diff --git a/instrumentation-security/mule-3.6/src/main/java/com/newrelic/agent/security/instrumentation/mule36/MuleHelper.java b/instrumentation-security/mule-3.6/src/main/java/com/newrelic/agent/security/instrumentation/mule36/MuleHelper.java index c56ea06d4..4683aab38 100644 --- a/instrumentation-security/mule-3.6/src/main/java/com/newrelic/agent/security/instrumentation/mule36/MuleHelper.java +++ b/instrumentation-security/mule-3.6/src/main/java/com/newrelic/agent/security/instrumentation/mule36/MuleHelper.java @@ -27,8 +27,8 @@ public class MuleHelper { public static final String MULE_36 = "MULE-3.6"; private static final String MULE_LOCK_CUSTOM_ATTRIB_NAME = "MULE_LOCK-"; public static final String MULE_SERVER_PORT_ATTRIB_NAME = "MULE_SERVER_PORT"; - private static final String RESPONSE_OUTPUTSTREAM_HASH = "RESPONSE_OUTPUTSTREAM_HASH"; - private static final String REQUEST_INPUTSTREAM_HASH = "REQUEST_INPUTSTREAM_HASH"; + public static final String RESPONSE_OUTPUTSTREAM_HASH = "RESPONSE_OUTPUTSTREAM_HASH"; + public static final String REQUEST_INPUTSTREAM_HASH = "REQUEST_INPUTSTREAM_HASH"; public static final String TRANSFORM_METHOD = "transform"; public static final String HANDLE_REQUEST_METHOD = "handleRequest"; private static final String EMPTY = ""; @@ -135,26 +135,25 @@ public static Map getHandlerMap() { return handlerMap; } - public static void registerOutputStreamHashIfNeeded(int outputStreamHash){ + public static void registerStreamHashIfNeeded(int streamHash, String key){ try { - Set hashSet = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(RESPONSE_OUTPUTSTREAM_HASH, Set.class); + Set hashSet = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(key, Set.class); if (hashSet == null) { hashSet = new HashSet<>(); - NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(RESPONSE_OUTPUTSTREAM_HASH, hashSet); + NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(key, hashSet); } - hashSet.add(outputStreamHash); + hashSet.add(streamHash); } catch (Throwable ignored) {} } - public static void registerInputStreamHashIfNeeded(int inputStreamHash){ + public static boolean preprocessStream(int streamHash, String key){ try { - Set hashSet = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(REQUEST_INPUTSTREAM_HASH, Set.class); - if(hashSet == null){ - hashSet = new HashSet<>(); - NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(REQUEST_INPUTSTREAM_HASH, hashSet); + Set hashSet = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(key, Set.class); + if(hashSet != null && hashSet.contains(streamHash)){ + return true; } - hashSet.add(inputStreamHash); } catch (Throwable ignored) {} + return false; } public static void processHttpResponseHeaders(com.newrelic.api.agent.security.schema.HttpResponse securityResponse, HttpResponse response){ diff --git a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/ByteArrayHttpEntity_Instrumentation.java b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/ByteArrayHttpEntity_Instrumentation.java index 7c3d245eb..eeea3a477 100644 --- a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/ByteArrayHttpEntity_Instrumentation.java +++ b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/ByteArrayHttpEntity_Instrumentation.java @@ -3,6 +3,7 @@ import com.newrelic.agent.security.instrumentation.mule36.MuleHelper; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; +import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.utils.logging.LogLevel; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; @@ -33,10 +34,12 @@ private void extractResponseBody(byte[] content) throws IOException { encoding = Charsets.UTF_8.name(); } String body = IOUtils.toString(content, encoding); - if (Objects.equals(NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.RESPONSE_ENTITY_STREAM), Integer.class), this.hashCode())) { - NewRelicSecurity.getAgent().getSecurityMetaData().getResponse().getResponseBody().append(body); - } else if (Objects.equals(NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.REQUEST_ENTITY_STREAM), Integer.class), this.hashCode())) { - NewRelicSecurity.getAgent().getSecurityMetaData().getRequest().getBody().append(body); + + SecurityMetaData securityMetaData = NewRelicSecurity.getAgent().getSecurityMetaData(); + if (MuleHelper.preprocessStream(this.hashCode(), MuleHelper.RESPONSE_ENTITY_STREAM)) { + securityMetaData.getResponse().getResponseBody().append(body); + } else if (MuleHelper.preprocessStream(this.hashCode(), MuleHelper.REQUEST_ENTITY_STREAM)) { + securityMetaData.getRequest().getBody().append(body); } } } diff --git