immunio 1.0.1 → 1.0.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 82b5c85531ac725190ae7c039e598236a8279631
4
- data.tar.gz: 1cf2cf8df3d7d2395b01be335d1e6b735b20b730
3
+ metadata.gz: bfccbfc5c7719eb52d20d25f321e69a8237bea4a
4
+ data.tar.gz: de0e2240f7c958e8dc22f3bc859d53b758d54b8e
5
5
  SHA512:
6
- metadata.gz: 359c0aab9d3c0057cc834c82b31286eeac03a0e6d8b47f4816b722b379d0ff3e4a5e2cb84d430411d2c1e9833da1b459e4d9e82a9c1b42dddc5f9e1f328ef846
7
- data.tar.gz: 1812771888e04260f9bc31bdfc085c0072e29e1e52232567564653a9510385f015f3fd9f65ebde40661000fe312bdba9156a5b3899fc73321121d406f38840e3
6
+ metadata.gz: 9af162bbf91d49c20f126ce69d4fc4b8ef220880f3d2ac7dfc15e035b2e386c5ab290896161877eccef97edf460b3d2b3b4afc8fb5997d65da93061b6b88edf1
7
+ data.tar.gz: 21de7b2342ad41dbb9be6ef89fad8991eb0e04c4598c064806538a5d665936746ca40255eba4e40ef6543b1fad857dde79e7e11d43bd9e66507733fc5ae76cf3
data/LICENSE CHANGED
@@ -166,6 +166,27 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
166
166
  FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
167
167
  DEALINGS IN THE SOFTWARE.
168
168
 
169
+ This product includes content covered by the following license:
170
+ Copyright (c) 2014 Project Nayuki
171
+ http://www.nayuki.io/page/fast-sha1-hash-implementation-in-x86-assembly
172
+
173
+ (MIT License)
174
+ Permission is hereby granted, free of charge, to any person obtaining a copy of
175
+ this software and associated documentation files (the "Software"), to deal in
176
+ the Software without restriction, including without limitation the rights to
177
+ use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
178
+ the Software, and to permit persons to whom the Software is furnished to do so,
179
+ subject to the following conditions:
180
+ - The above copyright notice and this permission notice shall be included in
181
+ all copies or substantial portions of the Software.
182
+ - The Software is provided "as is", without warranty of any kind, express or
183
+ implied, including but not limited to the warranties of merchantability,
184
+ fitness for a particular purpose and noninfringement. In no event shall the
185
+ authors or copyright holders be liable for any claim, damages or other
186
+ liability, whether in an action of contract, tort or otherwise, arising from,
187
+ out of or in connection with the Software or the use or other dealings in the
188
+ Software.
189
+
169
190
 
170
191
  All other components of this product are
171
192
  Copyright (c) 2015 Immunio, Inc. All rights reserved.
data/README.md CHANGED
@@ -2,10 +2,10 @@
2
2
 
3
3
  ## Installation
4
4
 
5
- Add the private Immunio Gemfury repo and the gem itself to your Gemfile:
5
+ Add the private Immunio gem to your Gemfile:
6
6
 
7
7
  ```ruby
8
- gem 'immunio', source: 'https://6kxysjCKxsZz3uR6wgas@gem.fury.io/immunio/'
8
+ gem 'immunio'
9
9
  ```
10
10
 
11
11
  Run Bundler to install the gem:
@@ -111,7 +111,7 @@ end
111
111
 
112
112
  ## Support
113
113
 
114
- - Ruby 2.0 and up
114
+ - Ruby 1.9.3 and up
115
115
  - Rails 3.2 to 4.2
116
116
 
117
117
  ## Building the gem
@@ -1,5 +1,5 @@
1
1
  module Immunio
2
2
  AGENT_TYPE = "agent-ruby"
3
- VERSION = "1.0.1"
3
+ VERSION = "1.0.2"
4
4
  VM_VERSION = "2.2.0"
5
5
  end
data/lua-hooks/Makefile CHANGED
@@ -16,6 +16,8 @@ SRC = \
16
16
 
17
17
  OBJ = ${SRC:.c=.o}
18
18
 
19
+ SHA1OBJ = ext/sha1/sha1.o
20
+
19
21
  # Library archive. Used for compiling along agent bindings.
20
22
  SO_OUT = libimmunio.so
21
23
  A_OUT = libimmunio.a
@@ -52,7 +54,12 @@ all: ${CLI} ${INIT_HOOK} ${HOOKS_TARBALL} ${HOOKS_SRCS_TARBALL}
52
54
  .c.o:
53
55
  MACOSX_DEPLOYMENT_TARGET="10.9" ${CC} ${CFLAGS} -c ${INCS} -o $@ $<
54
56
 
55
- ${SO_OUT}: ${OBJ} ${LUAJIT_OBJ}
57
+ # There is a huge performance advantage compiling sha1.o with just -O
58
+ # -O2 or -O3 *reduce* the speed of the algorithm 30%
59
+ ${SHA1OBJ}:
60
+ ${CC} -O -c ${INCS} -o ${SHA1OBJ} ${SHA1OBJ:.o=.c}
61
+
62
+ ${SO_OUT}: ${OBJ} ${LUAJIT_OBJ} ${SHA1OBJ}
56
63
  ${CC} -shared ${CFLAGS} ${LIBS} -o $@ -lc $^
57
64
 
