RubyGems - contrast-agent - Versions diffs - 4.3.2 → 4.7.0 - Mend

contrast-agent 4.3.2 → 4.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (317) hide show

checksums.yaml +4 -4
data/.gitmodules +1 -1
data/.simplecov +1 -1
data/Gemfile +1 -1
data/LICENSE.txt +1 -1
data/Rakefile +2 -3
data/exe/contrast_service +1 -1
data/ext/build_funchook.rb +4 -4
data/ext/cs__assess_active_record_named/cs__active_record_named.c +1 -1
data/ext/cs__assess_active_record_named/extconf.rb +1 -1
data/ext/cs__assess_array/cs__assess_array.c +1 -1
data/ext/cs__assess_array/extconf.rb +1 -1
data/ext/cs__assess_basic_object/cs__assess_basic_object.c +1 -1
data/ext/cs__assess_basic_object/extconf.rb +1 -1
data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +1 -1
data/ext/cs__assess_fiber_track/extconf.rb +1 -1
data/ext/cs__assess_hash/cs__assess_hash.c +4 -2
data/ext/cs__assess_hash/extconf.rb +1 -1
data/ext/cs__assess_kernel/cs__assess_kernel.c +1 -1
data/ext/cs__assess_kernel/extconf.rb +1 -1
data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +1 -1
data/ext/cs__assess_marshal_module/extconf.rb +1 -1
data/ext/cs__assess_module/cs__assess_module.c +1 -1
data/ext/cs__assess_module/extconf.rb +1 -1
data/ext/cs__assess_regexp/cs__assess_regexp.c +1 -1
data/ext/cs__assess_regexp/extconf.rb +1 -1
data/ext/cs__assess_string/cs__assess_string.c +1 -1
data/ext/cs__assess_string/extconf.rb +1 -1
data/ext/cs__assess_string_interpolation26/cs__assess_string_interpolation26.c +1 -1
data/ext/cs__assess_string_interpolation26/extconf.rb +1 -1
data/ext/cs__assess_yield_track/cs__assess_yield_track.c +1 -1
data/ext/cs__assess_yield_track/extconf.rb +1 -1
data/ext/cs__common/cs__common.c +5 -5
data/ext/cs__common/cs__common.h +4 -4
data/ext/cs__common/extconf.rb +1 -1
data/ext/cs__contrast_patch/cs__contrast_patch.c +22 -25
data/ext/cs__contrast_patch/extconf.rb +1 -1
data/ext/cs__protect_kernel/cs__protect_kernel.c +1 -1
data/ext/cs__protect_kernel/extconf.rb +1 -1
data/ext/extconf_common.rb +2 -6
data/lib/contrast-agent.rb +1 -1
data/lib/contrast.rb +20 -1
data/lib/contrast/agent.rb +6 -4
data/lib/contrast/agent/assess.rb +2 -11
data/lib/contrast/agent/assess/contrast_event.rb +54 -71
data/lib/contrast/agent/assess/contrast_object.rb +7 -4
data/lib/contrast/agent/assess/events/event_factory.rb +3 -2
data/lib/contrast/agent/assess/events/source_event.rb +7 -2
data/lib/contrast/agent/assess/finalizers/freeze.rb +1 -1
data/lib/contrast/agent/assess/finalizers/hash.rb +33 -34
data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +34 -16
data/lib/contrast/agent/assess/policy/patcher.rb +11 -18
data/lib/contrast/agent/assess/policy/policy.rb +1 -1
data/lib/contrast/agent/assess/policy/policy_node.rb +26 -34
data/lib/contrast/agent/assess/policy/policy_scanner.rb +1 -1
data/lib/contrast/agent/assess/policy/preshift.rb +4 -2
data/lib/contrast/agent/assess/policy/propagation_method.rb +32 -30
data/lib/contrast/agent/assess/policy/propagation_node.rb +20 -9
data/lib/contrast/agent/assess/policy/propagator.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/append.rb +29 -14
data/lib/contrast/agent/assess/policy/propagator/base.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/center.rb +3 -2
data/lib/contrast/agent/assess/policy/propagator/custom.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/database_write.rb +22 -17
data/lib/contrast/agent/assess/policy/propagator/insert.rb +4 -2
