search

johnsusek / praeco

Elasticsearch alerting made simple.
GNU General Public License v3.0
549 stars 88 forks source link

Improper handling of special characters in elasticsearch user's password #594

Open cllasyx opened 11 months ago

cllasyx commented 11 months ago

🐛 Bug decsription

elastalert_1  | TypeError: Invalid URL
elastalert_1  |     at new NodeError (node:internal/errors:387:5)
elastalert_1  |     at URL.onParseError (node:internal/url:565:9)
elastalert_1  |     at new URL (node:internal/url:641:5)
elastalert_1  |     at dispatchHttpRequest (/opt/elastalert-server/node_modules/axios/lib/adapters/http.js:219:20)
elastalert_1  |     at /opt/elastalert-server/node_modules/axios/lib/adapters/http.js:143:5
elastalert_1  |     at new Promise (<anonymous>)
elastalert_1  |     at wrapAsync (/opt/elastalert-server/node_modules/axios/lib/adapters/http.js:123:10)
elastalert_1  |     at http (/opt/elastalert-server/node_modules/axios/lib/adapters/http.js:161:10)
elastalert_1  |     at Axios.dispatchRequest (/opt/elastalert-server/node_modules/axios/lib/core/dispatchRequest.js:51:10)
elastalert_1  |     at Axios.request (/opt/elastalert-server/node_modules/axios/lib/core/Axios.js:146:33)
elastalert_1  |     at Axios.<computed> [as get] (/opt/elastalert-server/node_modules/axios/lib/core/Axios.js:172:17)
elastalert_1  |     at Function.get (/opt/elastalert-server/node_modules/axios/lib/helpers/bind.js:5:15)
elastalert_1  |     at getClientVersion (/opt/elastalert-server/src/common/elasticsearch_client.js:86:19)
elastalert_1  |     at metadataElastalertHandler (/opt/elastalert-server/src/handlers/metadata/get.js:101:46)
elastalert_1  |     at Layer.handle [as handle_request] (/opt/elastalert-server/node_modules/express/lib/router/layer.js:95:5)
elastalert_1  |     at next (/opt/elastalert-server/node_modules/express/lib/router/route.js:144:13)
elastalert_1  |     at Route.dispatch (/opt/elastalert-server/node_modules/express/lib/router/route.js:114:3)
elastalert_1  |     at Layer.handle [as handle_request] (/opt/elastalert-server/node_modules/express/lib/router/layer.js:95:5)
elastalert_1  |     at /opt/elastalert-server/node_modules/express/lib/router/index.js:284:15
elastalert_1  |     at Function.process_params (/opt/elastalert-server/node_modules/express/lib/router/index.js:346:12)
elastalert_1  |     at next (/opt/elastalert-server/node_modules/express/lib/router/index.js:280:10)
elastalert_1  |     at urlencodedParser (/opt/elastalert-server/node_modules/body-parser/lib/types/urlencoded.js:91:7)
elastalert_1  |     at Layer.handle [as handle_request] (/opt/elastalert-server/node_modules/express/lib/router/layer.js:95:5)
elastalert_1  |     at trim_prefix (/opt/elastalert-server/node_modules/express/lib/router/index.js:328:13)
elastalert_1  |     at /opt/elastalert-server/node_modules/express/lib/router/index.js:286:9
elastalert_1  |     at Function.process_params (/opt/elastalert-server/node_modules/express/lib/router/index.js:346:12)
elastalert_1  |     at next (/opt/elastalert-server/node_modules/express/lib/router/index.js:280:10)
elastalert_1  |     at jsonParser (/opt/elastalert-server/node_modules/body-parser/lib/types/json.js:110:7)
elastalert_1  |     at Layer.handle [as handle_request] (/opt/elastalert-server/node_modules/express/lib/router/layer.js:95:5)
elastalert_1  |     at trim_prefix (/opt/elastalert-server/node_modules/express/lib/router/index.js:328:13)
elastalert_1  |     at /opt/elastalert-server/node_modules/express/lib/router/index.js:286:9
elastalert_1  |     at Function.process_params (/opt/elastalert-server/node_modules/express/lib/router/index.js:346:12)
elastalert_1  |     at next (/opt/elastalert-server/node_modules/express/lib/router/index.js:280:10)
elastalert_1  |     at cors (/opt/elastalert-server/node_modules/cors/lib/index.js:188:7)
elastalert_1  |     at /opt/elastalert-server/node_modules/cors/lib/index.js:224:17
elastalert_1  |     at originCallback (/opt/elastalert-server/node_modules/cors/lib/index.js:214:15)
elastalert_1  |     at /opt/elastalert-server/node_modules/cors/lib/index.js:219:13
elastalert_1  |     at optionsCallback (/opt/elastalert-server/node_modules/cors/lib/index.js:199:9)
elastalert_1  |     at corsMiddleware (/opt/elastalert-server/node_modules/cors/lib/index.js:204:7)
elastalert_1  |     at Layer.handle [as handle_request] (/opt/elastalert-server/node_modules/express/lib/router/layer.js:95:5)
elastalert_1  |     at trim_prefix (/opt/elastalert-server/node_modules/express/lib/router/index.js:328:13)
elastalert_1  |     at /opt/elastalert-server/node_modules/express/lib/router/index.js:286:9
elastalert_1  |     at Function.process_params (/opt/elastalert-server/node_modules/express/lib/router/index.js:346:12)
elastalert_1  |     at next (/opt/elastalert-server/node_modules/express/lib/router/index.js:280:10)
elastalert_1  |     at expressInit (/opt/elastalert-server/node_modules/express/lib/middleware/init.js:40:5)
elastalert_1  |     at Layer.handle [as handle_request] (/opt/elastalert-server/node_modules/express/lib/router/layer.js:95:5)
elastalert_1  |     at trim_prefix (/opt/elastalert-server/node_modules/express/lib/router/index.js:328:13)
elastalert_1  |     at /opt/elastalert-server/node_modules/express/lib/router/index.js:286:9
elastalert_1  |     at Function.process_params (/opt/elastalert-server/node_modules/express/lib/router/index.js:346:12)
elastalert_1  |     at next (/opt/elastalert-server/node_modules/express/lib/router/index.js:280:10) {
elastalert_1  |   input: 'https://elastalertuser:A#23!vsT2/@myelasticsearch.mydomain.com:9200',
elastalert_1  |   code: 'ERR_INVALID_URL'
elastalert_1  | }
elastalert_1  | TypeError: Invalid URL
elastalert_1  |     at new NodeError (node:internal/errors:387:5)
elastalert_1  |     at URL.onParseError (node:internal/url:565:9)
elastalert_1  |     at new URL (node:internal/url:641:5)
elastalert_1  |     at dispatchHttpRequest (/opt/elastalert-server/node_modules/axios/lib/adapters/http.js:219:20)
elastalert_1  |     at /opt/elastalert-server/node_modules/axios/lib/adapters/http.js:143:5
elastalert_1  |     at new Promise (<anonymous>)
elastalert_1  |     at wrapAsync (/opt/elastalert-server/node_modules/axios/lib/adapters/http.js:123:10)
elastalert_1  |     at http (/opt/elastalert-server/node_modules/axios/lib/adapters/http.js:161:10)
elastalert_1  |     at Axios.dispatchRequest (/opt/elastalert-server/node_modules/axios/lib/core/dispatchRequest.js:51:10)
elastalert_1  |     at Axios.request (/opt/elastalert-server/node_modules/axios/lib/core/Axios.js:146:33)
elastalert_1  |     at Axios.<computed> [as get] (/opt/elastalert-server/node_modules/axios/lib/core/Axios.js:172:17)
elastalert_1  |     at Function.get (/opt/elastalert-server/node_modules/axios/lib/helpers/bind.js:5:15)
elastalert_1  |     at getClientVersion (/opt/elastalert-server/src/common/elasticsearch_client.js:86:19)
elastalert_1  |     at getClient (/opt/elastalert-server/src/common/elasticsearch_client.js:169:30)
elastalert_1  |     at metadataElastalertHandler (/opt/elastalert-server/src/handlers/metadata/get.js:102:35)
elastalert_1  |     at processTicksAndRejections (node:internal/process/task_queues:96:5) {
elastalert_1  |   input: 'https://elastalertuser:A#23!vsT2/@myelasticsearch.mydomain.com:9200',
elastalert_1  |   code: 'ERR_INVALID_URL'
elastalert_1  | }
elastalert_1  | TypeError: Cannot read properties of undefined (reading 'search')
elastalert_1  |     at metadataElastalertHandler (/opt/elastalert-server/src/handlers/metadata/get.js:154:14)
elastalert_1  |     at processTicksAndRejections (node:internal/process/task_queues:96:5)

