Example 1 with ZapXmlConfiguration
use of org.zaproxy.zap.utils.ZapXmlConfiguration in project zaproxy by zaproxy.
the class APIUnitTest method shouldDenyAddressNotSet.
@Test
public void shouldDenyAddressNotSet() throws Exception {
// Given
API api = new API();
OptionsParamApi apiOptions = new OptionsParamApi();
apiOptions.load(new ZapXmlConfiguration());
apiOptions.setPermittedAddresses(createPermittedAddresses("127.0.0.1"));
api.setOptionsParamApi(apiOptions);
TestApiImplementor apiImplementor = new TestApiImplementor();
String requestUri = api.getCallBackUrl(apiImplementor, "http://example.com");
// When
boolean requestHandled = api.handleApiRequest(createApiRequest(new byte[] { 10, 0, 0, 2 }, "example.com", requestUri), createMockedHttpInputStream(), createMockedHttpOutputStream());
// Then
assertThat(requestHandled, is(equalTo(true)));
assertThat(apiImplementor.wasUsed(), is(equalTo(false)));
}
Also used :
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
Test(org.junit.Test)
Example 2 with ZapXmlConfiguration
use of org.zaproxy.zap.utils.ZapXmlConfiguration in project zaproxy by zaproxy.
the class PluginFactoryUnitTest method mockConstantClass.
private void mockConstantClass() {
PluginFactory pf = PowerMockito.mock(PluginFactory.class);
Whitebox.setInternalState(pf, "loadedPlugins", null);
Constant constant = PowerMockito.mock(Constant.class);
Whitebox.setInternalState(constant, "instance", constant);
Whitebox.setInternalState(constant, "zapInstall", ".");
I18N i18n = PowerMockito.mock(I18N.class);
given(i18n.getString(anyString())).willReturn("");
given(i18n.getString(anyString(), anyObject())).willReturn("");
Whitebox.setInternalState(constant, "messages", i18n);
Model.getSingleton().getOptionsParam().load(new ZapXmlConfiguration());
}
Also used :
Constant(org.parosproxy.paros.Constant)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
I18N(org.zaproxy.zap.utils.I18N)
Example 3 with ZapXmlConfiguration
use of org.zaproxy.zap.utils.ZapXmlConfiguration in project zaproxy by zaproxy.
the class Constant method initializeFilesAndDirectories.
public void initializeFilesAndDirectories() {
FileCopier copier = new FileCopier();
File f = null;
// Set up the version from the manifest
PROGRAM_VERSION = getVersionFromManifest();
PROGRAM_TITLE = PROGRAM_NAME + " " + PROGRAM_VERSION;
if (zapHome == null) {
zapHome = getDefaultHomeDirectory(true);
}
zapHome = getAbsolutePath(zapHome);
f = new File(zapHome);
FILE_CONFIG = zapHome + FILE_CONFIG;
FOLDER_SESSION = zapHome + FOLDER_SESSION;
DBNAME_UNTITLED = zapHome + DBNAME_UNTITLED;
ACCEPTED_LICENSE = zapHome + ACCEPTED_LICENSE;
DIRBUSTER_CUSTOM_DIR = zapHome + DIRBUSTER_DIR;
FUZZER_DIR = zapHome + FUZZER_DIR;
FOLDER_LOCAL_PLUGIN = zapHome + FOLDER_LOCAL_PLUGIN;
try {
System.setProperty(SYSTEM_PAROS_USER_LOG, zapHome);
if (!f.isDirectory()) {
if (!f.mkdir()) {
// ZAP: report failure to create directory
System.out.println("Failed to create directory " + f.getAbsolutePath());
}
}
// Setup the logging
File logFile = new File(zapHome + "/log4j.properties");
if (!logFile.exists()) {
copier.copy(new File(zapInstall, "xml/log4j.properties"), logFile);
}
System.setProperty("log4j.configuration", logFile.getAbsolutePath());
PropertyConfigurator.configure(logFile.getAbsolutePath());
f = new File(FILE_CONFIG);
if (!f.isFile()) {
this.copyDefaultConfigs(f, false);
}
f = new File(FOLDER_SESSION);
if (!f.isDirectory()) {
LOG.info("Creating directory " + FOLDER_SESSION);
if (!f.mkdir()) {
