diff --git a/internal/appsec/remoteconfig.go b/internal/appsec/remoteconfig.go index 9dddf65a8d..1258944a0e 100644 --- a/internal/appsec/remoteconfig.go +++ b/internal/appsec/remoteconfig.go @@ -13,6 +13,7 @@ import ( "gopkg.in/DataDog/dd-trace-go.v1/internal/appsec/config" "gopkg.in/DataDog/dd-trace-go.v1/internal/log" + "gopkg.in/DataDog/dd-trace-go.v1/internal/orchestrion" "gopkg.in/DataDog/dd-trace-go.v1/internal/remoteconfig" internal "github.com/DataDog/appsec-internal-go/appsec" @@ -409,7 +410,14 @@ func (a *appsec) enableRASP() { if err := remoteconfig.RegisterCapability(remoteconfig.ASMRASPSSRF); err != nil { log.Debug("appsec: Remote config: couldn't register RASP SSRF: %v", err) } - // TODO: register other RASP capabilities when supported + if err := remoteconfig.RegisterCapability(remoteconfig.ASMRASPSQLI); err != nil { + log.Debug("appsec: Remote config: couldn't register RASP SQLI: %v", err) + } + if orchestrion.Enabled() { + if err := remoteconfig.RegisterCapability(remoteconfig.ASMRASPLFI); err != nil { + log.Debug("appsec: Remote config: couldn't register RASP LFI: %v", err) + } + } } func (a *appsec) disableRCBlocking() { diff --git a/internal/remoteconfig/remoteconfig.go b/internal/remoteconfig/remoteconfig.go index 86b8f69231..1e67a28f78 100644 --- a/internal/remoteconfig/remoteconfig.go +++ b/internal/remoteconfig/remoteconfig.go @@ -70,14 +70,26 @@ const ( APMTracingHTTPHeaderTags // APMTracingCustomTags enables APM client to set custom tags on all spans APMTracingCustomTags + // ASMProcessorOverrides adds support for processor overrides through the ASM RC Product + ASMProcessorOverrides + // ASMCustomDataScanners adds support for custom data scanners through the ASM RC Product + ASMCustomDataScanners + // ASMExclusionData adds support configurable exclusion filter data from the ASM_DATA Product + ASMExclusionData + // APMTracingEnabled enables APM tracing + APMTracingEnabled + // APMTracingDataStreamsEnabled enables Data Streams Monitoring + APMTracingDataStreamsEnabled + // ASMRASPSQLI enables ASM support for runtime protection against SQL Injection attacks + ASMRASPSQLI + // ASMRASPLFI enables ASM support for runtime protection against Local File Inclusion attacks + ASMRASPLFI // ASMRASPSSRF enables ASM support for runtime protection against SSRF attacks - ASMRASPSSRF = 23 + ASMRASPSSRF ) // Additional capability bit index values that are non-consecutive from above. const ( - // APMTracingEnabled enables APM tracing - APMTracingEnabled Capability = 19 // APMTracingSampleRules represents the sampling rate using matching rules from APM client libraries APMTracingSampleRules = 29 )