From 4af2a06ad0d4dc021277b115d15bbeeede3c23b7 Mon Sep 17 00:00:00 2001 From: kstranacher Date: Thu, 9 Feb 2012 21:11:31 +0000 Subject: =?UTF-8?q?Update=20MOA-SPSS-Konfig=20Schema=20(Blacklists)=20MOAS?= =?UTF-8?q?ecurityManager=20f=C3=BCr=20Blacklists?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1236 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../moa/spss/MOASecurityManagerExtended.java | 111 ++++++++++++++ .../moa/spss/MOASecurityManagerSimple.java | 165 +++++++++++++++++++++ .../server/config/ConfigurationPartsBuilder.java | 74 +++++++-- .../spss/server/config/ConfigurationProvider.java | 54 ++++++- 4 files changed, 391 insertions(+), 13 deletions(-) create mode 100644 spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java create mode 100644 spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java (limited to 'spss') diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java new file mode 100644 index 000000000..ab9c01daa --- /dev/null +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerExtended.java @@ -0,0 +1,111 @@ +package at.gv.egovernment.moa.spss; + +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.util.Iterator; +import java.util.List; + +import at.gv.egovernment.moa.logging.Logger; + + +public class MOASecurityManagerExtended extends SecurityManager { + + private List blacklist; + private boolean allowExternalUris; + + public MOASecurityManagerExtended(boolean allowExternalUris, List blacklist) { + this.blacklist = blacklist; + this.allowExternalUris = allowExternalUris; + } + + + /** + * Overwrite checkConnect methods with blacklist check + */ + + public void checkConnect(String host, int port, Object context) { + Logger.debug("checkConnect: " + host + ":" + port); + if (!checkURI(host, port)) + throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed"); + else { + Logger.debug("Perform checkConnect of given SecurityManager"); + super.checkConnect(host, port, context); + } + } + + public void checkConnect(String host, int port) { + Logger.debug("checkConnect: " + host + ":" + port); + if (!checkURI(host, port)) + throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed"); + else { + Logger.debug("Perform checkConnect of given SecurityManager"); + super.checkConnect(host, port); + } + } + + private boolean checkURI(String host, int port) { + if (allowExternalUris) { + Iterator it = blacklist.iterator(); + while (it.hasNext()) { + String[] array = (String[])it.next(); + String bhost = array[0]; + String bport = array[1]; + if (bport == null) { + // check only host + if (bhost.equalsIgnoreCase(host)) { + Logger.debug("Security check: " + host + " blacklisted"); + return false; + } + } + else { + // check host and port + int iport = new Integer(bport).intValue(); + if (bhost.equalsIgnoreCase(host) && (iport == port)) { + Logger.debug("Security check: " + host + ":" + port + " blacklisted"); + return false; + } + + } + } + + Logger.debug("Security check: " + host + ":" + port + " allowed"); + return true; + } + else { + String localhost = getLocalhostName(); + if (host.equalsIgnoreCase(localhost) || host.equalsIgnoreCase("localhost") || host.equalsIgnoreCase("127.0.0.1") ) { + Logger.debug("Security check: localhost name allowed"); + return true; + } + + Logger.debug("Security check: " + host + ":" + port + " not allowed (external URIs not allowed)"); + return false; + } + } + private String getLocalhostName() { + try { + // save current SecurityManager + SecurityManager sm = System.getSecurityManager(); + // set System SecurityManager null (needed as java.net.InetAddress.getLocalHost call SecurityManager.checkConnect --> leads to endless loop) + System.setSecurityManager(null); + + InetAddress localhostaddress = InetAddress.getLocalHost(); + String localhost = localhostaddress.getHostName(); + + // set previously saved SecurityManager + System.setSecurityManager(sm); + + return localhost; + + } + catch (UnknownHostException e) { + Logger.debug("UnknownHostExeption: Returns \"localhost\" as name for localhost"); + return "localhost"; + } + } + + + /** + * Don't overwrite other methods + */ +} diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java new file mode 100644 index 000000000..361a75e4c --- /dev/null +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOASecurityManagerSimple.java @@ -0,0 +1,165 @@ +package at.gv.egovernment.moa.spss; + +import java.io.FileDescriptor; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.Permission; +import java.util.Iterator; +import java.util.List; + +import at.gv.egovernment.moa.logging.Logger; + +public class MOASecurityManagerSimple extends SecurityManager { + + private List blacklist; + private boolean allowExternalUris; + + + public MOASecurityManagerSimple(boolean allowExternalUris, List blacklist) { + this.blacklist = blacklist; + this.allowExternalUris = allowExternalUris; + } + + /** + * Overwrite checkConnect methods with blacklist check + */ + + public void