contrast-agent 4.13.1 → 4.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.simplecov +1 -0
- data/lib/contrast/agent/assess/policy/policy_node.rb +6 -6
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +5 -0
- data/lib/contrast/agent/assess/policy/propagator/center.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +2 -154
- data/lib/contrast/agent/assess/policy/trigger_method.rb +44 -7
- data/lib/contrast/agent/assess/policy/trigger_node.rb +14 -6
- data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +1 -1
- data/lib/contrast/agent/assess/property/tagged.rb +51 -57
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +40 -6
- data/lib/contrast/agent/metric_telemetry_event.rb +2 -2
- data/lib/contrast/agent/middleware.rb +5 -75
- data/lib/contrast/agent/patching/policy/method_policy.rb +3 -89
- data/lib/contrast/agent/patching/policy/method_policy_extend.rb +111 -0
- data/lib/contrast/agent/patching/policy/patcher.rb +12 -8
- data/lib/contrast/agent/reporting/report.rb +21 -0
- data/lib/contrast/agent/reporting/reporter.rb +142 -0
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +90 -0
- data/lib/contrast/agent/reporting/reporting_events/preflight.rb +25 -0
- data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +56 -0
- data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +37 -0
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +127 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +168 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb +66 -0
- data/lib/contrast/agent/request.rb +2 -81
- data/lib/contrast/agent/request_context.rb +4 -128
- data/lib/contrast/agent/request_context_extend.rb +138 -0
- data/lib/contrast/agent/response.rb +2 -73
- data/lib/contrast/agent/startup_metrics_telemetry_event.rb +39 -16
- data/lib/contrast/agent/static_analysis.rb +1 -1
- data/lib/contrast/agent/telemetry.rb +15 -7
- data/lib/contrast/agent/telemetry_event.rb +8 -9
- data/lib/contrast/agent/thread_watcher.rb +31 -5
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/agent.rb +15 -0
- data/lib/contrast/api/communication/connection_status.rb +10 -7
- data/lib/contrast/api/communication/messaging_queue.rb +37 -3
- data/lib/contrast/api/communication/response_processor.rb +15 -8
- data/lib/contrast/api/communication/service_lifecycle.rb +13 -3
- data/lib/contrast/api/communication/socket.rb +6 -8
- data/lib/contrast/api/communication/socket_client.rb +29 -12
- data/lib/contrast/api/communication/speedracer.rb +37 -1
- data/lib/contrast/api/communication/tcp_socket.rb +4 -3
- data/lib/contrast/api/communication/unix_socket.rb +1 -0
- data/lib/contrast/api/decorators/finding.rb +45 -0
- data/lib/contrast/components/api.rb +56 -0
- data/lib/contrast/components/app_context.rb +10 -65
- data/lib/contrast/components/app_context_extend.rb +78 -0
- data/lib/contrast/components/base.rb +23 -0
- data/lib/contrast/components/config.rb +8 -8
- data/lib/contrast/components/contrast_service.rb +5 -0
- data/lib/contrast/components/sampling.rb +2 -2
- data/lib/contrast/config/agent_configuration.rb +1 -1
- data/lib/contrast/config/api_configuration.rb +9 -4
- data/lib/contrast/config/api_proxy_configuration.rb +14 -0
- data/lib/contrast/config/application_configuration.rb +2 -3
- data/lib/contrast/config/assess_configuration.rb +3 -3
- data/lib/contrast/config/base_configuration.rb +17 -28
- data/lib/contrast/config/certification_configuration.rb +15 -0
- data/lib/contrast/config/env_variables.rb +2 -9
- data/lib/contrast/config/heap_dump_configuration.rb +6 -6
- data/lib/contrast/config/inventory_configuration.rb +1 -5
- data/lib/contrast/config/protect_rule_configuration.rb +1 -1
