contrast-agent 6.0.0 → 6.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ext/cs__assess_regexp/cs__assess_regexp.c +15 -2
- data/ext/cs__assess_regexp/cs__assess_regexp.h +2 -0
- data/ext/cs__assess_string/cs__assess_string.c +8 -0
- data/ext/cs__assess_test/cs__assess_test.h +9 -0
- data/ext/cs__assess_test/cs__assess_tests.c +22 -0
- data/ext/cs__assess_test/extconf.rb +5 -0
- data/ext/cs__common/cs__common.c +101 -0
- data/ext/cs__common/cs__common.h +29 -5
- data/ext/cs__contrast_patch/cs__contrast_patch.c +1 -1
- data/ext/cs__tests/cs__tests.c +12 -0
- data/ext/cs__tests/cs__tests.h +3 -0
- data/ext/cs__tests/extconf.rb +5 -0
- data/lib/contrast/agent/assess/contrast_object.rb +16 -16
- data/lib/contrast/agent/assess/events/source_event.rb +17 -19
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +2 -16
- data/lib/contrast/agent/assess/policy/propagator/split.rb +15 -19
- data/lib/contrast/agent/assess/policy/trigger_method.rb +3 -11
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +7 -2
- data/lib/contrast/agent/assess/rule/response/base_rule.rb +11 -3
- data/lib/contrast/agent/assess/rule/response/cache_control_header_rule.rb +60 -36
- data/lib/contrast/agent/at_exit_hook.rb +1 -1
- data/lib/contrast/agent/inventory/database_config.rb +10 -3
- data/lib/contrast/agent/middleware.rb +3 -3
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +0 -2
- data/lib/contrast/agent/patching/policy/patch.rb +13 -12
- data/lib/contrast/agent/patching/policy/patcher.rb +1 -1
- data/lib/contrast/agent/protect/input_analyzer/input_analyzer.rb +6 -2
- data/lib/contrast/agent/reporting/masker/masker.rb +8 -11
- data/lib/contrast/agent/reporting/masker/masker_utils.rb +8 -4
- data/lib/contrast/agent/reporting/reporter.rb +11 -16
- data/lib/contrast/agent/reporting/reporter_heartbeat.rb +49 -0
- data/lib/contrast/agent/reporting/reporting_events/agent_startup.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +53 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_activity.rb +48 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_activity.rb +64 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +70 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb +57 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attacker_activity.rb +56 -0
- data/lib/contrast/agent/reporting/reporting_events/application_inventory.rb +5 -1
- data/lib/contrast/agent/reporting/reporting_events/application_inventory_activity.rb +58 -0
- data/lib/contrast/agent/reporting/reporting_events/application_reporting_event.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_events/application_startup.rb +20 -10
- data/lib/contrast/agent/reporting/reporting_events/application_update.rb +7 -12
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +9 -3
- data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +2 -4
- data/lib/contrast/agent/reporting/reporting_events/finding_event_object.rb +3 -3
- data/lib/contrast/agent/reporting/reporting_events/observed_library_usage.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +7 -3
- data/lib/contrast/agent/reporting/reporting_events/poll.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/preflight.rb +10 -8
- data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +6 -10
- data/lib/contrast/agent/reporting/reporting_events/server_activity.rb +12 -20
- data/lib/contrast/agent/reporting/reporting_events/server_reporting_event.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +17 -27
- data/lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb +38 -0
- data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb +8 -0
- data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +6 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +9 -4
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +54 -67
- data/lib/contrast/agent/reporting/reporting_utilities/response.rb +17 -7
- data/lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb +8 -5
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +10 -10
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +32 -17
- data/lib/contrast/agent/reporting/settings/protect.rb +1 -1
