security/grails-1.3/src/main/java/org/codehaus/groovy/grails/commons/DefaultGrailsController_Instrumentation.java create mode 100644 instrumentation-security/grails-2.0/build.gradle create mode 100644 instrumentation-security/grails-2.0/src/main/java/com/nr/instrumentation/security/grails2/GrailsHelper.java create mode 100644 instrumentation-security/grails-2.0/src/main/java/org/codehaus/groovy/grails/commons/DefaultGrailsController_Instrumentation.java create mode 100644 instrumentation-security/grails-3.0/build.gradle create mode 100644 instrumentation-security/grails-3.0/src/main/java/com/nr/instrumentation/security/grails3/GrailsHelper.java create mode 100644 instrumentation-security/grails-3.0/src/main/java/org/grails/core/DefaultGrailsController_Instrumentation.java diff --git a/instrumentation-security/grails-1.3/build.gradle b/instrumentation-security/grails-1.3/build.gradle new file mode 100644 index 000000000..add64feea --- /dev/null +++ b/instrumentation-security/grails-1.3/build.gradle @@ -0,0 +1,21 @@ + +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.grails:grails-web:1.3.0") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.grails-1.3' } +} + +verifyInstrumentation { + excludeRegex '.*.[RC|M][0-9]' + passes 'org.grails:grails-web:[1.3.0,2.0)' +} + +site { + title 'Grails' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/grails-1.3/src/main/java/com/nr/instrumentation/security/grails13/GrailsHelper.java b/instrumentation-security/grails-1.3/src/main/java/com/nr/instrumentation/security/grails13/GrailsHelper.java new file mode 100644 index 000000000..ad89554f9 --- /dev/null +++ b/instrumentation-security/grails-1.3/src/main/java/com/nr/instrumentation/security/grails13/GrailsHelper.java @@ -0,0 +1,18 @@ +package com.nr.instrumentation.security.grails13; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +import java.util.Map; + +public class GrailsHelper { + private static final String WILDCARD = "*"; + public static void gatherUrlMappings(Map uri2viewMap, String handler) { + try { + for (String path : uri2viewMap.keySet()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, path, handler)); + } + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/grails-1.3/src/main/java/org/codehaus/groovy/grails/commons/DefaultGrailsController_Instrumentation.java b/instrumentation-security/grails-1.3/src/main/java/org/codehaus/groovy/grails/commons/DefaultGrailsController_Instrumentation.java new file mode 100644 index 000000000..eae553ef7 --- /dev/null +++ b/instrumentation-security/grails-1.3/src/main/java/org/codehaus/groovy/grails/commons/DefaultGrailsController_Instrumentation.java @@ -0,0 +1,22 @@ +package org.codehaus.groovy.grails.commons; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.WeaveAllConstructors; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.grails13.GrailsHelper; + +import java.util.Map; + +@Weave(type = MatchType.ExactClass, originalName = "org.codehaus.groovy.grails.commons.DefaultGrailsControllerClass") +public abstract class DefaultGrailsController_Instrumentation { + + public abstract Class getClazz(); + + private Map uri2viewMap = Weaver.callOriginal(); + + @WeaveAllConstructors + public DefaultGrailsController_Instrumentation() { + GrailsHelper.gatherUrlMappings(uri2viewMap, getClazz().getName()); + } +} diff --git a/instrumentation-security/grails-2.0/build.gradle b/instrumentation-security/grails-2.0/build.gradle new file mode 100644 index 000000000..c33c6e047 --- /dev/null +++ b/instrumentation-security/grails-2.0/build.gradle @@ -0,0 +1,22 @@ + +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.grails:grails-core:2.2.0") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.grails-2.0' } +} + +verifyInstrumentation { + excludeRegex '.*.[RC|M][0-9]' +// excludeRegex '.*.M[0-9]' + passesOnly('org.grails:grails-core:[2.0,3.0.0.RC1)') +} + +site { + title 'Grails' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/grails-2.0/src/main/java/com/nr/instrumentation/security/grails2/GrailsHelper.java b/instrumentation-security/grails-2.0/src/main/java/com/nr/instrumentation/security/grails2/GrailsHelper.java new file mode 100644 index 000000000..f0c56410c --- /dev/null +++ b/instrumentation-security/grails-2.0/src/main/java/com/nr/instrumentation/security/grails2/GrailsHelper.java @@ -0,0 +1,18 @@ +package com.nr.instrumentation.security.grails2; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +import java.util.Map; + +public class GrailsHelper { + private static final String WILDCARD = "*"; + public static void gatherUrlMappings( Map uri2viewMap, String handler) { + try { + for (String path : uri2viewMap.keySet()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, path, handler)); + } + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/grails-2.0/src/main/java/org/codehaus/groovy/grails/commons/DefaultGrailsController_Instrumentation.java b/instrumentation-security/grails-2.0/src/main/java/org/codehaus/groovy/grails/commons/DefaultGrailsController_Instrumentation.java new file mode 100644 index 000000000..ae6902a92 --- /dev/null +++ b/instrumentation-security/grails-2.0/src/main/java/org/codehaus/groovy/grails/commons/DefaultGrailsController_Instrumentation.java @@ -0,0 +1,24 @@ +package org.codehaus.groovy.grails.commons; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.grails2.GrailsHelper; + +import java.util.Map; + +@Weave(type = MatchType.ExactClass, originalName = "org.codehaus.groovy.grails.commons.DefaultGrailsControllerClass") +public abstract class DefaultGrailsController_Instrumentation { + + public abstract Class getClazz(); + + private Map uri2viewMap = Weaver.callOriginal(); + + public void initialize() { + try { + Weaver.callOriginal(); + } finally { + GrailsHelper.gatherUrlMappings(uri2viewMap, getClazz().getName()); + } + } +} diff --git a/instrumentation-security/grails-3.0/build.gradle b/instrumentation-security/grails-3.0/build.gradle new file mode 100644 index 000000000..5a5d14049 --- /dev/null +++ b/instrumentation-security/grails-3.0/build.gradle @@ -0,0 +1,20 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.grails:grails-core:3.0.0") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.grails-3.0' } +} + +verifyInstrumentation { + excludeRegex '.*.RC[0-9]' + passesOnly('org.grails:grails-core:[3.0.0.M1,)') +} + +site { + title 'Grails' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/grails-3.0/src/main/java/com/nr/instrumentation/security/grails3/GrailsHelper.java b/instrumentation-security/grails-3.0/src/main/java/com/nr/instrumentation/security/grails3/GrailsHelper.java new file mode 100644 index 000000000..dbbae1fdd --- /dev/null +++ b/instrumentation-security/grails-3.0/src/main/java/com/nr/instrumentation/security/grails3/GrailsHelper.java @@ -0,0 +1,24 @@ +package com.nr.instrumentation.security.grails3; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +import java.lang.reflect.Method; +import java.util.Map; + +public class GrailsHelper { + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; + public static void gatherUrlMappings(Map actions, String handler, String controller) { + try { + String path = SEPARATOR + controller; + for (String action : actions.keySet()) { + String finalPath = path + SEPARATOR + action; + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, finalPath, handler)); + } + // for default action mappings + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, path, handler)); + } catch(Throwable ignored) { + } + } +} diff --git a/instrumentation-security/grails-3.0/src/main/java/org/grails/core/DefaultGrailsController_Instrumentation.java b/instrumentation-security/grails-3.0/src/main/java/org/grails/core/DefaultGrailsController_Instrumentation.java new file mode 100644 index 000000000..91fe02fcd --- /dev/null +++ b/instrumentation-security/grails-3.0/src/main/java/org/grails/core/DefaultGrailsController_Instrumentation.java @@ -0,0 +1,22 @@ +package org.grails.core; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.WeaveAllConstructors; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.grails3.GrailsHelper; + +import java.lang.reflect.Method; +import java.util.Map; + +@Weave(type = MatchType.ExactClass, originalName = "org.grails.core.DefaultGrailsControllerClass") +public abstract class DefaultGrailsController_Instrumentation { + private Map actions = Weaver.callOriginal(); + abstract public Class getClazz(); + abstract public String getName(); + + @WeaveAllConstructors + public DefaultGrailsController_Instrumentation() { + GrailsHelper.gatherUrlMappings(actions, getClazz().getName(), getName()); + } +} diff --git a/settings.gradle b/settings.gradle index ae2faabc9..2dd9e367f 100644 --- a/settings.gradle +++ b/settings.gradle @@ -135,6 +135,9 @@ include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' include 'instrumentation:commons-jxpath' +include 'instrumentation:grails-1.3' +include 'instrumentation:grails-2.0' +include 'instrumentation:grails-3.0' include 'instrumentation:resteasy-2.2' include 'instrumentation:resteasy-3' include 'instrumentation:resteasy-4' From 90c402000ecf2dcdb4288ac99c7012d87614e1c7 Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Wed, 16 Aug 2023 13:01:39 +0530 Subject: [PATCH 57/80] [NEW] URL mappings for servlet modules (#52) * Getting url mappings for servlet(s) and jsp(s) Co-authored-by: idawda --- .../security/servlet24/HttpServletHelper.java | 40 ++++++++++++++++++- ...tContainerInitializer_Instrumentation.java | 19 +++++++++ .../security/servlet5/HttpServletHelper.java | 40 ++++++++++++++++++- ...tContainerInitializer_Instrumentation.java | 18 +++++++++ .../security/servlet6/HttpServletHelper.java | 40 ++++++++++++++++++- ...tContainerInitializer_Instrumentation.java | 18 +++++++++ 6 files changed, 172 insertions(+), 3 deletions(-) create mode 100644 instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java create mode 100644 instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java create mode 100644 instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java diff --git a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java b/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java index 299b71207..7d9ffa998 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java +++ b/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java @@ -1,13 +1,18 @@ package com.nr.instrumentation.security.servlet24; import com.newrelic.api.agent.security.NewRelicSecurity; -import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.*; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.HttpRequest; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; +import javax.servlet.ServletContext; +import javax.servlet.ServletRegistration; import javax.servlet.http.HttpServletRequest; +import java.util.Collection; import java.util.Enumeration; +import java.util.Iterator; import java.util.Map; public class HttpServletHelper { @@ -18,6 +23,8 @@ public class HttpServletHelper { public static final String SERVICE_METHOD_NAME = "service"; public static final String NR_SEC_CUSTOM_ATTRIB_NAME = "SERVLET_LOCK-"; + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; public static void processHttpRequestHeader(HttpServletRequest request, HttpRequest securityRequest){ Enumeration headerNames = request.getHeaderNames(); @@ -105,4 +112,35 @@ public static void releaseServletLock() { private static String getNrSecCustomAttribName() { return NR_SEC_CUSTOM_ATTRIB_NAME + Thread.currentThread().getId(); } + + public static void gatherURLMappings(ServletContext servletContext) { + try { + Map servletRegistrations = servletContext.getServletRegistrations(); + getJSPMappings(servletContext, SEPARATOR); + + for (ServletRegistration servletRegistration : servletRegistrations.values()) { + for (String s : servletRegistration.getMappings()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, s)); + } + } + } catch (Exception ignored){ + } + } + + public static void getJSPMappings(ServletContext servletContext, String dir) { + try { + if(dir.endsWith(SEPARATOR)){ + Collection resourcePaths = servletContext.getResourcePaths(dir); + for (String path : resourcePaths) { + if(path.endsWith(SEPARATOR)) { + getJSPMappings(servletContext, path); + } + else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP") || path.endsWith(".JSPX")) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, path)); + } + } + } + } catch (Exception ignored){ + } + } } diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java new file mode 100644 index 000000000..2ca933c91 --- /dev/null +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java @@ -0,0 +1,19 @@ +package javax.servlet; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.servlet24.HttpServletHelper; + +import java.util.Set; + +@Weave(type = MatchType.Interface, originalName = "javax.servlet.ServletContainerInitializer") +public class ServletContainerInitializer_Instrumentation { + public void onStartup(Set> c, ServletContext ctx) throws ServletException { + try { + Weaver.callOriginal(); + } finally { + HttpServletHelper.gatherURLMappings(ctx); + } + } +} diff --git a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java b/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java index 7b6bfbef6..45d229136 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java +++ b/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java @@ -1,13 +1,18 @@ package com.nr.instrumentation.security.servlet5; import com.newrelic.api.agent.security.NewRelicSecurity; -import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.*; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.HttpRequest; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; +import jakarta.servlet.ServletContext; +import jakarta.servlet.ServletRegistration; import jakarta.servlet.http.HttpServletRequest; +import java.util.Collection; import java.util.Enumeration; +import java.util.Iterator; import java.util.Map; public class HttpServletHelper { @@ -18,6 +23,8 @@ public class HttpServletHelper { public static final String SERVICE_METHOD_NAME = "service"; public static final String NR_SEC_CUSTOM_ATTRIB_NAME = "SERVLET_LOCK-"; + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; public static void processHttpRequestHeader(HttpServletRequest request, HttpRequest securityRequest){ Enumeration headerNames = request.getHeaderNames(); @@ -105,4 +112,35 @@ public static void releaseServletLock() { private static String getNrSecCustomAttribName() { return NR_SEC_CUSTOM_ATTRIB_NAME + Thread.currentThread().getId(); } + + public static void gatherURLMappings(ServletContext servletContext) { + try { + Map servletRegistrations = servletContext.getServletRegistrations(); + getJSPMappings(servletContext, SEPARATOR); + + for (ServletRegistration servletRegistration : servletRegistrations.values()) { + for (String s : servletRegistration.getMappings()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, s)); + } + } + } catch (Exception ignored){ + } + } + + public static void getJSPMappings(ServletContext servletContext, String dir) { + try { + if(dir.endsWith(SEPARATOR)){ + Collection resourcePaths = servletContext.getResourcePaths(dir); + for (String path : resourcePaths) { + if(path.endsWith(SEPARATOR)) { + getJSPMappings(servletContext, path); + } + else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP") || path.endsWith(".JSPX")) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, path)); + } + } + } + } catch (Exception ignored){ + } + } } diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java new file mode 100644 index 000000000..224320818 --- /dev/null +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java @@ -0,0 +1,18 @@ +package jakarta.servlet; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.servlet5.HttpServletHelper; +import java.util.Set; + +@Weave(type = MatchType.Interface, originalName = "jakarta.servlet.ServletContainerInitializer") +public class ServletContainerInitializer_Instrumentation { + public void onStartup(Set> var1, ServletContext var2) throws ServletException { + try { + Weaver.callOriginal(); + } finally { + HttpServletHelper.gatherURLMappings(var2); + } + } +} diff --git a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java b/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java index 0ca53efd5..168100347 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java +++ b/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java @@ -1,13 +1,18 @@ package com.nr.instrumentation.security.servlet6; import com.newrelic.api.agent.security.NewRelicSecurity; -import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.*; import com.newrelic.api.agent.security.schema.AgentMetaData; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.HttpRequest; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; +import jakarta.servlet.ServletContext; +import jakarta.servlet.ServletRegistration; import jakarta.servlet.http.HttpServletRequest; +import java.util.Collection; import java.util.Enumeration; +import java.util.Iterator; import java.util.Map; public class HttpServletHelper { @@ -18,6 +23,8 @@ public class HttpServletHelper { public static final String SERVICE_METHOD_NAME = "service"; public static final String NR_SEC_CUSTOM_ATTRIB_NAME = "SERVLET_LOCK-"; + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; public static void processHttpRequestHeader(HttpServletRequest request, HttpRequest securityRequest){ Enumeration headerNames = request.getHeaderNames(); @@ -105,4 +112,35 @@ public static void releaseServletLock() { private static String getNrSecCustomAttribName() { return NR_SEC_CUSTOM_ATTRIB_NAME + Thread.currentThread().getId(); } + + public static void gatherURLMappings(ServletContext servletContext) { + try { + Map servletRegistrations = servletContext.getServletRegistrations(); + getJSPMappings(servletContext, SEPARATOR); + + for (ServletRegistration servletRegistration : servletRegistrations.values()) { + for (String s : servletRegistration.getMappings()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, s)); + } + } + } catch (Exception ignored){ + } + } + + public static void getJSPMappings(ServletContext servletContext, String dir) { + try { + if(dir.endsWith(SEPARATOR)){ + Collection resourcePaths = servletContext.getResourcePaths(dir); + for (String path : resourcePaths) { + if(path.endsWith(SEPARATOR)) { + getJSPMappings(servletContext, path); + } + else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP") || path.endsWith(".JSPX")) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, path)); + } + } + } + } catch (Exception ignored){ + } + } } diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java new file mode 100644 index 000000000..890ab4b9b --- /dev/null +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java @@ -0,0 +1,18 @@ +package jakarta.servlet; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.servlet6.HttpServletHelper; +import java.util.Set; + +@Weave(type = MatchType.Interface, originalName = "jakarta.servlet.ServletContainerInitializer") +public class ServletContainerInitializer_Instrumentation { + public void onStartup(Set> var1, ServletContext var2) { + try { + Weaver.callOriginal(); + } finally { + HttpServletHelper.gatherURLMappings(var2); + } + } +} From 121bf99bb92de2a78b1b328e7b9befa950cb309f Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Wed, 16 Aug 2023 15:25:46 +0530 Subject: [PATCH 58/80] [NEW] URL mappings for spring (#53) * Getting url mappings for spring-mvc and spring-boot [3.1.0 - latest] Co-authored-by: idawda Co-authored-by: lbaya --- .../spring-webmvc-3.1.0/build.gradle | 27 +++++++++++++++ ...tHandlerMethodMapping_Instrumentation.java | 19 +++++++++++ .../web/servlet/handler310/SpringHelper.java | 25 ++++++++++++++ ...ternsRequestCondition_Instrumentation.java | 7 ++++ .../spring-webmvc-5.3.0/build.gradle | 26 ++++++++++++++ ...tHandlerMethodMapping_Instrumentation.java | 19 +++++++++++ .../web/servlet/handler530/SpringHelper.java | 34 +++++++++++++++++++ settings.gradle | 3 ++ 8 files changed, 160 insertions(+) create mode 100644 instrumentation-security/spring-webmvc-3.1.0/build.gradle create mode 100644 instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/AbstractHandlerMethodMapping_Instrumentation.java create mode 100644 instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/SpringHelper.java create mode 100644 instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/mvc/condition/PathPatternsRequestCondition_Instrumentation.java create mode 100644 instrumentation-security/spring-webmvc-5.3.0/build.gradle create mode 100644 instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/AbstractHandlerMethodMapping_Instrumentation.java create mode 100644 instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/SpringHelper.java diff --git a/instrumentation-security/spring-webmvc-3.1.0/build.gradle b/instrumentation-security/spring-webmvc-3.1.0/build.gradle new file mode 100644 index 000000000..ae3d6ba5f --- /dev/null +++ b/instrumentation-security/spring-webmvc-3.1.0/build.gradle @@ -0,0 +1,27 @@ +plugins { + id "org.jetbrains.kotlin.jvm" +} + +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.springframework:spring-webmvc:3.1.0.RELEASE") +} + +jar { + manifest { + attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.spring-webmvc-3.1.0' + } +} + +verifyInstrumentation { + passesOnly 'org.springframework:spring-webmvc:[3.1.0.RELEASE,5.3.0)' + exclude('org.springframework:spring-webmvc:3.2.1.RELEASE') // only version that fails because of missing class (RequestMethod) + excludeRegex 'org.springframework:spring-webmvc:.*(rc|m|RC|SEC|M)[0-9]*$' +} + +site { + title 'Spring' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/AbstractHandlerMethodMapping_Instrumentation.java b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/AbstractHandlerMethodMapping_Instrumentation.java new file mode 100644 index 000000000..44dad2754 --- /dev/null +++ b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/AbstractHandlerMethodMapping_Instrumentation.java @@ -0,0 +1,19 @@ +package org.springframework.web.servlet.handler310; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; + +import java.lang.reflect.Method; + +@Weave(type = MatchType.ExactClass, originalName = "org.springframework.web.servlet.handler.AbstractHandlerMethodMapping") +public abstract class AbstractHandlerMethodMapping_Instrumentation { + + protected void registerHandlerMethod(Object handler, Method method, T mapping) { + try { + Weaver.callOriginal(); + } finally { + SpringHelper.gatherURLMappings(mapping); + } + } +} \ No newline at end of file diff --git a/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/SpringHelper.java b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/SpringHelper.java new file mode 100644 index 000000000..b71de356e --- /dev/null +++ b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/SpringHelper.java @@ -0,0 +1,25 @@ +package org.springframework.web.servlet.handler310; + +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.instrumentation.helpers.*; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.servlet.mvc.condition.PatternsRequestCondition; +import org.springframework.web.servlet.mvc.method.RequestMappingInfo; + + +public class SpringHelper { + public static void gatherURLMappings(T mapping){ + try { + RequestMappingInfo mappingInfo = (RequestMappingInfo) mapping; + PatternsRequestCondition patternsCondition = mappingInfo.getPatternsCondition(); + if (patternsCondition != null) { + for (RequestMethod method : mappingInfo.getMethodsCondition().getMethods()) { + for (String url : patternsCondition.getPatterns()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(method.name(), url)); + } + } + } + } catch (Throwable ignored){ + } + } +} diff --git a/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/mvc/condition/PathPatternsRequestCondition_Instrumentation.java b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/mvc/condition/PathPatternsRequestCondition_Instrumentation.java new file mode 100644 index 000000000..22dbc7b2b --- /dev/null +++ b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/mvc/condition/PathPatternsRequestCondition_Instrumentation.java @@ -0,0 +1,7 @@ +package org.springframework.web.servlet.mvc.condition; + +import com.newrelic.api.agent.weaver.SkipIfPresent; + +@SkipIfPresent(originalName = "org.springframework.web.servlet.mvc.condition.PathPatternsRequestCondition") +public class PathPatternsRequestCondition_Instrumentation { +} diff --git a/instrumentation-security/spring-webmvc-5.3.0/build.gradle b/instrumentation-security/spring-webmvc-5.3.0/build.gradle new file mode 100644 index 000000000..678ca7ac0 --- /dev/null +++ b/instrumentation-security/spring-webmvc-5.3.0/build.gradle @@ -0,0 +1,26 @@ +plugins { + id "org.jetbrains.kotlin.jvm" +} + +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.springframework:spring-webmvc:5.3.0") +} + +jar { + manifest { + attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.spring-webmvc-5.3.0' + } +} + +verifyInstrumentation { + passesOnly 'org.springframework:spring-webmvc:[5.3.0,)' + excludeRegex 'org.springframework:spring-webmvc:.*(rc|m|RC|SEC|M)[0-9]*$' +} + +site { + title 'Spring' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/AbstractHandlerMethodMapping_Instrumentation.java b/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/AbstractHandlerMethodMapping_Instrumentation.java new file mode 100644 index 000000000..0bc2f916b --- /dev/null +++ b/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/AbstractHandlerMethodMapping_Instrumentation.java @@ -0,0 +1,19 @@ +package org.springframework.web.servlet.handler530; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; + +import java.lang.reflect.Method; + +@Weave(type = MatchType.ExactClass, originalName = "org.springframework.web.servlet.handler.AbstractHandlerMethodMapping") +public abstract class AbstractHandlerMethodMapping_Instrumentation { + + protected void registerHandlerMethod(Object handler, Method method, T mapping) { + try { + Weaver.callOriginal(); + } finally { + SpringHelper.gatherURLMappings(mapping); + } + } +} \ No newline at end of file diff --git a/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/SpringHelper.java b/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/SpringHelper.java new file mode 100644 index 000000000..c6fa8aec7 --- /dev/null +++ b/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/SpringHelper.java @@ -0,0 +1,34 @@ +package org.springframework.web.servlet.handler530; + +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.instrumentation.helpers.*; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.servlet.mvc.condition.PathPatternsRequestCondition; +import org.springframework.web.servlet.mvc.condition.PatternsRequestCondition; +import org.springframework.web.servlet.mvc.method.RequestMappingInfo; +import org.springframework.web.util.pattern.PathPattern; + +public class SpringHelper { + public static void gatherURLMappings(T mapping){ + try { + RequestMappingInfo mappingInfo = (RequestMappingInfo) mapping; + PatternsRequestCondition patternsCondition = mappingInfo.getPatternsCondition(); + PathPatternsRequestCondition pathPatternsCondition = mappingInfo.getPathPatternsCondition(); + for (RequestMethod method : mappingInfo.getMethodsCondition().getMethods()) { + if (patternsCondition != null) { + for (String url : patternsCondition.getPatterns()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(method.name(), url)); + } + } + else if (pathPatternsCondition != null) { + for (PathPattern url : pathPatternsCondition.getPatterns()) { + if (url != null) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(method.name(), url.getPatternString())); + } + } + } + } + } catch (Throwable ignored){ + } + } +} diff --git a/settings.gradle b/settings.gradle index 2dd9e367f..56216918b 100644 --- a/settings.gradle +++ b/settings.gradle @@ -143,3 +143,6 @@ include 'instrumentation:resteasy-3' include 'instrumentation:resteasy-4' include 'instrumentation:apache-struts2' include 'instrumentation:spring-webflux' +include 'instrumentation:spring-webmvc-3.1.0' +include 'instrumentation:spring-webmvc-5.3.0' + From 8994065d8e467bda273767b9374a2e775336462b Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Wed, 16 Aug 2023 15:26:48 +0530 Subject: [PATCH 59/80] [NEW] URL mappings for jax-rs/jersey (#56) * Getting url mappings for jax-rs/jersey Co-authored-by: idawda Co-authored-by: Lovesh Baya --- instrumentation-security/jersey/build.gradle | 22 +++++++ .../security/jersey/JerseyHelper.java | 62 +++++++++++++++++++ ...JerseyResourceContext_Instrumentation.java | 20 ++++++ settings.gradle | 1 + 4 files changed, 105 insertions(+) create mode 100644 instrumentation-security/jersey/build.gradle create mode 100644 instrumentation-security/jersey/src/main/java/com/nr/instrumentation/security/jersey/JerseyHelper.java create mode 100644 instrumentation-security/jersey/src/main/java/org/glassfish/jersey/server/internal/JerseyResourceContext_Instrumentation.java diff --git a/instrumentation-security/jersey/build.gradle b/instrumentation-security/jersey/build.gradle new file mode 100644 index 000000000..e39469d3c --- /dev/null +++ b/instrumentation-security/jersey/build.gradle @@ -0,0 +1,22 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation('org.glassfish.jersey.core:jersey-server:2.28') +} + + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.jersey' } +} + + +verifyInstrumentation { + passesOnly 'org.glassfish.jersey.core:jersey-server:[0,)' + exclude 'org.glassfish.jersey.core:jersey-server:[2.0-m01,2.0-m12)' +} + +site { + title 'Jersey' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/jersey/src/main/java/com/nr/instrumentation/security/jersey/JerseyHelper.java b/instrumentation-security/jersey/src/main/java/com/nr/instrumentation/security/jersey/JerseyHelper.java new file mode 100644 index 000000000..5855f7d64 --- /dev/null +++ b/instrumentation-security/jersey/src/main/java/com/nr/instrumentation/security/jersey/JerseyHelper.java @@ -0,0 +1,62 @@ +package com.nr.instrumentation.security.jersey; + +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.instrumentation.helpers.*; +import org.glassfish.jersey.server.model.Resource; +import org.glassfish.jersey.server.model.ResourceMethod; +import org.glassfish.jersey.server.model.ResourceModel; +import org.glassfish.jersey.uri.PathPattern; + +import java.util.List; +import java.util.Set; + +public class JerseyHelper { + private static final String EMPTY = ""; + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; + public static void gatherUrlMappings(ResourceModel resourceModel) { + try { + List resources = resourceModel.getResources(); + if(resources != null){ + extractMappingsFromResources(resources, EMPTY); + } + } catch (Exception ignored){ + } + } + + private static void extractMappingsFromResources(List resources, String resourceUrl) throws Exception{ + + for( Resource resource: resources) { + PathPattern pathPattern = resource.getPathPattern(); + if(pathPattern != null && pathPattern.getTemplate() != null) { + String url = resourceUrl + pathPattern.getTemplate().getTemplate(); + + // extracting all the child-resources recursively + if(resource.getChildResources().size() > 0){ + extractMappingsFromResources(resource.getChildResources(), url); + } + + if(resource.getAllMethods().size() > 0){ + for (ResourceMethod method: resource.getAllMethods()){ + String httpMethod = method.getHttpMethod(); + if(httpMethod != null){ + addURLMappings(url, httpMethod, resource.getHandlerClasses()); + } else { + // httpMethod is null in case when method represents a sub-resource locator. + String modifiedUrl = url + SEPARATOR + WILDCARD; + addURLMappings(modifiedUrl, WILDCARD, resource.getHandlerClasses()); + } + } + } else if((resource.getChildResources().size() == 0)){ + addURLMappings(url, WILDCARD, resource.getHandlerClasses()); + } + } + } + } + + private static void addURLMappings(String url, String httpMethod, Set> handlerClasses) { + for (Class handlerClass : handlerClasses) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(httpMethod, url, handlerClass.getName())); + } + } +} diff --git a/instrumentation-security/jersey/src/main/java/org/glassfish/jersey/server/internal/JerseyResourceContext_Instrumentation.java b/instrumentation-security/jersey/src/main/java/org/glassfish/jersey/server/internal/JerseyResourceContext_Instrumentation.java new file mode 100644 index 000000000..149fc5cca --- /dev/null +++ b/instrumentation-security/jersey/src/main/java/org/glassfish/jersey/server/internal/JerseyResourceContext_Instrumentation.java @@ -0,0 +1,20 @@ +package org.glassfish.jersey.server.internal; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import com.nr.instrumentation.security.jersey.JerseyHelper; +import org.glassfish.jersey.server.model.ResourceModel; + + +@Weave(type = MatchType.ExactClass, originalName = "org.glassfish.jersey.server.internal.JerseyResourceContext") +public class JerseyResourceContext_Instrumentation { + + public void setResourceModel(ResourceModel resourceModel) { + try { + Weaver.callOriginal(); + } finally { + JerseyHelper.gatherUrlMappings(resourceModel); + } + } +} diff --git a/settings.gradle b/settings.gradle index 56216918b..f3b06dc10 100644 --- a/settings.gradle +++ b/settings.gradle @@ -141,6 +141,7 @@ include 'instrumentation:grails-3.0' include 'instrumentation:resteasy-2.2' include 'instrumentation:resteasy-3' include 'instrumentation:resteasy-4' +include 'instrumentation:jersey' include 'instrumentation:apache-struts2' include 'instrumentation:spring-webflux' include 'instrumentation:spring-webmvc-3.1.0' From 2cb3b36713065f790939562e73eee3d3ecb54a8e Mon Sep 17 00:00:00 2001 From: Monu Lakshkar <93383912+monu-k2io@users.noreply.github.com> Date: Wed, 16 Aug 2023 15:36:23 +0530 Subject: [PATCH 60/80] Apache Log4j new version support (#88) * [INSTRUMENTATION] Apache-log4j 3.0.0-alpha1 to latest (new version released) * [TEST] Added unit test cases for Apache-log4j 3.0.0-alpha1 to latest (new version released) * Updated Changelog.md --- Changelog.md | 1 + .../apache-log4j-3.0.0/build.gradle | 25 +++ .../StrSubstitutor_Instrumentation.java | 25 +++ .../security/log4j/Log4jTest.java | 175 ++++++++++++++++++ ...plication_logging_context_data_enabled.yml | 12 ++ .../resources/application_logging_enabled.yml | 10 + settings.gradle | 1 + 7 files changed, 249 insertions(+) create mode 100644 instrumentation-security/apache-log4j-3.0.0/build.gradle create mode 100644 instrumentation-security/apache-log4j-3.0.0/src/main/java/org/apache/logging/log4j/core/lookup/StrSubstitutor_Instrumentation.java create mode 100644 instrumentation-security/apache-log4j-3.0.0/src/test/java/com/nr/instrumentation/security/log4j/Log4jTest.java create mode 100644 instrumentation-security/apache-log4j-3.0.0/src/test/resources/application_logging_context_data_enabled.yml create mode 100644 instrumentation-security/apache-log4j-3.0.0/src/test/resources/application_logging_enabled.yml diff --git a/Changelog.md b/Changelog.md index 80959a77e..3b8428290 100644 --- a/Changelog.md +++ b/Changelog.md @@ -6,6 +6,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [1.0.5-public-preview] - To Be Decided ### Changes +- [INSTRUMENTATION] Support for Apache log4j 3.0.0-alpha1 (new version released on 21 June 2023) ## [1.0.4-public-preview] - 2023-06-20 ### Changes diff --git a/instrumentation-security/apache-log4j-3.0.0/build.gradle b/instrumentation-security/apache-log4j-3.0.0/build.gradle new file mode 100644 index 000000000..bc2e57321 --- /dev/null +++ b/instrumentation-security/apache-log4j-3.0.0/build.gradle @@ -0,0 +1,25 @@ +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.apache-log4j' } +} + +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.apache.logging.log4j:log4j-core:3.0.0-alpha1") +} + +verifyInstrumentation { + passes("org.apache.logging.log4j:log4j-core:[3.0.0-alpha1,)") +} + +site { + title 'Log4j' + type 'Framework' +} + +java { + toolchain { + languageVersion.set(JavaLanguageVersion.of(11)) + } +} diff --git a/instrumentation-security/apache-log4j-3.0.0/src/main/java/org/apache/logging/log4j/core/lookup/StrSubstitutor_Instrumentation.java b/instrumentation-security/apache-log4j-3.0.0/src/main/java/org/apache/logging/log4j/core/lookup/StrSubstitutor_Instrumentation.java new file mode 100644 index 000000000..9fbe296bf --- /dev/null +++ b/instrumentation-security/apache-log4j-3.0.0/src/main/java/org/apache/logging/log4j/core/lookup/StrSubstitutor_Instrumentation.java @@ -0,0 +1,25 @@ +package org.apache.logging.log4j.core.lookup; + +import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.schema.JDBCVendor; +import com.newrelic.api.agent.security.schema.helper.Log4JStrSubstitutor; +import com.newrelic.api.agent.security.utils.UserDataTranslationHelper; +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; +import org.apache.logging.log4j.core.LogEvent; + +@Weave(type = MatchType.BaseClass, originalName = "org.apache.logging.log4j.core.lookup.StrSubstitutor") +public class StrSubstitutor_Instrumentation { + + protected String resolveVariable(final LogEvent event, final String variableName, final StringBuilder buf, + final int startPos, final int endPos) { + if (NewRelicSecurity.isHookProcessingActive() && !NewRelicSecurity.getAgent().getSecurityMetaData().getRequest().isEmpty()) { + Log4JStrSubstitutor substitutor = new Log4JStrSubstitutor(variableName, buf, startPos, endPos); + NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(UserDataTranslationHelper.getAttributeName(Log4JStrSubstitutor.class.getName()), substitutor); + } + return Weaver.callOriginal(); + } + + +} diff --git a/instrumentation-security/apache-log4j-3.0.0/src/test/java/com/nr/instrumentation/security/log4j/Log4jTest.java b/instrumentation-security/apache-log4j-3.0.0/src/test/java/com/nr/instrumentation/security/log4j/Log4jTest.java new file mode 100644 index 000000000..f8c1ae050 --- /dev/null +++ b/instrumentation-security/apache-log4j-3.0.0/src/test/java/com/nr/instrumentation/security/log4j/Log4jTest.java @@ -0,0 +1,175 @@ +package com.nr.instrumentation.security.log4j; + +import com.newrelic.agent.security.introspec.InstrumentationTestConfig; +import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; +import com.newrelic.agent.security.introspec.SecurityIntrospector; +import com.newrelic.api.agent.security.schema.helper.Log4JStrSubstitutor; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.apache.logging.log4j.core.lookup.StrSubstitutor; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.FixMethodOrder; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.MethodSorters; + +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; + +@RunWith(SecurityInstrumentationTestRunner.class) +@FixMethodOrder(MethodSorters.NAME_ASCENDING) +@InstrumentationTestConfig(includePrefixes = "org.apache.logging.log4j.core", configName = "application_logging_context_data_enabled.yml") +public class Log4jTest { + private final Logger logger = LogManager.getLogger(Log4jTest.class); + private static final Map MAP = new HashMap<>(); + private final String SOURCE = " ${Key} "; + private final Log4JStrSubstitutor EXPECTED = new Log4JStrSubstitutor("Key", new StringBuilder(" value "), 1, 7); + + @BeforeClass + public static void setLogLevel() { + MAP.put("Key", "value"); + } + + @Test + public void testResolveVariable() { + Properties info = new Properties(); + info.setProperty("Key", "value"); + String str = StrSubstitutor.replace(SOURCE, info); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable1() { + String str = StrSubstitutor.replace(SOURCE, MAP); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable2() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + String str = substitutor.replace(SOURCE); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actaul = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actaul); + } + + @Test + public void testResolveVariable3() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + String str = substitutor.replace(SOURCE, 0, SOURCE.length()); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable4() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + String str = substitutor.replace(SOURCE.toCharArray()); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable5() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + String str = substitutor.replace(SOURCE.toCharArray(), 0, SOURCE.length()); + logger.error(str); + + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable6() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + String str = substitutor.replace(new StringBuffer(SOURCE)); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable7() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + String str = substitutor.replace(new StringBuffer(SOURCE), 0, SOURCE.length()); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable8() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + String str = substitutor.replace(new StringBuilder(SOURCE)); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable9() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + String str = substitutor.replace(new StringBuilder(SOURCE), 0, SOURCE.length()); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable10() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + boolean str = substitutor.replaceIn(new StringBuilder(SOURCE)); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + @Test + public void testResolveVariable11() { + StrSubstitutor substitutor = new StrSubstitutor(MAP); + boolean str = substitutor.replaceIn(new StringBuilder(SOURCE), 1, SOURCE.length()-1); + logger.error(str); + + SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); + Log4JStrSubstitutor actual = introspector.getLog4JStrSubstitutor(); + assertLog4JStrSubstitutor(EXPECTED, actual); + } + + + private void assertLog4JStrSubstitutor(Log4JStrSubstitutor expected, Log4JStrSubstitutor actual) { + Assert.assertEquals("Invalid variable name", expected.getVariableName(), actual.getVariableName()); + Assert.assertEquals("Invalid buffer value", expected.getBuf().toString(), actual.getBuf().toString()); + Assert.assertEquals("Wrong Start position of variable", expected.getStartPos(), actual.getStartPos()); + Assert.assertEquals("Wrong end position of variable", expected.getEndPos(), actual.getEndPos()); + } +} \ No newline at end of file diff --git a/instrumentation-security/apache-log4j-3.0.0/src/test/resources/application_logging_context_data_enabled.yml b/instrumentation-security/apache-log4j-3.0.0/src/test/resources/application_logging_context_data_enabled.yml new file mode 100644 index 000000000..1212edc2e --- /dev/null +++ b/instrumentation-security/apache-log4j-3.0.0/src/test/resources/application_logging_context_data_enabled.yml @@ -0,0 +1,12 @@ +common: &default_settings + application_logging: + enabled: true + forwarding: + enabled: true + max_samples_stored: 10000 + context_data: + enabled: true + metrics: + enabled: true + local_decorating: + enabled: false diff --git a/instrumentation-security/apache-log4j-3.0.0/src/test/resources/application_logging_enabled.yml b/instrumentation-security/apache-log4j-3.0.0/src/test/resources/application_logging_enabled.yml new file mode 100644 index 000000000..583ffd2bb --- /dev/null +++ b/instrumentation-security/apache-log4j-3.0.0/src/test/resources/application_logging_enabled.yml @@ -0,0 +1,10 @@ +common: &default_settings + application_logging: + enabled: true + forwarding: + enabled: true + max_samples_stored: 10000 + metrics: + enabled: true + local_decorating: + enabled: false diff --git a/settings.gradle b/settings.gradle index f3b06dc10..c977697bb 100644 --- a/settings.gradle +++ b/settings.gradle @@ -108,6 +108,7 @@ include 'instrumentation:graalvm-jsinjection-19.0.0' include 'instrumentation:graalvm-jsinjection-22.0.0' include 'instrumentation:apache-log4j-2.0' include 'instrumentation:apache-log4j-2.17.2' +include 'instrumentation:apache-log4j-3.0.0' include 'instrumentation:saxpath' include 'instrumentation:javax-xpath' include 'instrumentation:akka-http-core-2.11_10.0.11' From 6620c096afb4d96a9d42f09ee86ac8409049a92f Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 16 Aug 2023 16:01:58 +0530 Subject: [PATCH 61/80] Changelogs for version 1.0.5 Co-authored-by: Harshit Singh Lodha --- Changelog.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index 3b8428290..8fac56508 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,9 +4,20 @@ Noteworthy changes to the agent are documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## [1.0.5-public-preview] - To Be Decided +## [1.0.5-public-preview] - 2023-08-28 ### Changes - [INSTRUMENTATION] Support for Apache log4j 3.0.0-alpha1 (new version released on 21 June 2023) +- [INSTRUMENTATION] Support for Commons.jxpath +- [SUPPORT] Generating list of application URL mappings for following Servers and Frameworks + - jax-rs/jersey + - Spring + - Servlet + - Grails + - RestEasy + - Spring-Webflux + - Apache Struts2 +- Randomization in WS connection delay +- ## [1.0.4-public-preview] - 2023-06-20 ### Changes From a84b8760c0b44a2dbd551428450434525e9e4f32 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 16 Aug 2023 17:23:29 +0530 Subject: [PATCH 62/80] Changelogs for SA HC empty stats Co-authored-by: Harshit Singh Lodha --- Changelog.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index 8fac56508..65dbc2cbf 100644 --- a/Changelog.md +++ b/Changelog.md @@ -17,7 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Spring-Webflux - Apache Struts2 - Randomization in WS connection delay -- +- [FIX] Issuw with HealthChecking having empty process stats issue ## [1.0.4-public-preview] - 2023-06-20 ### Changes From 23a7f998087f33259c93e78989fe930e853fc87c Mon Sep 17 00:00:00 2001 From: Monu Lakshkar Date: Wed, 16 Aug 2023 17:50:02 +0530 Subject: [PATCH 63/80] Getting handler class with the url mapping for spring framework Co-authored-by: Ishika Dawda --- .../AbstractHandlerMethodMapping_Instrumentation.java | 2 +- .../web/reactive/result/method/SpringHelper.java | 6 ++++-- .../AbstractHandlerMethodMapping_Instrumentation.java | 2 +- .../web/servlet/handler310/SpringHelper.java | 7 ++++--- .../AbstractHandlerMethodMapping_Instrumentation.java | 2 +- .../web/servlet/handler530/SpringHelper.java | 10 ++++++---- 6 files changed, 17 insertions(+), 12 deletions(-) diff --git a/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/AbstractHandlerMethodMapping_Instrumentation.java b/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/AbstractHandlerMethodMapping_Instrumentation.java index a488b2be4..d04383853 100644 --- a/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/AbstractHandlerMethodMapping_Instrumentation.java +++ b/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/AbstractHandlerMethodMapping_Instrumentation.java @@ -13,7 +13,7 @@ protected void registerHandlerMethod(Object handler, Method method, T mapping) { try { Weaver.callOriginal(); } finally { - SpringHelper.gatherURLMappings(mapping); + SpringHelper.gatherURLMappings(mapping, method); } } } \ No newline at end of file diff --git a/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/SpringHelper.java b/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/SpringHelper.java index 0f8e04af7..58f358731 100644 --- a/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/SpringHelper.java +++ b/instrumentation-security/spring-webflux/src/main/java/org/springframework/web/reactive/result/method/SpringHelper.java @@ -6,15 +6,17 @@ import org.springframework.web.reactive.result.condition.PatternsRequestCondition; import org.springframework.web.util.pattern.PathPattern; +import java.lang.reflect.Method; + public class SpringHelper { - public static void gatherURLMappings(T mapping){ + public static void gatherURLMappings(T mapping, Method method){ try { RequestMappingInfo mappingInfo = (RequestMappingInfo) mapping; PatternsRequestCondition patternsCondition = mappingInfo.getPatternsCondition(); if(patternsCondition!=null) { for (RequestMethod requestMethod : mappingInfo.getMethodsCondition().getMethods()) { for (PathPattern url : patternsCondition.getPatterns()) { - URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(requestMethod.name(), url.getPatternString())); + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(requestMethod.name(), url.getPatternString(), method.getDeclaringClass().getName())); } } } diff --git a/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/AbstractHandlerMethodMapping_Instrumentation.java b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/AbstractHandlerMethodMapping_Instrumentation.java index 44dad2754..a8d8b5cf9 100644 --- a/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/AbstractHandlerMethodMapping_Instrumentation.java +++ b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/AbstractHandlerMethodMapping_Instrumentation.java @@ -13,7 +13,7 @@ protected void registerHandlerMethod(Object handler, Method method, T mapping) { try { Weaver.callOriginal(); } finally { - SpringHelper.gatherURLMappings(mapping); + SpringHelper.gatherURLMappings(mapping, method); } } } \ No newline at end of file diff --git a/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/SpringHelper.java b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/SpringHelper.java index b71de356e..bff8969bc 100644 --- a/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/SpringHelper.java +++ b/instrumentation-security/spring-webmvc-3.1.0/src/main/java/org/springframework/web/servlet/handler310/SpringHelper.java @@ -6,16 +6,17 @@ import org.springframework.web.servlet.mvc.condition.PatternsRequestCondition; import org.springframework.web.servlet.mvc.method.RequestMappingInfo; +import java.lang.reflect.Method; public class SpringHelper { - public static void gatherURLMappings(T mapping){ + public static void gatherURLMappings(T mapping, Method method){ try { RequestMappingInfo mappingInfo = (RequestMappingInfo) mapping; PatternsRequestCondition patternsCondition = mappingInfo.getPatternsCondition(); if (patternsCondition != null) { - for (RequestMethod method : mappingInfo.getMethodsCondition().getMethods()) { + for (RequestMethod requestMethod : mappingInfo.getMethodsCondition().getMethods()) { for (String url : patternsCondition.getPatterns()) { - URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(method.name(), url)); + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(requestMethod.name(), url, method.getDeclaringClass().getName())); } } } diff --git a/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/AbstractHandlerMethodMapping_Instrumentation.java b/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/AbstractHandlerMethodMapping_Instrumentation.java index 0bc2f916b..8a05ea39b 100644 --- a/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/AbstractHandlerMethodMapping_Instrumentation.java +++ b/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/AbstractHandlerMethodMapping_Instrumentation.java @@ -13,7 +13,7 @@ protected void registerHandlerMethod(Object handler, Method method, T mapping) { try { Weaver.callOriginal(); } finally { - SpringHelper.gatherURLMappings(mapping); + SpringHelper.gatherURLMappings(mapping, method); } } } \ No newline at end of file diff --git a/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/SpringHelper.java b/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/SpringHelper.java index c6fa8aec7..f40be47a1 100644 --- a/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/SpringHelper.java +++ b/instrumentation-security/spring-webmvc-5.3.0/src/main/java/org/springframework/web/servlet/handler530/SpringHelper.java @@ -8,22 +8,24 @@ import org.springframework.web.servlet.mvc.method.RequestMappingInfo; import org.springframework.web.util.pattern.PathPattern; +import java.lang.reflect.Method; + public class SpringHelper { - public static void gatherURLMappings(T mapping){ + public static void gatherURLMappings(T mapping, Method method){ try { RequestMappingInfo mappingInfo = (RequestMappingInfo) mapping; PatternsRequestCondition patternsCondition = mappingInfo.getPatternsCondition(); PathPatternsRequestCondition pathPatternsCondition = mappingInfo.getPathPatternsCondition(); - for (RequestMethod method : mappingInfo.getMethodsCondition().getMethods()) { + for (RequestMethod requestMethod : mappingInfo.getMethodsCondition().getMethods()) { if (patternsCondition != null) { for (String url : patternsCondition.getPatterns()) { - URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(method.name(), url)); + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(requestMethod.name(), url, method.getDeclaringClass().getName())); } } else if (pathPatternsCondition != null) { for (PathPattern url : pathPatternsCondition.getPatterns()) { if (url != null) { - URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(method.name(), url.getPatternString())); + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(requestMethod.name(), url.getPatternString(), method.getDeclaringClass().getName())); } } } From c95188b9f96e110da95c22865418801a8f575c30 Mon Sep 17 00:00:00 2001 From: Ishika Dawda <112611034+IshikaDawda@users.noreply.github.com> Date: Thu, 17 Aug 2023 10:05:24 +0530 Subject: [PATCH 64/80] [NEW] URL mappings for Apache-Wicket (#82) * Getting URL Mappings for Apache-Wicket 6.4 * Getting URL Mappings for Apache-Wicket 7.0 * Getting URL Mappings for Apache-Wicket 8.0 Co-authored-by: Monu Lakshkar --- .../apache-wicket-6.4/build.gradle | 20 ++++++++++++++ .../security/apache/wicket6/WicketHelper.java | 26 +++++++++++++++++++ .../mount/MountMapper_Instrumentation.java | 17 ++++++++++++ .../mount/MountedMapper_Instrumentation.java | 20 ++++++++++++++ .../mount/PackageMapper_Instrumentation.java | 14 ++++++++++ .../apache-wicket-7.0/build.gradle | 20 ++++++++++++++ .../security/apache/wicket7/WicketHelper.java | 26 +++++++++++++++++++ .../mapper/MountedMapper_Instrumentation.java | 19 ++++++++++++++ .../mapper/PackageMapper_Instrumentation.java | 16 ++++++++++++ .../apache-wicket-8.0/build.gradle | 20 ++++++++++++++ .../security/apache/wicket8/WicketHelper.java | 26 +++++++++++++++++++ .../mapper/MountedMapper_Instrumentation.java | 19 ++++++++++++++ .../mapper/PackageMapper_Instrumentation.java | 15 +++++++++++ settings.gradle | 4 +++ 14 files changed, 262 insertions(+) create mode 100644 instrumentation-security/apache-wicket-6.4/build.gradle create mode 100644 instrumentation-security/apache-wicket-6.4/src/main/java/com/nr/instrumentation/security/apache/wicket6/WicketHelper.java create mode 100644 instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/MountMapper_Instrumentation.java create mode 100644 instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/MountedMapper_Instrumentation.java create mode 100644 instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/PackageMapper_Instrumentation.java create mode 100644 instrumentation-security/apache-wicket-7.0/build.gradle create mode 100644 instrumentation-security/apache-wicket-7.0/src/main/java/com/nr/instrumentation/security/apache/wicket7/WicketHelper.java create mode 100644 instrumentation-security/apache-wicket-7.0/src/main/java/org/apache/wicket/core/request/mapper/MountedMapper_Instrumentation.java create mode 100644 instrumentation-security/apache-wicket-7.0/src/main/java/org/apache/wicket/core/request/mapper/PackageMapper_Instrumentation.java create mode 100644 instrumentation-security/apache-wicket-8.0/build.gradle create mode 100644 instrumentation-security/apache-wicket-8.0/src/main/java/com/nr/instrumentation/security/apache/wicket8/WicketHelper.java create mode 100644 instrumentation-security/apache-wicket-8.0/src/main/java/org/apache/wicket/core/request/mapper/MountedMapper_Instrumentation.java create mode 100644 instrumentation-security/apache-wicket-8.0/src/main/java/org/apache/wicket/core/request/mapper/PackageMapper_Instrumentation.java diff --git a/instrumentation-security/apache-wicket-6.4/build.gradle b/instrumentation-security/apache-wicket-6.4/build.gradle new file mode 100644 index 000000000..c648df2e7 --- /dev/null +++ b/instrumentation-security/apache-wicket-6.4/build.gradle @@ -0,0 +1,20 @@ +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.apache.wicket:wicket-core:6.4.0") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.apache-wicket-6.4' } +} + +verifyInstrumentation { + excludeRegex '.*.beta[0-9]' + passes 'org.apache.wicket:wicket-core:[6.4.0,7.0.0-M1)' +} + +site { + title 'Apache Wicket' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/apache-wicket-6.4/src/main/java/com/nr/instrumentation/security/apache/wicket6/WicketHelper.java b/instrumentation-security/apache-wicket-6.4/src/main/java/com/nr/instrumentation/security/apache/wicket6/WicketHelper.java new file mode 100644 index 000000000..5439f2565 --- /dev/null +++ b/instrumentation-security/apache-wicket-6.4/src/main/java/com/nr/instrumentation/security/apache/wicket6/WicketHelper.java @@ -0,0 +1,26 @@ +package com.nr.instrumentation.security.apache.wicket6; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +import java.util.HashMap; +import java.util.Map; + +public class WicketHelper { + private static final String WILDCARD = "*"; + private static final String SEPARATOR = "/"; + private static final Map packageMap = new HashMap<>(); + + public static void getMappings(String path, String handler, boolean isPackageMapper) { + try { + String finalPath = path + (isPackageMapper ? SEPARATOR + WILDCARD : ""); + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, finalPath, handler)); + } catch (Exception ignored){ + } + } + + public static Map getPackageMap() { + return packageMap; + } + +} diff --git a/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/MountMapper_Instrumentation.java b/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/MountMapper_Instrumentation.java new file mode 100644 index 000000000..0f73a6cf9 --- /dev/null +++ b/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/MountMapper_Instrumentation.java @@ -0,0 +1,17 @@ +package org.apache.wicket.request.mapper.mount; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.nr.instrumentation.security.apache.wicket6.WicketHelper; +import org.apache.wicket.request.IRequestMapper; + +@Weave(type = MatchType.ExactClass, originalName = "org.apache.wicket.request.mapper.mount.MountMapper") +public class MountMapper_Instrumentation { + public MountMapper_Instrumentation(String mountPath, IRequestMapper mapper) { + try{ + WicketHelper.getMappings(mountPath, WicketHelper.getPackageMap().get(mapper.hashCode()), true); + WicketHelper.getPackageMap().remove(mapper.hashCode()); + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/MountedMapper_Instrumentation.java b/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/MountedMapper_Instrumentation.java new file mode 100644 index 000000000..1c065a47c --- /dev/null +++ b/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/MountedMapper_Instrumentation.java @@ -0,0 +1,20 @@ +package org.apache.wicket.request.mapper.mount; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.nr.instrumentation.security.apache.wicket6.WicketHelper; +import org.apache.wicket.request.component.IRequestablePage; +import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder; +import org.apache.wicket.util.IProvider; + +@Weave(type = MatchType.ExactClass, originalName = "org.apache.wicket.core.request.mapper.MountedMapper") +public class MountedMapper_Instrumentation { + + public MountedMapper_Instrumentation( + String mountPath, + IProvider> pageClassProvider, + IPageParametersEncoder pageParametersEncoder + ){ + WicketHelper.getMappings(mountPath, pageClassProvider.get().getName(), false); + } +} diff --git a/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/PackageMapper_Instrumentation.java b/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/PackageMapper_Instrumentation.java new file mode 100644 index 000000000..88f7c1af5 --- /dev/null +++ b/instrumentation-security/apache-wicket-6.4/src/main/java/org/apache/wicket/request/mapper/mount/PackageMapper_Instrumentation.java @@ -0,0 +1,14 @@ +package org.apache.wicket.request.mapper.mount; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.nr.instrumentation.security.apache.wicket6.WicketHelper; +import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder; +import org.apache.wicket.util.lang.PackageName; + +@Weave(type = MatchType.ExactClass, originalName = "org.apache.wicket.core.request.mapper.PackageMapper") +public abstract class PackageMapper_Instrumentation { + public PackageMapper_Instrumentation (PackageName packageName, IPageParametersEncoder pageParametersEncoder) { + WicketHelper.getPackageMap().put(hashCode(), packageName.getName()); + } +} diff --git a/instrumentation-security/apache-wicket-7.0/build.gradle b/instrumentation-security/apache-wicket-7.0/build.gradle new file mode 100644 index 000000000..2ba00d85b --- /dev/null +++ b/instrumentation-security/apache-wicket-7.0/build.gradle @@ -0,0 +1,20 @@ + +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.apache.wicket:wicket-core:7.0.0") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.apache-wicket-7.0' } +} + +verifyInstrumentation { + passes 'org.apache.wicket:wicket-core:[7.0.0-M1,8.0.0-M1)' +} + +site { + title 'Apache Wicket' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/apache-wicket-7.0/src/main/java/com/nr/instrumentation/security/apache/wicket7/WicketHelper.java b/instrumentation-security/apache-wicket-7.0/src/main/java/com/nr/instrumentation/security/apache/wicket7/WicketHelper.java new file mode 100644 index 000000000..651761e99 --- /dev/null +++ b/instrumentation-security/apache-wicket-7.0/src/main/java/com/nr/instrumentation/security/apache/wicket7/WicketHelper.java @@ -0,0 +1,26 @@ +package com.nr.instrumentation.security.apache.wicket7; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +public class WicketHelper { + private static final String WILDCARD = "*"; + + private static final String SEPARATOR = "/"; + + public static void getMappings(String path, String handler, boolean isPackageMapper) { + try{ + if(!path.startsWith(SEPARATOR)) { + path = SEPARATOR + path; + } + + if(isPackageMapper){ + String finalPath = path + SEPARATOR + WILDCARD; + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, finalPath, handler)); + } else { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, path, handler)); + } + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/apache-wicket-7.0/src/main/java/org/apache/wicket/core/request/mapper/MountedMapper_Instrumentation.java b/instrumentation-security/apache-wicket-7.0/src/main/java/org/apache/wicket/core/request/mapper/MountedMapper_Instrumentation.java new file mode 100644 index 000000000..d8a9ea7ca --- /dev/null +++ b/instrumentation-security/apache-wicket-7.0/src/main/java/org/apache/wicket/core/request/mapper/MountedMapper_Instrumentation.java @@ -0,0 +1,19 @@ +package org.apache.wicket.core.request.mapper; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.nr.instrumentation.security.apache.wicket7.WicketHelper; +import org.apache.wicket.request.component.IRequestablePage; +import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder; +import org.apache.wicket.util.IProvider; + +@Weave(type = MatchType.BaseClass, originalName = "org.apache.wicket.core.request.mapper.MountedMapper") +public class MountedMapper_Instrumentation { + + public MountedMapper_Instrumentation(String mountPath, + IProvider> pageClassProvider, + IPageParametersEncoder pageParametersEncoder + ) { + WicketHelper.getMappings(mountPath, pageClassProvider.get().getName(), false); + } +} diff --git a/instrumentation-security/apache-wicket-7.0/src/main/java/org/apache/wicket/core/request/mapper/PackageMapper_Instrumentation.java b/instrumentation-security/apache-wicket-7.0/src/main/java/org/apache/wicket/core/request/mapper/PackageMapper_Instrumentation.java new file mode 100644 index 000000000..648807be1 --- /dev/null +++ b/instrumentation-security/apache-wicket-7.0/src/main/java/org/apache/wicket/core/request/mapper/PackageMapper_Instrumentation.java @@ -0,0 +1,16 @@ +package org.apache.wicket.core.request.mapper; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.nr.instrumentation.security.apache.wicket7.WicketHelper; +import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder; +import org.apache.wicket.util.lang.PackageName; + +@Weave(type = MatchType.ExactClass, originalName = "org.apache.wicket.core.request.mapper.PackageMapper") +public class PackageMapper_Instrumentation { + + public PackageMapper_Instrumentation(String mountPath, final PackageName packageName, + final IPageParametersEncoder pageParametersEncoder){ + WicketHelper.getMappings(mountPath, packageName.getName(), true); + } +} diff --git a/instrumentation-security/apache-wicket-8.0/build.gradle b/instrumentation-security/apache-wicket-8.0/build.gradle new file mode 100644 index 000000000..ef8ac8421 --- /dev/null +++ b/instrumentation-security/apache-wicket-8.0/build.gradle @@ -0,0 +1,20 @@ + +dependencies { + implementation(project(":newrelic-security-api")) + implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") + implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") + implementation("org.apache.wicket:wicket-core:8.0.0") +} + +jar { + manifest { attributes 'Implementation-Title': 'com.newrelic.instrumentation.security.apache-wicket-8.0' } +} + +verifyInstrumentation { + passes 'org.apache.wicket:wicket-core:[8.0.0-M1,)' +} + +site { + title 'Apache Wicket' + type 'Framework' +} \ No newline at end of file diff --git a/instrumentation-security/apache-wicket-8.0/src/main/java/com/nr/instrumentation/security/apache/wicket8/WicketHelper.java b/instrumentation-security/apache-wicket-8.0/src/main/java/com/nr/instrumentation/security/apache/wicket8/WicketHelper.java new file mode 100644 index 000000000..376109337 --- /dev/null +++ b/instrumentation-security/apache-wicket-8.0/src/main/java/com/nr/instrumentation/security/apache/wicket8/WicketHelper.java @@ -0,0 +1,26 @@ +package com.nr.instrumentation.security.apache.wicket8; + +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; + +public class WicketHelper { + private static final String WILDCARD = "*"; + + private static final String SEPARATOR = "/"; + + public static void getMappings(String path, String handler, boolean isPackageMapper) { + try{ + if(!path.startsWith(SEPARATOR)) { + path = SEPARATOR + path; + } + + if(isPackageMapper){ + String finalPath = path + SEPARATOR + WILDCARD; + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, finalPath, handler)); + } else { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(WILDCARD, path, handler)); + } + } catch (Exception ignored){ + } + } +} diff --git a/instrumentation-security/apache-wicket-8.0/src/main/java/org/apache/wicket/core/request/mapper/MountedMapper_Instrumentation.java b/instrumentation-security/apache-wicket-8.0/src/main/java/org/apache/wicket/core/request/mapper/MountedMapper_Instrumentation.java new file mode 100644 index 000000000..e0f31197a --- /dev/null +++ b/instrumentation-security/apache-wicket-8.0/src/main/java/org/apache/wicket/core/request/mapper/MountedMapper_Instrumentation.java @@ -0,0 +1,19 @@ +package org.apache.wicket.core.request.mapper; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.nr.instrumentation.security.apache.wicket8.WicketHelper; +import org.apache.wicket.request.component.IRequestablePage; +import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder; + +import java.util.function.Supplier; + +@Weave(type = MatchType.BaseClass, originalName = "org.apache.wicket.core.request.mapper.MountedMapper") +public class MountedMapper_Instrumentation { + public MountedMapper_Instrumentation(String mountPath, + Supplier> pageClassProvider, + IPageParametersEncoder pageParametersEncoder + ) { + WicketHelper.getMappings(mountPath, pageClassProvider.get().getName(), false); + } +} diff --git a/instrumentation-security/apache-wicket-8.0/src/main/java/org/apache/wicket/core/request/mapper/PackageMapper_Instrumentation.java b/instrumentation-security/apache-wicket-8.0/src/main/java/org/apache/wicket/core/request/mapper/PackageMapper_Instrumentation.java new file mode 100644 index 000000000..873adf232 --- /dev/null +++ b/instrumentation-security/apache-wicket-8.0/src/main/java/org/apache/wicket/core/request/mapper/PackageMapper_Instrumentation.java @@ -0,0 +1,15 @@ +package org.apache.wicket.core.request.mapper; + +import com.newrelic.api.agent.weaver.MatchType; +import com.newrelic.api.agent.weaver.Weave; +import com.nr.instrumentation.security.apache.wicket8.WicketHelper; +import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder; +import org.apache.wicket.util.lang.PackageName; + +@Weave(type = MatchType.BaseClass, originalName = "org.apache.wicket.core.request.mapper.PackageMapper") +public class PackageMapper_Instrumentation { + public PackageMapper_Instrumentation(String mountPath, final PackageName packageName, + final IPageParametersEncoder pageParametersEncoder){ + WicketHelper.getMappings(mountPath, packageName.getName(), true); + } +} diff --git a/settings.gradle b/settings.gradle index c977697bb..0b3ba88c7 100644 --- a/settings.gradle +++ b/settings.gradle @@ -148,3 +148,7 @@ include 'instrumentation:spring-webflux' include 'instrumentation:spring-webmvc-3.1.0' include 'instrumentation:spring-webmvc-5.3.0' + +include 'instrumentation:apache-wicket-6.4' +include 'instrumentation:apache-wicket-7.0' +include 'instrumentation:apache-wicket-8.0' \ No newline at end of file From 3116e8f5554006b7614a23ac65f5d5c58c0f7ad4 Mon Sep 17 00:00:00 2001 From: idawda Date: Thu, 17 Aug 2023 11:12:27 +0530 Subject: [PATCH 65/80] Updated build.gradle Limited the version range for Jetty due to release of new version on 7th Aug, 2023 --- instrumentation-security/jetty-11/build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instrumentation-security/jetty-11/build.gradle b/instrumentation-security/jetty-11/build.gradle index 4bb4774d5..205e4f419 100644 --- a/instrumentation-security/jetty-11/build.gradle +++ b/instrumentation-security/jetty-11/build.gradle @@ -11,7 +11,7 @@ jar { } verifyInstrumentation { - passesOnly 'org.eclipse.jetty:jetty-server:[11.0.0,)' + passesOnly 'org.eclipse.jetty:jetty-server:[11.0.0,12.0.0.alpha0)' excludeRegex '.*(alpha|beta|rc).*' } From 0775c24e5a56c8db7bf4edc59cf8b4be936da249 Mon Sep 17 00:00:00 2001 From: idawda Date: Thu, 17 Aug 2023 11:12:49 +0530 Subject: [PATCH 66/80] Updated Changelog.md --- Changelog.