contrast-agent 5.1.0 → 5.2.0

data/lib/contrast/components/logger.rb

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 
 require 'contrast/logger/log'
+require 'contrast/logger/cef_log'
 require 'contrast/components/base'
 
 module Contrast
@@ -12,6 +13,10 @@ module Contrast
           Contrast::Logger::Log.instance.logger
         end
 
+        def cef_logger
+          @_cef_logger ||= Contrast::Logger::CEFLog.instance.tap(&:build_logger)
+        end
+
         def add_trace_perf_logging_for sym, custom_message = nil
           logger.add_trace_perf_logging(self, sym, custom_message)
         end

data/lib/contrast/components/protect.rb

@@ -28,7 +28,8 @@ module Contrast
         end
 
         def rule_mode rule_id
-          ::Contrast::CONFIG.root.protect.rules[rule_id]&.applicable_mode ||
+          str = rule_id.tr('-', '_')
+          ::Contrast::CONFIG.root.protect.rules[str]&.applicable_mode ||
               ::Contrast::SETTINGS.application_state.modes_by_id[rule_id] ||
               Contrast::Api::Settings::ProtectionRule::Mode::NO_ACTION
         end
@@ -47,7 +48,8 @@ module Contrast
 
         def report_custom_code_sysfile_access?
           if @_report_custom_code_sysfile_access.nil?
-            ctrl = rule_config[Contrast::Agent::Protect::Rule::PathTraversal::NAME]
+            name_changed = Contrast::Agent::Protect::Rule::PathTraversal::NAME.tr('-', '_')
+            ctrl = rule_config[name_changed]
             @_report_custom_code_sysfile_access = true?(ctrl.detect_custom_code_accessing_system_files)
           end
           @_report_custom_code_sysfile_access

data/lib/contrast/components/scope.rb

@@ -2,8 +2,8 @@
 # frozen_string_literal: true
 
 require 'fiber'
-require 'monitor'
 require 'contrast/agent/scope'
+require 'cs__scope/cs__scope'
 
