honeypot 0.0.8 → 0.0.9

data/Rakefile

@@ -12,9 +12,8 @@ begin
     gem.authors = ["Seamus Abshere"]
     gem.add_dependency 'fast_timestamp', '>=0.0.4'
     gem.add_dependency 'geokit', '>=1.5.0'
-    gem.add_dependency 'activesupport', '>=2.3.8'
-    gem.add_dependency 'activerecord', '>=2.3.8'
-    gem.add_dependency 'andand', '>=1.3.1'
+    gem.add_dependency 'activesupport', '>=2.3.5'
+    gem.add_dependency 'activerecord', '>=2.3.5'
     # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
   end
   Jeweler::GemcutterTasks.new

data/VERSION

@@ -1 +1 @@
-0.0.8
+0.0.9

data/honeypot.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{honeypot}
-  s.version = "0.0.8"
+  s.version = "0.0.9"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Seamus Abshere"]
-  s.date = %q{2010-07-15}
+  s.date = %q{2010-07-20}
   s.description = %q{Catch bad guys when they stick their hands in the honey.}
   s.email = %q{seamus@abshere.net}
   s.extra_rdoc_files = [
@@ -25,12 +25,10 @@ Gem::Specification.new do |s|
      "VERSION",
      "honeypot.gemspec",
      "lib/honeypot.rb",
-     "lib/honeypot/best_guess_routeable_remote_ip.rb",
-     "lib/honeypot/ipaddr_ext.rb",
-     "lib/honeypot/rails.rb",
      "lib/honeypot/railtie.rb",
      "lib/honeypot/remote_host.rb",
      "lib/honeypot/remote_request.rb",
+     "lib/honeypot/true_remote_ip.rb",
      "test/helper.rb",
      "test/test_honeypot.rb"
   ]
@@ -51,22 +49,19 @@ Gem::Specification.new do |s|
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
       s.add_runtime_dependency(%q<fast_timestamp>, [">= 0.0.4"])
       s.add_runtime_dependency(%q<geokit>, [">= 1.5.0"])
-      s.add_runtime_dependency(%q<activesupport>, [">= 2.3.8"])
-      s.add_runtime_dependency(%q<activerecord>, [">= 2.3.8"])
-      s.add_runtime_dependency(%q<andand>, [">= 1.3.1"])
+      s.add_runtime_dependency(%q<activesupport>, [">= 2.3.5"])
+      s.add_runtime_dependency(%q<activerecord>, [">= 2.3.5"])
     else
       s.add_dependency(%q<fast_timestamp>, [">= 0.0.4"])
       s.add_dependency(%q<geokit>, [">= 1.5.0"])
-      s.add_dependency(%q<activesupport>, [">= 2.3.8"])
-      s.add_dependency(%q<activerecord>, [">= 2.3.8"])
-      s.add_dependency(%q<andand>, [">= 1.3.1"])
+      s.add_dependency(%q<activesupport>, [">= 2.3.5"])
+      s.add_dependency(%q<activerecord>, [">= 2.3.5"])
     end
   else
     s.add_dependency(%q<fast_timestamp>, [">= 0.0.4"])
     s.add_dependency(%q<geokit>, [">= 1.5.0"])
-    s.add_dependency(%q<activesupport>, [">= 2.3.8"])
-    s.add_dependency(%q<activerecord>, [">= 2.3.8"])
-    s.add_dependency(%q<andand>, [">= 1.3.1"])
+    s.add_dependency(%q<activesupport>, [">= 2.3.5"])
+    s.add_dependency(%q<activerecord>, [">= 2.3.5"])
   end
 end
 

data/lib/honeypot.rb

@@ -1,6 +1,5 @@
 require 'ipaddr'
 require 'set'
-require 'andand'
 require 'active_support'
 require 'active_support/version'
 %w{
@@ -10,12 +9,8 @@ require 'active_support/version'
 end if ActiveSupport::VERSION::MAJOR == 3
 require 'active_record'
 require 'fast_timestamp'
-require 'honeypot/ipaddr_ext'
 require 'honeypot/remote_request'
 require 'honeypot/remote_host'
-require 'honeypot/best_guess_routeable_remote_ip'
-
-require 'honeypot/railtie' if defined? ::Rails::Railtie
 
 module Honeypot
   def self.included(base)
@@ -25,17 +20,46 @@ module Honeypot
     end
   end
   
