contrast-agent 4.13.1 → 4.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (101) hide show
  1. checksums.yaml +4 -4
  2. data/.simplecov +1 -0
  3. data/lib/contrast/agent/assess/policy/policy_node.rb +6 -6
  4. data/lib/contrast/agent/assess/policy/policy_scanner.rb +5 -0
  5. data/lib/contrast/agent/assess/policy/propagator/center.rb +1 -1
  6. data/lib/contrast/agent/assess/policy/propagator/substitution.rb +2 -154
  7. data/lib/contrast/agent/assess/policy/trigger_method.rb +44 -7
  8. data/lib/contrast/agent/assess/policy/trigger_node.rb +14 -6
  9. data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +1 -1
  10. data/lib/contrast/agent/assess/property/tagged.rb +51 -57
  11. data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +40 -6
  12. data/lib/contrast/agent/metric_telemetry_event.rb +2 -2
  13. data/lib/contrast/agent/middleware.rb +5 -75
  14. data/lib/contrast/agent/patching/policy/method_policy.rb +3 -89
  15. data/lib/contrast/agent/patching/policy/method_policy_extend.rb +111 -0
  16. data/lib/contrast/agent/patching/policy/patcher.rb +12 -8
  17. data/lib/contrast/agent/reporting/report.rb +21 -0
  18. data/lib/contrast/agent/reporting/reporter.rb +142 -0
  19. data/lib/contrast/agent/reporting/reporting_events/finding.rb +90 -0
  20. data/lib/contrast/agent/reporting/reporting_events/preflight.rb +25 -0
  21. data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +56 -0
  22. data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +37 -0
  23. data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +127 -0
  24. data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +168 -0
  25. data/lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb +66 -0
  26. data/lib/contrast/agent/request.rb +2 -81
  27. data/lib/contrast/agent/request_context.rb +4 -128
  28. data/lib/contrast/agent/request_context_extend.rb +138 -0
  29. data/lib/contrast/agent/response.rb +2 -73
  30. data/lib/contrast/agent/startup_metrics_telemetry_event.rb +39 -16
  31. data/lib/contrast/agent/static_analysis.rb +1 -1
  32. data/lib/contrast/agent/telemetry.rb +15 -7
  33. data/lib/contrast/agent/telemetry_event.rb +8 -9
  34. data/lib/contrast/agent/thread_watcher.rb +31 -5
  35. data/lib/contrast/agent/version.rb +1 -1
  36. data/lib/contrast/agent.rb +15 -0
  37. data/lib/contrast/api/communication/connection_status.rb +10 -7
  38. data/lib/contrast/api/communication/messaging_queue.rb +37 -3
  39. data/lib/contrast/api/communication/response_processor.rb +15 -8
  40. data/lib/contrast/api/communication/service_lifecycle.rb +13 -3
  41. data/lib/contrast/api/communication/socket.rb +6 -8
  42. data/lib/contrast/api/communication/socket_client.rb +29 -12
  43. data/lib/contrast/api/communication/speedracer.rb +37 -1
  44. data/lib/contrast/api/communication/tcp_socket.rb +4 -3
  45. data/lib/contrast/api/communication/unix_socket.rb +1 -0
  46. data/lib/contrast/api/decorators/finding.rb +45 -0
  47. data/lib/contrast/components/api.rb +56 -0
  48. data/lib/contrast/components/app_context.rb +10 -65
  49. data/lib/contrast/components/app_context_extend.rb +78 -0
  50. data/lib/contrast/components/base.rb +23 -0