 # This is the Scope component.
 #
@@ -12,85 +12,99 @@ require 'contrast/agent/scope'
 # execution context for which we need to special case?".
 module Contrast
   module Components
-    module Scope # :nodoc:
-      MONITOR = Monitor.new
-      EXECUTION_CONTEXT = {} # rubocop:disable Style/MutableConstant
-
-      class Interface # :nodoc:
-        def initialize
-          # This is probably redundant with #scope_for_current_ec's nil check.
-          EXECUTION_CONTEXT[Fiber.current] = Contrast::Agent::Scope.new
-        end
-
-        # This returns the scope governing the current execution context. Use this sparingly, preferring the instance
-        # & class methods to access and query scope, rather than interacting with the scope object directly.
-        def scope_for_current_ec
-          MONITOR.synchronize do
-            return EXECUTION_CONTEXT[Fiber.current] ||= Contrast::Agent::Scope.new
-          end
-        end
-      end
-
-      module InstanceMethods # :nodoc:
-        # For each instance method on a scope, define a forwarder to the scope on the current execution context's scope.
-        def scope_for_current_ec
-          MONITOR.synchronize do
-            return EXECUTION_CONTEXT[Fiber.current] ||= Contrast::Agent::Scope.new
-          end
-        end
-
-        def enter_contrast_scope!
-          scope_for_current_ec.enter_contrast_scope!
-        end
-
-        def enter_deserialization_scope!
-          scope_for_current_ec.enter_deserialization_scope!
-        end
-
-        def enter_split_scope!
-          scope_for_current_ec.enter_split_scope!
-        end
-
-        def enter_scope! name
-          scope_for_current_ec.enter_scope! name
-        end
-
-        def exit_contrast_scope!
-          scope_for_current_ec.exit_contrast_scope!
-        end
-
-        def exit_deserialization_scope!
-          scope_for_current_ec.exit_deserialization_scope!
-        end
-
-        def exit_split_scope!
-          scope_for_current_ec.exit_split_scope!
-        end
-
-        def exit_scope! name
-          scope_for_current_ec.exit_scope! name
-        end
-
-        def in_contrast_scope?
-          scope_for_current_ec.in_contrast_scope?
-        end
-
-        def in_deserialization_scope?
-          scope_for_current_ec.in_deserialization_scope?
-        end
-
-        def in_split_scope?
-          scope_for_current_ec.in_split_scope?
-        end
-
-        def split_scope_depth
-          scope_for_current_ec.split_scope_depth
-        end
-
-        def in_scope? name
-          scope_for_current_ec.in_scope? name
-        end
-
+    # Constants defined in C:
+    #
+    # MONITOR = Mutex.new This was replaced from Monitor to Mutex.
+    # EXECUTION_CONTEXT = {} Hash containing all of the current ecs as keys pointing to their scope instances.
+    # EC_KEYS = [] set while we get the current ec, and used for sweeping the dead fibers in C.
+    #
+    # Methods defined in C:
+    #
+    # class Interface
+    #   initializes the scope for the current fiber context.
+    #   def initialize end;
+    #
+    #     This returns the scope governing the current execution context. Use this sparingly, preferring the instance
+    #    & class methods to access and query scope, rather than interacting with the scope object directly.
+    #   def scope_for_current_ec end;
+    # end
+    #
+    # module Scope
+    #   Singleton method for cleaning the dead fibers and unused scope instances, scope GC.
+    #   def self.sweep_dead_ecs end;
+    # end
+    module Scope
+      # Methods defined in C:
+      #
+      # For each instance method on a scope, define a forwarder to the scope on the
+      # current execution context's scope.
+      # def scope_for_current_ec end;
+      #
+      # all the methods bellow are used as forwarders to be executed in the current ec.
+      # exp: in_contrast_scope? => scope_for_current_ec.enter_contrast_scope!
+      #
+      # Check if we are in contrast scope.
+      # def in_contrast_scope? end;
+      # @return [Boolean] check if we are in contrast scope
+      #                   if the scope is above 0 return true.
+      #
+      # check if we are in deserialization scope.
+      # def in_deserialization_scope? end;
+      # @return [Boolean] check if we are in contrast scope
+      #                   if the scope is above 0 return true.
+      #
+      # check if we are in split scope.
+      # def in_split_scope? end;
+      # @return [Boolean] check if we are in contrast scope
+      #                   if the scope is above 0 return true.
+      #
+      # enter contrast scope.
+      # def enter_contrast_scope! end;
+      # @return @contrast_scope [Integer] contrast scope increased.
+      #
+      # enter deserialization scope.
+      # def enter_deserialization_scope! end;
+      # @return @deserialization_scope [Integer] deserialization scope increased.
+      #
+      # enter split scope.
+      # def enter_split_scope! end;
+      # @return @split_scope [Integer] split scope increased.
+      #
+      # check split scope depth.
+      # def split_scope_depth end;
+      # @return @split_scope [Integer] split scope depth.
+      #
+      # exit contrast scope.
+      # def exit_contrast_scope! end;
+      # @return @contrast_scope [Integer] contrast scope decreased.
+      #
+      # exit deserialization scope.
+      # def exit_deserialization_scope! end;
+      # @return @deserialization_scope [Integer] deserialization scope decreased.
+      #
+      # exit split scope.
+      # def exit_split_scope! end;
+      # @return @split_scope [Integer] split scope decreased.
+      #
+      # Static methods to be used, the cases are defined by the usage from the above methods
+      #
+      # check if are in specific scope.
+      # def in_scope? name end;
+      # @param name [Symbol] scope symbol representing scope to check.
+      # @return [Boolean] check if we are in passed scope.
+      #
+      # enter specific scope.
+      # def enter_scope! name end;
+      # @param name [Symbol] scope symbol representing scope to enter.
+      # @return scope [Integer] entered scope value increased.
+      #
+      # exit specific scope.
+      # def exit_cope! name end;
+      # @param name [Symbol] scope symbol representing scope to exit.
+      # @return scope [Integer] entered scope value decreased.
+      module InstanceMethods
+        # Forwarder to execute block in contrast scope under current
+        # method execution context. On completion exits scope.
         def with_contrast_scope
           scope_for_current_ec.enter_contrast_scope!
           yield
@@ -98,6 +112,8 @@ module Contrast
           scope_for_current_ec.exit_contrast_scope!
         end
 
+        # Forwarder to execute block in deserialization scope under current
+        # method execution context. On completion exits scope.
         def with_deserialization_scope
           scope_for_current_ec.enter_deserialization_scope!
           yield
@@ -105,6 +121,8 @@ module Contrast
           scope_for_current_ec.exit_deserialization_scope!
         end
 
+        # Forwarder to execute block in split scope under current
+        # method execution context. On completion exits scope.
         def with_split_scope
           scope_for_current_ec.enter_split_scope!
           yield
@@ -113,17 +131,6 @@ module Contrast
         end
       end
 
