// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved. // Licensed under the Apache License, Version 2.0 (the "License"); // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include "nginx_attachment_opaque.h" #include "boost/uuid/uuid.hpp" #include "boost/uuid/uuid_generators.hpp" #include "boost/uuid/uuid_io.hpp" #include "config.h" #include "sasal.h" #include "virtual_modifiers.h" SASAL_START // HTTP Manager - Transaction data using namespace std; using namespace boost::uuids; USE_DEBUG_FLAG(D_HTTP_MANAGER); NginxAttachmentOpaque::NginxAttachmentOpaque(HttpTransactionData _transaction_data) : TableOpaqueSerialize(this), transaction_data(move(_transaction_data)), ctx(), session_tenant(), uuid() { try { uuid = to_string(boost::uuids::random_generator()()); } catch (const boost::uuids::entropy_error &e) { dbgWarning(D_HTTP_MANAGER) << "Failed to generate UUID. Error: " << e.what(); } dbgTrace(D_HTTP_MANAGER) << "Creating nginx opaque environment from: " << transaction_data; response_compression_stream = initCompressionStream(); auto client_ip = transaction_data.getSourceIP(); std::stringstream client_ip_str; client_ip_str << client_ip; setSourceIdentifier("sourceip", client_ip_str.str()); ctx.registerValue("eventReferenceId", uuid, EnvKeyAttr::LogSection::DATA); ctx.registerValue(HttpTransactionData::http_proto_ctx, transaction_data.getHttpProtocol()); ctx.registerValue(HttpTransactionData::method_ctx, transaction_data.getHttpMethod()); ctx.registerValue(HttpTransactionData::host_name_ctx, transaction_data.getDestinationHost()); ctx.registerValue(HttpTransactionData::listening_port_ctx, transaction_data.getListeningPort()); ctx.registerValue(HttpTransactionData::listening_ip_ctx, transaction_data.getListeningIP()); ctx.registerValue(HttpTransactionData::client_ip_ctx, transaction_data.getSourceIP()); ctx.registerValue(HttpTransactionData::client_port_ctx, transaction_data.getSourcePort()); ctx.registerFunc(HttpTransactionData::source_identifier, [this](){ return source_identifier; }); ctx.registerValue(HttpTransactionData::uri_ctx, transaction_data.getURI()); auto decoder = makeVirtualContainer>(transaction_data.getURI()); string decoded_url(decoder.begin(), decoder.end()); auto question_mark_location = decoded_url.find('?'); if (question_mark_location != string::npos) { ctx.registerValue(HttpTransactionData::uri_query_decoded, decoded_url.substr(question_mark_location + 1)); } ctx.registerValue(HttpTransactionData::uri_path_decoded, decoded_url.substr(0, question_mark_location)); } NginxAttachmentOpaque::~NginxAttachmentOpaque() { finiCompressionStream(response_compression_stream); } // LCOV_EXCL_START - sync functions, can only be tested once the sync module exists std::unique_ptr NginxAttachmentOpaque::prototype() { return make_unique(HttpTransactionData()); } // LCOV_EXCL_STOP void NginxAttachmentOpaque::setSessionTenant(const string &tenant) { session_tenant = tenant; Singleton::Consume::by()->setActiveTenant(session_tenant); } void NginxAttachmentOpaque::setSourceIdentifier(const string &header_key, const string &new_source_identifier) { identifier_type = header_key; source_identifier = new_source_identifier; } const string & NginxAttachmentOpaque::getSourceIdentifiersType() const { return identifier_type; } void NginxAttachmentOpaque::addToSavedData(const string &name, const string &data) { saved_data[name] += data; ctx.registerValue(name, saved_data[name]); } void NginxAttachmentOpaque::setSavedData(const string &name, const string &data, EnvKeyAttr::LogSection log_ctx) { saved_data[name] = data; ctx.registerValue(name, data, log_ctx); } SASAL_END