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Changelog.md b/Changelog.md index 65dbc2cbf..ec4897a44 100644 --- a/Changelog.md +++ b/Changelog.md @@ -14,10 +14,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Servlet - Grails - RestEasy - - Spring-Webflux + - Spring-WebFlux - Apache Struts2 - Randomization in WS connection delay -- [FIX] Issuw with HealthChecking having empty process stats issue +- [FIX] Issue with HealthChecking having empty process stats issue +- Limiting the supported version range for Jetty, due to the new version release of Jetty on 7th Aug, 2023 ## [1.0.4-public-preview] - 2023-06-20 ### Changes From cc7f459318efcee22a9b03ad11a5fb0ccadeea7b Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Tue, 22 Aug 2023 11:41:15 +0530 Subject: [PATCH 67/80] Disable application URL/end point gathering for Q2 --- ...tContainerInitializer_Instrumentation.java | 2 +- ...tContainerInitializer_Instrumentation.java | 2 +- ...tContainerInitializer_Instrumentation.java | 2 +- .../instrumentator/utils/AgentUtils.java | 1 + .../intcodeagent/websocket/WSClient.java | 2 +- settings.gradle | 30 +++++++++---------- 6 files changed, 19 insertions(+), 20 deletions(-) diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java index 2ca933c91..b7aaed8ec 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java @@ -7,7 +7,7 @@ import java.util.Set; -@Weave(type = MatchType.Interface, originalName = "javax.servlet.ServletContainerInitializer") +//@Weave(type = MatchType.Interface, originalName = "javax.servlet.ServletContainerInitializer") public class ServletContainerInitializer_Instrumentation { public void onStartup(Set> c, ServletContext ctx) throws ServletException { try { diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java index 224320818..02d4a8b75 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java @@ -6,7 +6,7 @@ import com.nr.instrumentation.security.servlet5.HttpServletHelper; import java.util.Set; -@Weave(type = MatchType.Interface, originalName = "jakarta.servlet.ServletContainerInitializer") +//@Weave(type = MatchType.Interface, originalName = "jakarta.servlet.ServletContainerInitializer") public class ServletContainerInitializer_Instrumentation { public void onStartup(Set> var1, ServletContext var2) throws ServletException { try { diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java index 890ab4b9b..5bcaacac9 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java @@ -6,7 +6,7 @@ import com.nr.instrumentation.security.servlet6.HttpServletHelper; import java.util.Set; -@Weave(type = MatchType.Interface, originalName = "jakarta.servlet.ServletContainerInitializer") +//@Weave(type = MatchType.Interface, originalName = "jakarta.servlet.ServletContainerInitializer") public class ServletContainerInitializer_Instrumentation { public void onStartup(Set> var1, ServletContext var2) { try { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java index 3a2cd6f82..59387af4a 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/utils/AgentUtils.java @@ -655,6 +655,7 @@ private void applyNRPolicyOverride() { public static void sendApplicationURLMappings() { + //TODO mappings to be send once new mappings are discovered, after startup. ApplicationURLMappings applicationURLMappings = new ApplicationURLMappings(URLMappingsHelper.getApplicationURLMappings()); logger.logInit(LogLevel.INFO, String.format("Collected application url mappings %s", applicationURLMappings), Agent.class.getName()); EventSendPool.getInstance().sendEvent(applicationURLMappings); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java index fe85dcc87..ab2d65ce6 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSClient.java @@ -185,7 +185,7 @@ public void onOpen(ServerHandshake handshakedata) { WSUtils.getInstance().notifyAll(); } WSUtils.getInstance().setConnected(true); - AgentUtils.sendApplicationURLMappings(); +// AgentUtils.sendApplicationURLMappings(); logger.logInit(LogLevel.INFO, String.format(IAgentConstants.APPLICATION_INFO_SENT_ON_WS_CONNECT, AgentInfo.getInstance().getApplicationInfo()), WSClient.class.getName()); } diff --git a/settings.gradle b/settings.gradle index 0b3ba88c7..1837947c2 100644 --- a/settings.gradle +++ b/settings.gradle @@ -136,19 +136,17 @@ include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' include 'instrumentation:commons-jxpath' -include 'instrumentation:grails-1.3' -include 'instrumentation:grails-2.0' -include 'instrumentation:grails-3.0' -include 'instrumentation:resteasy-2.2' -include 'instrumentation:resteasy-3' -include 'instrumentation:resteasy-4' -include 'instrumentation:jersey' -include 'instrumentation:apache-struts2' -include 'instrumentation:spring-webflux' -include 'instrumentation:spring-webmvc-3.1.0' -include 'instrumentation:spring-webmvc-5.3.0' - - -include 'instrumentation:apache-wicket-6.4' -include 'instrumentation:apache-wicket-7.0' -include 'instrumentation:apache-wicket-8.0' \ No newline at end of file +//include 'instrumentation:grails-1.3' +//include 'instrumentation:grails-2.0' +//include 'instrumentation:grails-3.0' +//include 'instrumentation:resteasy-2.2' +//include 'instrumentation:resteasy-3' +//include 'instrumentation:resteasy-4' +//include 'instrumentation:jersey' +//include 'instrumentation:apache-struts2' +//include 'instrumentation:spring-webflux' +//include 'instrumentation:spring-webmvc-3.1.0' +//include 'instrumentation:spring-webmvc-5.3.0' +//include 'instrumentation:apache-wicket-6.4' +//include 'instrumentation:apache-wicket-7.0' +//include 'instrumentation:apache-wicket-8.0' \ No newline at end of file From 33fdcab921ce5bf32e84c301a8959c47c11a1731 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Thu, 24 Aug 2023 19:49:50 +0530 Subject: [PATCH 68/80] - Merge fixes - Reset for stats and serviceStatus --- .../security/intcodeagent/models/javaagent/JAHealthCheck.java | 4 ++-- .../security/intcodeagent/websocket/WSReconnectionST.java | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java index df6f649a1..419ef5a53 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/models/javaagent/JAHealthCheck.java @@ -99,8 +99,8 @@ public JAHealthCheck(JAHealthCheck jaHealthCheck) { this.exitEventStats = new EventStats(jaHealthCheck.exitEventStats); this.threadPoolStats = new ThreadPoolStats(jaHealthCheck.threadPoolStats); this.kind = jaHealthCheck.kind; - this.stats = jaHealthCheck.stats; - this.serviceStatus = jaHealthCheck.serviceStatus; + this.stats = new HashMap<>(jaHealthCheck.stats); + this.serviceStatus = new HashMap<>(jaHealthCheck.serviceStatus); this.dsBackLog = jaHealthCheck.dsBackLog; logger.log(LogLevel.INFO, String.format(HC_CREATED, JsonConverter.toJSON(this)), JAHealthCheck.class.getName()); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java index 66bc65fa4..7c7956c95 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java @@ -36,6 +36,7 @@ public void run() { logger.postLogMessageIfNecessary(LogLevel.SEVERE, ERROR_WHILE_WS_RECONNECTION + e.getMessage() + COLON_SEPARATOR + e.getCause(), e, WSClient.class.getName()); } finally { int delay = CommonUtils.generateSecureRandomBetween(5, 15); + logger.log(LogLevel.INFO, String.format(WSUtils.NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS, delay), WSReconnectionST.class.getName()); futureTask = scheduledService.schedule(runnable, delay, TimeUnit.SECONDS); } } From 1d3805015ac669394f352a0834dec5dd705d8d52 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Fri, 25 Aug 2023 11:47:35 +0530 Subject: [PATCH 69/80] - Removed reoccurring log --- .../agent/security/intcodeagent/websocket/WSReconnectionST.java | 1 - .../newrelic/agent/security/intcodeagent/websocket/WSUtils.java | 1 - 2 files changed, 2 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java index 7c7956c95..66bc65fa4 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSReconnectionST.java @@ -36,7 +36,6 @@ public void run() { logger.postLogMessageIfNecessary(LogLevel.SEVERE, ERROR_WHILE_WS_RECONNECTION + e.getMessage() + COLON_SEPARATOR + e.getCause(), e, WSClient.class.getName()); } finally { int delay = CommonUtils.generateSecureRandomBetween(5, 15); - logger.log(LogLevel.INFO, String.format(WSUtils.NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS, delay), WSReconnectionST.class.getName()); futureTask = scheduledService.schedule(runnable, delay, TimeUnit.SECONDS); } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java index 79f968dbd..4fccb5376 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/websocket/WSUtils.java @@ -5,7 +5,6 @@ import java.util.concurrent.atomic.AtomicBoolean; public class WSUtils { - public static final String NEXT_WS_CONNECTION_ATTEMPT_WILL_BE_IN_S_SECONDS = "Next WS connection attempt will be in %s seconds"; private boolean isConnected = false; private AtomicBoolean isReconnecting = new AtomicBoolean(false); From 8c9e0dc4bf536cf54fdb68ef4550ea5bd32a8a93 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Tue, 29 Aug 2023 10:08:37 +0530 Subject: [PATCH 70/80] - Fix status and service stats in snapshot file --- .../logging/HealthCheckScheduleThread.java | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java index f96abe6c5..034418533 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/HealthCheckScheduleThread.java @@ -25,10 +25,7 @@ import java.io.IOException; import java.lang.management.ManagementFactory; import java.lang.management.MemoryMXBean; -import java.lang.management.MemoryUsage; import com.sun.management.OperatingSystemMXBean; -import java.lang.management.RuntimeMXBean; -import java.lang.management.ThreadMXBean; import java.math.RoundingMode; import java.nio.charset.StandardCharsets; import java.time.Instant; @@ -64,7 +61,7 @@ public class HealthCheckScheduleThread { private Runnable runnable = new Runnable() { public void run() { - + JAHealthCheck sendJaHealthCheck = null; try { // since tcp connection keep alive check is more than 2 hours // we send our custom object to check if connection is still alive or not @@ -83,7 +80,6 @@ public void run() { AgentUtils.getInstance().getStatusLogMostRecentHCs().add(AgentInfo.getInstance().getJaHealthCheck().toString()); // channel.write(ByteBuffer.wrap(new JAHealthCheck(AgentNew.JA_HEALTH_CHECK).toString().getBytes())); if (WSClient.getInstance().isOpen()) { - JAHealthCheck sendJaHealthCheck; synchronized (AgentInfo.getInstance().getJaHealthCheck()){ sendJaHealthCheck = new JAHealthCheck(AgentInfo.getInstance().getJaHealthCheck()); AgentInfo.getInstance().getJaHealthCheck().reset(); @@ -98,7 +94,7 @@ public void run() { logger.log(LogLevel.WARNING, "Error while trying to verify connection: ", e, HealthCheckScheduleThread.class.getName()); } finally { - writeStatusLogFile(); + writeStatusLogFile(sendJaHealthCheck); } } }; @@ -128,22 +124,27 @@ public boolean cancelTask(boolean forceCancel) { return false; } - private void writeStatusLogFile() { + private void writeStatusLogFile(JAHealthCheck sendJaHealthCheck) { + JAHealthCheck writerHealthCheck = sendJaHealthCheck; + if(writerHealthCheck == null){ + writerHealthCheck = AgentInfo.getInstance().getJaHealthCheck(); + } File statusLog = new File(osVariables.getSnapshotDir(), String.format(K_2_AGENT_STATUS_LOG, AgentInfo.getInstance().getApplicationUUID())); try { FileUtils.deleteQuietly(statusLog); if (statusLog.createNewFile()) { Map substitutes = AgentUtils.getInstance().getStatusLogValues(); substitutes.put(STATUS_TIMESTAMP, Instant.now().toString()); - substitutes.put(LATEST_PROCESS_STATS, AgentInfo.getInstance().getJaHealthCheck().getStats().keySet().stream() - .map(key -> key + SEPARATOR + AgentInfo.getInstance().getJaHealthCheck().getStats().get(key)) + JAHealthCheck finalWriterHealthCheck = writerHealthCheck; + substitutes.put(LATEST_PROCESS_STATS, finalWriterHealthCheck.getStats().keySet().stream() + .map(key -> key + SEPARATOR + finalWriterHealthCheck.getStats().get(key)) .collect(Collectors.joining(StringUtils.LF, StringUtils.EMPTY, StringUtils.EMPTY))); - substitutes.put(LATEST_SERVICE_STATS, AgentInfo.getInstance().getJaHealthCheck().getServiceStatus().keySet().stream() - .map(key -> key + SEPARATOR + AgentInfo.getInstance().getJaHealthCheck().getServiceStatus().get(key)) + substitutes.put(LATEST_SERVICE_STATS, finalWriterHealthCheck.getServiceStatus().keySet().stream() + .map(key -> key + SEPARATOR + finalWriterHealthCheck.getServiceStatus().get(key)) .collect(Collectors.joining(StringUtils.LF, StringUtils.EMPTY, StringUtils.EMPTY))); substitutes.put(LAST_5_ERRORS, StringUtils.joinWith(StringUtils.LF, AgentUtils.getInstance().getStatusLogMostRecentErrors().toArray())); substitutes.put(LAST_5_HC, StringUtils.joinWith(StringUtils.LF, AgentUtils.getInstance().getStatusLogMostRecentHCs().toArray())); - substitutes.put(VALIDATOR_SERVER_STATUS, AgentInfo.getInstance().getJaHealthCheck().getServiceStatus().getOrDefault(WEBSOCKET, StringUtils.EMPTY).toString()); + substitutes.put(VALIDATOR_SERVER_STATUS, finalWriterHealthCheck.getServiceStatus().getOrDefault(WEBSOCKET, StringUtils.EMPTY).toString()); substitutes.put(ENFORCED_POLICY, JsonConverter.toJSON(AgentUtils.getInstance().getAgentPolicy())); StringSubstitutor substitutor = new StringSubstitutor(substitutes); FileUtils.writeStringToFile(statusLog, substitutor.replace(IAgentConstants.STATUS_FILE_TEMPLATE), StandardCharsets.UTF_8); From d9b9713890ec4f2657bf3218999dc28d0e38c246 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Tue, 29 Aug 2023 10:12:48 +0530 Subject: [PATCH 71/80] - Update changelog for 1.0.5 --- Changelog.md | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/Changelog.md b/Changelog.md index ec4897a44..d7b0b9e93 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,20 +4,13 @@ Noteworthy changes to the agent are documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## [1.0.5-public-preview] - 2023-08-28 +## [1.0.5-public-preview] - 2023-08-29 ### Changes - [INSTRUMENTATION] Support for Apache log4j 3.0.0-alpha1 (new version released on 21 June 2023) - [INSTRUMENTATION] Support for Commons.jxpath -- [SUPPORT] Generating list of application URL mappings for following Servers and Frameworks - - jax-rs/jersey - - Spring - - Servlet - - Grails - - RestEasy - - Spring-WebFlux - - Apache Struts2 - Randomization in WS connection delay - [FIX] Issue with HealthChecking having empty process stats issue +- Add agent monitoring details and matrix to health check - Limiting the supported version range for Jetty, due to the new version release of Jetty on 7th Aug, 2023 ## [1.0.4-public-preview] - 2023-06-20 From dc12707f7cb2e874543c42ba48d84f061823582b Mon Sep 17 00:00:00 2001 From: Harshit Singh Lodha Date: Tue, 29 Aug 2023 13:40:35 +0530 Subject: [PATCH 72/80] Fix in instrumentation module detection for inst verifier. Now taking from settings.gradle. Co-authored-by: Lovesh Baya --- .github/workflows/X-Reusable-VerifyInstrumentation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/X-Reusable-VerifyInstrumentation.yml b/.github/workflows/X-Reusable-VerifyInstrumentation.yml index 842705575..fc011cf23 100644 --- a/.github/workflows/X-Reusable-VerifyInstrumentation.yml +++ b/.github/workflows/X-Reusable-VerifyInstrumentation.yml @@ -36,7 +36,7 @@ jobs: cd instrumentation-security tmpfile=$(mktemp /tmp/dirs.XXXXXXXXXX) # lists the folders inside instrumentation, and removes the trailing '/' - ls -d */build.gradle | cut -d'/' -f 1 > $tmpfile + cat ../settings.gradle | grep "^include 'instrumentation:" | cut -d"'" -f 2 | cut -d : -f 2 > $tmpfile # creates an envar with the requested page of the instrumentation modules in a JSON format modules=$(( echo '{ "modules" : ' From c6e9cbba23395ca0e4f52682aa73564289f1e9f5 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Thu, 31 Aug 2023 11:45:25 +0530 Subject: [PATCH 73/80] - Version change to 1.0.6 --- Changelog.md | 3 +++ gradle.properties | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index d7b0b9e93..7a8c5562d 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,6 +4,9 @@ Noteworthy changes to the agent are documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.0.6-public-preview] - TO BE DISCLOSED +### Changes + ## [1.0.5-public-preview] - 2023-08-29 ### Changes - [INSTRUMENTATION] Support for Apache log4j 3.0.0-alpha1 (new version released on 21 June 2023) diff --git a/gradle.properties b/gradle.properties index d5295ac62..08b6aaa21 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,5 +1,5 @@ # The agent version. -agentVersion=1.0.5 +agentVersion=1.0.6 jsonVersion=1.1.0 # Updated exposed NR APM API version. nrAPIVersion=8.3.0 From eb42fb8fc98066eb68348363b804c0ef610a679d Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Wed, 6 Sep 2023 11:42:04 +0530 Subject: [PATCH 74/80] Set default value for low severity instrumentation to false --- .../security/instrumentation/helpers/LowSeverityHelper.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/LowSeverityHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/LowSeverityHelper.java index e63c12ede..df770a59b 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/LowSeverityHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/LowSeverityHelper.java @@ -11,7 +11,7 @@ public class LowSeverityHelper { public static final String LOW_SEVERITY_HOOKS_ENABLED = "security.low-priority-instrumentation.enabled"; - public static final boolean DEFAULT = true; + public static final boolean DEFAULT = false; private static Set encounteredLowSeverityEventURIHash = ConcurrentHashMap.newKeySet(); From 8a6d7058b41eacef2d565e3bab2937513b6663a6 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Tue, 19 Sep 2023 17:11:36 +0530 Subject: [PATCH 75/80] Add workflow to integrate Snyk Scan --- .github/workflows/snyk-vulnerability-scan.yml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/snyk-vulnerability-scan.yml diff --git a/.github/workflows/snyk-vulnerability-scan.yml b/.github/workflows/snyk-vulnerability-scan.yml new file mode 100644 index 000000000..d346cc1c1 --- /dev/null +++ b/.github/workflows/snyk-vulnerability-scan.yml @@ -0,0 +1,33 @@ +name: Snyk Vulnerability Scan + +on: + workflow_dispatch: + schedule: + - cron: '00 15 * * 1' + push: + branches: + - main + +jobs: + security: + runs-on: ubuntu-latest + steps: + - name: Checkout Java Agent + uses: actions/checkout@v3 + with: + ref: 'main' + + - name: Set gradle.properties Workaround + shell: bash + run: | + echo "jdk8=/tmp" >> gradle.properties + echo "jdk11=/tmp" >> gradle.properties + echo "jdk17=/tmp" >> gradle.properties + + - name: Run Snyk to check for vulnerabilities + uses: snyk/actions/gradle@master + env: + SNYK_TOKEN: ${{ secrets.JAVA_AGENT_SNYK_TOKEN }} + with: + command: monitor + args: --all-sub-projects --org=java-agent --configuration-matching='(includeInJar)|(shadowIntoJar)' \ No newline at end of file From 59c90c080ee50e1cf5e69f15d3f61b47521e9936 Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Tue, 19 Sep 2023 17:20:12 +0530 Subject: [PATCH 76/80] k2 variable rename (#100) Rename K2_HOME and log messages still containing K2 * - Rename K2_HOME variables * - Rename K2 with CSEC in logs variables --- .../akka/http/core_10/AkkaHttpCoreTest.scala | 32 ++++----- .../core_211_10011/AkkaHttpCoreTest.scala | 32 ++++----- .../security/httpclient3/HttpClientTest.java | 24 +++---- .../security/httpclient4/HttpClientTest.java | 64 ++++++++--------- .../httpclientJDK11/HttpClientTest.java | 24 +++---- .../security/jetty11/ServerTest.java | 2 +- .../security/jetty9/ServerTest.java | 2 +- .../security/okhttp30/RealCallTest.java | 8 +-- .../security/okhttp35/RealCallTest.java | 8 +-- .../security/okhttp30/ExchangeCodecTest.java | 8 +-- .../urlconnection/URLConnectionTest.java | 72 +++++++++---------- .../newrelic/agent/security/AgentConfig.java | 18 ++--- .../intcodeagent/logging/IAgentConstants.java | 28 -------- 13 files changed, 147 insertions(+), 175 deletions(-) diff --git a/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala b/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala index 51b32b42a..4fb2d3ddd 100644 --- a/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala +++ b/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala @@ -77,14 +77,14 @@ class AkkaHttpCoreTest { Assert.assertEquals("Invalid executed method name.", AkkaCoreUtils.METHOD_SINGLE_REQUEST_IMPL, operations.getMethodName) Assert.assertEquals("Invalid executed parameters.", baseUrl + "/ping", operations.getArg) Assert.assertEquals("Invalid protocol.", introspector.getSecurityMetaData.getRequest.getProtocol, "http") - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) for (header <- headers) { if(header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) } if (header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) } } } @@ -106,14 +106,14 @@ class AkkaHttpCoreTest { Assert.assertEquals("Invalid executed method name.", AkkaCoreUtils.METHOD_SINGLE_REQUEST_IMPL, operations.getMethodName) Assert.assertEquals("Invalid executed parameters.", baseUrl + "/asyncPing", operations.getArg) Assert.assertEquals("Invalid protocol.", introspector.getSecurityMetaData.getRequest.getProtocol, "http") - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) for (header <- headers) { if (header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) } if (header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) } } } @@ -135,14 +135,14 @@ class AkkaHttpCoreTest { Assert.assertEquals("Invalid executed method name.", AkkaCoreUtils.METHOD_SINGLE_REQUEST_IMPL, operations.getMethodName) Assert.assertEquals("Invalid executed parameters.", baseUrl + "/ping", operations.getArg) Assert.assertEquals("Invalid protocol.", introspector.getSecurityMetaData.getRequest.getProtocol, "http") - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) for (header <- headers) { if (header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) } if (header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) } } } @@ -164,14 +164,14 @@ class AkkaHttpCoreTest { Assert.assertEquals("Invalid executed method name.", AkkaCoreUtils.METHOD_SINGLE_REQUEST_IMPL, operations.getMethodName) Assert.assertEquals("Invalid executed parameters.", baseUrl + "/asyncPing", operations.getArg) Assert.assertEquals("Invalid protocol.", introspector.getSecurityMetaData.getRequest.getProtocol, "http") - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) for (header <- headers) { if (header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) } if (header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) } } } diff --git a/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaHttpCoreTest.scala b/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaHttpCoreTest.scala index 77cb2fcbe..f74cb0630 100644 --- a/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaHttpCoreTest.scala +++ b/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaHttpCoreTest.scala @@ -78,14 +78,14 @@ class AkkaHttpCoreTest { Assert.assertEquals("Invalid executed method name.", AkkaCoreUtils.METHOD_SINGLE_REQUEST_IMPL, operations.getMethodName) Assert.assertEquals("Invalid executed parameters.", baseUrl + "/ping", operations.getArg) Assert.assertEquals("Invalid protocol.", introspector.getSecurityMetaData.getRequest.getProtocol, "http") - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) for (header <- headers) { if(header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) } if (header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) } } } @@ -107,14 +107,14 @@ class AkkaHttpCoreTest { Assert.assertEquals("Invalid executed method name.", AkkaCoreUtils.METHOD_SINGLE_REQUEST_IMPL, operations.getMethodName) Assert.assertEquals("Invalid executed parameters.", baseUrl + "/asyncPing", operations.getArg) Assert.assertEquals("Invalid protocol.", introspector.getSecurityMetaData.getRequest.getProtocol, "http") - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) for (header <- headers) { if (header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) } if (header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) } } } @@ -136,14 +136,14 @@ class AkkaHttpCoreTest { Assert.assertEquals("Invalid executed method name.", AkkaCoreUtils.METHOD_SINGLE_REQUEST_IMPL, operations.getMethodName) Assert.assertEquals("Invalid executed parameters.", baseUrl + "/ping", operations.getArg) Assert.assertEquals("Invalid protocol.", introspector.getSecurityMetaData.getRequest.getProtocol, "http") - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) for (header <- headers) { if (header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) } if (header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) } } } @@ -165,14 +165,14 @@ class AkkaHttpCoreTest { Assert.assertEquals("Invalid executed method name.", AkkaCoreUtils.METHOD_SINGLE_REQUEST_IMPL, operations.getMethodName) Assert.assertEquals("Invalid executed parameters.", baseUrl + "/asyncPing", operations.getArg) Assert.assertEquals("Invalid protocol.", introspector.getSecurityMetaData.getRequest.getProtocol, "http") - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.exists(header => header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID))) + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.exists(header => header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER))) for (header <- headers) { if (header.name().contains(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, header.value()) } if (header.name().contains(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER)) { - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), header.value()) } } } diff --git a/instrumentation-security/httpclient-3/src/test/java/com/nr/instrumentation/security/httpclient3/HttpClientTest.java b/instrumentation-security/httpclient-3/src/test/java/com/nr/instrumentation/security/httpclient3/HttpClientTest.java index 1b849a0e5..feb2d5d16 100644 --- a/instrumentation-security/httpclient-3/src/test/java/com/nr/instrumentation/security/httpclient3/HttpClientTest.java +++ b/instrumentation-security/httpclient-3/src/test/java/com/nr/instrumentation/security/httpclient3/HttpClientTest.java @@ -48,10 +48,10 @@ public void testExecute() throws URISyntaxException, IOException { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -73,10 +73,10 @@ public void testExecute1() throws URISyntaxException, IOException { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -98,10 +98,10 @@ public void testExecute2() throws URISyntaxException, IOException { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } diff --git a/instrumentation-security/httpclient-4.0/src/test/java/com/nr/instrumentation/security/httpclient4/HttpClientTest.java b/instrumentation-security/httpclient-4.0/src/test/java/com/nr/instrumentation/security/httpclient4/HttpClientTest.java index 1cb52f87e..813bd169f 100644 --- a/instrumentation-security/httpclient-4.0/src/test/java/com/nr/instrumentation/security/httpclient4/HttpClientTest.java +++ b/instrumentation-security/httpclient-4.0/src/test/java/com/nr/instrumentation/security/httpclient4/HttpClientTest.java @@ -51,10 +51,10 @@ public void testExecute() throws URISyntaxException, IOException { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -75,10 +75,10 @@ public void testExecute1() throws URISyntaxException, IOException { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -99,10 +99,10 @@ public void testExecute2() throws URISyntaxException, IOException { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -124,10 +124,10 @@ public void testExecute3() throws URISyntaxException, IOException { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -150,10 +150,10 @@ public void testExecute4() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -176,10 +176,10 @@ public void testExecute5() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -202,10 +202,10 @@ public void testExecute6() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -228,10 +228,10 @@ public void testExecute7() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get( ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } diff --git a/instrumentation-security/httpclient-jdk11/src/test/java/com/nr/instrumentation/security/httpclientJDK11/HttpClientTest.java b/instrumentation-security/httpclient-jdk11/src/test/java/com/nr/instrumentation/security/httpclientJDK11/HttpClientTest.java index 4d0d1c456..181622434 100644 --- a/instrumentation-security/httpclient-jdk11/src/test/java/com/nr/instrumentation/security/httpclientJDK11/HttpClientTest.java +++ b/instrumentation-security/httpclient-jdk11/src/test/java/com/nr/instrumentation/security/httpclientJDK11/HttpClientTest.java @@ -53,11 +53,11 @@ public void testSendAsync() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "sendAsync", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); Assert.assertEquals( - String.format("Invalid K2 header value for: %s", + String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase()) ); @@ -81,11 +81,11 @@ public void testSendAsync1() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "sendAsync", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); Assert.assertEquals( - String.format("Invalid K2 header value for: %s", + String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase()) ); @@ -109,11 +109,11 @@ public void testSendAsync2() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "sendAsync", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); Assert.assertEquals( - String.format("Invalid K2 header value for: %s", + String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase()) ); diff --git a/instrumentation-security/jetty-11/src/test/java/com/nr/instrumetation/security/jetty11/ServerTest.java b/instrumentation-security/jetty-11/src/test/java/com/nr/instrumetation/security/jetty11/ServerTest.java index e138ba589..4a9782d75 100644 --- a/instrumentation-security/jetty-11/src/test/java/com/nr/instrumetation/security/jetty11/ServerTest.java +++ b/instrumentation-security/jetty-11/src/test/java/com/nr/instrumetation/security/jetty11/ServerTest.java @@ -130,7 +130,7 @@ public void testHandle1() throws Exception { headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase()) ); Assert.assertEquals( - String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), + String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headerValue, headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase()) ); diff --git a/instrumentation-security/jetty-9/src/test/java/com/nr/instrumetation/security/jetty9/ServerTest.java b/instrumentation-security/jetty-9/src/test/java/com/nr/instrumetation/security/jetty9/ServerTest.java index aecfdfac7..5e84afaca 100644 --- a/instrumentation-security/jetty-9/src/test/java/com/nr/instrumetation/security/jetty9/ServerTest.java +++ b/instrumentation-security/jetty-9/src/test/java/com/nr/instrumetation/security/jetty9/ServerTest.java @@ -130,7 +130,7 @@ public void testHandle1() throws Exception { headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase()) ); Assert.assertEquals( - String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), + String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headerValue, headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase()) ); diff --git a/instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/RealCallTest.java b/instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/RealCallTest.java index 90a6a4af4..764b39f3c 100644 --- a/instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/RealCallTest.java +++ b/instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/RealCallTest.java @@ -51,10 +51,10 @@ public void testExecute() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Trace(dispatcher = true) diff --git a/instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/instrumentation/security/okhttp35/RealCallTest.java b/instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/instrumentation/security/okhttp35/RealCallTest.java index 77ae4c584..c898a2ee3 100644 --- a/instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/instrumentation/security/okhttp35/RealCallTest.java +++ b/instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/instrumentation/security/okhttp35/RealCallTest.java @@ -52,10 +52,10 @@ public void testExecute() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Trace(dispatcher = true) diff --git a/instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/ExchangeCodecTest.java b/instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/ExchangeCodecTest.java index 194453fe1..e6d0dbdbf 100644 --- a/instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/ExchangeCodecTest.java +++ b/instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/ExchangeCodecTest.java @@ -48,10 +48,10 @@ public void testExecute() throws Exception { Assert.assertEquals("Invalid executed parameters.", server.getEndPoint().toString(), operation.getArg()); Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed method name.", "execute", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;", headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } diff --git a/instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/URLConnectionTest.java b/instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/URLConnectionTest.java index 56e73b8eb..f484558c5 100644 --- a/instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/URLConnectionTest.java +++ b/instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/URLConnectionTest.java @@ -53,10 +53,10 @@ public void testConnect() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", "sun.net.www.protocol.http.HttpURLConnection", operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "connect", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @@ -78,10 +78,10 @@ public void testConnect1() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", sun.net.www.protocol.http.HttpURLConnection.class.getName(), operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "connect", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Test @@ -101,10 +101,10 @@ public void testGetInputStream() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", "sun.net.www.protocol.http.HttpURLConnection", operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "getInputStream", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Test @@ -124,10 +124,10 @@ public void testGetInputStreamByGetContent() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", sun.net.www.protocol.http.HttpURLConnection.class.getName(), operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "getInputStream", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Test @@ -147,10 +147,10 @@ public void testGetInputStreamByGetContent1() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", sun.net.www.protocol.http.HttpURLConnection.class.getName(), operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "getInputStream", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Test @@ -170,10 +170,10 @@ public void testGetInputStreamByOpenStream() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", sun.net.www.protocol.http.HttpURLConnection.class.getName(), operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "getInputStream", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Test @@ -193,10 +193,10 @@ public void testGetInputStreamByConGetContent() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", sun.net.www.protocol.http.HttpURLConnection.class.getName(), operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "getInputStream", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Test @@ -217,10 +217,10 @@ public void testGetInputStreamByConGetContent1() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", sun.net.www.protocol.http.HttpURLConnection.class.getName(), operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "getInputStream", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Test @@ -242,10 +242,10 @@ public void testGetOutputStream() throws IOException { Assert.assertEquals("Invalid event category.", VulnerabilityCaseType.HTTP_REQUEST, operation.getCaseType()); Assert.assertEquals("Invalid executed class name.", "sun.net.www.protocol.http.HttpURLConnection", operation.getClassName()); Assert.assertEquals("Invalid executed method name.", "getOutputStream", operation.getMethodName()); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); - Assert.assertTrue(String.format("Missing K2 header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); - Assert.assertEquals(String.format("Invalid K2 header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headers.containsKey(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID), headerValue, headers.get(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID)); + Assert.assertTrue(String.format("Missing CSEC header: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), headers.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); + Assert.assertEquals(String.format("Invalid CSEC header value for: %s", ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER), String.format("%s;DUMMY_UUID/dummy-api-id/dummy-exec-id;",headerValue), headers.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())); } @Trace(dispatcher = true) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java index bb60e3047..dd640a9e6 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/AgentConfig.java @@ -29,7 +29,7 @@ public class AgentConfig { public static final String CLEANING_STATUS_SNAPSHOTS_FROM_LOG_DIRECTORY_MAX_S_FILE_COUNT_REACHED_REMOVED_S = "Cleaning status-snapshots from snapshots directory, max %s file count reached removed : %s"; private static final Object lock = new Object(); - private String K2_HOME; + private String NR_CSEC_HOME; private String logLevel; @@ -94,19 +94,19 @@ private String applyRequiredLogLevel() { public boolean setK2HomePath() { if (NewRelic.getAgent().getConfig().getValue("agent_home") != null) { - K2_HOME = NewRelic.getAgent().getConfig().getValue("agent_home"); + NR_CSEC_HOME = NewRelic.getAgent().getConfig().getValue("agent_home"); } else { - K2_HOME = "."; + NR_CSEC_HOME = "."; } - Path k2homePath = Paths.get(K2_HOME, IUtilConstants.NR_SECURITY_HOME); + Path k2homePath = Paths.get(NR_CSEC_HOME, IUtilConstants.NR_SECURITY_HOME); CommonUtils.forceMkdirs(k2homePath, "rwxrwxrwx"); - K2_HOME = k2homePath.toString(); - AgentUtils.getInstance().getStatusLogValues().put("csec-home", K2_HOME); + NR_CSEC_HOME = k2homePath.toString(); + AgentUtils.getInstance().getStatusLogValues().put("csec-home", NR_CSEC_HOME); AgentUtils.getInstance().getStatusLogValues().put("csec-home-permissions", String.valueOf(k2homePath.toFile().canWrite() && k2homePath.toFile().canRead())); AgentUtils.getInstance().getStatusLogValues().put("agent-location", NewRelic.getAgent().getConfig().getValue("agent_jar_location")); - if (!isValidK2HomePath(K2_HOME)) { - System.err.println("[NR-CSEC-JA] Incomplete startup env parameters provided : Missing or Incorrect K2_HOME. Collector exiting."); + if (!isValidK2HomePath(NR_CSEC_HOME)) { + System.err.println("[NR-CSEC-JA] Incomplete startup env parameters provided : Missing or Incorrect NR_CSEC_HOME. Collector exiting."); return false; } return true; @@ -183,6 +183,6 @@ public void setNRSecurityEnabled(boolean NRSecurityEnabled) { } public String getK2Home() { - return K2_HOME; + return NR_CSEC_HOME; } } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java index 04b38b3f2..b2eb04299 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java @@ -478,39 +478,11 @@ public interface IAgentConstants { String KUBEPODS_DIR = "kubepods/"; String KUBEPODS_SLICE_DIR = "kubepods.slice/"; String LXC_DIR = "lxc/"; - String JAR_PATH_INIT_MSG = "Pooling getJarPathResultExecutorService to fetch results."; - String JAR_PATH_FETCH_SUCCESS_MSG = "getJarPathResultExecutorService result fetched successfully."; - String JAR_PATH_EMPTY_RESULT_ERR = "getJarPathResultExecutorService result is empty."; - String JAR_PATH_TIMEOUT_ERR = "Timeout reached waiting for getJarPathResultExecutorService."; - String HOST_PROP_FILE_NAME = "/opt/k2-ic/hostip.properties"; - String HOST_IP_FOUND_MSG = "hostip found: "; String PROC_DIR = "/proc/"; String PROC_SELF_DIR = "/proc/self"; String CMD_LINE_DIR = "/cmdline"; String STAT = "/stat"; - String BYTE_BUFFER_FIELD_LIMIT = "limit"; - String BYTE_BUFFER_FIELD_POSITION = "position"; - String BYTE_BUFFER_FIELD_BUF = "buf"; - String BYTE_BUFFER_FIELD_LASTVALID = "lastValid"; - String BYTE_BUFFER_FIELD_HB = "hb"; - String TOMCAT_REQUEST_FIELD_INPUTBUFFER = "inputBuffer"; - String TOMCAT_REQUEST_FIELD_BYTEBUFFER = "byteBuffer"; - String COYOTE_ABSTRACT_INPUT_BUFFER_CLASS_NAME = "org.apache.coyote.http11.AbstractInputBuffer"; - String MYSQL_FIELD_ORIGINAL_SQL = "originalSql"; - String MYSQL_FIELD_QUERY = "query"; - String NEW_LINE_SEQUENCE = "\n"; - String TOMCAT_SERVER_INFO_CLASS_NAME = "org.apache.catalina.util.ServerInfo"; - String TOMCAT_FIELD_SERVERNUMBER = "serverNumber"; - String TOMCAT_VERSION_DETECTED_MSG = "Detected Tomcat Version "; - String VERSION_SPLIT_EXPR = "\\."; - String NULL_CHAR_AS_STRING = "\000"; char VMPID_SPLIT_CHAR = '@'; - String APPLICATION_INFO_POSTED_MSG = "Posted application info : "; - String COLON_SEPERATOR = ":"; - int TOMCAT_7 = 7; - int TOMCAT_8 = 8; - int TOMCAT_9 = 9; - int K2_IC_TCP_PORT = 54321; String JSON_NAME_APPLICATION_INFO_BEAN = "applicationinfo"; String JSON_NAME_INTCODE_RESULT_BEAN = "Event"; From 82b9af183ade08a22f4878f699c9c070247c41e2 Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Tue, 3 Oct 2023 12:41:46 +0530 Subject: [PATCH 77/80] Fix : Package Exclusion Issue with com.nr and com.newrelic (#110) * Update package of all instrumentation module. package prefix should be com.newrelic.agent.security.instrumentation * Enabled low severity hooks for unit test cases * Relocating all our instrumentation packages under the package com.newrelic.agent.security.instrumentation.* * Package Refactoring for Unit Tests : Move packaging for all UTs to com.nr.agent.security.instrumentation.* * PostgreSQL UTs with Embedded Server --------- Co-authored-by: Monu Lakshkar --- .../internal/IntrospectorServiceManager.java | 1 + .../internal/TransformingClassLoader.java | 2 +- .../scaladsl/HttpExt_Instrumentation.java | 2 +- .../akka/core/AkkaCoreUtils.java | 2 +- .../akka/http/core_10/AkkaHttpCoreTest.scala | 4 +- .../akka/http/core_10}/AkkaServer.scala | 2 +- .../akka/http/core_10/PlayServer.scala | 2 +- .../scaladsl/HttpExt_Instrumentation.java | 2 +- .../akka/core/AkkaCoreUtils.java | 2 +- .../akka/http/core_10}/AkkaHttpCoreTest.scala | 5 +- .../akka/http/core_10/AkkaServer.scala | 2 +- .../akka/http/core_10}/PlayServer.scala | 3 +- .../apache/ldap/LDAPUtils.java | 2 +- .../LdapAsyncConnection_Instrumentation.java | 2 +- .../api/LdapConnection_Instrumentation.java | 2 +- .../apache/ldap/LdapAsyncConnectionTest.java | 4 +- .../apache/ldap/LdapConnectionTest.java | 4 +- .../xpath/camel/XPATHUtils.java | 2 +- .../BuilderSupport_Instrumentation.java | 2 +- .../xpath/camel}/BuilderSupportTest.java | 2 +- .../xpath/commons/jxpath/XPATHUtils.java | 2 +- ...hContextReferenceImpl_Instrumentation.java | 3 +- .../xpath/commons/jxpath}/JXPathTest.java | 3 +- .../AmazonDynamoDBClient_Instrumentation.java | 2 +- .../dynamodb_1_11_390/DynamoDBUtil.java | 2 +- .../dynamodb_1_11_390}/DynamoServer.java | 3 +- .../dynamodb_1_11_390}/DynamodbTest.java | 12 +--- .../AmazonDynamoDBClient_Instrumentation.java | 2 +- .../dynamodb_1_11_453/DynamoDBUtil.java | 2 +- .../dynamodb_1_11_453}/DynamoServer.java | 3 +- .../dynamodb_1_11_453}/DynamodbTest.java | 12 +--- .../AmazonDynamoDBClient_Instrumentation.java | 2 +- .../dynamodb_1_11_459/DynamoDBUtil.java | 2 +- .../dynamodb_1_11_459}/DynamoServer.java | 2 +- .../dynamodb_1_11_459}/DynamodbTest.java | 12 +--- .../AmazonDynamoDBClient_Instrumentation.java | 2 +- .../dynamodb_1_11_80/DynamoDBUtil.java | 2 +- .../dynamodb_1_11_80}/DynamoServer.java | 2 +- .../dynamodb_1_11_80}/DynamodbTest.java | 13 +--- .../dynamodb_210/DynamoDBUtil.java | 2 +- .../AsyncClientHandler_Instrumentation.java | 2 +- .../SyncClientHandler_Instrumentation.java | 2 +- .../dynamodb_210}/DynamoUtil.java | 2 +- .../dynamodb_210}/DynamodbTest.java | 7 +- .../dynamodb_212/DynamoDBUtil.java | 2 +- .../AsyncClientHandler_Instrumentation.java | 2 +- .../SyncClientHandler_Instrumentation.java | 2 +- .../dynamodb_212}/DynamoUtil.java | 2 +- .../dynamodb_212}/DynamodbTest.java | 4 +- .../dynamodb_215/DynamoDBUtil.java | 2 +- .../AsyncClientHandler_Instrumentation.java | 2 +- .../SyncClientHandler_Instrumentation.java | 2 +- .../dynamodb_215}/DynamoUtil.java | 2 +- .../dynamodb_215}/DynamodbTest.java | 4 +- .../java/java/io/File_Instrumentation.java | 5 -- .../javaio/FileInputStreamTest.java | 2 +- .../javaio/FileOutputStreamTest.java | 2 +- .../javaio/FileSystemTest.java | 2 +- .../instrumentation}/javaio/FileTest.java | 2 +- .../javaio/TestSetupBringUp.java | 2 +- .../javanio/FileSystemProviderTest.java | 8 +-- .../javanio/TestSetupBringUp.java | 2 +- .../graalvm19}/JSEngineUtils.java | 2 +- .../PolyglotContextImpl_Instrumentation.java | 2 +- .../graalvm19/GraalVMTest.java | 2 +- .../graalvm22}/JSEngineUtils.java | 2 +- .../PolyglotContextImpl_Instrumentation.java | 2 +- .../graalvm22/GraalVMTest.java | 2 +- .../HttpAsyncClient4_Instrumentation.java | 2 +- .../HttpPipeliningClient_Instrumentation.java | 2 +- .../httpasyncclient4/SecurityHelper.java | 2 +- .../HttpAsyncClient4Test.java | 4 +- .../HttpMethodBase_Instrumentation.java | 2 +- .../httpclient3/SecurityHelper.java | 2 +- .../httpclient3/HttpClientTest.java | 4 +- .../HttpClient_Instrumentation.java | 2 +- .../httpclient40/SecurityHelper.java | 2 +- .../httpclient40}/HttpClientTest.java | 4 +- .../helper/SecurityHelper.java | 2 +- .../http/HttpClientImpl_Instrumentation.java | 4 +- .../http/HttpRequest_Instrumentation.java | 4 +- .../httpclientJDK11/HttpClientTest.java | 4 +- .../javaio/InputStreamHelper.java | 2 +- .../java/io/InputStream_Instrumentation.java | 2 +- .../javaio}/InputStreamJdk8Test.java | 4 +- .../javaio}/TestSetupBringUp.java | 2 +- .../javaio/InputStreamHelper.java | 2 +- .../io/InputStream_Instrumentation.java | 4 +- .../lang/ProcessHandle_Instrumentation.java | 2 +- .../inputstream/jdk9/InputStreamJdk9Test.java | 2 +- .../inputstream}/IOStreamHelper.java | 2 +- .../io/BufferedReader_Instrumentation.java | 2 +- .../java/io/OutputStream_Instrumentation.java | 2 +- .../java/io/PrintWriter_Instrumentation.java | 2 +- .../java/java/io/Reader_Instrumentation.java | 2 +- .../inputstream}/BufferedReaderTest.java | 4 +- .../inputstream}/OutputStreamTest.java | 4 +- .../inputstream}/PrintWriterTest.java | 4 +- .../inputstream}/ReaderTest.java | 4 +- .../inputstream}/TestSetupBringUp.java | 2 +- .../java/lang/ProcessImplTest.java | 2 +- .../javax/jndi}/JNDIUtils.java | 2 +- .../javax/naming/Context_Instrumentation.java | 3 +- .../javax/jndi/ContextRmiTest.java | 6 +- .../javax/jndi/ContextTest.java | 6 +- .../javax/ldap}/LDAPUtils.java | 2 +- .../directory/DirContext_Instrumentation.java | 2 +- .../javax/ldap/DirContextTest.java | 4 +- .../xpath/javax/XPATHUtils.java | 2 +- .../xpath/internal/XPath_Instrumentation.java | 2 +- .../xml/xpath/XPath_Instrumentation.java | 3 +- .../xpath/javax}/XPathTest.java | 4 +- .../javax}/internal/XPathInternalTest.java | 2 +- .../rs/api/Application_Instrumentation.java | 2 +- .../rs/api/JavaxWsRsApi_Instrumentation.java | 2 +- ...axWsRsApi_Subresource_Instrumentation.java | 2 +- .../javax/ws/rs/api}/app/App.java | 2 +- .../rs/api}/app/CustomerLocatorResource.java | 2 +- .../javax/ws/rs/api}/app/IdSubResource.java | 2 +- .../ws/rs/api}/app/OrdersSubResource.java | 2 +- .../javax/ws/rs/api}/app/TestMapping.java | 2 +- .../ws/rs/api}/test/JavaxWsRsApiTest.java | 6 +- .../ws/rs/api}/test/SubresourceTest.java | 10 +-- .../rs/api/Application_Instrumentation.java | 2 +- .../api/JakartaWsRsApi_Instrumentation.java | 2 +- ...taWsRsApi_Subresource_Instrumentation.java | 2 +- .../jakarta/ws/rs/api}/app/App.java | 2 +- .../rs/api}/app/CustomerLocatorResource.java | 2 +- .../jakarta/ws/rs/api}/app/IdSubResource.java | 2 +- .../ws/rs/api}/app/OrdersSubResource.java | 2 +- .../jakarta/ws/rs/api}/app/TestMapping.java | 2 +- .../ws/rs/api}/test/JakartaWsRsApiTest.java | 6 +- .../ws/rs/api}/test/SubresourceTest.java | 10 +-- .../xpath/jaxen/XPATHUtils.java | 2 +- .../org/jaxen/BaseXPath_Instrumentation.java | 2 +- .../xpath/jaxen}/BaseXPathTest.java | 4 +- .../xpath/jaxen/XPATHUtils.java | 2 +- .../org/jaxen/BaseXPath_Instrumentation.java | 2 +- .../xpath/jaxen}/BaseXPathTest.java | 4 +- .../DerbyAutoloadedDriverTest.java | 4 +- .../derby101011/DerbyDataStoreTest.java | 2 +- .../derby101011/DerbyDriverTest.java | 2 +- .../instrumentation/derby101011}/Helper.java | 2 +- .../DerbyAutoloadedDriverTest.java | 2 +- .../derby101111/DerbyDataStoreTest.java | 2 +- .../derby101111/DerbyDriverTest.java | 2 +- .../instrumentation/derby101111}/Helper.java | 2 +- .../DerbyAutoloadedDriverTest.java | 4 +- .../derby10216/DerbyDataStoreTest.java | 2 +- .../derby10216/DerbyDriverTest.java | 2 +- .../instrumentation/derby10216}/Helper.java | 2 +- .../h2/org}/DataStoreTest.java | 2 +- .../instrumentation/h2/org}/H2Test.java | 2 +- .../instrumentation/h2/security}/H2Test.java | 2 +- .../jdbc/hs/HSql1722DataStoreTest.java | 2 +- .../jdbc/hs/HSql1722DriverTest.java | 2 +- .../jdbc/hs/HSql229DataStoreTest.java | 2 +- .../jdbc/hs/HSql229DriverTest.java | 2 +- .../jdbc/hs/HSql229PoolTest.java | 2 +- .../jdbc}/mariadb117/DataSourceTest.java | 2 +- .../jdbc}/mariadb117/MariaDb117Test.java | 2 +- .../jdbc}/mariadb130/DataSourceTest.java | 2 +- .../jdbc}/mariadb130/MariaDb130Test.java | 2 +- .../jdbc}/mysql602/MySql602DataStoreTest.java | 2 +- .../jdbc}/mysql602/MySql602DriverTest.java | 2 +- .../jdbc}/mysql602/MySql602Test.java | 2 +- .../jdbc}/mysql604/MySql604DataStoreTest.java | 2 +- .../jdbc}/mysql604/MySql604DriverTest.java | 2 +- .../jdbc}/mysql604/MySql604Test.java | 2 +- .../mysql8011/MySql8011DataStoreTest.java | 2 +- .../jdbc}/mysql8011/MySql8011DriverTest.java | 2 +- .../jdbc}/mysql8011/MySql8011Test.java | 2 +- .../MySqlConnection514Test.java | 2 +- .../MySqlConnection602Test.java | 2 +- .../MySqlConnection8011Test.java | 2 +- .../multihost/MysqlMultiHost513Test.java | 2 +- .../multihost/MysqlMultiHost602Test.java | 2 +- .../build.gradle | 2 +- .../postgresql80312/DataStoreTest.java | 65 ++++++++++++++---- .../postgresql80312/DriverTest.java | 65 ++++++++++++++---- .../postgresql80312/PgStatementTest.java | 68 ++++++++++++++----- .../jdbc-postgresql-9.4.1207/build.gradle | 2 +- .../postgresql941207/DataStoreTest.java | 65 ++++++++++++++---- .../postgresql941207/DriverTest.java | 65 ++++++++++++++---- .../postgresql941207/PgStatementTest.java | 66 ++++++++++++++---- .../jdbc-postgresql-9.4.1208/build.gradle | 2 +- .../postgresql941208/DataStoreTest.java | 65 ++++++++++++++---- .../postgresql941208/DriverTest.java | 66 ++++++++++++++---- .../ContextHandler_Instrumentation.java | 2 +- .../jetty11}/Handler_Instrumentation.java | 2 +- .../jetty11}/HttpServletHelper.java | 2 +- .../jetty11}/Server_Instrumentation.java | 2 +- .../instrumentation}/jetty11/ServerTest.java | 6 +- .../ContextHandler_Instrumentation.java | 2 +- .../jetty9/Handler_Instrumentation.java | 2 +- .../jetty9/HttpServletHelper.java | 2 +- .../jetty9/Server_Instrumentation.java | 3 +- .../instrumentation}/jetty9/ServerTest.java | 6 +- .../jsp24/HttpJspPageTest.java | 2 +- .../jsp3}/HttpJspPageTest.java | 2 +- .../instrumentation/ldaptive1}/LDAPUtils.java | 2 +- .../AbstractOperation_Instrumentation.java | 2 +- .../ldaptive1/AbstractOperationTest.java | 4 +- .../instrumentation/ldaptive2}/LDAPUtils.java | 2 +- .../AbstractOperation_Instrumentation.java | 2 +- .../filter/FilterParser_Instrumentation.java | 2 +- .../ldaptive2/AbstractOperationTest.java | 4 +- .../instrumentation}/random/RandomUtils.java | 2 +- .../random/java/io/File_Instrumentation.java | 12 ++-- .../KeyPairGenerator_Instrumentation.java | 12 ++-- .../MessageDigest_Instrumentation.java | 12 ++-- .../java/util/Random_Instrumentation.java | 27 ++++---- .../javax/crypto/Cipher_Instrumentation.java | 10 +-- .../crypto/KeyGenerator_Instrumentation.java | 12 ++-- .../random}/KeyPairGeneratorTest.java | 4 +- .../random}/MessageDigestTest.java | 4 +- .../instrumentation/random}/RandomTest.java | 4 +- .../CommandReadOperation_Instrumentation.java | 2 +- ...CommandWriteOperation_Instrumentation.java | 2 +- .../OperationExecutor_Instrumentation.java | 13 +--- .../instrumentation}/mongo/MongoUtil.java | 2 +- .../operation/OperationExecutorDBTest.java | 4 +- .../OperationExecutorMongoDatabaseTest.java | 4 +- .../operation/CommandReadOperationTest.java | 6 +- .../operation/CommandWriteOperationTest.java | 6 +- .../mongodb30/operation}/DBPerson.java | 2 +- .../mongodb30/operation}/DBPersonCodec.java | 2 +- .../OperationExecutor_Instrumentation.java | 2 +- .../CommandReadOperation_Instrumentation.java | 2 +- ...CommandWriteOperation_Instrumentation.java | 2 +- .../instrumentation}/mongo/MongoUtil.java | 2 +- .../mongo36}/CommandReadOperationTest.java | 4 +- .../mongo36}/CommandWriteOperationTest.java | 4 +- .../instrumentation/mongo36}/DBPerson.java | 2 +- .../mongo36}/DBPersonCodec.java | 2 +- .../mongo36}/OperationExecutorDBTest.java | 4 +- .../OperationExecutorMongoDatabaseTest.java | 4 +- .../OperationExecutor_Instrumentation.java | 2 +- .../CommandReadOperation_Instrumentation.java | 2 +- ...CommandWriteOperation_Instrumentation.java | 2 +- .../instrumentation}/mongo/MongoUtil.java | 2 +- .../mongo37}/CommandReadOperationTest.java | 4 +- .../mongo37}/CommandWriteOperationTest.java | 4 +- .../instrumentation/mongo37}/DBPerson.java | 2 +- .../mongo37}/DBPersonCodec.java | 2 +- .../mongo37}/OperationExecutorDBTest.java | 4 +- .../OperationExecutorMongoDatabaseTest.java | 4 +- .../OperationExecutor_Instrumentation.java | 2 +- .../CommandReadOperation_Instrumentation.java | 2 +- ...CommandWriteOperation_Instrumentation.java | 2 +- .../instrumentation}/mongo/MongoUtil.java | 2 +- .../internal/OperationExecutorDBTest.java | 4 +- .../OperationExecutorMongoDatabaseTest.java | 4 +- .../operation/CommandReadOperationTest.java | 4 +- .../operation/CommandWriteOperationTest.java | 4 +- .../mongo38}/operation/DBPerson.java | 2 +- .../mongo38}/operation/DBPersonCodec.java | 2 +- .../nashorn/JSEngineUtils.java | 2 +- .../NashornScriptEngine_Instrumentation.java | 3 +- .../ScriptFunction_Instrumentation.java | 4 +- .../nashorn/NashornScriptEngineTest.java | 2 +- .../okhttp30}/OkhttpHelper.java | 2 +- .../okhttp30}/RealCall_Instrumentation.java | 2 +- .../okhttp30/RealCallTest.java | 4 +- .../okhttp35}/OkhttpHelper.java | 3 +- .../http/ExchangeCodec_Instrumentation.java | 2 +- .../http/HttpCodec_Instrumentation.java | 4 +- .../okhttp35/RealCallTest.java | 4 +- .../ExchangeCodec_Instrumentation.java | 2 +- .../okhttp40}/OkhttpHelper.java | 3 +- .../okhttp40}/ExchangeCodecTest.java | 4 +- .../r2dbc/H2StatementTest.java | 2 +- .../instrumentation}/r2dbc/H2Test.java | 2 +- .../r2dbc/MariaStatementTest.java | 2 +- .../instrumentation}/r2dbc/MariaTest.java | 2 +- .../r2dbc/MySQLStatementTest.java | 2 +- .../instrumentation}/r2dbc/MySQLTest.java | 2 +- .../r2dbc/PostgresStatementTest.java | 2 +- .../instrumentation}/r2dbc/PostgresTest.java | 2 +- .../instrumentation}/r2dbc/h2/ClientTest.java | 2 +- .../r2dbc/h2/SessionClientTest.java | 2 +- .../r2dbc/mariadb/ConnectionTest.java | 2 +- .../r2dbc/mysql/ConnectionTest.java | 2 +- .../r2dbc/postgres/ConnectionTest.java | 2 +- .../instrumentation}/rhino/JSEngineUtils.java | 2 +- .../ScriptRuntime_Instrumentation.java | 2 +- .../instrumentation/rhino/RhinoTest.java | 2 +- .../instrumentation}/saxpath/XPATHUtils.java | 2 +- .../saxpath/XPathReader_Instrumentation.java | 2 +- .../instrumentation}/saxpath/XPathTest.java | 4 +- .../servlet24/HttpServletHelper.java | 2 +- .../servlet24/ServletRequestCallback.java | 2 +- .../servlet24}/ServletResponseCallback.java | 2 +- .../servlet/FilterChain_Instrumentation.java | 2 +- .../javax/servlet/Filter_Instrumentation.java | 2 +- ...tContainerInitializer_Instrumentation.java | 4 +- .../ServletInputStream_Instrumentation.java | 3 +- .../ServletOutputStream_Instrumentation.java | 2 +- .../ServletRequest_Instrumentation.java | 2 +- .../ServletResponse_Instrumentation.java | 3 +- .../servlet/Servlet_Instrumentation.java | 2 +- .../HttpServletResponse_Instrumentation.java | 6 +- .../http/HttpSession_Instrumentation.java | 8 +-- .../servlet24/HttpServletServer.java | 2 +- .../servlet24/HttpServletTest.java | 4 +- .../servlet24/HttpSessionTest.java | 4 +- .../servlet24/HttpTestServlet.java | 2 +- .../servlet24/ServletInputStreamTest.java | 4 +- .../servlet24/ServletOutputStreamTest.java | 4 +- .../servlet24}/ServletRequestTest.java | 4 +- .../servlet24}/ServletResponseTest.java | 4 +- .../servlet24/ServletTest.java | 4 +- .../servlet24/WebServletTest.java | 4 +- .../servlet5}/HttpServletHelper.java | 2 +- .../servlet5/ServletRequestCallback.java | 2 +- .../servlet5/ServletResponseCallback.java | 2 +- .../servlet/FilterChain_Instrumentation.java | 2 +- .../servlet/Filter_Instrumentation.java | 2 +- ...tContainerInitializer_Instrumentation.java | 4 +- .../ServletInputStream_Instrumentation.java | 3 +- .../ServletOutputStream_Instrumentation.java | 3 +- .../ServletRequest_Instrumentation.java | 2 +- .../ServletResponse_Instrumentation.java | 2 +- .../servlet/Servlet_Instrumentation.java | 2 +- .../HttpServletResponse_Instrumentation.java | 6 +- .../http/HttpSession_Instrumentation.java | 8 +-- .../servlet5/HttpServletServer.java | 2 +- .../servlet5}/HttpServletTest.java | 4 +- .../servlet5/HttpSessionTest.java | 4 +- .../servlet5/HttpTestServlet.java | 2 +- .../servlet5}/ServletInputStreamTest.java | 6 +- .../servlet5/ServletOutputStreamTest.java | 2 +- .../servlet5}/ServletRequestTest.java | 4 +- .../servlet5/ServletResponseTest.java | 4 +- .../servlet5/ServletTest.java | 4 +- .../servlet5/WebServletTest.java | 4 +- .../servlet6}/HttpServletHelper.java | 2 +- .../servlet6/ServletRequestCallback.java | 2 +- .../servlet6}/ServletResponseCallback.java | 2 +- .../servlet/FilterChain_Instrumentation.java | 2 +- .../servlet/Filter_Instrumentation.java | 2 +- ...tContainerInitializer_Instrumentation.java | 4 +- .../ServletInputStream_Instrumentation.java | 3 +- .../ServletOutputStream_Instrumentation.java | 3 +- .../ServletRequest_Instrumentation.java | 2 +- .../ServletResponse_Instrumentation.java | 2 +- .../servlet/Servlet_Instrumentation.java | 2 +- .../HttpServletResponse_Instrumentation.java | 6 +- .../http/HttpSession_Instrumentation.java | 6 +- .../servlet6/HttpServletServer.java | 2 +- .../servlet6}/HttpServletTest.java | 4 +- .../servlet6/HttpSessionTest.java | 4 +- .../servlet6/HttpTestServlet.java | 2 +- .../servlet6}/ServletInputStreamTest.java | 6 +- .../servlet6/ServletOutputStreamTest.java | 4 +- .../servlet6}/ServletRequestTest.java | 4 +- .../servlet6}/ServletResponseTest.java | 4 +- .../servlet6/ServletTest.java | 4 +- .../servlet6/WebServletTest.java | 4 +- .../SpringController_Instrumentation.java | 2 +- .../springweb}/springweb/app/App.java | 2 +- .../springweb/app/TestMappings.java | 2 +- .../springweb/app/TestMappingsWithRest.java | 2 +- .../springweb/test/SpringControllerTest.java | 6 +- .../test/SpringRestControllerTest.java | 6 +- .../unboundid/ldap/LDAPUtils.java | 2 +- .../sdk/LDAPInterface_Instrumentation.java | 2 +- .../unboundid/ldap}/LDAPInterfaceTest.java | 4 +- .../urlconnection/Helper.java | 2 +- .../URLConnection_Instrumentation.java | 2 +- .../urlconnection/URLConnectionTest.java | 4 +- .../urlconnection/ftp/FTPConnectionTest.java | 4 +- .../xalan/xpath}/XPATHUtils.java | 2 +- .../apache/xpath/XPath_Instrumentation.java | 2 +- .../xalan/xpath/XPathTest.java | 2 +- .../newrelic/api/agent/security/Agent.java | 5 ++ .../newrelic/api/agent/security/Agent.java | 6 ++ .../api/agent/security/NoOpAgent.java | 6 ++ .../api/agent/security/SecurityAgent.java | 2 + 379 files changed, 930 insertions(+), 748 deletions(-) rename instrumentation-security/akka-http-core-10.0/src/main/scala/com/{nr/agent/security => newrelic/agent/security/instrumentation}/akka/core/AkkaCoreUtils.java (76%) rename instrumentation-security/akka-http-core-10.0/src/test/scala/com/{agent => nr/agent/security}/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala (98%) rename instrumentation-security/{akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011 => akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10}/AkkaServer.scala (97%) rename instrumentation-security/akka-http-core-10.0/src/test/scala/com/{agent => nr/agent/security}/instrumentation/akka/http/core_10/PlayServer.scala (96%) rename instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/com/{nr/agent/security => newrelic/agent/security/instrumentation}/akka/core/AkkaCoreUtils.java (76%) rename instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/{agent/instrumentation/akka/http/core_211_10011 => nr/agent/security/instrumentation/akka/http/core_10}/AkkaHttpCoreTest.scala (98%) rename instrumentation-security/{akka-http-core-10.0/src/test/scala/com/agent => akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security}/instrumentation/akka/http/core_10/AkkaServer.scala (97%) rename instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/{agent/instrumentation/akka/http/core_211_10011 => nr/agent/security/instrumentation/akka/http/core_10}/PlayServer.scala (95%) rename instrumentation-security/apache-ldap/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/apache/ldap/LDAPUtils.java (79%) rename instrumentation-security/apache-ldap/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/apache/ldap/LdapAsyncConnectionTest.java (98%) rename instrumentation-security/apache-ldap/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/apache/ldap/LdapConnectionTest.java (98%) rename instrumentation-security/camel-xpath/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/xpath/camel/XPATHUtils.java (72%) rename instrumentation-security/camel-xpath/src/test/java/com/nr/{instrumentation/security/camel/xpath => agent/security/instrumentation/xpath/camel}/BuilderSupportTest.java (98%) rename instrumentation-security/commons-jxpath/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/xpath/commons/jxpath/XPATHUtils.java (83%) rename instrumentation-security/commons-jxpath/src/test/java/{ => com/nr/agent/security/instrumentation/xpath/commons/jxpath}/JXPathTest.java (98%) rename instrumentation-security/dynamodb-1.11.390/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/dynamodb_1_11_390/DynamoDBUtil.java (99%) rename instrumentation-security/{dynamodb-1.11.453/src/test/java/com/nr/instrumentation/security/dynamodb453 => dynamodb-1.11.390/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_390}/DynamoServer.java (99%) rename instrumentation-security/{dynamodb-1.11.453/src/test/java/com/nr/instrumentation/security/dynamodb453 => dynamodb-1.11.390/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_390}/DynamodbTest.java (98%) rename instrumentation-security/dynamodb-1.11.453/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/dynamodb_1_11_453/DynamoDBUtil.java (99%) rename instrumentation-security/{dynamodb-1.11.459/src/test/java/com/nr/instrumentation/security/dynamodb459 => dynamodb-1.11.453/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_453}/DynamoServer.java (99%) rename instrumentation-security/{dynamodb-1.11.390/src/test/java/com/nr/instrumentation/security/dynamodb390 => dynamodb-1.11.453/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_453}/DynamodbTest.java (98%) rename instrumentation-security/dynamodb-1.11.459/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/dynamodb_1_11_459/DynamoDBUtil.java (99%) rename instrumentation-security/{dynamodb-1.11.390/src/test/java/com/nr/instrumentation/security/dynamodb390 => dynamodb-1.11.459/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_459}/DynamoServer.java (99%) rename instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/{instrumentation/security/dynamodb459 => agent/security/instrumentation/dynamodb_1_11_459}/DynamodbTest.java (98%) rename instrumentation-security/dynamodb-1.11.80/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/dynamodb_1_11_80/DynamoDBUtil.java (99%) rename instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/{instrumentation/security/dynamodb80 => agent/security/instrumentation/dynamodb_1_11_80}/DynamoServer.java (99%) rename instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/{instrumentation/security/dynamodb80 => agent/security/instrumentation/dynamodb_1_11_80}/DynamodbTest.java (98%) rename instrumentation-security/dynamodb-2.1.0/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/dynamodb_210/DynamoDBUtil.java (99%) rename instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/{instrumentation/security/dynamodb210 => agent/security/instrumentation/dynamodb_210}/DynamoUtil.java (97%) rename instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/{instrumentation/security/dynamodb210 => agent/security/instrumentation/dynamodb_210}/DynamodbTest.java (98%) rename instrumentation-security/dynamodb-2.1.2/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/dynamodb_212/DynamoDBUtil.java (99%) rename instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/{instrumentation/security/dynamodb212 => agent/security/instrumentation/dynamodb_212}/DynamoUtil.java (97%) rename instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/{instrumentation/security/dynamodb212 => agent/security/instrumentation/dynamodb_212}/DynamodbTest.java (99%) rename instrumentation-security/dynamodb-2.15.34/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/dynamodb_215/DynamoDBUtil.java (99%) rename instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/{instrumentation/security/dynamodb215 => agent/security/instrumentation/dynamodb_215}/DynamoUtil.java (97%) rename instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/{instrumentation/security/dynamodb215 => agent/security/instrumentation/dynamodb_215}/DynamodbTest.java (99%) rename instrumentation-security/file-operation/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javaio/FileInputStreamTest.java (98%) rename instrumentation-security/file-operation/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javaio/FileOutputStreamTest.java (97%) rename instrumentation-security/file-operation/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javaio/FileSystemTest.java (98%) rename instrumentation-security/file-operation/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javaio/FileTest.java (99%) rename instrumentation-security/file-operation/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javaio/TestSetupBringUp.java (95%) rename instrumentation-security/file-operation/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javanio/FileSystemProviderTest.java (98%) rename instrumentation-security/file-operation/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javanio/TestSetupBringUp.java (96%) rename instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/{nr/agent/security/mongo/jsinjection/graalvm => newrelic/agent/security/instrumentation/graalvm19}/JSEngineUtils.java (79%) rename instrumentation-security/graalvm-jsinjection-19.0.0/src/test/java/com/nr/agent/{ => security}/instrumentation/graalvm19/GraalVMTest.java (98%) rename instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/{nr/agent/security/mongo/jsinjection/graalvm => newrelic/agent/security/instrumentation/graalvm22}/JSEngineUtils.java (79%) rename instrumentation-security/graalvm-jsinjection-22.0.0/src/test/java/com/nr/agent/{ => security}/instrumentation/graalvm22/GraalVMTest.java (98%) rename instrumentation-security/http-async-client-4/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/httpasyncclient4/HttpAsyncClient4_Instrumentation.java (99%) rename instrumentation-security/http-async-client-4/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/httpasyncclient4/HttpPipeliningClient_Instrumentation.java (94%) rename instrumentation-security/http-async-client-4/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/httpasyncclient4/SecurityHelper.java (73%) rename instrumentation-security/http-async-client-4/src/test/java/com/nr/{instrumentation/security/httpAsyncClient => agent/security/instrumentation/httpasyncclient4}/HttpAsyncClient4Test.java (98%) rename instrumentation-security/httpclient-3/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/httpclient3/HttpMethodBase_Instrumentation.java (98%) rename instrumentation-security/httpclient-3/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/httpclient3/SecurityHelper.java (94%) rename instrumentation-security/httpclient-3/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/httpclient3/HttpClientTest.java (97%) rename instrumentation-security/httpclient-4.0/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/httpclient40/HttpClient_Instrumentation.java (99%) rename instrumentation-security/httpclient-4.0/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/httpclient40/SecurityHelper.java (91%) rename instrumentation-security/httpclient-4.0/src/test/java/com/nr/{instrumentation/security/httpclient4 => agent/security/instrumentation/httpclient40}/HttpClientTest.java (99%) rename instrumentation-security/httpclient-jdk11/src/main/java/{nr/security/java/net/http => com/newrelic/agent/security/instrumentation}/helper/SecurityHelper.java (75%) rename instrumentation-security/httpclient-jdk11/src/main/java/{nr/jdk/internal/net => com/newrelic/agent/security/instrumentation}/http/HttpClientImpl_Instrumentation.java (97%) rename instrumentation-security/httpclient-jdk11/src/main/java/{nr/java/net => com/newrelic/agent/security/instrumentation}/http/HttpRequest_Instrumentation.java (85%) rename instrumentation-security/httpclient-jdk11/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/httpclientJDK11/HttpClientTest.java (97%) rename instrumentation-security/java-io-inputstream-jdk8/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/javaio/InputStreamHelper.java (93%) rename instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/{instrumentation/security/inputstream => agent/security/instrumentation/javaio}/InputStreamJdk8Test.java (98%) rename instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/{instrumentation/security/inputstream => agent/security/instrumentation/javaio}/TestSetupBringUp.java (91%) rename instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/javaio/InputStreamHelper.java (93%) rename instrumentation-security/java-io-inputstream-jdk9/src/main/java/{nr/java => com/newrelic/agent/security/instrumentation/javaio}/io/InputStream_Instrumentation.java (97%) rename instrumentation-security/java-io-inputstream-jdk9/src/main/java/{nr/java => com/newrelic/agent/security/instrumentation/javaio}/lang/ProcessHandle_Instrumentation.java (77%) rename instrumentation-security/java-io-stream/src/main/java/com/{nr/instrumentation/security/javaio => newrelic/agent/security/instrumentation/inputstream}/IOStreamHelper.java (97%) rename instrumentation-security/java-io-stream/src/test/java/com/nr/{instrumentation/security/javaio => agent/security/instrumentation/inputstream}/BufferedReaderTest.java (98%) rename instrumentation-security/java-io-stream/src/test/java/com/nr/{instrumentation/security/javaio => agent/security/instrumentation/inputstream}/OutputStreamTest.java (97%) rename instrumentation-security/java-io-stream/src/test/java/com/nr/{instrumentation/security/javaio => agent/security/instrumentation/inputstream}/PrintWriterTest.java (99%) rename instrumentation-security/java-io-stream/src/test/java/com/nr/{instrumentation/security/javaio => agent/security/instrumentation/inputstream}/ReaderTest.java (98%) rename instrumentation-security/java-io-stream/src/test/java/com/nr/{instrumentation/security/javaio => agent/security/instrumentation/inputstream}/TestSetupBringUp.java (90%) rename instrumentation-security/java-lang/src/test/java/com/nr/{ => agent/security}/instrumentation/java/lang/ProcessImplTest.java (98%) rename instrumentation-security/javax-jndi/src/main/java/com/{nr/instrumentation/security/javax => newrelic/agent/security/instrumentation/javax/jndi}/JNDIUtils.java (96%) rename instrumentation-security/javax-jndi/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javax/jndi/ContextRmiTest.java (97%) rename instrumentation-security/javax-jndi/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javax/jndi/ContextTest.java (98%) rename instrumentation-security/javax-ldap/src/main/java/com/{nr/instrumentation/security/javax => newrelic/agent/security/instrumentation/javax/ldap}/LDAPUtils.java (72%) rename instrumentation-security/javax-ldap/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/javax/ldap/DirContextTest.java (99%) rename instrumentation-security/javax-xpath/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/xpath/javax/XPATHUtils.java (79%) rename instrumentation-security/javax-xpath/src/test/java/com/nr/{instrumentation/security/xpath => agent/security/instrumentation/xpath/javax}/XPathTest.java (98%) rename instrumentation-security/javax-xpath/src/test/java/com/nr/{instrumentation/security/xpath => agent/security/instrumentation/xpath/javax}/internal/XPathInternalTest.java (99%) rename instrumentation-security/jax-rs-1.0/src/main/java/com/{nr => newrelic/agent/security}/instrumentation/javax/ws/rs/api/Application_Instrumentation.java (76%) rename instrumentation-security/jax-rs-1.0/src/main/java/com/{nr => newrelic/agent/security}/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Instrumentation.java (92%) rename instrumentation-security/jax-rs-1.0/src/main/java/com/{nr => newrelic/agent/security}/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Subresource_Instrumentation.java (95%) rename instrumentation-security/jax-rs-1.0/src/test/java/com/nr/{instrumentation/security/jax/rs => agent/security/instrumentation/javax/ws/rs/api}/app/App.java (95%) rename instrumentation-security/jax-rs-1.0/src/test/java/com/nr/{instrumentation/security/jax/rs => agent/security/instrumentation/javax/ws/rs/api}/app/CustomerLocatorResource.java (79%) rename instrumentation-security/jax-rs-1.0/src/test/java/com/nr/{instrumentation/security/jax/rs => agent/security/instrumentation/javax/ws/rs/api}/app/IdSubResource.java (94%) rename instrumentation-security/jax-rs-1.0/src/test/java/com/nr/{instrumentation/security/jax/rs => agent/security/instrumentation/javax/ws/rs/api}/app/OrdersSubResource.java (75%) rename instrumentation-security/jax-rs-1.0/src/test/java/com/nr/{instrumentation/security/jax/rs => agent/security/instrumentation/javax/ws/rs/api}/app/TestMapping.java (95%) rename instrumentation-security/jax-rs-1.0/src/test/java/com/nr/{instrumentation/security/jax/rs => agent/security/instrumentation/javax/ws/rs/api}/test/JavaxWsRsApiTest.java (94%) rename instrumentation-security/jax-rs-1.0/src/test/java/com/nr/{instrumentation/security/jax/rs => agent/security/instrumentation/javax/ws/rs/api}/test/SubresourceTest.java (93%) rename instrumentation-security/jax-rs-3.0/src/main/java/com/{nr => newrelic/agent/security}/instrumentation/jakarta/ws/rs/api/Application_Instrumentation.java (83%) rename instrumentation-security/jax-rs-3.0/src/main/java/com/{nr => newrelic/agent/security}/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Instrumentation.java (92%) rename instrumentation-security/jax-rs-3.0/src/main/java/com/{nr => newrelic/agent/security}/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Subresource_Instrumentation.java (95%) rename instrumentation-security/jax-rs-3.0/src/test/java/com/nr/{instrumentation/security/jax/rs3 => agent/security/instrumentation/jakarta/ws/rs/api}/app/App.java (94%) rename instrumentation-security/jax-rs-3.0/src/test/java/com/nr/{instrumentation/security/jax/rs3 => agent/security/instrumentation/jakarta/ws/rs/api}/app/CustomerLocatorResource.java (79%) rename instrumentation-security/jax-rs-3.0/src/test/java/com/nr/{instrumentation/security/jax/rs3 => agent/security/instrumentation/jakarta/ws/rs/api}/app/IdSubResource.java (94%) rename instrumentation-security/jax-rs-3.0/src/test/java/com/nr/{instrumentation/security/jax/rs3 => agent/security/instrumentation/jakarta/ws/rs/api}/app/OrdersSubResource.java (75%) rename instrumentation-security/jax-rs-3.0/src/test/java/com/nr/{instrumentation/security/jax/rs3 => agent/security/instrumentation/jakarta/ws/rs/api}/app/TestMapping.java (94%) rename instrumentation-security/jax-rs-3.0/src/test/java/com/nr/{instrumentation/security/jax/rs3 => agent/security/instrumentation/jakarta/ws/rs/api}/test/JakartaWsRsApiTest.java (94%) rename instrumentation-security/jax-rs-3.0/src/test/java/com/nr/{instrumentation/security/jax/rs3 => agent/security/instrumentation/jakarta/ws/rs/api}/test/SubresourceTest.java (93%) rename instrumentation-security/jaxen-xpath-1.1/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/xpath/jaxen/XPATHUtils.java (74%) rename instrumentation-security/jaxen-xpath-1.1/src/test/java/com/nr/{instrumentation/security/jaxen/xpath11 => agent/security/instrumentation/xpath/jaxen}/BaseXPathTest.java (97%) rename instrumentation-security/jaxen-xpath/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/xpath/jaxen/XPATHUtils.java (74%) rename instrumentation-security/jaxen-xpath/src/test/java/com/nr/{instrumentation/security/jaxen/xpath => agent/security/instrumentation/xpath/jaxen}/BaseXPathTest.java (97%) rename instrumentation-security/{jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216 => jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011}/DerbyAutoloadedDriverTest.java (98%) rename instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/derby101011/DerbyDataStoreTest.java (99%) rename instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/derby101011/DerbyDriverTest.java (98%) rename instrumentation-security/{jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111 => jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011}/Helper.java (92%) rename instrumentation-security/{jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011 => jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111}/DerbyAutoloadedDriverTest.java (98%) rename instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/derby101111/DerbyDataStoreTest.java (99%) rename instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/derby101111/DerbyDriverTest.java (98%) rename instrumentation-security/{jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216 => jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111}/Helper.java (92%) rename instrumentation-security/{jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111 => jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216}/DerbyAutoloadedDriverTest.java (98%) rename instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/derby10216/DerbyDataStoreTest.java (99%) rename instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/derby10216/DerbyDriverTest.java (98%) rename instrumentation-security/{jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011 => jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216}/Helper.java (92%) rename instrumentation-security/jdbc-h2/src/test/java/com/nr/{instrumentation/org/h2 => agent/security/instrumentation/h2/org}/DataStoreTest.java (98%) rename instrumentation-security/jdbc-h2/src/test/java/com/nr/{instrumentation/org/h2 => agent/security/instrumentation/h2/org}/H2Test.java (98%) rename instrumentation-security/jdbc-h2/src/test/java/com/nr/{instrumentation/security/h2 => agent/security/instrumentation/h2/security}/H2Test.java (96%) rename instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/{ => security}/instrumentation/jdbc/hs/HSql1722DataStoreTest.java (98%) rename instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/{ => security}/instrumentation/jdbc/hs/HSql1722DriverTest.java (98%) rename instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/{ => security}/instrumentation/jdbc/hs/HSql229DataStoreTest.java (98%) rename instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/{ => security}/instrumentation/jdbc/hs/HSql229DriverTest.java (98%) rename instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/{ => security}/instrumentation/jdbc/hs/HSql229PoolTest.java (98%) rename instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mariadb117/DataSourceTest.java (98%) rename instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mariadb117/MariaDb117Test.java (97%) rename instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mariadb130/DataSourceTest.java (98%) rename instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mariadb130/MariaDb130Test.java (97%) rename instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql602/MySql602DataStoreTest.java (99%) rename instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql602/MySql602DriverTest.java (98%) rename instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql602/MySql602Test.java (99%) rename instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql604/MySql604DataStoreTest.java (99%) rename instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql604/MySql604DriverTest.java (99%) rename instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql604/MySql604Test.java (99%) rename instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql8011/MySql8011DataStoreTest.java (99%) rename instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql8011/MySql8011DriverTest.java (98%) rename instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql8011/MySql8011Test.java (99%) rename instrumentation-security/jdbc-mysql-connection-5.1.