honeypot 0.0.8 → 0.0.9

Sign up to get free protection for your applications and to get access to all the features.
data/Rakefile CHANGED
@@ -12,9 +12,8 @@ begin
12
12
  gem.authors = ["Seamus Abshere"]
13
13
  gem.add_dependency 'fast_timestamp', '>=0.0.4'
14
14
  gem.add_dependency 'geokit', '>=1.5.0'
15
- gem.add_dependency 'activesupport', '>=2.3.8'
16
- gem.add_dependency 'activerecord', '>=2.3.8'
17
- gem.add_dependency 'andand', '>=1.3.1'
15
+ gem.add_dependency 'activesupport', '>=2.3.5'
16
+ gem.add_dependency 'activerecord', '>=2.3.5'
18
17
  # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
19
18
  end
20
19
  Jeweler::GemcutterTasks.new
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.8
1
+ 0.0.9
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{honeypot}
8
- s.version = "0.0.8"
8
+ s.version = "0.0.9"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Seamus Abshere"]
12
- s.date = %q{2010-07-15}
12
+ s.date = %q{2010-07-20}
13
13
  s.description = %q{Catch bad guys when they stick their hands in the honey.}
14
14
  s.email = %q{seamus@abshere.net}
15
15
  s.extra_rdoc_files = [
@@ -25,12 +25,10 @@ Gem::Specification.new do |s|
25
25
  "VERSION",
26
26
  "honeypot.gemspec",
27
27
  "lib/honeypot.rb",
28
- "lib/honeypot/best_guess_routeable_remote_ip.rb",
29
- "lib/honeypot/ipaddr_ext.rb",
30
- "lib/honeypot/rails.rb",
31
28
  "lib/honeypot/railtie.rb",
32
29
  "lib/honeypot/remote_host.rb",
33
30
  "lib/honeypot/remote_request.rb",
31
+ "lib/honeypot/true_remote_ip.rb",
34
32
  "test/helper.rb",
35
33
  "test/test_honeypot.rb"
36
34
  ]
@@ -51,22 +49,19 @@ Gem::Specification.new do |s|
51
49
  if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
52
50
  s.add_runtime_dependency(%q<fast_timestamp>, [">= 0.0.4"])
53
51
  s.add_runtime_dependency(%q<geokit>, [">= 1.5.0"])
54
- s.add_runtime_dependency(%q<activesupport>, [">= 2.3.8"])
55
- s.add_runtime_dependency(%q<activerecord>, [">= 2.3.8"])
56
- s.add_runtime_dependency(%q<andand>, [">= 1.3.1"])
52
+ s.add_runtime_dependency(%q<activesupport>, [">= 2.3.5"])
53
+ s.add_runtime_dependency(%q<activerecord>, [">= 2.3.5"])
57
54
  else
58
55
  s.add_dependency(%q<fast_timestamp>, [">= 0.0.4"])
59
56
  s.add_dependency(%q<geokit>, [">= 1.5.0"])
60
- s.add_dependency(%q<activesupport>, [">= 2.3.8"])
61
- s.add_dependency(%q<activerecord>, [">= 2.3.8"])
62
- s.add_dependency(%q<andand>, [">= 1.3.1"])
57
+ s.add_dependency(%q<activesupport>, [">= 2.3.5"])
58
+ s.add_dependency(%q<activerecord>, [">= 2.3.5"])
63
59
  end
64
60
  else
65
61
  s.add_dependency(%q<fast_timestamp>, [">= 0.0.4"])
66
62
  s.add_dependency(%q<geokit>, [">= 1.5.0"])
67
- s.add_dependency(%q<activesupport>, [">= 2.3.8"])
68
- s.add_dependency(%q<activerecord>, [">= 2.3.8"])
69
- s.add_dependency(%q<andand>, [">= 1.3.1"])
63
+ s.add_dependency(%q<activesupport>, [">= 2.3.5"])
64
+ s.add_dependency(%q<activerecord>, [">= 2.3.5"])
70
65
  end
71
66
  end
72
67
 
@@ -1,6 +1,5 @@
1
1
  require 'ipaddr'
2
2
  require 'set'
3
- require 'andand'
4
3
  require 'active_support'
5
4
  require 'active_support/version'
6
5
  %w{
@@ -10,12 +9,8 @@ require 'active_support/version'
10
9
  end if ActiveSupport::VERSION::MAJOR == 3
11
10
  require 'active_record'
12
11