👀 Steps to reproduce

{
  "appName": "elastalert-server",
  "port": 3030,
  "wsport": 3333,
  "elastalertPath": "/opt/elastalert",
  "verbose": true,
  "es_debug": true,
  "debug": false,
  "rulesPath": {
    "relative": true,
    "path": "/rules"
  },
  "templatesPath": {
    "relative": true,
    "path": "/rule_templates"
  },
  "dataPath": {
    "relative": true,
    "path": "/server_data"
  },
  "es_host": "myelasticsearch.mydomain.com",
  "es_port": 9200,
  "es_username": "elastalertuser",
  "es_password": "A#23!vsT2/",
  "es_ssl": true,
  "ea_verify_certs": true,
  "es_ca_certs": "/opt/elastalert-server/config/CA.pem",
  "writeback_index": "elastalert_status"
}
es_host: myelasticsearch.mydomain.com
es_port: 9200
es_username: "elastalertuser"
es_password: "A#23!vsT2/"
use_ssl: True
verify_certs: True
ca_certs: /opt/elastalert-server/config/CA.pem

rules_folder: rules

run_every:
  seconds: 60

buffer_time:
  minutes: 1

writeback_index: elastalert_status

alert_time_limit:
  days: 2

skip_invalid: True
version: '3'

services:
  elastalert:
    image: 'praecoapp/elastalert-server:latest'
    ports:
      - 3030:3030
      - 3333:3333
    volumes:
      - ./config/elastalert.yaml:/opt/elastalert/config.yaml
      - ./config/api.config.json:/opt/elastalert-server/config/config.json
      - ./rules:/opt/elastalert/rules
      - ./rule_templates:/opt/elastalert/rule_templates
      - ./certs/CA.pem:/opt/elastalert-server/config/CA.pem
    tty: true

  webapp:
    image: 'praecoapp/praeco:latest'
    ports:
      - 8080:8080
    volumes:
      - ./public/praeco.config.json:/var/www/html/praeco.config.json
      - ./nginx_config/nginx.conf:/etc/nginx/nginx.conf
      - ./nginx_config/default.conf:/etc/nginx/conf.d/default.conf
    tty: true
  1. Configure elastalert2 and elastalert-server with the configs above
  2. Start docker containers via docker-compose up when in the praeco folder with Dockerfile and docker-compose.yml
  3. When every container is started visit praeco web UI on port 8080
  4. The log error is produced with code ERR_INVALID_URL

🆗 Expected behavior

Be able to include special characters in user's password. Karql's elastalert2-server works without problems with the same password.