// ZAP: report failure to create directory
System.out.println("Failed to create directory " + f.getAbsolutePath());
}
}
f = new File(DIRBUSTER_CUSTOM_DIR);
if (!f.isDirectory()) {
LOG.info("Creating directory " + DIRBUSTER_CUSTOM_DIR);
if (!f.mkdir()) {
// ZAP: report failure to create directory
System.out.println("Failed to create directory " + f.getAbsolutePath());
}
}
f = new File(FUZZER_DIR);
if (!f.isDirectory()) {
LOG.info("Creating directory " + FUZZER_DIR);
if (!f.mkdir()) {
// ZAP: report failure to create directory
System.out.println("Failed to create directory " + f.getAbsolutePath());
}
}
f = new File(FOLDER_LOCAL_PLUGIN);
if (!f.isDirectory()) {
LOG.info("Creating directory " + FOLDER_LOCAL_PLUGIN);
if (!f.mkdir()) {
// ZAP: report failure to create directory
System.out.println("Failed to create directory " + f.getAbsolutePath());
}
}
f = new File(zapHome, FOLDER_FILTER);
if (!f.isDirectory()) {
LOG.info("Creating directory: " + f.getAbsolutePath());
if (!f.mkdir()) {
System.out.println("Failed to create directory " + f.getAbsolutePath());
}
}
} catch (Exception e) {
System.err.println("Unable to initialize home directory! " + e.getMessage());
e.printStackTrace(System.err);
System.exit(1);
}
// Upgrade actions
try {
try {
// ZAP: Changed to use ZapXmlConfiguration, to enforce the same character encoding when reading/writing configurations.
XMLConfiguration config = new ZapXmlConfiguration(FILE_CONFIG);
config.setAutoSave(false);
long ver = config.getLong("version");
if (ver == VERSION_TAG) {
// Nothing to do
} else if (isDevBuild() || isDailyBuild()) {
// Nothing to do
} else {
// Backup the old one
LOG.info("Backing up config file to " + FILE_CONFIG + ".bak");
f = new File(FILE_CONFIG);
try {
copier.copy(f, new File(FILE_CONFIG + ".bak"));
} catch (IOException e) {
String msg = "Failed to backup config file " + FILE_CONFIG + " to " + FILE_CONFIG + ".bak " + e.getMessage();
System.err.println(msg);
LOG.error(msg, e);
}
if (ver == V_PAROS_TAG) {
upgradeFrom1_1_0(config);
upgradeFrom1_2_0(config);
}
if (ver <= V_1_0_0_TAG) {
// Nothing to do
}
if (ver <= V_1_1_0_TAG) {
upgradeFrom1_1_0(config);
}
if (ver <= V_1_2_0_TAG) {
upgradeFrom1_2_0(config);
}
if (ver <= V_1_2_1_TAG) {
// Nothing to do
}
if (ver <= V_1_3_0_TAG) {
// Nothing to do
}
if (ver <= V_1_3_1_TAG) {
// Nothing to do
}
if (ver <= V_1_4_1_TAG) {
upgradeFrom1_4_1(config);
}
if (ver <= V_2_0_0_TAG) {
upgradeFrom2_0_0(config);
}
if (ver <= V_2_1_0_TAG) {
// Nothing to do
}
if (ver <= V_2_2_0_TAG) {
upgradeFrom2_2_0(config);
}
if (ver <= V_2_3_1_TAG) {
upgradeFrom2_3_1(config);
}
if (ver <= V_2_4_3_TAG) {
upgradeFrom2_4_3(config);
}
if (ver <= V_2_5_0_TAG) {
upgradeFrom2_5_0(config);
}
LOG.info("Upgraded from " + ver);
// Update the version
config.setProperty("version", VERSION_TAG);
config.save();
}
} catch (ConfigurationException | ConversionException | NoSuchElementException e) {
// if there is any error in config file (eg config file not exist, corrupted),
// overwrite previous configuration file
// ZAP: changed to use the correct file
copier.copy(getPathDefaultConfigFile().toFile(), new File(FILE_CONFIG));
}
} catch (Exception e) {
System.err.println("Unable to upgrade config file " + FILE_CONFIG + " " + e.getMessage());
e.printStackTrace(System.err);
System.exit(1);
}
// ZAP: Init i18n
String lang;
Locale locale = Locale.ENGLISH;
try {
// Select the correct locale
// ZAP: Changed to use ZapXmlConfiguration, to enforce the same character encoding when reading/writing configurations.
