Update MOA-SPSS-Konfig Schema (Blacklists)

MOASecurityManager für Blacklists git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1236 d688527b-c9ab-4aba-bd8d-4036d912da1d
author: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2012-02-09 21:11:31 +0000
committer: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2012-02-09 21:11:31 +0000
commit: 4af2a06ad0d4dc021277b115d15bbeeede3c23b7 (patch)
tree: 3deede68bee4e609ebaef22d92a96fb8f650afcc /spss/server/serverlib/src/main/java/at/gv/egovernment
parent: 453bd7f12223fe4e58049bb8f2f40d80d80bccd7 (diff)
download: moa-id-spss-4af2a06ad0d4dc021277b115d15bbeeede3c23b7.tar.gz
moa-id-spss-4af2a06ad0d4dc021277b115d15bbeeede3c23b7.tar.bz2
moa-id-spss-4af2a06ad0d4dc021277b115d15bbeeede3c23b7.zip
4 files changed, 391 insertions, 13 deletions
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java
new file mode 100644
index 000000000..ab9c01daa
--- /dev/null
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java
@@ -0,0 +1,111 @@
+package at.gv.egovernment.moa.spss;
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egovernment.moa.logging.Logger;
+
+
+public class MOASecurityManagerExtended extends SecurityManager {
+
+	private List blacklist;
+	private boolean allowExternalUris;
+
+	public MOASecurityManagerExtended(boolean allowExternalUris, List blacklist) {
+		this.blacklist = blacklist;
+		this.allowExternalUris = allowExternalUris;
+	}
+
+	
+	/**
+	 * Overwrite checkConnect methods with blacklist check 
+	 */
+	
+	public void checkConnect(String host, int port, Object context) {
+		Logger.debug("checkConnect: " + host + ":" + port);
+		if (!checkURI(host, port))
+			throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed");
+		else {
+			Logger.debug("Perform checkConnect of given SecurityManager");
+			super.checkConnect(host, port, context);
+		}
+	}
+	
+	public void checkConnect(String host, int port) {
+		Logger.debug("checkConnect: " + host + ":" + port);
+		if (!checkURI(host, port))
+			throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed");
+		else {
+			Logger.debug("Perform checkConnect of given SecurityManager");
+			super.checkConnect(host, port);
+		}	
+	}
+
+	private boolean checkURI(String host, int port) {
+		if (allowExternalUris) {
+			Iterator it = blacklist.iterator();
+			while (it.hasNext()) {
+				String[] array = (String[])it.next();
+				String bhost = array[0];
+				String bport = array[1];
+				if (bport == null) {
+					// check only host
+					if (bhost.equalsIgnoreCase(host)) {
+						Logger.debug("Security check: " + host + " blacklisted");
+						return false;
+					}
+				}
+				else {
+					// check host and port
+					int iport = new Integer(bport).intValue();
+					if (bhost.equalsIgnoreCase(host) && (iport == port)) {
+						Logger.debug("Security check: " + host + ":" + port + " blacklisted");
+						return false;
+					}
+						
+				}
+			}
+			
+			Logger.debug("Security check: " + host + ":" + port + " allowed");
+			return true;
+		}
+		else {			
+			String localhost = getLocalhostName();
+			if (host.equalsIgnoreCase(localhost) || host.equalsIgnoreCase("localhost") || host.equalsIgnoreCase("127.0.0.1") ) {
+				Logger.debug("Security check: localhost name allowed");
+				return true;
+			}
+						
+			Logger.debug("Security check: " + host + ":" + port + " not allowed (external URIs not allowed)");
+			return false;
+		}
+	}
+	private String getLocalhostName() {
+		try {
+			// save current SecurityManager
+			SecurityManager sm = System.getSecurityManager();
+			// set System SecurityManager null (needed as java.net.InetAddress.getLocalHost call SecurityManager.checkConnect --> leads to endless loop)
+			System.setSecurityManager(null);
+
+			InetAddress localhostaddress = InetAddress.getLocalHost();
+			String localhost = localhostaddress.getHostName();
+			
+			// set previously saved SecurityManager
+			System.setSecurityManager(sm);
+			
+			return localhost;
+		
+		}
+		catch (UnknownHostException e) {
+			Logger.debug("UnknownHostExeption: Returns \"localhost\" as name for localhost");
+			return "localhost";
+		}
+	}
+
+	
+	/**
+	 * Don't overwrite other methods 
+	 */
+}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java
new file mode 100644
index 000000000..361a75e4c
--- /dev/null
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java
@@ -0,0 +1,165 @@
+package at.gv.egovernment.moa.spss;
+
+import java.io.FileDescriptor;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.Permission;