  require 'fast_timestamp'
13
- require 'honeypot/ipaddr_ext'
14
12
  require 'honeypot/remote_request'
15
13
  require 'honeypot/remote_host'
16
- require 'honeypot/best_guess_routeable_remote_ip'
17
-
18
- require 'honeypot/railtie' if defined? ::Rails::Railtie
19
14
 
20
15
  module Honeypot
21
16
  def self.included(base)
@@ -25,17 +20,46 @@ module Honeypot
25
20
  end
26
21
  end
27
22
 
28
- def log_action_dispatch_request(request)
29
- log_remote_request request.env['honeypot.best_guess_routeable_remote_ip'], request.url, request.referer
23
+ # Returns a String of the first remote ip, or nil if it doesn't find any.
24
+ def self.true_remote_ip(ips)
25
+ hit = ips.detect { |ip| routeable_ip? ip }
26
+ return unless hit
27
+ hit.to_s
28
+ end
29
+
30
+ UNROUTEABLE_CIDRS = [
31
+ ::IPAddr.new('127.0.0.1/32'),
32
+ ::IPAddr.new('10.0.0.0/8'),
33
+ ::IPAddr.new('172.16.0.0/12'),
34
+ ::IPAddr.new('192.168.0.0/16')
35
+ ]
36
+
37
+ def self.routeable_ip?(ip)
38
+ ip_addr = ::IPAddr.new ip.to_s
39
+ ip_addr.ipv4? and UNROUTEABLE_CIDRS.none? { |cidr| cidr.include? ip_addr }
40
+ rescue ArgumentError
41
+ false
42
+ end
43
+
44
+ # The Rack middleware isn't enabled, so we have to do it here.
45
+ # On other requests you'll have to manually save session['honeypot.true_remote_ip']
46
+ def log_rails_2_request(request, session)
47
+ if ip = ::Honeypot.true_remote_ip([request.remote_ip, session['honeypot.true_remote_ip']])
48
+ session['honeypot.true_remote_ip'] = ip
49
+ log_remote_request ip, request.url, request.referer
50
+ end
30
51
  end
31
52
 
53
+ # For use in Rails 3 and other Rack apps.
32
54
  def log_rack_env(env)
33
55
  request = ::Rack::Request.new env
34
- log_remote_request request.env['honeypot.best_guess_routeable_remote_ip'], request.url, request.referer
56
+ if env['honeypot.true_remote_ip'].present?
57
+ log_remote_request env['honeypot.true_remote_ip'], request.url, request.referer
58
+ end
35
59
  end
36
60
 
37
- def log_remote_request(ip_address, url, referer)
38
- remote_host = RemoteHost.find_or_create_by_ip_address ip_address
61
+ def log_remote_request(ip, url, referer)
62
+ remote_host = RemoteHost.find_or_create_by_ip_address ip
39
63
  remote_request = remote_requests.find_or_create_by_remote_host_id remote_host.id
40
64
  remote_request.last_http_referer = referer
41
65
  remote_request.last_request_uri = url
@@ -62,3 +86,8 @@ module Honeypot
62
86
  set
63
87
  end
64
88
  end
89
+
90
+ if defined? ::Rails::Railtie and ActiveSupport::VERSION::MAJOR > 2
91
+ require 'honeypot/true_remote_ip'
92
+ require 'honeypot/railtie'
93
+ end
@@ -4,6 +4,6 @@ require 'rails'
4
4
  module Honeypot
5
5
  class Railtie < Rails::Railtie
6
6
  # more or less, this puts us after the rails helper stuff (ActionDispatch::RemoteIp) but before most custom middleware
7
- config.app_middleware.insert_after '::Rack::MethodOverride', '::Honeypot::BestGuessRouteableRemoteIp'
7
+ config.app_middleware.insert_after '::Rack::MethodOverride', '::Honeypot::TrueRemoteIp'
8
8
  end
9
9
  end
@@ -0,0 +1,38 @@
1
+ # inspired by hoptoad_notifier
2
+ # http://charlesmaxwood.com/sessions-in-rack-and-rails-metal/
3
+ module Honeypot
4
+ # Middleware for Rack applications. Remote hosts will be tied together with remote requests.