  51. data/lib/contrast/components/config.rb +8 -8
  52. data/lib/contrast/components/contrast_service.rb +5 -0
  53. data/lib/contrast/components/sampling.rb +2 -2
  54. data/lib/contrast/config/agent_configuration.rb +1 -1
  55. data/lib/contrast/config/api_configuration.rb +9 -4
  56. data/lib/contrast/config/api_proxy_configuration.rb +14 -0
  57. data/lib/contrast/config/application_configuration.rb +2 -3
  58. data/lib/contrast/config/assess_configuration.rb +3 -3
  59. data/lib/contrast/config/base_configuration.rb +17 -28
  60. data/lib/contrast/config/certification_configuration.rb +15 -0
  61. data/lib/contrast/config/env_variables.rb +2 -9
  62. data/lib/contrast/config/heap_dump_configuration.rb +6 -6
  63. data/lib/contrast/config/inventory_configuration.rb +1 -5
  64. data/lib/contrast/config/protect_rule_configuration.rb +1 -1
  65. data/lib/contrast/config/request_audit_configuration.rb +18 -0
  66. data/lib/contrast/config/ruby_configuration.rb +6 -6
  67. data/lib/contrast/config/service_configuration.rb +1 -2
  68. data/lib/contrast/config.rb +0 -1
  69. data/lib/contrast/configuration.rb +1 -2
  70. data/lib/contrast/extension/assess/array.rb +5 -7
  71. data/lib/contrast/framework/manager.rb +8 -32
  72. data/lib/contrast/framework/manager_extend.rb +50 -0
  73. data/lib/contrast/framework/rails/railtie.rb +1 -1
  74. data/lib/contrast/framework/sinatra/support.rb +2 -1
  75. data/lib/contrast/logger/log.rb +8 -103
  76. data/lib/contrast/utils/assess/property/tagged_utils.rb +23 -0
  77. data/lib/contrast/utils/assess/tracking_util.rb +20 -15
  78. data/lib/contrast/utils/assess/trigger_method_utils.rb +1 -1
  79. data/lib/contrast/utils/class_util.rb +18 -14
  80. data/lib/contrast/utils/findings.rb +62 -0
  81. data/lib/contrast/utils/hash_digest.rb +10 -73
  82. data/lib/contrast/utils/hash_digest_extend.rb +86 -0
  83. data/lib/contrast/utils/head_dump_utils_extend.rb +74 -0
  84. data/lib/contrast/utils/heap_dump_util.rb +2 -65
  85. data/lib/contrast/utils/invalid_configuration_util.rb +29 -0
  86. data/lib/contrast/utils/io_util.rb +1 -1
  87. data/lib/contrast/utils/log_utils.rb +108 -0
  88. data/lib/contrast/utils/middleware_utils.rb +87 -0
  89. data/lib/contrast/utils/net_http_base.rb +158 -0
  90. data/lib/contrast/utils/object_share.rb +1 -0
  91. data/lib/contrast/utils/request_utils.rb +88 -0
  92. data/lib/contrast/utils/response_utils.rb +97 -0
  93. data/lib/contrast/utils/substitution_utils.rb +167 -0
  94. data/lib/contrast/utils/tag_util.rb +9 -9
  95. data/lib/contrast/utils/telemetry.rb +4 -2
  96. data/lib/contrast/utils/telemetry_client.rb +90 -0
  97. data/lib/contrast/utils/telemetry_identifier.rb +17 -24
  98. data/ruby-agent.gemspec +5 -5
  99. metadata +48 -23
  100. data/lib/contrast/config/default_value.rb +0 -17
  101. data/lib/contrast/utils/requests_client.rb +0 -150
@@ -5,6 +5,7 @@ require 'rubygems/version'
5
5
  require 'contrast/api/decorators/agent_startup'
6
6
  require 'contrast/api/decorators/application_startup'
7
7
  require 'contrast/utils/object_share'
8
+ require 'contrast/components/app_context_extend'
8
9
 
