immunio 1.0.4 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/immunio/agent.rb +9 -9
- data/lib/immunio/authentication.rb +1 -1
- data/lib/immunio/channel.rb +15 -15
- data/lib/immunio/plugins/active_record.rb +3 -3
- data/lib/immunio/plugins/authlogic.rb +3 -3
- data/lib/immunio/plugins/csrf.rb +1 -1
- data/lib/immunio/plugins/devise.rb +1 -1
- data/lib/immunio/plugins/eval.rb +1 -1
- data/lib/immunio/plugins/http_finisher.rb +2 -2
- data/lib/immunio/plugins/http_tracker.rb +1 -1
- data/lib/immunio/plugins/io.rb +7 -7
- data/lib/immunio/plugins/redirect.rb +2 -2
- data/lib/immunio/plugins/warden.rb +5 -6
- data/lib/immunio/processor.rb +7 -7
- data/lib/immunio/request.rb +3 -3
- data/lib/immunio/version.rb +1 -1
- data/lib/immunio/vm.rb +6 -6
- data/lua-hooks/Makefile +49 -6
- data/lua-hooks/lib/boot.lua +49 -277
- metadata +2 -11
- data/lua-hooks/lib/encode.lua +0 -4
- data/lua-hooks/lib/lexers/LICENSE +0 -21
- data/lua-hooks/lib/lexers/bash.lua +0 -134
- data/lua-hooks/lib/lexers/bash_dqstr.lua +0 -59
- data/lua-hooks/lib/lexers/css.lua +0 -101
- data/lua-hooks/lib/lexers/css_attr.lua +0 -13
- data/lua-hooks/lib/lexers/html.lua +0 -113
- data/lua-hooks/lib/lexers/javascript.lua +0 -68
- data/lua-hooks/lib/lexers/lexer.lua +0 -1575
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9f09a35175c2a6fb7e3a53ac0897709631a1a49e
|
4
|
+
data.tar.gz: 6963085e60f7f14329e96e559da6924fbd8f2ab7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2ba1db8defbc5b5ae08e33119c468f205ea0d5f75e10e5a4c4ed316da4bd9526696c0676782635c4705c90abc1c4e37a83b96f74230d0a7c3f4c5740f8acf823
|
7
|
+
data.tar.gz: 7901d9dd4ba9008a017abe2690e6cbfcd16daa591d21d23dd8c5f91f070089420661499069274b48ac1121f20d02f6d94b27ce6532a6e6209594ef7dd9fabd85
|
data/lib/immunio/agent.rb
CHANGED
@@ -73,7 +73,7 @@ module Immunio
|
|
73
73
|
config_accessor :vm_data
|
74
74
|
|
75
75
|
def initialize
|
76
|
-
Immunio.logger.info "Initializing agent version #{VERSION} for process #{Process.pid}"
|
76
|
+
Immunio.logger.info { "Initializing agent version #{VERSION} for process #{Process.pid}" }
|
77
77
|
|
78
78
|
config.key = config.secret = "-default-"
|
79
79
|
config.hello_url = "https://agent.immun.io/"
|
@@ -107,7 +107,7 @@ module Immunio
|
|
107
107
|
Immunio::switch_to_real_logger(config.log_file, config.log_level)
|
108
108
|
|
109
109
|
if !config.agent_enabled then
|
110
|
-
Immunio.logger.info "Agent disabled in config"
|
110
|
+
Immunio.logger.info { "Agent disabled in config" }
|
111
111
|
return
|
112
112
|
end
|
113
113
|
|
@@ -148,7 +148,7 @@ module Immunio
|
|
148
148
|
end
|
149
149
|
|
150
150
|
def load_config
|
151
|
-
Immunio.logger.debug "Default configuration: #{config}"
