newrelic · prateeksen · Sep 24, 2024 · Sep 24, 2024 · Sep 24, 2024
diff --git a/lib/newrelic_security/agent/configuration/manager.rb b/lib/newrelic_security/agent/configuration/manager.rb
@@ -37,9 +37,14 @@ def initialize
           @cache[:'security.application_info.port'] = ::NewRelic::Agent.config[:'security.application_info.port'].to_i
           @cache[:'security.request.body_limit'] = ::NewRelic::Agent.config[:'security.request.body_limit'].to_i > 0 ? ::NewRelic::Agent.config[:'security.request.body_limit'].to_i : 300
           @cache[:listen_port] = nil
+          @cache[:process_start_time] = current_time_millis # TODO: Ruby doesn't provide process start time in pure ruby implementation using agent loading time for now.
+          @cache[:traffic_start_time] = nil
+          @cache[:scan_start_time] = nil
+          @cache[:'security.scan_controllers.scan_instance_count'] = ::NewRelic::Agent.config[:'security.scan_controllers.scan_instance_count']
+          @cache[:'security.iast_test_identifier'] = ::NewRelic::Agent.config[:'security.iast_test_identifier']
           @cache[:app_root] = NewRelic::Security::Agent::Utils.app_root
           @cache[:jruby_objectspace_enabled] = false
-          @cache[:json_version] = :'1.2.4'
+          @cache[:json_version] = :'1.2.9'
 
           @environment_source = NewRelic::Security::Agent::Configuration::EnvironmentSource.new
           @server_source = NewRelic::Security::Agent::Configuration::ServerSource.new
@@ -94,6 +99,14 @@ def update_port=(listen_port)
           @cache[:listen_port] = listen_port
         end
 
+        def traffic_start_time=(traffic_start_time)
+          @cache[:traffic_start_time] = traffic_start_time
+        end
+
+        def scan_start_time=(scan_start_time)
+          @cache[:scan_start_time] = scan_start_time
+        end
+
         def app_server=(app_server)
           @cache[:app_server] = app_server
         end
@@ -172,6 +185,11 @@ def fetch_or_create_uuid
         def generate_key(entity_guid)
           ::OpenSSL::PKCS5.pbkdf2_hmac(entity_guid, entity_guid[0..15], 1024, 32, SHA1)
         end
+
+        def current_time_millis
+          (Time.now.to_f * 1000).to_i
+        end
+
       end
     end
   end

diff --git a/lib/newrelic_security/agent/control/event_processor.rb b/lib/newrelic_security/agent/control/event_processor.rb
@@ -46,6 +46,7 @@ def send_event(event)
           enqueue(event)
           if @first_event
             NewRelic::Security::Agent.init_logger.info "[STEP-8] => First event sent for validation. Security agent started successfully : #{event.to_json}"
+            NewRelic::Security::Agent.config.traffic_start_time = current_time_millis unless NewRelic::Security::Agent.config[:traffic_start_time]
             @first_event = false
           end
           event = nil
@@ -128,6 +129,10 @@ def create_keep_alive_thread
           NewRelic::Security::Agent.logger.error "Exception in health check thread, #{exception.inspect}"
         end
 
+        def current_time_millis
+          (Time.now.to_f * 1000).to_i
+        end
+
       end
     end
   end

diff --git a/lib/newrelic_security/agent/control/health_check.rb b/lib/newrelic_security/agent/control/health_check.rb
@@ -35,6 +35,10 @@ def initialize
           @iastEventStats = {}
           @raspEventStats = {}
           @exitEventStats = {}
+          @procStartTime = NewRelic::Security::Agent.config[:process_start_time]
+          @trafficStartedTime = NewRelic::Security::Agent.config[:traffic_start_time]
+          @scanStartTime = NewRelic::Security::Agent.config[:scan_start_time]
+          @iastTestIdentifer = NewRelic::Security::Agent.config[:'security.iast_test_identifier']
         end
 