data/lib/contrast/agent/assess/policy/propagator/keep.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/match_data.rb +3 -2
data/lib/contrast/agent/assess/policy/propagator/next.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/prepend.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/remove.rb +23 -19
data/lib/contrast/agent/assess/policy/propagator/replace.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/reverse.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/select.rb +3 -13
data/lib/contrast/agent/assess/policy/propagator/splat.rb +24 -14
data/lib/contrast/agent/assess/policy/propagator/split.rb +18 -15
data/lib/contrast/agent/assess/policy/propagator/substitution.rb +32 -22
data/lib/contrast/agent/assess/policy/propagator/trim.rb +64 -45
data/lib/contrast/agent/assess/policy/rewriter_patch.rb +7 -4
data/lib/contrast/agent/assess/policy/source_method.rb +92 -81
data/lib/contrast/agent/assess/policy/source_node.rb +1 -1
data/lib/contrast/agent/assess/policy/source_validation/cross_site_validator.rb +8 -6
data/lib/contrast/agent/assess/policy/source_validation/source_validation.rb +2 -4
data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +7 -3
data/lib/contrast/agent/assess/policy/trigger/xpath.rb +7 -8
data/lib/contrast/agent/assess/policy/trigger_method.rb +109 -76
data/lib/contrast/agent/assess/policy/trigger_node.rb +33 -11
data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +60 -0
data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +3 -5
data/lib/contrast/agent/assess/policy/trigger_validation/trigger_validation.rb +7 -5
data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +4 -13
data/lib/contrast/agent/assess/properties.rb +1 -3
data/lib/contrast/agent/assess/property/evented.rb +9 -6
data/lib/contrast/agent/assess/property/tagged.rb +38 -20
data/lib/contrast/agent/assess/property/updated.rb +1 -1
data/lib/contrast/agent/assess/rule/provider.rb +1 -1
data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +12 -6
data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +5 -2
data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +4 -6
data/lib/contrast/agent/assess/tag.rb +1 -1
data/lib/contrast/agent/assess/tracker.rb +2 -2
data/lib/contrast/agent/at_exit_hook.rb +1 -1
data/lib/contrast/agent/class_reopener.rb +4 -2
data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +1 -1
data/lib/contrast/agent/deadzone/policy/policy.rb +7 -3
data/lib/contrast/agent/disable_reaction.rb +2 -4
data/lib/contrast/agent/exclusion_matcher.rb +6 -12
data/lib/contrast/agent/inventory.rb +1 -2
data/lib/contrast/agent/inventory/dependencies.rb +3 -1
data/lib/contrast/agent/inventory/dependency_analysis.rb +1 -1
data/lib/contrast/agent/inventory/dependency_usage_analysis.rb +35 -23
data/lib/contrast/agent/inventory/policy/datastores.rb +1 -1
data/lib/contrast/agent/inventory/policy/policy.rb +1 -1
data/lib/contrast/agent/inventory/policy/trigger_node.rb +1 -1
data/lib/contrast/agent/middleware.rb +111 -110
data/lib/contrast/agent/module_data.rb +4 -4
data/lib/contrast/agent/patching/policy/after_load_patch.rb +1 -1
data/lib/contrast/agent/patching/policy/after_load_patcher.rb +9 -4
data/lib/contrast/agent/patching/policy/method_policy.rb +7 -3
data/lib/contrast/agent/patching/policy/module_policy.rb +15 -8
data/lib/contrast/agent/patching/policy/patch.rb +23 -29
data/lib/contrast/agent/patching/policy/patch_status.rb +8 -9
data/lib/contrast/agent/patching/policy/patcher.rb +72 -64