|
151
|
+
Immunio.logger.debug { "Default configuration: #{config}" }
|
152
152
|
|
153
153
|
# Try loading file from some standard locations. First match is used.
|
154
154
|
locations = []
|
@@ -156,16 +156,16 @@ module Immunio
|
|
156
156
|
locations << File.join("config", CONFIG_FILENAME)
|
157
157
|
|
158
158
|
locations.each do |location|
|
159
|
-
Immunio.logger.debug "Trying to find config file at #{location}"
|
159
|
+
Immunio.logger.debug { "Trying to find config file at #{location}" }
|
160
160
|
begin
|
161
161
|
realpath = File.realpath(location) # Raises exception if file doesn't exist
|
162
|
-
Immunio.logger.debug "Found config file at #{realpath}"
|
162
|
+
Immunio.logger.debug { "Found config file at #{realpath}" }
|
163
163
|
options = YAML.load_file(realpath).symbolize_keys
|
164
164
|
config.update options
|
165
|
-
Immunio.logger.debug "Configuration after loading from file: #{config}"
|
165
|
+
Immunio.logger.debug { "Configuration after loading from file: #{config}" }
|
166
166
|
break
|
167
167
|
rescue SystemCallError => e
|
168
|
-
Immunio.logger.debug "Failed to load config: #{e}"
|
168
|
+
Immunio.logger.debug { "Failed to load config: #{e}" }
|
169
169
|
end
|
170
170
|
end
|
171
171
|
|
@@ -191,12 +191,12 @@ module Immunio
|
|
191
191
|
end
|
192
192
|
end
|
193
193
|
|
194
|
-
Immunio.logger.debug "Configuration after evaluating env vars: #{config}"
|
194
|
+
Immunio.logger.debug { "Configuration after evaluating env vars: #{config}" }
|
195
195
|
|
196
196
|
# Remove any requested plugins, then add any requested plugins.
|
197
197
|
config.plugins_active.subtract(config.plugins_disabled)
|
198
198
|
config.plugins_active.merge(config.plugins_enabled)
|
199
|
-
Immunio.logger.info "Active plugins: #{config.plugins_active.to_a}"
|
199
|
+
Immunio.logger.info { "Active plugins: #{config.plugins_active.to_a}" }
|
200
200
|
|
201
201
|
end
|
202
202
|
|
@@ -58,7 +58,7 @@ module Immunio
|
|
58
58
|
private
|
59
59
|
def parse_opts(options_ro)
|
60
60
|
unless options_ro.is_a? Hash
|
61
|
-
Immunio.logger.warn "Passed a non-hash options object into an authentication method: #{options_ro.inspect}"
|
61
|
+
Immunio.logger.warn { "Passed a non-hash options object into an authentication method: #{options_ro.inspect}" }
|
62
62
|
return
|
63
63
|
end
|
64
64
|
|
data/lib/immunio/channel.rb
CHANGED
@@ -75,7 +75,7 @@ module Immunio
|
|
75
75
|
def stop
|
76
76
|
return unless @started
|
77
77
|
|
78
|
-
Immunio.logger.debug "Stopping channel"
|
78
|
+
Immunio.logger.debug { "Stopping channel" }
|
79
79
|
|
80
80
|
@started = false
|
81
81
|
@ready = false
|
@@ -92,8 +92,8 @@ module Immunio
|
|
92
92
|
|
93
93
|
def send_encoded_message(message)
|
94
94
|
if @message_queue.size > @config.max_send_queue_size
|
95
|
-
Immunio.logger.warn "Dropping message for agent manager due to queue overflow (#{@message_queue.size} > #{@config.max_send_queue_size})"
|
96
|
-
Immunio.logger.debug "Dropped message: (#{message})"
|
95
|
+
Immunio.logger.warn { "Dropping message for agent manager due to queue overflow (#{@message_queue.size} > #{@config.max_send_queue_size})" }
|
96
|
+
Immunio.logger.debug { "Dropped message: (#{message})" }
|
97
97
|
# No room for this message on the queue. Discard.
|
98
98
|
@dropped_message_count += 1
|
99
99
|
return
|
@@ -122,11 +122,11 @@ module Immunio
|
|
122
122
|
return
|
123
123
|
end
|
124
124
|
|
125
|
-
Immunio.logger.debug "Channel waiting #{@config.ready_timeout.to_i} seconds until ready..."