9
10
  module Contrast
10
11
  module Components
@@ -15,6 +16,7 @@ module Contrast
15
16
  # Specifically, this allows for querying the state of the Application,
16
17
  # including the Client, Process, and Server information.
17
18
  class Interface
19
+ include Contrast::Components::AppContextExtend
18
20
  include Contrast::Components::ComponentBase
19
21
  include Contrast::Components::Logger::InstanceMethods
20
22
 
@@ -23,10 +25,6 @@ module Contrast
23
25
  DEFAULT_SERVER_NAME = 'localhost'
24
26
  DEFAULT_SERVER_PATH = '/'
25
27
 
26
- SUPPORTED_FRAMEWORKS = %w[rails sinatra grape rack].cs__freeze
27
-
28
- SUPPORTED_SERVERS = %w[passenger puma thin unicorn].cs__freeze
29
-
30
28
  def initialize
31
29
  original_pid
32
30
  end
@@ -50,6 +48,14 @@ module Contrast
50
48
  end
51
49
  end
52
50
 
51
+ def session_id
52
+ @_session_id ||= build_app_startup_message.session_id
53
+ end
54
+
55
+ def app_version
56
+ @_app_version ||= Contrast::CONFIG.root.application.version
57
+ end
58
+
53
59
  def path
54
60
  @_path ||= begin
55
61
  tmp = ::Contrast::CONFIG.root.application.path
@@ -80,67 +86,6 @@ module Contrast
80
86
  end
81
87
  end
82
88
 
83
- def build_app_startup_message
84
- Contrast::Api::Dtm::ApplicationCreate.build
85
- end
86
-
87
- def build_agent_startup_message
88
- msg = Contrast::Api::Dtm::AgentStartup.build(server_name, server_path, server_type)
89
- logger.info('Application context',
90
- server_name: msg.server_name,
91
- server_path: msg.server_path,
92
- server_type: msg.server_type,
93
- application_name: app_name,
94
- application_path: path,
95
- application_language: Contrast::Utils::ObjectShare::RUBY)
96
-
97
- msg
98
- end
99
-
100
- def pid
101
- Process.pid
102
- end
103
-
104
- def ppid
105
- Process.ppid
106
- end
107
-
108
- def pgid
109
- Process.getpgid(pid)
110
- end
111
-
112
- def client_id
113
- @_client_id ||= [app_name, pgid].join('-')
114
- end
115
-
116
- def app_and_server_information
117
- {
118
- application_info: find_gem_information(SUPPORTED_FRAMEWORKS),
119
- server_info: find_gem_information(SUPPORTED_SERVERS)
120
- }
121
- end
122
-
123
- def find_gem_information arr
124
- arr.each do |framework|
125
- next unless Gem.loaded_specs.key?(framework)
126
-
127
- loaded = Gem.loaded_specs[framework]
128
- next unless loaded
129
-
130
- name = loaded.instance_variable_get(:@name)
131
- version = loaded.instance_variable_get(:@version).to_s
132
- return [name, version].join(' ')
133
- end
134
- end
135
-
136
- def instrument_middleware_stack?
137
- !Contrast::Utils::JobServersRunning.job_servers_running?
138
- end
139
-
140
- def disabled_agent_rake_tasks
141
- ::Contrast::CONFIG.root.agent.ruby.disabled_agent_rake_tasks
142
- end
143
-
144
89
  # Determines if the Process we're currently in matches that of the
145
90
  # Process in which the App Context instance was created.
146
91
  # If it doesn't, that indicates the running context is in a new
@@ -0,0 +1,78 @@
1
+ # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ module Contrast
5
+ module Components
6
+ # A wrapper build around the Common Agent Configuration project to allow
7
+ # for access of the values contained in its
8
+ # parent_configuration_spec.yaml.
9
+ # Specifically, this allows for querying the state of the Application,
10
+ # including the Client, Process, and Server information.
11
+ module AppContextExtend
12
+ SUPPORTED_FRAMEWORKS = %w[rails sinatra grape rack].cs__freeze
13
+ SUPPORTED_SERVERS = %w[passenger puma thin unicorn].cs__freeze
14
+
15
+ def build_app_startup_message
16
+ @_build_app_startup_message ||= Contrast::Api::Dtm::ApplicationCreate.build
17
+ end
18
+
19
+ def build_agent_startup_message
20
+ msg = Contrast::Api::Dtm::AgentStartup.build(server_name, server_path, server_type)
21
+ logger.info('Application context',
22
+ server_name: msg.server_name,
23
+ server_path: msg.server_path,
24
+ server_type: msg.server_type,
25
+ application_name: app_name,
26
+ application_path: path,
27
+ application_language: Contrast::Utils::ObjectShare::RUBY)
28
+
29
+ msg
30
+ end
31
+
32
+ def pid
33
+ Process.pid
34
+ end
35
+
36
+ def ppid
37
+ Process.ppid
38
+ end
39
+
40
+ def pgid
41
+ Process.getpgid(pid)
42
+ end
43
+
44
+ def client_id
45
+ @_client_id ||= [app_name, pgid].join('-')
46
+ end
47
+
48
+ def app_and_server_information
49
+ {
50
+ application_info: find_gem_information(SUPPORTED_FRAMEWORKS),
51
+ server_info: find_gem_information(SUPPORTED_SERVERS)
52
+ }
53
+ end
54
+
55
+ def find_gem_information arr
56
+ arr.each do |framework|
57
+ next unless Gem.loaded_specs.key?(framework)
58
+
59
+ loaded = Gem.loaded_specs[framework]
60
+ next unless loaded
61
+
62
+ name = loaded.instance_variable_get(:@name)
63
+ version = loaded.instance_variable_get(:@version).to_s
64
+ return [name, version].join(' ')
65
+ end
66
+ nil
67
+ end
68
+
69
+ def instrument_middleware_stack?
70
+ !Contrast::Utils::JobServersRunning.job_servers_running?
71
+ end
72
+
73
+ def disabled_agent_rake_tasks
74
+ ::Contrast::CONFIG.root.agent.ruby.disabled_agent_rake_tasks
75
+ end
76
+ end
77
+ end
78
+ end
@@ -35,6 +35,29 @@ module Contrast
35
35
 
