github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-09-29 19:24:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

Jul 5th update

Browse Source
This commit is contained in:
Ned Wright
2023-07-05 23:32:39 +00:00
parent 22f1a984aa
commit a59f079ef7
85 changed files with 2488 additions and 1754 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
components/utils/http_transaction_data/http_transaction_data.cc
View File

@@ -101,7 +101,7 @@ deserializeStrParam(const Buffer &data, uint &cur_pos)
<< to_string(*str_size);
cur_pos += *str_size;
return move(res);
}
@@ -185,6 +185,39 @@ HttpTransactionData::createTransactionData(const Buffer &transaction_raw_data)
dbgTrace(D_NGINX_ATTACHMENT) << "Successfully deserialized client port: " << client_port.unpack();
}
if (cur_pos == transaction_raw_data.size()) {
dbgDebug(D_NGINX_ATTACHMENT)
<< "No extra data to read from buffer. This agent is working with an old "
<< "attachment version that does not contain the parsed host and parsed uri elements.";
HttpTransactionData transaction(
http_protocol.unpackMove(),
http_method.unpackMove(),
host_name.unpackMove(),
listening_addr.unpackMove(),
listening_port.unpackMove(),
uri.unpackMove(),
client_addr.unpackMove(),
client_port.unpackMove()
);
return transaction;
}
Maybe<string> ngx_parsed_host = deserializeStrParam(transaction_raw_data, cur_pos);
if (!ngx_parsed_host.ok()) {
return genError("Could not deserialize nginx host: " + ngx_parsed_host.getErr());
} else {
dbgTrace(D_NGINX_ATTACHMENT) << "Successfully deserialized nginx_host: " << ngx_parsed_host.unpack();
}
Maybe<string> ngx_parsed_uri = deserializeStrParam(transaction_raw_data, cur_pos);
if (!ngx_parsed_uri.ok()) {
return genError("Could not deserialize parsed URI: " + ngx_parsed_uri.getErr());
} else {
dbgTrace(D_NGINX_ATTACHMENT) << "Successfully deserialized parsed URI: " << ngx_parsed_uri.unpack();
}
// Fail if after parsing exact number of items, we didn't exactly consume whole buffer
if (cur_pos != transaction_raw_data.size()) {
dbgWarning(D_NGINX_ATTACHMENT) << "Nothing to deserialize, but raw data still remain";
@@ -195,14 +228,16 @@ HttpTransactionData::createTransactionData(const Buffer &transaction_raw_data)
http_protocol.unpackMove(),
http_method.unpackMove(),
host_name.unpackMove(),
ngx_parsed_host.unpackMove(),
listening_addr.unpackMove(),
listening_port.unpackMove(),
uri.unpackMove(),
ngx_parsed_uri.unpackMove(),
client_addr.unpackMove(),
client_port.unpackMove()
);
return move(transaction);
return transaction;
}
HttpTransactionData::HttpTransactionData (
@@ -214,14 +249,44 @@ HttpTransactionData::HttpTransactionData (
string _uri,
IPAddr _client_ip,
uint16_t _client_port
)
:
HttpTransactionData::HttpTransactionData(
_http_proto,
_method,
_host_name,
_host_name,
_listening_ip,
_listening_port,
_uri,
_uri,
_client_ip,
_client_port
)
{
}
HttpTransactionData::HttpTransactionData (
string _http_proto,
string _method,
string _host_name,
string _parsed_host,
IPAddr _listening_ip,
uint16_t _listening_port,
string _uri,
string _parsed_uri,
IPAddr _client_ip,
uint16_t _client_port
)
:
http_proto(move(_http_proto)),
method(move(_method)),
host_name(move(_host_name)),
parsed_host(move(_parsed_host)),
listening_ip(move(_listening_ip)),
listening_port(move(_listening_port)),
uri(move(_uri)),
parsed_uri(move(_parsed_uri)),
client_ip(move(_client_ip)),
client_port(move(_client_port)),
is_request(true),
@@ -235,9 +300,11 @@ HttpTransactionData::HttpTransactionData()
"",
"GET",
"",
"",
IPAddr(),
-1,
"",
"",
IPAddr(),
-1
)

44
components/utils/http_transaction_data/http_transaction_data_ut/http_transaction_data_ut.cc
View File

@@ -102,6 +102,8 @@ TEST_F(HttpTransactionTest, TestTransactionDataFromBuf)
EXPECT_EQ(data.getHttpProtocol(), "HTTP/1.1");
EXPECT_EQ(data.getURI(), "/user-app/");
EXPECT_EQ(data.getHttpMethod(), "GET");
EXPECT_EQ(data.getParsedURI(), "/user-app/");
EXPECT_EQ(data.getParsedHost(), "localhost");
}
TEST_F(HttpTransactionTest, TestTransactionDataBadVer)
@@ -125,3 +127,45 @@ TEST_F(HttpTransactionTest, TestTransactionDataBadAddress)
"Could not parse IP Address: String 'this.is.not.IP' is not a valid IPv4/IPv6 address"
);
}
TEST_F(HttpTransactionTest, TestTransactionDataFromBufWIthParsedHostAndParsedUri)
{
Buffer meta_data =
Buffer(encodeInt16(strlen("HTTP/1.1"))) +
Buffer("HTTP/1.1") +
encodeInt16(3) +
Buffer("GET") +
encodeInt16(9) +
Buffer("localhost") +
encodeInt16(7) +
Buffer("0.0.0.0") +
encodeInt16(443) +
encodeInt16(11) +
Buffer("//user-app/") +
encodeInt16(9) +
Buffer("127.0.0.1") +
encodeInt16(47423) +
encodeInt16(10) +
Buffer("localhost2") +
encodeInt16(10) +
Buffer("/user-app/");
HttpTransactionData data = HttpTransactionData::createTransactionData(meta_data).unpack();
stringstream data_stream;
data.print(data_stream);
string data_string(
"HTTP/1.1 GET\nFrom: 127.0.0.1:47423\nTo: localhost//user-app/ (listening on 0.0.0.0:443)\n"
);
EXPECT_EQ(data_stream.str(), data_string);
EXPECT_EQ(data.getSourceIP(), IPAddr::createIPAddr("127.0.0.1").unpack());
EXPECT_EQ(data.getSourcePort(), 47423);
EXPECT_EQ(data.getListeningIP(), IPAddr::createIPAddr("0.0.0.0").unpack());
EXPECT_EQ(data.getListeningPort(), 443);
EXPECT_EQ(data.getDestinationHost(), "localhost");
EXPECT_EQ(data.getHttpProtocol(), "HTTP/1.1");
EXPECT_EQ(data.getURI(), "//user-app/");
EXPECT_EQ(data.getHttpMethod(), "GET");
EXPECT_EQ(data.getParsedURI(), "/user-app/");
EXPECT_EQ(data.getParsedHost(), "localhost2");
}