-
Notifications
You must be signed in to change notification settings - Fork 602
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenRASP支持InforSuiteAS V10.0代码提交 #389
base: 1.3.8
Are you sure you want to change the base?
Conversation
public boolean handleServerInfo(ClassLoader classLoader, ProtectionDomain domain) { | ||
String version = ""; | ||
try { | ||
// if (classLoader == null) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
注释删除
logDetectError("handle inforsuite startup failed", t); | ||
} | ||
if (!isJboss(classLoader)) { | ||
if(version != null){ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
加个空格,e.g if (version
@@ -89,6 +90,8 @@ public static void appendResponseData(Object output) { | |||
Object outputStream = Reflection.getField(output, "outputStream"); | |||
int flag = (Integer) Reflection.getField(outputStream, "state"); | |||
isClosed = flag == 1; | |||
}else if("com/cvicse/inforsuite/grizzly/http/io/OutputBuffer".equals(InforSuiteHttpResponseHook.clazzName)){ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
代码格式改下,} else if
@@ -0,0 +1 @@ | |||
@中创中间件原创代码 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
这个文件请删除
for (ServerDetector detector : detectors) { | ||
if (detector.isClassMatched(className) && detector.handleServer(className, classLoader, domain)) { | ||
HookHandler.LOGGER.info("detect server class: " + className); | ||
if(className.equals("com/cvicse/loong/enterprise/inforsuite/bootstrap/ASMain")){ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
代码格式调整下,if (
for (ServerDetector detector : detectors) { | ||
if (detector.isClassMatched(className) && detector.handleServer(className, classLoader, domain)) { | ||
HookHandler.LOGGER.info("detect server class: " + className); | ||
if(className.equals("com/cvicse/loong/enterprise/inforsuite/bootstrap/ASMain")){ | ||
detectors.subList(0,13).clear(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
这里清理detectors的目的是?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
detect server时,区分中创应用服务器和Tomcat。
具体原因是因为中创应用服务器加载类中存在和Tomcat相同的类,如果不清理,会误判为Tomcat。
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
为什么是 0, 13
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
目前detects列表中共14个服务器名称,0-13。
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
你好,这个代码不能合入,你需要看看是否有其他方式能解决问题
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
这个代码我做了更新,动态获取。是否可行?
detectors.subList(0,13).clear(); | ||
HookHandler.LOGGER.info("detect server class: " + className); | ||
break; | ||
}else{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
} else {
@@ -112,7 +112,10 @@ public synchronized static void checkServerPolicy() { | |||
HookHandler.doRealCheckWithoutRequest(CheckParameter.Type.POLICY_SERVER_BES, CheckParameter.EMPTY_MAP); | |||
} else if ("TongWeb8".equals(serverName)) { | |||
HookHandler.doRealCheckWithoutRequest(CheckParameter.Type.POLICY_SERVER_TONGWEB8, CheckParameter.EMPTY_MAP); | |||
}else if ("inforsuite".equals(serverName)){ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
} else if
关于detector能够清空的问题,我们评估下哈 |
好的,我们技术刚刚提供了另一种解决办法,我也提交一下。这两种解决办法的根本目的在于区分中创和Tomcat的日志输出标识,对于openrasp功能没有影响。 |
提交说明:基于openrasp当前1.3.8版本,提交了支持中创InforSuiteAS服务器的代码,新增1个文件夹,1个txt文件,9个java文件,修改5个java文件。
测试结果:针对vulns测试用例,所有测试用例均已测试通过。测试环境:CentOS 7 / 1.8.0_322(64位) / InforSuite ASV10.0/Firefox,rasp以单机模式运行(管理平台未测试)。
遗留说明:RaspInstall.jar 尚不支持在InforSuiteAS上安装rasp,这块代码未进行改造。