- data/lib/contrast/agent/reporting/settings/protect_server_feature.rb +1 -1
- data/lib/contrast/agent/request.rb +3 -3
- data/lib/contrast/agent/request_context_extend.rb +1 -1
- data/lib/contrast/agent/request_handler.rb +3 -3
- data/lib/contrast/agent/response.rb +2 -0
- data/lib/contrast/agent/service_heartbeat.rb +6 -48
- data/lib/contrast/agent/static_analysis.rb +1 -1
- data/lib/contrast/agent/telemetry/base.rb +151 -0
- data/lib/contrast/agent/telemetry/events/event.rb +35 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_base.rb +44 -36
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_event.rb +29 -21
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message.rb +91 -73
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message_exception.rb +62 -44
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_stack_frame.rb +50 -33
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exceptions.rb +20 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exceptions_report.rb +32 -0
- data/lib/contrast/agent/telemetry/events/metric_event.rb +28 -0
- data/lib/contrast/agent/telemetry/events/startup_metrics_event.rb +123 -0
- data/lib/contrast/agent/thread_watcher.rb +52 -68
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/agent/worker_thread.rb +8 -0
- data/lib/contrast/agent.rb +1 -3
- data/lib/contrast/api/communication/messaging_queue.rb +28 -11
- data/lib/contrast/api/communication/response_processor.rb +7 -10
- data/lib/contrast/api/communication/speedracer.rb +1 -1
- data/lib/contrast/api/decorators/activity.rb +33 -0
- data/lib/contrast/api/decorators/http_request.rb +1 -1
- data/lib/contrast/components/config.rb +13 -22
- data/lib/contrast/components/contrast_service.rb +9 -0
- data/lib/contrast/components/settings.rb +10 -0
- data/lib/contrast/config/agent_configuration.rb +21 -11
- data/lib/contrast/config/api_configuration.rb +12 -8
- data/lib/contrast/config/api_proxy_configuration.rb +7 -3
- data/lib/contrast/config/application_configuration.rb +15 -11
- data/lib/contrast/config/assess_configuration.rb +13 -9
- data/lib/contrast/config/assess_rules_configuration.rb +5 -1
- data/lib/contrast/config/base_configuration.rb +3 -35
- data/lib/contrast/config/certification_configuration.rb +9 -5
- data/lib/contrast/config/exception_configuration.rb +10 -7
- data/lib/contrast/config/heap_dump_configuration.rb +13 -9
- data/lib/contrast/config/inventory_configuration.rb +9 -6
- data/lib/contrast/config/logger_configuration.rb +9 -6
- data/lib/contrast/config/protect_configuration.rb +9 -6
- data/lib/contrast/config/protect_rule_configuration.rb +12 -8
- data/lib/contrast/config/protect_rules_configuration.rb +18 -17
- data/lib/contrast/config/request_audit_configuration.rb +10 -7
- data/lib/contrast/config/root_configuration.rb +28 -11
- data/lib/contrast/config/ruby_configuration.rb +14 -11
- data/lib/contrast/config/sampling_configuration.rb +11 -8
- data/lib/contrast/config/server_configuration.rb +13 -9
- data/lib/contrast/config/service_configuration.rb +14 -11
- data/lib/contrast/configuration.rb +19 -10
- data/lib/contrast/framework/rails/patch/support.rb +13 -45
- data/lib/contrast/logger/aliased_logging.rb +87 -0
- data/lib/contrast/logger/application.rb +0 -4
- data/lib/contrast/tasks/config.rb +22 -13
- data/lib/contrast/utils/class_util.rb +2 -6
- data/lib/contrast/utils/invalid_configuration_util.rb +1 -1
- data/lib/contrast/utils/log_utils.rb +2 -0
- data/lib/contrast/utils/middleware_utils.rb +1 -1
- data/lib/contrast/utils/object_share.rb +1 -1
- data/lib/contrast/utils/telemetry.rb +20 -2
- data/lib/contrast/utils/telemetry_client.rb +22 -10
- data/lib/contrast/utils/telemetry_hash.rb +41 -0
- data/lib/contrast/utils/telemetry_identifier.rb +16 -1
- data/lib/contrast.rb +9 -0
- data/ruby-agent.gemspec +1 -1
- data/service_executables/VERSION +1 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
- metadata +39 -16
- data/lib/contrast/agent/telemetry/events/metric_telemetry_event.rb +0 -26
- data/lib/contrast/agent/telemetry/events/startup_metrics_telemetry_event.rb +0 -121
