HXSecurity
diff --git a/‎dongtai-agent/src/main/java/io/dongtai/iast/agent/AgentLauncher.java‎
Lines changed: 2 additions & 2 deletions b/‎dongtai-agent/src/main/java/io/dongtai/iast/agent/AgentLauncher.java‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/MonitorDaemonThread.java‎
Lines changed: 4 additions & 2 deletions b/‎dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/MonitorDaemonThread.java‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎dongtai-agent/src/main/java/io/dongtai/iast/agent/report/AgentRegisterReport.java‎
Lines changed: 13 additions & 14 deletions b/‎dongtai-agent/src/main/java/io/dongtai/iast/agent/report/AgentRegisterReport.java‎
Lines changed: 13 additions & 14 deletions
diff --git a/‎dongtai-agent/src/main/java/io/dongtai/iast/agent/util/LogUtils.java‎
Lines changed: 0 additions & 15 deletions b/‎dongtai-agent/src/main/java/io/dongtai/iast/agent/util/LogUtils.java‎
Lines changed: 0 additions & 15 deletions
diff --git a/‎dongtai-core/src/main/java/io/dongtai/iast/core/EngineManager.java‎
Lines changed: 21 additions & 4 deletions b/‎dongtai-core/src/main/java/io/dongtai/iast/core/EngineManager.java‎
Lines changed: 21 additions & 4 deletions
diff --git a/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/IastClassFileTransformer.java‎
Lines changed: 3 additions & 2 deletions b/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/IastClassFileTransformer.java‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/asm/AsmMethods.java‎
Lines changed: 4 additions & 0 deletions b/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/asm/AsmMethods.java‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java‎
Lines changed: 4 additions & 0 deletions b/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/PluginRegister.java‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/authentication/jwt/DispatchHandlerInterceptor.java‎
Lines changed: 42 additions & 0 deletions b/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/authentication/jwt/DispatchHandlerInterceptor.java‎
Lines changed: 42 additions & 0 deletions
diff --git a/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/authentication/jwt/HandlerInterceptorAdapter.java‎
Lines changed: 45 additions & 0 deletions b/‎dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/authentication/jwt/HandlerInterceptorAdapter.java‎
Lines changed: 45 additions & 0 deletions
@@ -149,14 +149,14 @@ public static synchronized void uninstall() {
      * @param inst inst
      */
     private static void install(final Instrumentation inst) {
-        IastProperties iastProperties = IastProperties.getInstance();
+        IastProperties.getInstance();
         Boolean send = AgentRegisterReport.send();
         if (send) {
             DongTaiLog.info("Agent registered successfully.");
             Boolean agentStat = AgentRegisterReport.agentStat();
             if (!agentStat) {
                 EngineMonitor.isCoreRegisterStart = false;
-                DongTaiLog.info("Agent wait for confirm.");
+                DongTaiLog.info("Detection engine not started, agent waiting to be audited.");
             } else {
                 EngineMonitor.isCoreRegisterStart = true;
             }
 
@@ -32,8 +32,10 @@ public MonitorDaemonThread(EngineManager engineManager) {
         this.engineManager = engineManager;
         try {
             delayTime = Integer.parseInt(System.getProperty("iast.engine.delay.time", "0"));
-            DongTaiLog.info("dongtai engine delay time is " + delayTime + " s");
-            delayTime = delayTime * 1000;
+            if (delayTime != 0){
+                DongTaiLog.info("dongtai engine delay time is " + delayTime + " s");
+                delayTime = delayTime * 1000;
+            }
         } catch (Exception e) {
             DongTaiLog.error("engine delay time must be int,eg: 10、20");
             delayTime = 0;
 
@@ -12,6 +12,7 @@
 import java.net.*;
 import java.util.Enumeration;
 
+import org.json.JSONArray;
 import org.json.JSONObject;
 