-      def self.sweep_dead_ecs
-        # TODO: RUBY-534, #sweep_dead_ecs compensates for a lack of weak tables. when we can use WeakRef, we should
-        #   investigate removing this call and instead use the WeakRef for the Execution Context's Keys or using our
-        #   Finalizers Hash for Fibers
-        MONITOR.synchronize do
-          EXECUTION_CONTEXT.delete_if do |ec, _scope|
-            !ec.alive?
-          end
-        end
-      end
-
       ClassMethods = InstanceMethods
     end
   end

data/lib/contrast/config/agent_configuration.rb

@@ -1,23 +1,69 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
+require 'contrast/config/service_configuration'
+require 'contrast/config/logger_configuration'
+require 'contrast/config/ruby_configuration'
+require 'contrast/config/heap_dump_configuration'
+require 'contrast/config/api_configuration'
+
 module Contrast
   module Config
     # Common Configuration settings. Those in this section pertain to the
     # core functionality of the Agent.
     class AgentConfiguration < BaseConfiguration
-      KEYS = {
-          enable: EMPTY_VALUE,
-          start_bundled_service: true,
-          omit_body: EMPTY_VALUE,
-          service: Contrast::Config::ServiceConfiguration,
-          logger: Contrast::Config::LoggerConfiguration,
-          ruby: Contrast::Config::RubyConfiguration,
-          heap_dump: Contrast::Config::HeapDumpConfiguration
-      }.cs__freeze
-
-      def initialize hsh
-        super(hsh, KEYS)
+      attr_accessor :enable, :omit_body, :start_bundled_service, :api
+      attr_writer :ruby, :service, :logger, :heap_dump
+
+      def initialize hsh = {}
+        @enable = traverse_config(hsh, :enable)
+        @start_bundled_service = traverse_config(hsh, :start_bundled_service)
+        @omit_body = traverse_config(hsh, :omit_body)
+        @service = Contrast::Config::ServiceConfiguration.new(traverse_config(hsh, :service))
+        @logger = Contrast::Config::LoggerConfiguration.new(traverse_config(hsh, :logger))
+        @ruby = Contrast::Config::RubyConfiguration.new(traverse_config(hsh, :ruby))
+        @heap_dump = Contrast::Config::HeapDumpConfiguration.new(traverse_config(hsh, :heap_dump))
+        @configuration_map = {}
+        build_configuration_map
+      end
+
+      def service
+        @service ||= Contrast::Config::ServiceConfiguration.new({})
+      end
+
+      def logger
+        @logger ||= Contrast::Config::LoggerConfiguration.new({})
+      end
+
+      def ruby
+        @ruby ||= Contrast::Config::RubyConfiguration.new({})
+      end
+
+      def heap_dump
+        @heap_dump ||= Contrast::Config::HeapDumpConfiguration.new({})
+      end
+
+      # Traverse the given entity to build out the configuration graph.
+      #
+      # The values will be either a hash, indicating internal nodes to
+      # traverse, or a value to set or the EMPTY_VALUE symbol, indicating a
+      # leaf node.
+      #
+      # The spec_key are the Contrast defined keys based on the instance variables of
+      # a given configuration.
+      def traverse_config values, spec_key
+        internal_nodes = values.cs__respond_to?(:has_key?)
+        val = internal_nodes ? value_from_key_config(spec_key, values) : nil
+        val == EMPTY_VALUE ? nil : val
+      end
+
+      def build_configuration_map
+        instance_variables.each do |key|
+          str_key = key.to_s.tr('@', '')
+          next if str_key == 'configuration_map'
+
+          @configuration_map[str_key] = send(str_key.to_sym)
+        end
       end
     end
   end