a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/InputStreamHttpEntity_Instrumentation.java b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/InputStreamHttpEntity_Instrumentation.java index 15a0b6615..aba24e0c4 100644 --- a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/InputStreamHttpEntity_Instrumentation.java +++ b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/InputStreamHttpEntity_Instrumentation.java @@ -3,6 +3,7 @@ import com.newrelic.agent.security.instrumentation.mule36.MuleHelper; import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; +import com.newrelic.api.agent.security.schema.SecurityMetaData; import com.newrelic.api.agent.security.utils.logging.LogLevel; import com.newrelic.api.agent.weaver.Weave; import com.newrelic.api.agent.weaver.Weaver; @@ -27,10 +28,13 @@ public InputStream getInputStream() { private void extractResponseBody(InputStream stream) { if (NewRelicSecurity.isHookProcessingActive() && stream != null) { // check if it is an input or output stream - if (Objects.equals(NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.RESPONSE_ENTITY_STREAM), Integer.class), this.hashCode())) { - MuleHelper.registerOutputStreamHashIfNeeded(stream.hashCode()); - } else if (Objects.equals(NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.REQUEST_ENTITY_STREAM), Integer.class), this.hashCode())) { - MuleHelper.registerInputStreamHashIfNeeded(stream.hashCode()); + // outputBody stream + if (MuleHelper.preprocessStream(this.hashCode(), MuleHelper.RESPONSE_ENTITY_STREAM)) { + MuleHelper.registerStreamHashIfNeeded(stream.hashCode(), MuleHelper.RESPONSE_OUTPUTSTREAM_HASH); + } + // inputBody stream + else if (MuleHelper.preprocessStream(this.hashCode(), MuleHelper.REQUEST_ENTITY_STREAM)) { + MuleHelper.registerStreamHashIfNeeded(stream.hashCode(), MuleHelper.REQUEST_INPUTSTREAM_HASH); } } } diff --git a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/response/HttpResponseBuilder_Instrumentation.java b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/response/HttpResponseBuilder_Instrumentation.java index 3a790774e..9adaa1d8f 100644 --- a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/response/HttpResponseBuilder_Instrumentation.java +++ b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/domain/response/HttpResponseBuilder_Instrumentation.java @@ -34,7 +34,7 @@ private void postProcessSecurityHook(HttpResponse response) { return; } if (body != null) { - NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.getNrSecCustomAttribName(MuleHelper.RESPONSE_ENTITY_STREAM)), body.hashCode()); + MuleHelper.registerStreamHashIfNeeded(body.hashCode(), MuleHelper.RESPONSE_ENTITY_STREAM); } com.newrelic.api.agent.security.schema.HttpResponse securityResponse = NewRelicSecurity.getAgent().getSecurityMetaData().getResponse(); diff --git a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java index b31dcf3d6..c67512563 100644 --- a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java +++ b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java @@ -59,7 +59,7 @@ private static void preprocessSecurityHook(HttpRequestContext requestContext) { HttpRequest httpRequest = requestContext.getRequest(); if (httpRequest.getEntity() != null) { - securityMetaData.addCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.REQUEST_ENTITY_STREAM), httpRequest.getEntity().hashCode()); + MuleHelper.registerStreamHashIfNeeded(httpRequest.getEntity().hashCode(), MuleHelper.REQUEST_ENTITY_STREAM); } securityRequest.setMethod(httpRequest.getMethod()); securityRequest.setClientIP(requestContext.getRemoteHostAddress().toString()); diff --git a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java index 6ccea0f15..5b4de2ce6 100644 --- a/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java +++ b/instrumentation-security/mule-3.6/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java @@ -51,7 +51,7 @@ private void preprocessSecurityHook(HttpRequestContext requestContext) { HttpRequest httpRequest = requestContext.getRequest(); if (httpRequest.getEntity() != null) { - securityMetaData.addCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.REQUEST_ENTITY_STREAM), httpRequest.getEntity().hashCode()); + MuleHelper.registerStreamHashIfNeeded(httpRequest.getEntity().hashCode(), MuleHelper.REQUEST_ENTITY_STREAM); } securityRequest.setMethod(httpRequest.getMethod()); securityRequest.setClientIP(requestContext.getRemoteHostAddress().toString()); diff --git a/instrumentation-security/mule-3.7/src/main/java/com/newrelic/agent/security/instrumentation/mule37/MuleHelper.java