 /**
@@ -174,9 +175,8 @@ private String getClusterVersion() {
      */
     private String readIpInfo() {
         try {
-            StringBuilder sb = new StringBuilder();
-            boolean first = true;
             Enumeration<?> interfaces = NetworkInterface.getNetworkInterfaces();
+            JSONArray network = new JSONArray();
             while (interfaces.hasMoreElements()) {
                 NetworkInterface networkInterface = (NetworkInterface) interfaces.nextElement();
                 if (networkInterface.isLoopback() || !networkInterface.isUp()) {
@@ -188,21 +188,20 @@ private String readIpInfo() {
                     if (inetAddress instanceof Inet6Address) {
                         continue;
                     }
-                    if (first) {
-                        sb.append("{\"name\"").append(":").append("\"").append(networkInterface.getDisplayName())
-                                .append("\"");
-                        sb.append(",\"ip\"").append(":").append("\"").append(inetAddress.getHostAddress())
-                                .append("\"}");
-                        first = false;
-                    } else {
-                        sb.append(",{\"name\"").append(":").append("\"").append(networkInterface.getDisplayName())
-                                .append("\"");
-                        sb.append(",\"ip\"").append(":").append("\"").append(inetAddress.getHostAddress())
-                                .append("\"}");
+                    JSONObject jsonObject = new JSONObject();
+                    String displayName = networkInterface.getDisplayName();
+                    String hostAddress = inetAddress.getHostAddress();
+                    jsonObject.put("name",displayName);
+                    jsonObject.put("ip",hostAddress);
+                    if (displayName.startsWith("en")){
+                        jsonObject.put("isAddress","1");
+                    }else {
+                        jsonObject.put("isAddress","0");
                     }
+                    network.put(jsonObject);
                 }
             }
-            return sb.toString();
+            return network.toString();
         } catch (SocketException e) {
             return "{}";
         }
 
@@ -54,6 +54,8 @@ public class EngineManager {
     private static final AtomicInteger reqCounts = new AtomicInteger(0);
     private static int enableDongTai = 0;
 
+    public static BooleanThreadLocal ENTER_REPLAY_ENTRYPOINT = new BooleanThreadLocal(false);
+
     public static void turnOnDongTai() {
         DONGTAI_STATE.set(true);
     }
@@ -130,6 +132,7 @@ public static void cleanThreadState() {
         EngineManager.TAINT_POOL.remove();
         EngineManager.TAINT_HASH_CODES.remove();
         EngineManager.SCOPE_TRACKER.remove();
+//        EngineManager.ENTER_REPLAY_ENTRYPOINT.remove();
         FallbackSwitch.clearHeavyHookFallback();
         EngineManager.getFallbackManager().getHookRateLimiter().remove();
     }
@@ -223,12 +226,26 @@ public static void enterHttpEntry(Map<String, Object> requestMeta) {
         ServiceFactory.startService();
         if (null == SERVER) {
             // todo: read server addr and send to OpenAPI Service
+            String url = null;
+            String protocol = null;
+            if (null != requestMeta.get("serverName")){
+                url = (String) requestMeta.get("serverName");
+            }else {
+                url = "";
+            }
+            if(null != requestMeta.get("protocol")){
+                protocol = (String) requestMeta.get("protocol");
+            }else {
+                protocol = "";
+            }
+
             SERVER = new IastServer(
-                    (String) requestMeta.get("serverName"),
+                    url,
                     (Integer) requestMeta.get("serverPort"),
+                    protocol,
                     true
             );
-            ServerAddressReport serverAddressReport = new ServerAddressReport(EngineManager.SERVER.getServerAddr(),EngineManager.SERVER.getServerPort());
+            ServerAddressReport serverAddressReport = new ServerAddressReport(EngineManager.SERVER.getServerAddr(),EngineManager.SERVER.getServerPort(),EngineManager.SERVER.getProtocol());
             serverAddressReport.run();
         }
         Map<String, String> headers = (Map<String, String>) requestMeta.get("headers");
@@ -278,9 +295,9 @@ public static void enterDubboEntry(String dubboService, Map<String, String> atta
             }
             if (null == SERVER) {
                 // todo: read server addr and send to OpenAPI Service
-                SERVER = new IastServer(requestHeaders.get("dubbo"), 0, true);
+                SERVER = new IastServer(requestHeaders.get("dubbo"), 0, "TCP",true);
                 String serverAddr = EngineManager.SERVER.getServerAddr();
-                ServerAddressReport serverAddressReport = new ServerAddressReport(serverAddr,0);
+                ServerAddressReport serverAddressReport = new ServerAddressReport(serverAddr,0, SERVER.getProtocol());
                 serverAddressReport.run();
             }
             Map<String, Object> requestMeta = new HashMap<String, Object>(12);
 