|
125
|
+
Immunio.logger.debug { "Channel waiting #{@config.ready_timeout.to_i} seconds until ready..." }
|
126
126
|
Timeout.timeout @config.ready_timeout.to_i do
|
127
127
|
# Wait until we get a response from the agentmanager
|
128
128
|
sleep 0.1 until ready?
|
129
|
-
Immunio.logger.debug "Channel ready!"
|
129
|
+
Immunio.logger.debug { "Channel ready!" }
|
130
130
|
end
|
131
131
|
end
|
132
132
|
|
@@ -139,7 +139,7 @@ module Immunio
|
|
139
139
|
private
|
140
140
|
# Core method running in a thread
|
141
141
|
def run
|
142
|
-
Immunio.logger.debug "Starting channel on thread #{Thread.current.object_id}"
|
142
|
+
Immunio.logger.debug { "Starting channel on thread #{Thread.current.object_id}" }
|
143
143
|
# Create an empty cert_store to prevent Faraday from using the system default OpenSSL store.
|
144
144
|
cert_store = OpenSSL::X509::Store.new
|
145
145
|
# Setup the connection for making requests to the server.
|
@@ -177,11 +177,11 @@ module Immunio
|
|
177
177
|
|
178
178
|
def log_error(e)
|
179
179
|
if @error_count == 1
|
180
|
-
Immunio.logger.warn "Connection failed after #{@success_count} successes: #{e} (#{e.class})"
|
180
|
+
Immunio.logger.warn { "Connection failed after #{@success_count} successes: #{e} (#{e.class})" }
|
181
181
|
else
|
182
|
-
Immunio.logger.warn "Connection failure [#{@error_count}]: #{e} (#{e.class})"
|
182
|
+
Immunio.logger.warn { "Connection failure [#{@error_count}]: #{e} (#{e.class})" }
|
183
183
|
end
|
184
|
-
Immunio.logger.debug e.backtrace.join("\n")
|
184
|
+
Immunio.logger.debug { e.backtrace.join("\n") }
|
185
185
|
end
|
186
186
|
|
187
187
|
def exponential_backoff()
|
@@ -195,7 +195,7 @@ module Immunio
|
|
195
195
|
delay_ms *= rand
|
196
196
|
delay_ms = delay_ms.round
|
197
197
|
|
198
|
-
Immunio.logger.info "Delaying #{delay_ms} ms before next request"
|
198
|
+
Immunio.logger.info { "Delaying #{delay_ms} ms before next request" }
|
199
199
|
sleep delay_ms / 1000.0
|
200
200
|
end
|
201
201
|
|
@@ -236,7 +236,7 @@ module Immunio
|
|
236
236
|
raise Error, "No URL in HELLO response: #{response.body}"
|
237
237
|
end
|
238
238
|
|
239
|
-
Immunio.logger.info "Agent connected to #{@config.hello_url}"
|
239
|
+
Immunio.logger.info { "Agent connected to #{@config.hello_url}" }
|
240
240
|
end
|
241
241
|
|
242
242
|
# Execute a block for at max a given time to match `@config.max_report_interval`.
|
@@ -275,8 +275,8 @@ module Immunio
|
|
275
275
|
if send_buffer_has_room used_bytes
|
276
276
|
add_to_send_buffer @next_message
|
277
277
|
else
|
278
|
-
Immunio.logger.warn "Dropped message over max byte send size, next message size #{@next_message.bytesize}"
|
279
|
-
Immunio.logger.debug "Dropped next message used: #{used_bytes} over max byte: #{@next_message}"
|
278
|
+
Immunio.logger.warn { "Dropped message over max byte send size, next message size #{@next_message.bytesize}" }
|
279
|
+
Immunio.logger.debug { "Dropped next message used: #{used_bytes} over max byte: #{@next_message}" }