- data/lib/contrast/agent/telemetry/events/telemetry_event.rb +0 -33
- data/lib/contrast/agent/telemetry/telemetry.rb +0 -150
- data/lib/contrast/utils/exclude_key.rb +0 -20
@@ -0,0 +1,64 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Reporting
|
10
|
+
# This is the new ApplicationDefendAttackActivity class which will include the attacks sent by the source.
|
11
|
+
class ApplicationDefendAttackActivity
|
12
|
+
attr_reader :blocked, :exploited, :ineffective, :suspicious
|
13
|
+
|
14
|
+
class << self
|
15
|
+
def convert attack_result
|
16
|
+
activity = new
|
17
|
+
activity.attach_data attack_result
|
18
|
+
activity
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
def initialize
|
23
|
+
@start_time = start_time
|
24
|
+
@blocked = []
|
25
|
+
@exploited = []
|
26
|
+
@ineffective = []
|
27
|
+
@suspicious = []
|
28
|
+
super
|
29
|
+
end
|
30
|
+
|
31
|
+
def to_controlled_hash
|
32
|
+
{
|
33
|
+
startTime: @start_time,
|
34
|
+
blocked: blocked.map(&:to_controlled_hash),
|
35
|
+
exploited: exploited.map(&:to_controlled_hash),
|
36
|
+
ineffective: ineffective.map(&:to_controlled_hash),
|
37
|
+
suspicious: suspicious.map(&:to_controlled_hash)
|
38
|
+
}
|
39
|
+
end
|
40
|
+
|
41
|
+
# @param attack_result [Contrast::Agent::Reporting::AttackResult]
|
42
|
+
# @return [Contrast::Agent::Reporting::Defend::AttackSampleActivity]
|
43
|
+
def attach_data attack_result
|
44
|
+
attack_sample_activity =
|
45
|
+
Contrast::Agent::Reporting::ApplicationDefendAttackSampleActivity.convert(attack_result)
|
46
|
+
case attack_result.response
|
47
|
+
when Contrast::Agent::Reporting::ResponseType::BLOCKED
|
48
|
+
@blocked << attack_sample_activity
|
49
|
+
when Contrast::Agent::Reporting::ResponseType::EXPLOITED
|
50
|
+
@exploited << attack_sample_activity
|
51
|
+
when Contrast::Agent::Reporting::ResponseType::MONITORED
|
52
|
+
@ineffective << attack_sample_activity
|
53
|
+
when Contrast::Agent::Reporting::ResponseType::SUSPICIOUS
|
54
|
+
@suspicious << attack_sample_activity
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
def start_time
|
59
|
+
Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
@@ -0,0 +1,70 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
|
6
|
+
module Contrast
|
7
|
+
module Agent
|
8
|
+
module Reporting
|
9
|
+
# This is the new ApplicationDefendAttackSample class which includes a samples of an attack for the given rule of
|
10
|
+
# the given result observed in the activity period.
|
11
|
+
class ApplicationDefendAttackSample
|
12
|
+
include Contrast::Agent::Reporting::InputType
|
13
|
+
|
14
|
+
class << self
|
15
|
+
def convert attack_result
|
16
|
+
activity = new
|
17
|
+
activity.attach_data attack_result
|
18
|
+
activity
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
def initialize
|
23
|
+
@blocked = false
|
24
|
+
@event_type = :application_defend_attack_sample
|
25
|
+
end
|
26
|
+
|
27
|
+
def to_controlled_hash
|
28
|
+
{
|
29
|
+
blocked: @blocked,
|
30
|
+
input: @input,
|
31
|
+
request: @request.to_controlled_hash,
|
32
|
+
stack: @stack,
|
33
|
+
timeStamp: @time_stamp
|
34
|
+
}
|
35
|
+
end
|
36
|
+
|
37
|
+
# @param attack_result [Contrast::Api::Dtm::AttackResult]
|
38
|
+
def attach_data attack_result
|
39
|
+
rasp_rule = attack_result.samples[0]
|
40
|
+
@blocked = attack_result.response == Contrast::Agent::Reporting::ResponseType::BLOCKED
|
41
|
+
@input = build_input(rasp_rule)
|
42
|
+
@time_stamp = build_time_stamp(rasp_rule.timestamp_ms)
|
43
|
+
@request = FindingRequest.convert(Contrast::Agent::REQUEST_TRACKER.current&.request)
|
44
|
+
@stack = Contrast::Utils::StackTraceUtils.build_protect_stack_array
|
45
|
+
end
|
46
|
+
|
47
|
+
def build_time_stamp start
|
48
|
+
{
|
49
|
+
start: start,
|
50
|
+
elapsed: Contrast::Utils::Timer.now_ms - start
|
51
|
+
}
|
52
|
+
end
|
53
|
+
|
54
|
+
def build_input rasp_rule
|
55
|
+
user_input = rasp_rule.user_input
|
56
|
+
{
|
57
|
+
details: Contrast::Api::Dtm::RaspRuleSample.to_controlled_hash(rasp_rule),
|
58
|
+
documentPath: user_input.path,
|
59
|
+
documentType: user_input.document_type,
|
60
|
+
filters: user_input.matcher_ids,
|
61
|
+
name: user_input.key,
|
62
|
+
time: rasp_rule.timestamp_ms,
|
63
|
+
type: user_input.input_type,
|
64
|
+
value: user_input.value
|
65
|
+
}
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_defend_attack_sample'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Reporting
