Skip to content

Commit

Permalink
Merge pull request #843 from k2io/dev
Browse files Browse the repository at this point in the history
Bug fixes for security agent
  • Loading branch information
nr-swilloughby authored Jan 25, 2024
2 parents 535eab4 + 00750a5 commit f78d122
Show file tree
Hide file tree
Showing 6 changed files with 29 additions and 13 deletions.
2 changes: 1 addition & 1 deletion v3/integrations/nrfasthttp/instrumentation.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,9 @@ func WrapHandle(app *newrelic.Application, pattern string, handler fasthttp.Requ
txn.SetWebResponse(resp)
txn.SetWebRequestHTTP(r)

handler(ctx)
if newrelic.IsSecurityAgentPresent() {
newrelic.GetSecurityAgentInterface().SendEvent("INBOUND_WRITE", resp.Body(), resp.Header())
}
handler(ctx)
}
}
18 changes: 13 additions & 5 deletions v3/integrations/nrgrpc/nrgrpc_server.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ import (
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/metadata"
"google.golang.org/grpc/peer"
"google.golang.org/grpc/status"
protoV2 "google.golang.org/protobuf/proto"
)
Expand All @@ -62,13 +63,20 @@ func startTransaction(ctx context.Context, app *newrelic.Application, fullMethod

target := hdrs.Get(":authority")
url := getURL(method, target)
transport := newrelic.TransportHTTP

p, ok := peer.FromContext(ctx)
if ok && p != nil && p.AuthInfo != nil && p.AuthInfo.AuthType() == "tls" {
transport = newrelic.TransportHTTPS
}

webReq := newrelic.WebRequest{
Header: hdrs,
URL: url,
Method: method,
Transport: newrelic.TransportHTTP,
Type: "gRPC",
Header: hdrs,
URL: url,
Method: method,
Transport: transport,
Type: "gRPC",
ServerName: target,
}
txn := app.StartTransaction(method)
txn.SetWebRequest(webReq)
Expand Down
10 changes: 9 additions & 1 deletion v3/integrations/nrmongo/nrmongo.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ package nrmongo
import (
"context"
"regexp"
"strings"
"sync"

"github.com/newrelic/go-agent/v3/internal"
Expand Down Expand Up @@ -99,7 +100,14 @@ func (m *mongoMonitor) started(ctx context.Context, e *event.CommandStartedEvent
return
}
if newrelic.IsSecurityAgentPresent() {
secureAgentEvent = newrelic.GetSecurityAgentInterface().SendEvent("MONGO", getJsonQuery(e.Command), e.CommandName)
commandName := e.CommandName
if strings.ToLower(commandName) == "findandmodify" {
value, ok := e.Command.Lookup("remove").BooleanOK()
if ok && value {
commandName = "delete"
}
}
secureAgentEvent = newrelic.GetSecurityAgentInterface().SendEvent("MONGO", getJsonQuery(e.Command), commandName)
}

host, port := calcHostAndPort(e.ConnectionID)
Expand Down
2 changes: 1 addition & 1 deletion v3/integrations/nrsecurityagent/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrsecurityagent
go 1.19

require (
github.com/newrelic/csec-go-agent v0.5.1
github.com/newrelic/csec-go-agent v0.7.0
github.com/newrelic/go-agent/v3 v3.29.0
github.com/newrelic/go-agent/v3/integrations/nrsqlite3 v1.2.0
gopkg.in/yaml.v2 v2.4.0
Expand Down
4 changes: 2 additions & 2 deletions v3/integrations/nrsecurityagent/nrsecurityagent.go
Original file line number Diff line number Diff line change
Expand Up @@ -163,9 +163,9 @@ func ConfigSecurityValidatorServiceEndPointUrl(url string) ConfigOption {
}

// ConfigSecurityDetectionDisableRxss is used to enable or disable RXSS validation.
func ConfigSecurityDetectionDisableRxss(isEnabled bool) ConfigOption {
func ConfigSecurityDetectionDisableRxss(isDisable bool) ConfigOption {
return func(cfg *SecurityConfig) {
cfg.Security.Detection.Rxss.Enabled = isEnabled
cfg.Security.Detection.Rxss.Enabled = !isDisable
}
}

Expand Down
6 changes: 3 additions & 3 deletions v3/newrelic/sql_driver.go
Original file line number Diff line number Diff line change
Expand Up @@ -292,7 +292,7 @@ func (w *wrapStmt) Query(args []driver.Value) (driver.Rows, error) {
var err error

if IsSecurityAgentPresent() {
secureAgentevent := sendSecureEventSQLPrepareArgs(args, w)
secureAgentevent := sendSecureEventSQLPrepareArgs(args, w.original)
defer func() {
secureAgent.SendExitEvent(secureAgentevent, err)
}()
Expand All @@ -317,7 +317,7 @@ func (w *wrapStmt) ExecContext(ctx context.Context, args []driver.NamedValue) (d
var err error

if IsSecurityAgentPresent() {
secureAgentevent := sendSecureEventSQLPrepareArgs(args, w)
secureAgentevent := sendSecureEventSQLPrepareArgs(args, w.original)
defer func() {
secureAgent.SendExitEvent(secureAgentevent, err)
}()
Expand All @@ -334,7 +334,7 @@ func (w *wrapStmt) QueryContext(ctx context.Context, args []driver.NamedValue) (
var err error

if IsSecurityAgentPresent() {
secureAgentevent := sendSecureEventSQLPrepareArgs(args, w)
secureAgentevent := sendSecureEventSQLPrepareArgs(args, w.original)
defer func() {
secureAgent.SendExitEvent(secureAgentevent, err)
}()
Expand Down

0 comments on commit f78d122

Please sign in to comment.