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysqlconnection514/MySqlConnection514Test.java (99%) rename instrumentation-security/jdbc-mysql-connection-6.0.2/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysqlconnection602/MySqlConnection602Test.java (99%) rename instrumentation-security/jdbc-mysql-connection-8.0.11/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysqlconnection8011/MySqlConnection8011Test.java (99%) rename instrumentation-security/jdbc-mysql-multihost-connections-5.1.3/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql/multihost/MysqlMultiHost513Test.java (99%) rename instrumentation-security/jdbc-mysql-multihost-connections-6.0.2/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/jdbc}/mysql/multihost/MysqlMultiHost602Test.java (99%) rename instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/postgresql80312/DataStoreTest.java (86%) rename instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/postgresql80312/DriverTest.java (56%) rename instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/postgresql80312/PgStatementTest.java (83%) rename instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/postgresql941207/DataStoreTest.java (87%) rename instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/postgresql941207/DriverTest.java (56%) rename instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/postgresql941207/PgStatementTest.java (82%) rename instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/postgresql941208/DataStoreTest.java (87%) rename instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/postgresql941208/DriverTest.java (55%) rename instrumentation-security/jetty-11/src/main/java/{security/org/eclipse/jetty11/server => com/newrelic/agent/security/instrumentation/jetty11}/ContextHandler_Instrumentation.java (96%) rename instrumentation-security/jetty-11/src/main/java/{security/org/eclipse/jetty11/server => com/newrelic/agent/security/instrumentation/jetty11}/Handler_Instrumentation.java (91%) rename instrumentation-security/jetty-11/src/main/java/{security/org/eclipse/jetty11/server => com/newrelic/agent/security/instrumentation/jetty11}/HttpServletHelper.java (99%) rename instrumentation-security/jetty-11/src/main/java/{security/org/eclipse/jetty11/server => com/newrelic/agent/security/instrumentation/jetty11}/Server_Instrumentation.java (97%) rename instrumentation-security/jetty-11/src/test/java/com/nr/{instrumetation/security => agent/security/instrumentation}/jetty11/ServerTest.java (98%) rename instrumentation-security/jetty-9/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/jetty9/ContextHandler_Instrumentation.java (96%) rename instrumentation-security/jetty-9/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/jetty9/Handler_Instrumentation.java (92%) rename instrumentation-security/jetty-9/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/jetty9/HttpServletHelper.java (99%) rename instrumentation-security/jetty-9/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/jetty9/Server_Instrumentation.java (95%) rename instrumentation-security/jetty-9/src/test/java/com/nr/{instrumetation/security => agent/security/instrumentation}/jetty9/ServerTest.java (98%) rename instrumentation-security/jsp-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/jsp24/HttpJspPageTest.java (98%) rename instrumentation-security/jsp-3/src/test/java/com/nr/{instrumentation/security/jsp24 => agent/security/instrumentation/jsp3}/HttpJspPageTest.java (98%) rename instrumentation-security/ldaptive-1.0/src/main/java/com/{nr/instrumentation/security/ldaptive1x/ldap => newrelic/agent/security/instrumentation/ldaptive1}/LDAPUtils.java (73%) rename instrumentation-security/ldaptive-1.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/ldaptive1/AbstractOperationTest.java (99%) rename instrumentation-security/ldaptive-2.0/src/main/java/com/{nr/instrumentation/security/ldaptive2x/ldap => newrelic/agent/security/instrumentation/ldaptive2}/LDAPUtils.java (86%) rename instrumentation-security/ldaptive-2.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/ldaptive2/AbstractOperationTest.java (99%) rename instrumentation-security/low-priority-instrumentation/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/random/RandomUtils.java (79%) rename instrumentation-security/low-priority-instrumentation/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/random/java/io/File_Instrumentation.java (88%) rename instrumentation-security/low-priority-instrumentation/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/random/java/security/KeyPairGenerator_Instrumentation.java (86%) rename instrumentation-security/low-priority-instrumentation/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/random/java/security/MessageDigest_Instrumentation.java (86%) rename instrumentation-security/low-priority-instrumentation/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/random/java/util/Random_Instrumentation.java (85%) rename instrumentation-security/low-priority-instrumentation/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/random/javax/crypto/Cipher_Instrumentation.java (87%) rename instrumentation-security/low-priority-instrumentation/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/random/javax/crypto/KeyGenerator_Instrumentation.java (86%) rename instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/{security/agent/crypto => agent/security/instrumentation/random}/KeyPairGeneratorTest.java (96%) rename instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/{security/agent/crypto => agent/security/instrumentation/random}/MessageDigestTest.java (97%) rename instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/{security/agent/crypto => agent/security/instrumentation/random}/RandomTest.java (98%) rename instrumentation-security/mongodb-3.0/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/mongo/MongoUtil.java (99%) rename instrumentation-security/mongodb-3.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/mongodb/operation/OperationExecutorDBTest.java (99%) rename instrumentation-security/mongodb-3.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/mongodb/operation/OperationExecutorMongoDatabaseTest.java (99%) rename instrumentation-security/mongodb-3.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/mongodb30/operation/CommandReadOperationTest.java (97%) rename instrumentation-security/mongodb-3.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/mongodb30/operation/CommandWriteOperationTest.java (97%) rename instrumentation-security/{mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal => mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation}/DBPerson.java (91%) rename instrumentation-security/{mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal => mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation}/DBPersonCodec.java (93%) rename instrumentation-security/mongodb-3.6/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/mongo/MongoUtil.java (99%) rename instrumentation-security/mongodb-3.6/src/test/java/com/nr/{instrumentation/security/mongodb36/operation => agent/security/instrumentation/mongo36}/CommandReadOperationTest.java (98%) rename instrumentation-security/mongodb-3.6/src/test/java/com/nr/{instrumentation/security/mongodb36/operation => agent/security/instrumentation/mongo36}/CommandWriteOperationTest.java (98%) rename instrumentation-security/{mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation => mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36}/DBPerson.java (91%) rename instrumentation-security/{mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation => mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36}/DBPersonCodec.java (94%) rename instrumentation-security/mongodb-3.6/src/test/java/com/nr/{instrumentation/security/mongodb36/operation => agent/security/instrumentation/mongo36}/OperationExecutorDBTest.java (99%) rename instrumentation-security/mongodb-3.6/src/test/java/com/nr/{instrumentation/security/mongodb36/operation => agent/security/instrumentation/mongo36}/OperationExecutorMongoDatabaseTest.java (99%) rename instrumentation-security/mongodb-3.7/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/mongo/MongoUtil.java (99%) rename instrumentation-security/mongodb-3.7/src/test/java/com/nr/{instrumentation/security/mongodb37/client/internal => agent/security/instrumentation/mongo37}/CommandReadOperationTest.java (97%) rename instrumentation-security/mongodb-3.7/src/test/java/com/nr/{instrumentation/security/mongodb37/client/internal => agent/security/instrumentation/mongo37}/CommandWriteOperationTest.java (97%) rename instrumentation-security/{mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation => mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37}/DBPerson.java (91%) rename instrumentation-security/{mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation => mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37}/DBPersonCodec.java (94%) rename instrumentation-security/mongodb-3.7/src/test/java/com/nr/{instrumentation/security/mongodb37/client/internal => agent/security/instrumentation/mongo37}/OperationExecutorDBTest.java (99%) rename instrumentation-security/mongodb-3.7/src/test/java/com/nr/{instrumentation/security/mongodb37/client/internal => agent/security/instrumentation/mongo37}/OperationExecutorMongoDatabaseTest.java (99%) rename instrumentation-security/mongodb-3.8/src/main/java/com/{nr/agent/security => newrelic/agent/security/instrumentation}/mongo/MongoUtil.java (99%) rename instrumentation-security/mongodb-3.8/src/test/java/com/nr/{instrumentation/security/mongodb38 => agent/security/instrumentation/mongo38}/client/internal/OperationExecutorDBTest.java (99%) rename instrumentation-security/mongodb-3.8/src/test/java/com/nr/{instrumentation/security/mongodb38 => agent/security/instrumentation/mongo38}/client/internal/OperationExecutorMongoDatabaseTest.java (99%) rename instrumentation-security/mongodb-3.8/src/test/java/com/nr/{instrumentation/security/mongodb38 => agent/security/instrumentation/mongo38}/operation/CommandReadOperationTest.java (97%) rename instrumentation-security/mongodb-3.8/src/test/java/com/nr/{instrumentation/security/mongodb38 => agent/security/instrumentation/mongo38}/operation/CommandWriteOperationTest.java (98%) rename instrumentation-security/mongodb-3.8/src/test/java/com/nr/{instrumentation/security/mongodb38 => agent/security/instrumentation/mongo38}/operation/DBPerson.java (93%) rename instrumentation-security/mongodb-3.8/src/test/java/com/nr/{instrumentation/security/mongodb38 => agent/security/instrumentation/mongo38}/operation/DBPersonCodec.java (94%) rename instrumentation-security/nashorn-jsinjection/src/main/java/com/{nr/agent/security/jsinjection => newrelic/agent/security/instrumentation}/nashorn/JSEngineUtils.java (80%) rename instrumentation-security/nashorn-jsinjection/src/test/java/com/nr/agent/{ => security}/instrumentation/nashorn/NashornScriptEngineTest.java (99%) rename instrumentation-security/okhttp-3.0.0/src/main/java/com/{nr/agent/instrumentation/security/okhttp30/internal => newrelic/agent/security/instrumentation/okhttp30}/OkhttpHelper.java (98%) rename instrumentation-security/okhttp-3.0.0/src/main/java/com/{nr/agent/instrumentation/security/okhttp30/internal => newrelic/agent/security/instrumentation/okhttp30}/RealCall_Instrumentation.java (98%) rename instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/okhttp30/RealCallTest.java (95%) rename instrumentation-security/{okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http => okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35}/OkhttpHelper.java (98%) rename instrumentation-security/okhttp-3.5.0/src/main/java/com/{nr/agent/instrumentation/security/okhttp35/internal => newrelic/agent/security/instrumentation/okhttp35}/http/ExchangeCodec_Instrumentation.java (81%) rename instrumentation-security/okhttp-3.5.0/src/main/java/com/{nr/agent/instrumentation/security/okhttp35/internal => newrelic/agent/security/instrumentation/okhttp35}/http/HttpCodec_Instrumentation.java (92%) rename instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/okhttp35/RealCallTest.java (95%) rename instrumentation-security/okhttp-4.0.0/src/main/java/com/{nr/agent/instrumentation/security/okhttp40/internal/http => newrelic/agent/security/instrumentation/okhttp40}/ExchangeCodec_Instrumentation.java (96%) rename instrumentation-security/{okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal => okhttp-4.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp40}/OkhttpHelper.java (98%) rename instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/{instrumentation/security/okhttp30 => agent/security/instrumentation/okhttp40}/ExchangeCodecTest.java (95%) rename instrumentation-security/r2dbc-generic/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/H2StatementTest.java (99%) rename instrumentation-security/r2dbc-generic/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/H2Test.java (99%) rename instrumentation-security/r2dbc-generic/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/MariaStatementTest.java (99%) rename instrumentation-security/r2dbc-generic/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/MariaTest.java (99%) rename instrumentation-security/r2dbc-generic/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/MySQLStatementTest.java (99%) rename instrumentation-security/r2dbc-generic/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/MySQLTest.java (99%) rename instrumentation-security/r2dbc-generic/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/PostgresStatementTest.java (99%) rename instrumentation-security/r2dbc-generic/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/PostgresTest.java (99%) rename instrumentation-security/r2dbc-h2/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/h2/ClientTest.java (98%) rename instrumentation-security/r2dbc-h2/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/h2/SessionClientTest.java (98%) rename instrumentation-security/r2dbc-mariadb/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/mariadb/ConnectionTest.java (98%) rename instrumentation-security/r2dbc-mysql/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/mysql/ConnectionTest.java (98%) rename instrumentation-security/r2dbc-postgresql/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/r2dbc/postgres/ConnectionTest.java (99%) rename instrumentation-security/rhino-jsinjection/src/main/java/com/{nr/agent/security/mongo/jsinjection => newrelic/agent/security/instrumentation}/rhino/JSEngineUtils.java (82%) rename instrumentation-security/rhino-jsinjection/src/test/java/com/nr/agent/{ => security}/instrumentation/rhino/RhinoTest.java (99%) rename instrumentation-security/saxpath/src/main/java/com/{nr/instrumentation/security/xpath => newrelic/agent/security/instrumentation}/saxpath/XPATHUtils.java (74%) rename instrumentation-security/saxpath/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/saxpath/XPathTest.java (95%) rename instrumentation-security/servlet-2.4/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/servlet24/HttpServletHelper.java (99%) rename instrumentation-security/servlet-2.4/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/servlet24/ServletRequestCallback.java (97%) rename instrumentation-security/{servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6 => servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24}/ServletResponseCallback.java (97%) rename instrumentation-security/servlet-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet24/HttpServletServer.java (97%) rename instrumentation-security/servlet-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet24/HttpServletTest.java (94%) rename instrumentation-security/servlet-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet24/HttpSessionTest.java (97%) rename instrumentation-security/servlet-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet24/HttpTestServlet.java (99%) rename instrumentation-security/servlet-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet24/ServletInputStreamTest.java (97%) rename instrumentation-security/servlet-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet24/ServletOutputStreamTest.java (99%) rename instrumentation-security/{servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6 => servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24}/ServletRequestTest.java (98%) rename instrumentation-security/{servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6 => servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24}/ServletResponseTest.java (96%) rename instrumentation-security/servlet-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet24/ServletTest.java (93%) rename instrumentation-security/servlet-2.4/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet24/WebServletTest.java (89%) rename instrumentation-security/{servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6 => servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5}/HttpServletHelper.java (99%) rename instrumentation-security/servlet-5.0/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/servlet5/ServletRequestCallback.java (97%) rename instrumentation-security/servlet-5.0/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/servlet5/ServletResponseCallback.java (97%) rename instrumentation-security/servlet-5.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet5/HttpServletServer.java (97%) rename instrumentation-security/{servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6 => servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5}/HttpServletTest.java (96%) rename instrumentation-security/servlet-5.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet5/HttpSessionTest.java (98%) rename instrumentation-security/servlet-5.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet5/HttpTestServlet.java (99%) rename instrumentation-security/{servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6 => servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5}/ServletInputStreamTest.java (98%) rename instrumentation-security/servlet-5.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet5/ServletOutputStreamTest.java (99%) rename instrumentation-security/{servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24 => servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5}/ServletRequestTest.java (98%) rename instrumentation-security/servlet-5.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet5/ServletResponseTest.java (96%) rename instrumentation-security/servlet-5.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet5/ServletTest.java (93%) rename instrumentation-security/servlet-5.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet5/WebServletTest.java (93%) rename instrumentation-security/{servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5 => servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6}/HttpServletHelper.java (99%) rename instrumentation-security/servlet-6.0/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/servlet6/ServletRequestCallback.java (97%) rename instrumentation-security/{servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24 => servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6}/ServletResponseCallback.java (97%) rename instrumentation-security/servlet-6.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet6/HttpServletServer.java (97%) rename instrumentation-security/{servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5 => servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6}/HttpServletTest.java (96%) rename instrumentation-security/servlet-6.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet6/HttpSessionTest.java (98%) rename instrumentation-security/servlet-6.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet6/HttpTestServlet.java (99%) rename instrumentation-security/{servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5 => servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6}/ServletInputStreamTest.java (98%) rename instrumentation-security/servlet-6.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet6/ServletOutputStreamTest.java (99%) rename instrumentation-security/{servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5 => servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6}/ServletRequestTest.java (98%) rename instrumentation-security/{servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24 => servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6}/ServletResponseTest.java (96%) rename instrumentation-security/servlet-6.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet6/ServletTest.java (93%) rename instrumentation-security/servlet-6.0/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/servlet6/WebServletTest.java (93%) rename instrumentation-security/spring-web/src/main/java/com/{nr/agent/instrumentation => newrelic/agent/security/instrumentation/springweb}/SpringController_Instrumentation.java (95%) rename instrumentation-security/spring-web/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/springweb}/springweb/app/App.java (98%) rename instrumentation-security/spring-web/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/springweb}/springweb/app/TestMappings.java (94%) rename instrumentation-security/spring-web/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/springweb}/springweb/app/TestMappingsWithRest.java (95%) rename instrumentation-security/spring-web/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/springweb}/springweb/test/SpringControllerTest.java (93%) rename instrumentation-security/spring-web/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation/springweb}/springweb/test/SpringRestControllerTest.java (93%) rename instrumentation-security/unboundid-ldapsdk/src/main/java/com/{nr/instrumentation/security => newrelic/agent/security/instrumentation}/unboundid/ldap/LDAPUtils.java (72%) rename instrumentation-security/unboundid-ldapsdk/src/test/java/com/nr/{instrumentation/security/unboundid/ldap/sdk => agent/security/instrumentation/unboundid/ldap}/LDAPInterfaceTest.java (98%) rename instrumentation-security/urlconnection/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/urlconnection/Helper.java (85%) rename instrumentation-security/urlconnection/src/main/java/com/{nr/agent/instrumentation/security => newrelic/agent/security/instrumentation}/urlconnection/URLConnection_Instrumentation.java (99%) rename instrumentation-security/urlconnection/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/urlconnection/URLConnectionTest.java (99%) rename instrumentation-security/urlconnection/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/urlconnection/ftp/FTPConnectionTest.java (98%) rename instrumentation-security/xalan-xpath/src/main/java/com/{nr/instrumentation/security/xpath/xalan => newrelic/agent/security/instrumentation/xalan/xpath}/XPATHUtils.java (73%) rename instrumentation-security/xalan-xpath/src/test/java/com/nr/{instrumentation/security => agent/security/instrumentation}/xalan/xpath/XPathTest.java (98%) diff --git a/instrumentation-security-test/src/main/java/com/newrelic/agent/security/introspec/internal/IntrospectorServiceManager.java b/instrumentation-security-test/src/main/java/com/newrelic/agent/security/introspec/internal/IntrospectorServiceManager.java index 4ac40878f..19c8c324b 100644 --- a/instrumentation-security-test/src/main/java/com/newrelic/agent/security/introspec/internal/IntrospectorServiceManager.java +++ b/instrumentation-security-test/src/main/java/com/newrelic/agent/security/introspec/internal/IntrospectorServiceManager.java @@ -125,6 +125,7 @@ public static IntrospectorServiceManager createAndInitialize(Map Map sec = new HashMap<>(); sec.put("enable", true); sec.put("validator_service_url", "ws://192.168.5.138:54321"); + sec.put("low-priority-instrumentation", Collections.singletonMap("enabled", true)); config.put("security", sec); if (configOverrides != null) { diff --git a/instrumentation-security-test/src/main/java/com/newrelic/agent/security/introspec/internal/TransformingClassLoader.java b/instrumentation-security-test/src/main/java/com/newrelic/agent/security/introspec/internal/TransformingClassLoader.java index d3e34e26f..c3718dd50 100644 --- a/instrumentation-security-test/src/main/java/com/newrelic/agent/security/introspec/internal/TransformingClassLoader.java +++ b/instrumentation-security-test/src/main/java/com/newrelic/agent/security/introspec/internal/TransformingClassLoader.java @@ -22,7 +22,7 @@ class TransformingClassLoader extends URLClassLoader { "java.lang.ProcessImpl", "java.io", "java.nio", "javax.servlet" }; private static final String[] PROTECTED_PREFIXES = new String[]{"java.", "javax.", "com.sun.", "sun.", - "org.junit.", "junit.framework", "com.newrelic", "org.xml", "org.w3c"}; + "org.junit.", "junit.framework", "com.newrelic.agent", "com.newrelic.api", "org.xml", "org.w3c"}; private static final String[] INTROSPECTOR_MUST_LOADS = new String[]{ // This class needs to be woven. diff --git a/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java b/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java index aebfc59a1..05860b658 100644 --- a/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java +++ b/instrumentation-security/akka-http-core-10.0/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java @@ -25,7 +25,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.akka.core.AkkaCoreUtils; +import com.newrelic.agent.security.instrumentation.akka.core.AkkaCoreUtils; import scala.concurrent.Future; import java.net.URI; diff --git a/instrumentation-security/akka-http-core-10.0/src/main/scala/com/nr/agent/security/akka/core/AkkaCoreUtils.java b/instrumentation-security/akka-http-core-10.0/src/main/scala/com/newrelic/agent/security/instrumentation/akka/core/AkkaCoreUtils.java similarity index 76% rename from instrumentation-security/akka-http-core-10.0/src/main/scala/com/nr/agent/security/akka/core/AkkaCoreUtils.java rename to instrumentation-security/akka-http-core-10.0/src/main/scala/com/newrelic/agent/security/instrumentation/akka/core/AkkaCoreUtils.java index f8a7329bb..dc70cb610 100644 --- a/instrumentation-security/akka-http-core-10.0/src/main/scala/com/nr/agent/security/akka/core/AkkaCoreUtils.java +++ b/instrumentation-security/akka-http-core-10.0/src/main/scala/com/newrelic/agent/security/instrumentation/akka/core/AkkaCoreUtils.java @@ -1,4 +1,4 @@ -package com.nr.agent.security.akka.core; +package com.newrelic.agent.security.instrumentation.akka.core; public class AkkaCoreUtils { diff --git a/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala b/instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala similarity index 98% rename from instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala rename to instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala index 4fb2d3ddd..2593415f9 100644 --- a/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala +++ b/instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala @@ -5,18 +5,18 @@ * */ -package com.agent.instrumentation.akka.http.core_10 +package com.nr.agent.security.instrumentation.akka.http.core_10 import akka.actor.ActorSystem import akka.http.scaladsl.Http import akka.http.scaladsl.model.{HttpHeader, HttpRequest, HttpResponse} import akka.stream.ActorMaterializer +import com.newrelic.agent.security.instrumentation.akka.core.AkkaCoreUtils import com.newrelic.agent.security.introspec.{InstrumentationTestConfig, SecurityInstrumentationTestRunner, SecurityIntrospector} import com.newrelic.api.agent.Trace import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper import com.newrelic.api.agent.security.schema.VulnerabilityCaseType import com.newrelic.api.agent.security.schema.operation.SSRFOperation -import com.nr.agent.security.akka.core.AkkaCoreUtils import org.junit.runner.RunWith import org.junit.{After, Assert, Test} diff --git a/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaServer.scala b/instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaServer.scala similarity index 97% rename from instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaServer.scala rename to instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaServer.scala index 669eab8ab..6e9d879e8 100644 --- a/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaServer.scala +++ b/instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaServer.scala @@ -5,7 +5,7 @@ * */ -package com.agent.instrumentation.akka.http.core_211_10011 +package com.nr.agent.security.instrumentation.akka.http.core_10 import akka.actor.ActorSystem import akka.event.Logging diff --git a/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/PlayServer.scala b/instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/PlayServer.scala similarity index 96% rename from instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/PlayServer.scala rename to instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/PlayServer.scala index b81dae863..dc478a44d 100644 --- a/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/PlayServer.scala +++ b/instrumentation-security/akka-http-core-10.0/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/PlayServer.scala @@ -5,7 +5,7 @@ * */ -package com.agent.instrumentation.akka.http.core_10 +package com.nr.agent.security.instrumentation.akka.http.core_10 import akka.actor.ActorSystem import akka.event.Logging diff --git a/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java b/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java index 0ba6aa38f..beb68e310 100644 --- a/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java +++ b/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/akka/http/scaladsl/HttpExt_Instrumentation.java @@ -24,7 +24,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.akka.core.AkkaCoreUtils; +import com.newrelic.agent.security.instrumentation.akka.core.AkkaCoreUtils; import scala.concurrent.Future; import java.net.URI; diff --git a/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/com/nr/agent/security/akka/core/AkkaCoreUtils.java b/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/com/newrelic/agent/security/instrumentation/akka/core/AkkaCoreUtils.java similarity index 76% rename from instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/com/nr/agent/security/akka/core/AkkaCoreUtils.java rename to instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/com/newrelic/agent/security/instrumentation/akka/core/AkkaCoreUtils.java index f8a7329bb..dc70cb610 100644 --- a/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/com/nr/agent/security/akka/core/AkkaCoreUtils.java +++ b/instrumentation-security/akka-http-core-2.11_10.0.11/src/main/scala/com/newrelic/agent/security/instrumentation/akka/core/AkkaCoreUtils.java @@ -1,4 +1,4 @@ -package com.nr.agent.security.akka.core; +package com.newrelic.agent.security.instrumentation.akka.core; public class AkkaCoreUtils { diff --git a/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaHttpCoreTest.scala b/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala similarity index 98% rename from instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaHttpCoreTest.scala rename to instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala index f74cb0630..2593415f9 100644 --- a/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/AkkaHttpCoreTest.scala +++ b/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaHttpCoreTest.scala @@ -5,19 +5,18 @@ * */ -package com.agent.instrumentation.akka.http.core_10 +package com.nr.agent.security.instrumentation.akka.http.core_10 import akka.actor.ActorSystem import akka.http.scaladsl.Http import akka.http.scaladsl.model.{HttpHeader, HttpRequest, HttpResponse} import akka.stream.ActorMaterializer -import com.agent.instrumentation.akka.http.core_211_10011.{AkkaServer, PlayServer} +import com.newrelic.agent.security.instrumentation.akka.core.AkkaCoreUtils import com.newrelic.agent.security.introspec.{InstrumentationTestConfig, SecurityInstrumentationTestRunner, SecurityIntrospector} import com.newrelic.api.agent.Trace import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper import com.newrelic.api.agent.security.schema.VulnerabilityCaseType import com.newrelic.api.agent.security.schema.operation.SSRFOperation -import com.nr.agent.security.akka.core.AkkaCoreUtils import org.junit.runner.RunWith import org.junit.{After, Assert, Test} diff --git a/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaServer.scala b/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaServer.scala similarity index 97% rename from instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaServer.scala rename to instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaServer.scala index 7469cd90a..6e9d879e8 100644 --- a/instrumentation-security/akka-http-core-10.0/src/test/scala/com/agent/instrumentation/akka/http/core_10/AkkaServer.scala +++ b/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/AkkaServer.scala @@ -5,7 +5,7 @@ * */ -package com.agent.instrumentation.akka.http.core_10 +package com.nr.agent.security.instrumentation.akka.http.core_10 import akka.actor.ActorSystem import akka.event.Logging diff --git a/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/PlayServer.scala b/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/PlayServer.scala similarity index 95% rename from instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/PlayServer.scala rename to instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/PlayServer.scala index cc28674bd..dc478a44d 100644 --- a/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/agent/instrumentation/akka/http/core_211_10011/PlayServer.scala +++ b/instrumentation-security/akka-http-core-2.11_10.0.11/src/test/scala/com/nr/agent/security/instrumentation/akka/http/core_10/PlayServer.scala @@ -5,7 +5,7 @@ * */ -package com.agent.instrumentation.akka.http.core_211_10011 +package com.nr.agent.security.instrumentation.akka.http.core_10 import akka.actor.ActorSystem import akka.event.Logging @@ -13,7 +13,6 @@ import akka.http.scaladsl.Http import akka.http.scaladsl.model.HttpMethods._ import akka.http.scaladsl.model._ import akka.stream.ActorMaterializer -import akka.stream.scaladsl.{Source, _} import akka.util.Timeout import com.typesafe.config.ConfigFactory diff --git a/instrumentation-security/apache-ldap/src/main/java/com/nr/instrumentation/security/apache/ldap/LDAPUtils.java b/instrumentation-security/apache-ldap/src/main/java/com/newrelic/agent/security/instrumentation/apache/ldap/LDAPUtils.java similarity index 79% rename from instrumentation-security/apache-ldap/src/main/java/com/nr/instrumentation/security/apache/ldap/LDAPUtils.java rename to instrumentation-security/apache-ldap/src/main/java/com/newrelic/agent/security/instrumentation/apache/ldap/LDAPUtils.java index f189074e2..6f065267e 100644 --- a/instrumentation-security/apache-ldap/src/main/java/com/nr/instrumentation/security/apache/ldap/LDAPUtils.java +++ b/instrumentation-security/apache-ldap/src/main/java/com/newrelic/agent/security/instrumentation/apache/ldap/LDAPUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.apache.ldap; +package com.newrelic.agent.security.instrumentation.apache.ldap; public class LDAPUtils { diff --git a/instrumentation-security/apache-ldap/src/main/java/org/apache/directory/ldap/client/api/LdapAsyncConnection_Instrumentation.java b/instrumentation-security/apache-ldap/src/main/java/org/apache/directory/ldap/client/api/LdapAsyncConnection_Instrumentation.java index a940da71d..02458155b 100644 --- a/instrumentation-security/apache-ldap/src/main/java/org/apache/directory/ldap/client/api/LdapAsyncConnection_Instrumentation.java +++ b/instrumentation-security/apache-ldap/src/main/java/org/apache/directory/ldap/client/api/LdapAsyncConnection_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.apache.ldap.LDAPUtils; +import com.newrelic.agent.security.instrumentation.apache.ldap.LDAPUtils; import org.apache.directory.api.ldap.model.exception.LdapException; import org.apache.directory.api.ldap.model.message.SearchRequest; import org.apache.directory.api.ldap.model.message.SearchScope; diff --git a/instrumentation-security/apache-ldap/src/main/java/org/apache/directory/ldap/client/api/LdapConnection_Instrumentation.java b/instrumentation-security/apache-ldap/src/main/java/org/apache/directory/ldap/client/api/LdapConnection_Instrumentation.java index 855f4c78d..ddda6176e 100644 --- a/instrumentation-security/apache-ldap/src/main/java/org/apache/directory/ldap/client/api/LdapConnection_Instrumentation.java +++ b/instrumentation-security/apache-ldap/src/main/java/org/apache/directory/ldap/client/api/LdapConnection_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.apache.ldap.LDAPUtils; +import com.newrelic.agent.security.instrumentation.apache.ldap.LDAPUtils; import org.apache.directory.api.ldap.model.cursor.EntryCursor; import org.apache.directory.api.ldap.model.cursor.SearchCursor; import org.apache.directory.api.ldap.model.exception.LdapException; diff --git a/instrumentation-security/apache-ldap/src/test/java/com/nr/instrumentation/security/apache/ldap/LdapAsyncConnectionTest.java b/instrumentation-security/apache-ldap/src/test/java/com/nr/agent/security/instrumentation/apache/ldap/LdapAsyncConnectionTest.java similarity index 98% rename from instrumentation-security/apache-ldap/src/test/java/com/nr/instrumentation/security/apache/ldap/LdapAsyncConnectionTest.java rename to instrumentation-security/apache-ldap/src/test/java/com/nr/agent/security/instrumentation/apache/ldap/LdapAsyncConnectionTest.java index df20665b3..1728d3427 100644 --- a/instrumentation-security/apache-ldap/src/test/java/com/nr/instrumentation/security/apache/ldap/LdapAsyncConnectionTest.java +++ b/instrumentation-security/apache-ldap/src/test/java/com/nr/agent/security/instrumentation/apache/ldap/LdapAsyncConnectionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.apache.ldap; +package com.nr.agent.security.instrumentation.apache.ldap; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -25,7 +25,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "org.apache.directory.ldap.client.api", "com.nr.instrumentation.security.apache.ldap" }) +@InstrumentationTestConfig(includePrefixes = { "org.apache.directory.ldap.client.api", "com.newrelic.agent.security.instrumentation.apache.ldap" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class LdapAsyncConnectionTest { public static final String DOMAIN_DSN = "dc=example,dc=com"; diff --git a/instrumentation-security/apache-ldap/src/test/java/com/nr/instrumentation/security/apache/ldap/LdapConnectionTest.java b/instrumentation-security/apache-ldap/src/test/java/com/nr/agent/security/instrumentation/apache/ldap/LdapConnectionTest.java similarity index 98% rename from instrumentation-security/apache-ldap/src/test/java/com/nr/instrumentation/security/apache/ldap/LdapConnectionTest.java rename to instrumentation-security/apache-ldap/src/test/java/com/nr/agent/security/instrumentation/apache/ldap/LdapConnectionTest.java index 1718bb64a..49868d6af 100644 --- a/instrumentation-security/apache-ldap/src/test/java/com/nr/instrumentation/security/apache/ldap/LdapConnectionTest.java +++ b/instrumentation-security/apache-ldap/src/test/java/com/nr/agent/security/instrumentation/apache/ldap/LdapConnectionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.apache.ldap; +package com.nr.agent.security.instrumentation.apache.ldap; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -28,7 +28,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "org.apache.directory.ldap.client.api", "com.nr.instrumentation.security.apache.ldap" }) +@InstrumentationTestConfig(includePrefixes = { "org.apache.directory.ldap.client.api", "com.newrelic.agent.security.instrumentation.apache.ldap" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class LdapConnectionTest { public static final String DOMAIN_DSN = "dc=example,dc=com"; diff --git a/instrumentation-security/camel-xpath/src/main/java/com/nr/instrumentation/security/xpath/camel/XPATHUtils.java b/instrumentation-security/camel-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/camel/XPATHUtils.java similarity index 72% rename from instrumentation-security/camel-xpath/src/main/java/com/nr/instrumentation/security/xpath/camel/XPATHUtils.java rename to instrumentation-security/camel-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/camel/XPATHUtils.java index 95609654d..9ada28ff9 100644 --- a/instrumentation-security/camel-xpath/src/main/java/com/nr/instrumentation/security/xpath/camel/XPATHUtils.java +++ b/instrumentation-security/camel-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/camel/XPATHUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath.camel; +package com.newrelic.agent.security.instrumentation.xpath.camel; public class XPATHUtils { diff --git a/instrumentation-security/camel-xpath/src/main/java/org/apache/camel/builder/BuilderSupport_Instrumentation.java b/instrumentation-security/camel-xpath/src/main/java/org/apache/camel/builder/BuilderSupport_Instrumentation.java index 8e06b3524..56cd88223 100644 --- a/instrumentation-security/camel-xpath/src/main/java/org/apache/camel/builder/BuilderSupport_Instrumentation.java +++ b/instrumentation-security/camel-xpath/src/main/java/org/apache/camel/builder/BuilderSupport_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.xpath.camel.XPATHUtils; +import com.newrelic.agent.security.instrumentation.xpath.camel.XPATHUtils; import org.apache.camel.support.builder.Namespaces; @Weave(type = MatchType.BaseClass, originalName = "org.apache.camel.builder.BuilderSupport") diff --git a/instrumentation-security/camel-xpath/src/test/java/com/nr/instrumentation/security/camel/xpath/BuilderSupportTest.java b/instrumentation-security/camel-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/camel/BuilderSupportTest.java similarity index 98% rename from instrumentation-security/camel-xpath/src/test/java/com/nr/instrumentation/security/camel/xpath/BuilderSupportTest.java rename to instrumentation-security/camel-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/camel/BuilderSupportTest.java index d4eeaddc7..2cc5b7525 100644 --- a/instrumentation-security/camel-xpath/src/test/java/com/nr/instrumentation/security/camel/xpath/BuilderSupportTest.java +++ b/instrumentation-security/camel-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/camel/BuilderSupportTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.camel.xpath; +package com.nr.agent.security.instrumentation.xpath.camel; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/commons-jxpath/src/main/java/com/nr/instrumentation/security/xpath/commons/jxpath/XPATHUtils.java b/instrumentation-security/commons-jxpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/commons/jxpath/XPATHUtils.java similarity index 83% rename from instrumentation-security/commons-jxpath/src/main/java/com/nr/instrumentation/security/xpath/commons/jxpath/XPATHUtils.java rename to instrumentation-security/commons-jxpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/commons/jxpath/XPATHUtils.java index 1cae168f3..7536a5bd5 100644 --- a/instrumentation-security/commons-jxpath/src/main/java/com/nr/instrumentation/security/xpath/commons/jxpath/XPATHUtils.java +++ b/instrumentation-security/commons-jxpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/commons/jxpath/XPATHUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath.commons.jxpath; +package com.newrelic.agent.security.instrumentation.xpath.commons.jxpath; public class XPATHUtils { public static final String NR_SEC_CUSTOM_ATTRIB_NAME = "XPATH_OPERATION_LOCK_COMMONS_JXPATH-"; diff --git a/instrumentation-security/commons-jxpath/src/main/java/org/apache/commons/jxpath/ri/compiler/JXPathContextReferenceImpl_Instrumentation.java b/instrumentation-security/commons-jxpath/src/main/java/org/apache/commons/jxpath/ri/compiler/JXPathContextReferenceImpl_Instrumentation.java index a0ddb3649..f286b4c9b 100644 --- a/instrumentation-security/commons-jxpath/src/main/java/org/apache/commons/jxpath/ri/compiler/JXPathContextReferenceImpl_Instrumentation.java +++ b/instrumentation-security/commons-jxpath/src/main/java/org/apache/commons/jxpath/ri/compiler/JXPathContextReferenceImpl_Instrumentation.java @@ -9,8 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.xpath.commons.jxpath.XPATHUtils; -import org.apache.commons.jxpath.ri.EvalContext; +import com.newrelic.agent.security.instrumentation.xpath.commons.jxpath.XPATHUtils; import java.util.Iterator; diff --git a/instrumentation-security/commons-jxpath/src/test/java/JXPathTest.java b/instrumentation-security/commons-jxpath/src/test/java/com/nr/agent/security/instrumentation/xpath/commons/jxpath/JXPathTest.java similarity index 98% rename from instrumentation-security/commons-jxpath/src/test/java/JXPathTest.java rename to instrumentation-security/commons-jxpath/src/test/java/com/nr/agent/security/instrumentation/xpath/commons/jxpath/JXPathTest.java index fa48a72b4..e74d55e1c 100644 --- a/instrumentation-security/commons-jxpath/src/test/java/JXPathTest.java +++ b/instrumentation-security/commons-jxpath/src/test/java/com/nr/agent/security/instrumentation/xpath/commons/jxpath/JXPathTest.java @@ -1,3 +1,5 @@ +package com.nr.agent.security.instrumentation.xpath.commons.jxpath; + import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; @@ -6,7 +8,6 @@ import com.newrelic.api.agent.security.schema.operation.XPathOperation; import org.apache.commons.jxpath.Container; import org.apache.commons.jxpath.JXPathContext; -import org.apache.commons.jxpath.ri.compiler.Expression; import org.apache.commons.jxpath.xml.DocumentContainer; import org.junit.Assert; import org.junit.Test; diff --git a/instrumentation-security/dynamodb-1.11.390/src/main/java/com/amazonaws/services/dynamodbv2_1_11_390/AmazonDynamoDBClient_Instrumentation.java b/instrumentation-security/dynamodb-1.11.390/src/main/java/com/amazonaws/services/dynamodbv2_1_11_390/AmazonDynamoDBClient_Instrumentation.java index 3161b559b..6089a79eb 100644 --- a/instrumentation-security/dynamodb-1.11.390/src/main/java/com/amazonaws/services/dynamodbv2_1_11_390/AmazonDynamoDBClient_Instrumentation.java +++ b/instrumentation-security/dynamodb-1.11.390/src/main/java/com/amazonaws/services/dynamodbv2_1_11_390/AmazonDynamoDBClient_Instrumentation.java @@ -18,7 +18,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_1_11_390.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_1_11_390.DynamoDBUtil; import java.net.URI; diff --git a/instrumentation-security/dynamodb-1.11.390/src/main/java/com/nr/agent/security/dynamodb_1_11_390/DynamoDBUtil.java b/instrumentation-security/dynamodb-1.11.390/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_390/DynamoDBUtil.java similarity index 99% rename from instrumentation-security/dynamodb-1.11.390/src/main/java/com/nr/agent/security/dynamodb_1_11_390/DynamoDBUtil.java rename to instrumentation-security/dynamodb-1.11.390/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_390/DynamoDBUtil.java index e479ede76..59b2a21a9 100644 --- a/instrumentation-security/dynamodb-1.11.390/src/main/java/com/nr/agent/security/dynamodb_1_11_390/DynamoDBUtil.java +++ b/instrumentation-security/dynamodb-1.11.390/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_390/DynamoDBUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.dynamodb_1_11_390; +package com.newrelic.agent.security.instrumentation.dynamodb_1_11_390; import com.amazonaws.AmazonWebServiceRequest; import com.amazonaws.Request; diff --git a/instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/instrumentation/security/dynamodb453/DynamoServer.java b/instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_390/DynamoServer.java similarity index 99% rename from instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/instrumentation/security/dynamodb453/DynamoServer.java rename to instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_390/DynamoServer.java index 7193e387a..38a5a31de 100644 --- a/instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/instrumentation/security/dynamodb453/DynamoServer.java +++ b/instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_390/DynamoServer.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.dynamodb453; +package com.nr.agent.security.instrumentation.dynamodb_1_11_390; import com.amazonaws.auth.AWSStaticCredentialsProvider; import com.amazonaws.auth.BasicAWSCredentials; @@ -90,7 +90,6 @@ public class DynamoServer extends ExternalResource { private void setUp() throws Exception { System.setProperty("sqlite4java.library.path", "src/test/resources/libs/"); - server = ServerRunner.createServerFromCommandLineArgs(new String[]{ "-inMemory", "-port", String.valueOf(PORT) }); server.start(); diff --git a/instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/instrumentation/security/dynamodb453/DynamodbTest.java b/instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_390/DynamodbTest.java similarity index 98% rename from instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/instrumentation/security/dynamodb453/DynamodbTest.java rename to instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_390/DynamodbTest.java index e9238a437..25463009d 100644 --- a/instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/instrumentation/security/dynamodb453/DynamodbTest.java +++ b/instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_390/DynamodbTest.java @@ -1,15 +1,7 @@ -package com.nr.instrumentation.security.dynamodb453; +package com.nr.agent.security.instrumentation.dynamodb_1_11_390; import com.amazonaws.services.dynamodbv2.model.AttributeValue; import com.amazonaws.services.dynamodbv2.model.AttributeValueUpdate; -import com.amazonaws.services.dynamodbv2.model.DeleteItemRequest; -import com.amazonaws.services.dynamodbv2.model.GetItemRequest; -import com.amazonaws.services.dynamodbv2.model.KeysAndAttributes; -import com.amazonaws.services.dynamodbv2.model.PutItemRequest; -import com.amazonaws.services.dynamodbv2.model.PutRequest; -import com.amazonaws.services.dynamodbv2.model.QueryRequest; -import com.amazonaws.services.dynamodbv2.model.ScanRequest; -import com.amazonaws.services.dynamodbv2.model.UpdateItemRequest; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; @@ -29,7 +21,7 @@ @RunWith(SecurityInstrumentationTestRunner.class) @FixMethodOrder(MethodSorters.NAME_ASCENDING) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.security.dynamodb_1_11_453", "com.amazonaws.services"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.dynamodb_1_11_390", "com.amazonaws.services.dynamodbv2_1_11_390"}) public class DynamodbTest { @ClassRule public static DynamoServer dynamo = new DynamoServer(); diff --git a/instrumentation-security/dynamodb-1.11.453/src/main/java/com/amazonaws/services/dynamodbv2_1_11_453/AmazonDynamoDBClient_Instrumentation.java b/instrumentation-security/dynamodb-1.11.453/src/main/java/com/amazonaws/services/dynamodbv2_1_11_453/AmazonDynamoDBClient_Instrumentation.java index 7437c1ac6..0eb1a8180 100644 --- a/instrumentation-security/dynamodb-1.11.453/src/main/java/com/amazonaws/services/dynamodbv2_1_11_453/AmazonDynamoDBClient_Instrumentation.java +++ b/instrumentation-security/dynamodb-1.11.453/src/main/java/com/amazonaws/services/dynamodbv2_1_11_453/AmazonDynamoDBClient_Instrumentation.java @@ -18,7 +18,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_1_11_453.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_1_11_453.DynamoDBUtil; import java.net.URI; diff --git a/instrumentation-security/dynamodb-1.11.453/src/main/java/com/nr/agent/security/dynamodb_1_11_453/DynamoDBUtil.java b/instrumentation-security/dynamodb-1.11.453/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_453/DynamoDBUtil.java similarity index 99% rename from instrumentation-security/dynamodb-1.11.453/src/main/java/com/nr/agent/security/dynamodb_1_11_453/DynamoDBUtil.java rename to instrumentation-security/dynamodb-1.11.453/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_453/DynamoDBUtil.java index ff257e2a2..bfe59f2e6 100644 --- a/instrumentation-security/dynamodb-1.11.453/src/main/java/com/nr/agent/security/dynamodb_1_11_453/DynamoDBUtil.java +++ b/instrumentation-security/dynamodb-1.11.453/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_453/DynamoDBUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.dynamodb_1_11_453; +package com.newrelic.agent.security.instrumentation.dynamodb_1_11_453; import com.amazonaws.AmazonWebServiceRequest; import com.amazonaws.Request; diff --git a/instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/instrumentation/security/dynamodb459/DynamoServer.java b/instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_453/DynamoServer.java similarity index 99% rename from instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/instrumentation/security/dynamodb459/DynamoServer.java rename to instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_453/DynamoServer.java index 87f281c1b..04f658be5 100644 --- a/instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/instrumentation/security/dynamodb459/DynamoServer.java +++ b/instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_453/DynamoServer.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.dynamodb459; +package com.nr.agent.security.instrumentation.dynamodb_1_11_453; import com.amazonaws.auth.AWSStaticCredentialsProvider; import com.amazonaws.auth.BasicAWSCredentials; @@ -90,6 +90,7 @@ public class DynamoServer extends ExternalResource { private void setUp() throws Exception { System.setProperty("sqlite4java.library.path", "src/test/resources/libs/"); + server = ServerRunner.createServerFromCommandLineArgs(new String[]{ "-inMemory", "-port", String.valueOf(PORT) }); server.start(); diff --git a/instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/instrumentation/security/dynamodb390/DynamodbTest.java b/instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_453/DynamodbTest.java similarity index 98% rename from instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/instrumentation/security/dynamodb390/DynamodbTest.java rename to instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_453/DynamodbTest.java index 974376182..a1cb05462 100644 --- a/instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/instrumentation/security/dynamodb390/DynamodbTest.java +++ b/instrumentation-security/dynamodb-1.11.453/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_453/DynamodbTest.java @@ -1,15 +1,7 @@ -package com.nr.instrumentation.security.dynamodb390; +package com.nr.agent.security.instrumentation.dynamodb_1_11_453; import com.amazonaws.services.dynamodbv2.model.AttributeValue; import com.amazonaws.services.dynamodbv2.model.AttributeValueUpdate; -import com.amazonaws.services.dynamodbv2.model.DeleteItemRequest; -import com.amazonaws.services.dynamodbv2.model.GetItemRequest; -import com.amazonaws.services.dynamodbv2.model.KeysAndAttributes; -import com.amazonaws.services.dynamodbv2.model.PutItemRequest; -import com.amazonaws.services.dynamodbv2.model.PutRequest; -import com.amazonaws.services.dynamodbv2.model.QueryRequest; -import com.amazonaws.services.dynamodbv2.model.ScanRequest; -import com.amazonaws.services.dynamodbv2.model.UpdateItemRequest; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; @@ -29,7 +21,7 @@ @RunWith(SecurityInstrumentationTestRunner.class) @FixMethodOrder(MethodSorters.NAME_ASCENDING) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.security.dynamodb_1_11_390", "com.amazonaws.services.dynamodbv2_1_11_390"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.dynamodb_1_11_453", "com.amazonaws.services"}) public class DynamodbTest { @ClassRule public static DynamoServer dynamo = new DynamoServer(); diff --git a/instrumentation-security/dynamodb-1.11.459/src/main/java/com/amazonaws/services/dynamodbv2_1_11_459/AmazonDynamoDBClient_Instrumentation.java b/instrumentation-security/dynamodb-1.11.459/src/main/java/com/amazonaws/services/dynamodbv2_1_11_459/AmazonDynamoDBClient_Instrumentation.java index 03bcfb538..396d82b1c 100644 --- a/instrumentation-security/dynamodb-1.11.459/src/main/java/com/amazonaws/services/dynamodbv2_1_11_459/AmazonDynamoDBClient_Instrumentation.java +++ b/instrumentation-security/dynamodb-1.11.459/src/main/java/com/amazonaws/services/dynamodbv2_1_11_459/AmazonDynamoDBClient_Instrumentation.java @@ -18,7 +18,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_1_11_459.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_1_11_459.DynamoDBUtil; import java.net.URI; diff --git a/instrumentation-security/dynamodb-1.11.459/src/main/java/com/nr/agent/security/dynamodb_1_11_459/DynamoDBUtil.java b/instrumentation-security/dynamodb-1.11.459/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_459/DynamoDBUtil.java similarity index 99% rename from instrumentation-security/dynamodb-1.11.459/src/main/java/com/nr/agent/security/dynamodb_1_11_459/DynamoDBUtil.java rename to instrumentation-security/dynamodb-1.11.459/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_459/DynamoDBUtil.java index 8ca0078cd..bd1fdb1c6 100644 --- a/instrumentation-security/dynamodb-1.11.459/src/main/java/com/nr/agent/security/dynamodb_1_11_459/DynamoDBUtil.java +++ b/instrumentation-security/dynamodb-1.11.459/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_459/DynamoDBUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.dynamodb_1_11_459; +package com.newrelic.agent.security.instrumentation.dynamodb_1_11_459; import com.amazonaws.AmazonWebServiceRequest; import com.amazonaws.Request; diff --git a/instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/instrumentation/security/dynamodb390/DynamoServer.java b/instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_459/DynamoServer.java similarity index 99% rename from instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/instrumentation/security/dynamodb390/DynamoServer.java rename to instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_459/DynamoServer.java index bb3943530..454f1df2a 100644 --- a/instrumentation-security/dynamodb-1.11.390/src/test/java/com/nr/instrumentation/security/dynamodb390/DynamoServer.java +++ b/instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_459/DynamoServer.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.dynamodb390; +package com.nr.agent.security.instrumentation.dynamodb_1_11_459; import com.amazonaws.auth.AWSStaticCredentialsProvider; import com.amazonaws.auth.BasicAWSCredentials; diff --git a/instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/instrumentation/security/dynamodb459/DynamodbTest.java b/instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_459/DynamodbTest.java similarity index 98% rename from instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/instrumentation/security/dynamodb459/DynamodbTest.java rename to instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_459/DynamodbTest.java index cd1a4c47f..c574afb71 100644 --- a/instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/instrumentation/security/dynamodb459/DynamodbTest.java +++ b/instrumentation-security/dynamodb-1.11.459/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_459/DynamodbTest.java @@ -1,15 +1,7 @@ -package com.nr.instrumentation.security.dynamodb459; +package com.nr.agent.security.instrumentation.dynamodb_1_11_459; import com.amazonaws.services.dynamodbv2.model.AttributeValue; import com.amazonaws.services.dynamodbv2.model.AttributeValueUpdate; -import com.amazonaws.services.dynamodbv2.model.DeleteItemRequest; -import com.amazonaws.services.dynamodbv2.model.GetItemRequest; -import com.amazonaws.services.dynamodbv2.model.KeysAndAttributes; -import com.amazonaws.services.dynamodbv2.model.PutItemRequest; -import com.amazonaws.services.dynamodbv2.model.PutRequest; -import com.amazonaws.services.dynamodbv2.model.QueryRequest; -import com.amazonaws.services.dynamodbv2.model.ScanRequest; -import com.amazonaws.services.dynamodbv2.model.UpdateItemRequest; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; @@ -29,7 +21,7 @@ @RunWith(SecurityInstrumentationTestRunner.class) @FixMethodOrder(MethodSorters.NAME_ASCENDING) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.security.dynamodb_1_11_459", "com.amazonaws.services.dynamodbv2_1_11_459"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.dynamodb_1_11_459", "com.amazonaws.services.dynamodbv2_1_11_459"}) public class DynamodbTest { @ClassRule public static DynamoServer dynamo = new DynamoServer(); diff --git a/instrumentation-security/dynamodb-1.11.80/src/main/java/com/amazonaws/services/dynamodbv2_1_11_80/AmazonDynamoDBClient_Instrumentation.java b/instrumentation-security/dynamodb-1.11.80/src/main/java/com/amazonaws/services/dynamodbv2_1_11_80/AmazonDynamoDBClient_Instrumentation.java index 73d35d5e3..111c18e68 100644 --- a/instrumentation-security/dynamodb-1.11.80/src/main/java/com/amazonaws/services/dynamodbv2_1_11_80/AmazonDynamoDBClient_Instrumentation.java +++ b/instrumentation-security/dynamodb-1.11.80/src/main/java/com/amazonaws/services/dynamodbv2_1_11_80/AmazonDynamoDBClient_Instrumentation.java @@ -18,7 +18,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_1_11_80.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_1_11_80.DynamoDBUtil; /** * This provides external instrumentation for Amazon's DynamoDB Java API 1.9.0+. Metrics are all generated in diff --git a/instrumentation-security/dynamodb-1.11.80/src/main/java/com/nr/agent/security/dynamodb_1_11_80/DynamoDBUtil.java b/instrumentation-security/dynamodb-1.11.80/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_80/DynamoDBUtil.java similarity index 99% rename from instrumentation-security/dynamodb-1.11.80/src/main/java/com/nr/agent/security/dynamodb_1_11_80/DynamoDBUtil.java rename to instrumentation-security/dynamodb-1.11.80/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_80/DynamoDBUtil.java index 28f79e586..f14a1e885 100644 --- a/instrumentation-security/dynamodb-1.11.80/src/main/java/com/nr/agent/security/dynamodb_1_11_80/DynamoDBUtil.java +++ b/instrumentation-security/dynamodb-1.11.80/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_1_11_80/DynamoDBUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.dynamodb_1_11_80; +package com.newrelic.agent.security.instrumentation.dynamodb_1_11_80; import com.amazonaws.AmazonWebServiceRequest; import com.amazonaws.Request; diff --git a/instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/instrumentation/security/dynamodb80/DynamoServer.java b/instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_80/DynamoServer.java similarity index 99% rename from instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/instrumentation/security/dynamodb80/DynamoServer.java rename to instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_80/DynamoServer.java index eb66b99d5..4e53bf183 100644 --- a/instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/instrumentation/security/dynamodb80/DynamoServer.java +++ b/instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_80/DynamoServer.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.dynamodb80; +package com.nr.agent.security.instrumentation.dynamodb_1_11_80; import com.amazonaws.auth.AWSStaticCredentialsProvider; import com.amazonaws.auth.BasicAWSCredentials; diff --git a/instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/instrumentation/security/dynamodb80/DynamodbTest.java b/instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_80/DynamodbTest.java similarity index 98% rename from instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/instrumentation/security/dynamodb80/DynamodbTest.java rename to instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_80/DynamodbTest.java index 1165f6e03..39038a7b7 100644 --- a/instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/instrumentation/security/dynamodb80/DynamodbTest.java +++ b/instrumentation-security/dynamodb-1.11.80/src/test/java/com/nr/agent/security/instrumentation/dynamodb_1_11_80/DynamodbTest.java @@ -1,15 +1,7 @@ -package com.nr.instrumentation.security.dynamodb80; +package com.nr.agent.security.instrumentation.dynamodb_1_11_80; import com.amazonaws.services.dynamodbv2.model.AttributeValue; import com.amazonaws.services.dynamodbv2.model.AttributeValueUpdate; -import com.amazonaws.services.dynamodbv2.model.DeleteItemRequest; -import com.amazonaws.services.dynamodbv2.model.GetItemRequest; -import com.amazonaws.services.dynamodbv2.model.KeysAndAttributes; -import com.amazonaws.services.dynamodbv2.model.PutItemRequest; -import com.amazonaws.services.dynamodbv2.model.PutRequest; -import com.amazonaws.services.dynamodbv2.model.QueryRequest; -import com.amazonaws.services.dynamodbv2.model.ScanRequest; -import com.amazonaws.services.dynamodbv2.model.UpdateItemRequest; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; @@ -23,14 +15,13 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.MethodSorters; -import org.w3c.dom.Attr; import java.util.List; import java.util.Map; @RunWith(SecurityInstrumentationTestRunner.class) @FixMethodOrder(MethodSorters.NAME_ASCENDING) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.security.dynamodb_1_11_80", "com.amazonaws.services.dynamodbv2_1_11_80"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.dynamodb_1_11_80", "com.amazonaws.services.dynamodbv2_1_11_80"}) public class DynamodbTest { @ClassRule public static DynamoServer dynamo = new DynamoServer(); diff --git a/instrumentation-security/dynamodb-2.1.0/src/main/java/com/nr/agent/security/dynamodb_210/DynamoDBUtil.java b/instrumentation-security/dynamodb-2.1.0/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_210/DynamoDBUtil.java similarity index 99% rename from instrumentation-security/dynamodb-2.1.0/src/main/java/com/nr/agent/security/dynamodb_210/DynamoDBUtil.java rename to instrumentation-security/dynamodb-2.1.0/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_210/DynamoDBUtil.java index 06778fa33..934d294a5 100644 --- a/instrumentation-security/dynamodb-2.1.0/src/main/java/com/nr/agent/security/dynamodb_210/DynamoDBUtil.java +++ b/instrumentation-security/dynamodb-2.1.0/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_210/DynamoDBUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.dynamodb_210; +package com.newrelic.agent.security.instrumentation.dynamodb_210; import com.newrelic.api.agent.DatastoreParameters; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/dynamodb-2.1.0/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java b/instrumentation-security/dynamodb-2.1.0/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java index 5a5a85444..7d85f8b4d 100644 --- a/instrumentation-security/dynamodb-2.1.0/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java +++ b/instrumentation-security/dynamodb-2.1.0/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_210.