github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-09-29 11:16:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

sync code

Browse Source
This commit is contained in:
Ned Wright
2024-09-17 10:53:09 +00:00
parent 3fe0b42fcd
commit 586150fe4f
143 changed files with 1886 additions and 380 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
components/include/health_checker.h
View File

@@ -21,6 +21,7 @@
#include "i_shell_cmd.h"
#include "i_orchestration_status.h"
#include "component.h"
#include "i_service_controller.h"
class HealthChecker
:
@@ -29,7 +30,8 @@ class HealthChecker
Singleton::Consume<I_Socket>,
Singleton::Consume<I_Health_Check_Manager>,
Singleton::Consume<I_ShellCmd>,
Singleton::Consume<I_OrchestrationStatus>
Singleton::Consume<I_OrchestrationStatus>,
Singleton::Consume<I_ServiceController>
{
public:
HealthChecker();

3
components/include/http_event_impl/i_http_event_impl.h
View File

@@ -50,9 +50,11 @@ public:
position(mod_position)
{
dbgAssert(mod_type != ModificationType::APPEND || position == injection_pos_irrelevant)
<< AlertInfo(AlertTeam::CORE, "http manager")
<< "Injection position is not applicable to a modification of type \"Append\"";
dbgAssert(mod_type != ModificationType::INJECT || position >= 0)
<< AlertInfo(AlertTeam::CORE, "http manager")
<< "Invalid injection position: must be non-negative. Position: "
<< position;
}
@@ -166,6 +168,7 @@ private:
}
default:
dbgAssert(false)
<< AlertInfo(AlertTeam::CORE, "http manager")
<< "Unknown type of ModificationType: "
<< static_cast<int>(modification_type);
}

12
components/include/http_inspection_events.h
View File

@@ -183,4 +183,16 @@ class WaitTransactionEvent : public Event<WaitTransactionEvent, EventVerdict>
{
};
class SecurityAppsDropEvent : public Event<SecurityAppsDropEvent>
{
public:
SecurityAppsDropEvent(
const std::set<std::string> &apps_names)
:
apps_names(apps_names) {}
const std::set<std::string> & getAppsNames() const { return apps_names; }
private:
const std::set<std::string> apps_names;
};
#endif // __HTTP_INSPECTION_EVENTS_H__

2
components/include/i_service_controller.h
View File

@@ -66,6 +66,8 @@ public:
virtual std::map<std::string, std::vector<PortNumber>> getServiceToPortMap() = 0;
virtual bool getServicesPolicyStatus() const = 0;
protected:
virtual ~I_ServiceController() {}
};

2
components/include/orchestrator/rest_api/get_resource_file.h
View File

@@ -115,7 +115,7 @@ public:
case ResourceFileType::VIRTUAL_SETTINGS: return "virtualSettings";
case ResourceFileType::VIRTUAL_POLICY: return "virtualPolicy";
default:
dbgAssert(false) << "Unknown file type";
dbgAssert(false) << AlertInfo(AlertTeam::CORE, "update process") << "Unknown file type";
}
return std::string();
}

2
components/include/package.h
View File

@@ -56,7 +56,7 @@ private:
if (mapped_type.second == type) return mapped_type.first;
}
dbgAssert(false) << "Unsupported type " << static_cast<int>(type);
dbgAssert(false) << AlertInfo(AlertTeam::CORE, "packaging") << "Unsupported type " << static_cast<int>(type);
// Just satisfying the compiler, this return never reached
return std::string();
}

130
components/include/report_messaging.h
View File

@@ -1,130 +0,0 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __REPORT_MESSAGING_H__
#define __REPORT_MESSAGING_H__
#include "singleton.h"
#include "i_time_get.h"
#include "i_messaging.h"
#include "report/report.h"
class ReportMessaging
:
Singleton::Consume<I_Messaging>,
Singleton::Consume<I_TimeGet>
{
public:
template <typename ...Args, typename T>
ReportMessaging(
const std::string &title,
const ReportIS::AudienceTeam &audience_team,
const T &obj,
Args ...args)
:
ReportMessaging(
title,
audience_team,
obj,
MessageCategory::GENERIC,
std::forward<Args>(args)...
)
{
}
template <typename ...Args, typename T>
ReportMessaging(
const std::string &title,
const ReportIS::AudienceTeam &audience_team,
const T &obj,
const MessageCategory &message_type,
Args ...args)
:
ReportMessaging(
title,
audience_team,
ReportIS::Severity::INFO,
ReportIS::Priority::LOW,
obj,
message_type,
std::forward<Args>(args)...
)
{
}
template <typename ...Args, typename T>
ReportMessaging(
const std::string &title,
const ReportIS::AudienceTeam &audience_team,
const ReportIS::Severity &severity,
const ReportIS::Priority &priority,
const T &obj,
Args ...args)
:
ReportMessaging(
title,
audience_team,
severity,
priority,
obj,
MessageCategory::GENERIC,
std::forward<Args>(args)...
)
{
}
template <typename ...Args, typename T>
ReportMessaging(
const std::string &title,
const ReportIS::AudienceTeam &audience_team,
const ReportIS::Severity &severity,
const ReportIS::Priority &priority,
const T &obj,
const MessageCategory &message_type,
Args ...args)
:
report(
title,
Singleton::Consume<I_TimeGet>::by<ReportMessaging>()->getWalltime(),
ReportIS::Type::EVENT,
ReportIS::Level::LOG,
ReportIS::LogLevel::INFO,
ReportIS::Audience::INTERNAL,
audience_team,
severity,
priority,
std::chrono::seconds(0),
std::forward<Args>(args)...
),
message_type_tag(message_type)
{
report << LogField("eventObject", obj);
}
~ReportMessaging();
ReportMessaging & operator<<(const LogField &field);
Maybe<void, HTTPResponse> sendReportSynchronously();
void setForceBuffering(bool _force_buffering);
private:
Report report;
bool is_async_message = true;
bool force_buffering = false;
MessageCategory message_type_tag;
};
#endif // __REPORT_MESSAGING_H__