|
10
|
+
# This is the new AttackerSampleActivity class which will include Sample of the given attacks in the activity
|
11
|
+
# period.
|
12
|
+
class ApplicationDefendAttackSampleActivity
|
13
|
+
class << self
|
14
|
+
def convert attack_samples
|
15
|
+
activity = new
|
16
|
+
activity.attach_data attack_samples
|
17
|
+
activity
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def initialize
|
22
|
+
@samples = []
|
23
|
+
@start_time = (Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0)
|
24
|
+
@event_type = :application_defend_attack_sample_activity
|
25
|
+
super
|
26
|
+
end
|
27
|
+
|
28
|
+
def to_controlled_hash
|
29
|
+
{
|
30
|
+
attackTimeMap: attack_time_map,
|
31
|
+
samples: @samples.map(&:to_controlled_hash),
|
32
|
+
startTime: @start_time,
|
33
|
+
total: 1 # there will only ever be 1 attack sample, until batching is done
|
34
|
+
}
|
35
|
+
end
|
36
|
+
|
37
|
+
# @param inventory_dtm [Contrast::Api::Dtm::ApplicationUpdate]
|
38
|
+
# @return [Contrast::Agent::Reporting::ApplicationInventory]
|
39
|
+
# TODO: RUBY-9999 update to handle batching
|
40
|
+
def attach_data attack_sample
|
41
|
+
@samples << Contrast::Agent::Reporting::ApplicationDefendAttackSample.convert(attack_sample)
|
42
|
+
end
|
43
|
+
|
44
|
+
def attack_time_map
|
45
|
+
{
|
46
|
+
second: duration,
|
47
|
+
count: 1 # there will only ever be 1 attack sample, until batching is done
|
48
|
+
}
|
49
|
+
end
|
50
|
+
|
51
|
+
def duration
|
52
|
+
Contrast::Utils::Timer.now_ms - @start_time
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_defend_attack_activity'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Reporting
|
10
|
+
# This is the new AttackerActivity class which will includes the attacker information discovered during this
|
11
|
+
# activity period.
|
12
|
+
class ApplicationDefendAttackerActivity
|
13
|
+
attr_reader :attackers
|
14
|
+
|
15
|
+
class << self
|
16
|
+
def convert attack_result_dtm
|
17
|
+
activity = new
|
18
|
+
activity.attach_data attack_result_dtm
|
19
|
+
activity
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
def initialize
|
24
|
+
@protection_rules = {}
|
25
|
+
@request = Contrast::Agent::REQUEST_TRACKER.current.activity.http_request
|
26
|
+
@event_type = :application_defend_attacker_activity
|
27
|
+
super
|
28
|
+
end
|
29
|
+
|
30
|
+
def to_controlled_hash
|
31
|
+
{
|
32
|
+
protectionRules: process_protection_rules,
|
33
|
+
source: {
|
34
|
+
ip: @request.sender.ip,
|
35
|
+
xForwardedFor: @request.request_headers['X-Forwarded-For']
|
36
|
+
}
|
37
|
+
}
|
38
|
+
end
|
39
|
+
|
40
|
+
# @param attack_result [Contrast::Agent::Reporting::AttackResult]
|
41
|
+
def attach_data attack_result
|
42
|
+
attack_activity = Contrast::Agent::Reporting::ApplicationDefendAttackActivity.convert(attack_result)
|
43
|
+
@protection_rules[attack_result.rule_id] = attack_activity
|
44
|
+
end
|
45
|
+
|
46
|
+
def process_protection_rules
|
47
|
+
arr = []
|
48
|
+
@protection_rules.each_pair do |k, v|
|
49
|
+
arr << { k => v&.to_controlled_hash }
|
50
|
+
end
|
51
|
+
arr
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
@@ -12,7 +12,7 @@ module Contrast
|
|
12
12
|
# for the new reporting system to report. Reporting those components or details discovered at
|
13
13
|
# startup, or as soon as possible, but not necessarily seen used by the application. Each of
|
14
14
|
# these messages should only be sent once per application.
|
15
|
-
class ApplicationInventory < Contrast::Agent::Reporting::
|
15
|
+
class ApplicationInventory < Contrast::Agent::Reporting::ApplicationReportingEvent