data/lib/contrast/config/api_configuration.rb

@@ -9,18 +9,106 @@ module Contrast
   module Config
     # Api keys configuration
     class ApiConfiguration < BaseConfiguration
-      URL = 'https://app.contrastsecurity.com/Contrast'
-      KEYS = {
-          api_key: EMPTY_VALUE,
-          url: URL,
-          user_name: EMPTY_VALUE,
-          service_key: EMPTY_VALUE,
-          proxy: Contrast::Config::ApiProxyConfiguration,
-          request_audit: Contrast::Config::RequestAuditConfiguration,
-          certificate: Contrast::Config::CertificationConfiguration
-      }.cs__freeze
-      def initialize hsh
-        super(hsh, KEYS)
+      # @return [String]
+      attr_reader :api_key
+      # @return [String]
+      attr_reader :user_name
+      # @return [String]
+      attr_reader :service_key
+
+      DEFAULT_URL = 'https://app.contrastsecurity.com/Contrast'
+
+      def initialize hsh = {}
+        @api_key = traverse_config(hsh, :api_key)
+        @url = traverse_config(hsh, :url)
+        @user_name = traverse_config(hsh, :user_name)
+        @service_key = traverse_config(hsh, :service_key)
+        @proxy = Contrast::Config::ApiProxyConfiguration.new(traverse_config(hsh, :proxy))
+        @request_audit = Contrast::Config::RequestAuditConfiguration.new(traverse_config(hsh, :request_audit))
+        @certificate = Contrast::Config::CertificationConfiguration.new(traverse_config(hsh, :certificate))
+        @configuration_map = {}
+        build_configuration_map
+      end
+
+      def url
+        @url.nil? ? DEFAULT_URL : @url
+      end
+
+      # @return [Contrast::Config::ApiProxyConfiguration]
+      def proxy
+        @proxy ||= Contrast::Config::ApiProxyConfiguration.new
+      end
+
+      # @return [Contrast::Config::RequestAuditConfiguration]
+      def request_audit
+        @request_audit ||= Contrast::Config::RequestAuditConfiguration.new
+      end
+
+      # @return [Contrast::Config::CertificationConfiguration]
+      def certificate
+        @certificate ||= Contrast::Config::CertificationConfiguration.new
+      end
+
+      def api_key= value
+        self['api_key'] = value
+      end
+
+      def url= value
+        self['url'] = value
+      end
+
+      def user_name= value
+        self['user_name'] = value
+      end
+
+      def service_key= value
+        self['service_key'] = value
+      end
+
+      def proxy= value
+        self['proxy'] = value
+      end
+
+      def request_audit= value
+        self['request_audit'] = value
+      end
+
+      def certificate= value
+        self['certificate'] = value
+      end
+
+      # TODO: RUBY-1493 MOVE TO BASE CONFIG
+
+      def []= key, value
+        instance_variable_set("@#{ key }".to_sym, value)
+        @configuration_map[key] = value
+      end
+
+      def [] key
+        send(key.to_sym)
+      end
+
+      # Traverse the given entity to build out the configuration graph.
+      #
+      # The values will be either a hash, indicating internal nodes to
+      # traverse, or a value to set or the EMPTY_VALUE symbol, indicating a
+      # leaf node.
+      #
+      # The spec_key are the Contrast defined keys based on the instance variables of
+      # a given configuration.
+      def traverse_config values, spec_key
+        internal_nodes = values.cs__respond_to?(:has_key?)
+        val = internal_nodes ? value_from_key_config(spec_key, values) : nil
+        val == EMPTY_VALUE ? nil : val
+      end
+
+      def build_configuration_map
+        instance_variables.each do |key|
+          str_key = key.to_s.tr('@', '')
+          next if str_key == 'configuration_map'
+
+          @configuration_map[str_key] = send(str_key.to_sym)
+        end
       end
     end
   end

data/lib/contrast/config/api_proxy_configuration.rb

@@ -5,9 +5,61 @@ module Contrast
   module Config
     # Api Proxy keys configuration
     class ApiProxyConfiguration < BaseConfiguration
-      KEYS = { enable: false, url: EMPTY_VALUE }.cs__freeze
-      def initialize hsh
-        super(hsh, KEYS)
+      # @return [String] proxy url
+      attr_reader :url
+
+      def initialize hsh = {}
+        @enable = traverse_config(hsh, :enable)
+        @url = traverse_config(hsh, :url)
+        @configuration_map = {}
+        build_configuration_map
+      end
+
+      # @return [Boolean, false]
+      def enable
+        @enable.nil? ? false : @enable
+      end
+
+      def enable= value
+        self['enable'] = value
+      end
+
+      def url= value
+        self['url'] = value
+      end
+
+      # TODO: RUBY-1493 MOVE TO BASE CONFIG
+
+      def []= key, value
+        instance_variable_set("@#{ key }".to_sym, value)
+        @configuration_map[key] = value
+      end
+
+      def [] key
+        send(key.to_sym)
+      end
+
+      # Traverse the given entity to build out the configuration graph.
+      #
+      # The values will be either a hash, indicating internal nodes to
+      # traverse, or a value to set or the EMPTY_VALUE symbol, indicating a
+      # leaf node.
+      #
+      # The spec_key are the Contrast defined keys based on the instance variables of
+      # a given configuration.
+      def traverse_config values, spec_key
+        internal_nodes = values.cs__respond_to?(:has_key?)
+        val = internal_nodes ? value_from_key_config(spec_key, values) : nil
+        val == EMPTY_VALUE ? nil : val
+      end
+
+      def build_configuration_map
+        instance_variables.each do |key|
+          str_key = key.to_s.tr('@', '')
+          next if str_key == 'configuration_map'
+
+          @configuration_map[str_key] = send(str_key.to_sym)
+        end
       end
     end
   end

