Skip to content

Commit

Permalink
[APOLLO-2103] Fix SSRF (#2105)
Browse files Browse the repository at this point in the history 
Fix SSRF, resolve #2103
  • Loading branch information
@kezhenxu94 @nobodyiam
kezhenxu94 authored and nobodyiam committed Apr 7, 2019
1 parent f50dc4e commit ad448d7
Show file tree
Hide file tree
Showing 4 changed files with 58 additions and 26 deletions.
70 changes: 51 additions & 19 deletions ...rtal/src/main/java/com/ctrip/framework/apollo/portal/controller/SystemInfoController.java
View file
Expand Up @@ -58,23 +58,7 @@ public SystemInfo getSystemInfo() {
List<Env> allEnvList = portalSettings.getAllEnvs();

for (Env env : allEnvList) {
EnvironmentInfo environmentInfo = new EnvironmentInfo();
String metaServerAddresses = MetaDomainConsts.getMetaServerAddress(env);

environmentInfo.setEnv(env);
environmentInfo.setActive(portalSettings.isEnvActive(env));
environmentInfo.setMetaServerAddress(metaServerAddresses);

String selectedMetaServerAddress = MetaDomainConsts.getDomain(env);
try {
environmentInfo.setConfigServices(getServerAddress(selectedMetaServerAddress, CONFIG_SERVICE_URL_PATH));

environmentInfo.setAdminServices(getServerAddress(selectedMetaServerAddress, ADMIN_SERVICE_URL_PATH));
} catch (Throwable ex) {
String errorMessage = "Loading config/admin services from meta server: " + selectedMetaServerAddress + " failed!";
logger.error(errorMessage, ex);
environmentInfo.setErrorMessage(errorMessage + " Exception: " + ex.getMessage());
}
EnvironmentInfo environmentInfo = adaptEnv2EnvironmentInfo(env);

systemInfo.addEnvironment(environmentInfo);
}
Expand All @@ -84,8 +68,56 @@ public SystemInfo getSystemInfo() {

@PreAuthorize(value = "@permissionValidator.isSuperAdmin()")
@GetMapping(value = "/health")
public Health checkHealth(@RequestParam String host) {
return restTemplate.getForObject(host + "/health", Health.class);
public Health checkHealth(@RequestParam String instanceId) {
List<Env> allEnvs = portalSettings.getAllEnvs();

ServiceDTO service = null;
for (final Env env : allEnvs) {
EnvironmentInfo envInfo = adaptEnv2EnvironmentInfo(env);
if (envInfo.getAdminServices() != null) {
for (final ServiceDTO s : envInfo.getAdminServices()) {
if (instanceId.equals(s.getInstanceId())) {
service = s;
break;
}
}
}
if (envInfo.getConfigServices() != null) {
for (final ServiceDTO s : envInfo.getConfigServices()) {
if (instanceId.equals(s.getInstanceId())) {
service = s;
break;
}
}
}
}

if (service == null) {
throw new IllegalArgumentException("No such instance of instanceId: " + instanceId);
}

return restTemplate.getForObject(service.getHomepageUrl() + "/health", Health.class);
}

private EnvironmentInfo adaptEnv2EnvironmentInfo(final Env env) {
EnvironmentInfo environmentInfo = new EnvironmentInfo();
String metaServerAddresses = MetaDomainConsts.getMetaServerAddress(env);

environmentInfo.setEnv(env);
environmentInfo.setActive(portalSettings.isEnvActive(env));
environmentInfo.setMetaServerAddress(metaServerAddresses);

String selectedMetaServerAddress = MetaDomainConsts.getDomain(env);
try {
environmentInfo.setConfigServices(getServerAddress(selectedMetaServerAddress, CONFIG_SERVICE_URL_PATH));

environmentInfo.setAdminServices(getServerAddress(selectedMetaServerAddress, ADMIN_SERVICE_URL_PATH));
} catch (Throwable ex) {
String errorMessage = "Loading config/admin services from meta server: " + selectedMetaServerAddress + " failed!";
logger.error(errorMessage, ex);
environmentInfo.setErrorMessage(errorMessage + " Exception: " + ex.getMessage());
}
return environmentInfo;
}

private ServiceDTO[] getServerAddress(String metaServerAddress, String path) {
Expand Down
6 changes: 3 additions & 3 deletions apollo-portal/src/main/resources/static/scripts/controller/SystemInfoController.js
View file
Expand Up @@ -28,10 +28,10 @@ function SystemInfoController($scope, toastr, AppUtil, AppService, ClusterServic
});
}

function check(host) {
SystemInfoService.check_health(host).then(function (result) {
function check(instanceId, host) {
SystemInfoService.check_health(instanceId, host).then(function (result) {
var status = result.status.code;
if (status == 'UP') {
if (status === 'UP') {
toastr.success(host + ' is healthy!');
} else {
toastr.error(host + ' is not healthy, please check ' + host + '/health for more information!');
Expand Down
4 changes: 2 additions & 2 deletions apollo-portal/src/main/resources/static/scripts/services/SystemInfoService.js
View file
Expand Up @@ -20,10 +20,10 @@ appService.service('SystemInfoService', ['$resource', '$q', function ($resource,
});
return d.promise;
},
check_health: function (host) {
check_health: function (instanceId, host) {
var d = $q.defer();
system_info_resource.check_health({
host: host
instanceId: instanceId
},
function (result) {
d.resolve(result);
Expand Down
4 changes: 2 additions & 2 deletions apollo-portal/src/main/resources/static/system_info.html
View file
Expand Up @@ -59,7 +59,7 @@ <h4 class="text-center">Config Services</h4>
<td>{{service.appName}}</td>
<td>{{service.instanceId}}</td>
<td>{{service.homepageUrl}}</td>
<td><a href="javascript:;" ng-click="check(service.homepageUrl)">check</a>
<td><a href="javascript:;" ng-click="check(service.instanceId, service.homepageUrl)">check</a>
</td>
</tr>
</tbody>
Expand All @@ -82,7 +82,7 @@ <h4 class="text-center">Admin Services</h4>
<td>{{service.appName}}</td>
<td>{{service.instanceId}}</td>
<td>{{service.homepageUrl}}</td>
<td><a href="javascript:;" ng-click="check(service.homepageUrl)">check</a>
<td><a href="javascript:;" ng-click="check(service.instanceId, service.homepageUrl)">check</a>
</tr>
</tbody>
</table>
Expand Down

0 comments on commit ad448d7

Please sign in to comment.