36
36
  config_param.downcase == Contrast::Utils::ObjectShare::TRUE
37
37
  end
38
+
39
+ # this method will check if a path could be possibly used
40
+ # So for example if we pass a path to a file - we'll check
41
+ # if there is actually that file and if it's with certain extension
42
+ #
43
+ # @param config_path [String,nil]
44
+ # @return [Boolean]
45
+ def valid_cert? config_path
46
+ return false if config_path.nil?
47
+
48
+ exts = %w[.pem .crt .cer].cs__freeze
49
+ return false unless exts.include?(File.extname(config_path))
50
+
51
+ true
52
+ end
53
+
54
+ # check if file exists at all
55
+ # @param path [String,nil]
56
+ def file_exists? path
57
+ return false unless path
58
+
59
+ File.exist? path
60
+ end
38
61
  end
39
62
  end
40
63
  end
@@ -120,7 +120,7 @@ module Contrast
120
120
  # @return [String,nil] the value of the session id set in the
121
121
  # configuration, or nil if unset
122
122
  def session_id
123
- @config.application.session_id
123
+ root.application.session_id
124
124
  end
125
125
 
126
126
  # Typically, this would be accessed through
@@ -131,7 +131,7 @@ module Contrast
131
131
  # @return [String,nil] the value of the session metadata set in the
132
132
  # configuration, or nil if unset
133
133
  def session_metadata
134
- @config.application.session_metadata
134
+ root.application.session_metadata
135
135
  end
136
136
 
137
137
  # Typically, the following values would be accessed through Contrast::Components::AppContext
@@ -140,7 +140,7 @@ module Contrast
140
140
  #
141
141
  # @return [String, nil]
142
142
  def api_url
143
- @config.api.url
143
+ root.api.url
144
144
  end
145
145
 
146
146
  # Typically, the following values would be accessed through Contrast::Components::AppContext
@@ -149,7 +149,7 @@ module Contrast
149
149
  #
150
150
  # @return [String, nil]
151
151
  def api_key
152
- @config.api.api_key
152
+ root.api.api_key
153
153
  end
154
154
 
155
155
  # Typically, the following values would be accessed through Contrast::Components::AppContext
@@ -158,7 +158,7 @@ module Contrast
158
158
  #
159
159
  # @return [String, nil]
160
160
  def api_service_key
161
- @config.api.service_key
161
+ root.api.service_key
162
162
  end
163
163
 
164
164
  # Typically, the following values would be accessed through Contrast::Components::AppContext
@@ -167,7 +167,7 @@ module Contrast
167
167
  #
168
168
  # @return [String, nil]
169
169
  def api_username
170
- @config.api.user_name
170
+ root.api.user_name
171
171
  end
172
172
 
173
173
  # Typically, the following values would be accessed through Contrast::Components::AppContext
@@ -176,7 +176,7 @@ module Contrast
176
176
  #
177
177
  # @return [String, nil]
178
178
  def bypass
179
- @config.root.agent.service.bypass
179
+ root.agent.service.bypass
180
180
  end
181
181
 
