You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by is...@apache.org on 2017/03/18 12:09:51 UTC
[2/2] lucene-solr:jira/solr-6736: SOLR-6736: Adding concept of
Vulnerable plugins
SOLR-6736: Adding concept of Vulnerable plugins
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/a2931a14
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/a2931a14
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/a2931a14
Branch: refs/heads/jira/solr-6736
Commit: a2931a14721429a12ead68c7f133ee32e6e9c691
Parents: 7514e7e
Author: Ishan Chattopadhyaya <is...@apache.org>
Authored: Sat Mar 18 17:39:32 2017 +0530
Committer: Ishan Chattopadhyaya <is...@apache.org>
Committed: Sat Mar 18 17:39:32 2017 +0530
----------------------------------------------------------------------
.../java/org/apache/solr/core/PluginInfo.java | 28 ++++----------------
.../src/java/org/apache/solr/core/SolrCore.java | 20 ++++++++++++++
.../solr/handler/admin/ConfigSetsHandler.java | 9 +++----
.../StatelessScriptUpdateProcessorFactory.java | 3 ++-
.../org/apache/solr/util/plugin/Vulnerable.java | 21 +++++++++++++++
.../apache/solr/cloud/TestConfigSetsAPI.java | 2 +-
6 files changed, 52 insertions(+), 31 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/a2931a14/solr/core/src/java/org/apache/solr/core/PluginInfo.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/core/PluginInfo.java b/solr/core/src/java/org/apache/solr/core/PluginInfo.java
index f7d3960..c6c317b 100644
--- a/solr/core/src/java/org/apache/solr/core/PluginInfo.java
+++ b/solr/core/src/java/org/apache/solr/core/PluginInfo.java
@@ -42,6 +42,7 @@ public class PluginInfo implements MapSerializable {
public final Map<String, String> attributes;
public final List<PluginInfo> children;
private boolean isFromSolrConfig;
+ public Boolean trusted;
public PluginInfo(String type, Map<String, String> attrs, NamedList initArgs, List<PluginInfo> children) {
this(type, attrs, initArgs, children, null);
@@ -52,20 +53,9 @@ public class PluginInfo implements MapSerializable {
this.name = attrs.get(NAME);
this.className = attrs.get(CLASS_NAME);
this.initArgs = initArgs;
- if (trusted != null && initArgs != null) {
- initArgs.remove(TRUSTED);
- initArgs.add(TRUSTED, trusted.booleanValue());
- }
+ this.trusted = trusted;
attributes = unmodifiableMap(attrs);
this.children = children == null ? Collections.<PluginInfo>emptyList(): unmodifiableList(children);
- if (trusted != null && children != null) {
- for (PluginInfo child: this.children) {
- if (child.initArgs != null) {
- child.initArgs.remove(TRUSTED);
- child.initArgs.add(TRUSTED, trusted.booleanValue());
- }
- }
- }
isFromSolrConfig = false;
}
@@ -81,11 +71,7 @@ public class PluginInfo implements MapSerializable {
attributes = unmodifiableMap(DOMUtil.toMap(node.getAttributes()));
children = loadSubPlugins(node, trusted);
isFromSolrConfig = true;
-
- if (trusted != null) {
- initArgs.remove(TRUSTED);
- initArgs.add(TRUSTED, trusted.booleanValue());
- }
+ this.trusted = trusted;
}
public PluginInfo(String type, Map<String,Object> map) {
@@ -114,19 +100,16 @@ public class PluginInfo implements MapSerializable {
}
}
- if (trusted != null) {
- initArgs.remove(TRUSTED);
- initArgs.add(TRUSTED, trusted.booleanValue());
- }
this.type = type;
this.name = (String) m.get(NAME);
this.className = (String) m.get(CLASS_NAME);
attributes = unmodifiableMap(m);
this.children = Collections.<PluginInfo>emptyList();
isFromSolrConfig = true;
+ this.trusted = trusted;
}
- private List<PluginInfo> loadSubPlugins(Node node, boolean trusted) {
+ private List<PluginInfo> loadSubPlugins(Node node, Boolean trusted) {
List<PluginInfo> children = new ArrayList<>();
//if there is another sub tag with a non namedlist tag that has to be another plugin
NodeList nlst = node.getChildNodes();
@@ -217,7 +200,6 @@ public class PluginInfo implements MapSerializable {
}
public PluginInfo copy() {
- Boolean trusted = initArgs == null ? null: initArgs.getBooleanArg(TRUSTED);
PluginInfo result = new PluginInfo(type, attributes,
initArgs != null ? initArgs.clone() : null, children, trusted);
result.isFromSolrConfig = isFromSolrConfig;
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/a2931a14/solr/core/src/java/org/apache/solr/core/SolrCore.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/core/SolrCore.java b/solr/core/src/java/org/apache/solr/core/SolrCore.java
index 66efeed..c8e8067 100644
--- a/solr/core/src/java/org/apache/solr/core/SolrCore.java
+++ b/solr/core/src/java/org/apache/solr/core/SolrCore.java
@@ -157,6 +157,7 @@ import org.apache.solr.util.RefCounted;
import org.apache.solr.util.plugin.NamedListInitializedPlugin;
import org.apache.solr.util.plugin.PluginInfoInitialized;
import org.apache.solr.util.plugin.SolrCoreAware;
+import org.apache.solr.util.plugin.Vulnerable;
import org.apache.zookeeper.KeeperException;
import org.apache.zookeeper.data.Stat;
import org.slf4j.Logger;
@@ -808,8 +809,27 @@ public final class SolrCore implements SolrInfoMBean, Closeable {
if(info == null) return null;
T o = createInstance(info.className == null ? defClassName : info.className ,cast, msg,this, getResourceLoader());
if (o instanceof PluginInfoInitialized) {
+ if (o instanceof Vulnerable) {
+ System.out.println("Vulnerable plugin: "+o);