|
280
280
|
@dropped_message_count += 1
|
281
281
|
end
|
282
282
|
@next_message = nil
|
@@ -388,7 +388,7 @@ module Immunio
|
|
388
388
|
if response.status >= 400 and response.status < 500 then
|
389
389
|
# 4XX response codes should NOT be retried. Discard the report.
|
390
390
|
@rejected_message_count += @send_buffer.size
|
391
|
-
Immunio.logger.trace "Rejecting #{@send_buffer.size} messages"
|
391
|
+
Immunio.logger.trace { "Rejecting #{@send_buffer.size} messages" }
|
392
392
|
@send_buffer = []
|
393
393
|
@send_buffer_bytes = 0
|
394
394
|
|
@@ -409,7 +409,7 @@ module Immunio
|
|
409
409
|
# Update local data from response
|
410
410
|
new_agent_uuid = body["agent_uuid"]
|
411
411
|
if new_agent_uuid
|
412
|
-
Immunio.logger.info "Agent UUID: #{new_agent_uuid}" if new_agent_uuid != @agent_uuid
|
412
|
+
Immunio.logger.info { "Agent UUID: #{new_agent_uuid}" } if new_agent_uuid != @agent_uuid
|
413
413
|
@agent_uuid = new_agent_uuid
|
414
414
|
end
|
415
415
|
@send_seq += @send_buffer.size
|
@@ -544,7 +544,7 @@ module Immunio
|
|
544
544
|
name = params.size.to_s
|
545
545
|
end
|
546
546
|
|
547
|
-
Immunio.logger.debug "Adding ActiveRecord SQL param to relation #{relation_id} (name: #{name}, value: #{value})"
|
547
|
+
Immunio.logger.debug { "Adding ActiveRecord SQL param to relation #{relation_id} (name: #{name}, value: #{value})" }
|
548
548
|
|
549
549
|
params[name] = value
|
550
550
|
end
|
@@ -582,14 +582,14 @@ module Immunio
|
|
582
582
|
# to a statement.
|
583
583
|
def call(payload)
|
584
584
|
Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
|
585
|
-
Immunio.logger.debug "New ActiveRecord SQL query: #{payload}"
|
585
|
+
Immunio.logger.debug { "New ActiveRecord SQL query: #{payload}" }
|
586
586
|
|
587
587
|
connection_id = payload[:connection_id]
|
588
588
|
|
589
589
|
relation_id = @relations[connection_id].last
|
590
590
|
|
591
591
|
if should_ignore? payload[:sql]
|
592
|
-
Immunio.logger.debug "Ignoring query as it was generated by ActiveRecord itself (#{payload[:sql]})"
|
592
|
+
Immunio.logger.debug { "Ignoring query as it was generated by ActiveRecord itself (#{payload[:sql]})" }
|
593
593
|
return
|
594
594
|
end
|
595
595
|
|
@@ -52,7 +52,7 @@ if defined? Authlogic
|
|
52
52
|
def immunio_check_failed_login
|
53
53
|
if errors.any?
|
54
54
|
Immunio::Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
|
55
|
-
Immunio.logger.debug "Authlogic instrumentation fired for before_failure with opts #{opts}"
|
55
|
+
Immunio.logger.debug { "Authlogic instrumentation fired for before_failure with opts #{opts}" }
|
56
56
|
Immunio.failed_login opts
|
57
57
|
end
|
58
58
|
end
|
@@ -60,14 +60,14 @@ if defined? Authlogic
|
|
60
60
|
|
61
61
|
def immunio_logout
|
62
62
|
Immunio::Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
|
63
|
-
Immunio.logger.debug "Authlogic instrumentation fired for logout with opts #{opts}"
|
63
|
+
Immunio.logger.debug { "Authlogic instrumentation fired for logout with opts #{opts}" }
|
64
64
|
Immunio.logout opts
|
65
65
|
end
|
66
66
|
end
|
67
67
|
|
68
68
|
def immunio_set_user
|
69
69
|
Immunio::Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
|
70
|
-
Immunio.logger.debug "Authlogic instrumentation fired for after_set_user with opts #{opts}"
|
70
|
+
Immunio.logger.debug { "Authlogic instrumentation fired for after_set_user with opts #{opts}" }
|
71
71
|
Immunio.set_user opts
|
72
72
|
end
|
73
73
|
end
|
data/lib/immunio/plugins/csrf.rb
CHANGED
@@ -9,7 +9,7 @@ module Immunio
|
|
9
9
|
protected
|
10
10
|
def verify_authenticity_token_with_immunio
|
11
11
|
Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
|
12
|
-
Immunio.logger.debug "ActiveSupport checking CSRF token"
|
12
|
+
Immunio.logger.debug { "ActiveSupport checking CSRF token" }
|
13
13
|
|
14
14
|
Immunio.run_hook! "csrf", "framework_csrf_check", valid: verified_request?
