diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java index 12ea6f68f..1560135db 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/instrumentator/httpclient/RestRequestProcessor.java @@ -41,7 +41,6 @@ public class RestRequestProcessor implements Callable { public static final String JSON_PARSING_ERROR_WHILE_PROCESSING_FUZZING_REQUEST_S = "JSON parsing error while processing fuzzing request : %s"; private static final int MAX_REPETITION = 3; - public static final String ENDPOINT_LOCALHOST_S = "%s://localhost:%s"; private static final String IAST_REQUEST_HAS_NO_ARGUMENTS = "IAST request has no arguments : %s"; public static final String AGENT_IS_NOT_ACTIVE = "Agent is not active"; public static final String WS_RECONNECTING = "Websocket reconnecting failing for control command id: %s"; diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/ApacheHttpClientWrapper.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/ApacheHttpClientWrapper.java index bf69b2ee1..0ba292bad 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/ApacheHttpClientWrapper.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/ApacheHttpClientWrapper.java @@ -101,6 +101,9 @@ public ApacheHttpClientWrapper(int requestTimeoutInMillis) { this.httpClient = HttpClientBuilder.create() .disableDefaultUserAgent() .disableContentCompression() + .disableCookieManagement() + .disableAuthCaching() + .disableConnectionState() .setSSLHostnameVerifier(new DefaultHostnameVerifier()) .setDefaultRequestConfig(RequestConfig.custom() // Timeout in millis until a connection is established. diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/IastHttpClient.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/IastHttpClient.java index c34f2f45c..22adf6182 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/IastHttpClient.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/apache/httpclient/IastHttpClient.java @@ -9,6 +9,8 @@ import com.newrelic.api.agent.security.schema.ServerConnectionConfiguration; import com.newrelic.api.agent.security.schema.http.ReadResult; import com.newrelic.api.agent.security.utils.logging.LogLevel; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.io.IOException; import java.net.URISyntaxException; @@ -75,11 +77,10 @@ public void tryToEstablishApplicationEndpoint(HttpRequest request) { try { ReadResult result = httpClient.execute(request, endpoint.getValue(), true); if(result.getStatusCode() >= 200 && result.getStatusCode() <= 500) { - ServerConnectionConfiguration serverConnectionConfiguration = new ServerConnectionConfiguration(serverPort, endpoint.getKey()); + ServerConnectionConfiguration serverConnectionConfiguration = new ServerConnectionConfiguration(serverPort, endpoint.getKey(), endpoint.getValue(), true); AppServerInfo appServerInfo = AppServerInfoHelper.getAppServerInfo(); appServerInfo.getConnectionConfiguration().put(serverPort, serverConnectionConfiguration); - serverConnectionConfiguration.setEndpoint(endpoint.getValue()); - serverConnectionConfiguration.setConfirmed(true); + logger.log(LogLevel.FINER, String.format("setting up new connection configuration for port %s : %s", serverPort, serverConnectionConfiguration.getEndpoint()), IastHttpClient.class.getName()); return; } } catch (ApacheHttpExceptionWrapper | IOException | URISyntaxException e) { diff --git a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java index 5a11e43d3..a2beb2de4 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/agent/security/intcodeagent/logging/IAgentConstants.java @@ -571,13 +571,5 @@ public interface IAgentConstants { String NR_APM_TRACE_ID = "trace.id"; String NR_APM_SPAN_ID = "span.id"; - String HTTP_STR = "http"; - String HTTPS_STR = "https"; - String ENDPOINT_LOCALHOST_S = "%s://localhost:%s"; - - String SSL_EXCEPTION_FAILURE_MESSAGE = "SSL Exception raised for url : %s"; - String REQUEST_FAILURE_DUE_TO_IOEXCEPTION = "Request failure could be due to cancellation, a connectivity problem or timeout."; - String FAILURE_WHILE_GRPC_REQUEST_BODY_CONVERSION = "Failure while processing gRPC Request body, body : %s "; - String REQUEST_FAILURE_FOR_S_WITH_RESPONSE_CODE = "Request failure for : %s, with response : %s and response body : %s"; } \ No newline at end of file diff --git a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java index 3a99caef4..546b634ca 100644 --- a/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java +++ b/newrelic-security-agent/src/main/java/com/newrelic/api/agent/security/Agent.java @@ -889,31 +889,10 @@ public void setApplicationConnectionConfig(int port, String scheme) { AppServerInfo appServerInfo = AppServerInfoHelper.getAppServerInfo(); ServerConnectionConfiguration serverConnectionConfiguration = new ServerConnectionConfiguration(port, scheme); appServerInfo.getConnectionConfiguration().put(port, serverConnectionConfiguration); + logger.log(LogLevel.FINER, String.format("Unconfirmed connection configuration for port %d and scheme %s added.", port, scheme), this.getClass().getName()); // verifyConnectionAndPut(port, scheme, appServerInfo); } - private boolean isConnectionSuccessful(int port, String scheme) { - try { - java.net.URL endpoint = new URL(String.format("%s://localhost:%s", scheme, port)); - HttpURLConnection connection = (HttpURLConnection) endpoint.openConnection(); - - // Set the request method to HEAD (you won't download the whole content) - connection.setRequestMethod("HEAD"); - - int responseCode = connection.getResponseCode(); - - if (responseCode == HttpURLConnection.HTTP_OK) { - return true; - } else if (responseCode == HttpURLConnection.HTTP_NOT_FOUND) { - return true; - } else { - return false; - } - } catch (IOException e) { - return false; - } - } - public ServerConnectionConfiguration getApplicationConnectionConfig(int port) { AppServerInfo appServerInfo = AppServerInfoHelper.getAppServerInfo(); return appServerInfo.getConnectionConfiguration().get(port); diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ServerConnectionConfiguration.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ServerConnectionConfiguration.java index 0db051003..d0abfa269 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ServerConnectionConfiguration.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/schema/ServerConnectionConfiguration.java @@ -17,9 +17,17 @@ public ServerConnectionConfiguration() { public ServerConnectionConfiguration(int port, String scheme) { this.port = port; this.protocol = scheme; + this.endpoint = String.format("%s://localhost:%s", scheme, port); this.confirmed = false; } + public ServerConnectionConfiguration(int port, String scheme, String endpoint, boolean confirmed) { + this.port = port; + this.protocol = scheme; + this.endpoint = endpoint; + this.confirmed = confirmed; + } + public Integer getPort() { return port; }