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_210.DynamoDBUtil; import software.amazon.awssdk.core.SdkRequest; import software.amazon.awssdk.core.SdkResponse; import software.amazon.awssdk.core.async.AsyncResponseTransformer; diff --git a/instrumentation-security/dynamodb-2.1.0/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java b/instrumentation-security/dynamodb-2.1.0/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java index 9c6c4c5cf..a93a1e247 100644 --- a/instrumentation-security/dynamodb-2.1.0/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java +++ b/instrumentation-security/dynamodb-2.1.0/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_210.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_210.DynamoDBUtil; import software.amazon.awssdk.core.SdkRequest; import software.amazon.awssdk.core.SdkResponse; import software.amazon.awssdk.core.sync.ResponseTransformer; diff --git a/instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/instrumentation/security/dynamodb210/DynamoUtil.java b/instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/agent/security/instrumentation/dynamodb_210/DynamoUtil.java similarity index 97% rename from instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/instrumentation/security/dynamodb210/DynamoUtil.java rename to instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/agent/security/instrumentation/dynamodb_210/DynamoUtil.java index cc26993a2..a0a71dcb0 100644 --- a/instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/instrumentation/security/dynamodb210/DynamoUtil.java +++ b/instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/agent/security/instrumentation/dynamodb_210/DynamoUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.dynamodb210; +package com.nr.agent.security.instrumentation.dynamodb_210; import software.amazon.awssdk.services.dynamodb.model.AttributeDefinition; import software.amazon.awssdk.services.dynamodb.model.AttributeValue; diff --git a/instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/instrumentation/security/dynamodb210/DynamodbTest.java b/instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/agent/security/instrumentation/dynamodb_210/DynamodbTest.java similarity index 98% rename from instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/instrumentation/security/dynamodb210/DynamodbTest.java rename to instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/agent/security/instrumentation/dynamodb_210/DynamodbTest.java index e2d4b7f60..ae3cf914a 100644 --- a/instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/instrumentation/security/dynamodb210/DynamodbTest.java +++ b/instrumentation-security/dynamodb-2.1.0/src/test/java/com/nr/agent/security/instrumentation/dynamodb_210/DynamodbTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.dynamodb210; +package com.nr.agent.security.instrumentation.dynamodb_210; import com.amazonaws.services.dynamodbv2.local.main.ServerRunner; import com.amazonaws.services.dynamodbv2.local.server.DynamoDBProxyServer; @@ -22,13 +22,10 @@ import software.amazon.awssdk.services.dynamodb.DynamoDbClient; import software.amazon.awssdk.services.dynamodb.model.AttributeValue; import software.amazon.awssdk.services.dynamodb.model.AttributeValueUpdate; -import software.amazon.awssdk.services.dynamodb.model.BatchExecuteStatementRequest; import software.amazon.awssdk.services.dynamodb.model.BatchGetItemRequest; -import software.amazon.awssdk.services.dynamodb.model.BatchStatementRequest; import software.amazon.awssdk.services.dynamodb.model.BatchWriteItemRequest; import software.amazon.awssdk.services.dynamodb.model.DeleteItemRequest; import software.amazon.awssdk.services.dynamodb.model.DescribeTableRequest; -import software.amazon.awssdk.services.dynamodb.model.ExecuteStatementRequest; import software.amazon.awssdk.services.dynamodb.model.GetItemRequest; import software.amazon.awssdk.services.dynamodb.model.PutItemRequest; import software.amazon.awssdk.services.dynamodb.model.PutRequest; @@ -46,7 +43,7 @@ @FixMethodOrder(MethodSorters.NAME_ASCENDING) @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.security.dynamodb_210", "software.amazon.awssdk.core"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.dynamodb_210", "software.amazon.awssdk.core"}) public class DynamodbTest { private static final int PORT = DynamoUtil.getRandomPort(); private static DynamoDBProxyServer server; diff --git a/instrumentation-security/dynamodb-2.1.2/src/main/java/com/nr/agent/security/dynamodb_212/DynamoDBUtil.java b/instrumentation-security/dynamodb-2.1.2/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_212/DynamoDBUtil.java similarity index 99% rename from instrumentation-security/dynamodb-2.1.2/src/main/java/com/nr/agent/security/dynamodb_212/DynamoDBUtil.java rename to instrumentation-security/dynamodb-2.1.2/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_212/DynamoDBUtil.java index 1382dd1b1..35600235d 100644 --- a/instrumentation-security/dynamodb-2.1.2/src/main/java/com/nr/agent/security/dynamodb_212/DynamoDBUtil.java +++ b/instrumentation-security/dynamodb-2.1.2/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_212/DynamoDBUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.dynamodb_212; +package com.newrelic.agent.security.instrumentation.dynamodb_212; import com.newrelic.api.agent.DatastoreParameters; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/dynamodb-2.1.2/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java b/instrumentation-security/dynamodb-2.1.2/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java index c14562ce4..3110471c3 100644 --- a/instrumentation-security/dynamodb-2.1.2/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java +++ b/instrumentation-security/dynamodb-2.1.2/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_212.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_212.DynamoDBUtil; import software.amazon.awssdk.core.SdkRequest; import software.amazon.awssdk.core.SdkResponse; import software.amazon.awssdk.core.async.AsyncResponseTransformer; diff --git a/instrumentation-security/dynamodb-2.1.2/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java b/instrumentation-security/dynamodb-2.1.2/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java index 9d9cdcc4d..074d4e364 100644 --- a/instrumentation-security/dynamodb-2.1.2/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java +++ b/instrumentation-security/dynamodb-2.1.2/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_212.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_212.DynamoDBUtil; import software.amazon.awssdk.core.SdkRequest; import software.amazon.awssdk.core.SdkResponse; import software.amazon.awssdk.core.sync.ResponseTransformer; diff --git a/instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/instrumentation/security/dynamodb212/DynamoUtil.java b/instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/agent/security/instrumentation/dynamodb_212/DynamoUtil.java similarity index 97% rename from instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/instrumentation/security/dynamodb212/DynamoUtil.java rename to instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/agent/security/instrumentation/dynamodb_212/DynamoUtil.java index 82a7c25cc..1b8e2dde8 100644 --- a/instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/instrumentation/security/dynamodb212/DynamoUtil.java +++ b/instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/agent/security/instrumentation/dynamodb_212/DynamoUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.dynamodb212; +package com.nr.agent.security.instrumentation.dynamodb_212; import software.amazon.awssdk.services.dynamodb.model.AttributeDefinition; import software.amazon.awssdk.services.dynamodb.model.AttributeValue; diff --git a/instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/instrumentation/security/dynamodb212/DynamodbTest.java b/instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/agent/security/instrumentation/dynamodb_212/DynamodbTest.java similarity index 99% rename from instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/instrumentation/security/dynamodb212/DynamodbTest.java rename to instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/agent/security/instrumentation/dynamodb_212/DynamodbTest.java index e406e0736..ee7eb25f5 100644 --- a/instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/instrumentation/security/dynamodb212/DynamodbTest.java +++ b/instrumentation-security/dynamodb-2.1.2/src/test/java/com/nr/agent/security/instrumentation/dynamodb_212/DynamodbTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.dynamodb212; +package com.nr.agent.security.instrumentation.dynamodb_212; import com.amazonaws.services.dynamodbv2.local.main.ServerRunner; import com.amazonaws.services.dynamodbv2.local.server.DynamoDBProxyServer; @@ -50,7 +50,7 @@ @FixMethodOrder(MethodSorters.NAME_ASCENDING) @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.security.dynamodb_212", "software.amazon.awssdk.core"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.dynamodb_212", "software.amazon.awssdk.core"}) public class DynamodbTest { private static final int PORT = DynamoUtil.getRandomPort(); private static DynamoDBProxyServer server; diff --git a/instrumentation-security/dynamodb-2.15.34/src/main/java/com/nr/agent/security/dynamodb_215/DynamoDBUtil.java b/instrumentation-security/dynamodb-2.15.34/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_215/DynamoDBUtil.java similarity index 99% rename from instrumentation-security/dynamodb-2.15.34/src/main/java/com/nr/agent/security/dynamodb_215/DynamoDBUtil.java rename to instrumentation-security/dynamodb-2.15.34/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_215/DynamoDBUtil.java index 36d139821..f676de8d6 100644 --- a/instrumentation-security/dynamodb-2.15.34/src/main/java/com/nr/agent/security/dynamodb_215/DynamoDBUtil.java +++ b/instrumentation-security/dynamodb-2.15.34/src/main/java/com/newrelic/agent/security/instrumentation/dynamodb_215/DynamoDBUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.dynamodb_215; +package com.newrelic.agent.security.instrumentation.dynamodb_215; import com.newrelic.api.agent.DatastoreParameters; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/dynamodb-2.15.34/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java b/instrumentation-security/dynamodb-2.15.34/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java index 99d2623be..6d6843f89 100644 --- a/instrumentation-security/dynamodb-2.15.34/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java +++ b/instrumentation-security/dynamodb-2.15.34/src/main/java/software/amazon/awssdk/core/client/handler/AsyncClientHandler_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_215.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_215.DynamoDBUtil; import software.amazon.awssdk.core.SdkRequest; import software.amazon.awssdk.core.SdkResponse; import software.amazon.awssdk.core.async.AsyncResponseTransformer; diff --git a/instrumentation-security/dynamodb-2.15.34/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java b/instrumentation-security/dynamodb-2.15.34/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java index c6d441837..24f812967 100644 --- a/instrumentation-security/dynamodb-2.15.34/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java +++ b/instrumentation-security/dynamodb-2.15.34/src/main/java/software/amazon/awssdk/core/client/handler/SyncClientHandler_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.dynamodb_215.DynamoDBUtil; +import com.newrelic.agent.security.instrumentation.dynamodb_215.DynamoDBUtil; import software.amazon.awssdk.core.SdkRequest; import software.amazon.awssdk.core.SdkResponse; import software.amazon.awssdk.core.sync.ResponseTransformer; diff --git a/instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/instrumentation/security/dynamodb215/DynamoUtil.java b/instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/agent/security/instrumentation/dynamodb_215/DynamoUtil.java similarity index 97% rename from instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/instrumentation/security/dynamodb215/DynamoUtil.java rename to instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/agent/security/instrumentation/dynamodb_215/DynamoUtil.java index a4ea56e84..f082663c1 100644 --- a/instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/instrumentation/security/dynamodb215/DynamoUtil.java +++ b/instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/agent/security/instrumentation/dynamodb_215/DynamoUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.dynamodb215; +package com.nr.agent.security.instrumentation.dynamodb_215; import software.amazon.awssdk.services.dynamodb.model.AttributeDefinition; import software.amazon.awssdk.services.dynamodb.model.AttributeValue; diff --git a/instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/instrumentation/security/dynamodb215/DynamodbTest.java b/instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/agent/security/instrumentation/dynamodb_215/DynamodbTest.java similarity index 99% rename from instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/instrumentation/security/dynamodb215/DynamodbTest.java rename to instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/agent/security/instrumentation/dynamodb_215/DynamodbTest.java index e92c64b9b..3c58a81b1 100644 --- a/instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/instrumentation/security/dynamodb215/DynamodbTest.java +++ b/instrumentation-security/dynamodb-2.15.34/src/test/java/com/nr/agent/security/instrumentation/dynamodb_215/DynamodbTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.dynamodb215; +package com.nr.agent.security.instrumentation.dynamodb_215; import com.amazonaws.services.dynamodbv2.local.main.ServerRunner; import com.amazonaws.services.dynamodbv2.local.server.DynamoDBProxyServer; @@ -55,7 +55,7 @@ @FixMethodOrder(MethodSorters.NAME_ASCENDING) @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.security.dynamodb_215", "software.amazon.awssdk.core"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.dynamodb_215", "software.amazon.awssdk.core"}) public class DynamodbTest { private static final int PORT = DynamoUtil.getRandomPort(); private static DynamoDBProxyServer server; diff --git a/instrumentation-security/file-operation/src/main/java/java/io/File_Instrumentation.java b/instrumentation-security/file-operation/src/main/java/java/io/File_Instrumentation.java index 0e221a93d..8cc7e068b 100644 --- a/instrumentation-security/file-operation/src/main/java/java/io/File_Instrumentation.java +++ b/instrumentation-security/file-operation/src/main/java/java/io/File_Instrumentation.java @@ -1,9 +1,7 @@ package java.io; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.FileHelper; -import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; import com.newrelic.api.agent.security.schema.operation.FileOperation; @@ -14,9 +12,6 @@ import java.util.ArrayList; import java.util.List; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.BaseClass, originalName = "java.io.File") public abstract class File_Instrumentation { diff --git a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileInputStreamTest.java b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileInputStreamTest.java similarity index 98% rename from instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileInputStreamTest.java rename to instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileInputStreamTest.java index ebe41eb69..b163655fb 100644 --- a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileInputStreamTest.java +++ b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileInputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.javaio; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileOutputStreamTest.java b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileOutputStreamTest.java similarity index 97% rename from instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileOutputStreamTest.java rename to instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileOutputStreamTest.java index 2a47639fd..e7f9f8fec 100644 --- a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileOutputStreamTest.java +++ b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileOutputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.javaio; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileSystemTest.java b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileSystemTest.java similarity index 98% rename from instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileSystemTest.java rename to instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileSystemTest.java index 0b6058788..df689a492 100644 --- a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileSystemTest.java +++ b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileSystemTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.javaio; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileTest.java b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileTest.java similarity index 99% rename from instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileTest.java rename to instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileTest.java index d87d3e973..096799577 100644 --- a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/FileTest.java +++ b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/FileTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.javaio; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/TestSetupBringUp.java b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/TestSetupBringUp.java similarity index 95% rename from instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/TestSetupBringUp.java rename to instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/TestSetupBringUp.java index abcd911f9..98e43e533 100644 --- a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javaio/TestSetupBringUp.java +++ b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javaio/TestSetupBringUp.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.javaio; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javanio/FileSystemProviderTest.java b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javanio/FileSystemProviderTest.java similarity index 98% rename from instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javanio/FileSystemProviderTest.java rename to instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javanio/FileSystemProviderTest.java index ca73ee4a9..280230316 100644 --- a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javanio/FileSystemProviderTest.java +++ b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javanio/FileSystemProviderTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javanio; +package com.nr.agent.security.instrumentation.javanio; import com.fasterxml.jackson.databind.ObjectMapper; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; @@ -158,7 +158,7 @@ public void testNewFileChannel() throws IOException, URISyntaxException, Interru SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); List operations = introspector.getOperations(); Assert.assertTrue("No operations detected", operations.size() > 0); - System.out.println(operations.size()+" "+new ObjectMapper().writeValueAsString(operations)); + FileOperation operation = null; for (AbstractOperation op : operations) { if (FILE.equals(((FileOperation) op).getFileName().get(0))) { @@ -180,7 +180,7 @@ public void testNewAsynchronousFileChannel() throws IOException, URISyntaxExcept SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); List operations = introspector.getOperations(); Assert.assertTrue("No operations detected", operations.size() > 0); - System.out.println(operations.size()+" "+new ObjectMapper().writeValueAsString(operations)); + FileOperation operation = null; for (AbstractOperation op : operations) { if (FILE.equals(((FileOperation) op).getFileName().get(0))) { @@ -202,7 +202,7 @@ public void testNewByteFileChannel() throws IOException, URISyntaxException, Int SecurityIntrospector introspector = SecurityInstrumentationTestRunner.getIntrospector(); List operations = introspector.getOperations(); Assert.assertTrue("No operations detected", operations.size() > 0); - System.out.println(operations.size()+" "+new ObjectMapper().writeValueAsString(operations)); + FileOperation operation = null; for (AbstractOperation op : operations) { if (FILE.equals(((FileOperation) op).getFileName().get(0))) { diff --git a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javanio/TestSetupBringUp.java b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javanio/TestSetupBringUp.java similarity index 96% rename from instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javanio/TestSetupBringUp.java rename to instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javanio/TestSetupBringUp.java index 92497853b..225bb6d18 100644 --- a/instrumentation-security/file-operation/src/test/java/com/nr/instrumentation/security/javanio/TestSetupBringUp.java +++ b/instrumentation-security/file-operation/src/test/java/com/nr/agent/security/instrumentation/javanio/TestSetupBringUp.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javanio; +package com.nr.agent.security.instrumentation.javanio; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/nr/agent/security/mongo/jsinjection/graalvm/JSEngineUtils.java b/instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/newrelic/agent/security/instrumentation/graalvm19/JSEngineUtils.java similarity index 79% rename from instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/nr/agent/security/mongo/jsinjection/graalvm/JSEngineUtils.java rename to instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/newrelic/agent/security/instrumentation/graalvm19/JSEngineUtils.java index 2f49208b3..f41ae2893 100644 --- a/instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/nr/agent/security/mongo/jsinjection/graalvm/JSEngineUtils.java +++ b/instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/newrelic/agent/security/instrumentation/graalvm19/JSEngineUtils.java @@ -1,4 +1,4 @@ -package com.nr.agent.security.mongo.jsinjection.graalvm; +package com.newrelic.agent.security.instrumentation.graalvm19; public class JSEngineUtils { diff --git a/instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/oracle/truffle/polyglot/PolyglotContextImpl_Instrumentation.java b/instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/oracle/truffle/polyglot/PolyglotContextImpl_Instrumentation.java index af205db3c..c2e08ad3b 100644 --- a/instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/oracle/truffle/polyglot/PolyglotContextImpl_Instrumentation.java +++ b/instrumentation-security/graalvm-jsinjection-19.0.0/src/main/java/com/oracle/truffle/polyglot/PolyglotContextImpl_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.jsinjection.graalvm.JSEngineUtils; +import com.newrelic.agent.security.instrumentation.graalvm19.JSEngineUtils; import com.oracle.truffle.api.source.Source; import org.graalvm.polyglot.Value; diff --git a/instrumentation-security/graalvm-jsinjection-19.0.0/src/test/java/com/nr/agent/instrumentation/graalvm19/GraalVMTest.java b/instrumentation-security/graalvm-jsinjection-19.0.0/src/test/java/com/nr/agent/security/instrumentation/graalvm19/GraalVMTest.java similarity index 98% rename from instrumentation-security/graalvm-jsinjection-19.0.0/src/test/java/com/nr/agent/instrumentation/graalvm19/GraalVMTest.java rename to instrumentation-security/graalvm-jsinjection-19.0.0/src/test/java/com/nr/agent/security/instrumentation/graalvm19/GraalVMTest.java index 3c5e900a8..c15be5b9d 100644 --- a/instrumentation-security/graalvm-jsinjection-19.0.0/src/test/java/com/nr/agent/instrumentation/graalvm19/GraalVMTest.java +++ b/instrumentation-security/graalvm-jsinjection-19.0.0/src/test/java/com/nr/agent/security/instrumentation/graalvm19/GraalVMTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.graalvm19; +package com.nr.agent.security.instrumentation.graalvm19; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/nr/agent/security/mongo/jsinjection/graalvm/JSEngineUtils.java b/instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/newrelic/agent/security/instrumentation/graalvm22/JSEngineUtils.java similarity index 79% rename from instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/nr/agent/security/mongo/jsinjection/graalvm/JSEngineUtils.java rename to instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/newrelic/agent/security/instrumentation/graalvm22/JSEngineUtils.java index ec59162ac..07142efe0 100644 --- a/instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/nr/agent/security/mongo/jsinjection/graalvm/JSEngineUtils.java +++ b/instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/newrelic/agent/security/instrumentation/graalvm22/JSEngineUtils.java @@ -1,4 +1,4 @@ -package com.nr.agent.security.mongo.jsinjection.graalvm; +package com.newrelic.agent.security.instrumentation.graalvm22; public class JSEngineUtils { diff --git a/instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/oracle/truffle/polyglot/PolyglotContextImpl_Instrumentation.java b/instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/oracle/truffle/polyglot/PolyglotContextImpl_Instrumentation.java index d3fa9e571..410a14296 100644 --- a/instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/oracle/truffle/polyglot/PolyglotContextImpl_Instrumentation.java +++ b/instrumentation-security/graalvm-jsinjection-22.0.0/src/main/java/com/oracle/truffle/polyglot/PolyglotContextImpl_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.jsinjection.graalvm.JSEngineUtils; +import com.newrelic.agent.security.instrumentation.graalvm22.JSEngineUtils; import org.graalvm.polyglot.Source; import org.graalvm.polyglot.Value; diff --git a/instrumentation-security/graalvm-jsinjection-22.0.0/src/test/java/com/nr/agent/instrumentation/graalvm22/GraalVMTest.java b/instrumentation-security/graalvm-jsinjection-22.0.0/src/test/java/com/nr/agent/security/instrumentation/graalvm22/GraalVMTest.java similarity index 98% rename from instrumentation-security/graalvm-jsinjection-22.0.0/src/test/java/com/nr/agent/instrumentation/graalvm22/GraalVMTest.java rename to instrumentation-security/graalvm-jsinjection-22.0.0/src/test/java/com/nr/agent/security/instrumentation/graalvm22/GraalVMTest.java index a74ca7070..fa1504f14 100644 --- a/instrumentation-security/graalvm-jsinjection-22.0.0/src/test/java/com/nr/agent/instrumentation/graalvm22/GraalVMTest.java +++ b/instrumentation-security/graalvm-jsinjection-22.0.0/src/test/java/com/nr/agent/security/instrumentation/graalvm22/GraalVMTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.graalvm22; +package com.nr.agent.security.instrumentation.graalvm22; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpAsyncClient4_Instrumentation.java b/instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/HttpAsyncClient4_Instrumentation.java similarity index 99% rename from instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpAsyncClient4_Instrumentation.java rename to instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/HttpAsyncClient4_Instrumentation.java index d8a84d242..72e94f1e8 100644 --- a/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpAsyncClient4_Instrumentation.java +++ b/instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/HttpAsyncClient4_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation.security.httpasyncclient4; +package com.newrelic.agent.security.instrumentation.httpasyncclient4; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpPipeliningClient_Instrumentation.java b/instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/HttpPipeliningClient_Instrumentation.java similarity index 94% rename from instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpPipeliningClient_Instrumentation.java rename to instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/HttpPipeliningClient_Instrumentation.java index c2804244c..f5d1adb17 100644 --- a/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/HttpPipeliningClient_Instrumentation.java +++ b/instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/HttpPipeliningClient_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation.security.httpasyncclient4; +package com.newrelic.agent.security.instrumentation.httpasyncclient4; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; diff --git a/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/SecurityHelper.java b/instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/SecurityHelper.java similarity index 73% rename from instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/SecurityHelper.java rename to instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/SecurityHelper.java index 0593c731d..4b387a30e 100644 --- a/instrumentation-security/http-async-client-4/src/main/java/com/nr/agent/instrumentation/security/httpasyncclient4/SecurityHelper.java +++ b/instrumentation-security/http-async-client-4/src/main/java/com/newrelic/agent/security/instrumentation/httpasyncclient4/SecurityHelper.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.security.httpasyncclient4; +package com.newrelic.agent.security.instrumentation.httpasyncclient4; public class SecurityHelper { public static final String METHOD_NAME_EXECUTE = "execute"; diff --git a/instrumentation-security/http-async-client-4/src/test/java/com/nr/instrumentation/security/httpAsyncClient/HttpAsyncClient4Test.java b/instrumentation-security/http-async-client-4/src/test/java/com/nr/agent/security/instrumentation/httpasyncclient4/HttpAsyncClient4Test.java similarity index 98% rename from instrumentation-security/http-async-client-4/src/test/java/com/nr/instrumentation/security/httpAsyncClient/HttpAsyncClient4Test.java rename to instrumentation-security/http-async-client-4/src/test/java/com/nr/agent/security/instrumentation/httpasyncclient4/HttpAsyncClient4Test.java index 9acf5ecb4..e51d301da 100644 --- a/instrumentation-security/http-async-client-4/src/test/java/com/nr/instrumentation/security/httpAsyncClient/HttpAsyncClient4Test.java +++ b/instrumentation-security/http-async-client-4/src/test/java/com/nr/agent/security/instrumentation/httpasyncclient4/HttpAsyncClient4Test.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.httpAsyncClient; +package com.nr.agent.security.instrumentation.httpasyncclient4; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -28,7 +28,7 @@ import java.util.concurrent.Future; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "com.nr.agent.instrumentation.security.httpasyncclient4") +@InstrumentationTestConfig(includePrefixes = "com.newrelic.agent.security.instrumentation.httpasyncclient4") public class HttpAsyncClient4Test { @ClassRule public static HttpServerRule server = new HttpServerRule(); diff --git a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java b/instrumentation-security/httpclient-3/src/main/java/com/newrelic/agent/security/instrumentation/httpclient3/HttpMethodBase_Instrumentation.java similarity index 98% rename from instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java rename to instrumentation-security/httpclient-3/src/main/java/com/newrelic/agent/security/instrumentation/httpclient3/HttpMethodBase_Instrumentation.java index 051286999..0bcb77c87 100644 --- a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/HttpMethodBase_Instrumentation.java +++ b/instrumentation-security/httpclient-3/src/main/java/com/newrelic/agent/security/instrumentation/httpclient3/HttpMethodBase_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation.security.httpclient3; +package com.newrelic.agent.security.instrumentation.httpclient3; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/SecurityHelper.java b/instrumentation-security/httpclient-3/src/main/java/com/newrelic/agent/security/instrumentation/httpclient3/SecurityHelper.java similarity index 94% rename from instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/SecurityHelper.java rename to instrumentation-security/httpclient-3/src/main/java/com/newrelic/agent/security/instrumentation/httpclient3/SecurityHelper.java index 942a99abd..e68dc9141 100644 --- a/instrumentation-security/httpclient-3/src/main/java/com/nr/agent/instrumentation/security/httpclient3/SecurityHelper.java +++ b/instrumentation-security/httpclient-3/src/main/java/com/newrelic/agent/security/instrumentation/httpclient3/SecurityHelper.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.security.httpclient3; +package com.newrelic.agent.security.instrumentation.httpclient3; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/httpclient-3/src/test/java/com/nr/instrumentation/security/httpclient3/HttpClientTest.java b/instrumentation-security/httpclient-3/src/test/java/com/nr/agent/security/instrumentation/httpclient3/HttpClientTest.java similarity index 97% rename from instrumentation-security/httpclient-3/src/test/java/com/nr/instrumentation/security/httpclient3/HttpClientTest.java rename to instrumentation-security/httpclient-3/src/test/java/com/nr/agent/security/instrumentation/httpclient3/HttpClientTest.java index feb2d5d16..b52d203dd 100644 --- a/instrumentation-security/httpclient-3/src/test/java/com/nr/instrumentation/security/httpclient3/HttpClientTest.java +++ b/instrumentation-security/httpclient-3/src/test/java/com/nr/agent/security/instrumentation/httpclient3/HttpClientTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.httpclient3; +package com.nr.agent.security.instrumentation.httpclient3; import com.newrelic.agent.security.introspec.HttpTestServer; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; @@ -25,7 +25,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "com.nr.agent.instrumentation.security.httpclient3") +@InstrumentationTestConfig(includePrefixes = "com.newrelic.agent.security.instrumentation.httpclient3") public class HttpClientTest { @Rule public HttpServerRule server = new HttpServerRule(); diff --git a/instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/HttpClient_Instrumentation.java b/instrumentation-security/httpclient-4.0/src/main/java/com/newrelic/agent/security/instrumentation/httpclient40/HttpClient_Instrumentation.java similarity index 99% rename from instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/HttpClient_Instrumentation.java rename to instrumentation-security/httpclient-4.0/src/main/java/com/newrelic/agent/security/instrumentation/httpclient40/HttpClient_Instrumentation.java index e76201de5..ab0728901 100644 --- a/instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/HttpClient_Instrumentation.java +++ b/instrumentation-security/httpclient-4.0/src/main/java/com/newrelic/agent/security/instrumentation/httpclient40/HttpClient_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation.security.httpclient40; +package com.newrelic.agent.security.instrumentation.httpclient40; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/SecurityHelper.java b/instrumentation-security/httpclient-4.0/src/main/java/com/newrelic/agent/security/instrumentation/httpclient40/SecurityHelper.java similarity index 91% rename from instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/SecurityHelper.java rename to instrumentation-security/httpclient-4.0/src/main/java/com/newrelic/agent/security/instrumentation/httpclient40/SecurityHelper.java index 60ad46bcd..16ca3906d 100644 --- a/instrumentation-security/httpclient-4.0/src/main/java/com/nr/agent/instrumentation/security/httpclient40/SecurityHelper.java +++ b/instrumentation-security/httpclient-4.0/src/main/java/com/newrelic/agent/security/instrumentation/httpclient40/SecurityHelper.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.security.httpclient40; +package com.newrelic.agent.security.instrumentation.httpclient40; public class SecurityHelper { diff --git a/instrumentation-security/httpclient-4.0/src/test/java/com/nr/instrumentation/security/httpclient4/HttpClientTest.java b/instrumentation-security/httpclient-4.0/src/test/java/com/nr/agent/security/instrumentation/httpclient40/HttpClientTest.java similarity index 99% rename from instrumentation-security/httpclient-4.0/src/test/java/com/nr/instrumentation/security/httpclient4/HttpClientTest.java rename to instrumentation-security/httpclient-4.0/src/test/java/com/nr/agent/security/instrumentation/httpclient40/HttpClientTest.java index 813bd169f..116d224ce 100644 --- a/instrumentation-security/httpclient-4.0/src/test/java/com/nr/instrumentation/security/httpclient4/HttpClientTest.java +++ b/instrumentation-security/httpclient-4.0/src/test/java/com/nr/agent/security/instrumentation/httpclient40/HttpClientTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.httpclient4; +package com.nr.agent.security.instrumentation.httpclient40; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -29,7 +29,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "com.nr.agent.instrumentation.security.httpclient40") +@InstrumentationTestConfig(includePrefixes = "com.newrelic.agent.security.instrumentation.httpclient40") public class HttpClientTest { @ClassRule public static HttpServerRule server = new HttpServerRule(); diff --git a/instrumentation-security/httpclient-jdk11/src/main/java/nr/security/java/net/http/helper/SecurityHelper.java b/instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/helper/SecurityHelper.java similarity index 75% rename from instrumentation-security/httpclient-jdk11/src/main/java/nr/security/java/net/http/helper/SecurityHelper.java rename to instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/helper/SecurityHelper.java index bab592143..4e0ebc711 100644 --- a/instrumentation-security/httpclient-jdk11/src/main/java/nr/security/java/net/http/helper/SecurityHelper.java +++ b/instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/helper/SecurityHelper.java @@ -1,4 +1,4 @@ -package nr.security.java.net.http.helper; +package com.newrelic.agent.security.instrumentation.helper; public class SecurityHelper { public static final String METHOD_NAME_SEND = "sendAsync"; diff --git a/instrumentation-security/httpclient-jdk11/src/main/java/nr/jdk/internal/net/http/HttpClientImpl_Instrumentation.java b/instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/http/HttpClientImpl_Instrumentation.java similarity index 97% rename from instrumentation-security/httpclient-jdk11/src/main/java/nr/jdk/internal/net/http/HttpClientImpl_Instrumentation.java rename to instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/http/HttpClientImpl_Instrumentation.java index bcf3932d0..60504c931 100644 --- a/instrumentation-security/httpclient-jdk11/src/main/java/nr/jdk/internal/net/http/HttpClientImpl_Instrumentation.java +++ b/instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/http/HttpClientImpl_Instrumentation.java @@ -1,5 +1,6 @@ -package nr.jdk.internal.net.http; +package com.newrelic.agent.security.instrumentation.http; +import com.newrelic.agent.security.instrumentation.helper.SecurityHelper; import com.newrelic.api.agent.Trace; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; @@ -13,7 +14,6 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import nr.security.java.net.http.helper.SecurityHelper; import java.net.http.HttpRequest; import java.net.http.HttpResponse; diff --git a/instrumentation-security/httpclient-jdk11/src/main/java/nr/java/net/http/HttpRequest_Instrumentation.java b/instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/http/HttpRequest_Instrumentation.java similarity index 85% rename from instrumentation-security/httpclient-jdk11/src/main/java/nr/java/net/http/HttpRequest_Instrumentation.java rename to instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/http/HttpRequest_Instrumentation.java index 3ce582882..0f683c9b8 100644 --- a/instrumentation-security/httpclient-jdk11/src/main/java/nr/java/net/http/HttpRequest_Instrumentation.java +++ b/instrumentation-security/httpclient-jdk11/src/main/java/com/newrelic/agent/security/instrumentation/http/HttpRequest_Instrumentation.java @@ -1,10 +1,10 @@ -package nr.java.net.http; +package com.newrelic.agent.security.instrumentation.http; +import com.newrelic.agent.security.instrumentation.helper.SecurityHelper; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import nr.security.java.net.http.helper.SecurityHelper; import java.net.http.HttpRequest; diff --git a/instrumentation-security/httpclient-jdk11/src/test/java/com/nr/instrumentation/security/httpclientJDK11/HttpClientTest.java b/instrumentation-security/httpclient-jdk11/src/test/java/com/nr/agent/security/instrumentation/httpclientJDK11/HttpClientTest.java similarity index 97% rename from instrumentation-security/httpclient-jdk11/src/test/java/com/nr/instrumentation/security/httpclientJDK11/HttpClientTest.java rename to instrumentation-security/httpclient-jdk11/src/test/java/com/nr/agent/security/instrumentation/httpclientJDK11/HttpClientTest.java index 181622434..a9eee6ba5 100644 --- a/instrumentation-security/httpclient-jdk11/src/test/java/com/nr/instrumentation/security/httpclientJDK11/HttpClientTest.java +++ b/instrumentation-security/httpclient-jdk11/src/test/java/com/nr/agent/security/instrumentation/httpclientJDK11/HttpClientTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.httpclientJDK11; +package com.nr.agent.security.instrumentation.httpclientJDK11; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -28,7 +28,7 @@ @Category({ Java8IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "nr.java.net.http", "nr.jdk.internal.net.http", "nr.security.java.net.http.helper" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.http", "com.newrelic.agent.security.instrumentation.helper" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class HttpClientTest { diff --git a/instrumentation-security/java-io-inputstream-jdk8/src/main/java/com/nr/instrumentation/security/javaio/InputStreamHelper.java b/instrumentation-security/java-io-inputstream-jdk8/src/main/java/com/newrelic/agent/security/instrumentation/javaio/InputStreamHelper.java similarity index 93% rename from instrumentation-security/java-io-inputstream-jdk8/src/main/java/com/nr/instrumentation/security/javaio/InputStreamHelper.java rename to instrumentation-security/java-io-inputstream-jdk8/src/main/java/com/newrelic/agent/security/instrumentation/javaio/InputStreamHelper.java index 18ee99c33..396466e06 100644 --- a/instrumentation-security/java-io-inputstream-jdk8/src/main/java/com/nr/instrumentation/security/javaio/InputStreamHelper.java +++ b/instrumentation-security/java-io-inputstream-jdk8/src/main/java/com/newrelic/agent/security/instrumentation/javaio/InputStreamHelper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.newrelic.agent.security.instrumentation.javaio; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/java-io-inputstream-jdk8/src/main/java/java/io/InputStream_Instrumentation.java b/instrumentation-security/java-io-inputstream-jdk8/src/main/java/java/io/InputStream_Instrumentation.java index 7c943fb56..fd61a2aa1 100644 --- a/instrumentation-security/java-io-inputstream-jdk8/src/main/java/java/io/InputStream_Instrumentation.java +++ b/instrumentation-security/java-io-inputstream-jdk8/src/main/java/java/io/InputStream_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.*; -import com.nr.instrumentation.security.javaio.InputStreamHelper; +import com.newrelic.agent.security.instrumentation.javaio.InputStreamHelper; @Weave(type = MatchType.BaseClass, originalName = "java.io.InputStream") public abstract class InputStream_Instrumentation { diff --git a/instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/instrumentation/security/inputstream/InputStreamJdk8Test.java b/instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/agent/security/instrumentation/javaio/InputStreamJdk8Test.java similarity index 98% rename from instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/instrumentation/security/inputstream/InputStreamJdk8Test.java rename to instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/agent/security/instrumentation/javaio/InputStreamJdk8Test.java index cc45448aa..3dacd2124 100644 --- a/instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/instrumentation/security/inputstream/InputStreamJdk8Test.java +++ b/instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/agent/security/instrumentation/javaio/InputStreamJdk8Test.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.inputstream; +package com.nr.agent.security.instrumentation.javaio; import com.fasterxml.jackson.core.JsonProcessingException; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; @@ -29,7 +29,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"java.io","com.nr.instrumentation.security.javaio"}) +@InstrumentationTestConfig(includePrefixes = {"java.io","com.newrelic.agent.security.instrumentation.javaio"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class InputStreamJdk8Test { private static String FILE; diff --git a/instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/instrumentation/security/inputstream/TestSetupBringUp.java b/instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/agent/security/instrumentation/javaio/TestSetupBringUp.java similarity index 91% rename from instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/instrumentation/security/inputstream/TestSetupBringUp.java rename to instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/agent/security/instrumentation/javaio/TestSetupBringUp.java index d4eb9da47..a26d642b1 100644 --- a/instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/instrumentation/security/inputstream/TestSetupBringUp.java +++ b/instrumentation-security/java-io-inputstream-jdk8/src/test/java/com/nr/agent/security/instrumentation/javaio/TestSetupBringUp.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.inputstream; +package com.nr.agent.security.instrumentation.javaio; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/nr/instrumentation/security/javaio/InputStreamHelper.java b/instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/InputStreamHelper.java similarity index 93% rename from instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/nr/instrumentation/security/javaio/InputStreamHelper.java rename to instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/InputStreamHelper.java index 18ee99c33..396466e06 100644 --- a/instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/nr/instrumentation/security/javaio/InputStreamHelper.java +++ b/instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/InputStreamHelper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.newrelic.agent.security.instrumentation.javaio; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/java-io-inputstream-jdk9/src/main/java/nr/java/io/InputStream_Instrumentation.java b/instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/io/InputStream_Instrumentation.java similarity index 97% rename from instrumentation-security/java-io-inputstream-jdk9/src/main/java/nr/java/io/InputStream_Instrumentation.java rename to instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/io/InputStream_Instrumentation.java index 38de8dc6d..6392adcea 100644 --- a/instrumentation-security/java-io-inputstream-jdk9/src/main/java/nr/java/io/InputStream_Instrumentation.java +++ b/instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/io/InputStream_Instrumentation.java @@ -5,11 +5,11 @@ * */ -package nr.java.io; +package com.newrelic.agent.security.instrumentation.javaio.io; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.*; -import com.nr.instrumentation.security.javaio.InputStreamHelper; +import com.newrelic.agent.security.instrumentation.javaio.InputStreamHelper; import java.io.IOException; @Weave(type = MatchType.BaseClass, originalName = "java.io.InputStream") diff --git a/instrumentation-security/java-io-inputstream-jdk9/src/main/java/nr/java/lang/ProcessHandle_Instrumentation.java b/instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/lang/ProcessHandle_Instrumentation.java similarity index 77% rename from instrumentation-security/java-io-inputstream-jdk9/src/main/java/nr/java/lang/ProcessHandle_Instrumentation.java rename to instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/lang/ProcessHandle_Instrumentation.java index ad79a58f1..e9cdb6482 100644 --- a/instrumentation-security/java-io-inputstream-jdk9/src/main/java/nr/java/lang/ProcessHandle_Instrumentation.java +++ b/instrumentation-security/java-io-inputstream-jdk9/src/main/java/com/newrelic/agent/security/instrumentation/javaio/lang/ProcessHandle_Instrumentation.java @@ -1,4 +1,4 @@ -package nr.java.lang; +package com.newrelic.agent.security.instrumentation.javaio.lang; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; diff --git a/instrumentation-security/java-io-inputstream-jdk9/src/test/java/com/nr/instrumentation/security/inputstream/jdk9/InputStreamJdk9Test.java b/instrumentation-security/java-io-inputstream-jdk9/src/test/java/com/nr/instrumentation/security/inputstream/jdk9/InputStreamJdk9Test.java index ffb81ab27..8b45fda3e 100644 --- a/instrumentation-security/java-io-inputstream-jdk9/src/test/java/com/nr/instrumentation/security/inputstream/jdk9/InputStreamJdk9Test.java +++ b/instrumentation-security/java-io-inputstream-jdk9/src/test/java/com/nr/instrumentation/security/inputstream/jdk9/InputStreamJdk9Test.java @@ -32,7 +32,7 @@ @Category({ Java8IncompatibleTest.class, Java11IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"nr.java.io","com.nr.instrumentation.security.javaio"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.javaio.io","com.newrelic.agent.security.instrumentation.javaio"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class InputStreamJdk9Test { private static String FILE; diff --git a/instrumentation-security/java-io-stream/src/main/java/com/nr/instrumentation/security/javaio/IOStreamHelper.java b/instrumentation-security/java-io-stream/src/main/java/com/newrelic/agent/security/instrumentation/inputstream/IOStreamHelper.java similarity index 97% rename from instrumentation-security/java-io-stream/src/main/java/com/nr/instrumentation/security/javaio/IOStreamHelper.java rename to instrumentation-security/java-io-stream/src/main/java/com/newrelic/agent/security/instrumentation/inputstream/IOStreamHelper.java index bf1e549bb..01e767f9b 100644 --- a/instrumentation-security/java-io-stream/src/main/java/com/nr/instrumentation/security/javaio/IOStreamHelper.java +++ b/instrumentation-security/java-io-stream/src/main/java/com/newrelic/agent/security/instrumentation/inputstream/IOStreamHelper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.newrelic.agent.security.instrumentation.inputstream; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/java-io-stream/src/main/java/java/io/BufferedReader_Instrumentation.java b/instrumentation-security/java-io-stream/src/main/java/java/io/BufferedReader_Instrumentation.java index 703a72e17..06280fc79 100644 --- a/instrumentation-security/java-io-stream/src/main/java/java/io/BufferedReader_Instrumentation.java +++ b/instrumentation-security/java-io-stream/src/main/java/java/io/BufferedReader_Instrumentation.java @@ -13,7 +13,7 @@ import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.WeaveAllConstructors; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.javaio.IOStreamHelper; +import com.newrelic.agent.security.instrumentation.inputstream.IOStreamHelper; @Weave(type = MatchType.BaseClass, originalName = "java.io.BufferedReader") public abstract class BufferedReader_Instrumentation { diff --git a/instrumentation-security/java-io-stream/src/main/java/java/io/OutputStream_Instrumentation.java b/instrumentation-security/java-io-stream/src/main/java/java/io/OutputStream_Instrumentation.java index 234b0b206..74f7be6f1 100644 --- a/instrumentation-security/java-io-stream/src/main/java/java/io/OutputStream_Instrumentation.java +++ b/instrumentation-security/java-io-stream/src/main/java/java/io/OutputStream_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.javaio.IOStreamHelper; +import com.newrelic.agent.security.instrumentation.inputstream.IOStreamHelper; @Weave(type = MatchType.BaseClass, originalName = "java.io.OutputStream") public abstract class OutputStream_Instrumentation { diff --git a/instrumentation-security/java-io-stream/src/main/java/java/io/PrintWriter_Instrumentation.java b/instrumentation-security/java-io-stream/src/main/java/java/io/PrintWriter_Instrumentation.java index 76fdc7e14..ed9316057 100644 --- a/instrumentation-security/java-io-stream/src/main/java/java/io/PrintWriter_Instrumentation.java +++ b/instrumentation-security/java-io-stream/src/main/java/java/io/PrintWriter_Instrumentation.java @@ -10,7 +10,7 @@ import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.*; -import com.nr.instrumentation.security.javaio.IOStreamHelper; +import com.newrelic.agent.security.instrumentation.inputstream.IOStreamHelper; import java.util.Locale; diff --git a/instrumentation-security/java-io-stream/src/main/java/java/io/Reader_Instrumentation.java b/instrumentation-security/java-io-stream/src/main/java/java/io/Reader_Instrumentation.java index dc70a6eab..763f1c023 100644 --- a/instrumentation-security/java-io-stream/src/main/java/java/io/Reader_Instrumentation.java +++ b/instrumentation-security/java-io-stream/src/main/java/java/io/Reader_Instrumentation.java @@ -12,7 +12,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.javaio.IOStreamHelper; +import com.newrelic.agent.security.instrumentation.inputstream.IOStreamHelper; @Weave(type = MatchType.BaseClass, originalName = "java.io.Reader") public abstract class Reader_Instrumentation { diff --git a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/BufferedReaderTest.java b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/BufferedReaderTest.java similarity index 98% rename from instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/BufferedReaderTest.java rename to instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/BufferedReaderTest.java index 7ea1f83fd..85d995bb4 100644 --- a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/BufferedReaderTest.java +++ b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/BufferedReaderTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.inputstream; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -24,7 +24,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "java.io", "com.nr.instrumentation.security.javaio"}) +@InstrumentationTestConfig(includePrefixes = { "java.io", "com.newrelic.agent.security.instrumentation.inputstream"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class BufferedReaderTest { private static String FILE; diff --git a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/OutputStreamTest.java b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/OutputStreamTest.java similarity index 97% rename from instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/OutputStreamTest.java rename to instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/OutputStreamTest.java index a0175b596..486b24fed 100644 --- a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/OutputStreamTest.java +++ b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/OutputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.inputstream; import com.fasterxml.jackson.core.JsonProcessingException; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; @@ -23,7 +23,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "java.io", "com.nr.instrumentation.security.javaio"}) +@InstrumentationTestConfig(includePrefixes = { "java.io", "com.newrelic.agent.security.instrumentation.inputstream"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OutputStreamTest { private static String FILE; diff --git a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/PrintWriterTest.java b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/PrintWriterTest.java similarity index 99% rename from instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/PrintWriterTest.java rename to instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/PrintWriterTest.java index ae8d60554..86a2c7e9a 100644 --- a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/PrintWriterTest.java +++ b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/PrintWriterTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.inputstream; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -21,7 +21,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "java.io", "com.nr.instrumentation.security.javaio"}) +@InstrumentationTestConfig(includePrefixes = { "java.io", "com.newrelic.agent.security.instrumentation.inputstream"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class PrintWriterTest { private static String FILE; diff --git a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/ReaderTest.java b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/ReaderTest.java similarity index 98% rename from instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/ReaderTest.java rename to instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/ReaderTest.java index 7c10017ed..bacdc00f9 100644 --- a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/ReaderTest.java +++ b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/ReaderTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.inputstream; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -28,7 +28,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "java.io", "com.nr.instrumentation.security.javaio"}) +@InstrumentationTestConfig(includePrefixes = { "java.io", "com.newrelic.agent.security.instrumentation.inputstream"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ReaderTest { private static String FILE; diff --git a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/TestSetupBringUp.java b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/TestSetupBringUp.java similarity index 90% rename from instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/TestSetupBringUp.java rename to instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/TestSetupBringUp.java index bf4bf4c10..debe2b1af 100644 --- a/instrumentation-security/java-io-stream/src/test/java/com/nr/instrumentation/security/javaio/TestSetupBringUp.java +++ b/instrumentation-security/java-io-stream/src/test/java/com/nr/agent/security/instrumentation/inputstream/TestSetupBringUp.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javaio; +package com.nr.agent.security.instrumentation.inputstream; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/java-lang/src/test/java/com/nr/instrumentation/java/lang/ProcessImplTest.java b/instrumentation-security/java-lang/src/test/java/com/nr/agent/security/instrumentation/java/lang/ProcessImplTest.java similarity index 98% rename from instrumentation-security/java-lang/src/test/java/com/nr/instrumentation/java/lang/ProcessImplTest.java rename to instrumentation-security/java-lang/src/test/java/com/nr/agent/security/instrumentation/java/lang/ProcessImplTest.java index 1a2d3ab89..28a81f395 100644 --- a/instrumentation-security/java-lang/src/test/java/com/nr/instrumentation/java/lang/ProcessImplTest.java +++ b/instrumentation-security/java-lang/src/test/java/com/nr/agent/security/instrumentation/java/lang/ProcessImplTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.java.lang; +package com.nr.agent.security.instrumentation.java.lang; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/javax-jndi/src/main/java/com/nr/instrumentation/security/javax/JNDIUtils.java b/instrumentation-security/javax-jndi/src/main/java/com/newrelic/agent/security/instrumentation/javax/jndi/JNDIUtils.java similarity index 96% rename from instrumentation-security/javax-jndi/src/main/java/com/nr/instrumentation/security/javax/JNDIUtils.java rename to instrumentation-security/javax-jndi/src/main/java/com/newrelic/agent/security/instrumentation/javax/jndi/JNDIUtils.java index c3047e062..d6bd2e826 100644 --- a/instrumentation-security/javax-jndi/src/main/java/com/nr/instrumentation/security/javax/JNDIUtils.java +++ b/instrumentation-security/javax-jndi/src/main/java/com/newrelic/agent/security/instrumentation/javax/jndi/JNDIUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javax; +package com.newrelic.agent.security.instrumentation.javax.jndi; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.schema.AbstractOperation; diff --git a/instrumentation-security/javax-jndi/src/main/java/javax/naming/Context_Instrumentation.java b/instrumentation-security/javax-jndi/src/main/java/javax/naming/Context_Instrumentation.java index 32dab59b1..f1a12fa26 100644 --- a/instrumentation-security/javax-jndi/src/main/java/javax/naming/Context_Instrumentation.java +++ b/instrumentation-security/javax-jndi/src/main/java/javax/naming/Context_Instrumentation.java @@ -9,9 +9,8 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.javax.JNDIUtils; +import com.newrelic.agent.security.instrumentation.javax.jndi.JNDIUtils; -import javax.naming.directory.SearchResult; import java.util.Enumeration; import java.util.List; diff --git a/instrumentation-security/javax-jndi/src/test/java/com/nr/instrumentation/security/javax/jndi/ContextRmiTest.java b/instrumentation-security/javax-jndi/src/test/java/com/nr/agent/security/instrumentation/javax/jndi/ContextRmiTest.java similarity index 97% rename from instrumentation-security/javax-jndi/src/test/java/com/nr/instrumentation/security/javax/jndi/ContextRmiTest.java rename to instrumentation-security/javax-jndi/src/test/java/com/nr/agent/security/instrumentation/javax/jndi/ContextRmiTest.java index f4b8fbbb8..6f0e71eae 100644 --- a/instrumentation-security/javax-jndi/src/test/java/com/nr/instrumentation/security/javax/jndi/ContextRmiTest.java +++ b/instrumentation-security/javax-jndi/src/test/java/com/nr/agent/security/instrumentation/javax/jndi/ContextRmiTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javax.jndi; +package com.nr.agent.security.instrumentation.javax.jndi; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,7 +6,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; -import com.nr.instrumentation.security.javax.JNDIUtils; +import com.newrelic.agent.security.instrumentation.javax.jndi.JNDIUtils; import org.junit.Assert; import org.junit.FixMethodOrder; import org.junit.Test; @@ -28,7 +28,7 @@ import java.util.Properties; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "javax.naming", "com.nr.instrumentation.security.javax" } ) +@InstrumentationTestConfig(includePrefixes = { "javax.naming", "com.newrelic.agent.security.instrumentation.javax.jndi" } ) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ContextRmiTest { diff --git a/instrumentation-security/javax-jndi/src/test/java/com/nr/instrumentation/security/javax/jndi/ContextTest.java b/instrumentation-security/javax-jndi/src/test/java/com/nr/agent/security/instrumentation/javax/jndi/ContextTest.java similarity index 98% rename from instrumentation-security/javax-jndi/src/test/java/com/nr/instrumentation/security/javax/jndi/ContextTest.java rename to instrumentation-security/javax-jndi/src/test/java/com/nr/agent/security/instrumentation/javax/jndi/ContextTest.java index c13b7ae40..b4295dc77 100644 --- a/instrumentation-security/javax-jndi/src/test/java/com/nr/instrumentation/security/javax/jndi/ContextTest.java +++ b/instrumentation-security/javax-jndi/src/test/java/com/nr/agent/security/instrumentation/javax/jndi/ContextTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javax.jndi; +package com.nr.agent.security.instrumentation.javax.jndi; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,7 +6,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.SSRFOperation; -import com.nr.instrumentation.security.javax.JNDIUtils; +import com.newrelic.agent.security.instrumentation.javax.jndi.JNDIUtils; import com.unboundid.ldap.sdk.LDAPException; import org.junit.Assert; import org.junit.BeforeClass; @@ -28,7 +28,7 @@ import java.util.Properties; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "javax.naming", "com.nr.instrumentation.security.javax" } ) +@InstrumentationTestConfig(includePrefixes = { "javax.naming", "com.newrelic.agent.security.instrumentation.javax.jndi" } ) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ContextTest { public static final String DOMAIN_DSN = "dc=example,dc=com"; diff --git a/instrumentation-security/javax-ldap/src/main/java/com/nr/instrumentation/security/javax/LDAPUtils.java b/instrumentation-security/javax-ldap/src/main/java/com/newrelic/agent/security/instrumentation/javax/ldap/LDAPUtils.java similarity index 72% rename from instrumentation-security/javax-ldap/src/main/java/com/nr/instrumentation/security/javax/LDAPUtils.java rename to instrumentation-security/javax-ldap/src/main/java/com/newrelic/agent/security/instrumentation/javax/ldap/LDAPUtils.java index a0884de13..4cc2d9b4c 100644 --- a/instrumentation-security/javax-ldap/src/main/java/com/nr/instrumentation/security/javax/LDAPUtils.java +++ b/instrumentation-security/javax-ldap/src/main/java/com/newrelic/agent/security/instrumentation/javax/ldap/LDAPUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javax; +package com.newrelic.agent.security.instrumentation.javax.ldap; public class LDAPUtils { diff --git a/instrumentation-security/javax-ldap/src/main/java/javax/naming/directory/DirContext_Instrumentation.java b/instrumentation-security/javax-ldap/src/main/java/javax/naming/directory/DirContext_Instrumentation.java index c009c4675..05852adcb 100644 --- a/instrumentation-security/javax-ldap/src/main/java/javax/naming/directory/DirContext_Instrumentation.java +++ b/instrumentation-security/javax-ldap/src/main/java/javax/naming/directory/DirContext_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.javax.LDAPUtils; +import com.newrelic.agent.security.instrumentation.javax.ldap.LDAPUtils; import javax.naming.Context; import javax.naming.Name; diff --git a/instrumentation-security/javax-ldap/src/test/java/com/nr/instrumentation/security/javax/ldap/DirContextTest.java b/instrumentation-security/javax-ldap/src/test/java/com/nr/agent/security/instrumentation/javax/ldap/DirContextTest.java similarity index 99% rename from instrumentation-security/javax-ldap/src/test/java/com/nr/instrumentation/security/javax/ldap/DirContextTest.java rename to instrumentation-security/javax-ldap/src/test/java/com/nr/agent/security/instrumentation/javax/ldap/DirContextTest.java index 4d7339aa5..4d50e493c 100644 --- a/instrumentation-security/javax-ldap/src/test/java/com/nr/instrumentation/security/javax/ldap/DirContextTest.java +++ b/instrumentation-security/javax-ldap/src/test/java/com/nr/agent/security/instrumentation/javax/ldap/DirContextTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.javax.ldap; +package com.nr.agent.security.instrumentation.javax.ldap; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -31,7 +31,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "javax.naming", "com.nr.instrumentation.security.javax.LDAPUtils" } ) +@InstrumentationTestConfig(includePrefixes = { "javax.naming", "com.newrelic.agent.security.instrumentation.javax.ldap.LDAPUtils" } ) @FixMethodOrder(MethodSorters.NAME_ASCENDING) //FIXME: after instrumentation works @Ignore diff --git a/instrumentation-security/javax-xpath/src/main/java/com/nr/instrumentation/security/xpath/javax/XPATHUtils.java b/instrumentation-security/javax-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/javax/XPATHUtils.java similarity index 79% rename from instrumentation-security/javax-xpath/src/main/java/com/nr/instrumentation/security/xpath/javax/XPATHUtils.java rename to instrumentation-security/javax-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/javax/XPATHUtils.java index 4902b10aa..852735fad 100644 --- a/instrumentation-security/javax-xpath/src/main/java/com/nr/instrumentation/security/xpath/javax/XPATHUtils.java +++ b/instrumentation-security/javax-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/javax/XPATHUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath.javax; +package com.newrelic.agent.security.instrumentation.xpath.javax; public class XPATHUtils { diff --git a/instrumentation-security/javax-xpath/src/main/java/com/sun/org/apache/xpath/internal/XPath_Instrumentation.java b/instrumentation-security/javax-xpath/src/main/java/com/sun/org/apache/xpath/internal/XPath_Instrumentation.java index 1a19de726..7d400d22f 100644 --- a/instrumentation-security/javax-xpath/src/main/java/com/sun/org/apache/xpath/internal/XPath_Instrumentation.java +++ b/instrumentation-security/javax-xpath/src/main/java/com/sun/org/apache/xpath/internal/XPath_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.xpath.javax.XPATHUtils; +import com.newrelic.agent.security.instrumentation.xpath.javax.XPATHUtils; import com.sun.org.apache.xml.internal.utils.PrefixResolver; import com.sun.org.apache.xpath.internal.objects.XObject; diff --git a/instrumentation-security/javax-xpath/src/main/java/javax/xml/xpath/XPath_Instrumentation.java b/instrumentation-security/javax-xpath/src/main/java/javax/xml/xpath/XPath_Instrumentation.java index 1cf7d43b5..8b94cca0d 100644 --- a/instrumentation-security/javax-xpath/src/main/java/javax/xml/xpath/XPath_Instrumentation.java +++ b/instrumentation-security/javax-xpath/src/main/java/javax/xml/xpath/XPath_Instrumentation.java @@ -9,8 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.xpath.javax.XPATHUtils; -import com.sun.org.apache.xpath.internal.objects.XObject; +import com.newrelic.agent.security.instrumentation.xpath.javax.XPATHUtils; import org.xml.sax.InputSource; import javax.xml.namespace.QName; diff --git a/instrumentation-security/javax-xpath/src/test/java/com/nr/instrumentation/security/xpath/XPathTest.java b/instrumentation-security/javax-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/javax/XPathTest.java similarity index 98% rename from instrumentation-security/javax-xpath/src/test/java/com/nr/instrumentation/security/xpath/XPathTest.java rename to instrumentation-security/javax-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/javax/XPathTest.java index beeb87819..a897dfdee 100644 --- a/instrumentation-security/javax-xpath/src/test/java/com/nr/instrumentation/security/xpath/XPathTest.java +++ b/instrumentation-security/javax-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/javax/XPathTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath; +package com.nr.agent.security.instrumentation.xpath.javax; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,7 +6,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.XPathOperation; -import com.nr.instrumentation.security.xpath.javax.XPATHUtils; +import com.newrelic.agent.security.instrumentation.xpath.javax.XPATHUtils; import org.junit.Assert; import org.junit.FixMethodOrder; import org.junit.Ignore; diff --git a/instrumentation-security/javax-xpath/src/test/java/com/nr/instrumentation/security/xpath/internal/XPathInternalTest.java b/instrumentation-security/javax-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/javax/internal/XPathInternalTest.java similarity index 99% rename from instrumentation-security/javax-xpath/src/test/java/com/nr/instrumentation/security/xpath/internal/XPathInternalTest.java rename to instrumentation-security/javax-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/javax/internal/XPathInternalTest.java index 1026db01d..b0510aa95 100644 --- a/instrumentation-security/javax-xpath/src/test/java/com/nr/instrumentation/security/xpath/internal/XPathInternalTest.java +++ b/instrumentation-security/javax-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/javax/internal/XPathInternalTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath.internal; +package com.nr.agent.security.instrumentation.xpath.javax.internal; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/Application_Instrumentation.java b/instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/Application_Instrumentation.java similarity index 76% rename from instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/Application_Instrumentation.java rename to instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/Application_Instrumentation.java index 844fb058a..2007dfb78 100644 --- a/instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/Application_Instrumentation.java +++ b/instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/Application_Instrumentation.