182
182
  # Typically, the following values would be accessed through Contrast::Components::AppContext
@@ -185,7 +185,7 @@ module Contrast
185
185
  #
186
186
  # @return [String, nil]
187
187
  def logger_path
188
- @config.root.agent.logger.path
188
+ root.agent.logger.path
189
189
  end
190
190
  end
191
191
  end
@@ -15,6 +15,7 @@ module Contrast
15
15
  include Contrast::Components::ComponentBase
16
16
 
17
17
  DEFAULT_SERVICE_LOG = 'contrast_service.log'
18
+ DEFAULT_SERVICE_LEVEL = :TRACE
18
19
  # The Rails ActionDispatch regexp for localhost IP + literal localhost
19
20
  # https://github.com/rails/rails/blob/master/actionpack/lib/action_dispatch/http/request.rb#L32
20
21
  LOCALHOST = Regexp.union [/^127\.\d{1,3}\.\d{1,3}\.\d{1,3}$/, /^::1$/, /^0:0:0:0:0:0:0:1(%.*)?$/, /^localhost$/]
@@ -59,6 +60,10 @@ module Contrast
59
60
  @_logger_path ||= ::Contrast::CONFIG.root.agent.service.logger.path || DEFAULT_SERVICE_LOG
60
61
  end
61
62
 
63
+ def logger_level
64
+ @_logger_level ||= ::Contrast::CONFIG.root.agent.service.logger.level || DEFAULT_SERVICE_LEVEL
65
+ end
66
+
62
67
  private
63
68
 
64
69
  def disabled?
@@ -14,7 +14,7 @@ module Contrast
14
14
  DEFAULT_SAMPLING_WINDOW_MS = 180_000
15
15
  end
16
16
 
17
- module ClassMethods #:nodoc:
17
+ module ClassMethods # :nodoc:
18
18
  include Contrast::Components::ComponentBase
19
19
  include Constants
20
20
 
@@ -90,7 +90,7 @@ module Contrast
90
90
  end
91
91
  end
92
92
 
93
- module InstanceMethods #:nodoc:
93
+ module InstanceMethods # :nodoc:
94
94
  include Contrast::Components::ComponentBase
95
95
  include Constants
96
96
  include ClassMethods
@@ -8,7 +8,7 @@ module Contrast
8
8
  class AgentConfiguration < BaseConfiguration
9
9
  KEYS = {
10
10
  enable: EMPTY_VALUE,
11
- start_bundled_service: Contrast::Config::DefaultValue.new(true),
11
+ start_bundled_service: true,
12
12
  omit_body: EMPTY_VALUE,
13
13
  service: Contrast::Config::ServiceConfiguration,
14
14
  logger: Contrast::Config::LoggerConfiguration,
@@ -1,18 +1,23 @@
1
1
  # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'contrast/config/default_value'
4
+ require 'contrast/config/api_proxy_configuration'
5
+ require 'contrast/config/certification_configuration'
6
+ require 'contrast/config/request_audit_configuration'
5
7
 
6
8
  module Contrast
7
9
  module Config
8
10
  # Api keys configuration
9
11
  class ApiConfiguration < BaseConfiguration
10
- URL = 'https://app.contrastsecurity.com/Contrast'
12
+ URL = 'https://app.contrastsecurity.com/contrast'
11
13
  KEYS = {
12
14
  api_key: EMPTY_VALUE,
13
- url: Contrast::Config::DefaultValue.new(URL),
15
+ url: URL,
14
16
  user_name: EMPTY_VALUE,
15
- service_key: EMPTY_VALUE
17
+ service_key: EMPTY_VALUE,
18
+ proxy: Contrast::Config::ApiProxyConfiguration,
19
+ request_audit: Contrast::Config::RequestAuditConfiguration,
20
+ certificate: Contrast::Config::CertificationConfiguration
16
21
  }.cs__freeze
17
22
  def initialize hsh
18
23
  super(hsh, KEYS)
@@ -0,0 +1,14 @@
1
+ # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ module Contrast
5
+ module Config
6
+ # Api Proxy keys configuration
7
+ class ApiProxyConfiguration < BaseConfiguration
8
+ KEYS = { enable: false, url: EMPTY_VALUE }.cs__freeze
9
+ def initialize hsh
10
+ super(hsh, KEYS)
11
+ end
12
+ end
13
+ end
14
+ end
@@ -1,7 +1,6 @@
1
1
  # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'contrast/config/default_value'
5
4
  require 'contrast/utils/object_share'
6
5
 