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egovernment.moa.logging.Logger;
+
+public class MOASecurityManagerSimple extends SecurityManager {
+
+	private List blacklist;
+	private boolean allowExternalUris;
+	
+	
+	public MOASecurityManagerSimple(boolean allowExternalUris, List blacklist) {
+		this.blacklist = blacklist;
+		this.allowExternalUris = allowExternalUris;
+	}
+
+	/**
+	 * Overwrite checkConnect methods with blacklist check 
+	 */
+	
+	public void checkConnect(String host, int port, Object context) {
+		//Logger.debug("checkConnect: " + host + ":" + port);
+		if (!checkURI(host, port))
+			throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed");
+	}
+
+	public void checkConnect(String host, int port) {
+		//Logger.debug("checkConnect: " + host + ":" + port);
+		if (!checkURI(host, port))
+			throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed");
+	}
+
+	private boolean checkURI(String host, int port) {
+		if (allowExternalUris) {
+			Iterator it = blacklist.iterator();
+			while (it.hasNext()) {
+				String[] array = (String[])it.next();
+				String bhost = array[0];
+				String bport = array[1];
+				if (bport == null) {
+					// check only host
+					if (bhost.equalsIgnoreCase(host)) {
+						//Logger.debug("Security check: " + host + " blacklisted");
+						return false;
+					}
+				}
+				else {
+					// check host and port
+					int iport = new Integer(bport).intValue();
+					if (bhost.equalsIgnoreCase(host) && (iport == port)) {
+						//Logger.debug("Security check: " + host + ":" + port + " blacklisted");
+						return false;
+					}
+						
+				}
+			}
+			
+			//Logger.debug("Security check: " + host + ":" + port + " allowed");
+			return true;
+		}
+		else {			
+			String localhost = getLocalhostName();
+			if (host.equalsIgnoreCase(localhost) || host.equalsIgnoreCase("localhost") || host.equalsIgnoreCase("127.0.0.1") ) {
+				//Logger.debug("Security check: localhost name allowed");
+				return true;
+			}
+						
+			//Logger.debug("Security check: " + host + ":" + port + " not allowed (external URIs not allowed)");
+			return false;
+		}
+	}
+	
+	private String getLocalhostName() {
+		try {
+			// save current SecurityManager
+			SecurityManager sm = System.getSecurityManager();
+			// set System SecurityManager null (needed as java.net.InetAddress.getLocalHost call SecurityManager.checkConnect --> leads to endless loop)
+			System.setSecurityManager(null);
+
+			InetAddress localhostaddress = InetAddress.getLocalHost();
+			String localhost = localhostaddress.getHostName();
+			
+			// set previously saved SecurityManager
+			System.setSecurityManager(sm);
+			
+			return localhost;
+		
+		}
+		catch (UnknownHostException e) {
+			//Logger.debug("UnknownHostExeption: Returns \"localhost\" as name for localhost");
+			return "localhost";
+		}
+	}
+	
+
+	/**
+	 * Overwrite all other methods by doing nothing (as no SecurityManager is set initially) 
+	 */
+	
+	public void checkAccept(String host, int port) {
+	}
+	public void checkAccess(Thread t) {
+	}
+	public void checkAccess(ThreadGroup g) {
+	}
+	public void checkAwtEventQueueAccess() {
+	}
+	public void checkCreateClassLoader() {
+	}
+	public void checkDelete(String file) {
+	}
+	public void checkExec(String cmd) {
+	}
+	public void checkExit(int status) {
+	}
+	public void checkLink(String lib) {
+	}
+	public void checkListen(int port) {
+	}
+	public void checkMemberAccess(Class arg0, int arg1) {
+	}
+	public void checkMulticast(InetAddress maddr, byte ttl) {
+	}
+	public void checkMulticast(InetAddress maddr) {
+	}
+	public void checkPackageAccess(String pkg) {
+	}
+	public void checkPackageDefinition(String pkg) {
+	}
+	public void checkPermission(Permission perm, Object context) {
+	}
+	public void checkPermission(Permission perm) {
+	}
+	public void checkPrintJobAccess() {
+	}
+	public void checkPropertiesAccess() {
+	}
+	public void checkPropertyAccess(String key) {
+	}
+	public void checkRead(FileDescriptor fd) {
+	}
+	public void checkRead(String file, Object context) {
+	}
+	public void checkRead(String file) {
+	}
+	public void checkSecurityAccess(String target) {
+	}
+	public void checkSetFactory() {
+	}
+	public void checkSystemClipboardAccess() {
+	}
+	public void checkWrite(FileDescriptor fd) {
+	}
+	public void checkWrite(String file) {
+	}
+
+
+
+}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 9078ecbfa..abc781303 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -24,6 +24,14 @@
 