- data/lib/contrast/config/request_audit_configuration.rb +18 -0
- data/lib/contrast/config/ruby_configuration.rb +6 -6
- data/lib/contrast/config/service_configuration.rb +1 -2
- data/lib/contrast/config.rb +0 -1
- data/lib/contrast/configuration.rb +1 -2
- data/lib/contrast/extension/assess/array.rb +5 -7
- data/lib/contrast/framework/manager.rb +8 -32
- data/lib/contrast/framework/manager_extend.rb +50 -0
- data/lib/contrast/framework/rails/railtie.rb +1 -1
- data/lib/contrast/framework/sinatra/support.rb +2 -1
- data/lib/contrast/logger/log.rb +8 -103
- data/lib/contrast/utils/assess/property/tagged_utils.rb +23 -0
- data/lib/contrast/utils/assess/tracking_util.rb +20 -15
- data/lib/contrast/utils/assess/trigger_method_utils.rb +1 -1
- data/lib/contrast/utils/class_util.rb +18 -14
- data/lib/contrast/utils/findings.rb +62 -0
- data/lib/contrast/utils/hash_digest.rb +10 -73
- data/lib/contrast/utils/hash_digest_extend.rb +86 -0
- data/lib/contrast/utils/head_dump_utils_extend.rb +74 -0
- data/lib/contrast/utils/heap_dump_util.rb +2 -65
- data/lib/contrast/utils/invalid_configuration_util.rb +29 -0
- data/lib/contrast/utils/io_util.rb +1 -1
- data/lib/contrast/utils/log_utils.rb +108 -0
- data/lib/contrast/utils/middleware_utils.rb +87 -0
- data/lib/contrast/utils/net_http_base.rb +158 -0
- data/lib/contrast/utils/object_share.rb +1 -0
- data/lib/contrast/utils/request_utils.rb +88 -0
- data/lib/contrast/utils/response_utils.rb +97 -0
- data/lib/contrast/utils/substitution_utils.rb +167 -0
- data/lib/contrast/utils/tag_util.rb +9 -9
- data/lib/contrast/utils/telemetry.rb +4 -2
- data/lib/contrast/utils/telemetry_client.rb +90 -0
- data/lib/contrast/utils/telemetry_identifier.rb +17 -24
- data/ruby-agent.gemspec +5 -5
- metadata +48 -23
- data/lib/contrast/config/default_value.rb +0 -17
- data/lib/contrast/utils/requests_client.rb +0 -150
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: contrast-agent
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.14.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- galen.palmer@contrastsecurity.com
|
|
@@ -13,7 +13,7 @@ authors:
|
|
|
13
13
|
autorequire:
|
|
14
14
|
bindir: exe
|
|
15
15
|
cert_chain: []
|
|
16
|
-
date: 2021-
|
|
16
|
+
date: 2021-12-07 00:00:00.000000000 Z
|
|
17
17
|
dependencies:
|
|
18
18
|
- !ruby/object:Gem::Dependency
|
|
19
19
|
name: bundler
|
|
@@ -147,70 +147,70 @@ dependencies:
|
|
|
147
147
|
requirements:
|
|
148
148
|
- - '='
|
|
149
149
|
- !ruby/object:Gem::Version
|
|
150
|
-
version: 1.
|
|
150
|
+
version: 1.22.3
|
|
151
151
|
type: :development
|
|
152
152
|
prerelease: false
|
|
153
153
|
version_requirements: !ruby/object:Gem::Requirement
|
|
154
154
|
requirements:
|
|
155
155
|
- - '='
|
|
156
156
|
- !ruby/object:Gem::Version
|
|
157
|
-
version: 1.
|
|
157
|
+
version: 1.22.3
|
|
158
158
|
- !ruby/object:Gem::Dependency
|
|
159
159
|
name: rubocop-performance
|
|
160
160
|
requirement: !ruby/object:Gem::Requirement
|
|
161
161
|
requirements:
|
|
162
162
|
- - '='
|
|
163
163
|
- !ruby/object:Gem::Version
|
|
164
|
-
version: 1.
|
|
164
|
+
version: 1.12.0
|
|
165
165
|
type: :development
|
|
166
166
|
prerelease: false
|
|
167
167
|
version_requirements: !ruby/object:Gem::Requirement
|
|
168
168
|
requirements:
|
|
169
169
|
- - '='
|
|
170
170
|
- !ruby/object:Gem::Version
|
|
171
|
-
version: 1.
|
|
171
|
+
version: 1.12.0
|
|
172
172
|
- !ruby/object:Gem::Dependency
|
|
173
173
|
name: rubocop-rails
|
|
174
174
|
requirement: !ruby/object:Gem::Requirement
|
|
175
175
|
requirements:
|
|
176
176
|
- - '='
|
|
177
177
|
- !ruby/object:Gem::Version
|
|
178
|
-
version: 2.