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.javax.ws.rs.api; +package com.newrelic.agent.security.instrumentation.javax.ws.rs.api; import com.newrelic.api.agent.weaver.Weave; diff --git a/instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Instrumentation.java b/instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Instrumentation.java similarity index 92% rename from instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Instrumentation.java rename to instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Instrumentation.java index e6f1d94c9..b7211b1af 100644 --- a/instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Instrumentation.java +++ b/instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.javax.ws.rs.api; +package com.newrelic.agent.security.instrumentation.javax.ws.rs.api; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.weaver.MatchType; diff --git a/instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Subresource_Instrumentation.java b/instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Subresource_Instrumentation.java similarity index 95% rename from instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Subresource_Instrumentation.java rename to instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Subresource_Instrumentation.java index 8740739cf..15018dfc2 100644 --- a/instrumentation-security/jax-rs-1.0/src/main/java/com/nr/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Subresource_Instrumentation.java +++ b/instrumentation-security/jax-rs-1.0/src/main/java/com/newrelic/agent/security/instrumentation/javax/ws/rs/api/JavaxWsRsApi_Subresource_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.javax.ws.rs.api; +package com.newrelic.agent.security.instrumentation.javax.ws.rs.api; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.weaver.WeaveIntoAllMethods; diff --git a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/App.java b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/App.java similarity index 95% rename from instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/App.java rename to instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/App.java index 3b15bf714..c7b90d193 100644 --- a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/App.java +++ b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/App.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs.app; +package com.nr.agent.security.instrumentation.javax.ws.rs.api.app; import com.newrelic.api.agent.Trace; diff --git a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/CustomerLocatorResource.java b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/CustomerLocatorResource.java similarity index 79% rename from instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/CustomerLocatorResource.java rename to instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/CustomerLocatorResource.java index 7a0cef75f..9da61e921 100644 --- a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/CustomerLocatorResource.java +++ b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/CustomerLocatorResource.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs.app; +package com.nr.agent.security.instrumentation.javax.ws.rs.api.app; import javax.ws.rs.Path; diff --git a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/IdSubResource.java b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/IdSubResource.java similarity index 94% rename from instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/IdSubResource.java rename to instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/IdSubResource.java index 4f4007f6a..8cf7a2527 100644 --- a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/IdSubResource.java +++ b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/IdSubResource.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs.app; +package com.nr.agent.security.instrumentation.javax.ws.rs.api.app; import javax.ws.rs.DELETE; import javax.ws.rs.GET; diff --git a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/OrdersSubResource.java b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/OrdersSubResource.java similarity index 75% rename from instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/OrdersSubResource.java rename to instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/OrdersSubResource.java index fcba9df59..421b221f9 100644 --- a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/OrdersSubResource.java +++ b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/OrdersSubResource.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs.app; +package com.nr.agent.security.instrumentation.javax.ws.rs.api.app; import javax.ws.rs.Path; diff --git a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/TestMapping.java b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/TestMapping.java similarity index 95% rename from instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/TestMapping.java rename to instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/TestMapping.java index 7491a3ed1..41682c058 100644 --- a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/app/TestMapping.java +++ b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/app/TestMapping.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs.app; +package com.nr.agent.security.instrumentation.javax.ws.rs.api.app; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; diff --git a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/test/JavaxWsRsApiTest.java b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/test/JavaxWsRsApiTest.java similarity index 94% rename from instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/test/JavaxWsRsApiTest.java rename to instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/test/JavaxWsRsApiTest.java index 32d115f33..4146f3dff 100644 --- a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/test/JavaxWsRsApiTest.java +++ b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/test/JavaxWsRsApiTest.java @@ -1,16 +1,16 @@ -package com.nr.instrumentation.security.jax.rs.test; +package com.nr.agent.security.instrumentation.javax.ws.rs.api.test; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.nr.instrumentation.security.jax.rs.app.App; +import com.nr.agent.security.instrumentation.javax.ws.rs.api.app.App; import org.junit.Assert; import org.junit.Test; import org.junit.runner.RunWith; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "com.nr.instrumentation.javax.ws.rs.api") +@InstrumentationTestConfig(includePrefixes = "com.newrelic.agent.security.instrumentation.javax.ws.rs.api") public class JavaxWsRsApiTest { @Test public void testPut() { diff --git a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/test/SubresourceTest.java b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/test/SubresourceTest.java similarity index 93% rename from instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/test/SubresourceTest.java rename to instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/test/SubresourceTest.java index 4ee2da3d1..61befaaf5 100644 --- a/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/instrumentation/security/jax/rs/test/SubresourceTest.java +++ b/instrumentation-security/jax-rs-1.0/src/test/java/com/nr/agent/security/instrumentation/javax/ws/rs/api/test/SubresourceTest.java @@ -1,12 +1,12 @@ -package com.nr.instrumentation.security.jax.rs.test; +package com.nr.agent.security.instrumentation.javax.ws.rs.api.test; +import com.nr.agent.security.instrumentation.javax.ws.rs.api.app.CustomerLocatorResource; +import com.nr.agent.security.instrumentation.javax.ws.rs.api.app.IdSubResource; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.nr.instrumentation.security.jax.rs.app.CustomerLocatorResource; -import com.nr.instrumentation.security.jax.rs.app.IdSubResource; -import com.nr.instrumentation.security.jax.rs.app.OrdersSubResource; +import com.nr.agent.security.instrumentation.javax.ws.rs.api.app.OrdersSubResource; import org.glassfish.jersey.client.HttpUrlConnectorProvider; import org.glassfish.jersey.server.ResourceConfig; import org.glassfish.jersey.test.JerseyTest; @@ -20,7 +20,7 @@ import javax.ws.rs.core.Response; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "com.nr.instrumentation.javax.ws.rs.api") +@InstrumentationTestConfig(includePrefixes = "com.newrelic.agent.security.instrumentation.javax.ws.rs.api") public class SubresourceTest extends JerseyTest { @BeforeClass public static void bringUp() { diff --git a/instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/Application_Instrumentation.java b/instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/Application_Instrumentation.java similarity index 83% rename from instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/Application_Instrumentation.java rename to instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/Application_Instrumentation.java index 01057a3d7..b400f6073 100644 --- a/instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/Application_Instrumentation.java +++ b/instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/Application_Instrumentation.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.jakarta.ws.rs.api; +package com.newrelic.agent.security.instrumentation.jakarta.ws.rs.api; import com.newrelic.api.agent.weaver.Weave; diff --git a/instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Instrumentation.java b/instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Instrumentation.java similarity index 92% rename from instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Instrumentation.java rename to instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Instrumentation.java index 4d45794e3..1414c047f 100644 --- a/instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Instrumentation.java +++ b/instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.jakarta.ws.rs.api; +package com.newrelic.agent.security.instrumentation.jakarta.ws.rs.api; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.weaver.MatchType; diff --git a/instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Subresource_Instrumentation.java b/instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Subresource_Instrumentation.java similarity index 95% rename from instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Subresource_Instrumentation.java rename to instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Subresource_Instrumentation.java index 68d44e8d5..1b99cdf70 100644 --- a/instrumentation-security/jax-rs-3.0/src/main/java/com/nr/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Subresource_Instrumentation.java +++ b/instrumentation-security/jax-rs-3.0/src/main/java/com/newrelic/agent/security/instrumentation/jakarta/ws/rs/api/JakartaWsRsApi_Subresource_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.jakarta.ws.rs.api; +package com.newrelic.agent.security.instrumentation.jakarta.ws.rs.api; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.weaver.WeaveIntoAllMethods; diff --git a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/App.java b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/App.java similarity index 94% rename from instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/App.java rename to instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/App.java index a497ff469..975bb4510 100644 --- a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/App.java +++ b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/App.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs3.app; +package com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app; import com.newrelic.api.agent.Trace; diff --git a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/CustomerLocatorResource.java b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/CustomerLocatorResource.java similarity index 79% rename from instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/CustomerLocatorResource.java rename to instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/CustomerLocatorResource.java index a441a57a3..0efa07f64 100644 --- a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/CustomerLocatorResource.java +++ b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/CustomerLocatorResource.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs3.app; +package com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app; import jakarta.ws.rs.Path; diff --git a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/IdSubResource.java b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/IdSubResource.java similarity index 94% rename from instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/IdSubResource.java rename to instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/IdSubResource.java index d63c45f01..e1de1465d 100644 --- a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/IdSubResource.java +++ b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/IdSubResource.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs3.app; +package com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app; import jakarta.ws.rs.DELETE; import jakarta.ws.rs.GET; diff --git a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/OrdersSubResource.java b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/OrdersSubResource.java similarity index 75% rename from instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/OrdersSubResource.java rename to instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/OrdersSubResource.java index d757b4eda..5b0e3362f 100644 --- a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/OrdersSubResource.java +++ b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/OrdersSubResource.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs3.app; +package com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app; import jakarta.ws.rs.Path; diff --git a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/TestMapping.java b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/TestMapping.java similarity index 94% rename from instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/TestMapping.java rename to instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/TestMapping.java index 2d3de319c..672fc71e0 100644 --- a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/app/TestMapping.java +++ b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/app/TestMapping.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jax.rs3.app; +package com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app; import jakarta.ws.rs.Consumes; import jakarta.ws.rs.DELETE; diff --git a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/test/JakartaWsRsApiTest.java b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/test/JakartaWsRsApiTest.java similarity index 94% rename from instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/test/JakartaWsRsApiTest.java rename to instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/test/JakartaWsRsApiTest.java index 0754d6471..25d0b1eba 100644 --- a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/test/JakartaWsRsApiTest.java +++ b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/test/JakartaWsRsApiTest.java @@ -1,16 +1,16 @@ -package com.nr.instrumentation.security.jax.rs3.test; +package com.nr.agent.security.instrumentation.jakarta.ws.rs.api.test; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.nr.instrumentation.security.jax.rs3.app.App; +import com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app.App; import org.junit.Assert; import org.junit.Test; import org.junit.runner.RunWith; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "com.nr.instrumentation.jakarta.ws.rs.api") +@InstrumentationTestConfig(includePrefixes = "com.newrelic.agent.security.instrumentation.jakarta.ws.rs.api") public class JakartaWsRsApiTest { @Test public void testPut() { diff --git a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/test/SubresourceTest.java b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/test/SubresourceTest.java similarity index 93% rename from instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/test/SubresourceTest.java rename to instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/test/SubresourceTest.java index 7eee3237b..3fc39262e 100644 --- a/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/instrumentation/security/jax/rs3/test/SubresourceTest.java +++ b/instrumentation-security/jax-rs-3.0/src/test/java/com/nr/agent/security/instrumentation/jakarta/ws/rs/api/test/SubresourceTest.java @@ -1,12 +1,12 @@ -package com.nr.instrumentation.security.jax.rs3.test; +package com.nr.agent.security.instrumentation.jakarta.ws.rs.api.test; +import com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app.IdSubResource; +import com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app.OrdersSubResource; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.nr.instrumentation.security.jax.rs3.app.CustomerLocatorResource; -import com.nr.instrumentation.security.jax.rs3.app.IdSubResource; -import com.nr.instrumentation.security.jax.rs3.app.OrdersSubResource; +import com.nr.agent.security.instrumentation.jakarta.ws.rs.api.app.CustomerLocatorResource; import jakarta.ws.rs.client.Entity; import jakarta.ws.rs.core.Application; import jakarta.ws.rs.core.Response; @@ -19,7 +19,7 @@ import org.junit.runner.RunWith; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "com.nr.instrumentation.jakarta.ws.rs.api") +@InstrumentationTestConfig(includePrefixes = "com.newrelic.agent.security.instrumentation.jakarta.ws.rs.api") public class SubresourceTest extends JerseyTest { @BeforeClass diff --git a/instrumentation-security/jaxen-xpath-1.1/src/main/java/com/nr/instrumentation/security/xpath/jaxen/XPATHUtils.java b/instrumentation-security/jaxen-xpath-1.1/src/main/java/com/newrelic/agent/security/instrumentation/xpath/jaxen/XPATHUtils.java similarity index 74% rename from instrumentation-security/jaxen-xpath-1.1/src/main/java/com/nr/instrumentation/security/xpath/jaxen/XPATHUtils.java rename to instrumentation-security/jaxen-xpath-1.1/src/main/java/com/newrelic/agent/security/instrumentation/xpath/jaxen/XPATHUtils.java index 6968491fa..6cc00af52 100644 --- a/instrumentation-security/jaxen-xpath-1.1/src/main/java/com/nr/instrumentation/security/xpath/jaxen/XPATHUtils.java +++ b/instrumentation-security/jaxen-xpath-1.1/src/main/java/com/newrelic/agent/security/instrumentation/xpath/jaxen/XPATHUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath.jaxen; +package com.newrelic.agent.security.instrumentation.xpath.jaxen; public class XPATHUtils { diff --git a/instrumentation-security/jaxen-xpath-1.1/src/main/java/org/jaxen/BaseXPath_Instrumentation.java b/instrumentation-security/jaxen-xpath-1.1/src/main/java/org/jaxen/BaseXPath_Instrumentation.java index e4fd8392b..b9ca64c16 100644 --- a/instrumentation-security/jaxen-xpath-1.1/src/main/java/org/jaxen/BaseXPath_Instrumentation.java +++ b/instrumentation-security/jaxen-xpath-1.1/src/main/java/org/jaxen/BaseXPath_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.xpath.jaxen.XPATHUtils; +import com.newrelic.agent.security.instrumentation.xpath.jaxen.XPATHUtils; import java.util.List; diff --git a/instrumentation-security/jaxen-xpath-1.1/src/test/java/com/nr/instrumentation/security/jaxen/xpath11/BaseXPathTest.java b/instrumentation-security/jaxen-xpath-1.1/src/test/java/com/nr/agent/security/instrumentation/xpath/jaxen/BaseXPathTest.java similarity index 97% rename from instrumentation-security/jaxen-xpath-1.1/src/test/java/com/nr/instrumentation/security/jaxen/xpath11/BaseXPathTest.java rename to instrumentation-security/jaxen-xpath-1.1/src/test/java/com/nr/agent/security/instrumentation/xpath/jaxen/BaseXPathTest.java index 33de62310..9e3579340 100644 --- a/instrumentation-security/jaxen-xpath-1.1/src/test/java/com/nr/instrumentation/security/jaxen/xpath11/BaseXPathTest.java +++ b/instrumentation-security/jaxen-xpath-1.1/src/test/java/com/nr/agent/security/instrumentation/xpath/jaxen/BaseXPathTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jaxen.xpath11; +package com.nr.agent.security.instrumentation.xpath.jaxen; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -25,7 +25,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.instrumentation.security.xpath.jaxen", "org.jaxen" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.xpath.jaxen", "org.jaxen" }) public class BaseXPathTest { private final String EXPRESSION = "/Customers/Customer"; private final String XML_DOC = "src/test/resources/Customer.xml"; diff --git a/instrumentation-security/jaxen-xpath/src/main/java/com/nr/instrumentation/security/xpath/jaxen/XPATHUtils.java b/instrumentation-security/jaxen-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/jaxen/XPATHUtils.java similarity index 74% rename from instrumentation-security/jaxen-xpath/src/main/java/com/nr/instrumentation/security/xpath/jaxen/XPATHUtils.java rename to instrumentation-security/jaxen-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/jaxen/XPATHUtils.java index 6968491fa..6cc00af52 100644 --- a/instrumentation-security/jaxen-xpath/src/main/java/com/nr/instrumentation/security/xpath/jaxen/XPATHUtils.java +++ b/instrumentation-security/jaxen-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xpath/jaxen/XPATHUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath.jaxen; +package com.newrelic.agent.security.instrumentation.xpath.jaxen; public class XPATHUtils { diff --git a/instrumentation-security/jaxen-xpath/src/main/java/org/jaxen/BaseXPath_Instrumentation.java b/instrumentation-security/jaxen-xpath/src/main/java/org/jaxen/BaseXPath_Instrumentation.java index 135cc2509..4df33771b 100644 --- a/instrumentation-security/jaxen-xpath/src/main/java/org/jaxen/BaseXPath_Instrumentation.java +++ b/instrumentation-security/jaxen-xpath/src/main/java/org/jaxen/BaseXPath_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.xpath.jaxen.XPATHUtils; +import com.newrelic.agent.security.instrumentation.xpath.jaxen.XPATHUtils; import java.util.List; diff --git a/instrumentation-security/jaxen-xpath/src/test/java/com/nr/instrumentation/security/jaxen/xpath/BaseXPathTest.java b/instrumentation-security/jaxen-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/jaxen/BaseXPathTest.java similarity index 97% rename from instrumentation-security/jaxen-xpath/src/test/java/com/nr/instrumentation/security/jaxen/xpath/BaseXPathTest.java rename to instrumentation-security/jaxen-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/jaxen/BaseXPathTest.java index e798ef0c5..a370cb9d2 100644 --- a/instrumentation-security/jaxen-xpath/src/test/java/com/nr/instrumentation/security/jaxen/xpath/BaseXPathTest.java +++ b/instrumentation-security/jaxen-xpath/src/test/java/com/nr/agent/security/instrumentation/xpath/jaxen/BaseXPathTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jaxen.xpath; +package com.nr.agent.security.instrumentation.xpath.jaxen; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -26,7 +26,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.instrumentation.security.xpath.jaxen", "org.jaxen" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.instrumentation.security.xpath.jaxen", "org.jaxen" }) public class BaseXPathTest { private final String EXPRESSION = "/Customers/Customer"; private final String XML_DOC = "src/test/resources/Customer.xml"; diff --git a/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyAutoloadedDriverTest.java b/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyAutoloadedDriverTest.java similarity index 98% rename from instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyAutoloadedDriverTest.java rename to instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyAutoloadedDriverTest.java index d1bd9c9ca..d3f6c3dd8 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyAutoloadedDriverTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyAutoloadedDriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby10216; +package com.nr.agent.security.instrumentation.derby101011; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -26,7 +26,6 @@ public class DerbyAutoloadedDriverTest { private static final String DB_CONNECTION = "jdbc:derby:memory:test;create=true;DB_CLOSE_DELAY=-1"; private static final String DB_USER = ""; private static final String DB_PASSWORD = ""; - @Test public void testConnect() throws SQLException { getConnection(); @@ -107,4 +106,5 @@ private void getConnection2() throws SQLException { } } } + } diff --git a/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyDataStoreTest.java b/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyDataStoreTest.java similarity index 99% rename from instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyDataStoreTest.java rename to instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyDataStoreTest.java index ffd05ba37..694e4f5af 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyDataStoreTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyDataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby101011; +package com.nr.agent.security.instrumentation.derby101011; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyDriverTest.java b/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyDriverTest.java similarity index 98% rename from instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyDriverTest.java rename to instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyDriverTest.java index 47b5629b0..0dbcb614b 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyDriverTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/DerbyDriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby101011; +package com.nr.agent.security.instrumentation.derby101011; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/Helper.java b/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/Helper.java similarity index 92% rename from instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/Helper.java rename to instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/Helper.java index f76310bf7..a70588805 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/Helper.java +++ b/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101011/Helper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby101111; +package com.nr.agent.security.instrumentation.derby101011; import java.sql.Driver; import java.sql.DriverManager; diff --git a/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyAutoloadedDriverTest.java b/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyAutoloadedDriverTest.java similarity index 98% rename from instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyAutoloadedDriverTest.java rename to instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyAutoloadedDriverTest.java index eab0de759..d1b0383f5 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/DerbyAutoloadedDriverTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyAutoloadedDriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby101011; +package com.nr.agent.security.instrumentation.derby101111; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyDataStoreTest.java b/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyDataStoreTest.java similarity index 99% rename from instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyDataStoreTest.java rename to instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyDataStoreTest.java index 101732205..7a867cb58 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyDataStoreTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyDataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby101111; +package com.nr.agent.security.instrumentation.derby101111; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyDriverTest.java b/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyDriverTest.java similarity index 98% rename from instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyDriverTest.java rename to instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyDriverTest.java index 9aa340e69..7ae4fc0bb 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyDriverTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/DerbyDriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby101111; +package com.nr.agent.security.instrumentation.derby101111; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/Helper.java b/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/Helper.java similarity index 92% rename from instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/Helper.java rename to instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/Helper.java index 08eeb4642..7b28ffc05 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/Helper.java +++ b/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/agent/security/instrumentation/derby101111/Helper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby10216; +package com.nr.agent.security.instrumentation.derby101111; import java.sql.Driver; import java.sql.DriverManager; diff --git a/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyAutoloadedDriverTest.java b/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyAutoloadedDriverTest.java similarity index 98% rename from instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyAutoloadedDriverTest.java rename to instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyAutoloadedDriverTest.java index a22d0c34f..fdc76740d 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.11.1.1/src/test/java/com/nr/instrumentation/security/derby101111/DerbyAutoloadedDriverTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyAutoloadedDriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby101111; +package com.nr.agent.security.instrumentation.derby10216; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -26,6 +26,7 @@ public class DerbyAutoloadedDriverTest { private static final String DB_CONNECTION = "jdbc:derby:memory:test;create=true;DB_CLOSE_DELAY=-1"; private static final String DB_USER = ""; private static final String DB_PASSWORD = ""; + @Test public void testConnect() throws SQLException { getConnection(); @@ -106,5 +107,4 @@ private void getConnection2() throws SQLException { } } } - } diff --git a/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyDataStoreTest.java b/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyDataStoreTest.java similarity index 99% rename from instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyDataStoreTest.java rename to instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyDataStoreTest.java index b77917c9d..4f0d7f829 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyDataStoreTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyDataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby10216; +package com.nr.agent.security.instrumentation.derby10216; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyDriverTest.java b/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyDriverTest.java similarity index 98% rename from instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyDriverTest.java rename to instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyDriverTest.java index 28f2fbb0f..191ad3e2a 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/instrumentation/security/derby10216/DerbyDriverTest.java +++ b/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/DerbyDriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby10216; +package com.nr.agent.security.instrumentation.derby10216; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/Helper.java b/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/Helper.java similarity index 92% rename from instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/Helper.java rename to instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/Helper.java index 9e8f1f500..f89c18429 100644 --- a/instrumentation-security/jdbc-embedded-derby-10.10.1.1/src/test/java/com/nr/instrumentation/security/derby101011/Helper.java +++ b/instrumentation-security/jdbc-embedded-derby-10.2.1.6/src/test/java/com/nr/agent/security/instrumentation/derby10216/Helper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.derby101011; +package com.nr.agent.security.instrumentation.derby10216; import java.sql.Driver; import java.sql.DriverManager; diff --git a/instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/org/h2/DataStoreTest.java b/instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/org/DataStoreTest.java similarity index 98% rename from instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/org/h2/DataStoreTest.java rename to instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/org/DataStoreTest.java index b45e570f6..f2febe511 100644 --- a/instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/org/h2/DataStoreTest.java +++ b/instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/org/DataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.org.h2; +package com.nr.agent.security.instrumentation.h2.org; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/org/h2/H2Test.java b/instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/org/H2Test.java similarity index 98% rename from instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/org/h2/H2Test.java rename to instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/org/H2Test.java index 737537422..46b6a4019 100644 --- a/instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/org/h2/H2Test.java +++ b/instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/org/H2Test.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.org.h2; +package com.nr.agent.security.instrumentation.h2.org; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/security/h2/H2Test.java b/instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/security/H2Test.java similarity index 96% rename from instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/security/h2/H2Test.java rename to instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/security/H2Test.java index 1749f72ac..45923c873 100644 --- a/instrumentation-security/jdbc-h2/src/test/java/com/nr/instrumentation/security/h2/H2Test.java +++ b/instrumentation-security/jdbc-h2/src/test/java/com/nr/agent/security/instrumentation/h2/security/H2Test.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.h2; +package com.nr.agent.security.instrumentation.h2.security; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql1722DataStoreTest.java b/instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql1722DataStoreTest.java similarity index 98% rename from instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql1722DataStoreTest.java rename to instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql1722DataStoreTest.java index a645d4232..07413dec4 100644 --- a/instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql1722DataStoreTest.java +++ b/instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql1722DataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.jdbc.hs; +package com.nr.agent.security.instrumentation.jdbc.hs; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql1722DriverTest.java b/instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql1722DriverTest.java similarity index 98% rename from instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql1722DriverTest.java rename to instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql1722DriverTest.java index fff0bf50e..94d524d3c 100644 --- a/instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql1722DriverTest.java +++ b/instrumentation-security/jdbc-hsqldb-1.7.2.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql1722DriverTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.jdbc.hs; +package com.nr.agent.security.instrumentation.jdbc.hs; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229DataStoreTest.java b/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229DataStoreTest.java similarity index 98% rename from instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229DataStoreTest.java rename to instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229DataStoreTest.java index e485abeac..bd13e1ef7 100644 --- a/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229DataStoreTest.java +++ b/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229DataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.jdbc.hs; +package com.nr.agent.security.instrumentation.jdbc.hs; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229DriverTest.java b/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229DriverTest.java similarity index 98% rename from instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229DriverTest.java rename to instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229DriverTest.java index e0e1a947e..54fda392e 100644 --- a/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229DriverTest.java +++ b/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229DriverTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.jdbc.hs; +package com.nr.agent.security.instrumentation.jdbc.hs; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229PoolTest.java b/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229PoolTest.java similarity index 98% rename from instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229PoolTest.java rename to instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229PoolTest.java index a06096e50..83ce8b155 100644 --- a/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/instrumentation/jdbc/hs/HSql229PoolTest.java +++ b/instrumentation-security/jdbc-hsqldb-2.2.9/src/test/java/com/nr/agent/security/instrumentation/jdbc/hs/HSql229PoolTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.jdbc.hs; +package com.nr.agent.security.instrumentation.jdbc.hs; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/instrumentation/security/mariadb117/DataSourceTest.java b/instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb117/DataSourceTest.java similarity index 98% rename from instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/instrumentation/security/mariadb117/DataSourceTest.java rename to instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb117/DataSourceTest.java index c726bfc72..757462b40 100644 --- a/instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/instrumentation/security/mariadb117/DataSourceTest.java +++ b/instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb117/DataSourceTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mariadb117; +package com.nr.agent.security.instrumentation.jdbc.mariadb117; import ch.vorburger.mariadb4j.DB; import ch.vorburger.mariadb4j.DBConfigurationBuilder; diff --git a/instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/instrumentation/security/mariadb117/MariaDb117Test.java b/instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb117/MariaDb117Test.java similarity index 97% rename from instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/instrumentation/security/mariadb117/MariaDb117Test.java rename to instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb117/MariaDb117Test.java index 0c08fb4f4..affcf24e5 100644 --- a/instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/instrumentation/security/mariadb117/MariaDb117Test.java +++ b/instrumentation-security/jdbc-mariadb-1.1.7/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb117/MariaDb117Test.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.mariadb117; +package com.nr.agent.security.instrumentation.jdbc.mariadb117; import ch.vorburger.mariadb4j.DB; import ch.vorburger.mariadb4j.DBConfigurationBuilder; diff --git a/instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/instrumentation/security/mariadb130/DataSourceTest.java b/instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb130/DataSourceTest.java similarity index 98% rename from instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/instrumentation/security/mariadb130/DataSourceTest.java rename to instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb130/DataSourceTest.java index b121c71d1..1af644b47 100644 --- a/instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/instrumentation/security/mariadb130/DataSourceTest.java +++ b/instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb130/DataSourceTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mariadb130; +package com.nr.agent.security.instrumentation.jdbc.mariadb130; import ch.vorburger.mariadb4j.DB; import ch.vorburger.mariadb4j.DBConfigurationBuilder; diff --git a/instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/instrumentation/security/mariadb130/MariaDb130Test.java b/instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb130/MariaDb130Test.java similarity index 97% rename from instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/instrumentation/security/mariadb130/MariaDb130Test.java rename to instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb130/MariaDb130Test.java index 6000497b2..13b8e0c2c 100644 --- a/instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/instrumentation/security/mariadb130/MariaDb130Test.java +++ b/instrumentation-security/jdbc-mariadb-1.3.0/src/test/java/com/nr/agent/security/instrumentation/jdbc/mariadb130/MariaDb130Test.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.mariadb130; +package com.nr.agent.security.instrumentation.jdbc.mariadb130; import ch.vorburger.mariadb4j.DB; import ch.vorburger.mariadb4j.DBConfigurationBuilder; diff --git a/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602DataStoreTest.java b/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602DataStoreTest.java similarity index 99% rename from instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602DataStoreTest.java rename to instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602DataStoreTest.java index 51f4d98f5..d1f92957d 100644 --- a/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602DataStoreTest.java +++ b/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602DataStoreTest.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql602; +package com.nr.agent.security.instrumentation.jdbc.mysql602; import com.mysql.cj.fabric.jdbc.FabricMySQLDataSource; import com.mysql.cj.jdbc.MysqlConnectionPoolDataSource; diff --git a/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602DriverTest.java b/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602DriverTest.java similarity index 98% rename from instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602DriverTest.java rename to instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602DriverTest.java index 1fd51e20a..78c0c628e 100644 --- a/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602DriverTest.java +++ b/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602DriverTest.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql602; +package com.nr.agent.security.instrumentation.jdbc.mysql602; import com.mysql.cj.core.ConnectionString; import com.mysql.cj.jdbc.ConnectionImpl; diff --git a/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602Test.java b/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602Test.java similarity index 99% rename from instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602Test.java rename to instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602Test.java index 0fdece45c..3294a4e70 100644 --- a/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/instrumentation/security/mysql602/MySql602Test.java +++ b/instrumentation-security/jdbc-mysql-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql602/MySql602Test.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql602; +package com.nr.agent.security.instrumentation.jdbc.mysql602; import com.mysql.cj.api.jdbc.JdbcConnection; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; diff --git a/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604DataStoreTest.java b/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604DataStoreTest.java similarity index 99% rename from instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604DataStoreTest.java rename to instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604DataStoreTest.java index 709dedc82..c217b603a 100644 --- a/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604DataStoreTest.java +++ b/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604DataStoreTest.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql604; +package com.nr.agent.security.instrumentation.jdbc.mysql604; import com.mysql.cj.fabric.jdbc.FabricMySQLDataSource; import com.mysql.cj.jdbc.MysqlConnectionPoolDataSource; diff --git a/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604DriverTest.java b/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604DriverTest.java similarity index 99% rename from instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604DriverTest.java rename to instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604DriverTest.java index 8d0cc691f..b23bb5e65 100644 --- a/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604DriverTest.java +++ b/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604DriverTest.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql604; +package com.nr.agent.security.instrumentation.jdbc.mysql604; import com.mysql.cj.core.conf.url.ConnectionUrl; import com.mysql.cj.core.conf.url.HostInfo; diff --git a/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604Test.java b/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604Test.java similarity index 99% rename from instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604Test.java rename to instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604Test.java index 3b7d53047..155476c25 100644 --- a/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/instrumentation/security/mysql604/MySql604Test.java +++ b/instrumentation-security/jdbc-mysql-6.0.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql604/MySql604Test.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql604; +package com.nr.agent.security.instrumentation.jdbc.mysql604; import com.mysql.cj.api.jdbc.JdbcConnection; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; diff --git a/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011DataStoreTest.java b/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011DataStoreTest.java similarity index 99% rename from instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011DataStoreTest.java rename to instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011DataStoreTest.java index b96ddc16f..b4d84ac23 100644 --- a/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011DataStoreTest.java +++ b/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011DataStoreTest.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql8011; +package com.nr.agent.security.instrumentation.jdbc.mysql8011; import com.mysql.cj.jdbc.MysqlConnectionPoolDataSource; import com.mysql.cj.jdbc.MysqlDataSource; diff --git a/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011DriverTest.java b/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011DriverTest.java similarity index 98% rename from instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011DriverTest.java rename to instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011DriverTest.java index 9258946c2..4f63ad3f3 100644 --- a/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011DriverTest.java +++ b/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011DriverTest.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql8011; +package com.nr.agent.security.instrumentation.jdbc.mysql8011; import com.mysql.cj.conf.HostInfo; import com.mysql.cj.jdbc.ConnectionImpl; diff --git a/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011Test.java b/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011Test.java similarity index 99% rename from instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011Test.java rename to instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011Test.java index e91fef637..e82c984e3 100644 --- a/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/instrumentation/security/mysql8011/MySql8011Test.java +++ b/instrumentation-security/jdbc-mysql-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql8011/MySql8011Test.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysql8011; +package com.nr.agent.security.instrumentation.jdbc.mysql8011; import com.mysql.cj.jdbc.JdbcConnection; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; diff --git a/instrumentation-security/jdbc-mysql-connection-5.1.4/src/test/java/com/nr/instrumentation/security/mysqlconnection514/MySqlConnection514Test.java b/instrumentation-security/jdbc-mysql-connection-5.1.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection514/MySqlConnection514Test.java similarity index 99% rename from instrumentation-security/jdbc-mysql-connection-5.1.4/src/test/java/com/nr/instrumentation/security/mysqlconnection514/MySqlConnection514Test.java rename to instrumentation-security/jdbc-mysql-connection-5.1.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection514/MySqlConnection514Test.java index 69d3821f9..c027e8bbb 100644 --- a/instrumentation-security/jdbc-mysql-connection-5.1.4/src/test/java/com/nr/instrumentation/security/mysqlconnection514/MySqlConnection514Test.java +++ b/instrumentation-security/jdbc-mysql-connection-5.1.4/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection514/MySqlConnection514Test.java @@ -5,7 +5,7 @@ * */ -package com.nr.instrumentation.security.mysqlconnection514; +package com.nr.agent.security.instrumentation.jdbc.mysqlconnection514; import com.mysql.jdbc.Connection; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; diff --git a/instrumentation-security/jdbc-mysql-connection-6.0.2/src/test/java/com/nr/instrumentation/security/mysqlconnection602/MySqlConnection602Test.java b/instrumentation-security/jdbc-mysql-connection-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection602/MySqlConnection602Test.java similarity index 99% rename from instrumentation-security/jdbc-mysql-connection-6.0.2/src/test/java/com/nr/instrumentation/security/mysqlconnection602/MySqlConnection602Test.java rename to instrumentation-security/jdbc-mysql-connection-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection602/MySqlConnection602Test.java index d8fd7ae0a..e3f3860ea 100644 --- a/instrumentation-security/jdbc-mysql-connection-6.0.2/src/test/java/com/nr/instrumentation/security/mysqlconnection602/MySqlConnection602Test.java +++ b/instrumentation-security/jdbc-mysql-connection-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection602/MySqlConnection602Test.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysqlconnection602; +package com.nr.agent.security.instrumentation.jdbc.mysqlconnection602; import com.mysql.cj.api.jdbc.JdbcConnection; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; diff --git a/instrumentation-security/jdbc-mysql-connection-8.0.11/src/test/java/com/nr/instrumentation/security/mysqlconnection8011/MySqlConnection8011Test.java b/instrumentation-security/jdbc-mysql-connection-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection8011/MySqlConnection8011Test.java similarity index 99% rename from instrumentation-security/jdbc-mysql-connection-8.0.11/src/test/java/com/nr/instrumentation/security/mysqlconnection8011/MySqlConnection8011Test.java rename to instrumentation-security/jdbc-mysql-connection-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection8011/MySqlConnection8011Test.java index 02bd4b007..6b942b36b 100644 --- a/instrumentation-security/jdbc-mysql-connection-8.0.11/src/test/java/com/nr/instrumentation/security/mysqlconnection8011/MySqlConnection8011Test.java +++ b/instrumentation-security/jdbc-mysql-connection-8.0.11/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysqlconnection8011/MySqlConnection8011Test.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.mysqlconnection8011; +package com.nr.agent.security.instrumentation.jdbc.mysqlconnection8011; import com.mysql.cj.jdbc.JdbcConnection; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; diff --git a/instrumentation-security/jdbc-mysql-multihost-connections-5.1.3/src/test/java/com/nr/instrumentation/security/mysql/multihost/MysqlMultiHost513Test.java b/instrumentation-security/jdbc-mysql-multihost-connections-5.1.3/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql/multihost/MysqlMultiHost513Test.java similarity index 99% rename from instrumentation-security/jdbc-mysql-multihost-connections-5.1.3/src/test/java/com/nr/instrumentation/security/mysql/multihost/MysqlMultiHost513Test.java rename to instrumentation-security/jdbc-mysql-multihost-connections-5.1.3/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql/multihost/MysqlMultiHost513Test.java index a9aa710aa..e8989018c 100644 --- a/instrumentation-security/jdbc-mysql-multihost-connections-5.1.3/src/test/java/com/nr/instrumentation/security/mysql/multihost/MysqlMultiHost513Test.java +++ b/instrumentation-security/jdbc-mysql-multihost-connections-5.1.3/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql/multihost/MysqlMultiHost513Test.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mysql.multihost; +package com.nr.agent.security.instrumentation.jdbc.mysql.multihost; import com.mysql.fabric.jdbc.FabricMySQLDataSource; import com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource; diff --git a/instrumentation-security/jdbc-mysql-multihost-connections-6.0.2/src/test/java/com/nr/instrumentation/security/mysql/multihost/MysqlMultiHost602Test.java b/instrumentation-security/jdbc-mysql-multihost-connections-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql/multihost/MysqlMultiHost602Test.java similarity index 99% rename from instrumentation-security/jdbc-mysql-multihost-connections-6.0.2/src/test/java/com/nr/instrumentation/security/mysql/multihost/MysqlMultiHost602Test.java rename to instrumentation-security/jdbc-mysql-multihost-connections-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql/multihost/MysqlMultiHost602Test.java index e31a9a1f0..d33eeaa29 100644 --- a/instrumentation-security/jdbc-mysql-multihost-connections-6.0.2/src/test/java/com/nr/instrumentation/security/mysql/multihost/MysqlMultiHost602Test.java +++ b/instrumentation-security/jdbc-mysql-multihost-connections-6.0.2/src/test/java/com/nr/agent/security/instrumentation/jdbc/mysql/multihost/MysqlMultiHost602Test.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mysql.multihost; +package com.nr.agent.security.instrumentation.jdbc.mysql.multihost; import com.mysql.cj.core.ConnectionString; import com.mysql.cj.fabric.jdbc.FabricMySQLDataSource; diff --git a/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/build.gradle b/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/build.gradle index 1faa227dc..240eb8cbb 100644 --- a/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/build.gradle +++ b/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/build.gradle @@ -3,7 +3,7 @@ dependencies { implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") implementation("postgresql:postgresql:8.0-312.jdbc3") - testImplementation("org.testcontainers:postgresql:1.17.6") + testImplementation("ru.yandex.qatools.embed:postgresql-embedded:2.10") } jar { diff --git a/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/DataStoreTest.java b/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/DataStoreTest.java similarity index 86% rename from instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/DataStoreTest.java rename to instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/DataStoreTest.java index 646d0429b..413309216 100644 --- a/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/DataStoreTest.java +++ b/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/DataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.postgresql80312; +package com.nr.agent.security.instrumentation.postgresql80312; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,8 +6,10 @@ import com.newrelic.api.agent.Trace; import com.newrelic.api.agent.security.schema.JDBCVendor; import com.newrelic.security.test.marker.Java12IncompatibleTest; +import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.FixMethodOrder; import org.junit.Test; @@ -24,32 +26,53 @@ import org.postgresql.jdbc3.Jdbc3ConnectionPool; import org.postgresql.jdbc3.Jdbc3PoolingDataSource; import org.postgresql.jdbc3.Jdbc3SimpleDataSource; -import org.testcontainers.containers.PostgreSQLContainer; +import ru.yandex.qatools.embed.postgresql.EmbeddedPostgres; +import java.io.IOException; +import java.net.ServerSocket; import java.sql.Connection; import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; + +import static ru.yandex.qatools.embed.postgresql.distribution.Version.Main.V9_6; @Category({ Java12IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) @InstrumentationTestConfig(includePrefixes = "org.postgresql") @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class DataStoreTest { - private static final String DB_USER = "postgres"; - private static final String DB_PASSWORD = "postgres"; + public static final EmbeddedPostgres postgres = new EmbeddedPostgres(V9_6); + public static Connection connection; + private static final String DB_USER = "user"; + private static final String DB_PASSWORD = "password"; private static final String DB_NAME = "test"; - @ClassRule - public static PostgreSQLContainer postgreSQLContainer = new PostgreSQLContainer("postgres:11.1") - .withDatabaseName(DB_NAME) - .withUsername(DB_USER) - .withPassword(DB_PASSWORD); + private static final String HOST = "localhost"; + private static final List QUERIES = new ArrayList<>(); + private static final int PORT = getRandomPort(); - @AfterClass - public static void cleanup() throws SQLException { - if (postgreSQLContainer != null) { - postgreSQLContainer.close(); + @BeforeClass + public static void setup() throws Exception { + QUERIES.add("CREATE TABLE IF NOT EXISTS USERS(id int primary key, first_name varchar(255), last_name varchar(255))"); + QUERIES.add("INSERT INTO USERS(id, first_name, last_name) VALUES(1, 'Max', 'Power')"); + QUERIES.add("SELECT * FROM USERS"); + + postgres.start(HOST, PORT, DB_NAME, DB_USER, DB_PASSWORD); + } + + @After + public void teardown() throws SQLException { + if (connection!=null) { + connection.close(); } } + @AfterClass + public static void stop() { + if (postgres!=null) + postgres.stop(); + } + @Test public void testGetConnectionConnectionPool() throws SQLException { callGetConnectionConnectionPool(); @@ -305,7 +328,7 @@ private void callPoolingDataSource1() throws SQLException { private void getConnection(BaseDataSource baseDataSource) throws SQLException { baseDataSource.setDatabaseName(DB_NAME); - baseDataSource.setPortNumber(postgreSQLContainer.getMappedPort(5432)); + baseDataSource.setPortNumber(PORT); Connection conn = null; try { @@ -323,7 +346,7 @@ private void getConnection1(BaseDataSource baseDataSource) throws SQLException { baseDataSource.setUser(DB_USER); baseDataSource.setPassword(DB_PASSWORD); baseDataSource.setDatabaseName(DB_NAME); - baseDataSource.setPortNumber(postgreSQLContainer.getMappedPort(5432)); + baseDataSource.setPortNumber(PORT); Connection conn = null; try { @@ -336,4 +359,16 @@ private void getConnection1(BaseDataSource baseDataSource) throws SQLException { } } } + + private static int getRandomPort() { + int port; + try { + ServerSocket socket = new ServerSocket(0); + port = socket.getLocalPort(); + socket.close(); + } catch (IOException e) { + throw new RuntimeException("Unable to allocate ephemeral port"); + } + return port; + } } diff --git a/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/DriverTest.java b/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/DriverTest.java similarity index 56% rename from instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/DriverTest.java rename to instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/DriverTest.java index ec8644fd1..52a165ea4 100644 --- a/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/DriverTest.java +++ b/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/DriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.postgresql80312; +package com.nr.agent.security.instrumentation.postgresql80312; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,42 +6,65 @@ import com.newrelic.api.agent.Trace; import com.newrelic.api.agent.security.schema.JDBCVendor; import com.newrelic.security.test.marker.Java12IncompatibleTest; +import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.FixMethodOrder; import org.junit.Test; import org.junit.experimental.categories.Category; import org.junit.runner.RunWith; import org.junit.runners.MethodSorters; -import org.testcontainers.containers.PostgreSQLContainer; +import ru.yandex.qatools.embed.postgresql.EmbeddedPostgres; +import java.io.IOException; +import java.net.ServerSocket; import java.sql.Connection; import java.sql.DriverManager; import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; import java.util.Properties; +import static ru.yandex.qatools.embed.postgresql.distribution.Version.Main.V9_6; + @Category({ Java12IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) @InstrumentationTestConfig(includePrefixes = "org.postgresql") @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class DriverTest { - private static final String DB_USER = "postgres"; - private static final String DB_PASSWORD = "postgres"; + public static final EmbeddedPostgres postgres = new EmbeddedPostgres(V9_6); + public static Connection connection; + private static final String DB_USER = "user"; + private static final String DB_PASSWORD = "password"; private static final String DB_NAME = "test"; - @ClassRule - public static PostgreSQLContainer postgreSQLContainer = new PostgreSQLContainer("postgres:11.1") - .withDatabaseName(DB_NAME) - .withUsername(DB_USER) - .withPassword(DB_PASSWORD); + private static final String HOST = "localhost"; + private static final List QUERIES = new ArrayList<>(); + private static final int PORT = getRandomPort(); - @AfterClass - public static void cleanup() throws SQLException { - if (postgreSQLContainer != null) { - postgreSQLContainer.close(); + @BeforeClass + public static void setup() throws Exception { + QUERIES.add("CREATE TABLE IF NOT EXISTS USERS(id int primary key, first_name varchar(255), last_name varchar(255))"); + QUERIES.add("INSERT INTO USERS(id, first_name, last_name) VALUES(1, 'Max', 'Power')"); + QUERIES.add("SELECT * FROM USERS"); + + postgres.start(HOST, PORT, DB_NAME, DB_USER, DB_PASSWORD); + } + + @After + public void teardown() throws SQLException { + if (connection!=null) { + connection.close(); } } + @AfterClass + public static void stop() { + if (postgres!=null) + postgres.stop(); + } + @Test public void testConnect() throws SQLException { getConnection(); @@ -65,7 +88,7 @@ private void getConnection() throws SQLException { Connection c = null; try { Class.forName("org.postgresql.Driver"); - c = DriverManager.getConnection(postgreSQLContainer.getJdbcUrl(), DB_USER, DB_PASSWORD); + c = DriverManager.getConnection(String.format("jdbc:postgresql://%s:%s/%s", HOST, PORT, DB_NAME), DB_USER, DB_PASSWORD); } catch (Exception e) { System.out.println("Error in DB connection: " + e); } finally { @@ -83,7 +106,7 @@ private void getConnection1() throws SQLException { Properties info = new Properties(); info.put("user", DB_USER); info.put("password", DB_PASSWORD); - c = DriverManager.getConnection(postgreSQLContainer.getJdbcUrl(), info); + c = DriverManager.getConnection(String.format("jdbc:postgresql://%s:%s/%s", HOST, PORT, DB_NAME), info); } catch (Exception e) { System.out.println("Error in DB connection: " + e); } finally { @@ -92,4 +115,16 @@ private void getConnection1() throws SQLException { } } } + + private static int getRandomPort() { + int port; + try { + ServerSocket socket = new ServerSocket(0); + port = socket.getLocalPort(); + socket.close(); + } catch (IOException e) { + throw new RuntimeException("Unable to allocate ephemeral port"); + } + return port; + } } diff --git a/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/PgStatementTest.java b/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/PgStatementTest.java similarity index 83% rename from instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/PgStatementTest.java rename to instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/PgStatementTest.java index 00955fb79..63c84079e 100644 --- a/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/instrumentation/security/postgresql80312/PgStatementTest.java +++ b/instrumentation-security/jdbc-postgresql-8.0-312.jdbc3/src/test/java/com/nr/agent/security/instrumentation/postgresql80312/PgStatementTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.postgresql80312; +package com.nr.agent.security.instrumentation.postgresql80312; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -8,18 +8,20 @@ import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.SQLOperation; import com.newrelic.security.test.marker.Java12IncompatibleTest; +import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; import org.junit.BeforeClass; -import org.junit.ClassRule; import org.junit.FixMethodOrder; import org.junit.Test; import org.junit.experimental.categories.Category; import org.junit.runner.RunWith; import org.junit.runners.MethodSorters; -import org.testcontainers.containers.PostgreSQLContainer; +import ru.yandex.qatools.embed.postgresql.EmbeddedPostgres; +import java.io.IOException; import java.math.BigDecimal; +import java.net.ServerSocket; import java.sql.Connection; import java.sql.Date; import java.sql.DriverManager; @@ -33,36 +35,58 @@ import java.util.List; import java.util.Map; +import static ru.yandex.qatools.embed.postgresql.distribution.Version.Main.V9_6; + @Category({ Java12IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) @InstrumentationTestConfig(includePrefixes = "org.postgresql") @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class PgStatementTest { - private static final String DB_USER = "postgres"; - private static final String DB_PASSWORD = "postgres"; + public static final EmbeddedPostgres postgres = new EmbeddedPostgres(V9_6); + public static Connection CONNECTION; + private static final String DB_USER = "user"; + private static final String DB_PASSWORD = "password"; private static final String DB_NAME = "test"; + private static final String HOST = "localhost"; private static final List QUERIES = new ArrayList<>(); - @ClassRule - public static PostgreSQLContainer postgreSQLContainer = new PostgreSQLContainer("postgres:11.1") - .withDatabaseName(DB_NAME) - .withUsername(DB_USER) - .withPassword(DB_PASSWORD); - private static Connection CONNECTION; + private static final int PORT = getRandomPort(); + + @BeforeClass + public static void setup() throws Exception { + postgres.start(HOST, PORT, DB_NAME, DB_USER, DB_PASSWORD); + + getConnection(); + QUERIES.add( + "CREATE TABLE IF NOT EXISTS USERS(id int primary key, first_name varchar(255), last_name varchar(255), dob date, dot time, dotz timestamptz, active boolean, arr bytea)"); + QUERIES.add("TRUNCATE TABLE USERS"); + QUERIES.add("INSERT INTO USERS(id, first_name, last_name) VALUES(1, 'john', 'doe')"); + QUERIES.add("SELECT * FROM USERS"); + QUERIES.add("UPDATE USERS SET \"last_name\"='Doe' WHERE id=1"); + QUERIES.add( + "select * from users where id=? and id=? and id=? and id=? and id=? and id=? and first_name=? and first_name=? and id=? and dob=? and arr=? and active=? and dot=? and dotz=?"); + QUERIES.add("SELECT * FROM USERS WHERE id=?"); + + // set up data in h2 + Statement stmt = CONNECTION.createStatement(); + stmt.execute(QUERIES.get(0)); + stmt.execute(QUERIES.get(1)); + stmt.execute(QUERIES.get(2)); + stmt.close(); + } @AfterClass - public static void cleanup() throws SQLException { + public static void stop() throws SQLException { + if (postgres!=null) + postgres.stop(); if (CONNECTION != null) { CONNECTION.close(); } - if (postgreSQLContainer != null) { - postgreSQLContainer.close(); - } } public static void getConnection() { try { Class.forName("org.postgresql.Driver"); - CONNECTION = DriverManager.getConnection(postgreSQLContainer.getJdbcUrl(), DB_USER, DB_PASSWORD); + CONNECTION = DriverManager.getConnection(String.format("jdbc:postgresql://%s:%s/%s", HOST, PORT, DB_NAME), DB_USER, DB_PASSWORD); } catch (Exception e) { System.out.println("Error in DB connection: " + e); } @@ -294,4 +318,16 @@ private Map callClearParams() throws SQLException { System.out.println(params); return params; } + + private static int getRandomPort() { + int port; + try { + ServerSocket socket = new ServerSocket(0); + port = socket.getLocalPort(); + socket.close(); + } catch (IOException e) { + throw new RuntimeException("Unable to allocate ephemeral port"); + } + return port; + } } diff --git a/instrumentation-security/jdbc-postgresql-9.4.1207/build.gradle b/instrumentation-security/jdbc-postgresql-9.4.1207/build.gradle index a86e37f3e..772304e09 100644 --- a/instrumentation-security/jdbc-postgresql-9.4.1207/build.gradle +++ b/instrumentation-security/jdbc-postgresql-9.4.1207/build.gradle @@ -3,7 +3,7 @@ dependencies { implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") implementation("org.postgresql:postgresql:9.4.1207") - testImplementation("org.testcontainers:postgresql:1.17.6") + testImplementation("ru.yandex.qatools.embed:postgresql-embedded:2.10") } jar { diff --git a/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/DataStoreTest.java b/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/DataStoreTest.java similarity index 87% rename from instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/DataStoreTest.java rename to instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/DataStoreTest.java index 205001b5f..f99de0c46 100644 --- a/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/DataStoreTest.java +++ b/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/DataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.postgresql941207; +package com.nr.agent.security.instrumentation.postgresql941207; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,8 +6,10 @@ import com.newrelic.api.agent.Trace; import com.newrelic.api.agent.security.schema.JDBCVendor; import com.newrelic.security.test.marker.Java12IncompatibleTest; +import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.FixMethodOrder; import org.junit.Test; @@ -25,32 +27,53 @@ import org.postgresql.jdbc3.Jdbc3PoolingDataSource; import org.postgresql.jdbc3.Jdbc3SimpleDataSource; import org.postgresql.xa.PGXADataSource; -import org.testcontainers.containers.PostgreSQLContainer; +import ru.yandex.qatools.embed.postgresql.EmbeddedPostgres; +import java.io.IOException; +import java.net.ServerSocket; import java.sql.Connection; import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; + +import static ru.yandex.qatools.embed.postgresql.distribution.Version.Main.V9_6; @Category({ Java12IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) @InstrumentationTestConfig(includePrefixes = "org.postgresql") @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class DataStoreTest { - private static final String DB_USER = "postgres"; - private static final String DB_PASSWORD = "postgres"; + public static final EmbeddedPostgres postgres = new EmbeddedPostgres(V9_6); + public static Connection connection; + private static final String DB_USER = "user"; + private static final String DB_PASSWORD = "password"; private static final String DB_NAME = "test"; - @ClassRule - public static PostgreSQLContainer postgreSQLContainer = new PostgreSQLContainer("postgres:11.1") - .withDatabaseName(DB_NAME) - .withUsername(DB_USER) - .withPassword(DB_PASSWORD); + private static final String HOST = "localhost"; + private static final List QUERIES = new ArrayList<>(); + private static final int PORT = getRandomPort(); - @AfterClass - public static void cleanup() throws SQLException { - if (postgreSQLContainer != null) { - postgreSQLContainer.close(); + @BeforeClass + public static void setup() throws Exception { + QUERIES.add("CREATE TABLE IF NOT EXISTS USERS(id int primary key, first_name varchar(255), last_name varchar(255))"); + QUERIES.add("INSERT INTO USERS(id, first_name, last_name) VALUES(1, 'Max', 'Power')"); + QUERIES.add("SELECT * FROM USERS"); + + postgres.start(HOST, PORT, DB_NAME, DB_USER, DB_PASSWORD); + } + + @After + public void teardown() throws SQLException { + if (connection!