Merge pull request #843 from k2io/dev

Bug fixes for security agent
newrelic · Jan 25, 2024 · f78d122 · f78d122
2 parents 535eab4 + 00750a5
commit f78d122
Show file tree

Hide file tree

Showing 6 changed files with 29 additions and 13 deletions.
diff --git a/v3/integrations/nrfasthttp/instrumentation.go b/v3/integrations/nrfasthttp/instrumentation.go
@@ -69,9 +69,9 @@ func WrapHandle(app *newrelic.Application, pattern string, handler fasthttp.Requ
 		txn.SetWebResponse(resp)
 		txn.SetWebRequestHTTP(r)
 
+		handler(ctx)
 		if newrelic.IsSecurityAgentPresent() {
 			newrelic.GetSecurityAgentInterface().SendEvent("INBOUND_WRITE", resp.Body(), resp.Header())
 		}
-		handler(ctx)
 	}
 }
diff --git a/v3/integrations/nrgrpc/nrgrpc_server.go b/v3/integrations/nrgrpc/nrgrpc_server.go
@@ -43,6 +43,7 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/peer"
 	"google.golang.org/grpc/status"
 	protoV2 "google.golang.org/protobuf/proto"
 )
@@ -62,13 +63,20 @@ func startTransaction(ctx context.Context, app *newrelic.Application, fullMethod
 
 	target := hdrs.Get(":authority")
 	url := getURL(method, target)
+	transport := newrelic.TransportHTTP
+
+	p, ok := peer.FromContext(ctx)
+	if ok && p != nil && p.AuthInfo != nil && p.AuthInfo.AuthType() == "tls" {
+		transport = newrelic.TransportHTTPS
+	}
 
 	webReq := newrelic.WebRequest{
-		Header:    hdrs,
-		URL:       url,
-		Method:    method,
-		Transport: newrelic.TransportHTTP,
-		Type:      "gRPC",
+		Header:     hdrs,
+		URL:        url,
+		Method:     method,
+		Transport:  transport,
+		Type:       "gRPC",
+		ServerName: target,
 	}
 	txn := app.StartTransaction(method)
 	txn.SetWebRequest(webReq)

diff --git a/v3/integrations/nrmongo/nrmongo.go b/v3/integrations/nrmongo/nrmongo.go
@@ -33,6 +33,7 @@ package nrmongo
 import (
 	"context"
 	"regexp"
+	"strings"
 	"sync"
 
 	"github.com/newrelic/go-agent/v3/internal"
@@ -99,7 +100,14 @@ func (m *mongoMonitor) started(ctx context.Context, e *event.CommandStartedEvent
 		return
 	}
 	if newrelic.IsSecurityAgentPresent() {
-		secureAgentEvent = newrelic.GetSecurityAgentInterface().SendEvent("MONGO", getJsonQuery(e.Command), e.CommandName)
+		commandName := e.CommandName
+		if strings.ToLower(commandName) == "findandmodify" {
+			value, ok := e.Command.Lookup("remove").BooleanOK()
+			if ok && value {
+				commandName = "delete"
+			}
+		}
+		secureAgentEvent = newrelic.GetSecurityAgentInterface().SendEvent("MONGO", getJsonQuery(e.Command), commandName)
 	}
 
 	host, port := calcHostAndPort(e.ConnectionID)

diff --git a/v3/integrations/nrsecurityagent/go.mod b/v3/integrations/nrsecurityagent/go.mod
@@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrsecurityagent
 go 1.19
 
 require (
-	github.com/newrelic/csec-go-agent v0.5.1
+	github.com/newrelic/csec-go-agent v0.7.0
 	github.com/newrelic/go-agent/v3 v3.29.0
 	github.com/newrelic/go-agent/v3/integrations/nrsqlite3 v1.2.0
 	gopkg.in/yaml.v2 v2.4.0

diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go
@@ -163,9 +163,9 @@ func ConfigSecurityValidatorServiceEndPointUrl(url string) ConfigOption {
 }
 
 // ConfigSecurityDetectionDisableRxss is used to enable or disable RXSS validation.
-func ConfigSecurityDetectionDisableRxss(isEnabled bool) ConfigOption {
+func ConfigSecurityDetectionDisableRxss(isDisable bool) ConfigOption {
 	return func(cfg *SecurityConfig) {
-		cfg.Security.Detection.Rxss.Enabled = isEnabled
+		cfg.Security.Detection.Rxss.Enabled = !isDisable
 	}
 }
 

diff --git a/v3/newrelic/sql_driver.go b/v3/newrelic/sql_driver.go
@@ -292,7 +292,7 @@ func (w *wrapStmt) Query(args []driver.Value) (driver.Rows, error) {
 	var err error
 
 	if IsSecurityAgentPresent() {
-		secureAgentevent := sendSecureEventSQLPrepareArgs(args, w)
+		secureAgentevent := sendSecureEventSQLPrepareArgs(args, w.original)
 		defer func() {
 			secureAgent.SendExitEvent(secureAgentevent, err)
 		}()
@@ -317,7 +317,7 @@ func (w *wrapStmt) ExecContext(ctx context.Context, args []driver.NamedValue) (d
 	var err error
 
 	if IsSecurityAgentPresent() {
-		secureAgentevent := sendSecureEventSQLPrepareArgs(args, w)
+		secureAgentevent := sendSecureEventSQLPrepareArgs(args, w.original)
 		defer func() {
 			secureAgent.SendExitEvent(secureAgentevent, err)
 		}()
@@ -334,7 +334,7 @@ func (w *wrapStmt) QueryContext(ctx context.Context, args []driver.NamedValue) (
 	var err error
 
 	if IsSecurityAgentPresent() {
-		secureAgentevent := sendSecureEventSQLPrepareArgs(args, w)
+		secureAgentevent := sendSecureEventSQLPrepareArgs(args, w.original)
 		defer func() {
 			secureAgent.SendExitEvent(secureAgentevent, err)
 		}()