checkConnect(String host, int port, Object context) { + //Logger.debug("checkConnect: " + host + ":" + port); + if (!checkURI(host, port)) + throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed"); + } + + public void checkConnect(String host, int port) { + //Logger.debug("checkConnect: " + host + ":" + port); + if (!checkURI(host, port)) + throw new SecurityException("URI not allowed (blacklisted or external URIs generally not allowed"); + } + + private boolean checkURI(String host, int port) { + if (allowExternalUris) { + Iterator it = blacklist.iterator(); + while (it.hasNext()) { + String[] array = (String[])it.next(); + String bhost = array[0]; + String bport = array[1]; + if (bport == null) { + // check only host + if (bhost.equalsIgnoreCase(host)) { + //Logger.debug("Security check: " + host + " blacklisted"); + return false; + } + } + else { + // check host and port + int iport = new Integer(bport).intValue(); + if (bhost.equalsIgnoreCase(host) && (iport == port)) { + //Logger.debug("Security check: " + host + ":" + port + " blacklisted"); + return false; + } + + } + } + + //Logger.debug("Security check: " + host + ":" + port + " allowed"); + return true; + } + else { + String localhost = getLocalhostName(); + if (host.equalsIgnoreCase(localhost) || host.equalsIgnoreCase("localhost") || host.equalsIgnoreCase("127.0.0.1") ) { + //Logger.debug("Security check: localhost name allowed"); + return true; + } + + //Logger.debug("Security check: " + host + ":" + port + " not allowed (external URIs not allowed)"); + return false; + } + } + + private String getLocalhostName() { + try { + // save current SecurityManager + SecurityManager sm = System.getSecurityManager(); + // set System SecurityManager null (needed as java.net.InetAddress.getLocalHost call SecurityManager.checkConnect --> leads to endless loop) + System.setSecurityManager(null); + + InetAddress localhostaddress = InetAddress.getLocalHost(); + String localhost = localhostaddress.getHostName(); + + // set previously saved SecurityManager + System.setSecurityManager(sm); + + return localhost; + + } + catch (UnknownHostException e) { + //Logger.debug("UnknownHostExeption: Returns \"localhost\" as name for localhost"); + return "localhost"; + } + } + + + /** + * Overwrite all other methods by doing nothing (as no SecurityManager is set initially) + */ + + public void checkAccept(String host, int port) { + } + public void checkAccess(Thread t) { + } + public void checkAccess(ThreadGroup g) { + } + public void checkAwtEventQueueAccess() { + } + public void checkCreateClassLoader() { + } + public void checkDelete(String file) { + } + public void checkExec(String cmd) { + } + public void checkExit(int status) { + } + public void checkLink(String lib) { + } + public void checkListen(int port) { + } + public void checkMemberAccess(Class arg0, int arg1) { + } + public void checkMulticast(InetAddress maddr, byte ttl) { + } + public void checkMulticast(InetAddress maddr) { + } + public void checkPackageAccess(String pkg) { + } + public void checkPackageDefinition(String pkg) { + } + public void checkPermission(Permission perm, Object context) { + } + public void checkPermission(Permission perm) { + } + public void checkPrintJobAccess() { + } + public void checkPropertiesAccess() { + } + public void checkPropertyAccess(String key) { + } + public void checkRead(FileDescriptor fd) { + } + public void checkRead(String file, Object context) { + } + public void checkRead(String file) { + } + public void checkSecurityAccess(String target) { + } + public void checkSetFactory() { + } + public void checkSystemClipboardAccess() { + } + public void checkWrite(FileDescriptor fd) { + } + public void checkWrite(String file) { + } + + + +} diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 9078ecbfa..abc781303 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -24,6 +24,14 @@ package at.gv.egovernment.moa.spss.server.config; +import iaik.asn1.structures.Name; +import iaik.ixsil.exceptions.URIException; +import iaik.ixsil.util.URI; +import iaik.pki.pathvalidation.ChainingModes; +import iaik.pki.revocation.RevocationSourceTypes; +import iaik.utils.RFC2253NameParser; +import iaik.utils.RFC2253NameParserException; + import java.io.File; import java.io.FileInputStream; import java.io.IOException; @@ -45,25 +53,15 @@ import javax.xml.parsers.ParserConfigurationException; import org.w3c.dom.Attr; import org.w3c.dom.Element; import org.w3c.dom.traversal.NodeIterator; - import org.xml.sax.SAXException; -import iaik.asn1.structures.Name; -import iaik.ixsil.exceptions.URIException; -import iaik.ixsil.util.URI; -import iaik.pki.pathvalidation.ChainingModes; -import iaik.pki.revocation.RevocationSourceTypes; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; - import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.spss.util.MessageProvider; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; -import