         def as_json

diff --git a/lib/newrelic_security/agent/control/iast_client.rb b/lib/newrelic_security/agent/control/iast_client.rb
@@ -54,6 +54,7 @@ def create_dequeue_threads
               Thread.current.name = "newrelic_security_iast_thread-#{t}"
               loop do
                 fuzz_request = @fuzzQ.deq #thread blocks when the queue is empty
+                NewRelic::Security::Agent.config.scan_start_time = current_time_millis unless NewRelic::Security::Agent.config[:scan_start_time]
                 if fuzz_request.request[IS_GRPC]
                   fire_grpc_request(fuzz_request.id, fuzz_request.request, fuzz_request.reflected_metadata)
                 else
@@ -122,18 +123,18 @@ def fire_request(fuzz_request_id, request)
         def fire_grpc_request(fuzz_request_id, request, reflected_metadata)
           service = Object.const_get(request[METHOD].split(SLASH)[0]).superclass
           method = request[METHOD].split(SLASH)[1]
-          @stub = service.rpc_stub_class.new("localhost:#{request[SERVER_PORT_1]}", :this_channel_is_insecure) unless @stub
+          @stub ||= service.rpc_stub_class.new("localhost:#{request[SERVER_PORT_1]}", :this_channel_is_insecure)
 
-          parsed_body =  request[BODY][1..-2].split(',')
-          if reflected_metadata[IS_GRPC_CLIENT_STREAM]
-            chunks_enum = Enumerator.new do |y|
+          parsed_body = request[BODY][1..-2].split(',')
+          chunks_enum = if reflected_metadata[IS_GRPC_CLIENT_STREAM]
+            Enumerator.new do |y|
               parsed_body.each do |b|
                 y << Object.const_get(reflected_metadata[INPUT_CLASS]).decode_json(b)
               end
             end
-          else
-            chunks_enum = Object.const_get(reflected_metadata[INPUT_CLASS]).decode_json(request[BODY])
-          end
+                        else
+            Object.const_get(reflected_metadata[INPUT_CLASS]).decode_json(request[BODY])
+                        end
           response = @stub.public_send(method, chunks_enum, metadata: request[HEADERS])
           # response = @stub.send(method, JSON.parse(request['body'], object_class: OpenStruct))
           # request[HEADERS].delete(VERSION) if request[HEADERS].key?(VERSION)

diff --git a/lib/newrelic_security/agent/control/websocket_client.rb b/lib/newrelic_security/agent/control/websocket_client.rb
@@ -21,6 +21,9 @@ module Control
       NR_CSEC_ENTITY_NAME = 'NR-CSEC-ENTITY-NAME'
       NR_CSEC_ENTITY_GUID = 'NR-CSEC-ENTITY-GUID'
       NR_CSEC_IAST_DATA_TRANSFER_MODE = 'NR-CSEC-IAST-DATA-TRANSFER-MODE'
+      NR_CSEC_PROCESS_START_TIME = 'NR-CSEC-PROCESS-START-TIME'
+      NR_CSEC_IAST_SCAN_INSTANCE_COUNT = 'NR-CSEC-IAST-SCAN-INSTANCE-COUNT'
+      NR_CSEC_IAST_TEST_IDENTIFIER = 'NR-CSEC-IAST-TEST-IDENTIFIER'
 
       class WebsocketClient
         include Singleton
@@ -43,6 +46,12 @@ def connect()
           headers[NR_CSEC_ENTITY_NAME] = NewRelic::Security::Agent.config[:app_name]
           headers[NR_CSEC_ENTITY_GUID] = NewRelic::Security::Agent.config[:entity_guid]
           headers[NR_CSEC_IAST_DATA_TRANSFER_MODE] = PULL
+          headers[NR_CSEC_PROCESS_START_TIME] = NewRelic::Security::Agent.config[:process_start_time]
+          headers[NR_CSEC_IAST_SCAN_INSTANCE_COUNT] = NewRelic::Security::Agent.config[:'security.scan_controllers.scan_instance_count']
+          if NewRelic::Security::Agent.config[:'security.iast_test_identifier'] && !NewRelic::Security::Agent.config[:'security.iast_test_identifier'].empty?
+            headers[NR_CSEC_IAST_TEST_IDENTIFIER] = NewRelic::Security::Agent.config[:'security.iast_test_identifier']
+            headers[NR_CSEC_IAST_SCAN_INSTANCE_COUNT] = 1
+          end
 
           begin
             cert_store = ::OpenSSL::X509::Store.new