5
+ class TrueRemoteIp
6
+ def initialize(app)
7
+ @app = app
8
+ end
9
+
10
+ def call(env)
11
+ ip = ::Honeypot.true_remote_ip _possible_remote_ips(env)
12
+
13
+ # For the next request, in case the next time we see this session the remote ip is obscured
14
+ # (for example, that happens if you're on engineyard and the request comes in over SSL)
15
+ if ip and env.has_key? 'rack.session'
16
+ env['rack.session']['honeypot.true_remote_ip'] = ip
17
+ end
18
+
19
+ # For use by other middleware or the app itself
20
+ env['honeypot.true_remote_ip'] = ip
21
+
22
+ @app.call env
23
+ end
24
+
25
+ def _possible_remote_ips(env)
26
+ candidates = Array.new
27
+ # nicely provided by Rails 3
28
+ if env['action_dispatch.remote_ip']
29
+ candidates.push env['action_dispatch.remote_ip']
30
+ end
31
+ # saved by honeypot between requests
32
+ if env['rack.session']
33
+ candidates.push env['rack.session']['honeypot.true_remote_ip']
34
+ end
35
+ candidates
36
+ end
37
+ end
38
+ end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: honeypot
3
3
  version: !ruby/object:Gem::Version
4
- hash: 15
4
+ hash: 13
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 8
10
- version: 0.0.8
9
+ - 9
10
+ version: 0.0.9
11
11
  platform: ruby
12
12
  authors:
13
13
  - Seamus Abshere
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-07-15 00:00:00 -05:00
18
+ date: 2010-07-20 00:00:00 -05:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
@@ -58,12 +58,12 @@ dependencies:
58
58
  requirements:
59
59
  - - ">="
60
60
  - !ruby/object:Gem::Version
61
- hash: 19
61
+ hash: 9
62
62
  segments:
63
63
  - 2
64
64
  - 3
65
- - 8
66
- version: 2.3.8
65
+ - 5
66
+ version: 2.3.5
67
67
  type: :runtime
68
68
  version_requirements: *id003
69
69
  - !ruby/object:Gem::Dependency
@@ -74,30 +74,14 @@ dependencies:
74
74
  requirements:
75
75
  - - ">="
76
76
  - !ruby/object:Gem::Version
77
- hash: 19
77
+ hash: 9
78
78
  segments:
79
79
  - 2
80
80
  - 3
81
- - 8
82
- version: 2.3.8
81
+ - 5
82
+ version: 2.3.5
83
83
  type: :runtime
84
84
  version_requirements: *id004
85
- - !ruby/object:Gem::Dependency
86
- name: andand
87
- prerelease: false
88
- requirement: &id005 !ruby/object:Gem::Requirement
89
- none: false
90
- requirements:
91
- - - ">="
92
- - !ruby/object:Gem::Version
93
- hash: 25
94
- segments:
95
- - 1
96
- - 3
97
- - 1
98
- version: 1.3.1
99
- type: :runtime
100
- version_requirements: *id005
101
85
  description: Catch bad guys when they stick their hands in the honey.