at.gv.egovernment.moa.spss.util.MessageProvider; - /** * A class that builds configuration data from a DOM based representation. * @@ -103,6 +101,14 @@ public class ConfigurationPartsBuilder { private static final String HARDWARE_CRYPTO_MODULE_XPATH = ROOT + CONF + "Common/" + CONF + "HardwareCryptoModule"; + private static final String PERMIT_EXTERNAL_URIS_XPATH = + ROOT + CONF + "Common/" + + CONF + "PermitExternalUris"; + private static final String BLACK_LIST_URIS_XPATH = + ROOT + CONF + "Common/" + + CONF + "PermitExternalUris/" + + CONF + "BlackListUri"; + private static final String HARDWARE_KEY_XPATH = ROOT + CONF + "SignatureCreation/" + CONF + "KeyModules/" @@ -370,6 +376,52 @@ public class ConfigurationPartsBuilder { return modules; } + + /** + * + * @return + */ + public boolean allowExternalUris() { + Element permitExtUris = (Element)XPathUtils.selectSingleNode(getConfigElem(), PERMIT_EXTERNAL_URIS_XPATH); + + // if PermitExternalUris element does not exist - don't allow external uris + if (permitExtUris == null) + return false; + else + return true; + + } + + /** + * + * @return + */ + public List buildPermitExternalUris() { + if (!allowExternalUris()) + return null; + + List blacklist = new ArrayList(); + + NodeIterator permitExtIter = XPathUtils.selectNodeIterator( + getConfigElem(), + BLACK_LIST_URIS_XPATH); + + Element permitExtElem = null; + while ((permitExtElem = (Element) permitExtIter.nextNode()) != null) { + String host = getElementValue(permitExtElem, CONF + "Host", null); + String port = getElementValue(permitExtElem, CONF + "Port", null); + + //System.out.println("Host:Port = " + host + ":" + port); + + String array[] = new String[2]; + array[0] = host; + array[1] = port; + blacklist.add(array); + + } + + return blacklist; + } /** * Build the configured hardware keys. diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java index 51ddf0811..9e0a7fd53 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java @@ -33,7 +33,9 @@ import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.math.BigInteger; +import java.net.InetAddress; import java.net.URL; +import java.net.UnknownHostException; import java.security.Principal; import java.security.cert.X509Certificate; import java.util.ArrayList; @@ -46,6 +48,8 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.spss.MOASecurityManagerExtended; +import at.gv.egovernment.moa.spss.MOASecurityManagerSimple; import at.gv.egovernment.moa.spss.util.MessageProvider; import at.gv.egovernment.moa.util.DOMUtils; @@ -239,6 +243,16 @@ public class ConfigurationProvider */ private Map crlRetentionIntervals; + /** + * Indicates wether external URIs are allowed or not + */ + private boolean allowExternalUris_; + + /** + * A List of black listed URIs (host and port) + */ + private List blackListedUris_; + /** * Return the single instance of configuration data. * @@ -354,6 +368,13 @@ public class ConfigurationProvider warnings = new ArrayList(builder.getWarnings()); permitFileURIs = builder.getPermitFileURIs(); crlRetentionIntervals = builder.getCrlRetentionIntervals(); + + allowExternalUris_= builder.allowExternalUris(); + + if (allowExternalUris_) + blackListedUris_ = builder.buildPermitExternalUris(); + else + blackListedUris_ = null; // Set set = crlRetentionIntervals.entrySet(); // Iterator i = set.iterator(); @@ -361,8 +382,37 @@ public class ConfigurationProvider // Map.Entry me = (Map.Entry)i.next(); // System.out.println("Key: " + me.getKey() + " - Value: " + me.getValue() ); // } + + + // set SecurityManager for permitting/disallowing external URIs + SecurityManager sm = System.getSecurityManager(); + if (sm == null) { + // no security manager exists - create a new one + //Logger.debug(new LogMsg("Create new MOASecurityManagerSimple")); + sm = new MOASecurityManagerSimple(allowExternalUris_, blackListedUris_); + + + //Logger.debug(new LogMsg("Set the new MOASecurityManagerSimple")); + System.setSecurityManager(sm); + + } + else { + String classname = sm.getClass().getName(); + if (!classname.equalsIgnoreCase("at.gv.egovernment.moa.spss.MOASecurityManagerSimple") && + !classname.equalsIgnoreCase("at.gv.egovernment.moa.spss.MOASecurityManagerExtended")) { + // if SecurityManager is not already a MOASecurityManager + + // Logger.debug(new LogMsg("Create new MOASecurityManagerExtended (including existing SecurityManager)")); + sm = new MOASecurityManagerExtended(allowExternalUris_, blackListedUris_); + + //Logger.debug(new LogMsg("Set the new MOASecurityManagerSimple")); + System.setSecurityManager(sm); + } + //Logger.debug(new LogMsg("No new MOASecurityManager instantiated")); + } + } catch (Throwable t) { throw new ConfigurationException("config.11", null, t); } finally { @@ -637,8 +687,8 @@ public class ConfigurationProvider MessageProvider msg = MessageProvider.getInstance(); Logger.info(new LogMsg(msg.getMessage(messageId, parameters))); } - - /** + + /** * Log a warning. * * @param messageId The message ID. -- cgit v1.2.3