Security Improvement

Author: Javier-RSP

Dockerfile-Kubernetes

@@ -1,7 +1,9 @@
-FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build-env
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build-env
 
-RUN sed -i "s|MinProtocol = TLSv1.2|MinProtocol = TLSv1|g" /etc/ssl/openssl.cnf && \
-    sed -i 's|CipherString = DEFAULT@SECLEVEL=2|CipherString = DEFAULT@SECLEVEL=1|g' /etc/ssl/openssl.cnf
+RUN sed -i 's/\[openssl_init\]/# [openssl_init]/' /etc/ssl/openssl.cnf &&\
+    printf "\n\n[openssl_init]\nssl_conf = ssl_sect" >> /etc/ssl/openssl.cnf &&\
+    printf "\n\n[ssl_sect]\nsystem_default = ssl_default_sect" >> /etc/ssl/openssl.cnf &&\
+    printf "\n\n[ssl_default_sect]\nMinProtocol = TLSv1\nCipherString = DEFAULT@SECLEVEL=0\n" >> /etc/ssl/openssl.cnf
 
 RUN apt-get update && apt-get install -y --no-install-recommends curl
 
@@ -15,17 +17,19 @@ COPY . ./
 
 RUN dotnet publish Gnoss.BackgroundTask.SocialCacheRefresh/Gnoss.BackgroundTask.SocialCacheRefresh.csproj -c Release -o out
 
-FROM mcr.microsoft.com/dotnet/aspnet:6.0
+FROM mcr.microsoft.com/dotnet/aspnet:8.0
 
-RUN sed -i "s|MinProtocol = TLSv1.2|MinProtocol = TLSv1|g" /etc/ssl/openssl.cnf && \
-    sed -i 's|CipherString = DEFAULT@SECLEVEL=2|CipherString = DEFAULT@SECLEVEL=1|g' /etc/ssl/openssl.cnf
+RUN sed -i 's/\[openssl_init\]/# [openssl_init]/' /etc/ssl/openssl.cnf &&\
+    printf "\n\n[openssl_init]\nssl_conf = ssl_sect" >> /etc/ssl/openssl.cnf &&\
+    printf "\n\n[ssl_sect]\nsystem_default = ssl_default_sect" >> /etc/ssl/openssl.cnf &&\
+    printf "\n\n[ssl_default_sect]\nMinProtocol = TLSv1\nCipherString = DEFAULT@SECLEVEL=0\n" >> /etc/ssl/openssl.cnf
 
 RUN apt-get update && apt-get install -y --no-install-recommends curl
 
 WORKDIR /app
-RUN useradd -r gnoss
-RUN chown -R gnoss:gnoss /app
-RUN chmod -R 777 /app
+RUN groupadd -g 1000 gnoss && useradd -u 1000 -g 1000 gnoss &&\
+	mkdir -p logs trazas &&\
+	chown -R gnoss:gnoss logs trazas && chmod -R 777 logs trazas
 USER gnoss
 
 COPY --from=build-env /app/out .

Gnoss.BackgroundTask.SocialCacheRefresh/ControladorRefrescoCache.cs

@@ -28,6 +28,8 @@
 using Es.Riam.Gnoss.Elementos.ParametroAplicacion;
 using Es.Riam.Gnoss.Web.Controles.ParametroAplicacionGBD;
 using Es.Riam.AbstractsOpen;
+using Microsoft.Extensions.Logging;
+using Es.Riam.Gnoss.Elementos.Suscripcion;
 
 namespace Es.Riam.Gnoss.Win.RefrescoCache
 {
@@ -45,7 +47,8 @@ internal class ControladorRefrescoCache : ControladorServicioGnoss
         private List<string> mIdiomasList = new List<string>();
 
         private int mNumeroMaxPeticionesWebSimultaneas = 5;
-        
+        private ILogger mlogger;
+        private ILoggerFactory mLoggerFactory;
 