102
86
  email: seamus@abshere.net
103
87
  executables: []
@@ -116,12 +100,10 @@ files:
116
100
  - VERSION
117
101
  - honeypot.gemspec
118
102
  - lib/honeypot.rb
119
- - lib/honeypot/best_guess_routeable_remote_ip.rb
120
- - lib/honeypot/ipaddr_ext.rb
121
- - lib/honeypot/rails.rb
122
103
  - lib/honeypot/railtie.rb
123
104
  - lib/honeypot/remote_host.rb
124
105
  - lib/honeypot/remote_request.rb
106
+ - lib/honeypot/true_remote_ip.rb
125
107
  - test/helper.rb
126
108
  - test/test_honeypot.rb
127
109
  has_rdoc: true
@@ -1,55 +0,0 @@
1
- # inspired by hoptoad_notifier
2
- # http://charlesmaxwood.com/sessions-in-rack-and-rails-metal/
3
- module Honeypot
4
- # Middleware for Rack applications. Remote hosts will be tied together with remote requests.
5
- class BestGuessRouteableRemoteIp
6
- def initialize(app)
7
- @app = app
8
- end
9
-
10
- def call(env)
11
- ip = _best_guess_remote_ip env
12
-
13
- # For the next request, in case the next time we see this session the remote ip is obscured
14
- # (for example, that happens if you're on engineyard and the request comes in over SSL)
15
- if env.has_key? 'rack.session' and ip.routeable?
16
- env['rack.session']['honeypot.best_guess_routeable_remote_ip'] = ip.to_s
17
- end
18
-
19
- # For use by other middleware or the app itself
20
- env['honeypot.best_guess_routeable_remote_ip'] = ip.to_s
21
-
22
- @app.call env
23
- end
24
-
25
- def _best_guess_remote_ip(env)
26
- candidates = _collect_possible_remote_ips env
27
- candidates.detect { |remote_ip| remote_ip.routeable? } || candidates.first
28
- end
29
-
30
- def _collect_possible_remote_ips(env)
31
- candidates = Array.new
32
- # rails 3
33
- if env.has_key? 'action_dispatch.remote_ip'
34
- candidates.push env['action_dispatch.remote_ip']
35
- end
36
- # rails 2
37
- if env.has_key? 'action_controller.rescue.request'
38
- candidates.push env['action_controller.rescue.request']
39
- end
40
- # saved by honeypot between requests
41
- if env.has_key? 'rack.session'
42
- candidates.push env['rack.session']['honeypot.best_guess_routeable_remote_ip']
43
- end
44
- candidates.map! do |raw_ip_address|
45
- begin
46
- IPAddr.new raw_ip_address.to_s
47
- rescue ArgumentError
48
- # ignore it, maybe bad data got in here somehow
49
- end
50
- end
51
- candidates.compact!
52
- candidates
53
- end
54
- end
55
- end
@@ -1,18 +0,0 @@
1
- # http://codesnippets.joyent.com/posts/show/7546
2
- class IPAddr
3
- UNROUTEABLE_RANGES = [
4
- IPAddr.new('127.0.0.1/32'),
5
- IPAddr.new('10.0.0.0/8'),
6
- IPAddr.new('172.16.0.0/12'),
7
- IPAddr.new('192.168.0.0/16')
8
- ]
9
-
10
- def unrouteable?
11
- return false unless self.ipv4?
12
- UNROUTEABLE_RANGES.any? { |ipr| ipr.include? self }
13
- end
14
-
15
- def routeable?
16
- !unrouteable?
17
- end
18
- end
@@ -1,5 +0,0 @@
1
- require 'honeypot'
2
-
3
- raise "rails 2.3 support isn't tested"
4
-
5
- ::Rails.configuration.middleware.insert_after '::Rack::MethodOverride', '::Honeypot::BestGuessRouteableRemoteIp'