data/lib/contrast/agent/patching/policy/policy.rb +14 -21
data/lib/contrast/agent/patching/policy/policy_node.rb +15 -5
data/lib/contrast/agent/patching/policy/trigger_node.rb +26 -10
data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +2 -2
data/lib/contrast/agent/protect/policy/applies_deserialization_rule.rb +2 -2
data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +2 -2
data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +3 -4
data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +2 -2
data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +6 -10
data/lib/contrast/agent/protect/policy/policy.rb +1 -1
data/lib/contrast/agent/protect/policy/rule_applicator.rb +6 -6
data/lib/contrast/agent/protect/policy/trigger_node.rb +1 -1
data/lib/contrast/agent/protect/rule.rb +1 -1
data/lib/contrast/agent/protect/rule/base.rb +19 -33
data/lib/contrast/agent/protect/rule/base_service.rb +10 -6
data/lib/contrast/agent/protect/rule/cmd_injection.rb +15 -19
data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -1
data/lib/contrast/agent/protect/rule/deserialization.rb +7 -14
data/lib/contrast/agent/protect/rule/http_method_tampering.rb +4 -15
data/lib/contrast/agent/protect/rule/no_sqli.rb +7 -3
data/lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb +2 -4
data/lib/contrast/agent/protect/rule/path_traversal.rb +6 -6
data/lib/contrast/agent/protect/rule/sqli.rb +19 -13
data/lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb +1 -1
data/lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb +1 -1
data/lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb +2 -2
data/lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb +1 -1
data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +2 -2
data/lib/contrast/agent/protect/rule/xss.rb +2 -2
data/lib/contrast/agent/protect/rule/xxe.rb +6 -13
data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +2 -3
data/lib/contrast/agent/railtie.rb +1 -1
data/lib/contrast/agent/reaction_processor.rb +12 -11
data/lib/contrast/agent/request.rb +25 -24
data/lib/contrast/agent/request_context.rb +25 -23
data/lib/contrast/agent/request_handler.rb +1 -1
data/lib/contrast/agent/response.rb +1 -1
data/lib/contrast/agent/rewriter.rb +6 -4
data/lib/contrast/agent/rule_set.rb +3 -3
data/lib/contrast/agent/scope.rb +1 -1
data/lib/contrast/agent/service_heartbeat.rb +3 -4
data/lib/contrast/agent/static_analysis.rb +1 -1
data/lib/contrast/agent/thread.rb +2 -2
data/lib/contrast/agent/thread_watcher.rb +21 -6
data/lib/contrast/agent/tracepoint_hook.rb +2 -2
data/lib/contrast/agent/version.rb +2 -2
data/lib/contrast/agent/worker_thread.rb +1 -1
data/lib/contrast/api.rb +1 -1
data/lib/contrast/api/communication.rb +1 -1
data/lib/contrast/api/communication/connection_status.rb +1 -1
data/lib/contrast/api/communication/messaging_queue.rb +19 -22
data/lib/contrast/api/communication/response_processor.rb +13 -8
data/lib/contrast/api/communication/service_lifecycle.rb +5 -3
data/lib/contrast/api/communication/socket.rb +1 -1
data/lib/contrast/api/communication/socket_client.rb +30 -35
data/lib/contrast/api/communication/speedracer.rb +6 -10
data/lib/contrast/api/communication/tcp_socket.rb +1 -1
data/lib/contrast/api/communication/unix_socket.rb +1 -1
data/lib/contrast/api/decorators.rb +3 -1
data/lib/contrast/api/decorators/address.rb +1 -1
data/lib/contrast/api/decorators/agent_startup.rb +58 -0
data/lib/contrast/api/decorators/application_settings.rb +1 -1