=null) { + connection.close(); } } + @AfterClass + public static void stop() { + if (postgres!=null) + postgres.stop(); + } + @Test public void testGetConnectionConnectionPool() throws SQLException { callGetConnectionConnectionPool(); @@ -334,7 +357,7 @@ private void callPoolingDataSource1() throws SQLException { private void getConnection(BaseDataSource baseDataSource) throws SQLException { baseDataSource.setDatabaseName(DB_NAME); - baseDataSource.setPortNumber(postgreSQLContainer.getMappedPort(5432)); + baseDataSource.setPortNumber(PORT); Connection conn = null; try { @@ -352,7 +375,7 @@ private void getConnection1(BaseDataSource baseDataSource) throws SQLException { baseDataSource.setUser(DB_USER); baseDataSource.setPassword(DB_PASSWORD); baseDataSource.setDatabaseName(DB_NAME); - baseDataSource.setPortNumber(postgreSQLContainer.getMappedPort(5432)); + baseDataSource.setPortNumber(PORT); Connection conn = null; try { @@ -365,4 +388,16 @@ private void getConnection1(BaseDataSource baseDataSource) throws SQLException { } } } + + private static int getRandomPort() { + int port; + try { + ServerSocket socket = new ServerSocket(0); + port = socket.getLocalPort(); + socket.close(); + } catch (IOException e) { + throw new RuntimeException("Unable to allocate ephemeral port"); + } + return port; + } } diff --git a/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/DriverTest.java b/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/DriverTest.java similarity index 56% rename from instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/DriverTest.java rename to instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/DriverTest.java index 9ef624d7d..92a741464 100644 --- a/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/DriverTest.java +++ b/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/DriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.postgresql941207; +package com.nr.agent.security.instrumentation.postgresql941207; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,42 +6,65 @@ import com.newrelic.api.agent.Trace; import com.newrelic.api.agent.security.schema.JDBCVendor; import com.newrelic.security.test.marker.Java12IncompatibleTest; +import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.FixMethodOrder; import org.junit.Test; import org.junit.experimental.categories.Category; import org.junit.runner.RunWith; import org.junit.runners.MethodSorters; -import org.testcontainers.containers.PostgreSQLContainer; +import ru.yandex.qatools.embed.postgresql.EmbeddedPostgres; +import java.io.IOException; +import java.net.ServerSocket; import java.sql.Connection; import java.sql.DriverManager; import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; import java.util.Properties; +import static ru.yandex.qatools.embed.postgresql.distribution.Version.Main.V9_6; + @Category({ Java12IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) @InstrumentationTestConfig(includePrefixes = "org.postgresql") @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class DriverTest { - private static final String DB_USER = "postgres"; - private static final String DB_PASSWORD = "postgres"; + public static final EmbeddedPostgres postgres = new EmbeddedPostgres(V9_6); + public static Connection connection; + private static final String DB_USER = "user"; + private static final String DB_PASSWORD = "password"; private static final String DB_NAME = "test"; - @ClassRule - public static PostgreSQLContainer postgreSQLContainer = new PostgreSQLContainer("postgres:11.1") - .withDatabaseName(DB_NAME) - .withUsername(DB_USER) - .withPassword(DB_PASSWORD); + private static final String HOST = "localhost"; + private static final List QUERIES = new ArrayList<>(); + private static final int PORT = getRandomPort(); - @AfterClass - public static void cleanup() throws SQLException { - if (postgreSQLContainer != null) { - postgreSQLContainer.close(); + @BeforeClass + public static void setup() throws Exception { + QUERIES.add("CREATE TABLE IF NOT EXISTS USERS(id int primary key, first_name varchar(255), last_name varchar(255))"); + QUERIES.add("INSERT INTO USERS(id, first_name, last_name) VALUES(1, 'Max', 'Power')"); + QUERIES.add("SELECT * FROM USERS"); + + postgres.start(HOST, PORT, DB_NAME, DB_USER, DB_PASSWORD); + } + + @After + public void teardown() throws SQLException { + if (connection!=null) { + connection.close(); } } + @AfterClass + public static void stop() { + if (postgres!=null) + postgres.stop(); + } + @Test public void testConnect() throws SQLException { getConnection(); @@ -65,7 +88,7 @@ private void getConnection() throws SQLException { Connection c = null; try { Class.forName("org.postgresql.Driver"); - c = DriverManager.getConnection(postgreSQLContainer.getJdbcUrl(), DB_USER, DB_PASSWORD); + c = DriverManager.getConnection(String.format("jdbc:postgresql://%s:%s/%s", HOST, PORT, DB_NAME), DB_USER, DB_PASSWORD); } catch (Exception e) { System.out.println("Error in DB connection: " + e); } finally { @@ -83,7 +106,7 @@ private void getConnection1() throws SQLException { Properties info = new Properties(); info.put("user", DB_USER); info.put("password", DB_PASSWORD); - c = DriverManager.getConnection(postgreSQLContainer.getJdbcUrl(), info); + c = DriverManager.getConnection(String.format("jdbc:postgresql://%s:%s/%s", HOST, PORT, DB_NAME), info); } catch (Exception e) { System.out.println("Error in DB connection: " + e); } finally { @@ -92,4 +115,16 @@ private void getConnection1() throws SQLException { } } } + + private static int getRandomPort() { + int port; + try { + ServerSocket socket = new ServerSocket(0); + port = socket.getLocalPort(); + socket.close(); + } catch (IOException e) { + throw new RuntimeException("Unable to allocate ephemeral port"); + } + return port; + } } diff --git a/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/PgStatementTest.java b/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/PgStatementTest.java similarity index 82% rename from instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/PgStatementTest.java rename to instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/PgStatementTest.java index c33aa22b6..48b935998 100644 --- a/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/instrumentation/security/postgresql941207/PgStatementTest.java +++ b/instrumentation-security/jdbc-postgresql-9.4.1207/src/test/java/com/nr/agent/security/instrumentation/postgresql941207/PgStatementTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.postgresql941207; +package com.nr.agent.security.instrumentation.postgresql941207; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -17,9 +17,11 @@ import org.junit.experimental.categories.Category; import org.junit.runner.RunWith; import org.junit.runners.MethodSorters; -import org.testcontainers.containers.PostgreSQLContainer; +import ru.yandex.qatools.embed.postgresql.EmbeddedPostgres; +import java.io.IOException; import java.math.BigDecimal; +import java.net.ServerSocket; import java.sql.Connection; import java.sql.Date; import java.sql.DriverManager; @@ -33,36 +35,58 @@ import java.util.List; import java.util.Map; +import static ru.yandex.qatools.embed.postgresql.distribution.Version.Main.V9_6; + @Category({ Java12IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) @InstrumentationTestConfig(includePrefixes = "org.postgresql") @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class PgStatementTest { - private static final String DB_USER = "postgres"; - private static final String DB_PASSWORD = "postgres"; + public static final EmbeddedPostgres postgres = new EmbeddedPostgres(V9_6); + public static Connection CONNECTION; + private static final String DB_USER = "user"; + private static final String DB_PASSWORD = "password"; private static final String DB_NAME = "test"; + private static final String HOST = "localhost"; private static final List QUERIES = new ArrayList<>(); - @ClassRule - public static PostgreSQLContainer postgreSQLContainer = new PostgreSQLContainer("postgres:11.1") - .withDatabaseName(DB_NAME) - .withUsername(DB_USER) - .withPassword(DB_PASSWORD); - private static Connection CONNECTION; + private static final int PORT = getRandomPort(); + + @BeforeClass + public static void setup() throws Exception { + postgres.start(HOST, PORT, DB_NAME, DB_USER, DB_PASSWORD); + + getConnection(); + QUERIES.add( + "CREATE TABLE IF NOT EXISTS USERS(id int primary key, first_name varchar(255), last_name varchar(255), dob date, dot time, dotz timestamptz, active boolean, arr bytea)"); + QUERIES.add("TRUNCATE TABLE USERS"); + QUERIES.add("INSERT INTO USERS(id, first_name, last_name) VALUES(1, 'john', 'doe')"); + QUERIES.add("SELECT * FROM USERS"); + QUERIES.add("UPDATE USERS SET \"last_name\"='Doe' WHERE id=1"); + QUERIES.add( + "select * from users where id=? and id=? and id=? and id=? and id=? and id=? and first_name=? and first_name=? and id=? and dob=? and arr=? and active=? and dot=? and dotz=?"); + QUERIES.add("SELECT * FROM USERS WHERE id=?"); + + // set up data in h2 + Statement stmt = CONNECTION.createStatement(); + stmt.execute(QUERIES.get(0)); + stmt.execute(QUERIES.get(1)); + stmt.execute(QUERIES.get(2)); + stmt.close(); + } @AfterClass - public static void cleanup() throws SQLException { + public static void stop() throws SQLException { + if (postgres!=null) + postgres.stop(); if (CONNECTION != null) { CONNECTION.close(); } - if (postgreSQLContainer != null) { - postgreSQLContainer.close(); - } } public static void getConnection() { try { Class.forName("org.postgresql.Driver"); - CONNECTION = DriverManager.getConnection(postgreSQLContainer.getJdbcUrl(), DB_USER, DB_PASSWORD); + CONNECTION = DriverManager.getConnection(String.format("jdbc:postgresql://%s:%s/%s", HOST, PORT, DB_NAME), DB_USER, DB_PASSWORD); } catch (Exception e) { System.out.println("Error in DB connection: " + e); } @@ -264,4 +288,16 @@ private Map callClearParams() throws SQLException { System.out.println(params); return params; } + + private static int getRandomPort() { + int port; + try { + ServerSocket socket = new ServerSocket(0); + port = socket.getLocalPort(); + socket.close(); + } catch (IOException e) { + throw new RuntimeException("Unable to allocate ephemeral port"); + } + return port; + } } diff --git a/instrumentation-security/jdbc-postgresql-9.4.1208/build.gradle b/instrumentation-security/jdbc-postgresql-9.4.1208/build.gradle index 785db9eb4..78ca1b7a8 100644 --- a/instrumentation-security/jdbc-postgresql-9.4.1208/build.gradle +++ b/instrumentation-security/jdbc-postgresql-9.4.1208/build.gradle @@ -3,7 +3,7 @@ dependencies { implementation("com.newrelic.agent.java:newrelic-api:${nrAPIVersion}") implementation("com.newrelic.agent.java:newrelic-weaver-api:${nrAPIVersion}") implementation("org.postgresql:postgresql:9.4.1208") - testImplementation("org.testcontainers:postgresql:1.17.6") + testImplementation("ru.yandex.qatools.embed:postgresql-embedded:2.10") } diff --git a/instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/instrumentation/security/postgresql941208/DataStoreTest.java b/instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/agent/security/instrumentation/postgresql941208/DataStoreTest.java similarity index 87% rename from instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/instrumentation/security/postgresql941208/DataStoreTest.java rename to instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/agent/security/instrumentation/postgresql941208/DataStoreTest.java index eabbcb966..336e52ad7 100644 --- a/instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/instrumentation/security/postgresql941208/DataStoreTest.java +++ b/instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/agent/security/instrumentation/postgresql941208/DataStoreTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.postgresql941208; +package com.nr.agent.security.instrumentation.postgresql941208; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,8 +6,10 @@ import com.newrelic.api.agent.Trace; import com.newrelic.api.agent.security.schema.JDBCVendor; import com.newrelic.security.test.marker.Java12IncompatibleTest; +import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.FixMethodOrder; import org.junit.Test; @@ -25,32 +27,53 @@ import org.postgresql.jdbc3.Jdbc3PoolingDataSource; import org.postgresql.jdbc3.Jdbc3SimpleDataSource; import org.postgresql.xa.PGXADataSource; -import org.testcontainers.containers.PostgreSQLContainer; +import ru.yandex.qatools.embed.postgresql.EmbeddedPostgres; +import java.io.IOException; +import java.net.ServerSocket; import java.sql.Connection; import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; + +import static ru.yandex.qatools.embed.postgresql.distribution.Version.Main.V9_6; @Category({ Java12IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) @InstrumentationTestConfig(includePrefixes = "org.postgresql") @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class DataStoreTest { - private static final String DB_USER = "postgres"; - private static final String DB_PASSWORD = "postgres"; + public static final EmbeddedPostgres postgres = new EmbeddedPostgres(V9_6); + public static Connection connection; + private static final String DB_USER = "user"; + private static final String DB_PASSWORD = "password"; private static final String DB_NAME = "test"; - @ClassRule - public static PostgreSQLContainer postgreSQLContainer = new PostgreSQLContainer("postgres:11.1") - .withDatabaseName(DB_NAME) - .withUsername(DB_USER) - .withPassword(DB_PASSWORD); + private static final String HOST = "localhost"; + private static final List QUERIES = new ArrayList<>(); + private static final int PORT = getRandomPort(); - @AfterClass - public static void cleanup() throws SQLException { - if (postgreSQLContainer != null) { - postgreSQLContainer.close(); + @BeforeClass + public static void setup() throws Exception { + QUERIES.add("CREATE TABLE IF NOT EXISTS USERS(id int primary key, first_name varchar(255), last_name varchar(255))"); + QUERIES.add("INSERT INTO USERS(id, first_name, last_name) VALUES(1, 'Max', 'Power')"); + QUERIES.add("SELECT * FROM USERS"); + + postgres.start(HOST, PORT, DB_NAME, DB_USER, DB_PASSWORD); + } + + @After + public void teardown() throws SQLException { + if (connection!=null) { + connection.close(); } } + @AfterClass + public static void stop() { + if (postgres!=null) + postgres.stop(); + } + @Test public void testGetConnectionConnectionPool() throws SQLException { callGetConnectionConnectionPool(); @@ -334,7 +357,7 @@ private void callPoolingDataSource1() throws SQLException { private void getConnection(BaseDataSource baseDataSource) throws SQLException { baseDataSource.setDatabaseName(DB_NAME); - baseDataSource.setPortNumber(postgreSQLContainer.getMappedPort(5432)); + baseDataSource.setPortNumber(PORT); Connection conn = null; try { @@ -352,7 +375,7 @@ private void getConnection1(BaseDataSource baseDataSource) throws SQLException { baseDataSource.setUser(DB_USER); baseDataSource.setPassword(DB_PASSWORD); baseDataSource.setDatabaseName(DB_NAME); - baseDataSource.setPortNumber(postgreSQLContainer.getMappedPort(5432)); + baseDataSource.setPortNumber(PORT); Connection conn = null; try { @@ -365,4 +388,16 @@ private void getConnection1(BaseDataSource baseDataSource) throws SQLException { } } } + + private static int getRandomPort() { + int port; + try { + ServerSocket socket = new ServerSocket(0); + port = socket.getLocalPort(); + socket.close(); + } catch (IOException e) { + throw new RuntimeException("Unable to allocate ephemeral port"); + } + return port; + } } diff --git a/instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/instrumentation/security/postgresql941208/DriverTest.java b/instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/agent/security/instrumentation/postgresql941208/DriverTest.java similarity index 55% rename from instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/instrumentation/security/postgresql941208/DriverTest.java rename to instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/agent/security/instrumentation/postgresql941208/DriverTest.java index 7258bd1ce..1dc172a07 100644 --- a/instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/instrumentation/security/postgresql941208/DriverTest.java +++ b/instrumentation-security/jdbc-postgresql-9.4.1208/src/test/java/com/nr/agent/security/instrumentation/postgresql941208/DriverTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.postgresql941208; +package com.nr.agent.security.instrumentation.postgresql941208; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,42 +6,66 @@ import com.newrelic.api.agent.Trace; import com.newrelic.api.agent.security.schema.JDBCVendor; import com.newrelic.security.test.marker.Java12IncompatibleTest; +import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.FixMethodOrder; import org.junit.Test; import org.junit.experimental.categories.Category; import org.junit.runner.RunWith; import org.junit.runners.MethodSorters; -import org.testcontainers.containers.PostgreSQLContainer; +import ru.yandex.qatools.embed.postgresql.EmbeddedPostgres; +import java.io.IOException; +import java.net.ServerSocket; import java.sql.Connection; import java.sql.DriverManager; import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; import java.util.Properties; +import static ru.yandex.qatools.embed.postgresql.distribution.Version.Main.V9_6; +import static ru.yandex.qatools.embed.postgresql.distribution.Version.V11_1; + @Category({ Java12IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) @InstrumentationTestConfig(includePrefixes = "org.postgresql") @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class DriverTest { - private static final String DB_USER = "postgres"; - private static final String DB_PASSWORD = "postgres"; + public static final EmbeddedPostgres postgres = new EmbeddedPostgres(V9_6); + public static Connection connection; + private static final String DB_USER = "user"; + private static final String DB_PASSWORD = "password"; private static final String DB_NAME = "test"; - @ClassRule - public static PostgreSQLContainer postgreSQLContainer = new PostgreSQLContainer("postgres:11.1") - .withDatabaseName(DB_NAME) - .withUsername(DB_USER) - .withPassword(DB_PASSWORD); + private static final String HOST = "localhost"; + private static final List QUERIES = new ArrayList<>(); + private static final int PORT = getRandomPort(); - @AfterClass - public static void cleanup() throws SQLException { - if (postgreSQLContainer != null) { - postgreSQLContainer.close(); + @BeforeClass + public static void setup() throws Exception { + QUERIES.add("CREATE TABLE IF NOT EXISTS USERS(id int primary key, first_name varchar(255), last_name varchar(255))"); + QUERIES.add("INSERT INTO USERS(id, first_name, last_name) VALUES(1, 'Max', 'Power')"); + QUERIES.add("SELECT * FROM USERS"); + + postgres.start(HOST, PORT, DB_NAME, DB_USER, DB_PASSWORD); + } + + @After + public void teardown() throws SQLException { + if (connection!=null) { + connection.close(); } } + @AfterClass + public static void stop() { + if (postgres!=null) + postgres.stop(); + } + @Test public void testConnect() throws SQLException { getConnection(); @@ -65,7 +89,7 @@ private void getConnection() throws SQLException { Connection c = null; try { Class.forName("org.postgresql.Driver"); - c = DriverManager.getConnection(postgreSQLContainer.getJdbcUrl(), DB_USER, DB_PASSWORD); + c = DriverManager.getConnection(String.format("jdbc:postgresql://%s:%s/%s", HOST, PORT, DB_NAME), DB_USER, DB_PASSWORD); } catch (Exception e) { System.out.println("Error in DB connection: " + e); } finally { @@ -83,7 +107,7 @@ private void getConnection1() throws SQLException { Properties info = new Properties(); info.put("user", DB_USER); info.put("password", DB_PASSWORD); - c = DriverManager.getConnection(postgreSQLContainer.getJdbcUrl(), info); + c = DriverManager.getConnection(String.format("jdbc:postgresql://%s:%s/%s", HOST, PORT, DB_NAME), info); } catch (Exception e) { System.out.println("Error in DB connection: " + e); } finally { @@ -92,4 +116,16 @@ private void getConnection1() throws SQLException { } } } + + private static int getRandomPort() { + int port; + try { + ServerSocket socket = new ServerSocket(0); + port = socket.getLocalPort(); + socket.close(); + } catch (IOException e) { + throw new RuntimeException("Unable to allocate ephemeral port"); + } + return port; + } } diff --git a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/ContextHandler_Instrumentation.java b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/ContextHandler_Instrumentation.java similarity index 96% rename from instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/ContextHandler_Instrumentation.java rename to instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/ContextHandler_Instrumentation.java index 43ac58d7e..734ad779c 100644 --- a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/ContextHandler_Instrumentation.java +++ b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/ContextHandler_Instrumentation.java @@ -1,4 +1,4 @@ -package security.org.eclipse.jetty11.server; +package com.newrelic.agent.security.instrumentation.jetty11; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; diff --git a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/Handler_Instrumentation.java b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/Handler_Instrumentation.java similarity index 91% rename from instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/Handler_Instrumentation.java rename to instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/Handler_Instrumentation.java index 0eb6c3e48..1b602cd9d 100644 --- a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/Handler_Instrumentation.java +++ b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/Handler_Instrumentation.java @@ -1,4 +1,4 @@ -package security.org.eclipse.jetty11.server; +package com.newrelic.agent.security.instrumentation.jetty11; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.weaver.MatchType; diff --git a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/HttpServletHelper.java b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/HttpServletHelper.java similarity index 99% rename from instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/HttpServletHelper.java rename to instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/HttpServletHelper.java index bc1b55fde..20e96bcc1 100644 --- a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/HttpServletHelper.java +++ b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/HttpServletHelper.java @@ -1,4 +1,4 @@ -package security.org.eclipse.jetty11.server; +package com.newrelic.agent.security.instrumentation.jetty11; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/Server_Instrumentation.java b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/Server_Instrumentation.java similarity index 97% rename from instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/Server_Instrumentation.java rename to instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/Server_Instrumentation.java index 82787e6a5..30c3a7b86 100644 --- a/instrumentation-security/jetty-11/src/main/java/security/org/eclipse/jetty11/server/Server_Instrumentation.java +++ b/instrumentation-security/jetty-11/src/main/java/com/newrelic/agent/security/instrumentation/jetty11/Server_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package security.org.eclipse.jetty11.server; +package com.newrelic.agent.security.instrumentation.jetty11; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; diff --git a/instrumentation-security/jetty-11/src/test/java/com/nr/instrumetation/security/jetty11/ServerTest.java b/instrumentation-security/jetty-11/src/test/java/com/nr/agent/security/instrumentation/jetty11/ServerTest.java similarity index 98% rename from instrumentation-security/jetty-11/src/test/java/com/nr/instrumetation/security/jetty11/ServerTest.java rename to instrumentation-security/jetty-11/src/test/java/com/nr/agent/security/instrumentation/jetty11/ServerTest.java index 4a9782d75..71a73dd60 100644 --- a/instrumentation-security/jetty-11/src/test/java/com/nr/instrumetation/security/jetty11/ServerTest.java +++ b/instrumentation-security/jetty-11/src/test/java/com/nr/agent/security/instrumentation/jetty11/ServerTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumetation.security.jetty11; +package com.nr.agent.security.instrumentation.jetty11; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -9,7 +9,7 @@ import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; -import security.org.eclipse.jetty11.server.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.jetty11.HttpServletHelper; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.handler.AbstractHandler; @@ -35,7 +35,7 @@ @FixMethodOrder(MethodSorters.NAME_ASCENDING) @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"security.org.eclipse.jetty11"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.jetty11"}) public class ServerTest { public final static int PORT = getRandomPort(); public final static String ENDPOINT = String.format("http://localhost:%d/", PORT); diff --git a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/ContextHandler_Instrumentation.java b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/ContextHandler_Instrumentation.java similarity index 96% rename from instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/ContextHandler_Instrumentation.java rename to instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/ContextHandler_Instrumentation.java index ce32bfcc6..10e5b07ac 100644 --- a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/ContextHandler_Instrumentation.java +++ b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/ContextHandler_Instrumentation.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jetty9; +package com.newrelic.agent.security.instrumentation.jetty9; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; diff --git a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/Handler_Instrumentation.java b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/Handler_Instrumentation.java similarity index 92% rename from instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/Handler_Instrumentation.java rename to instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/Handler_Instrumentation.java index cb18e75f3..0d4f095ed 100644 --- a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/Handler_Instrumentation.java +++ b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/Handler_Instrumentation.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jetty9; +package com.newrelic.agent.security.instrumentation.jetty9; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.weaver.MatchType; diff --git a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/HttpServletHelper.java b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/HttpServletHelper.java similarity index 99% rename from instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/HttpServletHelper.java rename to instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/HttpServletHelper.java index 4a0335e1d..68089011e 100644 --- a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/HttpServletHelper.java +++ b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/HttpServletHelper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jetty9; +package com.newrelic.agent.security.instrumentation.jetty9; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/Server_Instrumentation.java b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/Server_Instrumentation.java similarity index 95% rename from instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/Server_Instrumentation.java rename to instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/Server_Instrumentation.java index 27cf63429..d3f632687 100644 --- a/instrumentation-security/jetty-9/src/main/java/com/nr/instrumentation/security/jetty9/Server_Instrumentation.java +++ b/instrumentation-security/jetty-9/src/main/java/com/newrelic/agent/security/instrumentation/jetty9/Server_Instrumentation.java @@ -5,12 +5,11 @@ * */ -package com.nr.instrumentation.security.jetty9; +package com.newrelic.agent.security.instrumentation.jetty9; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.jetty9.HttpServletHelper; import org.eclipse.jetty.server.HttpChannel; import javax.servlet.http.HttpServletRequest; diff --git a/instrumentation-security/jetty-9/src/test/java/com/nr/instrumetation/security/jetty9/ServerTest.java b/instrumentation-security/jetty-9/src/test/java/com/nr/agent/security/instrumentation/jetty9/ServerTest.java similarity index 98% rename from instrumentation-security/jetty-9/src/test/java/com/nr/instrumetation/security/jetty9/ServerTest.java rename to instrumentation-security/jetty-9/src/test/java/com/nr/agent/security/instrumentation/jetty9/ServerTest.java index 5e84afaca..4ff76d7cc 100644 --- a/instrumentation-security/jetty-9/src/test/java/com/nr/instrumetation/security/jetty9/ServerTest.java +++ b/instrumentation-security/jetty-9/src/test/java/com/nr/agent/security/instrumentation/jetty9/ServerTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumetation.security.jetty9; +package com.nr.agent.security.instrumentation.jetty9; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -9,7 +9,7 @@ import com.newrelic.api.agent.security.schema.AgentMetaData; import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.RXSSOperation; -import com.nr.instrumentation.security.jetty9.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.jetty9.HttpServletHelper; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.handler.AbstractHandler; @@ -35,7 +35,7 @@ @FixMethodOrder(MethodSorters.NAME_ASCENDING) @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"org.eclipse.jetty", "com.nr.instrumentation.security.jetty9"}) +@InstrumentationTestConfig(includePrefixes = {"org.eclipse.jetty", "com.newrelic.agent.security.instrumentation.jetty9"}) public class ServerTest { public final static int PORT = getRandomPort(); public final static String ENDPOINT = String.format("http://localhost:%d/", PORT); diff --git a/instrumentation-security/jsp-2.4/src/test/java/com/nr/instrumentation/security/jsp24/HttpJspPageTest.java b/instrumentation-security/jsp-2.4/src/test/java/com/nr/agent/security/instrumentation/jsp24/HttpJspPageTest.java similarity index 98% rename from instrumentation-security/jsp-2.4/src/test/java/com/nr/instrumentation/security/jsp24/HttpJspPageTest.java rename to instrumentation-security/jsp-2.4/src/test/java/com/nr/agent/security/instrumentation/jsp24/HttpJspPageTest.java index bb2064b27..d79bce835 100644 --- a/instrumentation-security/jsp-2.4/src/test/java/com/nr/instrumentation/security/jsp24/HttpJspPageTest.java +++ b/instrumentation-security/jsp-2.4/src/test/java/com/nr/agent/security/instrumentation/jsp24/HttpJspPageTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jsp24; +package com.nr.agent.security.instrumentation.jsp24; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/jsp-3/src/test/java/com/nr/instrumentation/security/jsp24/HttpJspPageTest.java b/instrumentation-security/jsp-3/src/test/java/com/nr/agent/security/instrumentation/jsp3/HttpJspPageTest.java similarity index 98% rename from instrumentation-security/jsp-3/src/test/java/com/nr/instrumentation/security/jsp24/HttpJspPageTest.java rename to instrumentation-security/jsp-3/src/test/java/com/nr/agent/security/instrumentation/jsp3/HttpJspPageTest.java index 987540bae..53417a1e4 100644 --- a/instrumentation-security/jsp-3/src/test/java/com/nr/instrumentation/security/jsp24/HttpJspPageTest.java +++ b/instrumentation-security/jsp-3/src/test/java/com/nr/agent/security/instrumentation/jsp3/HttpJspPageTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.jsp24; +package com.nr.agent.security.instrumentation.jsp3; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/ldaptive-1.0/src/main/java/com/nr/instrumentation/security/ldaptive1x/ldap/LDAPUtils.java b/instrumentation-security/ldaptive-1.0/src/main/java/com/newrelic/agent/security/instrumentation/ldaptive1/LDAPUtils.java similarity index 73% rename from instrumentation-security/ldaptive-1.0/src/main/java/com/nr/instrumentation/security/ldaptive1x/ldap/LDAPUtils.java rename to instrumentation-security/ldaptive-1.0/src/main/java/com/newrelic/agent/security/instrumentation/ldaptive1/LDAPUtils.java index 949e86bf9..eab7249d6 100644 --- a/instrumentation-security/ldaptive-1.0/src/main/java/com/nr/instrumentation/security/ldaptive1x/ldap/LDAPUtils.java +++ b/instrumentation-security/ldaptive-1.0/src/main/java/com/newrelic/agent/security/instrumentation/ldaptive1/LDAPUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.ldaptive1x.ldap; +package com.newrelic.agent.security.instrumentation.ldaptive1; public class LDAPUtils { diff --git a/instrumentation-security/ldaptive-1.0/src/main/java/org/ldaptive/AbstractOperation_Instrumentation.java b/instrumentation-security/ldaptive-1.0/src/main/java/org/ldaptive/AbstractOperation_Instrumentation.java index a11303b41..dd3f53175 100644 --- a/instrumentation-security/ldaptive-1.0/src/main/java/org/ldaptive/AbstractOperation_Instrumentation.java +++ b/instrumentation-security/ldaptive-1.0/src/main/java/org/ldaptive/AbstractOperation_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.ldaptive1x.ldap.LDAPUtils; +import com.newrelic.agent.security.instrumentation.ldaptive1.LDAPUtils; @Weave(type = MatchType.BaseClass, originalName = "org.ldaptive.AbstractOperation") public abstract class AbstractOperation_Instrumentation diff --git a/instrumentation-security/ldaptive-1.0/src/test/java/com/nr/instrumentation/security/ldaptive1/AbstractOperationTest.java b/instrumentation-security/ldaptive-1.0/src/test/java/com/nr/agent/security/instrumentation/ldaptive1/AbstractOperationTest.java similarity index 99% rename from instrumentation-security/ldaptive-1.0/src/test/java/com/nr/instrumentation/security/ldaptive1/AbstractOperationTest.java rename to instrumentation-security/ldaptive-1.0/src/test/java/com/nr/agent/security/instrumentation/ldaptive1/AbstractOperationTest.java index 2385b545e..c5fc66f28 100644 --- a/instrumentation-security/ldaptive-1.0/src/test/java/com/nr/instrumentation/security/ldaptive1/AbstractOperationTest.java +++ b/instrumentation-security/ldaptive-1.0/src/test/java/com/nr/agent/security/instrumentation/ldaptive1/AbstractOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.ldaptive1; +package com.nr.agent.security.instrumentation.ldaptive1; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -29,7 +29,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "org.ldaptive", "com.nr.instrumentation.security.apache.ldap.LDAPUtils" }) +@InstrumentationTestConfig(includePrefixes = { "org.ldaptive", "com.newrelic.agent.security.instrumentation.ldaptive1.LDAPUtils" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class AbstractOperationTest { public static final String DOMAIN_DSN = "dc=example,dc=com"; diff --git a/instrumentation-security/ldaptive-2.0/src/main/java/com/nr/instrumentation/security/ldaptive2x/ldap/LDAPUtils.java b/instrumentation-security/ldaptive-2.0/src/main/java/com/newrelic/agent/security/instrumentation/ldaptive2/LDAPUtils.java similarity index 86% rename from instrumentation-security/ldaptive-2.0/src/main/java/com/nr/instrumentation/security/ldaptive2x/ldap/LDAPUtils.java rename to instrumentation-security/ldaptive-2.0/src/main/java/com/newrelic/agent/security/instrumentation/ldaptive2/LDAPUtils.java index 552454fe3..6752f85e7 100644 --- a/instrumentation-security/ldaptive-2.0/src/main/java/com/nr/instrumentation/security/ldaptive2x/ldap/LDAPUtils.java +++ b/instrumentation-security/ldaptive-2.0/src/main/java/com/newrelic/agent/security/instrumentation/ldaptive2/LDAPUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.ldaptive2x.ldap; +package com.newrelic.agent.security.instrumentation.ldaptive2; public class LDAPUtils { diff --git a/instrumentation-security/ldaptive-2.0/src/main/java/org/ldaptive/AbstractOperation_Instrumentation.java b/instrumentation-security/ldaptive-2.0/src/main/java/org/ldaptive/AbstractOperation_Instrumentation.java index 4fe106756..920eaafc3 100644 --- a/instrumentation-security/ldaptive-2.0/src/main/java/org/ldaptive/AbstractOperation_Instrumentation.java +++ b/instrumentation-security/ldaptive-2.0/src/main/java/org/ldaptive/AbstractOperation_Instrumentation.java @@ -8,7 +8,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.ldaptive2x.ldap.LDAPUtils; +import com.newrelic.agent.security.instrumentation.ldaptive2.LDAPUtils; import org.ldaptive.filter.Filter; @Weave(type = MatchType.BaseClass, originalName = "org.ldaptive.AbstractOperation") diff --git a/instrumentation-security/ldaptive-2.0/src/main/java/org/ldaptive/filter/FilterParser_Instrumentation.java b/instrumentation-security/ldaptive-2.0/src/main/java/org/ldaptive/filter/FilterParser_Instrumentation.java index 219a3af25..b41f10ef2 100644 --- a/instrumentation-security/ldaptive-2.0/src/main/java/org/ldaptive/filter/FilterParser_Instrumentation.java +++ b/instrumentation-security/ldaptive-2.0/src/main/java/org/ldaptive/filter/FilterParser_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.ldaptive2x.ldap.LDAPUtils; +import com.newrelic.agent.security.instrumentation.ldaptive2.LDAPUtils; @Weave(type = MatchType.ExactClass, originalName = "org.ldaptive.filter.FilterParser") public final class FilterParser_Instrumentation { diff --git a/instrumentation-security/ldaptive-2.0/src/test/java/com/nr/instrumentation/security/ldaptive2/AbstractOperationTest.java b/instrumentation-security/ldaptive-2.0/src/test/java/com/nr/agent/security/instrumentation/ldaptive2/AbstractOperationTest.java similarity index 99% rename from instrumentation-security/ldaptive-2.0/src/test/java/com/nr/instrumentation/security/ldaptive2/AbstractOperationTest.java rename to instrumentation-security/ldaptive-2.0/src/test/java/com/nr/agent/security/instrumentation/ldaptive2/AbstractOperationTest.java index 31696eba5..95d195c4f 100644 --- a/instrumentation-security/ldaptive-2.0/src/test/java/com/nr/instrumentation/security/ldaptive2/AbstractOperationTest.java +++ b/instrumentation-security/ldaptive-2.0/src/test/java/com/nr/agent/security/instrumentation/ldaptive2/AbstractOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.ldaptive2; +package com.nr.agent.security.instrumentation.ldaptive2; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -29,7 +29,7 @@ @Category({ Java8IncompatibleTest.class, Java9IncompatibleTest.class }) @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "org.ldaptive", "com.nr.instrumentation.security.apache.ldap.LDAPUtils" }) +@InstrumentationTestConfig(includePrefixes = { "org.ldaptive", "com.newrelic.agent.security.instrumentation.ldaptive2.LDAPUtils" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class AbstractOperationTest { public static final String DOMAIN_DSN = "dc=example,dc=com"; diff --git a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/RandomUtils.java b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/RandomUtils.java similarity index 79% rename from instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/RandomUtils.java rename to instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/RandomUtils.java index bf4c5d368..634fc0abb 100644 --- a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/RandomUtils.java +++ b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/RandomUtils.java @@ -1,4 +1,4 @@ -package com.nr.agent.security.random; +package com.newrelic.agent.security.instrumentation.random; public class RandomUtils { public static final String SECURE_RANDOM = "SECURERANDOM"; diff --git a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/io/File_Instrumentation.java b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/io/File_Instrumentation.java similarity index 88% rename from instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/io/File_Instrumentation.java rename to instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/io/File_Instrumentation.java index ce9893321..f325419ae 100644 --- a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/io/File_Instrumentation.java +++ b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/io/File_Instrumentation.java @@ -1,6 +1,5 @@ -package com.nr.agent.security.random.java.io; +package com.newrelic.agent.security.instrumentation.random.java.io; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.FileHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; @@ -14,9 +13,6 @@ import java.util.ArrayList; import java.util.List; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.BaseClass, originalName = "java.io.File") public abstract class File_Instrumentation { public abstract String getName(); @@ -25,7 +21,7 @@ public abstract class File_Instrumentation { public boolean exists() { boolean isFileLockAcquired = acquireFileLockIfPossible(); - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); AbstractOperation operation = null; if (isOwaspHookEnabled && isFileLockAcquired && !FileHelper.skipExistsEvent(this.getName()) && LowSeverityHelper.isOwaspHookProcessingNeeded()) { @@ -35,7 +31,9 @@ public boolean exists() { try { returnVal = Weaver.callOriginal(); } finally { - registerExitOperation(isFileLockAcquired, operation); + if (isOwaspHookEnabled) { + registerExitOperation(isFileLockAcquired, operation); + } if (isFileLockAcquired) { releaseFileLock(); } diff --git a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/security/KeyPairGenerator_Instrumentation.java b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/security/KeyPairGenerator_Instrumentation.java similarity index 86% rename from instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/security/KeyPairGenerator_Instrumentation.java rename to instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/security/KeyPairGenerator_Instrumentation.java index 623c9952e..c9be47777 100644 --- a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/security/KeyPairGenerator_Instrumentation.java +++ b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/security/KeyPairGenerator_Instrumentation.java @@ -1,6 +1,5 @@ -package com.nr.agent.security.random.java.security; +package com.newrelic.agent.security.instrumentation.random.java.security; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; @@ -16,14 +15,11 @@ import java.security.KeyPairGenerator; import java.security.Provider; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.ExactClass, originalName = "java.security.KeyPairGenerator") public class KeyPairGenerator_Instrumentation { public static KeyPairGenerator getInstance(String algorithm) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, StringUtils.EMPTY, KeyPairGenerator.class.getName(), "getInstance", "KEYPAIRGENERATOR"); } @@ -40,7 +36,7 @@ public static KeyPairGenerator getInstance(String algorithm) { public static KeyPairGenerator getInstance(String algorithm, String provider) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, provider, KeyPairGenerator.class.getName(), "getInstance", "KEYPAIRGENERATOR"); } @@ -57,7 +53,7 @@ public static KeyPairGenerator getInstance(String algorithm, String provider) { public static KeyPairGenerator getInstance(String algorithm, Provider provider) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, provider.getClass().getSimpleName(), KeyPairGenerator.class.getName(), "getInstance", "KEYPAIRGENERATOR"); } diff --git a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/security/MessageDigest_Instrumentation.java b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/security/MessageDigest_Instrumentation.java similarity index 86% rename from instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/security/MessageDigest_Instrumentation.java rename to instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/security/MessageDigest_Instrumentation.java index a78485ee3..11a525a63 100644 --- a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/security/MessageDigest_Instrumentation.java +++ b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/security/MessageDigest_Instrumentation.java @@ -1,6 +1,5 @@ -package com.nr.agent.security.random.java.security; +package com.newrelic.agent.security.instrumentation.random.java.security; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; @@ -15,15 +14,12 @@ import java.security.MessageDigest; import java.security.Provider; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.ExactClass, originalName = "java.security.MessageDigest") public class MessageDigest_Instrumentation { public static MessageDigest getInstance(String algorithm) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, StringUtils.EMPTY, MessageDigest.class.getName(), "getInstance"); } @@ -40,7 +36,7 @@ public static MessageDigest getInstance(String algorithm) { public static MessageDigest getInstance(String algorithm, String provider) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, provider, MessageDigest.class.getName(), "getInstance"); } @@ -57,7 +53,7 @@ public static MessageDigest getInstance(String algorithm, String provider) { public static MessageDigest getInstance(String algorithm, Provider provider) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, provider.getClass().getSimpleName(), MessageDigest.class.getName(), "getInstance"); } diff --git a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/util/Random_Instrumentation.java b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/util/Random_Instrumentation.java similarity index 85% rename from instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/util/Random_Instrumentation.java rename to instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/util/Random_Instrumentation.java index a7baa9c38..32864dd7e 100644 --- a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/java/util/Random_Instrumentation.java +++ b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/java/util/Random_Instrumentation.java @@ -1,6 +1,5 @@ -package com.nr.agent.security.random.java.util; +package com.newrelic.agent.security.instrumentation.random.java.util; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; @@ -11,14 +10,12 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.random.RandomUtils; +import com.newrelic.agent.security.instrumentation.random.RandomUtils; import java.security.SecureRandom; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; -import static com.nr.agent.security.random.RandomUtils.SECURE_RANDOM; -import static com.nr.agent.security.random.RandomUtils.WEAK_RANDOM; +import static com.newrelic.agent.security.instrumentation.random.RandomUtils.SECURE_RANDOM; +import static com.newrelic.agent.security.instrumentation.random.RandomUtils.WEAK_RANDOM; @Weave(type = MatchType.BaseClass, originalName = "java.util.Random") public class Random_Instrumentation { @@ -26,7 +23,7 @@ public class Random_Instrumentation { public int nextInt() { boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(getClass().getName(), "nextInt"); @@ -48,7 +45,7 @@ public int nextInt() { public int nextInt(int bound) { boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(getClass().getName(), "nextInt"); @@ -70,7 +67,7 @@ public int nextInt(int bound) { public void nextBytes(byte[] bytes) { boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(getClass().getName(), "nextBytes"); @@ -90,7 +87,7 @@ public void nextBytes(byte[] bytes) { public long nextLong() { boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(getClass().getName(), "nextLong"); @@ -112,7 +109,7 @@ public long nextLong() { public float nextFloat() { boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(getClass().getName(), "nextFloat"); @@ -134,7 +131,7 @@ public float nextFloat() { public double nextDouble() { boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(getClass().getName(), "nextDouble"); @@ -156,7 +153,7 @@ public double nextDouble() { public double nextGaussian() { boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(getClass().getName(), "nextGaussian"); @@ -178,7 +175,7 @@ public double nextGaussian() { public boolean nextBoolean() { boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(getClass().getName(), "nextBoolean"); diff --git a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/javax/crypto/Cipher_Instrumentation.java b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/javax/crypto/Cipher_Instrumentation.java similarity index 87% rename from instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/javax/crypto/Cipher_Instrumentation.java rename to instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/javax/crypto/Cipher_Instrumentation.java index 68012dcb9..eb9b7eb51 100644 --- a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/javax/crypto/Cipher_Instrumentation.java +++ b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/javax/crypto/Cipher_Instrumentation.java @@ -1,6 +1,5 @@ -package com.nr.agent.security.random.javax.crypto; +package com.newrelic.agent.security.instrumentation.random.javax.crypto; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; @@ -15,14 +14,11 @@ import java.security.Provider; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.ExactClass, originalName = "javax.crypto.Cipher") public class Cipher_Instrumentation { public static final Cipher_Instrumentation getInstance(String algorithm) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, StringUtils.EMPTY, Cipher_Instrumentation.class.getName(), "getInstance", "CIPHER"); } @@ -39,7 +35,7 @@ public static final Cipher_Instrumentation getInstance(String algorithm) { public static final Cipher_Instrumentation getInstance(String transformation, Provider provider) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(transformation, provider.getClass().getSimpleName(), Cipher_Instrumentation.class.getName(), "getInstance", "CIPHER"); } diff --git a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/javax/crypto/KeyGenerator_Instrumentation.java b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/javax/crypto/KeyGenerator_Instrumentation.java similarity index 86% rename from instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/javax/crypto/KeyGenerator_Instrumentation.java rename to instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/javax/crypto/KeyGenerator_Instrumentation.java index 8e06d7c91..60ced71d5 100644 --- a/instrumentation-security/low-priority-instrumentation/src/main/java/com/nr/agent/security/random/javax/crypto/KeyGenerator_Instrumentation.java +++ b/instrumentation-security/low-priority-instrumentation/src/main/java/com/newrelic/agent/security/instrumentation/random/javax/crypto/KeyGenerator_Instrumentation.java @@ -1,6 +1,5 @@ -package com.nr.agent.security.random.javax.crypto; +package com.newrelic.agent.security.instrumentation.random.javax.crypto; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; @@ -15,14 +14,11 @@ import java.security.Provider; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.ExactClass, originalName = "javax.crypto.KeyGenerator") public class KeyGenerator_Instrumentation { public static final KeyGenerator_Instrumentation getInstance(String algorithm) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, StringUtils.EMPTY, KeyGenerator_Instrumentation.class.getName(), "getInstance", "KEYGENERATOR"); } @@ -39,7 +35,7 @@ public static final KeyGenerator_Instrumentation getInstance(String algorithm) { public static final KeyGenerator_Instrumentation getInstance(String algorithm, String provider) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, provider, KeyGenerator_Instrumentation.class.getName(), "getInstance", "KEYGENERATOR"); } @@ -56,7 +52,7 @@ public static final KeyGenerator_Instrumentation getInstance(String algorithm, S public static final KeyGenerator_Instrumentation getInstance(String algorithm, Provider provider) { AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ operation = preprocessSecurityHook(algorithm, provider.getClass().getSimpleName(), KeyGenerator_Instrumentation.class.getName(), "getInstance", "KEYGENERATOR"); } diff --git a/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/KeyPairGeneratorTest.java b/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/KeyPairGeneratorTest.java similarity index 96% rename from instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/KeyPairGeneratorTest.java rename to instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/KeyPairGeneratorTest.java index 1e2525372..ffa159037 100644 --- a/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/KeyPairGeneratorTest.java +++ b/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/KeyPairGeneratorTest.java @@ -1,4 +1,4 @@ -package com.nr.security.agent.crypto; +package com.nr.agent.security.instrumentation.random; import com.fasterxml.jackson.core.JsonProcessingException; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; @@ -21,7 +21,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.agent.security.random" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.random" }) public class KeyPairGeneratorTest { @Test diff --git a/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/MessageDigestTest.java b/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/MessageDigestTest.java similarity index 97% rename from instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/MessageDigestTest.java rename to instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/MessageDigestTest.java index 59edf4f72..3351f726e 100644 --- a/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/MessageDigestTest.java +++ b/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/MessageDigestTest.java @@ -1,4 +1,4 @@ -package com.nr.security.agent.crypto; +package com.nr.agent.security.instrumentation.random; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; @@ -25,7 +25,7 @@ import java.util.concurrent.ThreadLocalRandom; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.agent.security.random" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.random" }) public class MessageDigestTest { @BeforeClass diff --git a/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/RandomTest.java b/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/RandomTest.java similarity index 98% rename from instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/RandomTest.java rename to instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/RandomTest.java index c7e9258c2..0925a53ef 100644 --- a/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/security/agent/crypto/RandomTest.java +++ b/instrumentation-security/low-priority-instrumentation/src/test/java/com/nr/agent/security/instrumentation/random/RandomTest.java @@ -1,4 +1,4 @@ -package com.nr.security.agent.crypto; +package com.nr.agent.security.instrumentation.random; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; @@ -26,7 +26,7 @@ import java.util.concurrent.ThreadLocalRandom; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "com.nr.agent.security.random") +@InstrumentationTestConfig(includePrefixes = "com.newrelic.agent.security.instrumentation.random") public class RandomTest { private static final String SECURE_RANDOM = "SECURERANDOM"; private static final String WEAK_RANDOM = "WEAKRANDOM"; diff --git a/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java b/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java index 883922773..10277e0a2 100644 --- a/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java +++ b/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; import org.bson.BsonDocument; @Weave(type = MatchType.ExactClass, originalName = "com.mongodb.operation.CommandReadOperation") diff --git a/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java b/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java index a89719d7f..9f28527d2 100644 --- a/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java +++ b/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; import org.bson.BsonDocument; @Weave(type = MatchType.ExactClass, originalName = "com.mongodb.operation.CommandWriteOperation") diff --git a/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/OperationExecutor_Instrumentation.java b/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/OperationExecutor_Instrumentation.java index 104770676..e015d6805 100644 --- a/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/OperationExecutor_Instrumentation.java +++ b/instrumentation-security/mongodb-3.0/src/main/java/com/mongodb/operation/OperationExecutor_Instrumentation.java @@ -1,24 +1,13 @@ package com.mongodb.operation; import com.mongodb.ReadPreference; -import com.mongodb.bulk.DeleteRequest; -import com.mongodb.bulk.InsertRequest; -import com.mongodb.bulk.UpdateRequest; -import com.mongodb.bulk.WriteRequest; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; -import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException; -import com.newrelic.api.agent.security.schema.operation.NoSQLOperation; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; -import org.bson.BsonDocument; - -import java.util.ArrayList; -import java.util.List; -import java.util.function.Predicate; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; @Weave(type = MatchType.Interface, originalName = "com.mongodb.operation.OperationExecutor") public abstract class OperationExecutor_Instrumentation { diff --git a/instrumentation-security/mongodb-3.0/src/main/java/com/nr/agent/security/mongo/MongoUtil.java b/instrumentation-security/mongodb-3.0/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java similarity index 99% rename from instrumentation-security/mongodb-3.0/src/main/java/com/nr/agent/security/mongo/MongoUtil.java rename to instrumentation-security/mongodb-3.0/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java index ed832c007..422b8bd5e 100644 --- a/instrumentation-security/mongodb-3.0/src/main/java/com/nr/agent/security/mongo/MongoUtil.java +++ b/instrumentation-security/mongodb-3.0/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.mongo; +package com.newrelic.agent.security.instrumentation.mongo; import com.mongodb.bulk.DeleteRequest; import com.mongodb.bulk.InsertRequest; diff --git a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb/operation/OperationExecutorDBTest.java b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb/operation/OperationExecutorDBTest.java similarity index 99% rename from instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb/operation/OperationExecutorDBTest.java rename to instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb/operation/OperationExecutorDBTest.java index 6d4f5bd90..ce4473bed 100644 --- a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb/operation/OperationExecutorDBTest.java +++ b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb/operation/OperationExecutorDBTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb.operation; +package com.nr.agent.security.instrumentation.mongodb.operation; import com.fasterxml.jackson.core.JsonProcessingException; import com.mongodb.AggregationOptions; @@ -46,7 +46,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.mongodb.operation", "com.nr.agent.security.mongo" }) +@InstrumentationTestConfig(includePrefixes = { "com.mongodb.operation", "com.newrelic.agent.security.instrumentation.mongo" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OperationExecutorDBTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); diff --git a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb/operation/OperationExecutorMongoDatabaseTest.java b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb/operation/OperationExecutorMongoDatabaseTest.java similarity index 99% rename from instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb/operation/OperationExecutorMongoDatabaseTest.java rename to instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb/operation/OperationExecutorMongoDatabaseTest.java index 09c507a72..a1c045e5b 100644 --- a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb/operation/OperationExecutorMongoDatabaseTest.java +++ b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb/operation/OperationExecutorMongoDatabaseTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb.operation; +package com.nr.agent.security.instrumentation.mongodb.operation; import com.mongodb.DBObject; import com.mongodb.MongoClient; @@ -53,7 +53,7 @@ @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.newrelic.agent.security.instrumentation.mongo"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OperationExecutorMongoDatabaseTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); diff --git a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/CommandReadOperationTest.java b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/CommandReadOperationTest.java similarity index 97% rename from instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/CommandReadOperationTest.java rename to instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/CommandReadOperationTest.java index 2d63552da..ecfd781e2 100644 --- a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/CommandReadOperationTest.java +++ b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/CommandReadOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb30.operation; +package com.nr.agent.security.instrumentation.mongodb30.operation; import com.mongodb.MongoClient; import com.mongodb.client.MongoCollection; @@ -10,7 +10,6 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.NoSQLOperation; -import de.flapdoodle.embed.mongo.Command; import de.flapdoodle.embed.mongo.MongodExecutable; import de.flapdoodle.embed.mongo.MongodProcess; import de.flapdoodle.embed.mongo.MongodStarter; @@ -31,12 +30,11 @@ import org.junit.Test; import org.junit.runner.RunWith; -import java.io.IOException; import java.util.ArrayList; import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.newrelic.agent.security.instrumentation.mongo"}) public class CommandReadOperationTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); private static MongodExecutable mongodExecutable; diff --git a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/CommandWriteOperationTest.java b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/CommandWriteOperationTest.java similarity index 97% rename from instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/CommandWriteOperationTest.java rename to instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/CommandWriteOperationTest.java index 63ae885aa..950b098b4 100644 --- a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/CommandWriteOperationTest.java +++ b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/CommandWriteOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb30.operation; +package com.nr.agent.security.instrumentation.mongodb30.operation; import com.mongodb.MongoClient; import com.mongodb.client.MongoCollection; @@ -11,7 +11,6 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.NoSQLOperation; -import de.flapdoodle.embed.mongo.Command; import de.flapdoodle.embed.mongo.MongodExecutable; import de.flapdoodle.embed.mongo.MongodProcess; import de.flapdoodle.embed.mongo.MongodStarter; @@ -33,12 +32,11 @@ import org.junit.Test; import org.junit.runner.RunWith; -import java.io.IOException; import java.util.ArrayList; import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.newrelic.agent.security.instrumentation.mongo"}) public class CommandWriteOperationTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); private static MongodExecutable mongodExecutable; diff --git a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/DBPerson.java b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/DBPerson.java similarity index 91% rename from instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/DBPerson.java rename to instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/DBPerson.java index f2d9463af..b31ddcd31 100644 --- a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/DBPerson.java +++ b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/DBPerson.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb37.client.internal; +package com.nr.agent.security.instrumentation.mongodb30.operation; import org.bson.Document; diff --git a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/DBPersonCodec.java b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/DBPersonCodec.java similarity index 93% rename from instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/DBPersonCodec.java rename to instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/DBPersonCodec.java index d04fce0b8..a57a0b200 100644 --- a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/DBPersonCodec.java +++ b/instrumentation-security/mongodb-3.0/src/test/java/com/nr/agent/security/instrumentation/mongodb30/operation/DBPersonCodec.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb37.client.internal; +package com.nr.agent.security.instrumentation.mongodb30.operation; import org.bson.BsonReader; import org.bson.BsonWriter; diff --git a/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/OperationExecutor_Instrumentation.java b/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/OperationExecutor_Instrumentation.java index a118f36f9..de1f5f831 100644 --- a/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/OperationExecutor_Instrumentation.java +++ b/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/OperationExecutor_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; @Weave(type = MatchType.Interface, originalName = "com.mongodb.OperationExecutor") abstract class OperationExecutor_Instrumentation { diff --git a/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java b/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java index 883922773..10277e0a2 100644 --- a/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java +++ b/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; import org.bson.BsonDocument; @Weave(type = MatchType.ExactClass, originalName = "com.mongodb.operation.CommandReadOperation") diff --git a/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java b/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java index a89719d7f..9f28527d2 100644 --- a/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java +++ b/instrumentation-security/mongodb-3.6/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; import org.bson.BsonDocument; @Weave(type = MatchType.ExactClass, originalName = "com.mongodb.operation.CommandWriteOperation") diff --git a/instrumentation-security/mongodb-3.6/src/main/java/com/nr/agent/security/mongo/MongoUtil.java b/instrumentation-security/mongodb-3.6/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java similarity index 99% rename from instrumentation-security/mongodb-3.6/src/main/java/com/nr/agent/security/mongo/MongoUtil.java rename to instrumentation-security/mongodb-3.6/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java index 698729fc1..6c53e0ca2 100644 --- a/instrumentation-security/mongodb-3.6/src/main/java/com/nr/agent/security/mongo/MongoUtil.java +++ b/instrumentation-security/mongodb-3.6/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.mongo; +package com.newrelic.agent.security.instrumentation.mongo; import com.mongodb.bulk.DeleteRequest; import com.mongodb.bulk.InsertRequest; diff --git a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/CommandReadOperationTest.java b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/CommandReadOperationTest.java similarity index 98% rename from instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/CommandReadOperationTest.java rename to instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/CommandReadOperationTest.java index 23321b97f..15f042af3 100644 --- a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/CommandReadOperationTest.java +++ b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/CommandReadOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb36.operation; +package com.nr.agent.security.instrumentation.mongo36; import com.mongodb.MongoClient; import com.mongodb.client.MongoCollection; @@ -34,7 +34,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb","com.newrelic.agent.security.instrumentation.mongo"}) public class CommandReadOperationTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); private static MongodExecutable mongodExecutable; diff --git a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/CommandWriteOperationTest.java b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/CommandWriteOperationTest.java similarity index 98% rename from instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/CommandWriteOperationTest.java rename to instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/CommandWriteOperationTest.java index 3ff269ef5..6ffbd7060 100644 --- a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/CommandWriteOperationTest.java +++ b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/CommandWriteOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb36.operation; +package com.nr.agent.security.instrumentation.mongo36; import com.mongodb.MongoClient; import com.mongodb.client.MongoCollection; @@ -34,7 +34,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb","com.newrelic.agent.security.instrumentation.mongo"}) public class CommandWriteOperationTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); private static MongodExecutable mongodExecutable; diff --git a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/DBPerson.java b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/DBPerson.java similarity index 91% rename from instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/DBPerson.java rename to instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/DBPerson.java index fd4425a2b..cda6a5b3d 100644 --- a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/DBPerson.java +++ b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/DBPerson.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb30.operation; +package com.nr.agent.security.instrumentation.mongo36; import org.bson.Document; diff --git a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/DBPersonCodec.java b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/DBPersonCodec.java similarity index 94% rename from instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/DBPersonCodec.java rename to instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/DBPersonCodec.java index 800f7adde..0d501ff6f 100644 --- a/instrumentation-security/mongodb-3.0/src/test/java/com/nr/instrumentation/security/mongodb30/operation/DBPersonCodec.java +++ b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/DBPersonCodec.