         #endregion
 
@@ -55,11 +58,12 @@ internal class ControladorRefrescoCache : ControladorServicioGnoss
         /// Constructor
         /// </summary>
         /// <param name="pFicheroConfiguracionSitioWeb">Ruta al archivo de configuración del sitio Web</param>
-        public ControladorRefrescoCache(int pNumeroMaxPeticionesWebSimultaneas, IServiceScopeFactory scopedFactory, ConfigService configService)
-            : base(scopedFactory, configService)
+        public ControladorRefrescoCache(int pNumeroMaxPeticionesWebSimultaneas, IServiceScopeFactory scopedFactory, ConfigService configService, ILogger<ControladorRefrescoCache> logger, ILoggerFactory loggerFactory)
+            : base(scopedFactory, configService,logger,loggerFactory)
         {
             mNumeroMaxPeticionesWebSimultaneas = pNumeroMaxPeticionesWebSimultaneas;
-
+            mlogger = logger;
+            mLoggerFactory = loggerFactory;
             CargarIdiomas();
         }
 
@@ -132,7 +136,7 @@ private void RealizarMantenimientoBD()
                             RealizarMantenimientoRabbitMQ(loggingService);
                         }
 
-                        BaseComunidadCN baseComunidadCN = new BaseComunidadCN(entityContext, loggingService, entityContextBASE, mConfigService, servicesUtilVirtuosoAndReplication);
+                        BaseComunidadCN baseComunidadCN = new BaseComunidadCN(entityContext, loggingService, entityContextBASE, mConfigService, servicesUtilVirtuosoAndReplication, mLoggerFactory.CreateLogger<BaseComunidadCN>(), mLoggerFactory);
                         baseComunidadCN.EliminarColaRefrescoCachePendientesRepetidas();
                         BaseComunidadDS baseComunidadDS = baseComunidadCN.ObtenerColaRefrescoCacheBandejaMensajesPendientes();
 
@@ -153,7 +157,7 @@ private void RealizarMantenimientoBD()
                     }
                     catch (Exception ex)
                     {
-                        loggingService.GuardarLog("ERROR:  Excepción: " + ex.ToString() + "\n\n\tTraza: " + ex.StackTrace);
+                        loggingService.GuardarLog("ERROR:  Excepción: " + ex.ToString() + "\n\n\tTraza: " + ex.StackTrace,mlogger);
                         ControladorConexiones.CerrarConexiones();
                     }
                     finally
@@ -173,7 +177,7 @@ private void RealizarMantenimientoRabbitMQ(LoggingService loggingService, bool r
                 RabbitMQClient.ReceivedDelegate funcionProcesarItem = new RabbitMQClient.ReceivedDelegate(ProcesarItem);
                 RabbitMQClient.ShutDownDelegate funcionShutDown = new RabbitMQClient.ShutDownDelegate(OnShutDown);
 
-                RabbitMQClient rabbitMQClient = new RabbitMQClient(RabbitMQClient.BD_SERVICIOS_WIN, COLA_REFRESCO_CACHE, loggingService, mConfigService, EXCHANGE, COLA_REFRESCO_CACHE);
+                RabbitMQClient rabbitMQClient = new RabbitMQClient(RabbitMQClient.BD_SERVICIOS_WIN, COLA_REFRESCO_CACHE, loggingService, mConfigService, mLoggerFactory.CreateLogger<RabbitMQClient>(), mLoggerFactory, EXCHANGE, COLA_REFRESCO_CACHE);
 
                 try
                 {
@@ -183,7 +187,7 @@ private void RealizarMantenimientoRabbitMQ(LoggingService loggingService, bool r
                 catch (Exception ex)
                 {
                     mReiniciarLecturaRabbit = true;
-                    loggingService.GuardarLogError(ex);
+                    loggingService.GuardarLogError(ex,mlogger);
                 }
             }
         }
@@ -223,7 +227,7 @@ private bool ProcesarItem(string pFila)
                 }
                 catch (Exception ex)
                 {
-                    loggingService.GuardarLogError(ex);
+                    loggingService.GuardarLogError(ex, mlogger);
                     return true;
                 }
                 finally
@@ -294,7 +298,7 @@ private void ActualizarCachesRemitenteYDestinatarios(BaseComunidadDS.ColaRefresc
         {
             // Cargar los datos del proyecto
             string urlPropiaProyecto = string.Empty;
-            ProyectoCN proyCN = new ProyectoCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication);
+            ProyectoCN proyCN = new ProyectoCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication, mLoggerFactory.CreateLogger<ProyectoCN>(), mLoggerFactory);
             urlPropiaProyecto = proyCN.ObtenerURLPropiaProyecto(pFilaCola.ProyectoID);
             proyCN.Dispose();
 