data/lib/contrast/api/decorators/application_startup.rb +57 -0
data/lib/contrast/api/decorators/application_update.rb +1 -1
data/lib/contrast/api/decorators/http_request.rb +1 -1
data/lib/contrast/api/decorators/input_analysis.rb +1 -1
data/lib/contrast/api/decorators/instrumentation_mode.rb +37 -0
data/lib/contrast/api/decorators/library.rb +9 -7
data/lib/contrast/api/decorators/library_usage_update.rb +1 -1
data/lib/contrast/api/decorators/message.rb +4 -4
data/lib/contrast/api/decorators/rasp_rule_sample.rb +1 -1
data/lib/contrast/api/decorators/route_coverage.rb +16 -6
data/lib/contrast/api/decorators/server_features.rb +1 -1
data/lib/contrast/api/decorators/trace_event.rb +46 -16
data/lib/contrast/api/decorators/trace_event_object.rb +2 -4
data/lib/contrast/api/decorators/trace_event_signature.rb +1 -1
data/lib/contrast/api/decorators/trace_taint_range.rb +1 -1
data/lib/contrast/api/decorators/trace_taint_range_tags.rb +2 -7
data/lib/contrast/api/decorators/user_input.rb +1 -1
data/lib/contrast/components/agent.rb +16 -15
data/lib/contrast/components/app_context.rb +11 -29
data/lib/contrast/components/assess.rb +6 -11
data/lib/contrast/components/config.rb +3 -2
data/lib/contrast/components/contrast_service.rb +8 -9
data/lib/contrast/components/heap_dump.rb +1 -1
data/lib/contrast/components/interface.rb +4 -3
data/lib/contrast/components/inventory.rb +1 -1
data/lib/contrast/components/logger.rb +1 -1
data/lib/contrast/components/protect.rb +11 -14
data/lib/contrast/components/sampling.rb +55 -7
data/lib/contrast/components/scope.rb +2 -1
data/lib/contrast/components/settings.rb +29 -99
data/lib/contrast/config.rb +1 -1
data/lib/contrast/config/agent_configuration.rb +1 -1
data/lib/contrast/config/application_configuration.rb +1 -1
data/lib/contrast/config/assess_configuration.rb +1 -1
data/lib/contrast/config/assess_rules_configuration.rb +2 -4
data/lib/contrast/config/base_configuration.rb +5 -6
data/lib/contrast/config/default_value.rb +1 -1
data/lib/contrast/config/exception_configuration.rb +2 -6
data/lib/contrast/config/heap_dump_configuration.rb +13 -7
data/lib/contrast/config/inventory_configuration.rb +1 -1
data/lib/contrast/config/logger_configuration.rb +2 -6
data/lib/contrast/config/protect_configuration.rb +1 -1
data/lib/contrast/config/protect_rule_configuration.rb +23 -1
data/lib/contrast/config/protect_rules_configuration.rb +1 -1
data/lib/contrast/config/root_configuration.rb +1 -1
data/lib/contrast/config/ruby_configuration.rb +1 -1
data/lib/contrast/config/sampling_configuration.rb +1 -1
data/lib/contrast/config/server_configuration.rb +1 -1
data/lib/contrast/config/service_configuration.rb +1 -1
data/lib/contrast/configuration.rb +4 -15
data/lib/contrast/delegators/input_analysis.rb +12 -0
data/lib/contrast/extension/assess.rb +1 -1
data/lib/contrast/extension/assess/array.rb +2 -7
data/lib/contrast/extension/assess/erb.rb +2 -8
data/lib/contrast/extension/assess/eval_trigger.rb +3 -11
data/lib/contrast/extension/assess/exec_trigger.rb +4 -14
data/lib/contrast/extension/assess/fiber.rb +3 -13
data/lib/contrast/extension/assess/hash.rb +1 -1
data/lib/contrast/extension/assess/kernel.rb +3 -10
data/lib/contrast/extension/assess/marshal.rb +3 -11
data/lib/contrast/extension/assess/regexp.rb +2 -7
data/lib/contrast/extension/assess/string.rb +4 -2
data/lib/contrast/extension/delegator.rb +1 -1
data/lib/contrast/extension/inventory.rb +1 -1
data/lib/contrast/extension/kernel.rb +5 -3