XMLConfiguration config = new ZapXmlConfiguration(FILE_CONFIG);
config.setAutoSave(false);
lang = config.getString(OptionsParamView.LOCALE, OptionsParamView.DEFAULT_LOCALE);
if (lang.length() == 0) {
lang = OptionsParamView.DEFAULT_LOCALE;
}
String[] langArray = lang.split("_");
locale = new Locale(langArray[0], langArray[1]);
} catch (Exception e) {
System.out.println("Failed to initialise locale " + e);
}
Locale.setDefault(locale);
messages = new I18N(locale);
}
Also used :
ConversionException(org.apache.commons.configuration.ConversionException)
Locale(java.util.Locale)
IOException(java.io.IOException)
FileCopier(org.parosproxy.paros.model.FileCopier)
ConversionException(org.apache.commons.configuration.ConversionException)
InvalidParameterException(java.security.InvalidParameterException)
ParseException(java.text.ParseException)
NoSuchElementException(java.util.NoSuchElementException)
IOException(java.io.IOException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
XMLConfiguration(org.apache.commons.configuration.XMLConfiguration)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
File(java.io.File)
NoSuchElementException(java.util.NoSuchElementException)
I18N(org.zaproxy.zap.utils.I18N)
Example 4 with ZapXmlConfiguration
use of org.zaproxy.zap.utils.ZapXmlConfiguration in project zaproxy by zaproxy.
the class ExtensionAutoUpdate method getRemoteConfigurationUrl.
private ZapXmlConfiguration getRemoteConfigurationUrl(String url) throws IOException, ConfigurationException, InvalidCfuUrlException {
HttpMessage msg = new HttpMessage(new URI(url, true), Model.getSingleton().getOptionsParam().getConnectionParam());
getHttpSender().sendAndReceive(msg, true);
if (msg.getResponseHeader().getStatusCode() != HttpStatusCode.OK) {
throw new IOException();
}
if (!msg.getRequestHeader().isSecure()) {
// Only access the cfu page over https
throw new InvalidCfuUrlException(msg.getRequestHeader().getURI().toString());
}
ZapXmlConfiguration config = new ZapXmlConfiguration();
config.setDelimiterParsingDisabled(true);
config.load(new StringReader(msg.getResponseBody().toString()));
// Save version file so we can report new addons next time
File f = new File(Constant.FOLDER_LOCAL_PLUGIN, VERSION_FILE_NAME);
FileWriter out = null;
try {
out = new FileWriter(f);
out.write(msg.getResponseBody().toString());
} catch (Exception e) {
logger.error(e.getMessage(), e);
} finally {
try {
if (out != null) {
out.close();
}
} catch (IOException e) {
// Ignore
}
}
return config;
}
Also used :
FileWriter(java.io.FileWriter)
StringReader(java.io.StringReader)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
IOException(java.io.IOException)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
URI(org.apache.commons.httpclient.URI)
File(java.io.File)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
MalformedURLException(java.net.MalformedURLException)
IOException(java.io.IOException)
FileAlreadyExistsException(java.nio.file.FileAlreadyExistsException)
Example 5 with ZapXmlConfiguration
use of org.zaproxy.zap.utils.ZapXmlConfiguration in project zaproxy by zaproxy.
the class DynamicSSLPanel method doImport.