|
|
178
|
+
version: 2.12.4
|
|
179
179
|
type: :development
|
|
180
180
|
prerelease: false
|
|
181
181
|
version_requirements: !ruby/object:Gem::Requirement
|
|
182
182
|
requirements:
|
|
183
183
|
- - '='
|
|
184
184
|
- !ruby/object:Gem::Version
|
|
185
|
-
version: 2.
|
|
185
|
+
version: 2.12.4
|
|
186
186
|
- !ruby/object:Gem::Dependency
|
|
187
187
|
name: rubocop-rake
|
|
188
188
|
requirement: !ruby/object:Gem::Requirement
|
|
189
189
|
requirements:
|
|
190
190
|
- - '='
|
|
191
191
|
- !ruby/object:Gem::Version
|
|
192
|
-
version: 0.
|
|
192
|
+
version: 0.6.0
|
|
193
193
|
type: :development
|
|
194
194
|
prerelease: false
|
|
195
195
|
version_requirements: !ruby/object:Gem::Requirement
|
|
196
196
|
requirements:
|
|
197
197
|
- - '='
|
|
198
198
|
- !ruby/object:Gem::Version
|
|
199
|
-
version: 0.
|
|
199
|
+
version: 0.6.0
|
|
200
200
|
- !ruby/object:Gem::Dependency
|
|
201
201
|
name: rubocop-rspec
|
|
202
202
|
requirement: !ruby/object:Gem::Requirement
|
|
203
203
|
requirements:
|
|
204
204
|
- - '='
|
|
205
205
|
- !ruby/object:Gem::Version
|
|
206
|
-
version: 2.
|
|
206
|
+
version: 2.6.0
|
|
207
207
|
type: :development
|
|
208
208
|
prerelease: false
|
|
209
209
|
version_requirements: !ruby/object:Gem::Requirement
|
|
210
210
|
requirements:
|
|
211
211
|
- - '='
|
|
212
212
|
- !ruby/object:Gem::Version
|
|
213
|
-
version: 2.
|
|
213
|
+
version: 2.6.0
|
|
214
214
|
- !ruby/object:Gem::Dependency
|
|
215
215
|
name: simplecov
|
|
216
216
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -617,20 +617,20 @@ executables:
|
|
|
617
617
|
- contrast_service
|
|
618
618
|
extensions:
|
|
619
619
|
- ext/cs__common/extconf.rb
|
|
620
|
-
- ext/
|
|
621
|
-
- ext/
|
|
620
|
+
- ext/cs__assess_basic_object/extconf.rb
|
|
621
|
+
- ext/cs__assess_string/extconf.rb
|
|
622
|
+
- ext/cs__assess_hash/extconf.rb
|
|
623
|
+
- ext/cs__assess_module/extconf.rb
|
|
624
|
+
- ext/cs__assess_kernel/extconf.rb
|
|
622
625
|
- ext/cs__assess_array/extconf.rb
|
|
623
626
|
- ext/cs__contrast_patch/extconf.rb
|
|
624
|
-
- ext/
|
|
625
|
-
- ext/cs__assess_regexp/extconf.rb
|
|
627
|
+
- ext/cs__os_information/extconf.rb
|
|
626
628
|
- ext/cs__assess_marshal_module/extconf.rb
|
|
627
|
-
- ext/
|
|
628
|
-
- ext/
|
|
629
|
+
- ext/cs__assess_fiber_track/extconf.rb
|
|
630
|
+
- ext/cs__assess_string_interpolation26/extconf.rb
|
|
629
631
|
- ext/cs__assess_active_record_named/extconf.rb
|
|
632
|
+
- ext/cs__assess_regexp/extconf.rb
|
|
630
633
|
- ext/cs__assess_yield_track/extconf.rb
|
|
631
|
-
- ext/cs__assess_string/extconf.rb
|
|
632
|
-
- ext/cs__assess_basic_object/extconf.rb
|
|
633
|
-
- ext/cs__assess_string_interpolation26/extconf.rb
|
|
634
634
|
extra_rdoc_files: []
|
|
635
635
|
files:
|
|
636
636
|
- ".clang-format"
|
|
@@ -904,6 +904,7 @@ files:
|
|
|
904
904
|
- lib/contrast/agent/patching/policy/after_load_patch.rb
|
|
905
905
|
- lib/contrast/agent/patching/policy/after_load_patcher.rb
|
|
906
906
|
- lib/contrast/agent/patching/policy/method_policy.rb
|
|
907
|
+
- lib/contrast/agent/patching/policy/method_policy_extend.rb
|
|
907
908
|
- lib/contrast/agent/patching/policy/module_policy.rb
|
|
908
909
|
- lib/contrast/agent/patching/policy/patch.rb
|
|
909
910
|
- lib/contrast/agent/patching/policy/patch_status.rb
|
|
@@ -941,8 +942,18 @@ files:
|
|
|
941
942
|
- lib/contrast/agent/protect/rule/xxe.rb
|
|
942
943
|
- lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb
|
|
943
944
|
- lib/contrast/agent/reaction_processor.rb
|
|
945
|
+