data/lib/contrast/extension/module.rb +1 -1
data/lib/contrast/extension/protect.rb +1 -1
data/lib/contrast/extension/protect/kernel.rb +1 -1
data/lib/contrast/extension/protect/psych.rb +1 -1
data/lib/contrast/extension/thread.rb +1 -1
data/lib/contrast/framework/base_support.rb +1 -1
data/lib/contrast/framework/manager.rb +14 -17
data/lib/contrast/framework/platform_version.rb +1 -1
data/lib/contrast/framework/rack/patch/session_cookie.rb +6 -19
data/lib/contrast/framework/rack/patch/support.rb +7 -5
data/lib/contrast/framework/rack/support.rb +1 -1
data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +1 -1
data/lib/contrast/framework/rails/patch/assess_configuration.rb +8 -3
data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +4 -4
data/lib/contrast/framework/rails/patch/support.rb +5 -3
data/lib/contrast/framework/rails/rewrite/action_controller_railties_helper_inherited.rb +5 -2
data/lib/contrast/framework/rails/rewrite/active_record_attribute_methods_read.rb +3 -1
data/lib/contrast/framework/rails/rewrite/active_record_named.rb +3 -1
data/lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb +3 -1
data/lib/contrast/framework/rails/support.rb +45 -46
data/lib/contrast/framework/sinatra/support.rb +103 -42
data/lib/contrast/funchook/funchook.rb +2 -6
data/lib/contrast/logger/application.rb +13 -10
data/lib/contrast/logger/format.rb +3 -6
data/lib/contrast/logger/log.rb +36 -19
data/lib/contrast/logger/request.rb +2 -3
data/lib/contrast/logger/time.rb +1 -1
data/lib/contrast/security_exception.rb +2 -2
data/lib/contrast/tasks/config.rb +1 -1
data/lib/contrast/tasks/service.rb +6 -2
data/lib/contrast/utils/assess/sampling_util.rb +1 -1
data/lib/contrast/utils/assess/tracking_util.rb +2 -3
data/lib/contrast/utils/class_util.rb +18 -12
data/lib/contrast/utils/duck_utils.rb +1 -1
data/lib/contrast/utils/env_configuration_item.rb +1 -1
data/lib/contrast/utils/hash_digest.rb +16 -24
data/lib/contrast/utils/heap_dump_util.rb +104 -88
data/lib/contrast/utils/invalid_configuration_util.rb +22 -13
data/lib/contrast/utils/inventory_util.rb +1 -1
data/lib/contrast/utils/io_util.rb +2 -2
data/lib/contrast/utils/job_servers_running.rb +10 -5
data/lib/contrast/utils/object_share.rb +1 -1
data/lib/contrast/utils/os.rb +3 -2
data/lib/contrast/utils/preflight_util.rb +1 -1
data/lib/contrast/utils/resource_loader.rb +1 -1
data/lib/contrast/utils/ruby_ast_rewriter.rb +3 -2
data/lib/contrast/utils/sha256_builder.rb +1 -1
data/lib/contrast/utils/stack_trace_utils.rb +1 -1
data/lib/contrast/utils/string_utils.rb +1 -1
data/lib/contrast/utils/tag_util.rb +1 -1
data/lib/contrast/utils/thread_tracker.rb +1 -1
data/lib/contrast/utils/timer.rb +1 -1
data/resources/assess/policy.json +8 -11
data/resources/deadzone/policy.json +7 -17
data/ruby-agent.gemspec +66 -27
data/service_executables/VERSION +1 -1
data/service_executables/linux/contrast-service +0 -0
data/service_executables/mac/contrast-service +0 -0
data/sonar-project.properties +9 -0
metadata +154 -156
data/lib/contrast/agent/assess/rule.rb +0 -18
data/lib/contrast/agent/assess/rule/base.rb +0 -52
data/lib/contrast/agent/assess/rule/redos.rb +0 -67
data/lib/contrast/agent/inventory/gemfile_digest_cache.rb +0 -38
data/lib/contrast/common_agent_configuration.rb +0 -87
data/lib/contrast/framework/sinatra/patch/base.rb +0 -83
data/lib/contrast/framework/sinatra/patch/support.rb +0 -27
data/lib/contrast/utils/prevent_serialization.rb +0 -52