@@ -161,6 +161,7 @@ public byte[] transform(final ClassLoader loader,
             }
         } catch (
                 Throwable ignore) {
+            DongTaiLog.debug(ignore);
         } finally {
             if (isRunning) {
                 EngineManager.turnOnDongTai();
@@ -225,7 +226,7 @@ private byte[] dumpClassIfNecessary(String className, byte[] data, byte[] origin
 
             writeByteArrayToFile(enhancedClass, data);
             writeByteArrayToFile(originalClass, originalData);
-            DongTaiLog.debug("dump class {} to {} success.", className, enhancedClass);
+            DongTaiLog.trace("dump class {} to {} success.", className, enhancedClass);
         } catch (IOException e) {
             DongTaiLog.error("dump class {} failed. reason: {}", className, e);
         }
@@ -282,7 +283,7 @@ public Class<?>[] findForRetransform() {
                 // 所以当尝试获取这个类更多详细信息的时候会引起关联类的ClassNotFoundException等未知的错误（取决于底层ClassLoader的实现）
                 // 这里没有办法穷举出所有的异常情况，所以catch Throwable来完成异常容灾处理
                 // 当解析类出现异常的时候，直接简单粗暴的认为根本没有这个类就好了
-                DongTaiLog.debug("remove from findForReTransform, because loading class:" + clazz.getName()
+                DongTaiLog.trace("remove from findForReTransform, because loading class:" + clazz.getName()
                         + " occur an exception", cause);
             }
         }
 
@@ -182,4 +182,8 @@ static Method getAsmMethod(final Class<?> clazz,
             String.class,
             String.class
     );
+    Method SPY$isReplayRequest = InnerHelper.getAsmMethod(
+            SpyDispatcher.class,
+            "isReplayRequest"
+    );
 }
@@ -1,6 +1,8 @@
 package io.dongtai.iast.core.bytecode.enhance.plugin;
 
 import io.dongtai.iast.core.bytecode.enhance.IastContext;
+import io.dongtai.iast.core.bytecode.enhance.plugin.authentication.jwt.DispatchHandlerInterceptor;
+import io.dongtai.iast.core.bytecode.enhance.plugin.authentication.shiro.DispatchShiro;
 import io.dongtai.iast.core.bytecode.enhance.plugin.cookie.DispatchCookie;
 import io.dongtai.iast.core.bytecode.enhance.plugin.core.DispatchClassPlugin;
 import io.dongtai.iast.core.bytecode.enhance.plugin.framework.dubbo.DispatchDubbo;
@@ -27,6 +29,8 @@ public class PluginRegister {
 
     public PluginRegister() {
         this.plugins = new ArrayList<DispatchPlugin>();
+//        this.plugins.add(new DispatchShiro());
+//        this.plugins.add(new DispatchHandlerInterceptor());
         this.plugins.add(new DispatchSpringApplication());
         this.plugins.add(new DispatchJ2ee());
         //PLUGINS.add(new DispatchJsp());
 