|
16
16
|
# @param [Array<Contrast::Agent::Reporting::DiscoveredRoute>] the routes registered to this application, as
|
17
17
|
# discovered during first request processing.
|
18
18
|
attr_reader :routes
|
@@ -25,6 +25,10 @@ module Contrast
|
|
25
25
|
end
|
26
26
|
end
|
27
27
|
|
28
|
+
def file_name
|
29
|
+
'applications-inventory'
|
30
|
+
end
|
31
|
+
|
28
32
|
def initialize
|
29
33
|
@routes = []
|
30
34
|
@event_type = :application_inventory
|
@@ -0,0 +1,58 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
6
|
+
require 'contrast/agent/reporting/reporting_events/architecture_component'
|
7
|
+
|
8
|
+
module Contrast
|
9
|
+
module Agent
|
10
|
+
module Reporting
|
11
|
+
# This is the new ApplicationInventoryActivity class which will include all the information
|
12
|
+
# about the inventory of the application which was discovered during exercise of the application
|
13
|
+
# during this activity period.
|
14
|
+
class ApplicationInventoryActivity < Contrast::Agent::Reporting::ApplicationReportingEvent
|
15
|
+
# return [Contrast::Agent::Reporting::ArchitectureComponent]
|
16
|
+
attr_reader :components
|
17
|
+
# @ return [String, nil] - User-Agent Header value
|
18
|
+
attr_reader :browser
|
19
|
+
|
20
|
+
class << self
|
21
|
+
# @param activity_dtm [Contrast::Api::Dtm::ApplicationActivity]
|
22
|
+
# @return [Contrast::Agent::Reporting::ApplicationInventoryActivity]
|
23
|
+
def convert activity_dtm
|
24
|
+
inventory = new
|
25
|
+
inventory.attach_data activity_dtm
|
26
|
+
inventory
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def initialize
|
31
|
+
@event_type = :application_inventory_activity
|
32
|
+
@components = []
|
33
|
+
super
|
34
|
+
end
|
35
|
+
|
36
|
+
def to_controlled_hash
|
37
|
+
{
|
38
|
+
activityDuration: duration,
|
39
|
+
browser: browser,
|
40
|
+
components: components.map(&:to_controlled_hash)
|
41
|
+
}
|
42
|
+
end
|
43
|
+
|
44
|
+
def attach_data activity
|
45
|
+
activity.architectures.each do |architecture|
|
46
|
+
@components << Contrast::Agent::Reporting::ArchitectureComponent.convert(architecture)
|
47
|
+
end
|
48
|
+
request_headers = activity.http_request&.request_headers
|
49
|
+
@browser = request_headers['USER_AGENT'] if request_headers
|
50
|
+
end
|
51
|
+
|
52
|
+
def duration
|
53
|
+
Contrast::Utils::Timer.now_ms - (Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/agent/reporting/reporting_events/reporting_event'
|
5
|
+
require 'contrast/utils/timer'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Reporting
|
10
|
+
# This is the new ApplicationReportingEvent class which will include all the needed and mutual information for
|
11
|
+
# those events which correspond to Applications, such as Application Activity or Application Update
|
12
|
+
#
|
13
|
+
# @abstract
|
14
|
+
class ApplicationReportingEvent < Contrast::Agent::Reporting::ReportingEvent
|
15
|
+
protected
|
16
|
+
|
17
|
+
# The timestamp field is a bit of a misnomer. It's really the time, in ms, since the settings for this
|
18
|
+
# application have been updated. If I've never updated, then it's been 0ms since then.
|
19
|
+
#
|
20
|
+
# @return [Integer]
|
21
|
+
def since_last_update
|
22
|
+
(update_time = Contrast::SETTINGS.last_app_update_ms) ? Contrast::Utils::Timer.now_ms - update_time : 0
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
4
5
|
require 'contrast/agent/reporting/reporting_events/application_startup_instrumentation'
|
5
|
-
require 'contrast/agent/reporting/reporting_events/reporting_event'
|
6
6
|
require 'contrast/config'
|
7
7
|
|
8
8
|
module Contrast
|
@@ -11,28 +11,38 @@ module Contrast
|
|
11
11
|
# This is the new ApplicationStartup class which will include all the needed information for the new reporting
|
12
12
|
# system to report an Application has started; creating a new one or marking an existing one as online in the
|
13
13
|
# Contrast UI
|
14
|
-
class ApplicationStartup < Contrast::Agent::Reporting::
|
14
|
+
class ApplicationStartup < Contrast::Agent::Reporting::ApplicationReportingEvent
|
15
15
|
def initialize
|
16
|
-
@event_method = :
|
16
|
+
@event_method = :PUT
|
17
17
|
@event_endpoint = Contrast::Agent::Reporting::Endpoints::NG_ENDPOINTS[:application_create]
|
18
18
|
super
|
19
19
|
end
|
20
20
|
|
21
|
+
def file_name
|
22
|
+
'applications-create'