7
6
  module Contrast
@@ -18,8 +17,8 @@ module Contrast
18
17
  tags: EMPTY_VALUE,
19
18
  code: EMPTY_VALUE,
20
19
  metadata: EMPTY_VALUE,
21
- session_id: Contrast::Config::DefaultValue.new(Contrast::Utils::ObjectShare::EMPTY_STRING),
22
- session_metadata: Contrast::Config::DefaultValue.new(Contrast::Utils::ObjectShare::EMPTY_STRING)
20
+ session_id: Contrast::Utils::ObjectShare::EMPTY_STRING,
21
+ session_metadata: Contrast::Utils::ObjectShare::EMPTY_STRING
23
22
  }.cs__freeze
24
23
 
25
24
  def initialize hsh
@@ -9,11 +9,11 @@ module Contrast
9
9
  KEYS = {
10
10
  tags: EMPTY_VALUE,
11
11
  enable: EMPTY_VALUE,
12
- enable_scan_response: Contrast::Config::DefaultValue.new('true'),
13
- enable_dynamic_sources: Contrast::Config::DefaultValue.new('true'),
12
+ enable_scan_response: true,
13
+ enable_dynamic_sources: true,
14
14
  sampling: Contrast::Config::SamplingConfiguration,
15
15
  rules: Contrast::Config::AssessRulesConfiguration,
16
- stacktraces: Contrast::Config::DefaultValue.new('ALL')
16
+ stacktraces: 'ALL'
17
17
  }.cs__freeze
18
18
 
19
19
  def initialize hsh
@@ -12,17 +12,18 @@ module Contrast
12
12
  class BaseConfiguration
13
13
  extend Forwardable
14
14
 
15
- STRING_BOOLEANS = %w[false true].cs__freeze
15
+ attr_reader :configuration_map
16
16
 
17
- attr_reader :map
18
-
19
- alias_method :to_hash, :map
20
- def_delegators :@map, :empty?, :key?, :delete, :fetch, :[], :[]=, :each, :each_pair, :each_key, :each_value
17
+ alias_method :to_hash, :configuration_map
18
+ def_delegators :@configuration_map, :empty?, :key?, :delete, :fetch,
19
+ :[], :[]=, :each, :each_pair, :each_key, :each_value
21
20
 
22
21
  EMPTY_VALUE = :EMPTY_VALUE
23
22
 
24
23
  def initialize hsh = {}, keys = {}
25
- @map = {}
24
+ # holds configuration key value pairs
25
+ # each configuration class can contain nested BaseConfigurations
26
+ @configuration_map = {}
26
27
  traverse_config(hsh, keys)
27
28
  end
28
29
 
@@ -39,7 +40,7 @@ module Contrast
39
40
  end
40
41
 
41
42
  def nil?
42
- @map.empty?
43
+ @configuration_map.empty?
43
44
  end
44
45
 
45
46
  private
@@ -69,25 +70,13 @@ module Contrast
69
70
  end
70
71
 
71
72
  def assign_config_value str_key, spec_value, user_provided_value
72
- @map[str_key] = if spec_value.is_a?(Class) && spec_value <= Contrast::Config::BaseConfiguration
73
- spec_value.new(user_provided_value)
74
- elsif spec_value.is_a?(Contrast::Config::DefaultValue) && user_provided_value == EMPTY_VALUE
75
- spec_value.value
76
- elsif user_provided_value.cs__is_a?(String)
77
- value = user_provided_value.downcase
78
- # converts string values to 'true' => true or 'false' => false
79
- case value
80
- when STRING_BOOLEANS[1]
81
- true
82
- when STRING_BOOLEANS[0]
83
- false
84
- else
85
- # returns non boolean string values
86
- user_provided_value
87
- end
88
- else
89
- user_provided_value
90
- end
73
+ @configuration_map[str_key] = if spec_value.is_a?(Class) && spec_value <= Contrast::Config::BaseConfiguration
74
+ spec_value.new(user_provided_value)
75
+ elsif user_provided_value == EMPTY_VALUE
76
+ spec_value
77
+ else
78
+ user_provided_value
79
+ end
91
80
  end
92
81
 