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb30.operation; +package com.nr.agent.security.instrumentation.mongo36; import org.bson.BsonReader; import org.bson.BsonWriter; diff --git a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/OperationExecutorDBTest.java b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/OperationExecutorDBTest.java similarity index 99% rename from instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/OperationExecutorDBTest.java rename to instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/OperationExecutorDBTest.java index 947b5a53a..81d708b7f 100644 --- a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/OperationExecutorDBTest.java +++ b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/OperationExecutorDBTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb36.operation; +package com.nr.agent.security.instrumentation.mongo36; import com.fasterxml.jackson.core.JsonProcessingException; import com.mongodb.AggregationOptions; @@ -44,7 +44,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.mongodb", "com.nr.agent.security.mongo" }) +@InstrumentationTestConfig(includePrefixes = { "com.mongodb", "com.newrelic.agent.security.instrumentation.mongo" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OperationExecutorDBTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); diff --git a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/OperationExecutorMongoDatabaseTest.java b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/OperationExecutorMongoDatabaseTest.java similarity index 99% rename from instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/OperationExecutorMongoDatabaseTest.java rename to instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/OperationExecutorMongoDatabaseTest.java index 88217f851..c6cfceeda 100644 --- a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/OperationExecutorMongoDatabaseTest.java +++ b/instrumentation-security/mongodb-3.6/src/test/java/com/nr/agent/security/instrumentation/mongo36/OperationExecutorMongoDatabaseTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb36.operation; +package com.nr.agent.security.instrumentation.mongo36; import com.mongodb.DBObject; import com.mongodb.MongoClient; @@ -51,7 +51,7 @@ @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb","com.newrelic.agent.security.instrumentation.mongo"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OperationExecutorMongoDatabaseTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); diff --git a/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/client/internal/OperationExecutor_Instrumentation.java b/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/client/internal/OperationExecutor_Instrumentation.java index 314abc89b..f9e2664c1 100644 --- a/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/client/internal/OperationExecutor_Instrumentation.java +++ b/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/client/internal/OperationExecutor_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; @Weave(type = MatchType.Interface, originalName = "com.mongodb.client.internal.OperationExecutor") public abstract class OperationExecutor_Instrumentation { diff --git a/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java b/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java index 883922773..10277e0a2 100644 --- a/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java +++ b/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; import org.bson.BsonDocument; @Weave(type = MatchType.ExactClass, originalName = "com.mongodb.operation.CommandReadOperation") diff --git a/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java b/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java index a89719d7f..9f28527d2 100644 --- a/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java +++ b/instrumentation-security/mongodb-3.7/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; import org.bson.BsonDocument; @Weave(type = MatchType.ExactClass, originalName = "com.mongodb.operation.CommandWriteOperation") diff --git a/instrumentation-security/mongodb-3.7/src/main/java/com/nr/agent/security/mongo/MongoUtil.java b/instrumentation-security/mongodb-3.7/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java similarity index 99% rename from instrumentation-security/mongodb-3.7/src/main/java/com/nr/agent/security/mongo/MongoUtil.java rename to instrumentation-security/mongodb-3.7/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java index cb11dd128..e36df9aa5 100644 --- a/instrumentation-security/mongodb-3.7/src/main/java/com/nr/agent/security/mongo/MongoUtil.java +++ b/instrumentation-security/mongodb-3.7/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.mongo; +package com.newrelic.agent.security.instrumentation.mongo; import com.mongodb.bulk.DeleteRequest; import com.mongodb.bulk.InsertRequest; diff --git a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/CommandReadOperationTest.java b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/CommandReadOperationTest.java similarity index 97% rename from instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/CommandReadOperationTest.java rename to instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/CommandReadOperationTest.java index 8efe08956..c7b94a657 100644 --- a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/CommandReadOperationTest.java +++ b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/CommandReadOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb37.client.internal; +package com.nr.agent.security.instrumentation.mongo37; import com.mongodb.MongoClient; import com.mongodb.client.MongoCollection; @@ -36,7 +36,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.mongodb.client.internal","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.mongodb.client.internal","com.newrelic.agent.security.instrumentation.mongo"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class CommandReadOperationTest { diff --git a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/CommandWriteOperationTest.java b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/CommandWriteOperationTest.java similarity index 97% rename from instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/CommandWriteOperationTest.java rename to instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/CommandWriteOperationTest.java index b7abfc00c..6276cd242 100644 --- a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/CommandWriteOperationTest.java +++ b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/CommandWriteOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb37.client.internal; +package com.nr.agent.security.instrumentation.mongo37; import com.mongodb.MongoClient; import com.mongodb.client.MongoCollection; @@ -37,7 +37,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.client.internal","com.mongodb.operation","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.client.internal","com.mongodb.operation","com.newrelic.agent.security.instrumentation.mongo"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class CommandWriteOperationTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); diff --git a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/DBPerson.java b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/DBPerson.java similarity index 91% rename from instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/DBPerson.java rename to instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/DBPerson.java index 4cf8445d1..303d368fe 100644 --- a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/DBPerson.java +++ b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/DBPerson.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb36.operation; +package com.nr.agent.security.instrumentation.mongo37; import org.bson.Document; diff --git a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/DBPersonCodec.java b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/DBPersonCodec.java similarity index 94% rename from instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/DBPersonCodec.java rename to instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/DBPersonCodec.java index 090b0ee06..7397a9a91 100644 --- a/instrumentation-security/mongodb-3.6/src/test/java/com/nr/instrumentation/security/mongodb36/operation/DBPersonCodec.java +++ b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/DBPersonCodec.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb36.operation; +package com.nr.agent.security.instrumentation.mongo37; import org.bson.BsonReader; import org.bson.BsonWriter; diff --git a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/OperationExecutorDBTest.java b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/OperationExecutorDBTest.java similarity index 99% rename from instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/OperationExecutorDBTest.java rename to instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/OperationExecutorDBTest.java index e14c3ef48..b7015d4ef 100644 --- a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/OperationExecutorDBTest.java +++ b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/OperationExecutorDBTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb37.client.internal; +package com.nr.agent.security.instrumentation.mongo37; import com.fasterxml.jackson.core.JsonProcessingException; import com.mongodb.AggregationOptions; @@ -45,7 +45,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.mongodb.client.internal", "com.nr.agent.security.mongo", "com.mongodb.operation" }) +@InstrumentationTestConfig(includePrefixes = { "com.mongodb.client.internal", "com.newrelic.agent.security.instrumentation.mongo", "com.mongodb.operation" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OperationExecutorDBTest { diff --git a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/OperationExecutorMongoDatabaseTest.java b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/OperationExecutorMongoDatabaseTest.java similarity index 99% rename from instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/OperationExecutorMongoDatabaseTest.java rename to instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/OperationExecutorMongoDatabaseTest.java index 406fd4b5c..857f716b8 100644 --- a/instrumentation-security/mongodb-3.7/src/test/java/com/nr/instrumentation/security/mongodb37/client/internal/OperationExecutorMongoDatabaseTest.java +++ b/instrumentation-security/mongodb-3.7/src/test/java/com/nr/agent/security/instrumentation/mongo37/OperationExecutorMongoDatabaseTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb37.client.internal; +package com.nr.agent.security.instrumentation.mongo37; import com.mongodb.DBObject; import com.mongodb.MongoClient; @@ -50,7 +50,7 @@ import static com.mongodb.client.model.Filters.eq; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.client.internal","com.nr.agent.security.mongo","com.mongodb.operation"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.client.internal","com.newrelic.agent.security.instrumentation.mongo","com.mongodb.operation"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OperationExecutorMongoDatabaseTest { diff --git a/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/client/internal/OperationExecutor_Instrumentation.java b/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/client/internal/OperationExecutor_Instrumentation.java index 25b746a96..1603840d7 100644 --- a/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/client/internal/OperationExecutor_Instrumentation.java +++ b/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/client/internal/OperationExecutor_Instrumentation.java @@ -12,7 +12,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; @Weave(type = MatchType.Interface, originalName = "com.mongodb.client.internal.OperationExecutor") public abstract class OperationExecutor_Instrumentation { diff --git a/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java b/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java index 883922773..10277e0a2 100644 --- a/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java +++ b/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/operation/CommandReadOperation_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; import org.bson.BsonDocument; @Weave(type = MatchType.ExactClass, originalName = "com.mongodb.operation.CommandReadOperation") diff --git a/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java b/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java index a89719d7f..9f28527d2 100644 --- a/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java +++ b/instrumentation-security/mongodb-3.8/src/main/java/com/mongodb/operation/CommandWriteOperation_Instrumentation.java @@ -7,7 +7,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.MongoUtil; +import com.newrelic.agent.security.instrumentation.mongo.MongoUtil; import org.bson.BsonDocument; @Weave(type = MatchType.ExactClass, originalName = "com.mongodb.operation.CommandWriteOperation") diff --git a/instrumentation-security/mongodb-3.8/src/main/java/com/nr/agent/security/mongo/MongoUtil.java b/instrumentation-security/mongodb-3.8/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java similarity index 99% rename from instrumentation-security/mongodb-3.8/src/main/java/com/nr/agent/security/mongo/MongoUtil.java rename to instrumentation-security/mongodb-3.8/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java index dc7f0f0ae..233da1e3f 100644 --- a/instrumentation-security/mongodb-3.8/src/main/java/com/nr/agent/security/mongo/MongoUtil.java +++ b/instrumentation-security/mongodb-3.8/src/main/java/com/newrelic/agent/security/instrumentation/mongo/MongoUtil.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.security.mongo; +package com.newrelic.agent.security.instrumentation.mongo; import com.mongodb.bulk.DeleteRequest; import com.mongodb.bulk.InsertRequest; diff --git a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/client/internal/OperationExecutorDBTest.java b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/client/internal/OperationExecutorDBTest.java similarity index 99% rename from instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/client/internal/OperationExecutorDBTest.java rename to instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/client/internal/OperationExecutorDBTest.java index 643b987ae..76ed02bff 100644 --- a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/client/internal/OperationExecutorDBTest.java +++ b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/client/internal/OperationExecutorDBTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb38.client.internal; +package com.nr.agent.security.instrumentation.mongo38.client.internal; import com.fasterxml.jackson.core.JsonProcessingException; import com.mongodb.AggregationOptions; @@ -45,7 +45,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.client.internal","com.mongodb.operation","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.client.internal","com.mongodb.operation","com.newrelic.agent.security.instrumentation.mongo"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OperationExecutorDBTest { diff --git a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/client/internal/OperationExecutorMongoDatabaseTest.java b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/client/internal/OperationExecutorMongoDatabaseTest.java similarity index 99% rename from instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/client/internal/OperationExecutorMongoDatabaseTest.java rename to instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/client/internal/OperationExecutorMongoDatabaseTest.java index 0b7555bbf..00ae4359b 100644 --- a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/client/internal/OperationExecutorMongoDatabaseTest.java +++ b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/client/internal/OperationExecutorMongoDatabaseTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb38.client.internal; +package com.nr.agent.security.instrumentation.mongo38.client.internal; import com.mongodb.DBObject; import com.mongodb.MongoClient; @@ -50,7 +50,7 @@ import static com.mongodb.client.model.Filters.eq; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.client.internal","com.mongodb.operation","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.client.internal","com.mongodb.operation","com.newrelic.agent.security.instrumentation.mongo"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class OperationExecutorMongoDatabaseTest { diff --git a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/CommandReadOperationTest.java b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/CommandReadOperationTest.java similarity index 97% rename from instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/CommandReadOperationTest.java rename to instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/CommandReadOperationTest.java index ad1ffe465..7f010eb99 100644 --- a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/CommandReadOperationTest.java +++ b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/CommandReadOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb38.operation; +package com.nr.agent.security.instrumentation.mongo38.operation; import com.mongodb.MongoClient; import com.mongodb.client.MongoCollection; @@ -36,7 +36,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb.operation","com.newrelic.agent.security.instrumentation.mongo"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class CommandReadOperationTest { diff --git a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/CommandWriteOperationTest.java b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/CommandWriteOperationTest.java similarity index 98% rename from instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/CommandWriteOperationTest.java rename to instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/CommandWriteOperationTest.java index b0c456002..8e4c7a74b 100644 --- a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/CommandWriteOperationTest.java +++ b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/CommandWriteOperationTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb38.operation; +package com.nr.agent.security.instrumentation.mongo38.operation; import com.mongodb.MongoClient; import com.mongodb.client.MongoCollection; @@ -36,7 +36,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.mongodb", "com.nr.agent.security.mongo"}) +@InstrumentationTestConfig(includePrefixes = {"com.mongodb", "com.newrelic.agent.security.instrumentation.mongo"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class CommandWriteOperationTest { private static final MongodStarter mongodStarter = MongodStarter.getDefaultInstance(); diff --git a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/DBPerson.java b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/DBPerson.java similarity index 93% rename from instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/DBPerson.java rename to instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/DBPerson.java index 3d32c1680..2092e80db 100644 --- a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/DBPerson.java +++ b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/DBPerson.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb38.operation; +package com.nr.agent.security.instrumentation.mongo38.operation; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/DBPersonCodec.java b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/DBPersonCodec.java similarity index 94% rename from instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/DBPersonCodec.java rename to instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/DBPersonCodec.java index ee5939bc8..20d2b33f3 100644 --- a/instrumentation-security/mongodb-3.8/src/test/java/com/nr/instrumentation/security/mongodb38/operation/DBPersonCodec.java +++ b/instrumentation-security/mongodb-3.8/src/test/java/com/nr/agent/security/instrumentation/mongo38/operation/DBPersonCodec.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.mongodb38.operation; +package com.nr.agent.security.instrumentation.mongo38.operation; import org.bson.BsonReader; import org.bson.BsonWriter; diff --git a/instrumentation-security/nashorn-jsinjection/src/main/java/com/nr/agent/security/jsinjection/nashorn/JSEngineUtils.java b/instrumentation-security/nashorn-jsinjection/src/main/java/com/newrelic/agent/security/instrumentation/nashorn/JSEngineUtils.java similarity index 80% rename from instrumentation-security/nashorn-jsinjection/src/main/java/com/nr/agent/security/jsinjection/nashorn/JSEngineUtils.java rename to instrumentation-security/nashorn-jsinjection/src/main/java/com/newrelic/agent/security/instrumentation/nashorn/JSEngineUtils.java index 292c2a1ca..91cf08230 100644 --- a/instrumentation-security/nashorn-jsinjection/src/main/java/com/nr/agent/security/jsinjection/nashorn/JSEngineUtils.java +++ b/instrumentation-security/nashorn-jsinjection/src/main/java/com/newrelic/agent/security/instrumentation/nashorn/JSEngineUtils.java @@ -1,4 +1,4 @@ -package com.nr.agent.security.jsinjection.nashorn; +package com.newrelic.agent.security.instrumentation.nashorn; public class JSEngineUtils { diff --git a/instrumentation-security/nashorn-jsinjection/src/main/java/jdk/nashorn/api/scripting/NashornScriptEngine_Instrumentation.java b/instrumentation-security/nashorn-jsinjection/src/main/java/jdk/nashorn/api/scripting/NashornScriptEngine_Instrumentation.java index 1361121ba..fff18cba3 100644 --- a/instrumentation-security/nashorn-jsinjection/src/main/java/jdk/nashorn/api/scripting/NashornScriptEngine_Instrumentation.java +++ b/instrumentation-security/nashorn-jsinjection/src/main/java/jdk/nashorn/api/scripting/NashornScriptEngine_Instrumentation.java @@ -9,9 +9,8 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.jsinjection.nashorn.JSEngineUtils; +import com.newrelic.agent.security.instrumentation.nashorn.JSEngineUtils; import jdk.nashorn.internal.objects.Global; -import jdk.nashorn.internal.runtime.RecompilableScriptFunctionData; import jdk.nashorn.internal.runtime.ScriptFunction_Instrumentation; import jdk.nashorn.internal.runtime.Source; diff --git a/instrumentation-security/nashorn-jsinjection/src/main/java/jdk/nashorn/internal/runtime/ScriptFunction_Instrumentation.java b/instrumentation-security/nashorn-jsinjection/src/main/java/jdk/nashorn/internal/runtime/ScriptFunction_Instrumentation.java index e8b1461a7..6b4cfde83 100644 --- a/instrumentation-security/nashorn-jsinjection/src/main/java/jdk/nashorn/internal/runtime/ScriptFunction_Instrumentation.java +++ b/instrumentation-security/nashorn-jsinjection/src/main/java/jdk/nashorn/internal/runtime/ScriptFunction_Instrumentation.java @@ -1,11 +1,9 @@ package jdk.nashorn.internal.runtime; import com.newrelic.api.agent.security.NewRelicSecurity; -import com.newrelic.api.agent.security.schema.StringUtils; import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.NewField; import com.newrelic.api.agent.weaver.Weave; -import com.nr.agent.security.jsinjection.nashorn.JSEngineUtils; +import com.newrelic.agent.security.instrumentation.nashorn.JSEngineUtils; import jdk.nashorn.internal.objects.Global; @Weave(type = MatchType.ExactClass, originalName = "jdk.nashorn.internal.runtime.ScriptFunction") diff --git a/instrumentation-security/nashorn-jsinjection/src/test/java/com/nr/agent/instrumentation/nashorn/NashornScriptEngineTest.java b/instrumentation-security/nashorn-jsinjection/src/test/java/com/nr/agent/security/instrumentation/nashorn/NashornScriptEngineTest.java similarity index 99% rename from instrumentation-security/nashorn-jsinjection/src/test/java/com/nr/agent/instrumentation/nashorn/NashornScriptEngineTest.java rename to instrumentation-security/nashorn-jsinjection/src/test/java/com/nr/agent/security/instrumentation/nashorn/NashornScriptEngineTest.java index 3e21f6306..d37b1d0e3 100644 --- a/instrumentation-security/nashorn-jsinjection/src/test/java/com/nr/agent/instrumentation/nashorn/NashornScriptEngineTest.java +++ b/instrumentation-security/nashorn-jsinjection/src/test/java/com/nr/agent/security/instrumentation/nashorn/NashornScriptEngineTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.nashorn; +package com.nr.agent.security.instrumentation.nashorn; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/OkhttpHelper.java b/instrumentation-security/okhttp-3.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp30/OkhttpHelper.java similarity index 98% rename from instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/OkhttpHelper.java rename to instrumentation-security/okhttp-3.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp30/OkhttpHelper.java index dd694ec90..4897c5b1e 100644 --- a/instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/OkhttpHelper.java +++ b/instrumentation-security/okhttp-3.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp30/OkhttpHelper.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.security.okhttp30.internal; +package com.newrelic.agent.security.instrumentation.okhttp30; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/RealCall_Instrumentation.java b/instrumentation-security/okhttp-3.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp30/RealCall_Instrumentation.java similarity index 98% rename from instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/RealCall_Instrumentation.java rename to instrumentation-security/okhttp-3.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp30/RealCall_Instrumentation.java index 98e967ebb..87f484803 100644 --- a/instrumentation-security/okhttp-3.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp30/internal/RealCall_Instrumentation.java +++ b/instrumentation-security/okhttp-3.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp30/RealCall_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation.security.okhttp30.internal; +package com.newrelic.agent.security.instrumentation.okhttp30; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.weaver.MatchType; diff --git a/instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/RealCallTest.java b/instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/agent/security/instrumentation/okhttp30/RealCallTest.java similarity index 95% rename from instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/RealCallTest.java rename to instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/agent/security/instrumentation/okhttp30/RealCallTest.java index 764b39f3c..c79089e2f 100644 --- a/instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/RealCallTest.java +++ b/instrumentation-security/okhttp-3.0.0/src/test/java/com/nr/agent/security/instrumentation/okhttp30/RealCallTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.okhttp30; +package com.nr.agent.security.instrumentation.okhttp30; import com.newrelic.agent.security.introspec.HttpTestServer; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; @@ -25,7 +25,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.agent.instrumentation.security.okhttp30" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.okhttp30" }) public class RealCallTest { @ClassRule public static HttpServerRule server = new HttpServerRule(); diff --git a/instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/OkhttpHelper.java b/instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/OkhttpHelper.java similarity index 98% rename from instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/OkhttpHelper.java rename to instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/OkhttpHelper.java index 438c09fd2..2d8a9894b 100644 --- a/instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/OkhttpHelper.java +++ b/instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/OkhttpHelper.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.security.okhttp40.internal.http; +package com.newrelic.agent.security.instrumentation.okhttp35; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; @@ -57,7 +57,6 @@ private static String getNrSecCustomAttribName() { return NR_SEC_CUSTOM_ATTRIB_NAME + Thread.currentThread().getId(); } - public static AbstractOperation preprocessSecurityHook(String url, String className, String methodName) { try { if (!NewRelicSecurity.isHookProcessingActive() || diff --git a/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/http/ExchangeCodec_Instrumentation.java b/instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/http/ExchangeCodec_Instrumentation.java similarity index 81% rename from instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/http/ExchangeCodec_Instrumentation.java rename to instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/http/ExchangeCodec_Instrumentation.java index d187d1cf7..21292f081 100644 --- a/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/http/ExchangeCodec_Instrumentation.java +++ b/instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/http/ExchangeCodec_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation.security.okhttp35.internal.http; +package com.newrelic.agent.security.instrumentation.okhttp35.http; import com.newrelic.api.agent.weaver.SkipIfPresent; diff --git a/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/http/HttpCodec_Instrumentation.java b/instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/http/HttpCodec_Instrumentation.java similarity index 92% rename from instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/http/HttpCodec_Instrumentation.java rename to instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/http/HttpCodec_Instrumentation.java index bdece79d2..f22a1def3 100644 --- a/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/http/HttpCodec_Instrumentation.java +++ b/instrumentation-security/okhttp-3.5.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp35/http/HttpCodec_Instrumentation.java @@ -5,13 +5,13 @@ * */ -package com.nr.agent.instrumentation.security.okhttp35.internal.http; +package com.newrelic.agent.security.instrumentation.okhttp35.http; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.instrumentation.security.okhttp35.internal.OkhttpHelper; +import com.newrelic.agent.security.instrumentation.okhttp35.OkhttpHelper; import okhttp3.Request; @Weave(type = MatchType.Interface, originalName = "okhttp3.internal.http.HttpCodec") diff --git a/instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/instrumentation/security/okhttp35/RealCallTest.java b/instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/agent/security/instrumentation/okhttp35/RealCallTest.java similarity index 95% rename from instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/instrumentation/security/okhttp35/RealCallTest.java rename to instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/agent/security/instrumentation/okhttp35/RealCallTest.java index c898a2ee3..69ca834d2 100644 --- a/instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/instrumentation/security/okhttp35/RealCallTest.java +++ b/instrumentation-security/okhttp-3.5.0/src/test/java/com/nr/agent/security/instrumentation/okhttp35/RealCallTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.okhttp35; +package com.nr.agent.security.instrumentation.okhttp35; import com.newrelic.agent.security.introspec.HttpTestServer; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; @@ -25,7 +25,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.agent.instrumentation.security.okhttp35" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.okhttp35" }) public class RealCallTest { @ClassRule public static HttpServerRule server = new HttpServerRule(); diff --git a/instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/ExchangeCodec_Instrumentation.java b/instrumentation-security/okhttp-4.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp40/ExchangeCodec_Instrumentation.java similarity index 96% rename from instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/ExchangeCodec_Instrumentation.java rename to instrumentation-security/okhttp-4.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp40/ExchangeCodec_Instrumentation.java index f3c14219e..4a6c455cb 100644 --- a/instrumentation-security/okhttp-4.0.0/src/main/java/com/nr/agent/instrumentation/security/okhttp40/internal/http/ExchangeCodec_Instrumentation.java +++ b/instrumentation-security/okhttp-4.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp40/ExchangeCodec_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation.security.okhttp40.internal.http; +package com.newrelic.agent.security.instrumentation.okhttp40; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.weaver.MatchType; diff --git a/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/OkhttpHelper.java b/instrumentation-security/okhttp-4.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp40/OkhttpHelper.java similarity index 98% rename from instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/OkhttpHelper.java rename to instrumentation-security/okhttp-4.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp40/OkhttpHelper.java index 6b1dd623f..964abbf3b 100644 --- a/instrumentation-security/okhttp-3.5.0/src/main/java/com/nr/agent/instrumentation/security/okhttp35/internal/OkhttpHelper.java +++ b/instrumentation-security/okhttp-4.0.0/src/main/java/com/newrelic/agent/security/instrumentation/okhttp40/OkhttpHelper.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.security.okhttp35.internal; +package com.newrelic.agent.security.instrumentation.okhttp40; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; @@ -57,6 +57,7 @@ private static String getNrSecCustomAttribName() { return NR_SEC_CUSTOM_ATTRIB_NAME + Thread.currentThread().getId(); } + public static AbstractOperation preprocessSecurityHook(String url, String className, String methodName) { try { if (!NewRelicSecurity.isHookProcessingActive() || diff --git a/instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/ExchangeCodecTest.java b/instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/agent/security/instrumentation/okhttp40/ExchangeCodecTest.java similarity index 95% rename from instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/ExchangeCodecTest.java rename to instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/agent/security/instrumentation/okhttp40/ExchangeCodecTest.java index e6d0dbdbf..d78cbfeff 100644 --- a/instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/instrumentation/security/okhttp30/ExchangeCodecTest.java +++ b/instrumentation-security/okhttp-4.0.0/src/test/java/com/nr/agent/security/instrumentation/okhttp40/ExchangeCodecTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.okhttp30; +package com.nr.agent.security.instrumentation.okhttp40; import com.newrelic.agent.security.introspec.HttpTestServer; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; @@ -25,7 +25,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.agent.instrumentation.security.okhttp40" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.okhttp40" }) public class ExchangeCodecTest { @ClassRule public static HttpServerRule server = new HttpServerRule(); diff --git a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/H2StatementTest.java b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/H2StatementTest.java similarity index 99% rename from instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/H2StatementTest.java rename to instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/H2StatementTest.java index 6f5b98af2..7d3a0520c 100644 --- a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/H2StatementTest.java +++ b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/H2StatementTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc; +package com.nr.agent.security.instrumentation.r2dbc; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/H2Test.java b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/H2Test.java similarity index 99% rename from instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/H2Test.java rename to instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/H2Test.java index aa4e62e5b..8eb168412 100644 --- a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/H2Test.java +++ b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/H2Test.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc; +package com.nr.agent.security.instrumentation.r2dbc; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MariaStatementTest.java b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MariaStatementTest.java similarity index 99% rename from instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MariaStatementTest.java rename to instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MariaStatementTest.java index 2718c3195..c632cc688 100644 --- a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MariaStatementTest.java +++ b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MariaStatementTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc; +package com.nr.agent.security.instrumentation.r2dbc; import ch.vorburger.exec.ManagedProcessException; import ch.vorburger.mariadb4j.DB; diff --git a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MariaTest.java b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MariaTest.java similarity index 99% rename from instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MariaTest.java rename to instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MariaTest.java index d51729e76..ff128b45b 100644 --- a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MariaTest.java +++ b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MariaTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc; +package com.nr.agent.security.instrumentation.r2dbc; import ch.vorburger.exec.ManagedProcessException; import ch.vorburger.mariadb4j.DB; diff --git a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MySQLStatementTest.java b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MySQLStatementTest.java similarity index 99% rename from instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MySQLStatementTest.java rename to instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MySQLStatementTest.java index 26dcf1d30..3e2ebfce6 100644 --- a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MySQLStatementTest.java +++ b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MySQLStatementTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc; +package com.nr.agent.security.instrumentation.r2dbc; import ch.vorburger.mariadb4j.DB; import ch.vorburger.mariadb4j.DBConfigurationBuilder; diff --git a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MySQLTest.java b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MySQLTest.java similarity index 99% rename from instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MySQLTest.java rename to instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MySQLTest.java index 463901e5a..d0ce6781a 100644 --- a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/MySQLTest.java +++ b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/MySQLTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc; +package com.nr.agent.security.instrumentation.r2dbc; import ch.vorburger.exec.ManagedProcessException; import ch.vorburger.mariadb4j.DB; diff --git a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/PostgresStatementTest.java b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/PostgresStatementTest.java similarity index 99% rename from instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/PostgresStatementTest.java rename to instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/PostgresStatementTest.java index edc3ae669..7ad8a7f9a 100644 --- a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/PostgresStatementTest.java +++ b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/PostgresStatementTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc; +package com.nr.agent.security.instrumentation.r2dbc; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/PostgresTest.java b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/PostgresTest.java similarity index 99% rename from instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/PostgresTest.java rename to instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/PostgresTest.java index 6009a5775..e54d93ba6 100644 --- a/instrumentation-security/r2dbc-generic/src/test/java/com/nr/instrumentation/security/r2dbc/PostgresTest.java +++ b/instrumentation-security/r2dbc-generic/src/test/java/com/nr/agent/security/instrumentation/r2dbc/PostgresTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc; +package com.nr.agent.security.instrumentation.r2dbc; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/r2dbc-h2/src/test/java/com/nr/instrumentation/security/r2dbc/h2/ClientTest.java b/instrumentation-security/r2dbc-h2/src/test/java/com/nr/agent/security/instrumentation/r2dbc/h2/ClientTest.java similarity index 98% rename from instrumentation-security/r2dbc-h2/src/test/java/com/nr/instrumentation/security/r2dbc/h2/ClientTest.java rename to instrumentation-security/r2dbc-h2/src/test/java/com/nr/agent/security/instrumentation/r2dbc/h2/ClientTest.java index 7531958c3..054c035fd 100644 --- a/instrumentation-security/r2dbc-h2/src/test/java/com/nr/instrumentation/security/r2dbc/h2/ClientTest.java +++ b/instrumentation-security/r2dbc-h2/src/test/java/com/nr/agent/security/instrumentation/r2dbc/h2/ClientTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc.h2; +package com.nr.agent.security.instrumentation.r2dbc.h2; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/r2dbc-h2/src/test/java/com/nr/instrumentation/security/r2dbc/h2/SessionClientTest.java b/instrumentation-security/r2dbc-h2/src/test/java/com/nr/agent/security/instrumentation/r2dbc/h2/SessionClientTest.java similarity index 98% rename from instrumentation-security/r2dbc-h2/src/test/java/com/nr/instrumentation/security/r2dbc/h2/SessionClientTest.java rename to instrumentation-security/r2dbc-h2/src/test/java/com/nr/agent/security/instrumentation/r2dbc/h2/SessionClientTest.java index b2cc287f1..19d270b23 100644 --- a/instrumentation-security/r2dbc-h2/src/test/java/com/nr/instrumentation/security/r2dbc/h2/SessionClientTest.java +++ b/instrumentation-security/r2dbc-h2/src/test/java/com/nr/agent/security/instrumentation/r2dbc/h2/SessionClientTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc.h2; +package com.nr.agent.security.instrumentation.r2dbc.h2; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/r2dbc-mariadb/src/test/java/com/nr/instrumentation/security/r2dbc/mariadb/ConnectionTest.java b/instrumentation-security/r2dbc-mariadb/src/test/java/com/nr/agent/security/instrumentation/r2dbc/mariadb/ConnectionTest.java similarity index 98% rename from instrumentation-security/r2dbc-mariadb/src/test/java/com/nr/instrumentation/security/r2dbc/mariadb/ConnectionTest.java rename to instrumentation-security/r2dbc-mariadb/src/test/java/com/nr/agent/security/instrumentation/r2dbc/mariadb/ConnectionTest.java index 006c015e6..73e24e6aa 100644 --- a/instrumentation-security/r2dbc-mariadb/src/test/java/com/nr/instrumentation/security/r2dbc/mariadb/ConnectionTest.java +++ b/instrumentation-security/r2dbc-mariadb/src/test/java/com/nr/agent/security/instrumentation/r2dbc/mariadb/ConnectionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc.mariadb; +package com.nr.agent.security.instrumentation.r2dbc.mariadb; import ch.vorburger.mariadb4j.DB; import ch.vorburger.mariadb4j.DBConfigurationBuilder; diff --git a/instrumentation-security/r2dbc-mysql/src/test/java/com/nr/instrumentation/security/r2dbc/mysql/ConnectionTest.java b/instrumentation-security/r2dbc-mysql/src/test/java/com/nr/agent/security/instrumentation/r2dbc/mysql/ConnectionTest.java similarity index 98% rename from instrumentation-security/r2dbc-mysql/src/test/java/com/nr/instrumentation/security/r2dbc/mysql/ConnectionTest.java rename to instrumentation-security/r2dbc-mysql/src/test/java/com/nr/agent/security/instrumentation/r2dbc/mysql/ConnectionTest.java index 3679cb006..e43bbdb2b 100644 --- a/instrumentation-security/r2dbc-mysql/src/test/java/com/nr/instrumentation/security/r2dbc/mysql/ConnectionTest.java +++ b/instrumentation-security/r2dbc-mysql/src/test/java/com/nr/agent/security/instrumentation/r2dbc/mysql/ConnectionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc.mysql; +package com.nr.agent.security.instrumentation.r2dbc.mysql; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/r2dbc-postgresql/src/test/java/com/nr/instrumentation/security/r2dbc/postgres/ConnectionTest.java b/instrumentation-security/r2dbc-postgresql/src/test/java/com/nr/agent/security/instrumentation/r2dbc/postgres/ConnectionTest.java similarity index 99% rename from instrumentation-security/r2dbc-postgresql/src/test/java/com/nr/instrumentation/security/r2dbc/postgres/ConnectionTest.java rename to instrumentation-security/r2dbc-postgresql/src/test/java/com/nr/agent/security/instrumentation/r2dbc/postgres/ConnectionTest.java index 674f4031c..d2718cc16 100644 --- a/instrumentation-security/r2dbc-postgresql/src/test/java/com/nr/instrumentation/security/r2dbc/postgres/ConnectionTest.java +++ b/instrumentation-security/r2dbc-postgresql/src/test/java/com/nr/agent/security/instrumentation/r2dbc/postgres/ConnectionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.r2dbc.postgres; +package com.nr.agent.security.instrumentation.r2dbc.postgres; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/rhino-jsinjection/src/main/java/com/nr/agent/security/mongo/jsinjection/rhino/JSEngineUtils.java b/instrumentation-security/rhino-jsinjection/src/main/java/com/newrelic/agent/security/instrumentation/rhino/JSEngineUtils.java similarity index 82% rename from instrumentation-security/rhino-jsinjection/src/main/java/com/nr/agent/security/mongo/jsinjection/rhino/JSEngineUtils.java rename to instrumentation-security/rhino-jsinjection/src/main/java/com/newrelic/agent/security/instrumentation/rhino/JSEngineUtils.java index 3ab03aa38..7f1fb52f0 100644 --- a/instrumentation-security/rhino-jsinjection/src/main/java/com/nr/agent/security/mongo/jsinjection/rhino/JSEngineUtils.java +++ b/instrumentation-security/rhino-jsinjection/src/main/java/com/newrelic/agent/security/instrumentation/rhino/JSEngineUtils.java @@ -1,4 +1,4 @@ -package com.nr.agent.security.mongo.jsinjection.rhino; +package com.newrelic.agent.security.instrumentation.rhino; public class JSEngineUtils { diff --git a/instrumentation-security/rhino-jsinjection/src/main/java/org/mozilla/javascript/ScriptRuntime_Instrumentation.java b/instrumentation-security/rhino-jsinjection/src/main/java/org/mozilla/javascript/ScriptRuntime_Instrumentation.java index e301c848e..5c32788c4 100644 --- a/instrumentation-security/rhino-jsinjection/src/main/java/org/mozilla/javascript/ScriptRuntime_Instrumentation.java +++ b/instrumentation-security/rhino-jsinjection/src/main/java/org/mozilla/javascript/ScriptRuntime_Instrumentation.java @@ -8,7 +8,7 @@ import com.newrelic.api.agent.security.schema.operation.JSInjectionOperation; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.agent.security.mongo.jsinjection.rhino.JSEngineUtils; +import com.newrelic.agent.security.instrumentation.rhino.JSEngineUtils; @Weave(originalName = "org.mozilla.javascript.ScriptRuntime") public class ScriptRuntime_Instrumentation { diff --git a/instrumentation-security/rhino-jsinjection/src/test/java/com/nr/agent/instrumentation/rhino/RhinoTest.java b/instrumentation-security/rhino-jsinjection/src/test/java/com/nr/agent/security/instrumentation/rhino/RhinoTest.java similarity index 99% rename from instrumentation-security/rhino-jsinjection/src/test/java/com/nr/agent/instrumentation/rhino/RhinoTest.java rename to instrumentation-security/rhino-jsinjection/src/test/java/com/nr/agent/security/instrumentation/rhino/RhinoTest.java index 05130da48..708d9aa2f 100644 --- a/instrumentation-security/rhino-jsinjection/src/test/java/com/nr/agent/instrumentation/rhino/RhinoTest.java +++ b/instrumentation-security/rhino-jsinjection/src/test/java/com/nr/agent/security/instrumentation/rhino/RhinoTest.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.rhino; +package com.nr.agent.security.instrumentation.rhino; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/saxpath/src/main/java/com/nr/instrumentation/security/xpath/saxpath/XPATHUtils.java b/instrumentation-security/saxpath/src/main/java/com/newrelic/agent/security/instrumentation/saxpath/XPATHUtils.java similarity index 74% rename from instrumentation-security/saxpath/src/main/java/com/nr/instrumentation/security/xpath/saxpath/XPATHUtils.java rename to instrumentation-security/saxpath/src/main/java/com/newrelic/agent/security/instrumentation/saxpath/XPATHUtils.java index 6016cb68b..ae5bc9696 100644 --- a/instrumentation-security/saxpath/src/main/java/com/nr/instrumentation/security/xpath/saxpath/XPATHUtils.java +++ b/instrumentation-security/saxpath/src/main/java/com/newrelic/agent/security/instrumentation/saxpath/XPATHUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath.saxpath; +package com.newrelic.agent.security.instrumentation.saxpath; public class XPATHUtils { diff --git a/instrumentation-security/saxpath/src/main/java/org/saxpath/XPathReader_Instrumentation.java b/instrumentation-security/saxpath/src/main/java/org/saxpath/XPathReader_Instrumentation.java index 343f9ce21..5bfb86db1 100644 --- a/instrumentation-security/saxpath/src/main/java/org/saxpath/XPathReader_Instrumentation.java +++ b/instrumentation-security/saxpath/src/main/java/org/saxpath/XPathReader_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.xpath.saxpath.XPATHUtils; +import com.newrelic.agent.security.instrumentation.saxpath.XPATHUtils; @Weave(type = MatchType.Interface, originalName = "org.saxpath.XPathReader") diff --git a/instrumentation-security/saxpath/src/test/java/com/nr/instrumentation/security/saxpath/XPathTest.java b/instrumentation-security/saxpath/src/test/java/com/nr/agent/security/instrumentation/saxpath/XPathTest.java similarity index 95% rename from instrumentation-security/saxpath/src/test/java/com/nr/instrumentation/security/saxpath/XPathTest.java rename to instrumentation-security/saxpath/src/test/java/com/nr/agent/security/instrumentation/saxpath/XPathTest.java index beeb2f334..dcf8df8f5 100644 --- a/instrumentation-security/saxpath/src/test/java/com/nr/instrumentation/security/saxpath/XPathTest.java +++ b/instrumentation-security/saxpath/src/test/java/com/nr/agent/security/instrumentation/saxpath/XPathTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.saxpath; +package com.nr.agent.security.instrumentation.saxpath; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -6,7 +6,7 @@ import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.VulnerabilityCaseType; import com.newrelic.api.agent.security.schema.operation.XPathOperation; -import com.nr.instrumentation.security.xpath.saxpath.XPATHUtils; +import com.newrelic.agent.security.instrumentation.saxpath.XPATHUtils; import org.junit.Assert; import org.junit.FixMethodOrder; import org.junit.Test; diff --git a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java b/instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/HttpServletHelper.java similarity index 99% rename from instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java rename to instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/HttpServletHelper.java index e93e68057..fbfd1e72b 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/HttpServletHelper.java +++ b/instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/HttpServletHelper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.newrelic.agent.security.instrumentation.servlet24; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.*; diff --git a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/ServletRequestCallback.java b/instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/ServletRequestCallback.java similarity index 97% rename from instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/ServletRequestCallback.java rename to instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/ServletRequestCallback.java index 5a64f9cf0..b7531fdda 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/ServletRequestCallback.java +++ b/instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/ServletRequestCallback.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.newrelic.agent.security.instrumentation.servlet24; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/ServletResponseCallback.java b/instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/ServletResponseCallback.java similarity index 97% rename from instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/ServletResponseCallback.java rename to instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/ServletResponseCallback.java index d9c388b22..4eac3d1ba 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/ServletResponseCallback.java +++ b/instrumentation-security/servlet-2.4/src/main/java/com/newrelic/agent/security/instrumentation/servlet24/ServletResponseCallback.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.newrelic.agent.security.instrumentation.servlet24; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java index d2a057c4f..d24551168 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/FilterChain_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet24.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet24.HttpServletHelper; import javax.servlet.http.HttpServletRequest; import java.io.IOException; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java index c75da5329..97cf78d6e 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Filter_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet24.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet24.HttpServletHelper; import javax.servlet.http.HttpServletRequest; import java.io.IOException; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java index b7aaed8ec..90cd830ac 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletContainerInitializer_Instrumentation.java @@ -1,9 +1,7 @@ package javax.servlet; -import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet24.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet24.HttpServletHelper; import java.util.Set; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletInputStream_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletInputStream_Instrumentation.java index 90ab998e6..5eceaedbe 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletInputStream_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletInputStream_Instrumentation.java @@ -10,10 +10,9 @@ import com.newrelic.api.agent.security.NewRelicSecurity;; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.NewField; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet24.ServletRequestCallback; +import com.newrelic.agent.security.instrumentation.servlet24.ServletRequestCallback; import java.io.IOException; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletOutputStream_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletOutputStream_Instrumentation.java index 963fa2c84..d2a8e6122 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletOutputStream_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletOutputStream_Instrumentation.java @@ -12,7 +12,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet24.ServletResponseCallback; +import com.newrelic.agent.security.instrumentation.servlet24.ServletResponseCallback; import java.io.IOException; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletRequest_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletRequest_Instrumentation.java index b12e50a3f..0ab2eb230 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletRequest_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletRequest_Instrumentation.java @@ -13,7 +13,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet24.ServletRequestCallback; +import com.newrelic.agent.security.instrumentation.servlet24.ServletRequestCallback; import java.io.BufferedReader; import java.io.IOException; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletResponse_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletResponse_Instrumentation.java index a0dd85bcf..488132d21 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletResponse_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/ServletResponse_Instrumentation.java @@ -9,11 +9,10 @@ import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; -import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet24.ServletResponseCallback; +import com.newrelic.agent.security.instrumentation.servlet24.ServletResponseCallback; import java.io.IOException; import java.io.PrintWriter; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java index 405e4f1cf..33bc5e052 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/Servlet_Instrumentation.java @@ -18,7 +18,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet24.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet24.HttpServletHelper; import javax.servlet.http.HttpServletRequest; diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/http/HttpServletResponse_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/http/HttpServletResponse_Instrumentation.java index e04939df8..09600118e 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/http/HttpServletResponse_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/http/HttpServletResponse_Instrumentation.java @@ -1,6 +1,5 @@ package javax.servlet.http; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; @@ -13,16 +12,13 @@ import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.Interface, originalName = "javax.servlet.http.HttpServletResponse") public class HttpServletResponse_Instrumentation { public void addCookie(Cookie cookie){ boolean isLockAcquired = acquireLockIfPossible(cookie.hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(cookie, getClass().getName(), "addCookie"); diff --git a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/http/HttpSession_Instrumentation.java b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/http/HttpSession_Instrumentation.java index fca917055..0e2107307 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/http/HttpSession_Instrumentation.java +++ b/instrumentation-security/servlet-2.4/src/main/java/javax/servlet/http/HttpSession_Instrumentation.java @@ -1,6 +1,5 @@ package javax.servlet.http; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; @@ -13,16 +12,13 @@ import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.Interface, originalName = "javax.servlet.http.HttpSession") public class HttpSession_Instrumentation { public void setAttribute(String name, Object value){ boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(name, value, getClass().getName(), "setAttribute"); @@ -42,7 +38,7 @@ public void setAttribute(String name, Object value){ public void putValue(String name, Object value){ boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(name, value, getClass().getName(), "putValue"); diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpServletServer.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpServletServer.java similarity index 97% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpServletServer.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpServletServer.java index 7b98ba2c3..c9ea9821f 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpServletServer.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpServletServer.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet24; import org.apache.catalina.Context; import org.apache.catalina.LifecycleState; diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpServletTest.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpServletTest.java similarity index 94% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpServletTest.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpServletTest.java index 3c57ff84a..36af9c86d 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpServletTest.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet24; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -19,7 +19,7 @@ @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "javax.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "javax.servlet", "com.newrelic.agent.security.instrumentation.servlet24" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class HttpServletTest { @ClassRule diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpSessionTest.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpSessionTest.java similarity index 97% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpSessionTest.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpSessionTest.java index fe221ba04..663714725 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpSessionTest.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpSessionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet24; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -21,7 +21,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "javax.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "javax.servlet", "com.newrelic.agent.security.instrumentation.servlet24" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class HttpSessionTest { @ClassRule diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpTestServlet.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpTestServlet.java similarity index 99% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpTestServlet.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpTestServlet.java index 3100db83b..896b24d07 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/HttpTestServlet.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/HttpTestServlet.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet24; import javax.servlet.ServletInputStream; import javax.servlet.ServletOutputStream; diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletInputStreamTest.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletInputStreamTest.java similarity index 97% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletInputStreamTest.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletInputStreamTest.java index 7c462c843..e694252ef 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletInputStreamTest.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletInputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet24; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -23,7 +23,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "javax.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "javax.servlet", "com.newrelic.agent.security.instrumentation.servlet24" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletInputStreamTest { diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletOutputStreamTest.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletOutputStreamTest.java similarity index 99% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletOutputStreamTest.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletOutputStreamTest.java index e9b618350..ec8969eb0 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletOutputStreamTest.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletOutputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet24; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -26,7 +26,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "javax.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "javax.servlet", "com.newrelic.agent.security.instrumentation.servlet24" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletOutputStreamTest { diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletRequestTest.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletRequestTest.java similarity index 98% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletRequestTest.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletRequestTest.java index 2665ca775..040018fae 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletRequestTest.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletRequestTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet24; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; @@ -32,7 +32,7 @@ import java.util.Map; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "jakarta.servlet") +@InstrumentationTestConfig(includePrefixes = { "javax.servlet", "com.newrelic.agent.security.instrumentation.servlet24"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletRequestTest { diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletResponseTest.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletResponseTest.java similarity index 96% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletResponseTest.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletResponseTest.java index 4da50dc06..98cdd0719 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletResponseTest.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletResponseTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet24; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -26,7 +26,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "jakarta.servlet") +@InstrumentationTestConfig(includePrefixes = { "javax.servlet", "com.newrelic.agent.security.instrumentation.servlet24"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletResponseTest { @ClassRule diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletTest.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletTest.java similarity index 93% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletTest.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletTest.java index 15f1401ed..eaaf384de 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletTest.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/ServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet24; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -22,7 +22,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "javax.servlet") +@InstrumentationTestConfig(includePrefixes = {"javax.servlet", "com.newrelic.agent.security.instrumentation.servlet24"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletTest { diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/WebServletTest.java b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/WebServletTest.java similarity index 89% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/WebServletTest.java rename to instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/WebServletTest.java index d2af6e96d..9606ee042 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/WebServletTest.java +++ b/instrumentation-security/servlet-2.4/src/test/java/com/nr/agent/security/instrumentation/servlet24/WebServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet24; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -17,7 +17,7 @@ import java.net.URL; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "javax.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "javax.servlet", "com.newrelic.agent.security.instrumentation.servlet24" }) public class WebServletTest { @ClassRule public static HttpServletServer server = new HttpServletServer(); diff --git a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java b/instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/HttpServletHelper.java similarity index 99% rename from instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java rename to instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/HttpServletHelper.java index 5637a6c8f..95a01fcf4 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/HttpServletHelper.java +++ b/instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/HttpServletHelper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.newrelic.agent.security.instrumentation.servlet5; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.*; diff --git a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/ServletRequestCallback.java b/instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/ServletRequestCallback.java similarity index 97% rename from instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/ServletRequestCallback.java rename to instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/ServletRequestCallback.java index fc174e704..ff884fffe 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/ServletRequestCallback.java +++ b/instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/ServletRequestCallback.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.newrelic.agent.security.instrumentation.servlet5; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/ServletResponseCallback.java b/instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/ServletResponseCallback.java similarity index 97% rename from instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/ServletResponseCallback.java rename to instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/ServletResponseCallback.java index fceaa0a7e..419db38f2 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/ServletResponseCallback.java +++ b/instrumentation-security/servlet-5.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet5/ServletResponseCallback.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.newrelic.agent.security.instrumentation.servlet5; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java index cb670ba9f..6f7e54a6e 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet5.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet5.HttpServletHelper; import jakarta.servlet.http.HttpServletRequest; import java.io.IOException; diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java index 270d0a4a5..43e2be592 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet5.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet5.HttpServletHelper; import jakarta.servlet.http.HttpServletRequest; import java.io.IOException; diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java index 02d4a8b75..0e3a888bc 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java @@ -1,9 +1,7 @@ package jakarta.servlet; -import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet5.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet5.HttpServletHelper; import java.util.Set; //@Weave(type = MatchType.Interface, originalName = "jakarta.servlet.ServletContainerInitializer") diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletInputStream_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletInputStream_Instrumentation.java index c1b9f1364..30b6848cc 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletInputStream_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletInputStream_Instrumentation.java @@ -10,10 +10,9 @@ import com.newrelic.api.agent.security.NewRelicSecurity;; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.NewField; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet5.ServletRequestCallback; +import com.newrelic.agent.security.instrumentation.servlet5.ServletRequestCallback; import java.io.IOException; diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletOutputStream_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletOutputStream_Instrumentation.java index 0d579a552..84d5a5530 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletOutputStream_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletOutputStream_Instrumentation.java @@ -10,10 +10,9 @@ import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.NewField; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet5.ServletResponseCallback; +import com.newrelic.agent.security.instrumentation.servlet5.ServletResponseCallback; import java.io.IOException; diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletRequest_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletRequest_Instrumentation.java index b3e8facdf..be1093f2f 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletRequest_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletRequest_Instrumentation.java @@ -13,7 +13,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet5.ServletRequestCallback; +import com.newrelic.agent.security.instrumentation.servlet5.ServletRequestCallback; import java.io.BufferedReader; import java.io.IOException; diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletResponse_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletResponse_Instrumentation.java index f4c1abc88..04dc2af8f 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletResponse_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/ServletResponse_Instrumentation.java @@ -12,7 +12,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet5.ServletResponseCallback; +import com.newrelic.agent.security.instrumentation.servlet5.ServletResponseCallback; import java.io.IOException; import java.io.PrintWriter; diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java index 9808eb29c..2b6acc230 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java @@ -18,7 +18,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet5.