|
15
15
|
|
@@ -18,7 +18,7 @@ if defined? Devise
|
|
18
18
|
|
19
19
|
def send_reset_password_instructions_with_immunio(attributes={})
|
20
20
|
Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
|
21
|
-
Immunio.logger.debug "Devise instrumentation fired for send_reset_password_instructions"
|
21
|
+
Immunio.logger.debug { "Devise instrumentation fired for send_reset_password_instructions" }
|
22
22
|
|
23
23
|
recoverable = find_or_initialize_with_errors(reset_password_keys, attributes, :not_found)
|
24
24
|
|
data/lib/immunio/plugins/eval.rb
CHANGED
@@ -10,7 +10,7 @@ module Immunio
|
|
10
10
|
def call(env)
|
11
11
|
status, headers, body = @app.call(env)
|
12
12
|
if Request.current
|
13
|
-
Immunio.logger.debug "Finishing request in HTTPFinisher"
|
13
|
+
Immunio.logger.debug { "Finishing request in HTTPFinisher" }
|
14
14
|
[status, headers, BodyWrapper.new(body)]
|
15
15
|
else
|
16
16
|
[status, headers, body]
|
@@ -47,4 +47,4 @@ module Immunio
|
|
47
47
|
@body.respond_to?(*args)
|
48
48
|
end
|
49
49
|
end
|
50
|
-
end
|
50
|
+
end
|
@@ -11,7 +11,7 @@ module Immunio
|
|
11
11
|
def call(env)
|
12
12
|
request = Request.new(env)
|
13
13
|
request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
|
14
|
-
Immunio.logger.debug "Creating new request in HTTPTracker"
|
14
|
+
Immunio.logger.debug { "Creating new request in HTTPTracker" }
|
15
15
|
Immunio.new_request(request)
|
16
16
|
|
17
17
|
Immunio.run_hook! "http_tracker", "http_request_start", meta_from_env(env)
|
data/lib/immunio/plugins/io.rb
CHANGED
@@ -17,7 +17,7 @@ module Immunio
|
|
17
17
|
end # end
|
18
18
|
end # end
|
19
19
|
EOF
|
20
|
-
Immunio.logger.debug "IO: successfully chained #{name} #{methods}"
|
20
|
+
Immunio.logger.debug { "IO: successfully chained #{name} #{methods}" }
|
21
21
|
methods.each do |method|
|
22
22
|
mod.class_eval <<-EOF
|
23
23
|
def #{method}_with_immunio(*args, &block) # def read_with_immunio(*args, &block)
|
@@ -35,7 +35,7 @@ module Immunio
|
|
35
35
|
end
|
36
36
|
end # end
|
37
37
|
EOF
|
38
|
-
Immunio.logger.debug "IO: successfully created hook for #{name} #{method}"
|
38
|
+
Immunio.logger.debug { "IO: successfully created hook for #{name} #{method}" }
|
39
39
|
end
|
40
40
|
end
|
41
41
|
end
|
@@ -43,7 +43,7 @@ module Immunio
|
|
43
43
|
module IOClassHooks
|
44
44
|
IOHooks.inject self, "IO.", %w( read write binread binwrite readlines sysopen copy_stream popen )
|
45
45
|
end
|
46
|
-
Immunio.logger.debug "IO: IOClassHooks created: #{IOClassHooks}"
|
46
|
+
Immunio.logger.debug { "IO: IOClassHooks created: #{IOClassHooks}" }
|
47
47
|
|
48
48
|
module KernelModuleHooks
|
49
49
|
# exec() is not included currently as it replaces the running process
|
@@ -72,19 +72,19 @@ module Immunio
|
|
72
72
|
Kernel.send :alias_method, :backtick_without_immunio, :`
|
73
73
|
Kernel.send :alias_method, :`, :backtick_with_immunio
|
74
74
|
end
|
75
|
-
Immunio.logger.debug "Shell: KernelModuleHooks created: #{KernelModuleHooks}"
|
75
|
+
Immunio.logger.debug { "Shell: KernelModuleHooks created: #{KernelModuleHooks}" }
|
76
76
|
|
77
77
|
module FileClassHooks
|
78
78
|
IOHooks.inject self, "File.", %w( new open )
|
79
79
|
end
|
80
|
-
Immunio.logger.debug "IO: FileClassHooks created: #{FileClassHooks}"
|
80
|
+
Immunio.logger.debug { "IO: FileClassHooks created: #{FileClassHooks}" }
|
81
81
|
end
|
82
82
|
|
83
83
|
# Add FileIO hooks if enabled
|
84
84
|
if Immunio.agent.plugin_enabled?("file_io")
|
85
85
|
IO.extend Immunio::IOClassHooks
|
86
86
|
File.extend Immunio::FileClassHooks
|
87
|
-
Immunio.logger.debug "IO: All hooks installed."
