honeypot 0.0.8 → 0.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/Rakefile CHANGED
@@ -12,9 +12,8 @@ begin
12
12
  gem.authors = ["Seamus Abshere"]
13
13
  gem.add_dependency 'fast_timestamp', '>=0.0.4'
14
14
  gem.add_dependency 'geokit', '>=1.5.0'
15
- gem.add_dependency 'activesupport', '>=2.3.8'
16
- gem.add_dependency 'activerecord', '>=2.3.8'
17
- gem.add_dependency 'andand', '>=1.3.1'
15
+ gem.add_dependency 'activesupport', '>=2.3.5'
16
+ gem.add_dependency 'activerecord', '>=2.3.5'
18
17
  # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
19
18
  end
20
19
  Jeweler::GemcutterTasks.new
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.8
1
+ 0.0.9
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{honeypot}
8
- s.version = "0.0.8"
8
+ s.version = "0.0.9"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Seamus Abshere"]
12
- s.date = %q{2010-07-15}
12
+ s.date = %q{2010-07-20}
13
13
  s.description = %q{Catch bad guys when they stick their hands in the honey.}
14
14
  s.email = %q{seamus@abshere.net}
15
15
  s.extra_rdoc_files = [
@@ -25,12 +25,10 @@ Gem::Specification.new do |s|
25
25
  "VERSION",
26
26
  "honeypot.gemspec",
27
27
  "lib/honeypot.rb",
28
- "lib/honeypot/best_guess_routeable_remote_ip.rb",
29
- "lib/honeypot/ipaddr_ext.rb",
30
- "lib/honeypot/rails.rb",
31
28
  "lib/honeypot/railtie.rb",
32
29
  "lib/honeypot/remote_host.rb",
33
30
  "lib/honeypot/remote_request.rb",
31
+ "lib/honeypot/true_remote_ip.rb",
34
32
  "test/helper.rb",
35
33
  "test/test_honeypot.rb"
36
34
  ]
@@ -51,22 +49,19 @@ Gem::Specification.new do |s|
51
49
  if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
52
50
  s.add_runtime_dependency(%q<fast_timestamp>, [">= 0.0.4"])
53
51
  s.add_runtime_dependency(%q<geokit>, [">= 1.5.0"])
54
- s.add_runtime_dependency(%q<activesupport>, [">= 2.3.8"])
55
- s.add_runtime_dependency(%q<activerecord>, [">= 2.3.8"])
56
- s.add_runtime_dependency(%q<andand>, [">= 1.3.1"])
52
+ s.add_runtime_dependency(%q<activesupport>, [">= 2.3.5"])
53
+ s.add_runtime_dependency(%q<activerecord>, [">= 2.3.5"])
57
54
  else
58
55
  s.add_dependency(%q<fast_timestamp>, [">= 0.0.4"])
59
56
  s.add_dependency(%q<geokit>, [">= 1.5.0"])
60
- s.add_dependency(%q<activesupport>, [">= 2.3.8"])
61
- s.add_dependency(%q<activerecord>, [">= 2.3.8"])
62
- s.add_dependency(%q<andand>, [">= 1.3.1"])
57
+ s.add_dependency(%q<activesupport>, [">= 2.3.5"])
58
+ s.add_dependency(%q<activerecord>, [">= 2.3.5"])
63
59
  end
64
60
  else
65
61
  s.add_dependency(%q<fast_timestamp>, [">= 0.0.4"])
66
62
  s.add_dependency(%q<geokit>, [">= 1.5.0"])
67
- s.add_dependency(%q<activesupport>, [">= 2.3.8"])
68
- s.add_dependency(%q<activerecord>, [">= 2.3.8"])
69
- s.add_dependency(%q<andand>, [">= 1.3.1"])
63
+ s.add_dependency(%q<activesupport>, [">= 2.3.5"])
64
+ s.add_dependency(%q<activerecord>, [">= 2.3.5"])
70
65
  end
71
66
  end
72
67
 
@@ -1,6 +1,5 @@
1
1
  require 'ipaddr'
2
2
  require 'set'
3
- require 'andand'
4
3
  require 'active_support'
5
4
  require 'active_support/version'
6
5
  %w{
@@ -10,12 +9,8 @@ require 'active_support/version'
10
9
  end if ActiveSupport::VERSION::MAJOR == 3
11
10
  require 'active_record'
12
11
  require 'fast_timestamp'
13
- require 'honeypot/ipaddr_ext'
14
12
  require 'honeypot/remote_request'
15
13
  require 'honeypot/remote_host'
16
- require 'honeypot/best_guess_routeable_remote_ip'
17
-
18
- require 'honeypot/railtie' if defined? ::Rails::Railtie
19
14
 
20
15
  module Honeypot
21
16
  def self.included(base)
@@ -25,17 +20,46 @@ module Honeypot
25
20
  end
26
21
  end
27
22
 