58
65
  ${A_OUT}: ${OBJ}
@@ -66,7 +73,7 @@ ${LUAJIT_OBJ}:
66
73
 
67
74
  # Build lua executable for testing and compilation
68
75
  # Seperate compilation as we need the LUA_UNSAFE_MODE flag set...
69
- ${CLI}: ${CLI_SRC} ${LUAJIT_OBJ}
76
+ ${CLI}: ${CLI_SRC} ${LUAJIT_OBJ} ${SHA1OBJ}
70
77
  ${CC} ${CFLAGS} -DLUA_UNSAFE_MODE ${INCS} -o $@ $^ ${LIBS}
71
78
 
72
79
  # Concatenate init hooks into one __init__.lua hook with two newlines in between
@@ -88,14 +95,18 @@ ${HOOKS_TARBALL}: ${MIN_SRCS}
88
95
  ${HOOKS_SRCS_TARBALL}: ${HOOK_SRCS}
89
96
  tar -czf $@ -C hooks . --exclude="init"
90
97
 
91
- clean:
92
- rm -f ${CLI} ${OBJ} ${SO_OUT} ${A_OUT} ${LUAJIT_OUT}
93
- cd ext/luajit && make clean
98
+ cleanhooks:
94
99
  rm -f ${INIT_HOOK}
100
+ rm -f build/*.lua
101
+
102
+ clean: cleanhooks
103
+ rm -f ${CLI} ${OBJ} ${SO_OUT} ${A_OUT} ${LUAJIT_OUT} ${SHA1OBJ}
104
+ cd ext/luajit && make clean
95
105
  rm -f test_failed
96
106
  rm -rf build
97
107
  find . -name \*.o -delete
98
108
 
109
+
99
110
  test: ${CLI} ${INIT_HOOK} lint ${MIN_SRCS}
100
111
  @rm -f test_failed
101
112
  @for file in test/*_test.lua; do printf "\nRunning $$file\n"; TEST_BUILT_HOOKS=1 ./${CLI} $$file || touch test_failed; done
data/lua-hooks/ext/all.c CHANGED
@@ -15,6 +15,7 @@
15
15
  #include "lpeg/lptree.c"
16
16
  #include "lua-cmsgpack/lua_cmsgpack.c"
17
17
  #include "lua-snapshot/snapshot.c"
18
+ #include "sha1/luasha1.c"
18
19
 
19
20
  static const luaL_Reg lj_lib_load[] = {
20
21
  // Default Lua modules
@@ -42,6 +43,7 @@ static const luaL_Reg lj_lib_load[] = {
42
43
  {"lpeg", luaopen_lpeg},
43
44
  {LUACMSGPACK_NAME, luaopen_cmsgpack},
44
45
  {"snapshot", luaopen_snapshot},
46
+ {"sha1", luaopen_sha1},
45
47
 