@@ -310,8 +314,8 @@ private void ActualizarCachesRemitenteYDestinatarios(BaseComunidadDS.ColaRefresc
             List<Guid> listaPerfilesDestinatarios = new List<Guid>();
 
             // Por cada idioma debemos calculas las cachés de las bandejas del usuario.
-            IdentidadCN identCN = new IdentidadCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication);
-            PersonaCN personaCN = new PersonaCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication);
+            IdentidadCN identCN = new IdentidadCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication, mLoggerFactory.CreateLogger<IdentidadCN>(), mLoggerFactory);
+            PersonaCN personaCN = new PersonaCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication, mLoggerFactory.CreateLogger<PersonaCN>(), mLoggerFactory);
 
             Guid identidadID = new Guid();
 
@@ -469,7 +473,7 @@ private void RefrescarCacheFaceta_Mensajes(CargadorFacetas pCargadorFacetasHome,
                 {
                     //Fallo tras el segundo reintento...
                     pFilaCola.Estado = 1;
-                    loggingService.GuardarLog("Error al refrescar los resultados la fila " + pFilaCola.ColaID + " ERROR:  Excepción: " + ex.ToString() + "\n\n\tTraza: " + ex.StackTrace);
+                    loggingService.GuardarLog("Error al refrescar los resultados la fila " + pFilaCola.ColaID + " ERROR:  Excepción: " + ex.ToString() + "\n\n\tTraza: " + ex.StackTrace, mlogger);
                 }
             }
         }
@@ -495,7 +499,7 @@ private void RefrescarCacheResultados_Mensajes(CargadorResultados pCargadorResul
                 {
                     //Fallo tras el segundo reintento...
                     pFilaCola.Estado = 1;
-                    loggingService.GuardarLog("Error al refrescar los resultados la fila " + pFilaCola.ColaID + " ERROR:  Excepción: " + ex.ToString() + "\n\n\tTraza: " + ex.StackTrace);
+                    loggingService.GuardarLog("Error al refrescar los resultados la fila " + pFilaCola.ColaID + " ERROR:  Excepción: " + ex.ToString() + "\n\n\tTraza: " + ex.StackTrace, mlogger);
                 }
             }
         }
@@ -506,7 +510,7 @@ private void RefrescarCacheResultados_Mensajes(CargadorResultados pCargadorResul
         /// <param name="pPerfiles">Lista de perfiles que han recibido un correo.</param>
         private void AgregarNotificacionCorreoNuevoAIdentidades(List<Guid> pPerfiles, EntityContext entityContext, LoggingService loggingService, VirtuosoAD virtuosoAD, IServicesUtilVirtuosoAndReplication servicesUtilVirtuosoAndReplication)
         {
-            LiveCN liveCN = new LiveCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication);
+            LiveCN liveCN = new LiveCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication, mLoggerFactory.CreateLogger<LiveCN>(), mLoggerFactory);
             foreach (Guid perfilID in pPerfiles)
             {
                 liveCN.AumentarContadorNuevosMensajes(perfilID);
@@ -518,9 +522,9 @@ private void AgregarNotificacionCorreoNuevoAIdentidades(List<Guid> pPerfiles, En
 