data/lib/contrast/agent/version.rb CHANGED Viewed

@@ -1,8 +1,8 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 module Contrast
   module Agent
-    VERSION = '4.3.2'
+    VERSION = '4.7.0'
   end
 end

data/lib/contrast/agent/worker_thread.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 module Contrast

data/lib/contrast/api.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 module Contrast

data/lib/contrast/api/communication.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 module Contrast

data/lib/contrast/api/communication/connection_status.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 module Contrast

data/lib/contrast/api/communication/messaging_queue.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 require 'contrast/components/interface'
@@ -10,7 +10,7 @@ module Contrast
       # Top level gateway to messaging with speedracer
       class MessagingQueue < Contrast::Agent::WorkerThread
         include Contrast::Components::Interface
-        access_component :analysis, :logging, :settings
+        access_component :agent, :analysis, :logging, :settings
         attr_reader :queue, :speedracer
@@ -22,11 +22,19 @@ module Contrast
         # Use this to bypass the messaging queue and leave response processing to the caller
         def send_event_immediately event
-          send_event(event, true)
+          if AGENT.disabled?
+            logger.warn('Attempted to send event immediately with Agent disabled', caller: caller, event: event)
+            return
+          end
+          speedracer.return_response(event)
         end
         # Use this to add a message to the queue and process the response internally
         def send_event_eventually event
+          if AGENT.disabled?
+            logger.warn('Attempted to queue event with Agent disabled', caller: caller, event: event)
+            return
+          end
           logger.debug('Enqueued event for sending', event_type: event.cs__class)
           queue << event if event
         end
@@ -35,13 +43,14 @@ module Contrast
           speedracer.ensure_startup!
           return if running?
+          @queue ||= Queue.new
           @_thread = Contrast::Agent::Thread.new do
             loop do
               event = queue.pop
               begin
                 logger.debug('Dequeued event for sending', event_type: event.cs__class)
-                send_event(event)
+                speedracer.process_internally(event)
               rescue StandardError => e
                 logger.error('Could not send message to service from messaging queue thread.', e)
               end
@@ -50,25 +59,13 @@ module Contrast
           logger.debug('Started background sending thread.')
         end
-        private
+        def stop!
+          return unless running?
-        # return_response is used to determine if we want to return the response to the caller or process it internally
-        def send_event event, return_response = false
-          preprocess_event(event)
-          if return_response
-            speedracer.return_response(event)
-          else
-            speedracer.process_internally(event)
-          end
-        end
-        # For now this only handles appending assess tags
-        # eventually we could break out preprocessors for every event type
-        def preprocess_event event
-          return unless event.is_a?(Contrast::Api::Dtm::Activity)
-          # See if they're even enabled
-          event.findings.delete_if { |finding| ASSESS.rule_disabled?(finding.rule_id) }
+          super
+          @queue&.clear
+          @queue&.close
+          @queue = nil
         end
       end
     end

data/lib/contrast/api/communication/response_processor.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 require 'contrast/agent/reaction_processor'
@@ -11,6 +11,7 @@ module Contrast
         include Contrast::Components::Interface
         access_component :agent, :analysis, :logging, :settings
+        # @param response [Contrast::Api::Settings::AgentSettings]
         def process response
           logger.debug('Received a response', sent_ms: response&.sent_ms)
@@ -23,16 +24,16 @@ module Contrast
           Contrast::Logger::Log.instance.update(server_features&.log_file, server_features&.log_level)
           update_features(server_features, app_settings)
-          logger.trace(
-              'Agent settings updated in response to Service',
-              protect_on: PROTECT.enabled?,
-              assess_on: ASSESS.enabled?)
+          logger.trace('Agent settings updated in response to Service', protect_on: PROTECT.enabled?,
+                                                                        assess_on: ASSESS.enabled?)
         end
         private
-        # Given some protobuf messages, update settings.
+        # Given some protobuf messages, update server features.
         # This is the bridge between Contrast Service <-> Settings.
+        #
+        # @param response [Contrast::Api::Settings::AgentSettings]
         def process_server_response response
           server_features = response&.server_features
           return unless server_features
@@ -44,6 +45,10 @@ module Contrast
           server_features
         end
+        # Given some protobuf messages, update application settings.
+        # This is the bridge between Contrast Service <-> Settings.
+        #
+        # @param response [Contrast::Api::Settings::AgentSettings]
         def process_application_response response
           app_settings = response&.application_settings
           return unless app_settings
@@ -63,12 +68,12 @@ module Contrast
           logger.trace_with_time('Rebuilding rule modes') do
             SETTINGS.build_protect_rules if PROTECT.enabled?
-            SETTINGS.build_assess_rules  if ASSESS.enabled?
             AGENT.reset_ruleset
             logger.info('Current rule settings:')
             PROTECT.rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
-            ASSESS.rules.each { |k, v| logger.info('Assess Rule mode set', rule: k, mode: v.enabled?) }
+            logger.info('Disabled Assess Rules', rules: ASSESS.disabled_rules)
           end
         end
       end

data/lib/contrast/api/communication/service_lifecycle.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 module Contrast
@@ -21,12 +21,14 @@ module Contrast
           is_service_started
         end
-        # check if there's a zombie service that exists, and wait on it if so.
-        # currently, this only happens when trying to initialize speedracer
+        # check if there's a zombie service that exists, and wait on it if so. currently, this only happens when trying
+        # to initialize speedracer
         def zombie_check
           zombie_pid_list = Contrast::Utils::OS.zombie_pids
           zombie_pid_list.each do |pid|
             Process.wait(pid.to_i)
+          rescue Errno::ECHILD => _e
+            # Sometimes the zombie process dies between us finding it and killing it
           end
         end

data/lib/contrast/api/communication/socket.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 module Contrast