|
87
|
+
Immunio.logger.debug { "IO: All hooks installed." }
|
88
88
|
end
|
89
89
|
|
90
90
|
# Add Kernel hooks if enabled
|
@@ -92,5 +92,5 @@ if Immunio.agent.plugin_enabled?("shell_command")
|
|
92
92
|
# Both are necessary to hook calling both Kernel.open() and open() etc.
|
93
93
|
Kernel.send :include, Immunio::KernelModuleHooks
|
94
94
|
Kernel.extend Immunio::KernelModuleHooks
|
95
|
-
Immunio.logger.debug "Shell: All hooks installed."
|
95
|
+
Immunio.logger.debug { "Shell: All hooks installed." }
|
96
96
|
end
|
@@ -10,7 +10,7 @@ module Immunio
|
|
10
10
|
|
11
11
|
protected
|
12
12
|
def redirect_to_with_immunio(options = {}, response_status = {})
|
13
|
-
Immunio.logger.debug "ActiveSupport checking redirect."
|
13
|
+
Immunio.logger.debug { "ActiveSupport checking redirect." }
|
14
14
|
Request.time "plugin", "#{Module.nesting[0]}::#{__method__}" do
|
15
15
|
# redirect_to excepts a variety of argument types
|
16
16
|
# but the only one that creates a absolute URL redirect
|
@@ -38,5 +38,5 @@ end
|
|
38
38
|
|
39
39
|
if Immunio::agent.plugin_enabled?("redirect") then
|
40
40
|
ActionController::Base.send :include, Immunio::RedirectHook
|
41
|
-
Immunio.logger.debug "Redirect: All hooks installed."
|
41
|
+
Immunio.logger.debug { "Redirect: All hooks installed." }
|
42
42
|
end
|
@@ -9,7 +9,7 @@ end
|
|
9
9
|
if defined?(Warden)
|
10
10
|
Warden::Manager.after_authentication do |user|
|
11
11
|
Immunio::Request.time "plugin", "Warden::Manager.after_authentication" do
|
12
|
-
Immunio.logger.debug "Warden instrumentation fired for after_authentication"
|
12
|
+
Immunio.logger.debug { "Warden instrumentation fired for after_authentication" }
|
13
13
|
Immunio.login user_record: user, plugin: "warden"
|
14
14
|
end
|
15
15
|
end
|
@@ -32,25 +32,24 @@ if defined?(Warden)
