refactor agent

jetbra-agent/pom.xml

@@ -13,8 +13,8 @@
     <artifactId>jetbra-agent</artifactId>
 
     <properties>
-        <maven.compiler.source>17</maven.compiler.source>
-        <maven.compiler.target>17</maven.compiler.target>
+        <maven.compiler.source>1.8</maven.compiler.source>
+        <maven.compiler.target>1.8</maven.compiler.target>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>
     <dependencies>
@@ -29,6 +29,13 @@
             <artifactId>byte-buddy-agent</artifactId>
             <version>1.14.8</version>
         </dependency>
+
+        <dependency>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-assembly-plugin</artifactId>
+            <version>3.3.0</version>
+            <scope>provided</scope>
+        </dependency>
     </dependencies>
 
     <build>

jetbra-agent/src/main/java/win/novice/li/AgentMain.java

@@ -11,15 +11,18 @@ public class AgentMain {
     public static void premain(String agentArgs, Instrumentation inst) throws Exception {
         printLogo();
         AgentBuilder agentBuilder = newAgentBuilder();
-        agentBuilder.type(ElementMatchers.named("java.security.cert.PKIXBuilderParameters"))
+        agentBuilder
+                .type(ElementMatchers.named("java.security.cert.PKIXBuilderParameters"))
                 .transform((builder, typeDescription, classLoader, module, protectionDomain) -> builder
                         .visit(Advice.to(PKIXBuilderParametersAdvice.class)
                                 .on(ElementMatchers.isConstructor().and(ElementMatchers.takesArgument(0, Set.class)))))
                 .asTerminalTransformation()
+
+
                 .type(ElementMatchers.named("sun.net.www.http.HttpClient"))
                 .transform((builder, typeDescription, classLoader, module, protectionDomain) -> builder
                         .visit(Advice.to(HttpClientAdvice.class)
-                                .on(ElementMatchers.named("openServer"))))
+                                .on(ElementMatchers.named("openServer").and(ElementMatchers.takesArgument(0, String.class)))))
                 .asTerminalTransformation()
 
                 .type(ElementMatchers.named("java.lang.System"))
@@ -28,12 +31,6 @@ public class AgentMain {
                                 .on(ElementMatchers.named("getProperty"))))
                 .asTerminalTransformation()
 
-                .type(ElementMatchers.named("java.net.Socket"))
-                .transform((builder, typeDescription, classLoader, module, protectionDomain) -> builder
-                        .visit(Advice.to(SocketAdvice.class)
-                                .on(ElementMatchers.named("connect"))))
-                .asTerminalTransformation()
-
                 .installOn(inst);
 
         agentBuilder.installOn(inst);

jetbra-agent/src/main/java/win/novice/li/ConfigHelper.java

@@ -1,9 +1,9 @@
 package win.novice.li;
 
 import java.io.File;
-import java.io.FileInputStream;
 import java.net.URI;
 import java.net.URL;
+import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.security.cert.CertificateFactory;
 import java.security.cert.TrustAnchor;
@@ -11,9 +11,9 @@ import java.security.cert.X509Certificate;
 import java.util.HashSet;
 import java.util.Set;
 
-public class TrustAnchorHolder {
+public class ConfigHelper {
     public static Set<TrustAnchor> TRUST_ANCHORS;
-
+    public static Set<String> BLOCK_URL_KEYWORDS;
 
     public static Set<TrustAnchor> loadTrustAnchors() throws Exception {
         if (TRUST_ANCHORS != null) {
@@ -22,8 +22,8 @@ public class TrustAnchorHolder {
         TRUST_ANCHORS = new HashSet<>();
 
         String certDir;
-        if (System.getenv("JB_HOME") != null) {
-            certDir = System.getenv("JB_HOME");
+        if (System.getenv("TRUST_CRT_DIR") != null) {
+            certDir = System.getenv("TRUST_CRT_DIR");
         } else {
             URI jarURI = getJarURI();
             if (jarURI == null) {
@@ -39,23 +39,52 @@ public class TrustAnchorHolder {
                 CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                 for (File item : files) {
                     if (item.getName().endsWith(".crt")) {
-                        X509Certificate cert = (X509Certificate) certificateFactory.generateCertificate(new FileInputStream(item));
+                        X509Certificate cert = (X509Certificate) certificateFactory.generateCertificate(Files.newInputStream(item.toPath()));
                         TRUST_ANCHORS.add(new TrustAnchor(cert, null));
                     }
                 }
             }
         }
-        System.out.println("loaded "  + TRUST_ANCHORS.size() +  " crts");
+        System.out.println("loaded " + TRUST_ANCHORS.size() + " crts");
         return TRUST_ANCHORS;
     }
 