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet5.HttpServletHelper; import jakarta.servlet.http.HttpServletRequest; diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/http/HttpServletResponse_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/http/HttpServletResponse_Instrumentation.java index bc327a597..b90017e32 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/http/HttpServletResponse_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/http/HttpServletResponse_Instrumentation.java @@ -1,6 +1,5 @@ package jakarta.servlet.http; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; @@ -13,16 +12,13 @@ import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.Interface, originalName = "jakarta.servlet.http.HttpServletResponse") public class HttpServletResponse_Instrumentation { public void addCookie(Cookie cookie){ boolean isLockAcquired = acquireLockIfPossible(cookie.hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(cookie, getClass().getName(), "addCookie"); diff --git a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/http/HttpSession_Instrumentation.java b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/http/HttpSession_Instrumentation.java index 8fbd96c0b..d02191fd4 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/http/HttpSession_Instrumentation.java +++ b/instrumentation-security/servlet-5.0/src/main/java/jakarta/servlet/http/HttpSession_Instrumentation.java @@ -1,6 +1,5 @@ package jakarta.servlet.http; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; @@ -13,16 +12,13 @@ import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.Interface, originalName = "jakarta.servlet.http.HttpSession") public class HttpSession_Instrumentation { public void setAttribute(String name, Object value){ boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(name, value, getClass().getName(), "setAttribute"); @@ -42,7 +38,7 @@ public void setAttribute(String name, Object value){ public void putValue(String name, Object value){ boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled){ if (isLockAcquired) operation = preprocessSecurityHook(name, value, getClass().getName(), "putValue"); diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpServletServer.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpServletServer.java similarity index 97% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpServletServer.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpServletServer.java index f4ad7f982..958f3eb0a 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpServletServer.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpServletServer.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet5; import jakarta.servlet.annotation.WebServlet; import org.apache.catalina.Context; diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpServletTest.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpServletTest.java similarity index 96% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpServletTest.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpServletTest.java index 6ba94763f..f7bbdc6f2 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpServletTest.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet5; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -18,7 +18,7 @@ import java.net.URL; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet5" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class HttpServletTest { @ClassRule diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpSessionTest.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpSessionTest.java similarity index 98% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpSessionTest.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpSessionTest.java index b59131abd..95f12ce0f 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpSessionTest.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpSessionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet5; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -21,7 +21,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet5" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class HttpSessionTest { @ClassRule diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpTestServlet.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpTestServlet.java similarity index 99% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpTestServlet.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpTestServlet.java index 53ab4fbc6..89df822d9 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpTestServlet.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/HttpTestServlet.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet5; import jakarta.servlet.ServletInputStream; import jakarta.servlet.ServletOutputStream; diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletInputStreamTest.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletInputStreamTest.java similarity index 98% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletInputStreamTest.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletInputStreamTest.java index e1a41dcaf..631656dff 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletInputStreamTest.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletInputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet5; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -23,7 +23,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet5" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletInputStreamTest { @@ -96,7 +96,6 @@ private String read() throws IOException, URISyntaxException { return POST_PARAMS; } - @Trace(dispatcher = true) private String readLine() throws IOException, URISyntaxException { String method = "POST"; @@ -112,7 +111,6 @@ private String readLineWithOff() throws IOException, URISyntaxException { makeRequest(method, POST_PARAMS, "readLine/withOff"); return POST_PARAMS.substring(0,5); } - private void makeRequest( String Method, final String POST_PARAMS, String path) throws URISyntaxException, IOException{ URL u = servlet.getEndPoint("inputStream/"+ path).toURL(); diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletOutputStreamTest.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletOutputStreamTest.java similarity index 99% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletOutputStreamTest.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletOutputStreamTest.java index 4fea84bf4..7b9070168 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletOutputStreamTest.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletOutputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet5; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletRequestTest.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletRequestTest.java similarity index 98% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletRequestTest.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletRequestTest.java index 66cebb229..b3f934cef 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletRequestTest.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletRequestTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet5; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; @@ -32,7 +32,7 @@ import java.util.Map; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "javax.servlet") +@InstrumentationTestConfig(includePrefixes = {"jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet5"} ) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletRequestTest { diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletResponseTest.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletResponseTest.java similarity index 96% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletResponseTest.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletResponseTest.java index b691df173..b334a287e 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletResponseTest.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletResponseTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet5; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -26,7 +26,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "jakarta.servlet") +@InstrumentationTestConfig(includePrefixes = {"jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet5"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletResponseTest { @ClassRule diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletTest.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletTest.java similarity index 93% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletTest.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletTest.java index f6ea1d376..bd9ed014b 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletTest.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/ServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet5; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -22,7 +22,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "jakarta.servlet") +@InstrumentationTestConfig(includePrefixes = {"jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet5"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletTest { diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/WebServletTest.java b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/WebServletTest.java similarity index 93% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/WebServletTest.java rename to instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/WebServletTest.java index 528c0a871..d9ddac7c8 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/WebServletTest.java +++ b/instrumentation-security/servlet-5.0/src/test/java/com/nr/agent/security/instrumentation/servlet5/WebServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet5; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -17,7 +17,7 @@ import java.net.URL; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet5" }) public class WebServletTest { @ClassRule public static HttpServletServer server = new HttpServletServer(); diff --git a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java b/instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/HttpServletHelper.java similarity index 99% rename from instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java rename to instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/HttpServletHelper.java index 57e278ff9..65e985866 100644 --- a/instrumentation-security/servlet-5.0/src/main/java/com/nr/instrumentation/security/servlet5/HttpServletHelper.java +++ b/instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/HttpServletHelper.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.newrelic.agent.security.instrumentation.servlet6; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.*; diff --git a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/ServletRequestCallback.java b/instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/ServletRequestCallback.java similarity index 97% rename from instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/ServletRequestCallback.java rename to instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/ServletRequestCallback.java index 34e451aef..3fc317d73 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/com/nr/instrumentation/security/servlet6/ServletRequestCallback.java +++ b/instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/ServletRequestCallback.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.newrelic.agent.security.instrumentation.servlet6; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/ServletResponseCallback.java b/instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/ServletResponseCallback.java similarity index 97% rename from instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/ServletResponseCallback.java rename to instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/ServletResponseCallback.java index 975d7422d..f0aebf6d6 100644 --- a/instrumentation-security/servlet-2.4/src/main/java/com/nr/instrumentation/security/servlet24/ServletResponseCallback.java +++ b/instrumentation-security/servlet-6.0/src/main/java/com/newrelic/agent/security/instrumentation/servlet6/ServletResponseCallback.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.newrelic.agent.security.instrumentation.servlet6; import com.newrelic.api.agent.security.NewRelicSecurity; diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java index 28058d8c2..185e2d14c 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/FilterChain_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet6.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet6.HttpServletHelper; import jakarta.servlet.http.HttpServletRequest; import java.io.IOException; diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java index 1ddc80200..8e5c6fda7 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Filter_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet6.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet6.HttpServletHelper; import jakarta.servlet.http.HttpServletRequest; import java.io.IOException; diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java index 5bcaacac9..fd0434a5d 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletContainerInitializer_Instrumentation.java @@ -1,9 +1,7 @@ package jakarta.servlet; -import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet6.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet6.HttpServletHelper; import java.util.Set; //@Weave(type = MatchType.Interface, originalName = "jakarta.servlet.ServletContainerInitializer") diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletInputStream_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletInputStream_Instrumentation.java index 1806b43f9..c95565cbc 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletInputStream_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletInputStream_Instrumentation.java @@ -10,10 +10,9 @@ import com.newrelic.api.agent.security.NewRelicSecurity;; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.NewField; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet6.ServletRequestCallback; +import com.newrelic.agent.security.instrumentation.servlet6.ServletRequestCallback; import java.io.IOException; diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletOutputStream_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletOutputStream_Instrumentation.java index 7aec758ab..8dbc64ca0 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletOutputStream_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletOutputStream_Instrumentation.java @@ -10,10 +10,9 @@ import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.MatchType; -import com.newrelic.api.agent.weaver.NewField; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet6.ServletResponseCallback; +import com.newrelic.agent.security.instrumentation.servlet6.ServletResponseCallback; import java.io.IOException; diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletRequest_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletRequest_Instrumentation.java index 71739e3bd..cccc15bfa 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletRequest_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletRequest_Instrumentation.java @@ -13,7 +13,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet6.ServletRequestCallback; +import com.newrelic.agent.security.instrumentation.servlet6.ServletRequestCallback; import java.io.BufferedReader; import java.io.IOException; diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletResponse_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletResponse_Instrumentation.java index b22f5d498..69fb2cf47 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletResponse_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/ServletResponse_Instrumentation.java @@ -12,7 +12,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet6.ServletResponseCallback; +import com.newrelic.agent.security.instrumentation.servlet6.ServletResponseCallback; import java.io.IOException; import java.io.PrintWriter; diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java index c095eb12e..562fbf982 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/Servlet_Instrumentation.java @@ -18,7 +18,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.servlet6.HttpServletHelper; +import com.newrelic.agent.security.instrumentation.servlet6.HttpServletHelper; import jakarta.servlet.http.HttpServletRequest; diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/http/HttpServletResponse_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/http/HttpServletResponse_Instrumentation.java index bc327a597..b90017e32 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/http/HttpServletResponse_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/http/HttpServletResponse_Instrumentation.java @@ -1,6 +1,5 @@ package jakarta.servlet.http; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; @@ -13,16 +12,13 @@ import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.Interface, originalName = "jakarta.servlet.http.HttpServletResponse") public class HttpServletResponse_Instrumentation { public void addCookie(Cookie cookie){ boolean isLockAcquired = acquireLockIfPossible(cookie.hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(cookie, getClass().getName(), "addCookie"); diff --git a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/http/HttpSession_Instrumentation.java b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/http/HttpSession_Instrumentation.java index da6793a23..d57d7a41b 100644 --- a/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/http/HttpSession_Instrumentation.java +++ b/instrumentation-security/servlet-6.0/src/main/java/jakarta/servlet/http/HttpSession_Instrumentation.java @@ -1,6 +1,5 @@ package jakarta.servlet.http; -import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; @@ -13,16 +12,13 @@ import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.DEFAULT; -import static com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED; - @Weave(type = MatchType.Interface, originalName = "jakarta.servlet.http.HttpSession") public class HttpSession_Instrumentation { public void setAttribute(String name, Object value){ boolean isLockAcquired = acquireLockIfPossible(hashCode()); AbstractOperation operation = null; - boolean isOwaspHookEnabled = NewRelic.getAgent().getConfig().getValue(LOW_SEVERITY_HOOKS_ENABLED, DEFAULT); + boolean isOwaspHookEnabled = NewRelicSecurity.getAgent().isLowPriorityInstrumentationEnabled(); if (isOwaspHookEnabled && LowSeverityHelper.isOwaspHookProcessingNeeded()){ if (isLockAcquired) operation = preprocessSecurityHook(name, value, getClass().getName(), "setAttribute"); diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpServletServer.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpServletServer.java similarity index 97% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpServletServer.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpServletServer.java index b1d93aa2c..911f76bbb 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpServletServer.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpServletServer.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet6; import jakarta.servlet.annotation.WebServlet; import org.apache.catalina.Context; diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpServletTest.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpServletTest.java similarity index 96% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpServletTest.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpServletTest.java index 5e0811620..4b41ca20a 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/HttpServletTest.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet6; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -18,7 +18,7 @@ import java.net.URL; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet6" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class HttpServletTest { @ClassRule diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpSessionTest.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpSessionTest.java similarity index 98% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpSessionTest.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpSessionTest.java index 21379cd69..5cfb1b016 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpSessionTest.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpSessionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet6; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -21,7 +21,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet6" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class HttpSessionTest { @ClassRule diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpTestServlet.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpTestServlet.java similarity index 99% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpTestServlet.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpTestServlet.java index 9c604253d..098ffed0a 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/HttpTestServlet.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/HttpTestServlet.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet6; import jakarta.servlet.ServletException; import jakarta.servlet.ServletInputStream; diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletInputStreamTest.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletInputStreamTest.java similarity index 98% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletInputStreamTest.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletInputStreamTest.java index fe2a5f344..d234d30be 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletInputStreamTest.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletInputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet6; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -23,7 +23,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet6" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletInputStreamTest { @@ -96,6 +96,7 @@ private String read() throws IOException, URISyntaxException { return POST_PARAMS; } + @Trace(dispatcher = true) private String readLine() throws IOException, URISyntaxException { String method = "POST"; @@ -111,6 +112,7 @@ private String readLineWithOff() throws IOException, URISyntaxException { makeRequest(method, POST_PARAMS, "readLine/withOff"); return POST_PARAMS.substring(0,5); } + private void makeRequest( String Method, final String POST_PARAMS, String path) throws URISyntaxException, IOException{ URL u = servlet.getEndPoint("inputStream/"+ path).toURL(); diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletOutputStreamTest.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletOutputStreamTest.java similarity index 99% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletOutputStreamTest.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletOutputStreamTest.java index eeca02129..d417c55b3 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletOutputStreamTest.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletOutputStreamTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet6; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -25,7 +25,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet6" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletOutputStreamTest { diff --git a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletRequestTest.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletRequestTest.java similarity index 98% rename from instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletRequestTest.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletRequestTest.java index 348fa8727..64035182d 100644 --- a/instrumentation-security/servlet-5.0/src/test/java/com/nr/instrumentation/security/servlet5/ServletRequestTest.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletRequestTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet5; +package com.nr.agent.security.instrumentation.servlet6; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; @@ -32,7 +32,7 @@ import java.util.Map; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "jakarta.servlet") +@InstrumentationTestConfig(includePrefixes = {"jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet6" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletRequestTest { diff --git a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletResponseTest.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletResponseTest.java similarity index 96% rename from instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletResponseTest.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletResponseTest.java index a52a49d56..e069ba5fb 100644 --- a/instrumentation-security/servlet-2.4/src/test/java/com/nr/instrumentation/security/servlet24/ServletResponseTest.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletResponseTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet24; +package com.nr.agent.security.instrumentation.servlet6; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -26,7 +26,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "javax.servlet") +@InstrumentationTestConfig(includePrefixes = {"jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet6" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletResponseTest { @ClassRule diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletTest.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletTest.java similarity index 93% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletTest.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletTest.java index 03df38043..8e0124b82 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/ServletTest.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/ServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet6; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -22,7 +22,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = "jakarta.servlet") +@InstrumentationTestConfig(includePrefixes = {"jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet6"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class ServletTest { diff --git a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/WebServletTest.java b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/WebServletTest.java similarity index 93% rename from instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/WebServletTest.java rename to instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/WebServletTest.java index 9da133d95..cab44e521 100644 --- a/instrumentation-security/servlet-6.0/src/test/java/com/nr/instrumentation/security/servlet6/WebServletTest.java +++ b/instrumentation-security/servlet-6.0/src/test/java/com/nr/agent/security/instrumentation/servlet6/WebServletTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.servlet6; +package com.nr.agent.security.instrumentation.servlet6; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -17,7 +17,7 @@ import java.net.URL; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet" }) +@InstrumentationTestConfig(includePrefixes = { "jakarta.servlet", "com.newrelic.agent.security.instrumentation.servlet6" }) public class WebServletTest { @ClassRule public static HttpServletServer server = new HttpServletServer(); diff --git a/instrumentation-security/spring-web/src/main/java/com/nr/agent/instrumentation/SpringController_Instrumentation.java b/instrumentation-security/spring-web/src/main/java/com/newrelic/agent/security/instrumentation/springweb/SpringController_Instrumentation.java similarity index 95% rename from instrumentation-security/spring-web/src/main/java/com/nr/agent/instrumentation/SpringController_Instrumentation.java rename to instrumentation-security/spring-web/src/main/java/com/newrelic/agent/security/instrumentation/springweb/SpringController_Instrumentation.java index 0e9f9626b..9776c311c 100644 --- a/instrumentation-security/spring-web/src/main/java/com/nr/agent/instrumentation/SpringController_Instrumentation.java +++ b/instrumentation-security/spring-web/src/main/java/com/newrelic/agent/security/instrumentation/springweb/SpringController_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation; +package com.newrelic.agent.security.instrumentation.springweb; import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper; import com.newrelic.api.agent.weaver.MatchType; diff --git a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/App.java b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/App.java similarity index 98% rename from instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/App.java rename to instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/App.java index 4b6e2054f..69ea5965c 100644 --- a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/App.java +++ b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/App.java @@ -4,7 +4,7 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.springweb.app; +package com.nr.agent.security.instrumentation.springweb.springweb.app; import com.newrelic.api.agent.Trace; diff --git a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/TestMappings.java b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/TestMappings.java similarity index 94% rename from instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/TestMappings.java rename to instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/TestMappings.java index b5ea77522..d025c09bc 100644 --- a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/TestMappings.java +++ b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/TestMappings.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.springweb.app;/* +package com.nr.agent.security.instrumentation.springweb.springweb.app;/* * * * Copyright 2020 New Relic Corporation. All rights reserved. * * SPDX-License-Identifier: Apache-2.0 diff --git a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/TestMappingsWithRest.java b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/TestMappingsWithRest.java similarity index 95% rename from instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/TestMappingsWithRest.java rename to instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/TestMappingsWithRest.java index b652fc620..af92b0f84 100644 --- a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/app/TestMappingsWithRest.java +++ b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/app/TestMappingsWithRest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.springweb.app;/* +package com.nr.agent.security.instrumentation.springweb.springweb.app;/* * * * Copyright 2020 New Relic Corporation. All rights reserved. * * SPDX-License-Identifier: Apache-2.0 diff --git a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/test/SpringControllerTest.java b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/test/SpringControllerTest.java similarity index 93% rename from instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/test/SpringControllerTest.java rename to instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/test/SpringControllerTest.java index 73de8ee0c..9a8038943 100644 --- a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/test/SpringControllerTest.java +++ b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/test/SpringControllerTest.java @@ -4,13 +4,13 @@ * * SPDX-License-Identifier: Apache-2.0 * */ -package com.nr.instrumentation.security.springweb.test; +package com.nr.agent.security.instrumentation.springweb.springweb.test; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.nr.instrumentation.security.springweb.app.App; +import com.nr.agent.security.instrumentation.springweb.springweb.app.App; import org.junit.Assert; import org.junit.FixMethodOrder; import org.junit.Test; @@ -18,7 +18,7 @@ import org.junit.runners.MethodSorters; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.agent.instrumentation" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.springweb" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class SpringControllerTest { diff --git a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/test/SpringRestControllerTest.java b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/test/SpringRestControllerTest.java similarity index 93% rename from instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/test/SpringRestControllerTest.java rename to instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/test/SpringRestControllerTest.java index e527ea55d..ae4bfa3be 100644 --- a/instrumentation-security/spring-web/src/test/java/com/nr/instrumentation/security/springweb/test/SpringRestControllerTest.java +++ b/instrumentation-security/spring-web/src/test/java/com/nr/agent/security/instrumentation/springweb/springweb/test/SpringRestControllerTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.springweb.test;/* +package com.nr.agent.security.instrumentation.springweb.springweb.test;/* * * * Copyright 2020 New Relic Corporation. All rights reserved. * * SPDX-License-Identifier: Apache-2.0 @@ -9,7 +9,7 @@ import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; import com.newrelic.agent.security.introspec.SecurityIntrospector; import com.newrelic.api.agent.security.schema.AgentMetaData; -import com.nr.instrumentation.security.springweb.app.App; +import com.nr.agent.security.instrumentation.springweb.springweb.app.App; import org.junit.Assert; import org.junit.FixMethodOrder; import org.junit.Test; @@ -17,7 +17,7 @@ import org.junit.runners.MethodSorters; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.nr.agent.instrumentation" }) +@InstrumentationTestConfig(includePrefixes = { "com.newrelic.agent.security.instrumentation.springweb" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class SpringRestControllerTest { diff --git a/instrumentation-security/unboundid-ldapsdk/src/main/java/com/nr/instrumentation/security/unboundid/ldap/LDAPUtils.java b/instrumentation-security/unboundid-ldapsdk/src/main/java/com/newrelic/agent/security/instrumentation/unboundid/ldap/LDAPUtils.java similarity index 72% rename from instrumentation-security/unboundid-ldapsdk/src/main/java/com/nr/instrumentation/security/unboundid/ldap/LDAPUtils.java rename to instrumentation-security/unboundid-ldapsdk/src/main/java/com/newrelic/agent/security/instrumentation/unboundid/ldap/LDAPUtils.java index a0f8a8714..e4fe9b118 100644 --- a/instrumentation-security/unboundid-ldapsdk/src/main/java/com/nr/instrumentation/security/unboundid/ldap/LDAPUtils.java +++ b/instrumentation-security/unboundid-ldapsdk/src/main/java/com/newrelic/agent/security/instrumentation/unboundid/ldap/LDAPUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.unboundid.ldap; +package com.newrelic.agent.security.instrumentation.unboundid.ldap; public class LDAPUtils { diff --git a/instrumentation-security/unboundid-ldapsdk/src/main/java/com/unboundid/ldap/sdk/LDAPInterface_Instrumentation.java b/instrumentation-security/unboundid-ldapsdk/src/main/java/com/unboundid/ldap/sdk/LDAPInterface_Instrumentation.java index f889803be..047719eb6 100644 --- a/instrumentation-security/unboundid-ldapsdk/src/main/java/com/unboundid/ldap/sdk/LDAPInterface_Instrumentation.java +++ b/instrumentation-security/unboundid-ldapsdk/src/main/java/com/unboundid/ldap/sdk/LDAPInterface_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.unboundid.ldap.LDAPUtils; +import com.newrelic.agent.security.instrumentation.unboundid.ldap.LDAPUtils; @Weave(type = MatchType.Interface, originalName = "com.unboundid.ldap.sdk.LDAPInterface") public class LDAPInterface_Instrumentation { diff --git a/instrumentation-security/unboundid-ldapsdk/src/test/java/com/nr/instrumentation/security/unboundid/ldap/sdk/LDAPInterfaceTest.java b/instrumentation-security/unboundid-ldapsdk/src/test/java/com/nr/agent/security/instrumentation/unboundid/ldap/LDAPInterfaceTest.java similarity index 98% rename from instrumentation-security/unboundid-ldapsdk/src/test/java/com/nr/instrumentation/security/unboundid/ldap/sdk/LDAPInterfaceTest.java rename to instrumentation-security/unboundid-ldapsdk/src/test/java/com/nr/agent/security/instrumentation/unboundid/ldap/LDAPInterfaceTest.java index 633e2c7d8..d1d411628 100644 --- a/instrumentation-security/unboundid-ldapsdk/src/test/java/com/nr/instrumentation/security/unboundid/ldap/sdk/LDAPInterfaceTest.java +++ b/instrumentation-security/unboundid-ldapsdk/src/test/java/com/nr/agent/security/instrumentation/unboundid/ldap/LDAPInterfaceTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.unboundid.ldap.sdk; +package com.nr.agent.security.instrumentation.unboundid.ldap; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -26,7 +26,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = { "com.unboundid.ldap.sdk", "com.nr.instrumentation.security.unboundid.ldap.LDAPUtils" }) +@InstrumentationTestConfig(includePrefixes = { "com.unboundid.ldap.sdk", "com.newrelic.agent.security.instrumentation.unboundid.ldap.LDAPUtils" }) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class LDAPInterfaceTest { public static final String DOMAIN_DSN = "dc=example,dc=com"; diff --git a/instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/Helper.java b/instrumentation-security/urlconnection/src/main/java/com/newrelic/agent/security/instrumentation/urlconnection/Helper.java similarity index 85% rename from instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/Helper.java rename to instrumentation-security/urlconnection/src/main/java/com/newrelic/agent/security/instrumentation/urlconnection/Helper.java index b1568df8e..f2516373c 100644 --- a/instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/Helper.java +++ b/instrumentation-security/urlconnection/src/main/java/com/newrelic/agent/security/instrumentation/urlconnection/Helper.java @@ -1,4 +1,4 @@ -package com.nr.agent.instrumentation.security.urlconnection; +package com.newrelic.agent.security.instrumentation.urlconnection; public class Helper { diff --git a/instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/URLConnection_Instrumentation.java b/instrumentation-security/urlconnection/src/main/java/com/newrelic/agent/security/instrumentation/urlconnection/URLConnection_Instrumentation.java similarity index 99% rename from instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/URLConnection_Instrumentation.java rename to instrumentation-security/urlconnection/src/main/java/com/newrelic/agent/security/instrumentation/urlconnection/URLConnection_Instrumentation.java index b3a0711cf..7016be985 100644 --- a/instrumentation-security/urlconnection/src/main/java/com/nr/agent/instrumentation/security/urlconnection/URLConnection_Instrumentation.java +++ b/instrumentation-security/urlconnection/src/main/java/com/newrelic/agent/security/instrumentation/urlconnection/URLConnection_Instrumentation.java @@ -5,7 +5,7 @@ * */ -package com.nr.agent.instrumentation.security.urlconnection; +package com.newrelic.agent.security.instrumentation.urlconnection; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; diff --git a/instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/URLConnectionTest.java b/instrumentation-security/urlconnection/src/test/java/com/nr/agent/security/instrumentation/urlconnection/URLConnectionTest.java similarity index 99% rename from instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/URLConnectionTest.java rename to instrumentation-security/urlconnection/src/test/java/com/nr/agent/security/instrumentation/urlconnection/URLConnectionTest.java index f484558c5..a3b643dc1 100644 --- a/instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/URLConnectionTest.java +++ b/instrumentation-security/urlconnection/src/test/java/com/nr/agent/security/instrumentation/urlconnection/URLConnectionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.urlconnection; +package com.nr.agent.security.instrumentation.urlconnection; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -21,7 +21,7 @@ import java.util.UUID; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.instrumentation.security.urlconnection"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.urlconnection"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class URLConnectionTest { diff --git a/instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/ftp/FTPConnectionTest.java b/instrumentation-security/urlconnection/src/test/java/com/nr/agent/security/instrumentation/urlconnection/ftp/FTPConnectionTest.java similarity index 98% rename from instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/ftp/FTPConnectionTest.java rename to instrumentation-security/urlconnection/src/test/java/com/nr/agent/security/instrumentation/urlconnection/ftp/FTPConnectionTest.java index 69ae394aa..6fab4473d 100644 --- a/instrumentation-security/urlconnection/src/test/java/com/nr/instrumentation/security/urlconnection/ftp/FTPConnectionTest.java +++ b/instrumentation-security/urlconnection/src/test/java/com/nr/agent/security/instrumentation/urlconnection/ftp/FTPConnectionTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.urlconnection.ftp; +package com.nr.agent.security.instrumentation.urlconnection.ftp; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; @@ -20,7 +20,7 @@ import java.util.List; @RunWith(SecurityInstrumentationTestRunner.class) -@InstrumentationTestConfig(includePrefixes = {"com.nr.agent.instrumentation.security.urlconnection"}) +@InstrumentationTestConfig(includePrefixes = {"com.newrelic.agent.security.instrumentation.urlconnection"}) @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class FTPConnectionTest { private static final String FTP_USER = "user"; diff --git a/instrumentation-security/xalan-xpath/src/main/java/com/nr/instrumentation/security/xpath/xalan/XPATHUtils.java b/instrumentation-security/xalan-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xalan/xpath/XPATHUtils.java similarity index 73% rename from instrumentation-security/xalan-xpath/src/main/java/com/nr/instrumentation/security/xpath/xalan/XPATHUtils.java rename to instrumentation-security/xalan-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xalan/xpath/XPATHUtils.java index a7a995b08..26cb49978 100644 --- a/instrumentation-security/xalan-xpath/src/main/java/com/nr/instrumentation/security/xpath/xalan/XPATHUtils.java +++ b/instrumentation-security/xalan-xpath/src/main/java/com/newrelic/agent/security/instrumentation/xalan/xpath/XPATHUtils.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xpath.xalan; +package com.newrelic.agent.security.instrumentation.xalan.xpath; public class XPATHUtils { diff --git a/instrumentation-security/xalan-xpath/src/main/java/org/apache/xpath/XPath_Instrumentation.java b/instrumentation-security/xalan-xpath/src/main/java/org/apache/xpath/XPath_Instrumentation.java index 89c705b87..725d1b89f 100644 --- a/instrumentation-security/xalan-xpath/src/main/java/org/apache/xpath/XPath_Instrumentation.java +++ b/instrumentation-security/xalan-xpath/src/main/java/org/apache/xpath/XPath_Instrumentation.java @@ -9,7 +9,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.nr.instrumentation.security.xpath.xalan.XPATHUtils; +import com.newrelic.agent.security.instrumentation.xalan.xpath.XPATHUtils; import org.apache.xml.utils.PrefixResolver; import org.apache.xpath.objects.XObject; import org.w3c.dom.Node; diff --git a/instrumentation-security/xalan-xpath/src/test/java/com/nr/instrumentation/security/xalan/xpath/XPathTest.java b/instrumentation-security/xalan-xpath/src/test/java/com/nr/agent/security/instrumentation/xalan/xpath/XPathTest.java similarity index 98% rename from instrumentation-security/xalan-xpath/src/test/java/com/nr/instrumentation/security/xalan/xpath/XPathTest.java rename to instrumentation-security/xalan-xpath/src/test/java/com/nr/agent/security/instrumentation/xalan/xpath/XPathTest.java index b15233497..da295bff3 100644 --- a/instrumentation-security/xalan-xpath/src/test/java/com/nr/instrumentation/security/xalan/xpath/XPathTest.java +++ b/instrumentation-security/xalan-xpath/src/test/java/com/nr/agent/security/instrumentation/xalan/xpath/XPathTest.java @@ -1,4 +1,4 @@ -package com.nr.instrumentation.security.xalan.xpath; +package com.nr.agent.security.instrumentation.xalan.xpath; import com.newrelic.agent.security.introspec.InstrumentationTestConfig; import com.newrelic.agent.security.introspec.SecurityInstrumentationTestRunner; diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 2d2e4f815..da12defa9 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -497,4 +497,9 @@ public void setInitialised(boolean initialised) { public Instrumentation getInstrumentation() { return this.instrumentation; } + + @Override + public boolean isLowPriorityInstrumentationEnabled() { + return NewRelic.getAgent().getConfig().getValue(LowSeverityHelper.LOW_SEVERITY_HOOKS_ENABLED, LowSeverityHelper.DEFAULT); + } } \ No newline at end of file diff --git a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java index cf67441cb..2b57c8bcb 100644 --- a/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-api-test-impl/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -2,6 +2,7 @@ import com.newrelic.api.agent.NewRelic; import com.newrelic.api.agent.Transaction; +import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; @@ -131,4 +132,9 @@ public String getAgentTempDir() { public Instrumentation getInstrumentation() { return null; } + + @Override + public boolean isLowPriorityInstrumentationEnabled() { + return true; + } } \ No newline at end of file diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java index c3131db9b..9fd955bf6 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/NoOpAgent.java @@ -7,6 +7,7 @@ package com.newrelic.api.agent.security; +import com.newrelic.api.agent.security.instrumentation.helpers.LowSeverityHelper; import com.newrelic.api.agent.security.schema.AbstractOperation; import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.schema.policy.AgentPolicy; @@ -72,4 +73,9 @@ public Instrumentation getInstrumentation() { return null; } + @Override + public boolean isLowPriorityInstrumentationEnabled() { + return false; + } + } diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java index bc9ad3dfd..dbb89481e 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/SecurityAgent.java @@ -43,4 +43,6 @@ public interface SecurityAgent { String getAgentTempDir(); Instrumentation getInstrumentation(); + + boolean isLowPriorityInstrumentationEnabled(); } From 90490ecefe0f92f2a91efc766f45aff2b36f5514 Mon Sep 17 00:00:00 2001 From: lovesh-ap Date: Tue, 3 Oct 2023 14:42:28 +0530 Subject: [PATCH 78/80] Fix ClassNotFoundException for IOStreamHelper, moved the helper class to api under helpers package 'com.newrelic.api.agent.security.instrumentation.helpers' --- .../java/io/BufferedReader_Instrumentation.java | 2 +- .../java/io/OutputStream_Instrumentation.java | 2 +- .../java/java/io/PrintWriter_Instrumentation.java | 2 +- .../main/java/java/io/Reader_Instrumentation.java | 2 +- .../intcodeagent/schedulers/SchedulerHelper.java | 15 +++++++++++++++ .../instrumentation/helpers}/IOStreamHelper.java | 2 +- 6 files changed, 20 insertions(+), 5 deletions(-) rename {instrumentation-security/java-io-stream/src/main/java/com/newrelic/agent/security/instrumentation/inputstream => newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers}/IOStreamHelper.java (98%) diff --git a/instrumentation-security/java-io-stream/src/main/java/java/io/BufferedReader_Instrumentation.java b/instrumentation-security/java-io-stream/src/main/java/java/io/BufferedReader_Instrumentation.java index 06280fc79..3bc6c8b3d 100644 --- a/instrumentation-security/java-io-stream/src/main/java/java/io/BufferedReader_Instrumentation.java +++ b/instrumentation-security/java-io-stream/src/main/java/java/io/BufferedReader_Instrumentation.java @@ -13,7 +13,7 @@ import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.WeaveAllConstructors; import com.newrelic.api.agent.weaver.Weaver; -import com.newrelic.agent.security.instrumentation.inputstream.IOStreamHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.IOStreamHelper; @Weave(type = MatchType.BaseClass, originalName = "java.io.BufferedReader") public abstract class BufferedReader_Instrumentation { diff --git a/instrumentation-security/java-io-stream/src/main/java/java/io/OutputStream_Instrumentation.java b/instrumentation-security/java-io-stream/src/main/java/java/io/OutputStream_Instrumentation.java index 74f7be6f1..0ec0a9829 100644 --- a/instrumentation-security/java-io-stream/src/main/java/java/io/OutputStream_Instrumentation.java +++ b/instrumentation-security/java-io-stream/src/main/java/java/io/OutputStream_Instrumentation.java @@ -11,7 +11,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.newrelic.agent.security.instrumentation.inputstream.IOStreamHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.IOStreamHelper; @Weave(type = MatchType.BaseClass, originalName = "java.io.OutputStream") public abstract class OutputStream_Instrumentation { diff --git a/instrumentation-security/java-io-stream/src/main/java/java/io/PrintWriter_Instrumentation.java b/instrumentation-security/java-io-stream/src/main/java/java/io/PrintWriter_Instrumentation.java index ed9316057..17a2e34ee 100644 --- a/instrumentation-security/java-io-stream/src/main/java/java/io/PrintWriter_Instrumentation.java +++ b/instrumentation-security/java-io-stream/src/main/java/java/io/PrintWriter_Instrumentation.java @@ -10,7 +10,7 @@ import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; import com.newrelic.api.agent.weaver.*; -import com.newrelic.agent.security.instrumentation.inputstream.IOStreamHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.IOStreamHelper; import java.util.Locale; diff --git a/instrumentation-security/java-io-stream/src/main/java/java/io/Reader_Instrumentation.java b/instrumentation-security/java-io-stream/src/main/java/java/io/Reader_Instrumentation.java index 763f1c023..5563c953b 100644 --- a/instrumentation-security/java-io-stream/src/main/java/java/io/Reader_Instrumentation.java +++ b/instrumentation-security/java-io-stream/src/main/java/java/io/Reader_Instrumentation.java @@ -12,7 +12,7 @@ import com.newrelic.api.agent.weaver.MatchType; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; -import com.newrelic.agent.security.instrumentation.inputstream.IOStreamHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.IOStreamHelper; @Weave(type = MatchType.BaseClass, originalName = "java.io.Reader") public abstract class Reader_Instrumentation { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/SchedulerHelper.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/SchedulerHelper.java index eb08c5deb..8666c8098 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/SchedulerHelper.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/SchedulerHelper.java @@ -1,7 +1,11 @@ package com.newrelic.agent.security.intcodeagent.schedulers; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; +import com.newrelic.agent.security.intcodeagent.filelogging.LogFileHelper; +import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; +import com.newrelic.agent.security.util.IUtilConstants; +import com.newrelic.api.agent.NewRelic; import java.util.Map; import java.util.concurrent.*; @@ -63,4 +67,15 @@ public ScheduledFuture scheduleLowSeverityFilterCleanup(Runnable command, return future; } + public ScheduledFuture scheduleDailyLogRollover(Runnable command) { + logger.log(LogLevel.INFO, "Start ", SchedulerHelper.class.getName()); + if(LogFileHelper.isDailyRollover()) { + int period = NewRelic.getAgent().getConfig().getValue(IUtilConstants.NR_LOG_DAILY_ROLLOVER_PERIOD, 24); + ScheduledFuture future = commonExecutor.scheduleWithFixedDelay(command, period, period, TimeUnit.HOURS); + scheduledFutureMap.put("daily-log-rollover", future); + return future; + } + return null; + } + } diff --git a/instrumentation-security/java-io-stream/src/main/java/com/newrelic/agent/security/instrumentation/inputstream/IOStreamHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/IOStreamHelper.java similarity index 98% rename from instrumentation-security/java-io-stream/src/main/java/com/newrelic/agent/security/instrumentation/inputstream/IOStreamHelper.java rename to newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/IOStreamHelper.java index 01e767f9b..112747f67 100644 --- a/instrumentation-security/java-io-stream/src/main/java/com/newrelic/agent/security/instrumentation/inputstream/IOStreamHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/IOStreamHelper.java @@ -1,4 +1,4 @@ -package com.newrelic.agent.security.instrumentation.inputstream; +package com.newrelic.api.agent.security.instrumentation.helpers; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; From b1bed4bed88cc03d1dfd24c7bdd22df3bdfc0a28 Mon Sep 17 00:00:00 2001 From: Lovesh Baya Date: Thu, 5 Oct 2023 12:34:38 +0530 Subject: [PATCH 79/80] Logger arch update (#113) * support for std out logging * add feature for Daily log rollover * Support logger config : log_file_count and log_limit_in_kbytes * Remove NR_CSEC_DEBUG_LOGFILE_SIZE and NR_CSEC_DEBUG_LOGFILE_MAX_COUNT --- .../os/OsVariablesInstance.java | 6 +- .../filelogging/FileLoggerThreadPool.java | 24 ++-- .../filelogging/InitLogWriter.java | 33 ++++-- .../filelogging/LogFileHelper.java | 105 ++++++++++++++++++ .../intcodeagent/filelogging/LogWriter.java | 27 +++-- .../properties/K2JALogProperties.java | 2 +- .../schedulers/SchedulerHelper.java | 3 +- .../intcodeagent/utils/CommonUtils.java | 13 --- .../agent/security/util/IUtilConstants.java | 1 + .../newrelic/api/agent/security/Agent.java | 2 + 10 files changed, 166 insertions(+), 50 deletions(-) create mode 100644 newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogFileHelper.java diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/os/OsVariablesInstance.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/os/OsVariablesInstance.java index 43bf3e39d..1ce9277c0 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/os/OsVariablesInstance.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/os/OsVariablesInstance.java @@ -18,6 +18,8 @@ public class OsVariablesInstance { public static final String TMP = "tmp"; public static final String SNAPSHOTS = "snapshots"; + public static final String LOG_FILE_PATH = "log_file_path"; + private static OsVariablesInstance instance; private final static Object lock = new Object(); @@ -40,8 +42,8 @@ private OsVariablesInstance() { // osVariables.setLogDirectory(Paths.get(k2root.toString(), LOGS, LANGUAGE_AGENT, AgentInfo.getInstance().getApplicationUUID()).toString()); - if(NewRelic.getAgent().getConfig().getValue("log_file_path") != null) { - osVariables.setLogDirectory(Paths.get(NewRelic.getAgent().getConfig().getValue("log_file_path"), IUtilConstants.NR_SECURITY_HOME, LOGS).toString()); + if(NewRelic.getAgent().getConfig().getValue(LOG_FILE_PATH) != null) { + osVariables.setLogDirectory(Paths.get(NewRelic.getAgent().getConfig().getValue(LOG_FILE_PATH), IUtilConstants.NR_SECURITY_HOME, LOGS).toString()); } else { osVariables.setLogDirectory(Paths.get(AgentConfig.getInstance().getK2Home(), LOGS).toString()); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/FileLoggerThreadPool.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/FileLoggerThreadPool.java index d4159437c..9f02adc34 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/FileLoggerThreadPool.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/FileLoggerThreadPool.java @@ -20,9 +20,11 @@ public class FileLoggerThreadPool { private boolean isInitLoggingActive = true; - protected int maxfilesize = K2JALogProperties.maxfilesize; + protected final int maxfilesize; - protected int maxfiles = K2JALogProperties.maxfiles; + protected final int maxfiles; + + protected boolean isLoggingToStdOut = false; private FileLoggerThreadPool() throws IOException { // load the settings @@ -30,6 +32,8 @@ private FileLoggerThreadPool() throws IOException { int maxPoolSize = 1; int corePoolSize = 1; long keepAliveTime = 600; + maxfiles = Math.max(K2JALogProperties.maxfiles, LogFileHelper.logFileCount()); + maxfilesize = LogFileHelper.logFileLimit()*1024; TimeUnit timeUnit = TimeUnit.SECONDS; @@ -60,12 +64,8 @@ public Thread newThread(Runnable r) { } }); try { - if (System.getenv().containsKey(IUtilConstants.NR_CSEC_DEBUG_LOGFILE_SIZE)) { - this.maxfilesize = Integer.parseInt(System.getenv().get(IUtilConstants.NR_CSEC_DEBUG_LOGFILE_SIZE)); - } - - if (System.getenv().containsKey(IUtilConstants.NR_CSEC_DEBUG_LOGFILE_MAX_COUNT)) { - this.maxfiles = Integer.parseInt(System.getenv().get(IUtilConstants.NR_CSEC_DEBUG_LOGFILE_MAX_COUNT)); + if(LogFileHelper.isLoggingToStdOut()){ + this.isLoggingToStdOut = true; } } catch (NumberFormatException e){} @@ -141,7 +141,9 @@ public void logInit(LogLevel logLevel, String event, String logSourceClassName) if (logLevel.getLevel() == 1 || logLevel.getLevel() > InitLogWriter.defaultLogLevel) { return; } - executor.submit(new InitLogWriter(logLevel, event, logSourceClassName, Thread.currentThread().getName())); + if(!isLoggingToStdOut) { + executor.submit(new InitLogWriter(logLevel, event, logSourceClassName, Thread.currentThread().getName())); + } log(logLevel, event, logSourceClassName); } @@ -150,7 +152,9 @@ public void logInit(LogLevel logLevel, String event, Throwable throwableEvent, S if (logLevel.getLevel() == 1 || logLevel.getLevel() > InitLogWriter.defaultLogLevel) { return; } - executor.submit(new InitLogWriter(logLevel, event, throwableEvent, logSourceClassName, Thread.currentThread().getName())); + if(!isLoggingToStdOut) { + executor.submit(new InitLogWriter(logLevel, event, throwableEvent, logSourceClassName, Thread.currentThread().getName())); + } log(logLevel, event, throwableEvent, logSourceClassName); } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/InitLogWriter.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/InitLogWriter.java index b11917c98..97fe89a78 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/InitLogWriter.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/InitLogWriter.java @@ -52,31 +52,37 @@ public class InitLogWriter implements Runnable { public static final String DATE_FORMAT_NOW = "yyyy-MM-dd HH:mm:ss"; - private static final String fileName; + private static String fileName; - private static final String currentLogFileName; - - private static int logFileCounter = 0; + private static String currentLogFileName; private static BufferedWriter writer; - private static final File currentLogFile; + private static File currentLogFile; private String threadName; private static OSVariables osVariables = OsVariablesInstance.getInstance().getOsVariables(); static { - fileName = new File(osVariables.getLogDirectory(), "java-security-collector-init.log").getAbsolutePath(); - currentLogFile = new File(fileName); - CommonUtils.forceMkdirs(currentLogFile.getParentFile().toPath(), "rwxrwxrwx"); - currentLogFileName = fileName; + if(FileLoggerThreadPool.getInstance().isLoggingToStdOut){ + writer = new BufferedWriter(new OutputStreamWriter(System.out)); + } else { + fileName = new File(osVariables.getLogDirectory(), "java-security-collector-init.log").getAbsolutePath(); + currentLogFile = new File(fileName); + CommonUtils.forceMkdirs(currentLogFile.getParentFile().toPath(), "rwxrwxrwx"); + currentLogFileName = fileName; + createLogFile(); + } + } + + private static void createLogFile() { try { currentLogFile.setReadable(true, false); writer = new BufferedWriter(new FileWriter(currentLogFileName, true)); writer.write(LOG_FILE_INITIATED_MSG); writer.flush(); - maxFileSize = FileLoggerThreadPool.getInstance().maxfilesize * 1048576; + maxFileSize = FileLoggerThreadPool.getInstance().maxfilesize; // k2.log.handler.maxfilesize=10 // k2.log.handler.maxfilesize.unit=MB @@ -165,7 +171,7 @@ public void run() { } private static void rollover(String fileName) throws IOException { - if (!rolloverCheckNeeded()) { + if (FileLoggerThreadPool.getInstance().isLoggingToStdOut || !rolloverCheckNeeded()) { return; } @@ -182,7 +188,7 @@ private static void rollover(String fileName) throws IOException { } catch (IOException e) { } - CommonUtils.deleteRolloverLogFiles(currentFile.getName(), FileLoggerThreadPool.getInstance().maxfiles); + LogFileHelper.deleteRolloverLogFiles(currentFile.getName(), FileLoggerThreadPool.getInstance().maxfiles); } } finally { writer = new BufferedWriter(new FileWriter(currentFile, true)); @@ -211,4 +217,7 @@ public static String getFileName() { return fileName; } + public static void setWriter(BufferedWriter writer) { + InitLogWriter.writer = writer; + } } \ No newline at end of file diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogFileHelper.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogFileHelper.java new file mode 100644 index 000000000..750492467 --- /dev/null +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogFileHelper.java @@ -0,0 +1,105 @@ +/* + * + * * Copyright 2020 New Relic Corporation. All rights reserved. + * * SPDX-License-Identifier: Apache-2.0 + * + */ + +package com.newrelic.agent.security.intcodeagent.filelogging; + +import com.newrelic.agent.security.instrumentator.os.OsVariablesInstance; +import com.newrelic.agent.security.intcodeagent.properties.K2JALogProperties; +import com.newrelic.api.agent.NewRelic; +import com.newrelic.api.agent.security.schema.StringUtils; +import org.apache.commons.io.FileUtils; +import org.apache.commons.io.comparator.LastModifiedFileComparator; +import org.apache.commons.io.filefilter.FileFilterUtils; + +import java.io.BufferedWriter; +import java.io.File; +import java.io.FileWriter; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.attribute.PosixFilePermissions; +import java.time.Instant; +import java.util.Arrays; +import java.util.Collection; + +/** + * Utility class to get the New Relic log file. + */ +public class LogFileHelper { + + public static final String LOG_DAILY = "log_daily"; + public static final String LOG_FILE_COUNT = "log_file_count"; + public static final String LOG_FILE_NAME = "log_file_name"; + + public static final String LOG_LIMIT = "log_limit_in_kbytes"; + public static final boolean DEFAULT_LOG_DAILY = false; + public static final int DEFAULT_LOG_FILE_COUNT = 1; + public static final String DEFAULT_LOG_FILE_NAME = "java-security-collector.log"; + + public static final String STDOUT = "STDOUT"; + + private static final String STRING_DOT = "."; + + public static boolean isLoggingToStdOut() { + String logFileName = NewRelic.getAgent().getConfig().getValue(LogFileHelper.LOG_FILE_NAME, LogFileHelper.DEFAULT_LOG_FILE_NAME); + return StringUtils.equals(LogFileHelper.STDOUT, logFileName); + } + + public static int logFileCount() { + return Math.max(1, NewRelic.getAgent().getConfig().getValue(LogFileHelper.LOG_FILE_COUNT, LogFileHelper.DEFAULT_LOG_FILE_COUNT)); + } + + public static int logFileLimit() { + int size = NewRelic.getAgent().getConfig().getValue(LogFileHelper.LOG_LIMIT, 1); + return size>1?size: K2JALogProperties.maxfilesize; + } + + public static boolean isDailyRollover() { + return NewRelic.getAgent().getConfig().getValue(LogFileHelper.LOG_DAILY, LogFileHelper.DEFAULT_LOG_DAILY); + } + + public static void deleteRolloverLogFiles(String fileName, int max) { + Collection rolloverLogFiles = FileUtils.listFiles(new File(OsVariablesInstance.getInstance().getOsVariables().getLogDirectory()), FileFilterUtils.prefixFileFilter(fileName + "."), null); + + if (rolloverLogFiles.size() > max) { + File[] sortedLogFiles = rolloverLogFiles.toArray(new File[0]); + Arrays.sort(sortedLogFiles, LastModifiedFileComparator.LASTMODIFIED_COMPARATOR); + for (int i = 0; i < sortedLogFiles.length - max; i++) { + FileUtils.deleteQuietly(sortedLogFiles[i]); + } + } + } + + public static BufferedWriter dailyRollover(String fileName) throws IOException { + File currentFile = new File(fileName); + try { + File rolloverFile = new File(fileName + STRING_DOT + Instant.now().toEpochMilli()); + FileUtils.moveFile(currentFile, rolloverFile); + deleteRolloverLogFiles(currentFile.getName(), FileLoggerThreadPool.getInstance().maxfiles); + currentFile.setReadable(true, false); + currentFile.setWritable(true, false); + if (!OsVariablesInstance.getInstance().getOsVariables().getWindows()) { + Files.setPosixFilePermissions(currentFile.toPath(), PosixFilePermissions.fromString("rw-rw-rw-")); + } + } catch (IOException e) { + } + return new BufferedWriter(new FileWriter(currentFile, true)); + } + + public static void performDailyRollover(){ + try { + InitLogWriter.setWriter(dailyRollover(InitLogWriter.getFileName())); + } catch (IOException e) { + FileLoggerThreadPool.getInstance().setInitLoggingActive(false); + } + try { + LogWriter.setWriter(dailyRollover(LogWriter.getFileName())); + } catch (IOException e) { + FileLoggerThreadPool.getInstance().setLoggingActive(false); + } + + } +} diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogWriter.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogWriter.java index 276ab9f35..a2624c2ac 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogWriter.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/filelogging/LogWriter.java @@ -48,13 +48,13 @@ public class LogWriter implements Runnable { public static final String DATE_FORMAT_NOW = "yyyy-MM-dd HH:mm:ss.SSS"; - private static final String fileName; + private static String fileName; - private static final String currentLogFileName; + private static String currentLogFileName; private static BufferedWriter writer; - private static final File currentLogFile; + private static File currentLogFile; private String threadName; @@ -68,7 +68,7 @@ private static boolean createLogFile() { currentLogFile.setReadable(true, false); writer = new BufferedWriter(new FileWriter(currentLogFileName, true)); - maxFileSize = FileLoggerThreadPool.getInstance().maxfilesize * 1048576; + maxFileSize = FileLoggerThreadPool.getInstance().maxfilesize; if (!osVariables.getWindows()) { Files.setPosixFilePermissions(currentLogFile.toPath(), PosixFilePermissions.fromString("rw-rw-rw-")); @@ -91,10 +91,14 @@ private static boolean createLogFile() { } static { - fileName = new File(osVariables.getLogDirectory(), "java-security-collector.log").getAbsolutePath(); - currentLogFile = new File(fileName); - currentLogFileName = fileName; - createLogFile(); + if(FileLoggerThreadPool.getInstance().isLoggingToStdOut){ + writer = new BufferedWriter(new OutputStreamWriter(System.out)); + } else { + fileName = new File(osVariables.getLogDirectory(), "java-security-collector.log").getAbsolutePath(); + currentLogFile = new File(fileName); + currentLogFileName = fileName; + createLogFile(); + } } public LogWriter(LogLevel logLevel, String logEntry, String loggingClassName, String threadName) { @@ -171,7 +175,7 @@ public void run() { } private static void rollover(String fileName) throws IOException { - if (!rolloverCheckNeeded()) { + if (FileLoggerThreadPool.getInstance().isLoggingToStdOut || !rolloverCheckNeeded()) { return; } @@ -189,7 +193,7 @@ private static void rollover(String fileName) throws IOException { } catch (IOException e) { } - CommonUtils.deleteRolloverLogFiles(currentFile.getName(), FileLoggerThreadPool.getInstance().maxfiles); + LogFileHelper.deleteRolloverLogFiles(currentFile.getName(), FileLoggerThreadPool.getInstance().maxfiles); } } finally { writer = new BufferedWriter(new FileWriter(currentFile, true)); @@ -220,4 +224,7 @@ public static String getFileName() { return fileName; } + public static void setWriter(BufferedWriter writer) { + LogWriter.writer = writer; + } } \ No newline at end of file diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/properties/K2JALogProperties.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/properties/K2JALogProperties.java index bb57cedbd..5a2501432 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/properties/K2JALogProperties.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/properties/K2JALogProperties.java @@ -1,6 +1,6 @@ package com.newrelic.agent.security.intcodeagent.properties; public interface K2JALogProperties { - int maxfilesize = 50; + int maxfilesize = 50*1024; int maxfiles = 2; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/SchedulerHelper.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/SchedulerHelper.java index 8666c8098..f526abaef 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/SchedulerHelper.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/schedulers/SchedulerHelper.java @@ -2,7 +2,6 @@ import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; import com.newrelic.agent.security.intcodeagent.filelogging.LogFileHelper; -import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; import com.newrelic.agent.security.util.IUtilConstants; import com.newrelic.api.agent.NewRelic; @@ -68,7 +67,7 @@ public ScheduledFuture scheduleLowSeverityFilterCleanup(Runnable command, } public ScheduledFuture scheduleDailyLogRollover(Runnable command) { - logger.log(LogLevel.INFO, "Start ", SchedulerHelper.class.getName()); + if(LogFileHelper.isDailyRollover()) { int period = NewRelic.getAgent().getConfig().getValue(IUtilConstants.NR_LOG_DAILY_ROLLOVER_PERIOD, 24); ScheduledFuture future = commonExecutor.scheduleWithFixedDelay(command, period, period, TimeUnit.HOURS); diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/CommonUtils.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/CommonUtils.java index d518684bb..3083ea236 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/CommonUtils.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/utils/CommonUtils.java @@ -140,19 +140,6 @@ public static InputStream getResourceStreamFromAgentJar(String resourceName) { return null; } - public static void deleteRolloverLogFiles(String fileName, int max) { - Collection rolloverLogFiles = FileUtils.listFiles(new File(OsVariablesInstance.getInstance().getOsVariables().getLogDirectory()), FileFilterUtils.prefixFileFilter(fileName + "."), null); - - if (rolloverLogFiles.size() > max) { - File[] sortedLogFiles = rolloverLogFiles.toArray(new File[0]); - Arrays.sort(sortedLogFiles, LastModifiedFileComparator.LASTMODIFIED_COMPARATOR); - for (int i = 0; i < sortedLogFiles.length - max; i++) { - FileUtils.deleteQuietly(sortedLogFiles[i]); - - } - } - } - /** * Generate random int between range start to end. Both inclusive. diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java index b9cee9f65..0536ed9e4 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/util/IUtilConstants.java @@ -26,4 +26,5 @@ public interface IUtilConstants { String ERROR = "ERROR"; String SENT = "SENT"; String REJECTED = "REJECTED"; + String NR_LOG_DAILY_ROLLOVER_PERIOD = "log.rollover.period"; } diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index da12defa9..9c7cb15ec 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -15,6 +15,7 @@ import com.newrelic.agent.security.instrumentator.utils.INRSettingsKey; import com.newrelic.agent.security.intcodeagent.constants.AgentServices; import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool; +import com.newrelic.agent.security.intcodeagent.filelogging.LogFileHelper; import com.newrelic.agent.security.intcodeagent.filelogging.LogLevel; import com.newrelic.agent.security.intcodeagent.logging.HealthCheckScheduleThread; import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants; @@ -185,6 +186,7 @@ private void startK2Services() { FileCleaner.scheduleNewTask(); SchedulerHelper.getInstance().scheduleLowSeverityFilterCleanup(LowSeverityHelper::clearLowSeverityEventFilter, 30 , 30, TimeUnit.MINUTES); + SchedulerHelper.getInstance().scheduleDailyLogRollover(LogFileHelper::performDailyRollover); logger.logInit( LogLevel.INFO, String.format(STARTED_MODULE_LOG, AgentServices.HealthCheck.name()), From 65d6fede75aaf11b7a8a0931f113d7e88c743d3b Mon Sep 17 00:00:00 2001 From: Ishika Dawda <112611034+IshikaDawda@users.noreply.github.com> Date: Mon, 9 Oct 2023 10:31:19 +0530 Subject: [PATCH 80/80] Setup for Cassandra instrumentation (#69) * Initial setup for cassandra * Event generation for Cassandra 3 & 4 --------- Co-authored-by: lovesh-ap --- .../instrumentator/dispatcher/Dispatcher.java | 19 +++++++++++++------ settings.gradle | 2 ++ 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java index a6900813c..a6deb2a50 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.java @@ -127,13 +127,20 @@ public Object call() throws Exception { break; } case NOSQL_DB_COMMAND: - NoSQLOperation noSQLOperationalBean = (NoSQLOperation) operation; - try { - eventBean = prepareNoSQLEvent(eventBean, noSQLOperationalBean); - } catch (Throwable e) { - return null; + if(operation instanceof SQLOperation) { + eventBean = prepareSQLDbCommandEvent((SQLOperation) operation, eventBean); + break; + } else if (operation instanceof BatchSQLOperation) { + eventBean = prepareSQLDbCommandEvent((BatchSQLOperation) operation, eventBean); + break; + } else if (operation instanceof NoSQLOperation) { + try { + eventBean = prepareNoSQLEvent(eventBean, (NoSQLOperation) operation); + } catch (Throwable e) { + return null; + } + break; } - break; case DYNAMO_DB_COMMAND: DynamoDBOperation dynamoDBOperation = (DynamoDBOperation) operation; diff --git a/settings.gradle b/settings.gradle index 1837947c2..bb49bd6a8 100644 --- a/settings.gradle +++ b/settings.gradle @@ -135,6 +135,8 @@ include 'instrumentation:jdbc-inet-merlia' include 'instrumentation:jdbc-inet-oranxo' include 'instrumentation:jdbc-sybase-6' include 'instrumentation:low-priority-instrumentation' +include 'instrumentation:cassandra-datastax-3' +include 'instrumentation:cassandra-datastax-4' include 'instrumentation:commons-jxpath' //include 'instrumentation:grails-1.3' //include 'instrumentation:grails-2.0'