46
48
  { NULL, NULL }
47
49
  };
@@ -0,0 +1,72 @@
1
+ #include <stdio.h>
2
+
3
+ #define LUA_LIB
4
+ #include "lua.h"
5
+ #include "lauxlib.h"
6
+
7
+ // Link this program with an external C or x86 compression function
8
+ extern void sha1_compress(uint32_t state[5], const uint8_t block[64]);
9
+
10
+ /* This function is implements the padding and blocking around the SHA1 compression function
11
+ *
12
+ * Copyright (c) 2014 Project Nayuki
13
+ * http://www.nayuki.io/page/fast-sha1-hash-implementation-in-x86-assembly
14
+ */
15
+ static void
16
+ sha1_hash(const uint8_t *message, uint32_t len, uint32_t hash[5]) {
17
+ hash[0] = UINT32_C(0x67452301);
18
+ hash[1] = UINT32_C(0xEFCDAB89);
19
+ hash[2] = UINT32_C(0x98BADCFE);
20
+ hash[3] = UINT32_C(0x10325476);
21
+ hash[4] = UINT32_C(0xC3D2E1F0);
22
+
23
+ uint32_t i;
24
+ for (i = 0; len - i >= 64; i += 64)
25
+ sha1_compress(hash, message + i);
26
+
27
+ uint8_t block[64];
28
+ uint32_t rem = len - i;
29
+ memcpy(block, message + i, rem);
30
+
31
+ block[rem] = 0x80;
32
+ rem++;
33
+ if (64 - rem >= 8)
34
+ memset(block + rem, 0, 56 - rem);
35
+ else {
36
+ memset(block + rem, 0, 64 - rem);
37
+ sha1_compress(hash, block);
38
+ memset(block, 0, 56);
39
+ }
40
+
41
+ uint64_t longLen = ((uint64_t)len) << 3;
42
+ for (i = 0; i < 8; i++)
43
+ block[64 - 1 - i] = (uint8_t)(longLen >> (i * 8));
44
+ sha1_compress(hash, block);
45
+ }
46
+
47
+ /* Immunio Lua bindings */
48
+
49
+ static int
50
+ lua_sha1(lua_State *L) {
51
+ uint32_t hash[5] = {};
52
+ char buf[41];
53
+ size_t slen = 0;
54
+
55
+ const char *input = luaL_checklstring(L, 1, &slen);
56
+ sha1_hash(input, slen, hash);
57
+ sprintf(buf, "%08x%08x%08x%08x%08x", hash[0], hash[1], hash[2], hash[3], hash[4]);
58
+ lua_pushstring(L, buf);
59
+ return 1;
60
+ }
61
+
62
+ static const luaL_Reg libsha1[] = {
63
+ {"sha1", lua_sha1},
64
+ {NULL, NULL}
65
+ };
66
+
67
+ int
68
+ luaopen_sha1(lua_State *L) {
69
+ luaL_checkversion(L);
70
+ luaL_register(L, "sha1", libsha1);
71
+ return 1;
72
+ }
@@ -0,0 +1,145 @@
1
+ /*
2
+ * SHA-1 hash in C
3
+ *
4
+ * Copyright (c) 2014 Project Nayuki
5
+ * http://www.nayuki.io/page/fast-sha1-hash-implementation-in-x86-assembly
6
+ *
7
+ * (MIT License)
8
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
9
+ * this software and associated documentation files (the "Software"), to deal in
10
+ * the Software without restriction, including without limitation the rights to
11
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
12
+ * the Software, and to permit persons to whom the Software is furnished to do so,
13
+ * subject to the following conditions:
14
+ * - The above copyright notice and this permission notice shall be included in
15
+ * all copies or substantial portions of the Software.
16
+ * - The Software is provided "as is", without warranty of any kind, express or
17
+ * implied, including but not limited to the warranties of merchantability,
18
+ * fitness for a particular purpose and noninfringement. In no event shall the
19
+ * authors or copyright holders be liable for any claim, damages or other
20
+ * liability, whether in an action of contract, tort or otherwise, arising from,
21
+ * out of or in connection with the Software or the use or other dealings in the
22
+ * Software.
23
+ */
24
+
25
+ #include <stdint.h>
26
+
27
+
28
+ void sha1_compress(uint32_t state[5], const uint8_t block[64]) {
29
+ #define SCHEDULE(i) \
30
+ temp = schedule[(i - 3) & 0xF] ^ schedule[(i - 8) & 0xF] ^ schedule[(i - 14) & 0xF] ^ schedule[(i - 16) & 0xF]; \
31
+ schedule[i & 0xF] = temp << 1 | temp >> 31;
32
+
33
+ #define LOADSCHEDULE(i) \
34
+ schedule[i] = \
35
+ (uint32_t)block[i * 4 + 0] << 24 \
36
+ | (uint32_t)block[i * 4 + 1] << 16 \
37
+ | (uint32_t)block[i * 4 + 2] << 8 \
38
+ | (uint32_t)block[i * 4 + 3];
39
+
40
+ #define ROUND0a(a, b, c, d, e, i) LOADSCHEDULE(i) ROUNDTAIL(a, b, e, ((b & c) | (~b & d)) , i, 0x5A827999)
41
+ #define ROUND0b(a, b, c, d, e, i) SCHEDULE(i) ROUNDTAIL(a, b, e, ((b & c) | (~b & d)) , i, 0x5A827999)
42
+ #define ROUND1(a, b, c, d, e, i) SCHEDULE(i) ROUNDTAIL(a, b, e, (b ^ c ^ d) , i, 0x6ED9EBA1)
43
+ #define ROUND2(a, b, c, d, e, i) SCHEDULE(i) ROUNDTAIL(a, b, e, ((b & c) ^ (b & d) ^ (c & d)), i, 0x8F1BBCDC)
44
+ #define ROUND3(a, b, c, d, e, i) SCHEDULE(i) ROUNDTAIL(a, b, e, (b ^ c ^ d) , i, 0xCA62C1D6)
45
+
46
+ #define ROUNDTAIL(a, b, e, f, i, k) \
47
+ e += (a << 5 | a >> 27) + f + UINT32_C(k) + schedule[i & 0xF]; \
48
+ b = b << 30 | b >> 2;
49
+
50
+ uint32_t a = state[0];
51
+ uint32_t b = state[1];
52
+ uint32_t c = state[2];
53
+ uint32_t d = state[3];
54
+ uint32_t e = state[4];
55
+
56
+ uint32_t schedule[16];
57
+ uint32_t temp;
58
+ ROUND0a(a, b, c, d, e, 0)
59
+ ROUND0a(e, a, b, c, d, 1)
60
+ ROUND0a(d, e, a, b, c, 2)
61
+ ROUND0a(c, d, e, a, b, 3)
62
+ ROUND0a(b, c, d, e, a, 4)
63
+ ROUND0a(a, b, c, d, e, 5)
64
+ ROUND0a(e, a, b, c, d, 6)
65
+ ROUND0a(d, e, a, b, c, 7)
66
+ ROUND0a(c, d, e, a, b, 8)
67
+ ROUND0a(b, c, d, e, a, 9)
68
+ ROUND0a(a, b, c, d, e, 10)
69
+ ROUND0a(e, a, b, c, d, 11)
70
+ ROUND0a(d, e, a, b, c, 12)
71
+ ROUND0a(c, d, e, a, b, 13)
72
+ ROUND0a(b, c, d, e, a, 14)
73
+ ROUND0a(a, b, c, d, e, 15)
74
+ ROUND0b(e, a, b, c, d, 16)
75
+ ROUND0b(d, e, a, b, c, 17)
76
+ ROUND0b(c, d, e, a, b, 18)
77
+ ROUND0b(b, c, d, e, a, 19)
78
+ ROUND1(a, b, c, d, e, 20)
79
+ ROUND1(e, a, b, c, d, 21)
80
+ ROUND1(d, e, a, b, c, 22)
81
+ ROUND1(c, d, e, a, b, 23)
82
+ ROUND1(b, c, d, e, a, 24)
83
+ ROUND1(a, b, c, d, e, 25)
84
+ ROUND1(e, a, b, c, d, 26)
85
+ ROUND1(d, e, a, b, c, 27)
86
+ ROUND1(c, d, e, a, b, 28)
87
+ ROUND1(b, c, d, e, a, 29)
88
+ ROUND1(a, b, c, d, e, 30)
89
+ ROUND1(e, a, b, c, d, 31)
90
+ ROUND1(d, e, a, b, c, 32)
91
+ ROUND1(c, d, e, a, b, 33)
92
+ ROUND1(b, c, d, e, a, 34)
93
+ ROUND1(a, b, c, d, e, 35)
94
+ ROUND1(e, a, b, c, d, 36)
95
+ ROUND1(d, e, a, b, c, 37)
96
+ ROUND1(c, d, e, a, b, 38)
97
+ ROUND1(b, c, d, e, a, 39)
98
+ ROUND2(a, b, c, d, e, 40)
99
+ ROUND2(e, a, b, c, d, 41)
100
+ ROUND2(d, e, a, b, c, 42)
101
+ ROUND2(c, d, e, a, b, 43)
102
+ ROUND2(b, c, d, e, a, 44)
103
+ ROUND2(a, b, c, d, e, 45)
104
+ ROUND2(e, a, b, c, d, 46)
105
+ ROUND2(d, e, a, b, c, 47)
106
+ ROUND2(c, d, e, a, b, 48)
107
+ ROUND2(b, c, d, e, a, 49)
108
+ ROUND2(a, b, c, d, e, 50)
109
+ ROUND2(e, a, b, c, d, 51)
110
+ ROUND2(d, e, a, b, c, 52)
111
+ ROUND2(c, d, e, a, b, 53)
112
+ ROUND2(b, c, d, e, a, 54)
113
+ ROUND2(a, b, c, d, e, 55)
114
+ ROUND2(e, a, b, c, d, 56)
115
+ ROUND2(d, e, a, b, c, 57)
116
+ ROUND2(c, d, e, a, b, 58)
117
+ ROUND2(b, c, d, e, a, 59)
118
+ ROUND3(a, b, c, d, e, 60)
119
+ ROUND3(e, a, b, c, d, 61)
120
+ ROUND3(d, e, a, b, c, 62)
121
+ ROUND3(c, d, e, a, b, 63)
122
+ ROUND3(b, c, d, e, a, 64)
123
+ ROUND3(a, b, c, d, e, 65)
124
+ ROUND3(e, a, b, c, d, 66)
125
+ ROUND3(d, e, a, b, c, 67)
126
+ ROUND3(c, d, e, a, b, 68)
127
+ ROUND3(b, c, d, e, a, 69)
128
+ ROUND3(a, b, c, d, e, 70)
129
+ ROUND3(e, a, b, c, d, 71)
130
+ ROUND3(d, e, a, b, c, 72)
131
+ ROUND3(c, d, e, a, b, 73)
132
+ ROUND3(b, c, d, e, a, 74)
133
+ ROUND3(a, b, c, d, e, 75)
134
+ ROUND3(e, a, b, c, d, 76)
135
+ ROUND3(d, e, a, b, c, 77)
136
+ ROUND3(c, d, e, a, b, 78)
137
+ ROUND3(b, c, d, e, a, 79)
138
+
139
+ state[0] += a;
140
+ state[1] += b;
141
+ state[2] += c;
142
+ state[3] += d;
143
+ state[4] += e;
144
+ }
145
+
@@ -56,6 +56,7 @@ SANDBOX_ENV = {
56
56
  traceback = debug.traceback
57
57
  },
58
58
  select = select,
59
+ sha1 = sha1,
59
60
  utf8 = {
60
61
  byte = utf8.byte,
61
62
  char = utf8.char,
@@ -129,6 +130,7 @@ SANDBOX_ENV = {
129
130
  html = require('lexers/lexer').load('html'),
130
131
  javascript = require('lexers/lexer').load('javascript'),
131
132
  css = require('lexers/lexer').load('css'),
133
+ css_attr = require('lexers/lexer').load('css_attr'),
132
134
  },
133
135
  -- Immunio vars
134
136
  serverdata = {}, -- Default empty serverdata
@@ -10,14 +10,11 @@
10
10
  -- and handle the recursion in higher level lua at a minute performance cost.
11
11
 
