Merge pull request #26 from newrelic/dev

Release v0.4.0
newrelic · Aug 28, 2023 · 7469a77 · 7469a77
2 parents 822b294 + a1d1257
commit 7469a77
Show file tree

Hide file tree

Showing 41 changed files with 799 additions and 882 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -14,22 +14,6 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - go-version: 1.17.x
-            dirs: instrumentation/csec_antchfx_htmlquery
-          - go-version: 1.17.x
-            dirs: instrumentation/csec_antchfx_xpath
-          - go-version: 1.17.x
-            dirs: instrumentation/csec_ldap_v3
-          - go-version: 1.17.x
-            dirs: instrumentation/csec_sql
-          - go-version: 1.17.x
-            dirs: instrumentation/csec_antchfx_jsonquery
-          - go-version: 1.17.x
-            dirs: instrumentation/csec_mongodb_mongo
-          - go-version: 1.17.x
-            dirs: instrumentation/csec_antchfx_xmlquery
-          - go-version: 1.17.x
-            dirs: instrumentation/csec_robertkrimen_otto
           - go-version: 1.18.x
             dirs: instrumentation/csec_antchfx_htmlquery
           - go-version: 1.18.x

diff --git a/Changelog.md b/Changelog.md
@@ -1,5 +1,38 @@
 # Changelog
 
+## [v0.3.0] - 2023-08-28
+
+ * Updated logger module and implemented new logging module with standard golang package `log`
+    * Remove the following third-party dependency for logging:
+       - juju/fslock
+        -  sirupsen/logrus
+ * Update HC health check messages sending pipeline and send HC health check messages on priority.
+ * Added null parameter checks before event generation.
+ * Adopt IAST data pull implementation.
+ * Improved logging and added a few fallback mechanisms for restricted environments.
+ * Updated service status module and removed the following third-party dependency:
+    - juju/fslock
+     - mackerelio/go-osstat
+     - pbnjay/memory
+     -  sirupsen/logrus
+     - struCoder/pidusage
+
+ * This affects:
+     * Base csec agent code (updated to v0.4.0)
+     * `csec_antchfx_htmlquery` instrumentation (updated to v0.4.0)
+     * `csec_antchfx_xmlquery` instrumentation (updated to v0.4.0)
+     * `csec_augustoroman_v8` instrumentation (updated to v0.4.0)
+     * `csec_ldap_v3` instrumentation (updated to v0.4.0)
+     * `csec_robertkrimen_otto` instrumentation (updated to v0.4.0)
+     * `csec_valyala_fasthttp` instrumentation (updated to v0.4.0)
+     * `csec_antchfx_jsonquery` instrumentation (updated to v0.4.0)
+     * `csec_antchfx_xpath` instrumentation (updated to v0.4.0)
+     * `csec_grpc` instrumentation (updated to v0.4.0)
+     * `csec_mongodb_mongo` instrumentation (updated to v0.4.0)
+
+### Support statement
+* Go versions 1.18 and later are supported
+
 ## [v0.3.0] - 2023-07-24
 
 - Fix for data race conditions observed by race detector.

diff --git a/README.md b/README.md
@@ -9,7 +9,7 @@ The IAST capability should only be used in pre-production environments as the ap
 
 # Installation
 #### Compatibility and Requirements
-For the latest version of the agent, Go 1.17+ is required.
+For the latest version of the agent, Go 1.18+ is required.
 Linux, MacOS, and Windows are supported.
 
 

diff --git a/THIRD_PARTY_NOTICES.md b/THIRD_PARTY_NOTICES.md
diff --git a/go.mod b/go.mod
@@ -1,28 +1,9 @@
 module github.com/newrelic/csec-go-agent
 