28
- def log_action_dispatch_request(request)
29
- log_remote_request request.env['honeypot.best_guess_routeable_remote_ip'], request.url, request.referer
23
+ # Returns a String of the first remote ip, or nil if it doesn't find any.
24
+ def self.true_remote_ip(ips)
25
+ hit = ips.detect { |ip| routeable_ip? ip }
26
+ return unless hit
27
+ hit.to_s
28
+ end
29
+
30
+ UNROUTEABLE_CIDRS = [
31
+ ::IPAddr.new('127.0.0.1/32'),
32
+ ::IPAddr.new('10.0.0.0/8'),
33
+ ::IPAddr.new('172.16.0.0/12'),
34
+ ::IPAddr.new('192.168.0.0/16')
35
+ ]
36
+
37
+ def self.routeable_ip?(ip)
38
+ ip_addr = ::IPAddr.new ip.to_s
39
+ ip_addr.ipv4? and UNROUTEABLE_CIDRS.none? { |cidr| cidr.include? ip_addr }
40
+ rescue ArgumentError
41
+ false
42
+ end
43
+
44
+ # The Rack middleware isn't enabled, so we have to do it here.
45
+ # On other requests you'll have to manually save session['honeypot.true_remote_ip']
46
+ def log_rails_2_request(request, session)
47
+ if ip = ::Honeypot.true_remote_ip([request.remote_ip, session['honeypot.true_remote_ip']])
48
+ session['honeypot.true_remote_ip'] = ip
49
+ log_remote_request ip, request.url, request.referer
50
+ end
30
51
  end
31
52
 
53
+ # For use in Rails 3 and other Rack apps.
32
54
  def log_rack_env(env)
33
55
  request = ::Rack::Request.new env
34
- log_remote_request request.env['honeypot.best_guess_routeable_remote_ip'], request.url, request.referer
56
+ if env['honeypot.true_remote_ip'].present?
57
+ log_remote_request env['honeypot.true_remote_ip'], request.url, request.referer
58
+ end
35
59
  end
36
60
 