12
12
  local l = require('lexer')
13
- local token, word_match = l.token, bash_word_match
13
+ local token = l.token
14
14
  local P, R, S = lpeg.P, lpeg.R, lpeg.S
15
15
 
16
16
  local M = {_NAME = 'bash_dqstr'}
17
17
 
18
- -- Whitespace.
19
- local ws = token(l.WHITESPACE, l.space^1)
20
-
21
18
  -- Generic token.
22
19
  local bash_word = (l.alpha + '_') * (l.alnum + '_' + '\\ ')^0
23
20
 
@@ -1,211 +1,96 @@
1
- -- Copyright 2006-2015 Mitchell mitchell.att.foicica.com. See LICENSE.
2
- -- CSS LPeg lexer.
1
+ -- Copyright 2006-2010 Mitchell Foral mitchell<att>caladbolg.net. See LICENSE.
2
+ -- CSS LPeg lexer
3
+ local M = {_NAME = 'css'}
3
4
 
4
5
  local l = require('lexer')
5
- local token, word_match = l.token, l.word_match
6
- local P, R, S, V = lpeg.P, lpeg.R, lpeg.S, lpeg.V
6
+ local token, parent_token, word_match, delimited_range =
7
+ l.token, l.parent_token, l.word_match, l.delimited_range
7
8
 
8
- local M = {_NAME = 'css'}
9
+ local P, R, S, V = lpeg.P, lpeg.R, lpeg.S, lpeg.V
9
10
 