|
23
|
+
end
|
24
|
+
|
21
25
|
# Convert the instance variables on the class, and other information, into the identifiers required for
|
22
26
|
# TeamServer to process the JSON form of this message.
|
23
27
|
#
|
24
28
|
# @return [Hash]
|
25
29
|
# @raise [ArgumentError]
|
26
30
|
def to_controlled_hash
|
27
|
-
|
28
|
-
|
29
|
-
|
31
|
+
app_config = ::Contrast::CONFIG.root.application
|
32
|
+
hsh = {
|
33
|
+
code: app_config.code,
|
34
|
+
group: app_config.group,
|
30
35
|
instrumentation: Contrast::Agent::Reporting::ApplicationStartupInstrumentation.new.to_controlled_hash,
|
31
|
-
metadata:
|
32
|
-
|
33
|
-
session_metadata: ::Contrast::CONFIG.root.application.session_metadata,
|
34
|
-
tags: ::Contrast::CONFIG.root.application.tags
|
36
|
+
metadata: app_config.metadata,
|
37
|
+
tags: app_config.tags
|
35
38
|
}
|
39
|
+
if (session_id = ::Contrast::CONFIG.session_id)
|
40
|
+
hsh[:session_id] = session_id
|
41
|
+
end
|
42
|
+
if (session_metadata = ::Contrast::CONFIG.session_metadata)
|
43
|
+
hsh[:session_metadata] = session_metadata
|
44
|
+
end
|
45
|
+
hsh
|
36
46
|
end
|
37
47
|
end
|
38
48
|
end
|
@@ -2,6 +2,7 @@
|
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
require 'contrast/agent/reporting/reporting_events/architecture_component'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
5
6
|
require 'contrast/agent/reporting/reporting_events/library_discovery'
|
6
7
|
require 'contrast/agent/reporting/reporting_events/reporting_event'
|
7
8
|
require 'contrast/agent/reporting/reporting_events/route_discovery'
|
@@ -17,7 +18,7 @@ module Contrast
|
|
17
18
|
#
|
18
19
|
# @attr_reader components [Array<Contrast::Agent::Reporting::ArchitectureComponent>]
|
19
20
|
# @attr_reader libraries [Array<Contrast::Agent::Reporting::LibraryDiscovery>]
|
20
|
-
class ApplicationUpdate < Contrast::Agent::Reporting::
|
21
|
+
class ApplicationUpdate < Contrast::Agent::Reporting::ApplicationReportingEvent
|
21
22
|
attr_reader :components, :libraries
|
22
23
|
|
23
24
|
class << self
|
@@ -36,6 +37,10 @@ module Contrast
|
|
36
37
|
super
|
37
38
|
end
|
38
39
|
|
40
|
+
def file_name
|
41
|
+
'update-application'
|
42
|
+
end
|
43
|
+
|
39
44
|
# Attach the data from the protobuf models to this reporter so that it can be sent to TeamServer directly.
|
40
45
|
#
|
41
46
|
# @param app_update_dtm [Contrast::Api::Dtm::ApplicationUpdate]
|
@@ -58,7 +63,7 @@ module Contrast
|
|
58
63
|
{
|
59
64
|
components: components.map(&:to_controlled_hash),
|
60
65
|
libraries: libraries.map(&:to_controlled_hash),
|
61
|
-
timestamp:
