TRA-3420 inform user of tls traffic (#149)

* Update passive_tapper.go and tls_utils.go * Update go.mod, go.sum, and 18 more files... * go fmt * Update http_reader.go, passive_tapper.go, and 3 more files... * Update status_controller.go and status_provider.go Co-authored-by: RamiBerm <rami.berman@up9.com>
2025-09-13 05:11:34 +00:00 · 2021-08-01 14:57:43 +03:00
parent 8d8310ee02
commit ceb8d714e3
19 changed files with 23038 additions and 134 deletions
--- a/agent/pkg/api/socket_server_handlers.go
+++ b/agent/pkg/api/socket_server_handlers.go
@@ -6,8 +6,8 @@ import (
 	"github.com/romana/rlog"
 	"github.com/up9inc/mizu/shared"
 	"github.com/up9inc/mizu/tap"
-	"mizuserver/pkg/controllers"
 	"mizuserver/pkg/models"
+	"mizuserver/pkg/providers"
 	"mizuserver/pkg/routes"
 	"mizuserver/pkg/up9"
 	"sync"
@@ -80,15 +80,46 @@ func (h *RoutesEventHandlers) WebSocketMessage(_ int, message []byte) {
 			if err != nil {
 				rlog.Infof("Could not unmarshal message of message type %s %v\n", socketMessageBase.MessageType, err)
 			} else {
-				controllers.TapStatus = statusMessage.TappingStatus
+				providers.TapStatus.Pods = statusMessage.TappingStatus.Pods
 				broadcastToBrowserClients(message)
 			}
+		case shared.WebsocketMessageTypeOutboundLink:
+			var outboundLinkMessage models.WebsocketOutboundLinkMessage
+			err := json.Unmarshal(message, &outboundLinkMessage)
+			if err != nil {
+				rlog.Infof("Could not unmarshal message of message type %s %v\n", socketMessageBase.MessageType, err)
+			} else {
+				handleTLSLink(outboundLinkMessage)
+			}
 		default:
 			rlog.Infof("Received socket message of type %s for which no handlers are defined", socketMessageBase.MessageType)
 		}
 	}
 }

+func handleTLSLink(outboundLinkMessage models.WebsocketOutboundLinkMessage) {
+	resolvedName := k8sResolver.Resolve(outboundLinkMessage.Data.DstIP)
+	if resolvedName != "" {
+		outboundLinkMessage.Data.DstIP = resolvedName
+	} else if outboundLinkMessage.Data.SuggestedResolvedName != "" {
+		outboundLinkMessage.Data.DstIP = outboundLinkMessage.Data.SuggestedResolvedName
+	}
+	cacheKey := fmt.Sprintf("%s -> %s:%d", outboundLinkMessage.Data.Src, outboundLinkMessage.Data.DstIP, outboundLinkMessage.Data.DstPort)
+	_, isInCache := providers.RecentTLSLinks.Get(cacheKey)
+	if isInCache {
+		return
+	} else {
+		providers.RecentTLSLinks.SetDefault(cacheKey, outboundLinkMessage.Data)
+	}
+	marshaledMessage, err := json.Marshal(outboundLinkMessage)
+	if err != nil {
+		rlog.Errorf("Error marshaling outbound link message for broadcasting: %v", err)
+	} else {
+		fmt.Printf("Broadcasting outboundlink message %s\n", string(marshaledMessage))
+		broadcastToBrowserClients(marshaledMessage)
+	}
+}
+
 func removeSocketUUIDFromBrowserSlice(uuidToRemove int) {
 	newUUIDSlice := make([]int, 0, len(browserClientSocketUUIDs))
 	for _, uuid := range browserClientSocketUUIDs {
--- a/agent/pkg/controllers/status_controller.go
+++ b/agent/pkg/controllers/status_controller.go
@@ -2,17 +2,19 @@ package controllers

 import (
 	"github.com/gin-gonic/gin"
-	"github.com/up9inc/mizu/shared"
+	"mizuserver/pkg/providers"
 	"mizuserver/pkg/up9"
 	"net/http"
 )

-var TapStatus shared.TapStatus
-
 func GetTappingStatus(c *gin.Context) {
-	c.JSON(http.StatusOK, TapStatus)
+	c.JSON(http.StatusOK, providers.TapStatus)
 }

 func AnalyzeInformation(c *gin.Context) {
 	c.JSON(http.StatusOK, up9.GetAnalyzeInfo())
 }
+
+func GetRecentTLSLinks(c *gin.Context) {
+	c.JSON(http.StatusOK, providers.GetAllRecentTLSAddresses())
+}
--- a/agent/pkg/models/models.go
+++ b/agent/pkg/models/models.go
@@ -132,6 +132,11 @@ type WebSocketTappedEntryMessage struct {
 	Data *tap.OutputChannelItem
 }

+type WebsocketOutboundLinkMessage struct {
+	*shared.WebSocketMessageMetadata
+	Data *tap.OutboundLink
+}
+
 func CreateBaseEntryWebSocketMessage(base *BaseEntryDetails) ([]byte, error) {
 	message := &WebSocketEntryMessage{
 		WebSocketMessageMetadata: &shared.WebSocketMessageMetadata{
@@ -152,6 +157,16 @@ func CreateWebsocketTappedEntryMessage(base *tap.OutputChannelItem) ([]byte, err
 	return json.Marshal(message)
 }

+func CreateWebsocketOutboundLinkMessage(base *tap.OutboundLink) ([]byte, error) {
+	message := &WebsocketOutboundLinkMessage{
+		WebSocketMessageMetadata: &shared.WebSocketMessageMetadata{
+			MessageType: shared.WebsocketMessageTypeOutboundLink,
+		},
+		Data: base,
+	}
+	return json.Marshal(message)
+}
+
 // ExtendedHAR is the top level object of a HAR log.
 type ExtendedHAR struct {
 	Log *ExtendedLog `json:"log"`
--- a/agent/pkg/providers/status_provider.go
+++ b/agent/pkg/providers/status_provider.go
@@ -0,0 +1,28 @@
+package providers
+
+import (
+	"github.com/patrickmn/go-cache"
+	"github.com/up9inc/mizu/shared"
+	"github.com/up9inc/mizu/tap"
+	"time"
+)
+
+const tlsLinkRetainmentTime = time.Minute * 15
+
+var (
+	TapStatus shared.TapStatus
+	RecentTLSLinks = cache.New(tlsLinkRetainmentTime, tlsLinkRetainmentTime)
+)
+
+func GetAllRecentTLSAddresses() []string {
+	recentTLSLinks := make([]string, 0)
+
+	for _, outboundLinkItem := range RecentTLSLinks.Items() {
+		outboundLink, castOk := outboundLinkItem.Object.(*tap.OutboundLink)
+		if castOk {
+			recentTLSLinks = append(recentTLSLinks, outboundLink.DstIP)
+		}
+	}
+
+	return recentTLSLinks
+}
--- a/agent/pkg/routes/entries_routes.go
+++ b/agent/pkg/routes/entries_routes.go
@@ -22,4 +22,5 @@ func EntriesRoutes(ginApp *gin.Engine) {

 	routeGroup.GET("/tapStatus", controllers.GetTappingStatus) // get tapping status
 	routeGroup.GET("/analyzeStatus", controllers.AnalyzeInformation)
+	routeGroup.GET("/recentTLSLinks", controllers.GetRecentTLSLinks)
 }