 package at.gv.egovernment.moa.spss.server.config;
 
+import iaik.asn1.structures.Name;
+import iaik.ixsil.exceptions.URIException;
+import iaik.ixsil.util.URI;
+import iaik.pki.pathvalidation.ChainingModes;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -45,25 +53,15 @@ import javax.xml.parsers.ParserConfigurationException;
 import org.w3c.dom.Attr;
 import org.w3c.dom.Element;
 import org.w3c.dom.traversal.NodeIterator;
-
 import org.xml.sax.SAXException;
 
-import iaik.asn1.structures.Name;
-import iaik.ixsil.exceptions.URIException;
-import iaik.ixsil.util.URI;
-import iaik.pki.pathvalidation.ChainingModes;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
 import at.gv.egovernment.moa.logging.LogMsg;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DOMUtils;
 import at.gv.egovernment.moa.util.XPathUtils;
 
-import at.gv.egovernment.moa.spss.util.MessageProvider;
-
 /**
  * A class that builds configuration data from a DOM based representation.
  * 
@@ -103,6 +101,14 @@ public class ConfigurationPartsBuilder {
   private static final String HARDWARE_CRYPTO_MODULE_XPATH =
     ROOT + CONF + "Common/"
     + CONF + "HardwareCryptoModule";
+  private static final String PERMIT_EXTERNAL_URIS_XPATH =
+	    ROOT + CONF + "Common/"
+	    + CONF + "PermitExternalUris";
+  private static final String BLACK_LIST_URIS_XPATH =
+	    ROOT + CONF + "Common/"
+	    + CONF + "PermitExternalUris/"
+	    + CONF + "BlackListUri";
+  
   private static final String HARDWARE_KEY_XPATH =
     ROOT + CONF + "SignatureCreation/" 
     + CONF + "KeyModules/" 
@@ -370,6 +376,52 @@ public class ConfigurationPartsBuilder {
 
     return modules;
   }
+  
+  /**
+   * 
+   * @return
+   */
+  public boolean allowExternalUris() {
+	  Element permitExtUris = (Element)XPathUtils.selectSingleNode(getConfigElem(), PERMIT_EXTERNAL_URIS_XPATH);
+	  
+	  // if PermitExternalUris element does not exist - don't allow external uris
+	  if (permitExtUris == null)
+		  return false;
+	  else
+		  return true;
+	  
+  }
+  
+  /**
+   * 
+   * @return
+   */
+  public List buildPermitExternalUris() {
+	  if (!allowExternalUris())
+		  return null;
+	  
+	  List blacklist = new ArrayList();
+	  
+	  NodeIterator permitExtIter = XPathUtils.selectNodeIterator(
+			  getConfigElem(),
+			  BLACK_LIST_URIS_XPATH);
+	  
+	  Element permitExtElem = null;
+	  while ((permitExtElem = (Element) permitExtIter.nextNode()) != null) {
+	      String host = getElementValue(permitExtElem, CONF + "Host", null);
+	      String port = getElementValue(permitExtElem, CONF + "Port", null);
+	      
+	      //System.out.println("Host:Port =  " + host + ":" + port);
+	      
+	      String array[] = new String[2];
+	      array[0] = host;
+	      array[1] = port;
+	      blacklist.add(array);
+	      
+	    }
+	  
+	  return blacklist;
+  }
 