-go 1.17
+go 1.18
 
 require (
 	github.com/dlclark/regexp2 v1.9.0
 	github.com/gorilla/websocket v1.5.0
-	github.com/juju/fslock v0.0.0-20160525022230-4d5c94c67b4b
-	github.com/k2io/hookingo v1.0.3
-	github.com/mackerelio/go-osstat v0.2.4
-	github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58
-	github.com/sirupsen/logrus v1.9.0
-	github.com/struCoder/pidusage v0.2.1
-)
-
-require (
-	github.com/stretchr/testify v1.8.2 // indirect
-	golang.org/x/arch v0.3.0 // indirect
-	golang.org/x/sys v0.7.0 // indirect
-	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
-)
-
-exclude (
-	github.com/stretchr/testify v1.7.0 // indirect
-	github.com/stretchr/testify v1.7.1 // indirect
-	golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 // indirect
-	golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
+	github.com/k2io/hookingo v1.0.5
 )
diff --git a/go.sum b/go.sum
@@ -3,26 +3,16 @@ github.com/dlclark/regexp2 v1.9.0 h1:pTK/l/3qYIKaRXuHnEnIf7Y5NxfRPfpb7dis6/gdlVI
 github.com/dlclark/regexp2 v1.9.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
 github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
 github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/juju/fslock v0.0.0-20160525022230-4d5c94c67b4b h1:FQ7+9fxhyp82ks9vAuyPzG0/vVbWwMwLJ+P6yJI5FN8=
-github.com/juju/fslock v0.0.0-20160525022230-4d5c94c67b4b/go.mod h1:HMcgvsgd0Fjj4XXDkbjdmlbI505rUPBs6WBMYg2pXks=
 github.com/k2io/hookingo v1.0.3 h1:9rJMlAKzhBLTEn3jmpmt6AsyHmXONPvRgCRxzvxS89Y=
 github.com/k2io/hookingo v1.0.3/go.mod h1:GfmXAKuiFd8/UafviDs8nnciGQ89QvHIzQQUaAmvRJ4=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/mackerelio/go-osstat v0.2.4 h1:qxGbdPkFo65PXOb/F/nhDKpF2nGmGaCFDLXoZjJTtUs=
-github.com/mackerelio/go-osstat v0.2.4/go.mod h1:Zy+qzGdZs3A9cuIqmgbJvwbmLQH9dJvtio5ZjJTbdlQ=
-github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58 h1:onHthvaw9LFnH4t2DcNVpwGmV9E1BkGknEliJkfwQj0=
-github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58/go.mod h1:DXv8WO4yhMYhSNPKjeNKa5WY9YCIEBRbNzFFPJbWO6Y=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
-github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/struCoder/pidusage v0.2.1 h1:dFiEgUDkubeIj0XA1NpQ6+8LQmKrLi7NiIQl86E6BoY=
-github.com/struCoder/pidusage v0.2.1/go.mod h1:bewtP2KUA1TBUyza5+/PCpSQ6sc/H6jJbIKAzqW86BA=
 golang.org/x/arch v0.0.0-20190927153633-4e8777c89be4/go.mod h1:flIaEI6LNU6xOCD5PaJvn9wGP0agmIOqjrtsKGRguv4=
 golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
 golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=

diff --git a/instrumentation/csec_antchfx_htmlquery/go.mod b/instrumentation/csec_antchfx_htmlquery/go.mod
@@ -3,5 +3,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_antchfx_htmlquery
 go 1.17
 
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/instrumentation/csec_antchfx_jsonquery/go.mod b/instrumentation/csec_antchfx_jsonquery/go.mod
@@ -3,5 +3,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_antchfx_jsonquery
 go 1.17
 
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/instrumentation/csec_antchfx_xmlquery/go.mod b/instrumentation/csec_antchfx_xmlquery/go.mod
@@ -3,5 +3,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_antchfx_xmlquery
 go 1.17
 
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/instrumentation/csec_antchfx_xpath/go.mod b/instrumentation/csec_antchfx_xpath/go.mod
@@ -3,5 +3,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_antchfx_xpath
 go 1.16
 
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/instrumentation/csec_augustoroman_v8/go.mod b/instrumentation/csec_augustoroman_v8/go.mod
@@ -3,5 +3,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_augustoroman_v8
 go 1.17
 
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/instrumentation/csec_grpc/go.mod b/instrumentation/csec_grpc/go.mod
@@ -3,8 +3,16 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_grpc
 go 1.17
 
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 	google.golang.org/grpc v1.56.2
 	google.golang.org/protobuf v1.31.0
 	github.com/golang/protobuf v1.5.3
+)
+
+require(
+	golang.org/x/net v0.13.0
+)
+
+exclude(
+	golang.org/x/net v0.9.0
 )
diff --git a/instrumentation/csec_ldap_v3/go.mod b/instrumentation/csec_ldap_v3/go.mod
@@ -2,5 +2,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_ldap_v3
 
 go 1.17
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/instrumentation/csec_mongodb_mongo/go.mod b/instrumentation/csec_mongodb_mongo/go.mod
@@ -2,5 +2,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_mongodb_mongo
 
 go 1.16
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/instrumentation/csec_robertkrimen_otto/go.mod b/instrumentation/csec_robertkrimen_otto/go.mod
@@ -2,5 +2,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_robertkrimen_otto
 
 go 1.17
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/instrumentation/csec_valyala_fasthttp/go.mod b/instrumentation/csec_valyala_fasthttp/go.mod
@@ -3,5 +3,5 @@ module github.com/newrelic/csec-go-agent/instrumentation/csec_valyala_fasthttp
 go 1.17
 