12
components/include/reverse_proxy_defaults.h
View File

@@ -7,24 +7,28 @@ static const std::string product_name = getenv("DOCKER_RPM_ENABLED") ? "CloudGua
static const std::string default_cp_cert_file = "/etc/cp/cpCert.pem";
static const std::string default_cp_key_file = "/etc/cp/cpKey.key";
static const std::string default_rpm_conf_path = "/etc/cp/conf/rpmanager/";
static const std::string default_certificate_path = "/etc/cp/rpmanager/certs";
static const std::string default_manual_certs_path = "/etc/cp/rpmanager/manualCerts/";
static const std::string default_config_path = "/etc/cp/conf/rpmanager/servers";
static const std::string default_rpm_prepare_path = "/etc/cp/conf/rpmanager/prepare/servers";
static const std::string default_nginx_log_files_path = "/var/log/nginx/";
static const std::string default_additional_files_path = "/etc/cp/conf/rpmanager/include";
static const std::string default_server_config = "additional_server_config.conf";
static const std::string default_location_config = "additional_location_config.conf";
static const std::string default_trusted_ca_suffix = "_user_ca_bundle.crt";
static const std::string default_nginx_log_files_path = "/var/log/nginx/";
static const std::string default_log_files_host_path = "/var/log/nano_agent/rpmanager/nginx_log/";
static const std::string default_config_path = "/etc/cp/conf/rpmanager/servers";
static const std::string default_template_path = "/etc/cp/conf/rpmanager/nginx-template-clear";
static const std::string default_manual_certs_path = "/etc/cp/rpmanager/manualCerts/";
static const std::string default_server_certificate_path = "/etc/cp/rpmanager/certs/sslCertificate_";
static const std::string default_server_certificate_key_path = "/etc/cp/rpmanager/certs/sslPrivateKey_";
static const std::string default_container_name = "cp_nginx_gaia";
static const std::string default_docker_image = "cp_nginx_gaia";
static const std::string default_nginx_config_file = "/etc/cp/conf/rpmanager/nginx.conf";
static const std::string default_prepare_nginx_config_file = "/etc/cp/conf/rpmanager/nginx_prepare.conf";
static const std::string default_global_conf_template = "/etc/cp/conf/rpmanager/nginx-conf-template";
static const std::string default_nginx_config_include_file =
"/etc/cp/conf/rpmanager/servers/nginx_conf_include";
"/etc/cp/conf/rpmanager/servers/nginx_conf_include.conf";
static const std::string default_global_conf_include_template =
"/etc/cp/conf/rpmanager/nginx-conf-include-template";
static const std::string default_global_conf_include_template_no_responses =

39
components/include/service_health_status.h Normal file
View File

@@ -0,0 +1,39 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __SERVICE_HEALTH_STATUS_H__
#define __SERVICE_HEALTH_STATUS_H__
#include "singleton.h"
#include "i_rest_api.h"
#include "i_environment.h"
#include "component.h"
class ServiceHealthStatus
:
public Component,
Singleton::Consume<I_RestApi>,
Singleton::Consume<I_Environment>
{
public:
ServiceHealthStatus();
~ServiceHealthStatus();
void init() override;
private:
class Impl;
std::unique_ptr<Impl> pimpl;
};
#endif // __SERVICE_HEALTH_STATUS_H__

2
components/include/waap.h
View File

@@ -34,6 +34,8 @@ class I_Messaging;
class I_AgentDetails;
class I_Encryptor;
const std::string WAAP_APPLICATION_NAME = "waap application";
class WaapComponent
:
public Component,