+    public static Set<String> loadBlockUrlKeywords() throws Exception {
+        if (BLOCK_URL_KEYWORDS != null) {
+            return BLOCK_URL_KEYWORDS;
+        }
+        BLOCK_URL_KEYWORDS = new HashSet<>();
+        String blockUrlKeywordFilePath;
+        if (System.getenv("BLOCK_URL_KEYWORD_FILE_PATH") != null) {
+            blockUrlKeywordFilePath = System.getenv("BLOCK_URL_KEYWORD_FILE_PATH");
+        } else {
+            URI jarURI = getJarURI();
+            if (jarURI == null) {
+                return BLOCK_URL_KEYWORDS;
+            }
+            blockUrlKeywordFilePath = Paths.get(jarURI).getParent().resolve("block_url_keywords").toString();
+        }
+        System.out.println("load block url keywords from " + blockUrlKeywordFilePath);
+        File file = new File(blockUrlKeywordFilePath);
+        if (file.exists()) {
+            for (String line : Files.readAllLines(file.toPath())) {
+                if (!line.trim().isEmpty()) {
+                    BLOCK_URL_KEYWORDS.add(line);
+                }
+            }
+        }
+        System.out.println("loaded " + BLOCK_URL_KEYWORDS.size() + " keywords");
+        return BLOCK_URL_KEYWORDS;
+    }
+
+
     public static URI getJarURI() throws Exception {
-        URL url = TrustAnchorHolder.class.getProtectionDomain().getCodeSource().getLocation();
+        URL url = ConfigHelper.class.getProtectionDomain().getCodeSource().getLocation();
         if (null != url) {
             return url.toURI();
         }
         String resourcePath = "/jarLocation.txt";
-        url = TrustAnchorHolder.class.getResource(resourcePath);
+        url = ConfigHelper.class.getResource(resourcePath);
         if (null == url) {
             return null;
         }

jetbra-agent/src/main/java/win/novice/li/HttpClientAdvice.java

@@ -1,14 +1,26 @@
 package win.novice.li;
 
 import net.bytebuddy.asm.Advice;
+import sun.net.www.http.HttpClient;
 
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
 import java.net.SocketTimeoutException;
+import java.util.Set;
+
 
 public class HttpClientAdvice {
     @Advice.OnMethodExit
-    public static void intercept(@Advice.This Object x) throws Exception {
-        if (x.toString().contains("validateKey.action")){
-            throw new SocketTimeoutException();
+    @SuppressWarnings("unchecked")
+    public static void intercept(@Advice.This Object httpClient) throws Exception {
+        Class<?> clazz = Class.forName("win.novice.li.ConfigHelper", true, ClassLoader.getSystemClassLoader());
+        Method method = clazz.getDeclaredMethod("loadBlockUrlKeywords");
+        Set<String> BLOCK_URL_KEYWORDS = (Set<String>) method.invoke(null);
+        String clientString = httpClient.toString();
+        for (String keyword : BLOCK_URL_KEYWORDS) {
+            if (clientString.contains(keyword)) {
+                throw new SocketTimeoutException();
+            }
         }
     }
 }

jetbra-agent/src/main/java/win/novice/li/PKIXBuilderParametersAdvice.java

@@ -13,7 +13,7 @@ public class PKIXBuilderParametersAdvice {
     @Advice.OnMethodEnter
     @SuppressWarnings("unchecked")
     public static void intercept(@Advice.Argument(value = 0, readOnly = false) Set<TrustAnchor> trustAnchors) throws Exception {
-        Class<?> clazz = Class.forName("win.novice.li.TrustAnchorHolder", true, ClassLoader.getSystemClassLoader());
+        Class<?> clazz = Class.forName("win.novice.li.ConfigHelper", true, ClassLoader.getSystemClassLoader());
         Method method = clazz.getDeclaredMethod("loadTrustAnchors");
         Set<TrustAnchor> loadedTrustAnchors = (Set<TrustAnchor>)method.invoke(null);
         HashSet<TrustAnchor> newTrustAnchors = new HashSet<>(trustAnchors);

jetbra-agent/src/main/java/win/novice/li/SocketAdvice.java

@@ -1,20 +0,0 @@
-package win.novice.li;
-
-import net.bytebuddy.asm.Advice;
-
-import java.net.ConnectException;
-import java.net.InetAddress;
-import java.net.InetSocketAddress;
-import java.net.SocketAddress;
-
-public class SocketAdvice {
-    @Advice.OnMethodExit
-    public static void intercept(@Advice.Argument(value = 0,readOnly = false) SocketAddress socketAddress) throws Exception {
-        if (socketAddress instanceof InetSocketAddress){
-            InetAddress address = ((InetSocketAddress) socketAddress).getAddress();
-            if (address.getHostAddress().equals("116.62.33.138")){
-                throw new ConnectException("拒绝连接");
-            }
-        }
-    }
-}

jetbra-agent/src/main/java/win/novice/li/SystemAdvice.java

@@ -2,13 +2,15 @@ package win.novice.li;
 
 import net.bytebuddy.asm.Advice;
 
+import java.util.Objects;
+
 public class SystemAdvice {
 
 
     //  System.getProperty
     @Advice.OnMethodExit
     public static void intercept(@Advice.Argument(0) Object x, @Advice.Return(readOnly = false) String r) throws Exception {
-        if (x.toString().equals("jb.vmOptionsFile")) {
+        if (Objects.equals(x, "jb.vmOptionsFile")) {
             RuntimeException exception = new RuntimeException();
             int nullCnt = 0;
             boolean hasReflect = false;