b/instrumentation-security/mule-3.7/src/main/java/com/newrelic/agent/security/instrumentation/mule37/MuleHelper.java index 47227d51b..a17bae1b4 100644 --- a/instrumentation-security/mule-3.7/src/main/java/com/newrelic/agent/security/instrumentation/mule37/MuleHelper.java +++ b/instrumentation-security/mule-3.7/src/main/java/com/newrelic/agent/security/instrumentation/mule37/MuleHelper.java @@ -27,13 +27,13 @@ public class MuleHelper { public static final String MULE_37 = "MULE-3.7"; private static final String MULE_LOCK_CUSTOM_ATTRIB_NAME = "MULE_LOCK-"; public static final String MULE_SERVER_PORT_ATTRIB_NAME = "MULE_SERVER_PORT"; - private static final String RESPONSE_OUTPUTSTREAM_HASH = "RESPONSE_OUTPUTSTREAM_HASH"; + public static final String RESPONSE_OUTPUTSTREAM_HASH = "RESPONSE_OUTPUTSTREAM_HASH"; public static final String TRANSFORM_METHOD = "transform"; public static final String HANDLE_REQUEST_METHOD = "handleRequest"; private static final String EMPTY = ""; public static final String LIBRARY_NAME = "MULE-SERVER"; private static final Map handlerMap = new HashMap<>(); - private static final String REQUEST_INPUTSTREAM_HASH = "REQUEST_INPUTSTREAM_HASH"; + public static final String REQUEST_INPUTSTREAM_HASH = "REQUEST_INPUTSTREAM_HASH"; public static final String RESPONSE_ENTITY_STREAM = "RESPONSE_ENTITY_STREAM"; public static final String REQUEST_ENTITY_STREAM = "REQUEST_ENTITY_STREAM"; public static final String MULE_ENCODING = "MULE_ENCODING"; @@ -134,26 +134,25 @@ public static Map getHandlerMap() { return handlerMap; } - public static void registerOutputStreamHashIfNeeded(int outputStreamHash){ + public static void registerStreamHashIfNeeded(int streamHash, String key){ try { - Set hashSet = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(RESPONSE_OUTPUTSTREAM_HASH, Set.class); + Set hashSet = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(key, Set.class); if (hashSet == null) { hashSet = new HashSet<>(); - NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(RESPONSE_OUTPUTSTREAM_HASH, hashSet); + NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(key, hashSet); } - hashSet.add(outputStreamHash); + hashSet.add(streamHash); } catch (Throwable ignored) {} } - public static void registerInputStreamHashIfNeeded(int inputStreamHash){ + public static boolean preprocessStream(int streamHash, String key){ try { - Set hashSet = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(REQUEST_INPUTSTREAM_HASH, Set.class); - if(hashSet == null){ - hashSet = new HashSet<>(); - NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(REQUEST_INPUTSTREAM_HASH, hashSet); + Set hashSet = NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(key, Set.class); + if(hashSet != null && hashSet.contains(streamHash)){ + return true; } - hashSet.add(inputStreamHash); } catch (Throwable ignored) {} + return false; } public static void processHttpResponseHeaders(com.newrelic.api.agent.security.schema.HttpResponse securityResponse, HttpResponse response){ diff --git a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/ByteArrayHttpEntity_Instrumentation.java b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/ByteArrayHttpEntity_Instrumentation.java index d66a8be68..e4288ad1c 100644 --- a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/ByteArrayHttpEntity_Instrumentation.java +++ b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/ByteArrayHttpEntity_Instrumentation.java @@ -11,7 +11,6 @@ import org.mule.util.IOUtils; import java.io.IOException; -import java.util.Objects; @Weave(originalName = "org.mule.module.http.internal.domain.ByteArrayHttpEntity") public class ByteArrayHttpEntity_Instrumentation { @@ -36,9 +35,9 @@ private void extractResponseBody(byte[] content) throws IOException { String body = IOUtils.toString(content, encoding); SecurityMetaData securityMetaData = NewRelicSecurity.getAgent().getSecurityMetaData(); - if (Objects.equals(securityMetaData.getCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.RESPONSE_ENTITY_STREAM), Integer.class), this.hashCode())) { + if (MuleHelper.preprocessStream(this.hashCode(), MuleHelper.RESPONSE_ENTITY_STREAM)) { securityMetaData.getResponse().getResponseBody().append(body); - } else if (Objects.equals(securityMetaData.getCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.REQUEST_ENTITY_STREAM), Integer.class), this.hashCode())) { + } else if (MuleHelper.preprocessStream(this.hashCode(), MuleHelper.REQUEST_ENTITY_STREAM)) { securityMetaData.getRequest().getBody().append(body); } } diff --git