10
- -- Whitespace.
11
- local ws = token(l.WHITESPACE, l.space^1)
12
-
13
- -- Comments.
14
- local comment = token(l.COMMENT, '/*' * (l.any - '*/')^0 * P('*/')^-1)
15
-
16
- -- Strings.
17
- local sq_str = l.delimited_range("'")
18
- local dq_str = l.delimited_range('"')
19
- local string = token(l.STRING, sq_str + dq_str)
20
-
21
- -- Numbers.
22
- local number = token(l.NUMBER, l.digit^1)
23
-
24
- -- Keywords.
25
- local css1_property = word_match({
26
- 'color', 'background-color', 'background-image', 'background-repeat',
27
- 'background-attachment', 'background-position', 'background', 'font-family',
28
- 'font-style', 'font-variant', 'font-weight', 'font-size', 'font',
29
- 'word-spacing', 'letter-spacing', 'text-decoration', 'vertical-align',
30
- 'text-transform', 'text-align', 'text-indent', 'line-height', 'margin-top',
31
- 'margin-right', 'margin-bottom', 'margin-left', 'margin', 'padding-top',
32
- 'padding-right', 'padding-bottom', 'padding-left', 'padding',
33
- 'border-top-width', 'border-right-width', 'border-bottom-width',
34
- 'border-left-width', 'border-width', 'border-top', 'border-right',
35
- 'border-bottom', 'border-left', 'border', 'border-color', 'border-style',
36
- 'width', 'height', 'float', 'clear', 'display', 'white-space',
37
- 'list-style-type', 'list-style-image', 'list-style-position', 'list-style'
38
- }, '-')
39
- local css1_value = word_match({
40
- 'auto', 'none', 'normal', 'italic', 'oblique', 'small-caps', 'bold', 'bolder',
41
- 'lighter', 'xx-small', 'x-small', 'small', 'medium', 'large', 'x-large',
42
- 'xx-large', 'larger', 'smaller', 'transparent', 'repeat', 'repeat-x',
43
- 'repeat-y', 'no-repeat', 'scroll', 'fixed', 'top', 'bottom', 'left', 'center',
44
- 'right', 'justify', 'both', 'underline', 'overline', 'line-through', 'blink',
45
- 'baseline', 'sub', 'super', 'text-top', 'middle', 'text-bottom', 'capitalize',
46
- 'uppercase', 'lowercase', 'thin', 'medium', 'thick', 'dotted', 'dashed',
47
- 'solid', 'double', 'groove', 'ridge', 'inset', 'outset', 'block', 'inline',
48
- 'list-item', 'pre', 'no-wrap', 'inside', 'outside', 'disc', 'circle',
49
- 'square', 'decimal', 'lower-roman', 'upper-roman', 'lower-alpha',
50
- 'upper-alpha', 'aqua', 'black', 'blue', 'fuchsia', 'gray', 'green', 'lime',
51
- 'maroon', 'navy', 'olive', 'purple', 'red', 'silver', 'teal', 'white',
52
- 'yellow'
53
- }, '-')
54
- local css2_property = word_match({
55
- 'border-top-color', 'border-right-color', 'border-bottom-color',
56
- 'border-left-color', 'border-color', 'border-top-style', 'border-right-style',
57
- 'border-bottom-style', 'border-left-style', 'border-style', 'top', 'right',
58
- 'bottom', 'left', 'position', 'z-index', 'direction', 'unicode-bidi',
59
- 'min-width', 'max-width', 'min-height', 'max-height', 'overflow', 'clip',
60
- 'visibility', 'content', 'quotes', 'counter-reset', 'counter-increment',
61
- 'marker-offset', 'size', 'marks', 'page-break-before', 'page-break-after',
62
- 'page-break-inside', 'page', 'orphans', 'widows', 'font-stretch',
63
- 'font-size-adjust', 'unicode-range', 'units-per-em', 'src', 'panose-1',
64
- 'stemv', 'stemh', 'slope', 'cap-height', 'x-height', 'ascent', 'descent',
65
- 'widths', 'bbox', 'definition-src', 'baseline', 'centerline', 'mathline',
66
- 'topline', 'text-shadow', 'caption-side', 'table-layout', 'border-collapse',
67
- 'border-spacing', 'empty-cells', 'speak-header', 'cursor', 'outline',
68
- 'outline-width', 'outline-style', 'outline-color', 'volume', 'speak',
69
- 'pause-before', 'pause-after', 'pause', 'cue-before', 'cue-after', 'cue',
70
- 'play-during', 'azimuth', 'elevation', 'speech-rate', 'voice-family', 'pitch',
71
- 'pitch-range', 'stress', 'richness', 'speak-punctuation', 'speak-numeral'
72
- }, '-')
73
- local css2_value = word_match({
74
- 'inherit', 'run-in', 'compact', 'marker', 'table', 'inline-table',
75
- 'table-row-group', 'table-header-group', 'table-footer-group', 'table-row',
76
- 'table-column-group', 'table-column', 'table-cell', 'table-caption', 'static',
77
- 'relative', 'absolute', 'fixed', 'ltr', 'rtl', 'embed', 'bidi-override',
78
- 'visible', 'hidden', 'scroll', 'collapse', 'open-quote', 'close-quote',
79
- 'no-open-quote', 'no-close-quote', 'decimal-leading-zero', 'lower-greek',
80
- 'lower-latin', 'upper-latin', 'hebrew', 'armenian', 'georgian',
81
- 'cjk-ideographic', 'hiragana', 'katakana', 'hiragana-iroha', 'katakana-iroha',
82
- 'landscape', 'portrait', 'crop', 'cross', 'always', 'avoid', 'wider',
83
- 'narrower', 'ultra-condensed', 'extra-condensed', 'condensed',
84
- 'semi-condensed', 'semi-expanded', 'expanded', 'extra-expanded',
85
- 'ultra-expanded', 'caption', 'icon', 'menu', 'message-box', 'small-caption',
86
- 'status-bar', 'separate', 'show', 'hide', 'once', 'crosshair', 'default',
87
- 'pointer', 'move', 'text', 'wait', 'help', 'e-resize', 'ne-resize',
88
- 'nw-resize', 'n-resize', 'se-resize', 'sw-resize', 's-resize', 'w-resize',
89
- 'ActiveBorder', 'ActiveCaption', 'AppWorkspace', 'Background', 'ButtonFace',