+ if (info.trusted != null) {
+ info.initArgs.remove(PluginInfo.TRUSTED);
+ info.initArgs.add(PluginInfo.TRUSTED, info.trusted);
+ }
+ } else {
+ System.out.println("Not vulnerable plugin: "+o);
+ info.initArgs.remove(PluginInfo.TRUSTED);
+ }
((PluginInfoInitialized) o).init(info);
} else if (o instanceof NamedListInitializedPlugin) {
+ if (o instanceof Vulnerable) {
+ System.out.println("Vulnerable plugin: "+o);
+ if (info.trusted != null) {
+ info.initArgs.remove(PluginInfo.TRUSTED);
+ info.initArgs.add(PluginInfo.TRUSTED, info.trusted);
+ }
+ } else {
+ System.out.println("Not vulnerable plugin: "+o);
+ }
((NamedListInitializedPlugin) o).init(info.initArgs);
}
if(o instanceof SearchComponent) {
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/a2931a14/solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java b/solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java
index 2b222e9..8b76912 100644
--- a/solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java
+++ b/solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java
@@ -60,10 +60,7 @@ import org.apache.solr.handler.RequestHandlerBase;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.response.SolrQueryResponse;
import org.apache.solr.security.AuthorizationContext;
-import org.apache.solr.security.AuthorizationPlugin;
-import org.apache.solr.security.Permission;
import org.apache.solr.security.PermissionNameProvider;
-import org.apache.solr.security.RuleBasedAuthorizationPlugin;
import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.KeeperException;
import org.slf4j.Logger;
@@ -173,8 +170,8 @@ public class ConfigSetsHandler extends RequestHandlerBase implements PermissionN
InputStream inputStream = contentStreamsIterator.next().getStream();
// Create a node for the configuration in zookeeper nocommit: do this only if /admin is not protected by authz/authc
- boolean trusted;
- AuthorizationPlugin authz = coreContainer.getAuthorizationPlugin();
+ boolean trusted = false;
+ /*AuthorizationPlugin authz = coreContainer.getAuthorizationPlugin();
if (authz == null) {
trusted = false;
} else {
@@ -189,7 +186,7 @@ public class ConfigSetsHandler extends RequestHandlerBase implements PermissionN
} else {
trusted = true;
}
- }
+ }*/
zkClient.makePath(configPathInZk, ("{\"trusted\": "+Boolean.toString(trusted)+"}").getBytes(StandardCharsets.UTF_8), true);
ZipInputStream zis = new ZipInputStream(inputStream, StandardCharsets.UTF_8);
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/a2931a14/solr/core/src/java/org/apache/solr/update/processor/StatelessScriptUpdateProcessorFactory.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/update/processor/StatelessScriptUpdateProcessorFactory.java b/solr/core/src/java/org/apache/solr/update/processor/StatelessScriptUpdateProcessorFactory.java
index 8be7f40..6bb0186 100644
--- a/solr/core/src/java/org/apache/solr/update/processor/StatelessScriptUpdateProcessorFactory.java
+++ b/solr/core/src/java/org/apache/solr/update/processor/StatelessScriptUpdateProcessorFactory.java
@@ -27,6 +27,7 @@ import org.apache.solr.request.LocalSolrQueryRequest;
import org.apache.solr.response.SolrQueryResponse;
import org.apache.solr.update.*;
import org.apache.solr.util.plugin.SolrCoreAware;
+import org.apache.solr.util.plugin.Vulnerable;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.io.FilenameUtils;
@@ -151,7 +152,7 @@ import org.slf4j.LoggerFactory;
* </pre>
*
*/
-public class StatelessScriptUpdateProcessorFactory extends UpdateRequestProcessorFactory implements SolrCoreAware {
+public class StatelessScriptUpdateProcessorFactory extends UpdateRequestProcessorFactory implements SolrCoreAware, Vulnerable {
private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/a2931a14/solr/core/src/java/org/apache/solr/util/plugin/Vulnerable.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/util/plugin/Vulnerable.java b/solr/core/src/java/org/apache/solr/util/plugin/Vulnerable.java
new file mode 100644
index 0000000..8c5d34b
--- /dev/null
+++ b/solr/core/src/java/org/apache/solr/util/plugin/Vulnerable.java
@@ -0,0 +1,21 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.solr.util.plugin;
+
+public interface Vulnerable {
+
+}
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/a2931a14/solr/core/src/test/org/apache/solr/cloud/TestConfigSetsAPI.java
----------------------------------------------------------------------
diff --git a/solr/core/src/test/org/apache/solr/cloud/TestConfigSetsAPI.java b/solr/core/src/test/org/apache/solr/cloud/TestConfigSetsAPI.java
index 9cc2b0b..d1cf036 100644
--- a/solr/core/src/test/org/apache/solr/cloud/TestConfigSetsAPI.java
+++ b/solr/core/src/test/org/apache/solr/cloud/TestConfigSetsAPI.java
@@ -368,7 +368,7 @@ public class TestConfigSetsAPI extends SolrTestCaseJ4 {
CollectionAdminResponse resp = createCollection("newcollection2", "with-script-processor",
1, 1, solrCluster.getSolrClient());
System.out.println("Client saw errors: "+resp.getErrorMessages());
- assertTrue(resp.getErrorMessages().size() > 0);
+ assertTrue(resp.getErrorMessages() != null && resp.getErrorMessages().size() > 0);
assertTrue(resp.getErrorMessages().getVal(0).
contains("The configset for this collection was uploaded without any authorization"));
//scriptRequest("newcollection2");