   /**
    * Build the configured hardware keys. 
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index 51ddf0811..9e0a7fd53 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -33,7 +33,9 @@ import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.math.BigInteger;
+import java.net.InetAddress;
 import java.net.URL;
+import java.net.UnknownHostException;
 import java.security.Principal;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -46,6 +48,8 @@ import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.logging.LogMsg;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOASecurityManagerExtended;
+import at.gv.egovernment.moa.spss.MOASecurityManagerSimple;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
 import at.gv.egovernment.moa.util.DOMUtils;
 
@@ -240,6 +244,16 @@ public class ConfigurationProvider
   private Map crlRetentionIntervals;
   
   /**
+   * Indicates wether external URIs are allowed or not
+   */
+  private boolean allowExternalUris_;
+  
+  /**
+   * A <code>List</code> of black listed URIs (host and port)
+   */
+  private List blackListedUris_;
+  
+  /**
    * Return the single instance of configuration data.
    * 
    * @return MOAConfigurationProvider The current configuration data.
@@ -354,6 +368,13 @@ public class ConfigurationProvider
       warnings = new ArrayList(builder.getWarnings());
       permitFileURIs = builder.getPermitFileURIs();
       crlRetentionIntervals = builder.getCrlRetentionIntervals();
+
+      allowExternalUris_= builder.allowExternalUris();
+      
+      if (allowExternalUris_)
+    	  blackListedUris_ = builder.buildPermitExternalUris();
+      else
+    	  blackListedUris_ = null;
       
 //      Set set = crlRetentionIntervals.entrySet();
 //      Iterator i = set.iterator();
@@ -361,8 +382,37 @@ public class ConfigurationProvider
 //        Map.Entry me = (Map.Entry)i.next();
 //        System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() );
 //      }
+      
+      
+      // set SecurityManager for permitting/disallowing external URIs
+      SecurityManager sm = System.getSecurityManager();      
+      if (sm == null) {
+    	  // no security manager exists - create a new one
+    	  //Logger.debug(new LogMsg("Create new MOASecurityManagerSimple"));
+    	  sm = new MOASecurityManagerSimple(allowExternalUris_, blackListedUris_);
+    	  
+    	  
+    	  //Logger.debug(new LogMsg("Set the new MOASecurityManagerSimple"));
+          System.setSecurityManager(sm);
+        
+      }      
+      else {    	
+    	  String classname = sm.getClass().getName();
+    	  if (!classname.equalsIgnoreCase("at.gv.egovernment.moa.spss.MOASecurityManagerSimple") &&
+    		  !classname.equalsIgnoreCase("at.gv.egovernment.moa.spss.MOASecurityManagerExtended")) {
+    		  // if SecurityManager is not already a MOASecurityManager
+    		  
+    		//  Logger.debug(new LogMsg("Create new MOASecurityManagerExtended (including existing SecurityManager)"));
+    		  sm = new MOASecurityManagerExtended(allowExternalUris_, blackListedUris_);
+    		  
+    		  //Logger.debug(new LogMsg("Set the new MOASecurityManagerSimple"));
+    		  System.setSecurityManager(sm);
+    	  }
+    	  //Logger.debug(new LogMsg("No new MOASecurityManager instantiated"));
+      }
 
       
+      
     } catch (Throwable t) {
       throw new ConfigurationException("config.11", null, t);
     } finally {
@@ -637,8 +687,8 @@ public class ConfigurationProvider
     MessageProvider msg = MessageProvider.getInstance();
     Logger.info(new LogMsg(msg.getMessage(messageId, parameters)));
   }
-
-  /**
+  
+     /**
    * Log a warning.
    * 
    * @param messageId The message ID.
author	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2012-02-09 21:11:31 +0000
committer	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2012-02-09 21:11:31 +0000
commit	4af2a06ad0d4dc021277b115d15bbeeede3c23b7 (patch)
tree	3deede68bee4e609ebaef22d92a96fb8f650afcc /spss/server/serverlib/src/main/java/at/gv/egovernment
parent	453bd7f12223fe4e58049bb8f2f40d80d80bccd7 (diff)
download	moa-id-spss-4af2a06ad0d4dc021277b115d15bbeeede3c23b7.tar.gz moa-id-spss-4af2a06ad0d4dc021277b115d15bbeeede3c23b7.tar.bz2 moa-id-spss-4af2a06ad0d4dc021277b115d15bbeeede3c23b7.zip