- lib/contrast/agent/reporting/report.rb
|
|
946
|
+
- lib/contrast/agent/reporting/reporter.rb
|
|
947
|
+
- lib/contrast/agent/reporting/reporting_events/finding.rb
|
|
948
|
+
- lib/contrast/agent/reporting/reporting_events/preflight.rb
|
|
949
|
+
- lib/contrast/agent/reporting/reporting_events/preflight_message.rb
|
|
950
|
+
- lib/contrast/agent/reporting/reporting_events/reporting_event.rb
|
|
951
|
+
- lib/contrast/agent/reporting/reporting_utilities/audit.rb
|
|
952
|
+
- lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb
|
|
953
|
+
- lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb
|
|
944
954
|
- lib/contrast/agent/request.rb
|
|
945
955
|
- lib/contrast/agent/request_context.rb
|
|
956
|
+
- lib/contrast/agent/request_context_extend.rb
|
|
946
957
|
- lib/contrast/agent/request_handler.rb
|
|
947
958
|
- lib/contrast/agent/response.rb
|
|
948
959
|
- lib/contrast/agent/rewriter.rb
|
|
@@ -976,6 +987,7 @@ files:
|
|
|
976
987
|
- lib/contrast/api/decorators/application_settings.rb
|
|
977
988
|
- lib/contrast/api/decorators/application_startup.rb
|
|
978
989
|
- lib/contrast/api/decorators/application_update.rb
|
|
990
|
+
- lib/contrast/api/decorators/finding.rb
|
|
979
991
|
- lib/contrast/api/decorators/http_request.rb
|
|
980
992
|
- lib/contrast/api/decorators/input_analysis.rb
|
|
981
993
|
- lib/contrast/api/decorators/instrumentation_mode.rb
|
|
@@ -996,6 +1008,7 @@ files:
|
|
|
996
1008
|
- lib/contrast/components/agent.rb
|
|
997
1009
|
- lib/contrast/components/api.rb
|
|
998
1010
|
- lib/contrast/components/app_context.rb
|
|
1011
|
+
- lib/contrast/components/app_context_extend.rb
|
|
999
1012
|
- lib/contrast/components/assess.rb
|
|
1000
1013
|
- lib/contrast/components/base.rb
|
|
1001
1014
|
- lib/contrast/components/config.rb
|
|
@@ -1010,11 +1023,12 @@ files:
|
|
|
1010
1023
|
- lib/contrast/config.rb
|
|
1011
1024
|
- lib/contrast/config/agent_configuration.rb
|
|
1012
1025
|
- lib/contrast/config/api_configuration.rb
|
|
1026
|
+
- lib/contrast/config/api_proxy_configuration.rb
|
|
1013
1027
|
- lib/contrast/config/application_configuration.rb
|
|
1014
1028
|
- lib/contrast/config/assess_configuration.rb
|
|
1015
1029
|
- lib/contrast/config/assess_rules_configuration.rb
|
|
1016
1030
|
- lib/contrast/config/base_configuration.rb
|
|
1017
|
-
- lib/contrast/config/
|
|
1031
|
+
- lib/contrast/config/certification_configuration.rb
|
|
1018
1032
|
- lib/contrast/config/env_variables.rb
|
|
1019
1033
|
- lib/contrast/config/exception_configuration.rb
|
|
1020
1034
|
- lib/contrast/config/heap_dump_configuration.rb
|
|
@@ -1023,6 +1037,7 @@ files:
|
|
|
1023
1037
|
- lib/contrast/config/protect_configuration.rb
|
|
1024
1038
|
- lib/contrast/config/protect_rule_configuration.rb
|
|
1025
1039
|
- lib/contrast/config/protect_rules_configuration.rb
|
|
1040
|
+
- lib/contrast/config/request_audit_configuration.rb
|
|
1026
1041
|
- lib/contrast/config/root_configuration.rb
|
|
1027
1042
|
- lib/contrast/config/ruby_configuration.rb
|
|
1028
1043
|
- lib/contrast/config/sampling_configuration.rb
|
|
@@ -1051,6 +1066,7 @@ files:
|
|
|
1051
1066
|
- lib/contrast/framework/base_support.rb
|
|
1052
1067
|
- lib/contrast/framework/grape/support.rb
|
|
1053
1068
|
- lib/contrast/framework/manager.rb
|
|
1069
|
+
- lib/contrast/framework/manager_extend.rb
|
|
1054
1070
|
- lib/contrast/framework/platform_version.rb
|
|
1055
1071
|
- lib/contrast/framework/rack/patch/session_cookie.rb
|
|
1056
1072
|
- lib/contrast/framework/rack/patch/support.rb
|
|
@@ -1085,26 +1101,35 @@ files:
|
|
|
1085
1101
|
- lib/contrast/utils/duck_utils.rb
|
|
1086
1102
|
- lib/contrast/utils/env_configuration_item.rb
|
|
1087
1103
|
- lib/contrast/utils/exclude_key.rb
|
|
1104
|
+
- lib/contrast/utils/findings.rb
|
|
1088
1105
|
- lib/contrast/utils/hash_digest.rb
|
|
1106
|
+
- lib/contrast/utils/hash_digest_extend.rb
|
|
1107
|
+
- lib/contrast/utils/head_dump_utils_extend.rb
|
|
1089
1108
|
- lib/contrast/utils/heap_dump_util.rb
|
|
1090
1109
|
- lib/contrast/utils/invalid_configuration_util.rb
|
|
1091
1110
|
- lib/contrast/utils/io_util.rb
|
|
1092
1111
|
- lib/contrast/utils/job_servers_running.rb
|
|
1112
|
+
- lib/contrast/utils/log_utils.rb
|
|
1093
1113
|
- lib/contrast/utils/lru_cache.rb
|
|
1094
1114
|
- lib/contrast/utils/metrics_hash.rb
|
|
1115
|
+
- lib/contrast/utils/middleware_utils.rb
|
|
1116
|
+
- lib/contrast/utils/net_http_base.rb
|
|
1095
1117
|
- lib/contrast/utils/object_share.rb
|
|
1096
1118
|
- lib/contrast/utils/os.rb
|
|
1097
1119
|
- lib/contrast/utils/patching/policy/patch_utils.rb
|
|
1098
1120
|
- lib/contrast/utils/patching/policy/patcher_utils.rb
|
|
1099
1121
|
- lib/contrast/utils/preflight_util.rb
|
|
1100
|
-
- lib/contrast/utils/
|
|
1122
|
+
- lib/contrast/utils/request_utils.rb
|
|
1101
1123
|
- lib/contrast/utils/resource_loader.rb
|
|
1124
|
+
- lib/contrast/utils/response_utils.rb
|
|
1102
1125
|
- lib/contrast/utils/ruby_ast_rewriter.rb
|
|
1103
1126
|
- lib/contrast/utils/sha256_builder.rb
|
|
1104
1127
|
- lib/contrast/utils/stack_trace_utils.rb
|
|
1105
1128
|
- lib/contrast/utils/string_utils.rb
|
|
1129
|
+
- lib/contrast/utils/substitution_utils.rb
|
|
1106
1130
|
- lib/contrast/utils/tag_util.rb
|
|
1107
1131
|
- lib/contrast/utils/telemetry.rb
|
|
1132
|
+
- lib/contrast/utils/telemetry_client.rb
|
|
1108
1133
|
- lib/contrast/utils/telemetry_identifier.rb
|
|
1109
1134
|
- lib/contrast/utils/thread_tracker.rb
|
|
1110
1135
|
- lib/contrast/utils/timer.rb
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
|
-
# frozen_string_literal: true
|
|
3
|
-
|
|
4
|
-
module Contrast
|
|
5
|
-
module Config
|
|
6
|
-
# This is the wrapper for the default values in the configurations, used to
|
|
7
|
-
# differentiate between nil or false defaults and things being set
|
|
8
|
-
# explicitly to false.
|
|
9
|
-
class DefaultValue
|
|
10
|
-
attr_reader :value
|
|
11
|
-
|
|
12
|
-
def initialize value
|
|
13
|
-
@value = value
|
|
14
|
-
end
|
|
15
|
-
end
|
|
16
|
-
end
|
|
17
|
-
end
|
|
@@ -1,150 +0,0 @@
|
|
|
1
|
-
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
|
-
# frozen_string_literal: true
|