-  def log_action_dispatch_request(request)
-    log_remote_request request.env['honeypot.best_guess_routeable_remote_ip'], request.url, request.referer
+  # Returns a String of the first remote ip, or nil if it doesn't find any.
+  def self.true_remote_ip(ips)
+    hit = ips.detect { |ip| routeable_ip? ip }
+    return unless hit
+    hit.to_s
+  end
+  
+  UNROUTEABLE_CIDRS = [
+    ::IPAddr.new('127.0.0.1/32'),
+    ::IPAddr.new('10.0.0.0/8'),
+    ::IPAddr.new('172.16.0.0/12'),
+    ::IPAddr.new('192.168.0.0/16')
+  ]
+  
+  def self.routeable_ip?(ip)
+    ip_addr = ::IPAddr.new ip.to_s
+    ip_addr.ipv4? and UNROUTEABLE_CIDRS.none? { |cidr| cidr.include? ip_addr }
+  rescue ArgumentError
+    false
+  end
+  
+  # The Rack middleware isn't enabled, so we have to do it here.
+  # On other requests you'll have to manually save session['honeypot.true_remote_ip']
+  def log_rails_2_request(request, session)
+    if ip = ::Honeypot.true_remote_ip([request.remote_ip, session['honeypot.true_remote_ip']])
+      session['honeypot.true_remote_ip'] = ip
+      log_remote_request ip, request.url, request.referer
+    end
   end
   
+  # For use in Rails 3 and other Rack apps.  
   def log_rack_env(env)
     request = ::Rack::Request.new env
-    log_remote_request request.env['honeypot.best_guess_routeable_remote_ip'], request.url, request.referer
+    if env['honeypot.true_remote_ip'].present?
+      log_remote_request env['honeypot.true_remote_ip'], request.url, request.referer
+    end
   end
   
-  def log_remote_request(ip_address, url, referer)
-    remote_host = RemoteHost.find_or_create_by_ip_address ip_address
+  def log_remote_request(ip, url, referer)
+    remote_host = RemoteHost.find_or_create_by_ip_address ip
     remote_request = remote_requests.find_or_create_by_remote_host_id remote_host.id
     remote_request.last_http_referer = referer
     remote_request.last_request_uri = url
@@ -62,3 +86,8 @@ module Honeypot
     set
   end
 end
+
+if defined? ::Rails::Railtie and ActiveSupport::VERSION::MAJOR > 2
+  require 'honeypot/true_remote_ip'
+  require 'honeypot/railtie'
+end

data/lib/honeypot/railtie.rb

@@ -4,6 +4,6 @@ require 'rails'
 module Honeypot
   class Railtie < Rails::Railtie
     # more or less, this puts us after the rails helper stuff (ActionDispatch::RemoteIp) but before most custom middleware
-    config.app_middleware.insert_after '::Rack::MethodOverride', '::Honeypot::BestGuessRouteableRemoteIp'
+    config.app_middleware.insert_after '::Rack::MethodOverride', '::Honeypot::TrueRemoteIp'
   end
 end

data/lib/honeypot/true_remote_ip.rb

@@ -0,0 +1,38 @@
+# inspired by hoptoad_notifier
+# http://charlesmaxwood.com/sessions-in-rack-and-rails-metal/
+module Honeypot
+  # Middleware for Rack applications. Remote hosts will be tied together with remote requests.
+  class TrueRemoteIp
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      ip = ::Honeypot.true_remote_ip _possible_remote_ips(env)
+
+      # For the next request, in case the next time we see this session the remote ip is obscured
+      # (for example, that happens if you're on engineyard and the request comes in over SSL)
+      if ip and env.has_key? 'rack.session'
+        env['rack.session']['honeypot.true_remote_ip'] = ip
+      end
+      
+      # For use by other middleware or the app itself
+      env['honeypot.true_remote_ip'] = ip
+
+      @app.call env
+    end
+
+    def _possible_remote_ips(env)
+      candidates = Array.new
+      # nicely provided by Rails 3
+      if env['action_dispatch.remote_ip']
+        candidates.push env['action_dispatch.remote_ip']
+      end
+      # saved by honeypot between requests
+      if env['rack.session']
+        candidates.push env['rack.session']['honeypot.true_remote_ip']
+      end
+      candidates
+    end
+  end
+end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: honeypot
 version: !ruby/object:Gem::Version 
-  hash: 15
+  hash: 13
   prerelease: false
   segments: 
   - 0
   - 0
-  - 8
-  version: 0.0.8
+  - 9
+  version: 0.0.9
 platform: ruby
 authors: 
 - Seamus Abshere
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-07-15 00:00:00 -05:00
+date: 2010-07-20 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -58,12 +58,12 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        hash: 19
+        hash: 9
         segments: 
         - 2
         - 3
-        - 8
-        version: 2.3.8
+        - 5
+        version: 2.3.5
   type: :runtime
   version_requirements: *id003
 - !ruby/object:Gem::Dependency 
@@ -74,30 +74,14 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        hash: 19
+        hash: 9
         segments: 
         - 2
         - 3
-        - 8
-        version: 2.3.8
+        - 5
+        version: 2.3.5
   type: :runtime
   version_requirements: *id004
-- !ruby/object:Gem::Dependency 
-  name: andand
-  prerelease: false
-  requirement: &id005 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 25
-        segments: 
-        - 1
-        - 3
-        - 1
-        version: 1.3.1
-  type: :runtime
-  version_requirements: *id005
 description: Catch bad guys when they stick their hands in the honey.
 email: seamus@abshere.net
 executables: []
@@ -116,12 +100,10 @@ files:
 - VERSION
 - honeypot.gemspec
 - lib/honeypot.rb
-- lib/honeypot/best_guess_routeable_remote_ip.rb
-- lib/honeypot/ipaddr_ext.rb
-- lib/honeypot/rails.rb
 - lib/honeypot/railtie.rb
 - lib/honeypot/remote_host.rb
 - lib/honeypot/remote_request.rb
+- lib/honeypot/true_remote_ip.rb
 - test/helper.rb
 - test/test_honeypot.rb
 has_rdoc: true