|
66
|
+
timestamp: since_last_update
|
62
67
|
}
|
63
68
|
end
|
64
69
|
|
@@ -66,16 +71,6 @@ module Contrast
|
|
66
71
|
#
|
67
72
|
# @raise [ArgumentError]
|
68
73
|
def validate; end
|
69
|
-
|
70
|
-
private
|
71
|
-
|
72
|
-
# The timestamp field is a bit of a misnomer. It's really the time, in ms, since the settings for this
|
73
|
-
# application have been updated.
|
74
|
-
#
|
75
|
-
# @return [Integer]
|
76
|
-
def timestamp
|
77
|
-
Contrast::Utils::Timer.now_ms - (Contrast::Agent.reporter&.client&.response_handler&.last_app_update_ms || 0)
|
78
|
-
end
|
79
74
|
end
|
80
75
|
end
|
81
76
|
end
|
@@ -3,9 +3,9 @@
|
|
3
3
|
|
4
4
|
require 'json'
|
5
5
|
require 'contrast/components/logger'
|
6
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
6
7
|
require 'contrast/agent/reporting/reporting_events/finding_event'
|
7
8
|
require 'contrast/agent/reporting/reporting_events/finding_request'
|
8
|
-
require 'contrast/agent/reporting/reporting_events/reporting_event'
|
9
9
|
require 'contrast/agent/assess/events/event_data'
|
10
10
|
require 'contrast/utils/timer'
|
11
11
|
|
@@ -16,7 +16,7 @@ module Contrast
|
|
16
16
|
# relay this information in the Finding/Trace messages. These findings are used by TeamServer to construct the
|
17
17
|
# vulnerability information for the assess feature. They represent those parts of the application, either through
|
18
18
|
# configuration, method invocation, or dataflow, which are determined to be insecure.
|
19
|
-
class Finding < Contrast::Agent::Reporting::
|
19
|
+
class Finding < Contrast::Agent::Reporting::ApplicationReportingEvent
|
20
20
|
include Contrast::Components::Logger::InstanceMethods
|
21
21
|
|
22
22
|
# @return [Integer] the time, in ms, that this object was initialized
|
@@ -75,6 +75,10 @@ module Contrast
|
|
75
75
|
super()
|
76
76
|
end
|
77
77
|
|
78
|
+
def file_name
|
79
|
+
'traces'
|
80
|
+
end
|
81
|
+
|
78
82
|
# Some reports require specific additional headers to be used. To that end, we'll attach them here, letting
|
79
83
|
# each handle their own.
|
80
84
|
#
|
@@ -148,7 +152,9 @@ module Contrast
|
|
148
152
|
# @raise [ArgumentError]
|
149
153
|
def validate
|
150
154
|
raise(ArgumentError, "#{ self } did not have a proper rule. Unable to continue.") unless @rule_id
|
151
|
-
|
155
|
+
unless @agent_session_id_value
|
156
|
+
raise(ArgumentError, "#{ self } did not have a proper session id. Unable to continue.")
|
157
|
+
end
|
152
158
|
if event_based? && events.empty?
|
153
159
|
raise(ArgumentError, "#{ self } did not have proper events for #{ @rule_id }. Unable to continue.")
|
154
160
|
end
|
@@ -278,14 +278,12 @@ module Contrast
|
|
278
278
|
unless parent_object_ids
|
279
279
|
raise(ArgumentError, "#{ self } did not have a proper parentObjectIds. Unable to continue.")
|
280
280
|
end
|
281
|
-
|
282
|
-
raise(ArgumentError, "#{ self } did not have a proper taintRanges. Unable to continue.")
|
283
|
-
end
|
281
|
+
raise(ArgumentError, "#{ self } did not have a proper taintRanges. Unable to continue.") unless taint_ranges
|
284
282
|
raise(ArgumentError, "#{ self } did not have a proper args. Unable to continue.") unless args
|
285
283
|
raise(ArgumentError, "#{ self } did not have a proper object. Unable to continue.") unless object
|
286
284
|
raise(ArgumentError, "#{ self } did not have a proper signature. Unable to continue.") unless signature
|
287
285
|
raise(ArgumentError, "#{ self } did not have a proper stack. Unable to continue.") unless stack
|
288
|
-
raise(ArgumentError, "#{ self } did not have a proper tags. Unable to continue.") unless tags
|
286
|
+
raise(ArgumentError, "#{ self } did not have a proper tags. Unable to continue.") unless tags
|
289
287
|
end
|
290
288
|
end
|
291
289
|
end
|
@@ -41,7 +41,7 @@ module Contrast
|
|
41
41
|
#
|
42
42
|
# @param object [Contrast::Agent::Assess::ContrastObject, nil]
|
43
43
|
def attach_data object, truncate
|
44
|
-
@hash = object
|
44
|
+
@hash = object ? object.tracked_object_id : nil.__id__
|
45
45
|
@tracked = !!object&.tracked?