90
- 'ButtonHighlight', 'ButtonShadow', 'InactiveCaptionText', 'ButtonText',
91
- 'CaptionText', 'GrayText', 'Highlight', 'HighlightText', 'InactiveBorder',
92
- 'InactiveCaption', 'InfoBackground', 'InfoText', 'Menu', 'MenuText',
93
- 'Scrollbar', 'ThreeDDarkShadow', 'ThreeDFace', 'ThreeDHighlight',
94
- 'ThreeDLightShadow', 'ThreeDShadow', 'Window', 'WindowFrame', 'WindowText',
95
- 'silent', 'x-soft', 'soft', 'medium', 'loud', 'x-loud', 'spell-out', 'mix',
96
- 'left-side', 'far-left', 'center-left', 'center-right', 'far-right',
97
- 'right-side', 'behind', 'leftwards', 'rightwards', 'below', 'level', 'above',
98
- 'higher', 'lower', 'x-slow', 'slow', 'medium', 'fast', 'x-fast', 'faster',
99
- 'slower', 'male', 'female', 'child', 'x-low', 'low', 'high', 'x-high', 'code',
100
- 'digits', 'continous'
101
- }, '-')
102
-
103
- local css3_property = word_match({
104
- 'align-content', 'align-items', 'align-self', 'alignment-adjust',
105
- 'alignment-baseline', 'all', 'anchor-point', 'animation', 'animation-delay',
106
- 'animation-direction', 'animation-duration', 'animation-fill-mode',
107
- 'animation-iteration-count', 'animation-name', 'animation-play-state',
108
- 'animation-timing-function', 'backface-visibility', 'background-clip',
109
- 'background-origin', 'background-size', 'baseline-shift', 'binding', 'bleed',
110
- 'bookmark-label', 'bookmark-level', 'bookmark-state', 'border-bottom-left-radius',
111
- 'border-bottom-right-radius', 'border-image', 'border-image-outset',
112
- 'border-image-repeat', 'border-image-slice', 'border-image-source',
113
- 'border-image-width', 'border-radius', 'border-top-left-radius',
114
- 'border-top-right-radius', 'box-decoration-break', 'box-shadow', 'box-sizing',
115
- 'box-snap', 'box-suppress', 'break-after', 'break-before', 'break-inside',
116
- 'chains', 'clip-path', 'clip-rule', 'color-interpolation-filters', 'column-count',
117
- 'column-fill', 'column-gap', 'column-rule', 'column-rule-color', 'column-rule-style',
118
- 'column-rule-width', 'column-span', 'column-width', 'columns', 'contain',
119
- 'counter-set', 'crop', 'display-inside', 'display-list', 'display-outside',
120
- 'dominant-baseline', 'filter', 'flex', 'flex-basis', 'flex-direction', 'flex-flow',
121
- 'flex-grow', 'flex-shrink', 'flex-wrap', 'float-offset', 'flood-color',
122
- 'flood-opacity', 'flow-from', 'flow-into', 'font-feature-settings', 'font-kerning',
123
- 'font-language-override', 'font-synthesis', 'font-variant-alternates',
124
- 'font-variant-caps', 'font-variant-east-asian', 'font-variant-ligatures',
125
- 'font-variant-numeric', 'font-variant-position', 'grid', 'grid-area',
126
- 'grid-auto-columns', 'grid-auto-flow', 'grid-auto-rows', 'grid-column',
127
- 'grid-column-end', 'grid-column-start', 'grid-row', 'grid-row-end', 'grid-row-start',
128
- 'grid-template', 'grid-template-areas', 'grid-template-columns', 'grid-template-rows',
129
- 'hanging-punctuation', 'hyphens', 'icon', 'image-orientation', 'image-resolution',
130
- 'ime-mode', 'initial-letters', 'inline-box-align', 'justify-content', 'justify-items',
131
- 'justify-self', 'lighting-color', 'line-box-contain', 'line-break', 'line-grid',
132
- 'line-snap', 'line-stacking', 'line-stacking-ruby', 'line-stacking-shift',
133
- 'line-stacking-strategy', 'marker-side', 'mask', 'mask-box', 'mask-box-outset',
134
- 'mask-box-repeat', 'mask-box-slice', 'mask-box-source', 'mask-box-width',
135
- 'mask-clip', 'mask-image', 'mask-origin', 'mask-position', 'mask-repeat', 'mask-size',
136
- 'mask-source-type', 'mask-type', 'max-lines', 'move-to', 'nav-down', 'nav-index',
137
- 'nav-left', 'nav-right', 'nav-up', 'object-fit', 'object-position', 'opacity',
138
- 'order', 'outline-offset', 'overflow-wrap', 'overflow-x', 'overflow-y', 'page-policy',
139
- 'perspective', 'perspective-origin', 'presentation-level', 'region-fragment',
140
- 'resize', 'rest', 'rest-after', 'rest-before', 'rotation', 'rotation-point',
141
- 'ruby-align', 'ruby-merge', 'ruby-position', 'shape-image-threshold', 'shape-outside',
142
- 'shape-margin', 'speak-as', 'string-set', 'tab-size', 'text-align-last',
143
- 'text-combine-upright', 'text-decoration-color', 'text-decoration-line',
144
- 'text-decoration-skip', 'text-decoration-style', 'text-emphasis', 'text-emphasis-color',
145
- 'text-emphasis-color', 'text-emphasis-style', 'text-height', 'text-justify',
146
- 'text-orientation', 'text-overflow', 'text-space-collapse', 'text-underline-position',
147
- 'text-wrap', 'transform', 'transform-origin', 'transform-style', 'transition',
148
- 'transition-delay', 'transition-duration', 'transition-property',
149
- 'transition-timing-function', 'voice-balance', 'voice-duration', 'voice-pitch',
150
- 'voice-range', 'voice-rate', 'voice-stress', 'voice-volume', 'will-change',
151
- 'word-break', 'word-wrap', 'wrap-flow', 'wrap-through', 'writing-mode',
152
- })
153
-
154
-
155
- local property = token('property', css1_property + css2_property + css3_property)
156