data/lib/contrast/config/application_configuration.rb

@@ -8,21 +8,120 @@ module Contrast
     # Common Configuration settings. Those in this section pertain to the
     # application identification functionality of the Agent.
     class ApplicationConfiguration < BaseConfiguration
-      KEYS = {
-          name: EMPTY_VALUE,
-          version: EMPTY_VALUE,
-          language: EMPTY_VALUE,
-          path: EMPTY_VALUE,
-          group: EMPTY_VALUE,
-          tags: EMPTY_VALUE,
-          code: EMPTY_VALUE,
-          metadata: EMPTY_VALUE,
-          session_id: Contrast::Utils::ObjectShare::EMPTY_STRING,
-          session_metadata: Contrast::Utils::ObjectShare::EMPTY_STRING
-      }.cs__freeze
-
-      def initialize hsh
-        super(hsh, KEYS)
+      # @return [String]
+      attr_reader :name
+      # @return [String]
+      attr_reader :version
+      # @return [String]
+      attr_reader :language
+      # @return [String]
+      attr_reader :path
+      # @return [String]
+      attr_reader :group
+      # @return [String]
+      attr_reader :tags
+      # @return [String]
+      attr_reader :code
+      # @return [String]
+      attr_reader :metadata
+
+      def initialize hsh = {}
+        @name = traverse_config(hsh, :name)
+        @version = traverse_config(hsh, :version)
+        @language = traverse_config(hsh, :language)
+        @path = traverse_config(hsh, :path)
+        @group = traverse_config(hsh, :group)
+        @tags = traverse_config(hsh, :tags)
+        @code = traverse_config(hsh, :code)
+        @metadata = traverse_config(hsh, :metadata)
+        @session_id = traverse_config(hsh, :session_id)
+        @session_metadata = traverse_config(hsh, :session_metadata)
+        @configuration_map = {}
+        build_configuration_map
+      end
+
+      # @return [String, Contrast::Utils::ObjectShare::EMPTY_STRING]
+      def session_id
+        @session_id ||= Contrast::Utils::ObjectShare::EMPTY_STRING
+      end
+
+      # @return [String, Contrast::Utils::ObjectShare::EMPTY_STRING]
+      def session_metadata
+        @session_metadata ||= Contrast::Utils::ObjectShare::EMPTY_STRING
+      end
+
+      def name= value
+        self['name'] = value
+      end
+
+      def version= value
+        self['version'] = value
+      end
+
+      def language= value
+        self['language'] = value
+      end
+
+      def path= value
+        self['path'] = value
+      end
+
+      def group= value
+        self['group'] = value
+      end
+
+      def tags= value
+        self['tags'] = value
+      end
+
+      def code= value
+        self['code'] = value
+      end
+
+      def metadata= value
+        self['metadata'] = value
+      end
+
+      def session_id= value
+        self['session_id'] = value
+      end
+
+      def session_metadata= value
+        self['session_metadata'] = value
+      end
+
+      # TODO: RUBY-1493 MOVE TO BASE CONFIG
+
+      def []= key, value
+        instance_variable_set("@#{ key }".to_sym, value)
+        @configuration_map[key] = value
+      end
+
+      def [] key
+        send(key.to_sym)
+      end
+
+      # Traverse the given entity to build out the configuration graph.
+      #
+      # The values will be either a hash, indicating internal nodes to
+      # traverse, or a value to set or the EMPTY_VALUE symbol, indicating a
+      # leaf node.
+      #
+      # The spec_key are the Contrast defined keys based on the instance variables of
+      # a given configuration.
+      def traverse_config values, spec_key
+        internal_nodes = values.cs__respond_to?(:has_key?)
+        val = internal_nodes ? value_from_key_config(spec_key, values) : nil
+        val == EMPTY_VALUE ? nil : val
+      end
+
+      def build_configuration_map
+        instance_variables.each do |key|
+          str_key = key.to_s.tr('@', '')
+          next if str_key == 'configuration_map'
+
+          @configuration_map[str_key] = send(str_key.to_sym)
+        end
       end
     end
   end