data/lib/honeypot/best_guess_routeable_remote_ip.rb

@@ -1,55 +0,0 @@
-# inspired by hoptoad_notifier
-# http://charlesmaxwood.com/sessions-in-rack-and-rails-metal/
-module Honeypot
-  # Middleware for Rack applications. Remote hosts will be tied together with remote requests.
-  class BestGuessRouteableRemoteIp
-    def initialize(app)
-      @app = app
-    end
-
-    def call(env)
-      ip = _best_guess_remote_ip env
-
-      # For the next request, in case the next time we see this session the remote ip is obscured
-      # (for example, that happens if you're on engineyard and the request comes in over SSL)
-      if env.has_key? 'rack.session' and ip.routeable?
-        env['rack.session']['honeypot.best_guess_routeable_remote_ip'] = ip.to_s
-      end
-      
-      # For use by other middleware or the app itself
-      env['honeypot.best_guess_routeable_remote_ip'] = ip.to_s
-
-      @app.call env
-    end
-
-    def _best_guess_remote_ip(env)
-      candidates = _collect_possible_remote_ips env
-      candidates.detect { |remote_ip| remote_ip.routeable? } || candidates.first
-    end
-
-    def _collect_possible_remote_ips(env)
-      candidates = Array.new
-      # rails 3
-      if env.has_key? 'action_dispatch.remote_ip'
-        candidates.push env['action_dispatch.remote_ip']
-      end
-      # rails 2
-      if env.has_key? 'action_controller.rescue.request'
-        candidates.push env['action_controller.rescue.request']
-      end
-      # saved by honeypot between requests
-      if env.has_key? 'rack.session'
-        candidates.push env['rack.session']['honeypot.best_guess_routeable_remote_ip']
-      end
-      candidates.map! do |raw_ip_address|
-        begin
-          IPAddr.new raw_ip_address.to_s
-        rescue ArgumentError
-          # ignore it, maybe bad data got in here somehow
-        end
-      end
-      candidates.compact!
-      candidates
-    end
-  end
-end

data/lib/honeypot/ipaddr_ext.rb

@@ -1,18 +0,0 @@
-# http://codesnippets.joyent.com/posts/show/7546
-class IPAddr
-  UNROUTEABLE_RANGES = [
-    IPAddr.new('127.0.0.1/32'),
-    IPAddr.new('10.0.0.0/8'),
-    IPAddr.new('172.16.0.0/12'),
-    IPAddr.new('192.168.0.0/16')
-  ]
-  
-  def unrouteable?
-    return false unless self.ipv4?
-    UNROUTEABLE_RANGES.any? { |ipr| ipr.include? self }
-  end
-
-  def routeable?
-    !unrouteable?
-  end
-end

data/lib/honeypot/rails.rb

@@ -1,5 +0,0 @@
-require 'honeypot'
-
-raise "rails 2.3 support isn't tested"
-
-::Rails.configuration.middleware.insert_after '::Rack::MethodOverride', '::Honeypot::BestGuessRouteableRemoteIp'