|
|
32
32
|
# there's no easy way to tell why. If we can't figure out who the
|
33
33
|
# attempted user was, don't report it as a failed login.
|
34
34
|
if user_found
|
35
|
-
Immunio.logger.debug "Warden instrumentation fired for before_failure"
|
35
|
+
Immunio.logger.debug { "Warden instrumentation fired for before_failure" }
|
36
36
|
Immunio.failed_login info
|
37
37
|
else
|
38
|
-
Immunio.logger.debug "Failed to find user info for Warden failure, "
|
39
|
-
"ignoring instead of reporting as failed login"
|
38
|
+
Immunio.logger.debug { "Failed to find user info for Warden failure, ignoring instead of reporting as failed login" }
|
40
39
|
end
|
41
40
|
end
|
42
41
|
end
|
43
42
|
|
44
43
|
Warden::Manager.after_set_user do |user|
|
45
44
|
Immunio::Request.time "plugin", "Warden::Manager.after_set_user" do
|
46
|
-
Immunio.logger.debug "Warden instrumentation fired for after_set_user"
|
45
|
+
Immunio.logger.debug { "Warden instrumentation fired for after_set_user" }
|
47
46
|
Immunio.set_user user_record: user, plugin: "warden"
|
48
47
|
end
|
49
48
|
end
|
50
49
|
|
51
50
|
Warden::Manager.before_logout do |user|
|
52
51
|
Immunio::Request.time "plugin", "Warden::Manager.before_logout" do
|
53
|
-
Immunio.logger.debug "Warden instrumentation fired for before_logout"
|
52
|
+
Immunio.logger.debug { "Warden instrumentation fired for before_logout" }
|
54
53
|
Immunio.logout user_record: user, plugin: "warden"
|
55
54
|
end
|
56
55
|
end
|
data/lib/immunio/processor.rb
CHANGED
@@ -99,7 +99,7 @@ module Immunio
|
|
99
99
|
def finish_request
|
100
100
|
request = Request.current
|
101
101
|
if request
|
102
|
-
Immunio.logger.debug "Finishing request #{request.id}"
|
102
|
+
Immunio.logger.debug { "Finishing request #{request.id}" }
|
103
103
|
aggregate_timings(request.timings)
|
104
104
|
ActiveSupport::Notifications.publish "immunio.finish_request", request
|
105
105
|
@channel.send_encoded_message request.encode if request.should_report?
|
@@ -129,7 +129,7 @@ module Immunio
|
|
129
129
|
|
130
130
|
# If there is no registered handler, just log the hook and return.
|
131
131
|
unless request.vm.has_function? hook
|
132
|
-
Immunio.logger.debug "No hook code for '#{hook}' to run for request #{request.id}"
|
132
|
+
Immunio.logger.debug { "No hook code for '#{hook}' to run for request #{request.id}" }
|
133
133
|
return {}
|
134
134
|
end
|
135
135
|
|
@@ -147,9 +147,9 @@ module Immunio
|
|
147
147
|
}
|
148
148
|
|
149
149
|
begin
|
150
|
-
Immunio.logger.debug "Running #{hook} hook for request #{request.id} with global values: #{globals}"
|
150
|
+
Immunio.logger.debug { "Running #{hook} hook for request #{request.id} with global values: #{globals}" }
|
151
151
|
rescue Encoding::CompatibilityError
|
152
|
-
Immunio.logger.debug "Running #{hook} hook for request #{request.id} (can't log global values due to encoding incompatibility)"
|
152
|
+
Immunio.logger.debug { "Running #{hook} hook for request #{request.id} (can't log global values due to encoding incompatibility)" }
|
153
153
|
end
|
154
154
|
|
155
155
|
# Run the hook code in the VM and time the execution.
|
@@ -199,7 +199,7 @@ module Immunio
|
|
199
199
|
|
200
200
|
# Raise if not allowed (default to allow)
|
201
201
|
if !result.fetch("allow", true)
|
202
|
-
Immunio.logger.debug "Blocking request due to hook response"
|
202
|
+
Immunio.logger.debug { "Blocking request due to hook response" }
|
203
203
|
raise RequestBlocked, "The request was blocked by the Immunio agent"
|
204
204
|
end
|
205
205
|
|
@@ -212,8 +212,8 @@ module Immunio
|
|
212
212
|
end
|
213
213
|
|
214
214
|
def log_and_send_error(e, message="Error", info={})
|
215
|
-
Immunio.logger.warn "#{message}: #{e.message}"
|
216
|
-
Immunio.logger.warn "Stack: #{e.backtrace}"
|
215
|
+
Immunio.logger.warn { "#{message}: #{e.message}" }
|
216
|
+
Immunio.logger.warn { "Stack: #{e.backtrace}" }
|
217
217
|
|
218
218
|
# Re-raise in dev mode before we send it to the backend.
|
219
219
|
raise e if @dev_mode
|