         private void EstablecerNumeroMensajesSinLeer(Guid pPerfilID, EntityContext entityContext, LoggingService loggingService, VirtuosoAD virtuosoAD, IServicesUtilVirtuosoAndReplication servicesUtilVirtuosoAndReplication)
         {
-            LiveCN liveCN = new LiveCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication);
-            FacetadoAD facetadoAD = new FacetadoAD(mFicheroConfiguracionHomeBD, mUrlIntragnoss, loggingService, entityContext, mConfigService, virtuosoAD, servicesUtilVirtuosoAndReplication);
-            IdentidadCN identidadCN = new IdentidadCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication);
+            LiveCN liveCN = new LiveCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication, mLoggerFactory.CreateLogger<LiveCN>(), mLoggerFactory);
+            FacetadoAD facetadoAD = new FacetadoAD(mFicheroConfiguracionHomeBD, mUrlIntragnoss, loggingService, entityContext, mConfigService, virtuosoAD, servicesUtilVirtuosoAndReplication, mLoggerFactory.CreateLogger<FacetadoAD>(), mLoggerFactory);
+            IdentidadCN identidadCN = new IdentidadCN(entityContext, loggingService, mConfigService, servicesUtilVirtuosoAndReplication, mLoggerFactory.CreateLogger<IdentidadCN>(), mLoggerFactory);
 
             Guid? identidadID = identidadCN.ObtenerIdentidadIDDePerfilEnProyecto(ProyectoAD.MetaProyecto, pPerfilID);
 
@@ -596,7 +600,7 @@ private List<string> BuscarTagFiltroEnCadena(ref string pCadena, string pClaveFi
 
         protected override ControladorServicioGnoss ClonarControlador()
         {
-            return new ControladorRefrescoCache(mNumeroMaxPeticionesWebSimultaneas, ScopedFactory, mConfigService);
+            return new ControladorRefrescoCache(mNumeroMaxPeticionesWebSimultaneas, ScopedFactory, mConfigService, mLoggerFactory.CreateLogger<ControladorRefrescoCache>(), mLoggerFactory);
         }
 
         #endregion

Gnoss.BackgroundTask.SocialCacheRefresh/Gnoss.BackgroundTask.SocialCacheRefresh.csproj

@@ -1,18 +1,20 @@
 <Project Sdk="Microsoft.NET.Sdk.Worker">
 
-  <PropertyGroup>
-    <TargetFramework>net6.0</TargetFramework>
-    <UserSecretsId>dotnet-Gnoss.BackgroundTask.SocialCacheRefresh-1C411735-BE9F-4726-B0E4-D615380BB653</UserSecretsId>
-  </PropertyGroup>
+	<PropertyGroup>
+		<TargetFramework>net8.0</TargetFramework>
+		<UserSecretsId>dotnet-Gnoss.BackgroundTask.SocialCacheRefresh-1C411735-BE9F-4726-B0E4-D615380BB653</UserSecretsId>
+		<ServerGarbageCollection>false</ServerGarbageCollection>
+	</PropertyGroup>
 
-  <ItemGroup>
-	  <PackageReference Include="Microsoft.Extensions.Hosting" Version="5.0.0" />
-	  <PackageReference Include="Microsoft.Extensions.Hosting.Systemd" Version="5.0.1" />
-	  <PackageReference Include="Microsoft.Extensions.Hosting.WindowsServices" Version="5.0.1" />
-	  <PackageReference Include="Npgsql" Version="6.0.11" />
-	  <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="6.0.8" />
-	  <PackageReference Include="Oracle.EntityFrameworkCore" Version="6.21.90" />
-  </ItemGroup>
+	<ItemGroup>
+		<PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="8.0.1" />
+		<PackageReference Include="Microsoft.Extensions.Hosting" Version="8.0.1" />
+		<PackageReference Include="Microsoft.Extensions.Hosting.Systemd" Version="8.0.1" />
+		<PackageReference Include="Microsoft.Extensions.Hosting.WindowsServices" Version="8.0.1" />
+		<PackageReference Include="Npgsql" Version="8.0.5" />
+		<PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="8.0.10" />
+		<PackageReference Include="Oracle.EntityFrameworkCore" Version="8.23.60" />
+	</ItemGroup>
 