data/lib/contrast/api/communication/socket_client.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 require 'socket'
@@ -26,6 +26,7 @@ module Contrast
         #
         # @param event [Contrast::Api::Dtm] One of the DTMs valid for the event field of
         #   Contrast::Api::Dtm::Message
+        # @return [Contrast::Api::Settings::AgentSettings]
         def send_one event
           msg = Contrast::Api::Dtm::Message.build(event)
           send_message(msg)
@@ -51,54 +52,48 @@ module Contrast
           end
           # The host & port are set,
           if CONFIG.root.agent.service.host && CONFIG.root.agent.service.port
-            logger.info('Connecting to the Contrast Service using a TCP socket',
-                        host: CONTRAST_SERVICE.host,
-                        port: CONTRAST_SERVICE.port)
+            logger.info('Connecting to the Contrast Service using a TCP socket', host: CONTRAST_SERVICE.host,
+                                                                                 port: CONTRAST_SERVICE.port)
             return
           end
           # Or something is not set.
-          msg = if CONFIG.root.agent.service.host
-                  'Missing a required connection value to the Contrast Service. ' \
-                  '`agent.service.port` is not set. ' \
-                  'Falling back to default TCP socket port.'
-                elsif CONFIG.root.agent.service.port
-                  'Missing a required connection value to the Contrast Service. ' \
-                  '`agent.service.host` is not set. ' \
-                  'Falling back to default TCP socket host.'
-                else
-                  'Missing a required connection value to the Contrast Service. ' \
-                  'Neither `agent.service.socket` nor the pair of `agent.service.host` and `agent.service.port` are set. '\
-                  'Falling back to default TCP socket.'
-                end
-          logger.warn(msg,
-                      host: CONTRAST_SERVICE.host,
-                      port: CONTRAST_SERVICE.port)
+          logger.warn(log_connection_error_msg, host: CONTRAST_SERVICE.host, port: CONTRAST_SERVICE.port)
+        end
+        # If our connection isn't built properly, we need to warn the user. This builds out the context specific
+        # message to provide that warning
+        #
+        # @return [String]
+        def log_connection_error_msg
+          if CONFIG.root.agent.service.host
+            'Missing a required connection value to the Contrast Service. ' \
+            '`agent.service.port` is not set. ' \
+            'Falling back to default TCP socket port.'
+          elsif CONFIG.root.agent.service.port
+            'Missing a required connection value to the Contrast Service. ' \
+            '`agent.service.host` is not set. ' \
+            'Falling back to default TCP socket host.'
+          else
+            'Missing a required connection value to the Contrast Service. ' \
+            'Neither `agent.service.socket` nor the pair of `agent.service.host` and `agent.service.port` are set. '\
+            'Falling back to default TCP socket.'
+          end
         end
         def send_message msg
           return unless msg
-          logger.debug('Sending message.',
-                       msg_id: msg.__id__,
-                       p_id: msg.pid,
-                       msg_count: msg.message_count)
+          logger.debug('Sending message.', msg_id: msg.__id__, p_id: msg.pid, msg_count: msg.message_count)
           to_service = Contrast::Api::Dtm::Message.encode(msg)
           from_service = send_marshaled(to_service)
           response = Contrast::Api::Settings::AgentSettings.decode(from_service)
-          logger.debug('Received response.',
-                       msg_id: msg.__id__,
-                       p_id: msg.pid,
-                       msg_count: msg.message_count,
-                       response_id: response&.__id__)
+          logger.debug('Received response.', msg_id: msg.__id__, p_id: msg.pid, msg_count: msg.message_count,
+                                             response_id: response&.__id__)
           response
         rescue StandardError => e
-          logger.error('Sending failed for message.',
-                       e,
-                       msg_id: msg.__id__,
-                       p_id: msg.pid,
-                       msg_count: msg.message_count,
-                       response_id: response&.__id__)
+          logger.error('Sending failed for message.', e, msg_id: msg.__id__, p_id: msg.pid,
+                                                         msg_count: msg.message_count, response_id: response&.__id__)
           raise e # reraise to let Speedracer manage the connection
         end