|
46
46
|
@value = reportable_value(object&.object, truncate)
|
47
47
|
end
|
@@ -75,9 +75,9 @@ module Contrast
|
|
75
75
|
#
|
76
76
|
# @param value [String, nil] the contrast_string of the object this represents.
|
77
77
|
# @param truncate [Boolean] if the string should be truncated or not.
|
78
|
-
# @return [String]
|
78
|
+
# @return [String] The strict_encode64 value of the String sent to TeamServer to represent this object.
|
79
79
|
def reportable_value value, truncate
|
80
|
-
return Contrast::Utils::ObjectShare::
|
80
|
+
return Contrast::Utils::ObjectShare::NIL_64_STRING unless value
|
81
81
|
|
82
82
|
if truncate && value.length > TRUNCATION_LENGTH
|
83
83
|
tmp = []
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
-
require 'contrast/agent/reporting/reporting_events/
|
4
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
5
5
|
require 'contrast/agent/reporting/reporting_events/library_usage_observation'
|
6
6
|
|
7
7
|
module Contrast
|
@@ -11,7 +11,7 @@ module Contrast
|
|
11
11
|
#
|
12
12
|
# @attr_reader observations - Array[Contrast::Agent::Reporting::LibraryUsageObservation]
|
13
13
|
# - Hash of LibraryUsageObservations
|
14
|
-
class ObservedLibraryUsage < Contrast::Agent::Reporting::
|
14
|
+
class ObservedLibraryUsage < Contrast::Agent::Reporting::ApplicationReportingEvent
|
15
15
|
attr_reader :observations
|
16
16
|
|
17
17
|
class << self
|
@@ -32,6 +32,10 @@ module Contrast
|
|
32
32
|
super
|
33
33
|
end
|
34
34
|
|
35
|
+
def file_name
|
36
|
+
'library-observation'
|
37
|
+
end
|
38
|
+
|
35
39
|
def to_controlled_hash
|
36
40
|
validate
|
37
41
|
{ observations: @observations.map(&:to_controlled_hash) }
|
@@ -3,7 +3,7 @@
|
|
3
3
|
|
4
4
|
require 'json'
|
5
5
|
require 'contrast/components/logger'
|
6
|
-
require 'contrast/agent/reporting/reporting_events/
|
6
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
7
7
|
require 'contrast/utils/object_share'
|
8
8
|
|
9
9
|
module Contrast
|
@@ -15,7 +15,7 @@ module Contrast
|
|
15
15
|
# externally accessible endpoints within the application, as registered to the application framework. This also
|
16
16
|
# includes the literal URL and HTTP Verb used to invoke them, as they must have been called at this point to be
|
17
17
|
# recorded.
|
18
|
-
class ObservedRoute < Contrast::Agent::Reporting::
|
18
|
+
class ObservedRoute < Contrast::Agent::Reporting::ApplicationReportingEvent
|
19
19
|
# @param [String] the method signature used to uniquely identify the coverage report.
|
20
20
|
attr_accessor :signature
|
21
21
|
# @param [String] the normalized URL used to access the method in the route.
|
@@ -35,6 +35,10 @@ module Contrast
|
|
35
35
|
super()
|
36
36
|
end
|
37
37
|
|
38
|
+
def file_name
|
39
|
+
'routes-observed'
|
40
|
+
end
|
41
|
+
|
38
42
|
# Convert the instance variables on the class, and other information, into the identifiers required for
|
39
43
|
# TeamServer to process the JSON form of this message.
|
40
44
|
#
|
@@ -44,7 +48,7 @@ module Contrast
|
|
44
48
|
validate
|
45
49
|
rc_hash = {
|
46
50
|
session_id: @agent_session_id_value,
|
47
|
-
sources: @sources,
|
51
|
+
sources: @sources.map(&:to_controlled_hash),
|
48
52
|
signature: @signature,
|
49
53
|
verb: @verb,
|
50
54
|
url: @url
|
@@ -1,19 +1,23 @@
|
|
1
1
|
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
-
require 'contrast/agent/reporting/reporting_events/
|
4
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
5
5
|
|
6
6
|
module Contrast
|
7
7
|
module Agent
|
8
8
|
module Reporting
|
9
9
|
# This is the new Poll class for the Heartbeat Service.
|
10
|
-
class Poll < Contrast::Agent::Reporting::
|
10
|
+
class Poll < Contrast::Agent::Reporting::ApplicationReportingEvent
|
11
11
|
def initialize
|
12
12
|
@event_type = :heartbeat
|
13
13
|
@event_endpoint = Contrast::Agent::Reporting::Endpoints.heartbeat
|
14
14
|
super
|
15
15
|
end
|
16
16
|
|
17
|
+
def file_name
|
18
|
+
'applications-heartbeat'
|
19
|
+
end
|
20
|
+
|
17
21
|
# This is commented out as I am not aware if we're supposed to send some information and/or parse it to hash
|
18
22
|
# In https://github.com/Contrast-Security-Inc/contrast-service/blob/next/reporting/tsreporter.go
|
19
23
|
#
|