93
82
  def value_from_key_config key, config_hash
@@ -99,13 +88,13 @@ module Contrast
99
88
 
100
89
  def define_getter str_key
101
90
  define_singleton_method str_key.to_sym do
102
- @map[str_key] == EMPTY_VALUE ? nil : @map[str_key]
91
+ @configuration_map[str_key] == EMPTY_VALUE ? nil : @configuration_map[str_key]
103
92
  end
104
93
  end
105
94
 
106
95
  def define_setter str_key
107
96
  define_singleton_method "#{ str_key }=".to_sym do |new_value|
108
- @map[str_key] = new_value
97
+ @configuration_map[str_key] = new_value
109
98
  end
110
99
  end
111
100
  end
@@ -0,0 +1,15 @@
1
+ # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ module Contrast
5
+ module Config
6
+ # Certificate Configuration
7
+ class CertificationConfiguration < BaseConfiguration
8
+ KEYS = { enable: false, ca_file: EMPTY_VALUE, cert_file: EMPTY_VALUE, key_file: EMPTY_VALUE }.cs__freeze
9
+
10
+ def initialize hsh
11
+ super(hsh, KEYS)
12
+ end
13
+ end
14
+ end
15
+ end
@@ -5,20 +5,13 @@ module Contrast
5
5
  module Config
6
6
  # This module is holding all the Env Variables that we could use through the agent lifecycle
7
7
  module EnvVariables
8
- ENV_VARIABLES = {
9
- telemetry_opt_outs: ENV['CONTRAST_AGENT_TELEMETRY_OPTOUT'].to_s || Contrast::Config::DefaultValue.new('false')
10
- }.cs__freeze
8
+ ENV_VARIABLES = { telemetry_opt_outs: ENV['CONTRAST_AGENT_TELEMETRY_OPTOUT'].to_s || false }.cs__freeze
11
9
 
12
10
  def return_value key
13
11
  return unless ENV_VARIABLES.key?(key.to_sym)
14
12
 
15
13
  sym_key = key.downcase.to_sym
16
- return_val = ENV_VARIABLES[sym_key]
17
- if return_val.is_a?(Contrast::Config::DefaultValue)
18
- return_val.value
19
- else
20
- return_val
21
- end
14
+ ENV_VARIABLES[sym_key]
22
15
  end
23
16
  end
24
17
  end
@@ -8,17 +8,17 @@ module Contrast
8
8
  class HeapDumpConfiguration < BaseConfiguration
9
9
  KEYS = {
10
10
  enable: # should dumps be taken
11
- Contrast::Config::DefaultValue.new(Contrast::Utils::ObjectShare::FALSE),
11
+ Contrast::Utils::ObjectShare::FALSE,
12
12
  path: # dir to which dumps should be
13
- Contrast::Config::DefaultValue.new('contrast_heap_dumps'), # saved
13
+ 'contrast_heap_dumps', # saved
14
14
  delay_ms: # time, in ms, after initialization
15
- Contrast::Config::DefaultValue.new(10_000), # to delay before taking dump
15
+ 10_000, # to delay before taking dump
16
16
  window_ms: # ms between each dump
17
- Contrast::Config::DefaultValue.new(10_000), #
17
+ 10_000, #
18
18
  count: # number of dumps to take
19
- Contrast::Config::DefaultValue.new(5), #
19
+ 5, #
20
20
  clean: # remove temporary objects or not
21
- Contrast::Config::DefaultValue.new(Contrast::Utils::ObjectShare::FALSE) #
21
+ Contrast::Utils::ObjectShare::FALSE #
22
22
  }.cs__freeze
23
23
 
24
24
  def initialize hsh
@@ -6,11 +6,7 @@ module Contrast
6
6
  # Common Configuration settings. Those in this section pertain to the
7
7
  # inventory functionality of the Agent.
8
8
  class InventoryConfiguration < BaseConfiguration
9
- KEYS = {
10
- enable: Contrast::Config::DefaultValue.new(true),
11
- analyze_libraries: Contrast::Config::DefaultValue.new(true),
12
- tags: EMPTY_VALUE
13
- }.cs__freeze
9
+ KEYS = { enable: true, analyze_libraries: true, tags: EMPTY_VALUE }.cs__freeze
14
10
 