/**
* Import Root CA certificate from other ZAP configuration files.
*/
private void doImport() {
if (checkExistingCertificate()) {
// prevent overwriting
return;
}
final JFileChooser fc = new JFileChooser(System.getProperty("user.home"));
fc.setFileSelectionMode(JFileChooser.FILES_ONLY);
fc.setMultiSelectionEnabled(false);
fc.setSelectedFile(new File(CONFIGURATION_FILENAME));
fc.setFileFilter(new FileFilter() {
@Override
public String getDescription() {
// config.xml or *.pem files
return Constant.messages.getString("dynssl.filter.file");
}
@Override
public boolean accept(File f) {
String lcFileName = f.getName().toLowerCase(Locale.ROOT);
return lcFileName.endsWith(CONFIGURATION_FILENAME) || lcFileName.endsWith("pem") || f.isDirectory();
}
});
final int result = fc.showOpenDialog(this);
final File f = fc.getSelectedFile();
if (result == JFileChooser.APPROVE_OPTION && f.exists()) {
if (logger.isInfoEnabled()) {
logger.info("Loading Root CA certificate from " + f);
}
KeyStore ks = null;
if (f.getName().toLowerCase().endsWith("pem")) {
ks = convertPemFileToKeyStore(f.toPath());
} else {
try {
final ZapXmlConfiguration conf = new ZapXmlConfiguration(f);
final String rootcastr = conf.getString(DynSSLParam.PARAM_ROOT_CA);
if (rootcastr == null || rootcastr.isEmpty()) {
JOptionPane.showMessageDialog(this, Constant.messages.getString("dynssl.message.nocertinconf"), Constant.messages.getString("dynssl.message.nocertinconf.title"), JOptionPane.ERROR_MESSAGE);
return;
}
ks = SslCertificateUtils.string2Keystore(rootcastr);
} catch (final Exception e) {
logger.error("Error importing Root CA cert from config file:", e);
JOptionPane.showMessageDialog(this, Constant.messages.getString("dynssl.message1.filecouldntloaded"), Constant.messages.getString("dynssl.message1.title"), JOptionPane.ERROR_MESSAGE);
return;
}
}
if (ks != null) {
setRootca(ks);
}
}
}
Also used :
JFileChooser(javax.swing.JFileChooser)
ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration)
FileFilter(javax.swing.filechooser.FileFilter)
File(java.io.File)
KeyStore(java.security.KeyStore)
IOException(java.io.IOException)
Aggregations
ZapXmlConfiguration (org.zaproxy.zap.utils.ZapXmlConfiguration)82
Test (org.junit.jupiter.api.Test)37
Configuration (org.apache.commons.configuration.Configuration)19
WithConfigsTest (org.zaproxy.zap.WithConfigsTest)18
Context (org.zaproxy.zap.model.Context)17
ConfigurationException (org.apache.commons.configuration.ConfigurationException)15
File (java.io.File)11
IOException (java.io.IOException)9
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)7
ConversionException (org.apache.commons.configuration.ConversionException)6
XMLConfiguration (org.apache.commons.configuration.XMLConfiguration)5
InvalidParameterException (java.security.InvalidParameterException)4
HttpMessage (org.parosproxy.paros.network.HttpMessage)4
MalformedURLException (java.net.MalformedURLException)3
Path (java.nio.file.Path)3
ParseException (java.text.ParseException)3
ArrayList (java.util.ArrayList)3
Locale (java.util.Locale)3
NoSuchElementException (java.util.NoSuchElementException)3
URI (org.apache.commons.httpclient.URI)3
