Skip to content

Commit

Permalink
✨ feature(actions): added github workflows, removed log4j2 ldap mitig…
Browse files Browse the repository at this point in the history 
…ations
  • Loading branch information
@xtrm-en
xtrm-en committed Mar 31, 2024
1 parent bc442f6 commit 1b5ba95
Show file tree
Hide file tree
Showing 4 changed files with 70 additions and 73 deletions.
57 changes: 57 additions & 0 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
# Build Workflow

name: Build

on:
pull_request:
workflow_dispatch:
push:

concurrency:
group: ${{ github.head_ref || format('{0}-{1}', github.ref, github.run_number) }}
cancel-in-progress: true

jobs:
build:
name: Build

runs-on: ubuntu-latest

steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Set up JDK 17
uses: actions/setup-java@v2
with:
java-version: 17
distribution: temurin

- uses: actions/cache@v2
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Chmod Gradle
run: chmod +x ./gradlew

- name: Build
run: ./gradlew build --no-daemon

- name: Upload stage0 artifacts
uses: actions/upload-artifact@v2
with:
name: stage0-artifacts
path: stage0/build/libs/

- name: Upload stage1 artifacts
uses: actions/upload-artifact@v2
with:
name: stage1-artifacts
path: stage1/build/libs/
10 changes: 10 additions & 0 deletions .github/workflows/gradle-validation.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
name: "Validate Gradle Wrapper"
on: [push, pull_request]

jobs:
validation:
name: "Validation"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: gradle/wrapper-validation-action@v1
74 changes: 2 additions & 72 deletions common/src/main/java/org/polyfrost/oneconfig/loader/LoaderBase.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,9 @@
import org.apache.logging.log4j.core.Logger;
import org.apache.logging.log4j.core.config.Configuration;
import org.apache.logging.log4j.core.filter.AbstractFilter;
import org.apache.logging.log4j.spi.LoggerContext;
import org.jetbrains.annotations.NotNull;
import org.polyfrost.oneconfig.loader.utils.RequestHelper;

import java.beans.PropertyChangeEvent;
import java.beans.PropertyChangeListener;
import java.lang.reflect.Field;
import java.util.Map;
import java.util.Objects;

/**
Expand Down Expand Up @@ -58,78 +53,13 @@ public Result filter(LogEvent event) {
this.logger.info("Initializing oneconfig-loader/" + name + " v" + version + " for " + capabilities.getEntrypointType().getId());
if (appender != null) {
// c'mon a little suspense never killed anybody
// plus we're on forge, it's not like a second of waiting is gonna affect game launch speeds
try {
Thread.sleep(550);
Thread.sleep(750);
} catch (InterruptedException ignored) {
}
}

RequestHelper.tryInitialize(this);
}

static {
tryPatchJndi((Logger) LogManager.getLogger(LoaderBase.class));
}

/**
* This method is from <a href="https://github.com/FabricMC/fabric-loader/blob/d69cb72d26497e3f387cf46f9b24340b402a4644/minecraft/src/main/java/net/fabricmc/loader/impl/game/minecraft/Log4jLogHandler.java#L112" target="_top">FabricMC/fabric-loader</a>,
* which is licensed under the Apache License 2.0. It has been slightly modified to change logging.
*/
private static void tryPatchJndi(Logger logger) {
LoggerContext context = LogManager.getContext(false);

try {
context.getClass().getMethod("addPropertyChangeListener", PropertyChangeListener.class).invoke(context, new PropertyChangeListener() {
@Override
public void propertyChange(PropertyChangeEvent evt) {
if (evt.getPropertyName().equals("config")) {
removeSubstitutionLookups(logger, true);
}
}
});
} catch (Exception e) {
logger.warn("Can't register Log4J2 PropertyChangeListener: %s", e.toString());
}

removeSubstitutionLookups(logger, false);
}

private static void removeSubstitutionLookups(Logger logger, boolean ignoreMissing) {
// strip the jndi lookup and then all over lookups from the active org.apache.logging.log4j.core.lookup.Interpolator instance's lookups map

try {
LoggerContext context = LogManager.getContext(false);
if (context.getClass().getName().equals("org.apache.logging.log4j.simple.SimpleLoggerContext")) return; // -> no log4j core

Object config = context.getClass().getMethod("getConfiguration").invoke(context);
Object substitutor = config.getClass().getMethod("getStrSubstitutor").invoke(config);
Object varResolver = substitutor.getClass().getMethod("getVariableResolver").invoke(substitutor);
if (varResolver == null) return;

boolean removed = false;

for (Field field : varResolver.getClass().getDeclaredFields()) {
if (Map.class.isAssignableFrom(field.getType())) {
field.setAccessible(true);
@SuppressWarnings("unchecked")
Map<String, ?> map = (Map<String, ?>) field.get(varResolver);

if (map.remove("jndi") != null) {
map.clear();
removed = true;
break;
}
}
}

if (!removed) {
if (ignoreMissing) return;
throw new RuntimeException("couldn't find JNDI lookup entry");
}

logger.debug("Removed Log4J2 substitution lookups");
} catch (Exception e) {
logger.warn("Can't remove Log4J2 JNDI substitution Lookup: {}", e.getMessage());
}
}
}
2 changes: 1 addition & 1 deletion stage0/src/fabriclike/resources/fabric.mod.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"name": "oneconfig-loader",
"description": "Loader for OneConfig",
"authors": [
"glisco"
"Polyfrost"
],
"contact": {},
"license": "ARR",
Expand Down

0 comments on commit 1b5ba95

Please sign in to comment.