 require (
-	github.com/newrelic/csec-go-agent v0.3.0
+	github.com/newrelic/csec-go-agent v0.4.0
 )
diff --git a/internal/security_logs/initLogging.go b/internal/security_logs/initLogging.go
@@ -0,0 +1,46 @@
+// Copyright 2020 New Relic Corporation. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package security_logs
+
+import (
+	"fmt"
+	"path/filepath"
+)
+
+var initLogger = DefaultLogger(true)
+
+func init_initLogger(initlogFileName, logFilepath string, pid int) {
+
+	rotateFileHook, writer, err := NewRotateFileHook(RotateFileConfig{
+		Filename:        filepath.Join(logFilepath, initlogFileName),
+		Filepath:        logFilepath,
+		MaxSize:         50, // megabytes
+		MaxBackups:      2,
+		BaseLogFilename: initlogFileName,
+	})
+
+	UpdateLogger(writer, "INFO", pid, initLogger, rotateFileHook, err)
+}
+
+func InitLogger() *logFile {
+	return initLogger
+}
+
+func EndStage(stageId, logs interface{}) {
+	print := fmt.Sprintf("[STEP-%s] %s", stageId, logs)
+	PrintInitlog(print)
+}
+func PrintInitlog(logs interface{}) {
+	initLogger.Infoln(logs)
+}
+
+func PrintInitErrolog(logs string) {
+	initLogger.Errorln(logs)
+}
+func PrintWarnlog(logs string) {
+	initLogger.Warnln(logs)
+}
+func Disableinitlogs() {
+	initLogger.isActive = false
+}
diff --git a/internal/security_logs/logger.go b/internal/security_logs/logger.go
@@ -0,0 +1,105 @@
+// Copyright 2020 New Relic Corporation. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package security_logs
+
+import (
+	"fmt"
+	"io"
+	"log"
+)
+
+type logFile struct {
+	logger         *log.Logger
+	isDebugMode    bool
+	mode           string
+	isActive       bool
+	cache          []interface{}
+	iscache        bool
+	rotateFileHook *RotateFileHook
+	isDefault      bool
+}
+
+type Logger interface {
+	Errorln(...interface{})
+	Warnln(...interface{})
+	Infoln(...interface{})
+	Debugln(...interface{})
+}
+
+// New creates a basic Logger.
+func UpdateLogger(w io.Writer, mode string, pid int, logF *logFile, rotateFileHook *RotateFileHook, isDefault bool) {
+	logF.logger = log.New(w, fmt.Sprintf("%d", pid), log.Ldate|log.Ltime|log.Lmsgprefix|log.LstdFlags|log.LUTC|log.Lshortfile)
+	logF.isActive = true
+	logF.iscache = false
+	logF.rotateFileHook = rotateFileHook
+	logF.isDefault = isDefault
+	logF.setLevel(mode)
+	logF.cleanCache()
+	return
+}
+
+func DefaultLogger(iscache1 bool) *logFile {
+	logF := &logFile{isActive: false, iscache: iscache1, isDefault: true}
+	return logF
+}
+
+func (f *logFile) fire(level string, msg ...interface{}) {
+	logm := fmt.Sprintln(msg...)
+
+	if level == "ERROR" {
+		errLevel := fmt.Sprintf("\x1b[%dm%s\x1b[0m", 31, "ERROR")
+		logm = fmt.Sprintf(" [%s] %s", errLevel, logm)
+	} else {
+		logm = fmt.Sprintf(" [%s] %s", level, logm)
+	}
+
+	if f.iscache && f.logger == nil {
+		f.cache = append(f.cache, logm)
+	}
+
+	if !f.isActive || f.logger == nil {
+		return
+	}
+
+	if f.rotateFileHook != nil {
+		logm = f.rotateFileHook.Fire(logm, level, f.isDefault)
+	}
+
+	f.logger.Output(3, logm)
+}
+
+func (f *logFile) Errorln(msg ...interface{}) {
+	f.fire("ERROR", msg...)
+}
+func (f *logFile) Warnln(msg ...interface{}) {
+	f.fire("WARN", msg...)
+}
+func (f *logFile) Infoln(msg ...interface{}) {
+	f.fire("INFO", msg...)
+}
+func (f *logFile) Info(msg ...interface{}) {
+	f.fire("INFO", msg...)
+}
+func (f *logFile) Debugln(msg ...interface{}) {
+	if f.isDebugMode {
+		f.fire("DEBUG", msg...)
+	}
+}
+func (f *logFile) DebugEnabled() bool { return f.isDebugMode }
+
+func (f *logFile) setLevel(mode string) {
+	if f.isDefault {
+		f.isDebugMode = false
+	} else if mode == "DEBUG" {
+		f.isDebugMode = true
+	}
+	f.mode = mode
+}
+
+func (f *logFile) cleanCache() {
+	for i := range f.cache {
+		f.logger.Output(3, fmt.Sprintf("%s", f.cache[i]))
+	}
+	f.cache = make([]interface{}, 0)
+}