- local value = token('value', css1_value + css2_value)
157
- local keyword = property + value
158
-
159
- -- Identifiers.
160
- local identifier = token(l.IDENTIFIER, l.alpha * (l.alnum + S('_-'))^0)
161
-
162
- -- Operators.
163
- local operator = token(l.OPERATOR, S('~!#*>+=|.,:;()[]{}'))
164
-
165
- -- At rule.
166
- local at_rule = token('at_rule', P('@') * word_match{
167
- 'charset', 'font-face', 'media', 'page', 'import'
168
- })
169
-
170
- -- Colors.
171
- local xdigit = l.xdigit
172
- local hex_color = '#' * xdigit * xdigit * xdigit * (xdigit * xdigit * xdigit)^-1
173
- local color_name = word_match{
174
- 'aqua', 'black', 'blue', 'fuchsia', 'gray', 'green', 'lime', 'maroon', 'navy',
175
- 'olive', 'orange', 'purple', 'red', 'silver', 'teal', 'white', 'yellow'
176
- }
177
- local color = token('color', hex_color + color_name)
178
-
179
- -- Pseudo.
180
- local pseudo = token(l.CONSTANT, word_match({
181
- -- Pseudo elements.
182
- 'first-line', 'first-letter', 'before', 'after',
183
- -- Pseudo classes.
184
- 'first-child', 'link', 'visited', 'hover', 'active', 'focus', 'lang',
185
- }, '-'))
186
-
187
- -- Units.
188
- local unit = token('unit', word_match{
189
- 'em', 'ex', 'px', 'pt', 'pc', 'in', 'ft', 'mm', 'cm', 'kHz', 'Hz', 'deg',
190
- 'rad', 'grad', 'ms', 's'
191
- } + '%')
11
+ local ws = token('whitespace', l.space^1)
12
+
13
+ -- comments
14
+ local comment = token('comment', '/*' * (l.any - '*/')^0 * P('*/')^-1)
15
+
16
+ local word_char = l.alnum + S('_-')
17
+ local identifier = (l.alpha + '-')^1 * word_char^0
18
+
19
+ -- strings
20
+ local sq_str = delimited_range("'", '\\', true)
21
+ local dq_str = delimited_range('"', '\\', true)
22
+ local string = token('string', sq_str + dq_str)
23
+
24
+ local colon = token('operator', ':')
25
+ local semicolon = token('operator', ';')
26
+ local comma = token('operator', ',')
27
+ local obrace = token('operator', '{')
28
+ local cbrace = token('operator', '}')
29
+ local bang = token('operator', '!')
30
+
31
+ -- selectors
32
+ local attribute = '[' * word_char^1 * (S('|~')^-1 * '=' * (identifier + sq_str + dq_str))^-1 * ']'
33
+ local class_id_selector = identifier^-1 * S('.#') * identifier
34
+ local pseudoclass = word_match({
35
+ 'first-letter', 'first-line', 'link', 'active', 'visited',
36
+ 'first-child', 'focus', 'hover', 'lang', 'before', 'after',
37
+ 'left', 'right', 'first'
38
+ }, '-', true)
39
+ local selector = P('*') * ws + (class_id_selector + identifier + '*') * attribute^-1
40
+ selector = token('selector', selector * (ws * selector)^0) *
41
+ (token('selector', ':' * pseudoclass) + token('default_selector', ':' * word_char^1))^-1
42
+ selector = selector * (ws^0 * (comma + token('selector', S('>+*'))) * ws^0 * selector)^0
43
+
44
+ -- css properties and values
45
+ local property_name = token('property_name', word_char^1)
46
+ local value = token('value', bang^0 * word_char^1)
47
+
48
+ -- colors, units, numbers, and urls
49
+ local hexcolor = token('color', '#' * l.xdigit * l.xdigit * l.xdigit * (l.xdigit * l.xdigit * l.xdigit)^-1)
50
+ local rgbunit = (l.digit^1 * P('%')^-1)
51
+ local rgbcolor = token('color', word_match({'rgb'}, nil, true) * '(' * rgbunit * ',' * rgbunit * ',' * rgbunit * ')')
52
+ local color = hexcolor + rgbcolor
53
+ local unit = word_match({
54
+ 'pt', 'mm', 'cm', 'pc', 'in', 'px', 'em', 'ex', 'deg',
55
+ 'rad', 'grad', 'ms', 's', 'Hz', 'kHz'
56
+ }, nil, true)
57
+ unit = token('unit', unit + '%')
58
+ local css_float = l.digit^0 * '.' * l.digit^1 + l.digit^1 * '.' * l.digit^0 + l.digit^1
59
+ local number = token('number', S('+-')^-1 * css_float) * unit^-1
60
+ local func = parent_token('function', token('function_name', identifier) * token('function_param', delimited_range('()', true, false, true)))
61
+ -- declaration block
62
+ local block_default_char = token('default_block_char', (l.any - '}')^1)
63
+ local property_value = parent_token('property_value', string + number + color + func + value)
64
+ local property_values = { property_value * (ws * property_value)^0 * (ws^0 * comma * ws^0 * V(1))^0 }
65
+ local declaration_value = colon * ws^0 * property_values * ws^0 * semicolon^0
66
+ local declaration_property = property_name * ws^0
67
+ local declaration = parent_token('declaration', (declaration_property * (declaration_value + block_default_char)) + comment + block_default_char)
68
+ local declaration_block = parent_token('declaration_block', obrace * ws^0 * declaration * (ws * declaration)^0 * ws^0 * cbrace^-1)
69
+
70
+ local css_element = selector * ws^0 * declaration_block^-1
71
+
72
+ -- at rules
73
+ local at_rule_name = token('at_rule_name', '@' * word_match({
74
+ 'import', 'media', 'page', 'font-face', 'charset'
75
+ }, '-', true))
76
+ local at_rule_arg = token('at_rule_arg', word_match({
77
+ 'all', 'aural', 'braille', 'embossed', 'handheld', 'print',
78
+ 'projection', 'screen', 'tty', 'tv'
79
+ }, nil, true))
80
+ local at_rule = parent_token('at_rule', at_rule_name * (ws * (at_rule_arg + func + string) )^-1)
192
81
 