   <ItemGroup>
     <ProjectReference Include="..\..\Gnoss.Commons\Es.Riam.Gnoss.AD\Es.Riam.Gnoss.AD.csproj" />

Gnoss.BackgroundTask.SocialCacheRefresh/Program.cs

@@ -8,6 +8,8 @@
 using Es.Riam.Gnoss.Util.Configuracion;
 using Es.Riam.Gnoss.Util.General;
 using Es.Riam.Gnoss.Util.Seguridad;
+using Es.Riam.Interfaces.InterfacesOpen;
+using Es.Riam.Open;
 using Es.Riam.OpenReplication;
 using Es.Riam.Util;
 using Microsoft.EntityFrameworkCore;
@@ -64,6 +66,7 @@ public static IHostBuilder CreateHostBuilder(string[] args) =>
                     services.AddScoped(typeof(GnossCache));
                     services.AddScoped<IServicesUtilVirtuosoAndReplication, ServicesVirtuosoAndBidirectionalReplicationOpen>();
                     services.AddScoped(typeof(RelatedVirtuosoCL));
+                    services.AddScoped<IAvailableServices, AvailableServicesOpen>();
                     string bdType = "";
                     IDictionary environmentVariables = Environment.GetEnvironmentVariables();
                     if (environmentVariables.Contains("connectionType"))
@@ -102,11 +105,10 @@ public static IHostBuilder CreateHostBuilder(string[] args) =>
                     if (bdType.Equals("0"))
                     {
                         services.AddDbContext<EntityContext>(options =>
-                                options.UseSqlServer(acid)
+                                options.UseSqlServer(acid, o => o.UseCompatibilityLevel(110))
                                 );
                         services.AddDbContext<EntityContextBASE>(options =>
-                                options.UseSqlServer(baseConnection)
-
+                                options.UseSqlServer(baseConnection, o => o.UseCompatibilityLevel(110))
                                 );
                     }
 					else if (bdType.Equals("1"))

Gnoss.BackgroundTask.SocialCacheRefresh/SocialCacheRefreshWorker.cs

@@ -1,3 +1,4 @@
+using Es.Riam.Gnoss.Elementos.Suscripcion;
 using Es.Riam.Gnoss.Servicios;
 using Es.Riam.Gnoss.Util.Configuracion;
 using Es.Riam.Gnoss.Win.RefrescoCache;
@@ -14,22 +15,24 @@ namespace Gnoss.BackgroundTask.SocialCacheRefresh
 {
     public class SocialCacheRefreshWorker : Worker
     {
-        private readonly ILogger<SocialCacheRefreshWorker> _logger;
         private readonly ConfigService _configService;
+        private ILogger mlogger;
+        private ILoggerFactory mLoggerFactory;
 
-        public SocialCacheRefreshWorker(ILogger<SocialCacheRefreshWorker> logger, ConfigService configService, IServiceScopeFactory scopeFactory) 
+        public SocialCacheRefreshWorker(ConfigService configService, IServiceScopeFactory scopeFactory, ILogger<SocialCacheRefreshWorker> logger, ILoggerFactory loggerFactory) 
             : base(logger, scopeFactory)
         {
-            _logger = logger;
             _configService = configService;
+            mlogger = logger;
+            mLoggerFactory = loggerFactory;
         }
 
         protected override List<ControladorServicioGnoss> ObtenerControladores()
         {
             List<ControladorServicioGnoss> controladores = new List<ControladorServicioGnoss>();
             int numMaxPeticionesWebSimultaneas = _configService.ObtenerNumMaxPeticionesWebSimultaneas();
 
-            controladores.Add(new ControladorRefrescoCache(numMaxPeticionesWebSimultaneas, ScopedFactory, _configService));
+            controladores.Add(new ControladorRefrescoCache(numMaxPeticionesWebSimultaneas, ScopedFactory, _configService, mLoggerFactory.CreateLogger<ControladorRefrescoCache>(), mLoggerFactory));
             return controladores;
         }
     }