|
3
|
-
|
|
4
|
-
require 'net/http'
|
|
5
|
-
require 'contrast/components/logger'
|
|
6
|
-
require 'contrast/utils/object_share'
|
|
7
|
-
require 'contrast/agent/version'
|
|
8
|
-
require 'socket'
|
|
9
|
-
|
|
10
|
-
module Contrast
|
|
11
|
-
module Utils
|
|
12
|
-
# This module creates a Net::HTTP client and initiates a connection to the provided result
|
|
13
|
-
module RequestsClient
|
|
14
|
-
ENDPOINT = 'api/v1/telemetry/metrics' # /TelemetryEvent.path
|
|
15
|
-
|
|
16
|
-
class << self
|
|
17
|
-
include Contrast::Components::Logger::InstanceMethods
|
|
18
|
-
# This method initializes the Net::HTTP client we'll need
|
|
19
|
-
# @param url [String]
|
|
20
|
-
# @return [Net::HTTP, nil]
|
|
21
|
-
def initialize_connection url
|
|
22
|
-
addr = URI(url)
|
|
23
|
-
return if addr.host.nil? || addr.port.nil?
|
|
24
|
-
return if addr.scheme != 'https'
|
|
25
|
-
|
|
26
|
-
@_net_http_client = Net::HTTP.new(addr.host, addr.port)
|
|
27
|
-
@_net_http_client.open_timeout = 5
|
|
28
|
-
@_net_http_client.read_timeout = 5
|
|
29
|
-
@_net_http_client.use_ssl = true
|
|
30
|
-
@_net_http_client.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
31
|
-
@_net_http_client.verify_depth = 5
|
|
32
|
-
@_net_http_client.start
|
|
33
|
-
return unless @_net_http_client.started?
|
|
34
|
-
|
|
35
|
-
logger.warn('Starting Telemetry connection test')
|
|
36
|
-
return unless connection_verified? @_net_http_client
|
|
37
|
-
|
|
38
|
-
@_net_http_client
|
|
39
|
-
rescue Net::OpenTimeout, Net::ReadTimeout => e
|
|
40
|
-
logger.warn('Telemetry connection failed', e.message)
|
|
41
|
-
nil
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
# This method will be responsible for building the request
|
|
45
|
-
# @param event[Contrast::Agent::TelemetryEvent,Contrast::Agent::StartupMetricsTelemetryEvent]
|
|
46
|
-
# @return [Net::HTTP::Post]
|
|
47
|
-
def build_request event
|
|
48
|
-
return unless valid_event? event
|
|
49
|
-
|
|
50
|
-
string_body = event.to_json.to_s
|
|
51
|
-
header = { 'User-Agent' => "<#{ Contrast::Utils::ObjectShare::RUBY }>-<#{ Contrast::Agent::VERSION }>" }
|
|
52
|
-
path = ENDPOINT + event.path
|
|
53
|
-
@_request = Net::HTTP::Post.new(path, header)
|
|
54
|
-
@_request.body = string_body
|
|
55
|
-
@_request
|
|
56
|
-
end
|
|
57
|
-
|
|
58
|
-
# This method will create the actual request and send it
|
|
59
|
-
# @param event[Contrast::Agent::TelemetryEvent]
|
|
60
|
-
# @param connection[Net::HTTP]
|
|
61
|
-
def send_request event, connection
|
|
62
|
-
return if connection.nil? || event.nil?