a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/InputStreamHttpEntity_Instrumentation.java b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/InputStreamHttpEntity_Instrumentation.java index 8e22945cc..e02da800d 100644 --- a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/InputStreamHttpEntity_Instrumentation.java +++ b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/InputStreamHttpEntity_Instrumentation.java @@ -9,7 +9,6 @@ import com.newrelic.api.agent.weaver.Weaver; import java.io.InputStream; -import java.util.Objects; @Weave(originalName = "org.mule.module.http.internal.domain.InputStreamHttpEntity") public class InputStreamHttpEntity_Instrumentation { @@ -29,10 +28,13 @@ private void extractResponseBody(InputStream stream) { if (NewRelicSecurity.isHookProcessingActive() && stream != null) { // check if it is an input or output stream SecurityMetaData securityMetaData = NewRelicSecurity.getAgent().getSecurityMetaData(); - if (Objects.equals(securityMetaData.getCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.RESPONSE_ENTITY_STREAM), Integer.class), this.hashCode())) { - MuleHelper.registerOutputStreamHashIfNeeded(stream.hashCode()); - } else if (Objects.equals(securityMetaData.getCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.REQUEST_ENTITY_STREAM), Integer.class), this.hashCode())) { - MuleHelper.registerInputStreamHashIfNeeded(stream.hashCode()); + // outputBody stream + if (MuleHelper.preprocessStream(this.hashCode(), MuleHelper.RESPONSE_ENTITY_STREAM)) { + MuleHelper.registerStreamHashIfNeeded(stream.hashCode(), MuleHelper.RESPONSE_OUTPUTSTREAM_HASH); + } + // inputBody stream + else if (MuleHelper.preprocessStream(this.hashCode(), MuleHelper.REQUEST_ENTITY_STREAM)) { + MuleHelper.registerStreamHashIfNeeded(stream.hashCode(), MuleHelper.REQUEST_INPUTSTREAM_HASH); } } } diff --git a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/response/HttpResponseBuilder_Instrumentation.java b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/response/HttpResponseBuilder_Instrumentation.java index a3c853161..e0b3bac37 100644 --- a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/response/HttpResponseBuilder_Instrumentation.java +++ b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/domain/response/HttpResponseBuilder_Instrumentation.java @@ -35,7 +35,7 @@ private void postProcessSecurityHook(HttpResponse response) { return; } if (body != null) { - NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.getNrSecCustomAttribName(MuleHelper.RESPONSE_ENTITY_STREAM)), body.hashCode()); + MuleHelper.registerStreamHashIfNeeded(body.hashCode(), MuleHelper.RESPONSE_ENTITY_STREAM); } com.newrelic.api.agent.security.schema.HttpResponse securityResponse = NewRelicSecurity.getAgent().getSecurityMetaData().getResponse(); MuleHelper.processHttpResponseHeaders(securityResponse, response); diff --git a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java index ad1a944f0..dbd8ff353 100644 --- a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java +++ b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/HttpRequestToMuleEvent_Instrumentation.java @@ -59,7 +59,7 @@ private static void preprocessSecurityHook(HttpRequestContext requestContext) { HttpRequest httpRequest = requestContext.getRequest(); if (httpRequest.getEntity() != null) { - securityMetaData.addCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.REQUEST_ENTITY_STREAM), httpRequest.getEntity().hashCode()); + MuleHelper.registerStreamHashIfNeeded(httpRequest.getEntity().hashCode(), MuleHelper.REQUEST_ENTITY_STREAM); } securityRequest.setMethod(httpRequest.getMethod()); securityRequest.setClientIP(requestContext.getClientConnection().getRemoteHostAddress().toString()); diff --git a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java index 2f65dcbd5..4dd3ad108 100644 --- a/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java +++ b/instrumentation-security/mule-3.7/src/main/java/org/mule/module/http/internal/listener/async/RequestHandler_Instrumentation.java @@ -50,7 +50,7 @@ private void preprocessSecurityHook(HttpRequestContext requestContext) { HttpRequest httpRequest = requestContext.getRequest(); if (httpRequest.getEntity() != null) { - securityMetaData.addCustomAttribute(MuleHelper.getNrSecCustomAttribName(MuleHelper.REQUEST_ENTITY_STREAM), httpRequest.getEntity().hashCode()); + MuleHelper.registerStreamHashIfNeeded(httpRequest.getEntity().hashCode(), MuleHelper.REQUEST_ENTITY_STREAM); } securityRequest.setMethod(httpRequest.getMethod()); securityRequest.setClientIP(requestContext.getClientConnection().getRemoteHostAddress().toString());