193
82
  -- Immunio marker
194
83
  local marker = l.token('marker', P('{immunio-var:') * l.integer * ':' * l.xdigit^1 * '}')
195
84
 
196
85
  M._rules = {
197
86
  {'whitespace', ws},
198
- {'marker', marker},
199
- {'keyword', keyword},
200
- {'pseudo', pseudo},
201
- {'color', color},
202
- {'identifier', identifier},
203
- {'string', string},
204
87
  {'comment', comment},
205
- {'number', number * unit^-1},
206
- {'operator', operator},
88
+ {'marker', marker},
207
89
  {'at_rule', at_rule},
90
+ {'string', string},
91
+ {'css_element', css_element},
208
92
  }
93
+ M.declaration = declaration -- so we can access it in sub-lexer for attrs
209
94
 
210
95
  M._tokenstyles = {
211
96
  }
@@ -0,0 +1,13 @@
1
+ -- Lexer for CSS style attributes. These are slightly different as we need to
2
+ -- start lexing inside a declaration rather than at the selector level...
3
+ M = require('css')
4
+ -- For attributes, remove the css_element rule which includes
5
+ -- selector and delaration block tokens
6
+ for k,v in ipairs(M._rules) do
7
+ if v[1] == 'css_element' then
8
+ M._rules[k] = nil
9
+ end
10
+ end
11
+ -- Instead insert a top level token for declarations.
12
+ table.insert(M._rules, {'declaration', M.declaration})
13
+ return M
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: immunio
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Immunio
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-10-02 00:00:00.000000000 Z
11
+ date: 2015-10-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -414,12 +414,15 @@ files:
414
414
  - lua-hooks/ext/luautf8/README.md
415
415
  - lua-hooks/ext/luautf8/lutf8lib.c
416
416
  - lua-hooks/ext/luautf8/unidata.h
417
+ - lua-hooks/ext/sha1/luasha1.c
418
+ - lua-hooks/ext/sha1/sha1.c
417
419
  - lua-hooks/lib/boot.lua
418
420
  - lua-hooks/lib/encode.lua
419
421
  - lua-hooks/lib/lexers/LICENSE
420
422
  - lua-hooks/lib/lexers/bash.lua
421
423
  - lua-hooks/lib/lexers/bash_dqstr.lua
422
424
  - lua-hooks/lib/lexers/css.lua
425
+ - lua-hooks/lib/lexers/css_attr.lua
423
426
  - lua-hooks/lib/lexers/html.lua
424
427
  - lua-hooks/lib/lexers/javascript.lua
425
428
  - lua-hooks/lib/lexers/lexer.lua