|
|
63
|
-
return unless valid_event? event
|
|
64
|
-
|
|
65
|
-
req = build_request event
|
|
66
|
-
connection.request req
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
# This method will handle the response from the tenant
|
|
70
|
-
# @param res [Net::HTTPResponse]
|
|
71
|
-
# @return sleep_time [Integer, nil]
|
|
72
|
-
def handle_response res
|
|
73
|
-
status_code = res.code.to_i
|
|
74
|
-
ready_after = if res.to_hash.keys.map(&:downcase).include?('ready-after')
|
|
75
|
-
res['Ready-After']
|
|
76
|
-
else
|
|
77
|
-
60
|
|
78
|
-
end
|
|
79
|
-
ready_after if status_code == 429
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
# This method will be responsible for validating the event
|
|
83
|
-
# @param event[Contrast::Agent::TelemetryEvent,Contrast::Agent::StartupMetricsTelemetryEvent]
|
|
84
|
-
def valid_event? event
|
|
85
|
-
return false unless event.cs__is_a?(Contrast::Agent::TelemetryEvent)
|
|
86
|
-
return false unless event.cs__is_a?(Contrast::Agent::StartupMetricsTelemetryEvent)
|
|
87
|
-
|
|
88
|
-
true
|
|
89
|
-
end
|
|
90
|
-
|
|
91
|
-
# Validates connection with Telemetry assigned domain.
|
|
92
|
-
# If connection is running, SSL certificate of the endpoint is valid, Ip address is resolvable
|
|
93
|
-
# and response is received without peer's reset or refuse of connection,
|
|
94
|
-
# then validation returns true. Error handling is in place so that the work of the agent will continue as
|
|
95
|
-
# normal without Telemetry.
|
|
96
|
-
#
|
|
97
|
-
# @param client [Net::HTTP]
|
|
98
|
-
# @return [Boolean] true | false
|
|
99
|
-
def connection_verified? client
|
|
100
|
-
return @_connection_verified unless @_connection_verified.nil?
|
|
101
|
-
|
|
102
|
-
# Before RUBY 2.7 there is no #ipaddr
|
|
103
|
-
ipaddr = if RUBY_VERSION < '2.7.0'
|
|
104
|
-
socket = TCPSocket.open(client.address, client.port)
|
|
105
|
-
ipaddr = socket.peeraddr[3]
|
|
106
|
-
socket.close
|
|
107
|
-
ipaddr
|
|
108
|
-
else
|
|
109
|
-
client.ipaddr
|
|
110
|
-
end
|
|
111
|
-
response = client.request(Net::HTTP::Get.new(client.address))
|
|
112
|
-
verify_cert = OpenSSL::SSL.verify_certificate_identity(client.peer_cert, client.address)
|
|
113
|
-
resolved = resolved? client.address, ipaddr
|
|
114
|
-
@_connection_verified = if resolved && response && verify_cert
|
|
115
|
-
true
|
|
116
|
-
else
|
|
117
|
-
false
|
|
118
|
-
end
|
|
119
|
-
rescue OpenSSL::SSL::SSLError, Resolv::ResolvError, Errno::ECONNRESET, Errno::ECONNREFUSED,
|
|
120
|
-
Errno::ETIMEDOUT, Errno::ESHUTDOWN, Errno::EHOSTDOWN, Errno::EHOSTUNREACH, Errno::EISCONN,
|
|
121
|
-
Errno::ECONNABORTED, Errno::ENETRESET, Errno::ENETUNREACH => e
|
|
122
|
-
|
|
123
|
-
logger.warn('Telemetry connection failed', e.message)
|
|
124
|
-
false
|
|
125
|
-
end
|
|
126
|
-
|
|
127
|
-
private
|
|
128
|
-
|
|
129
|
-
# Resolves the address of the assigned telemetry domain to array of corresponding IPs (if more than one)
|
|
130
|
-
# and runs a matcher to see if current connection IP is in the list.
|
|
131
|
-
# This is called within #verify_connection, if called on it's own there will be no
|
|
132
|
-
# error handling.
|
|
133
|
-
#
|
|
134
|
-
# @param address [String] Human friendly address of assigned telemetry domain
|
|
135
|
-
# @param ipaddr [String] Machine friendly IP address of the assigned telemetry domain
|
|
136
|
-
# @return[Boolean] true if both addresses are resolved | false if one of the addresses
|
|
137
|
-
# is non-resolvable
|
|
138
|
-
def resolved? address, ipaddr
|
|
139
|
-
return @_resolved unless @_resolved.nil?
|
|
140
|
-
|
|
141
|
-
@_resolved = if (addresses = Resolv.getaddresses address)
|
|
142
|
-
addresses.any? { |addr| addr.include?(ipaddr) }
|
|
143
|
-
else
|
|
144
|
-
false
|
|
145
|
-
end
|
|
146
|
-
end
|
|
147
|
-
end
|
|
148
|
-
end
|
|
149
|
-
end
|
|
150
|
-
end
|