15
11
  def initialize hsh
16
12
  super(hsh, KEYS)
@@ -12,7 +12,7 @@ module Contrast
12
12
  enable: EMPTY_VALUE,
13
13
  mode: EMPTY_VALUE,
14
14
  disable_system_commands: EMPTY_VALUE,
15
- detect_custom_code_accessing_system_files: Contrast::Config::DefaultValue.new('true')
15
+ detect_custom_code_accessing_system_files: true
16
16
  }.cs__freeze
17
17
 
18
18
  def initialize hsh
@@ -0,0 +1,18 @@
1
+ # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
+ # frozen_string_literal: true
3
+
4
+ module Contrast
5
+ module Config
6
+ # This class holds the Common Settings for the
7
+ # hidden functionality of the TS
8
+ class RequestAuditConfiguration < BaseConfiguration
9
+ DEFAULT_PATH = './messages'
10
+
11
+ KEYS = { enable: false, requests: false, responses: false, path: DEFAULT_PATH }.cs__freeze
12
+
13
+ def initialize hsh
14
+ super(hsh, KEYS)
15
+ end
16
+ end
17
+ end
18
+ end
@@ -23,17 +23,17 @@ module Contrast
23
23
  DEFAULT_UNINSTRUMENTED_NAMESPACES = %w[FactoryGirl FactoryBot].cs__freeze
24
24
 
25
25
  KEYS = {
26
- disabled_agent_rake_tasks: Contrast::Config::DefaultValue.new(DISABLED_RAKE_TASK_LIST),
26
+ disabled_agent_rake_tasks: DISABLED_RAKE_TASK_LIST,
27
27
  exceptions: Contrast::Config::ExceptionConfiguration,
28
28
  # controls whether or not we patch interpolation, either by rewrite or by funchook
29
- interpolate: Contrast::Config::DefaultValue.new(Contrast::Utils::ObjectShare::TRUE),
29
+ interpolate: Contrast::Utils::ObjectShare::TRUE,
30
30
  # controls whether or not we patch the rb_yield block to track split propagation
31
- propagate_yield: Contrast::Config::DefaultValue.new(Contrast::Utils::ObjectShare::TRUE),
31
+ propagate_yield: Contrast::Utils::ObjectShare::TRUE,
32
32
  # control whether or not we run file scanning rules on require
33
- require_scan: Contrast::Config::DefaultValue.new(Contrast::Utils::ObjectShare::TRUE),
33
+ require_scan: Contrast::Utils::ObjectShare::TRUE,
34
34
  # controls whether or not we track frozen Strings by replacing them
35
- track_frozen_sources: Contrast::Config::DefaultValue.new(Contrast::Utils::ObjectShare::TRUE),
36
- uninstrument_namespace: Contrast::Config::DefaultValue.new(DEFAULT_UNINSTRUMENTED_NAMESPACES)
35
+ track_frozen_sources: Contrast::Utils::ObjectShare::TRUE,
36
+ uninstrument_namespace: DEFAULT_UNINSTRUMENTED_NAMESPACES
37
37
  }.cs__freeze
38
38
 
39
39
  def initialize hsh
@@ -1,7 +1,6 @@
1
1
  # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'contrast/config/default_value'
5
4
  require 'contrast/config/logger_configuration'
6
5
 
7
6
  module Contrast
@@ -20,7 +19,7 @@ module Contrast
20
19
  port: EMPTY_VALUE,
21
20
  socket: EMPTY_VALUE,
22
21
  logger: Contrast::Config::LoggerConfiguration,
23
- bypass: Contrast::Config::DefaultValue.new(false)
22
+ bypass: false
24
23
  }.cs__freeze
25
24
 
26
25
  def initialize hsh
@@ -11,7 +11,6 @@ module Contrast
11
11
  end
12
12
 
13
13
  require 'contrast/config/base_configuration'
14
- require 'contrast/config/default_value'
15
14
 
16
15
  require 'contrast/config/logger_configuration'
17
16