@@ -0,0 +1,42 @@
+package io.dongtai.iast.core.bytecode.enhance.plugin.authentication.jwt;
+
+import io.dongtai.iast.core.bytecode.enhance.IastContext;
+import io.dongtai.iast.core.bytecode.enhance.plugin.DispatchPlugin;
+import org.objectweb.asm.ClassVisitor;
+
+import java.util.Set;
+
+public class DispatchHandlerInterceptor implements DispatchPlugin {
+
+    private static final String INTERFACE_HANDLER_SPRING = " org.springframework.web.servlet.HandlerInterceptor".substring(1);
+    private Set<String> ancestors;
+
+    @Override
+    public ClassVisitor dispatch(ClassVisitor classVisitor, IastContext context) {
+        ancestors = context.getAncestors();
+        String supportedClassName = isMatch();
+        if (supportedClassName != null) {
+            classVisitor = new HandlerInterceptorAdapter(classVisitor, context);
+        }
+        return classVisitor;
+    }
+
+    @Override
+    public String isMatch() {
+        for (String superClassName : ancestors) {
+            if (hookBySuperClass(superClassName)) {
+                return superClassName;
+            }
+        }
+        return null;
+    }
+
+    public static boolean hookBySuperClass(String classname) {
+        if (classname != null) {
+            return INTERFACE_HANDLER_SPRING.equals(classname);
+        } else {
+            return false;
+        }
+    }
+
+}
@@ -0,0 +1,45 @@
+package io.dongtai.iast.core.bytecode.enhance.plugin.authentication.jwt;
+
+import io.dongtai.iast.core.bytecode.enhance.IastContext;
+import io.dongtai.iast.core.bytecode.enhance.plugin.AbstractClassVisitor;
+import io.dongtai.iast.core.bytecode.enhance.plugin.spring.SpringApplicationAdviceAdapter;
+import org.objectweb.asm.ClassVisitor;
+import org.objectweb.asm.Label;
+import org.objectweb.asm.MethodVisitor;
+import org.objectweb.asm.Opcodes;
+
+import static org.objectweb.asm.Opcodes.*;
+
+public class HandlerInterceptorAdapter extends AbstractClassVisitor {
+
+    public HandlerInterceptorAdapter(ClassVisitor classVisitor, IastContext context) {
+        super(classVisitor, context);
+    }
+
+    @Override
+    public MethodVisitor visitMethod(int access, String name, String descriptor, String signature, String[] exceptions) {
+
+        MethodVisitor methodVisitor = super.visitMethod(access,
+                name,
+                descriptor,
+                signature,
+                exceptions);
+        if ("preHandle".equals(name)) {
+            methodVisitor = new HandlerInterceptorAdviceAdapter(
+                    methodVisitor,
+                    access,
+                    name,
+                    descriptor,
+                    context,
+                    "SPRINGAPPLICATION_FOR_API",
+                    "SPRINGAPPLICATION_FOR_API"
+            );
+            setTransformed();
+        }
+        return methodVisitor;
+
+    }
+}
+
+
+
Original file line number	Diff line number	Diff line change
`@@ -161,6 +161,7 @@ public byte[] transform(final ClassLoader loader,`
`161`	`161`	`}`
`162`	`162`	`} catch (`
`163`	`163`	`Throwable ignore) {`
	`164`	`+ DongTaiLog.debug(ignore);`
`164`	`165`	`} finally {`
`165`	`166`	`if (isRunning) {`
`166`	`167`	`EngineManager.turnOnDongTai();`
`@@ -225,7 +226,7 @@ private byte[] dumpClassIfNecessary(String className, byte[] data, byte[] origin`
`225`	`226`
`226`	`227`	`writeByteArrayToFile(enhancedClass, data);`
`227`	`228`	`writeByteArrayToFile(originalClass, originalData);`
`228`		`- DongTaiLog.debug("dump class {} to {} success.", className, enhancedClass);`
	`229`	`+ DongTaiLog.trace("dump class {} to {} success.", className, enhancedClass);`
`229`	`230`	`} catch (IOException e) {`
`230`	`231`	`DongTaiLog.error("dump class {} failed. reason: {}", className, e);`
`231`	`232`	`}`
`@@ -282,7 +283,7 @@ public Class<?>[] findForRetransform() {`
`282`	`283`	`// 所以当尝试获取这个类更多详细信息的时候会引起关联类的ClassNotFoundException等未知的错误（取决于底层ClassLoader的实现）`
`283`	`284`	`// 这里没有办法穷举出所有的异常情况，所以catch Throwable来完成异常容灾处理`
`284`	`285`	`// 当解析类出现异常的时候，直接简单粗暴的认为根本没有这个类就好了`
`285`		`- DongTaiLog.debug("remove from findForReTransform, because loading class:" + clazz.getName()`
	`286`	`+ DongTaiLog.trace("remove from findForReTransform, because loading class:" + clazz.getName()`
`286`	`287`	`+ " occur an exception", cause);`
`287`	`288`	`}`
`288`	`289`	`}`
Original file line number	Diff line number	Diff line change
`@@ -182,4 +182,8 @@ static Method getAsmMethod(final Class<?> clazz,`
`182`	`182`	`String.class,`
`183`	`183`	`String.class`
`184`	`184`	`);`
	`185`	`+ Method SPY$isReplayRequest = InnerHelper.getAsmMethod(`
	`186`	`+ SpyDispatcher.class,`
	`187`	`+ "isReplayRequest"`
	`188`	`+ );`
`185`	`189`	`}`