data/lib/contrast/api/communication/speedracer.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 require 'contrast/components/interface'
@@ -58,22 +58,19 @@ module Contrast
         def send_to_speedracer event
           ensure_startup!
-          logger.debug_with_time(event.cs__class.name) do
+          logger.debug_with_time(event.cs__class.cs__name) do
             response = socket_client.send_one event
             status.success!
             yield response
           end
         rescue StandardError => e
           status.failure!
-          logger.error('Unable to send message.', e,
-                       event_id: event.__id__,
-                       event_type: event.cs__class.name)
+          logger.error('Unable to send message.', e, event_id: event.__id__, event_type: event.cs__class.cs__name)
           nil
         end
         def send_initialization_messages
           agent_startup_msg = APP_CONTEXT.build_agent_startup_message
-          app_startup_msg = APP_CONTEXT.build_app_startup_message
           logger.debug('Preparing to send startup messages')
           # 1 initial attempt, + 3 potential retries.
@@ -82,7 +79,8 @@ module Contrast
             log_send_event(agent_startup_msg)
             next unless (agent_response = socket_client.send_one(agent_startup_msg))
-            # Connection was successful
+            # Connection was successful; send app create with the resolved features.
+            app_startup_msg = APP_CONTEXT.build_app_startup_message
             log_send_event(app_startup_msg)
             app_response = socket_client.send_one(app_startup_msg)
@@ -101,9 +99,7 @@ module Contrast
         end
         def log_send_event event
-          logger.debug('Immediately sending event.',
-                       event_id: event.__id__,
-                       event_type: event.cs__class.name)
+          logger.debug('Immediately sending event.', event_id: event.__id__, event_type: event.cs__class.cs__name)
         end
       end
     end

data/lib/contrast/api/communication/tcp_socket.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 require 'contrast/api/communication/socket'

data/lib/contrast/api/communication/unix_socket.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 require 'contrast/api/communication/socket'

data/lib/contrast/api/decorators.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 module Contrast
@@ -10,6 +10,8 @@ module Contrast
 end
 require 'contrast/api/decorators/message'
+require 'contrast/api/decorators/agent_startup'
+require 'contrast/api/decorators/application_startup'
 require 'contrast/api/decorators/application_update'
 require 'contrast/api/decorators/input_analysis'
 require 'contrast/api/decorators/application_settings'

data/lib/contrast/api/decorators/address.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 require 'contrast/api/dtm.pb'

data/lib/contrast/api/decorators/agent_startup.rb ADDED Viewed

@@ -0,0 +1,58 @@
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+require 'contrast/api/dtm.pb'
+require 'contrast/components/interface'
+require 'contrast/utils/string_utils'
+module Contrast
+  module Api
+    module Decorators
+      # Used to decorate the AgentStartup protobuf model to handle reporting Agent process start
+      module AgentStartup
+        include Contrast::Components::ComponentBase
+        include Contrast::Components::Interface
+        access_component :analysis, :config
+        def self.included klass
+          klass.extend(ClassMethods)
+        end
+        # Used to add class methods to the AgentStartup class on inclusion of the decorator
+        module ClassMethods
+          # Return a new DTM with the values from the configuration and Agent discovery
+          #
+          # @parma name [String] the Hostname of this Server, or overridden value, used to identify this process
+          # @parma name [String] the Hostname of this Server, or overridden value, used to identify this process
+          # @parma name [String] the Hostname of this Server, or overridden value, used to identify this process
+          # @return [Contrast::Api::Dtm::AgentStartup]
+          def build name, path, type
+            msg = new
+            msg.server_version   = Contrast::Agent::VERSION
+            msg.server_name      = Contrast::Utils::StringUtils.protobuf_format name
+            msg.server_path      = Contrast::Utils::StringUtils.protobuf_format path
+            msg.server_type      = Contrast::Utils::StringUtils.protobuf_format type
+            config!(msg)
+            msg.finding_tags = Contrast::Utils::StringUtils.protobuf_format ASSESS.tags
+            msg
+          end
+          private
+          # set the configuration driven values for this AgentStartup msg
+          #
+          # @param msg [Contrast::Api::Dtm::AgentStartup]
+          def config! msg
+            msg.version          = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.server.version
+            msg.environment      = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.server.environment
+            msg.server_tags      = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.server.tags
+            msg.application_tags = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.application.tags
+            msg.library_tags     = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.inventory.tags
+          end
+        end
+      end
+    end
+  end
+end
+Contrast::Api::Dtm::AgentStartup.include(Contrast::Api::Decorators::AgentStartup)