37
- def log_remote_request(ip_address, url, referer)
38
- remote_host = RemoteHost.find_or_create_by_ip_address ip_address
61
+ def log_remote_request(ip, url, referer)
62
+ remote_host = RemoteHost.find_or_create_by_ip_address ip
39
63
  remote_request = remote_requests.find_or_create_by_remote_host_id remote_host.id
40
64
  remote_request.last_http_referer = referer
41
65
  remote_request.last_request_uri = url
@@ -62,3 +86,8 @@ module Honeypot
62
86
  set
63
87
  end
64
88
  end
89
+
90
+ if defined? ::Rails::Railtie and ActiveSupport::VERSION::MAJOR > 2
91
+ require 'honeypot/true_remote_ip'
92
+ require 'honeypot/railtie'
93
+ end
@@ -4,6 +4,6 @@ require 'rails'
4
4
  module Honeypot
5
5
  class Railtie < Rails::Railtie
6
6
  # more or less, this puts us after the rails helper stuff (ActionDispatch::RemoteIp) but before most custom middleware
7
- config.app_middleware.insert_after '::Rack::MethodOverride', '::Honeypot::BestGuessRouteableRemoteIp'
7
+ config.app_middleware.insert_after '::Rack::MethodOverride', '::Honeypot::TrueRemoteIp'
8
8
  end
9
9
  end
@@ -0,0 +1,38 @@
1
+ # inspired by hoptoad_notifier
2
+ # http://charlesmaxwood.com/sessions-in-rack-and-rails-metal/
3
+ module Honeypot
4
+ # Middleware for Rack applications. Remote hosts will be tied together with remote requests.
5
+ class TrueRemoteIp
6
+ def initialize(app)
7
+ @app = app
8
+ end
9
+
10
+ def call(env)
11
+ ip = ::Honeypot.true_remote_ip _possible_remote_ips(env)
12
+
13
+ # For the next request, in case the next time we see this session the remote ip is obscured
14
+ # (for example, that happens if you're on engineyard and the request comes in over SSL)
15
+ if ip and env.has_key? 'rack.session'
16
+ env['rack.session']['honeypot.true_remote_ip'] = ip
17
+ end
18
+
19
+ # For use by other middleware or the app itself
20
+ env['honeypot.true_remote_ip'] = ip
21
+
22
+ @app.call env
23
+ end
24
+
25
+ def _possible_remote_ips(env)
26
+ candidates = Array.new
27
+ # nicely provided by Rails 3
28
+ if env['action_dispatch.remote_ip']
29
+ candidates.push env['action_dispatch.remote_ip']
30
+ end
31
+ # saved by honeypot between requests
32
+ if env['rack.session']
33
+ candidates.push env['rack.session']['honeypot.true_remote_ip']
34
+ end
35
+ candidates
36
+ end
37
+ end
38
+ end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: honeypot
3
3
  version: !ruby/object:Gem::Version
4
- hash: 15
4
+ hash: 13
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 8
10
- version: 0.0.8
9
+ - 9
10
+ version: 0.0.9
11
11
  platform: ruby
12
12
  authors:
13
13
  - Seamus Abshere
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-07-15 00:00:00 -05:00
18
+ date: 2010-07-20 00:00:00 -05:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
@@ -58,12 +58,12 @@ dependencies:
58
58
  requirements:
59
59
  - - ">="
60
60
  - !ruby/object:Gem::Version
61
- hash: 19
61
+ hash: 9
62
62
  segments:
63
63
  - 2
64
64
  - 3
65
- - 8
66
- version: 2.3.8
65
+ - 5
66
+ version: 2.3.5
67
67
  type: :runtime
68
68
  version_requirements: *id003
69
69
  - !ruby/object:Gem::Dependency
@@ -74,30 +74,14 @@ dependencies:
74
74
  requirements:
75
75
  - - ">="
76
76
  - !ruby/object:Gem::Version
77
- hash: 19
77
+ hash: 9
78
78
  segments:
79
79
  - 2
80
80
  - 3
81
- - 8
82
- version: 2.3.8
81
+ - 5
82
+ version: 2.3.5
83
83
  type: :runtime
84
84
  version_requirements: *id004
85
- - !ruby/object:Gem::Dependency
86
- name: andand
87
- prerelease: false
88
- requirement: &id005 !ruby/object:Gem::Requirement
89
- none: false
90
- requirements:
91
- - - ">="
92
- - !ruby/object:Gem::Version
93
- hash: 25
94
- segments:
95
- - 1
96
- - 3
97
- - 1
98
- version: 1.3.1
99
- type: :runtime
100
- version_requirements: *id005
101
85
  description: Catch bad guys when they stick their hands in the honey.
102
86
  email: seamus@abshere.net
103
87
  executables: []
@@ -116,12 +100,10 @@ files:
116
100
  - VERSION
117
101
  - honeypot.gemspec
118
102
  - lib/honeypot.rb
119
- - lib/honeypot/best_guess_routeable_remote_ip.rb
120
- - lib/honeypot/ipaddr_ext.rb
121
- - lib/honeypot/rails.rb
122
103
  - lib/honeypot/railtie.rb
123
104
  - lib/honeypot/remote_host.rb
124
105
  - lib/honeypot/remote_request.rb
106
+ - lib/honeypot/true_remote_ip.rb
125
107
  - test/helper.rb
126
108
  - test/test_honeypot.rb
127
109
  has_rdoc: true
@@ -1,55 +0,0 @@
1
- # inspired by hoptoad_notifier
2
- # http://charlesmaxwood.com/sessions-in-rack-and-rails-metal/
3
- module Honeypot
4
- # Middleware for Rack applications. Remote hosts will be tied together with remote requests.
5
- class BestGuessRouteableRemoteIp
6
- def initialize(app)
7
- @app = app
8
- end
9
-
10
- def call(env)
11
- ip = _best_guess_remote_ip env
12
-
13
- # For the next request, in case the next time we see this session the remote ip is obscured
14
- # (for example, that happens if you're on engineyard and the request comes in over SSL)
15
- if env.has_key? 'rack.session' and ip.routeable?
16
- env['rack.session']['honeypot.best_guess_routeable_remote_ip'] = ip.to_s
17
- end
18
-
19
- # For use by other middleware or the app itself
20
- env['honeypot.best_guess_routeable_remote_ip'] = ip.to_s
21
-
22
- @app.call env
23
- end
24
-
25
- def _best_guess_remote_ip(env)
26
- candidates = _collect_possible_remote_ips env
27
- candidates.detect { |remote_ip| remote_ip.routeable? } || candidates.first
28
- end
29
-
30
- def _collect_possible_remote_ips(env)
31
- candidates = Array.new
32
- # rails 3
33
- if env.has_key? 'action_dispatch.remote_ip'
34
- candidates.push env['action_dispatch.remote_ip']
35
- end
36
- # rails 2
37
- if env.has_key? 'action_controller.rescue.request'
38
- candidates.push env['action_controller.rescue.request']
39
- end
40
- # saved by honeypot between requests
41
- if env.has_key? 'rack.session'
42
- candidates.push env['rack.session']['honeypot.best_guess_routeable_remote_ip']
43
- end
44
- candidates.map! do |raw_ip_address|
45
- begin
46
- IPAddr.new raw_ip_address.to_s
47
- rescue ArgumentError
48
- # ignore it, maybe bad data got in here somehow
49
- end
50
- end
51
- candidates.compact!
52
- candidates
53
- end
54
- end
55
- end
@@ -1,18 +0,0 @@
1
- # http://codesnippets.joyent.com/posts/show/7546
2
- class IPAddr
3
- UNROUTEABLE_RANGES = [
4
- IPAddr.new('127.0.0.1/32'),
5
- IPAddr.new('10.0.0.0/8'),
6
- IPAddr.new('172.16.0.0/12'),
7
- IPAddr.new('192.168.0.0/16')
8
- ]
9
-
10
- def unrouteable?
11
- return false unless self.ipv4?
12
- UNROUTEABLE_RANGES.any? { |ipr| ipr.include? self }
13
- end
14
-
15
- def routeable?
16
- !unrouteable?
17
- end
18
- end
@@ -1,5 +0,0 @@
1
- require 'honeypot'
2
-
3
- raise "rails 2.3 support isn't tested"
4
-
5
- ::Rails.configuration.middleware.insert_after '::Rack::MethodOverride', '::Honeypot::BestGuessRouteableRemoteIp'