immunio 1.1.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c4a20073cf6c0c115c95a2afc1e6a8881ed83d8b
4
- data.tar.gz: 903ba865e4b4cdfd39df4efe4425250d6bcb2234
3
+ metadata.gz: 88d0c7506de87c39b6c0c7dc765cb55da4948b64
4
+ data.tar.gz: d38d7b83f8652eae78201c954215bf715fed31df
5
5
  SHA512:
6
- metadata.gz: e6d484d4001d19d66df60d17cf67003d92e812423274f4c995723bd8a82e8be0c1e9d7dcec22ad3e335bcd809a03d35e4f25395f8d255c2266d64a4fb5a5e102
7
- data.tar.gz: eb0808e3109763538ebe88867117e377779dbb019a87747306ffa0db2f89d71fb0f063eb434b11470611217c077e56587f430ee3a1b25837916fa02f1647b2ce
6
+ metadata.gz: 98a9fddf1a26d59bd4491350613a2e016f9b4cc0697b038f96144793f33e9d01e88cafd1cf4d8ed92874e651d7af730eab7b87e73b814488cc0c17281ddae9e0
7
+ data.tar.gz: 75a136f01c2ffe9bec4fda596502df66adbd2e858e25b7f8c04d5dda6653e57a2162f43601bc5e5bbe0c92d78904823443ecb9d7265a2ee9abcda74379894dc2
@@ -70,6 +70,8 @@ module Immunio
70
70
  # purposes.
71
71
  config_accessor :vm_data
72
72
 
73
+ attr_reader :plugins
74
+
73
75
  def initialize
74
76
  Immunio.logger.info { "Initializing agent version #{VERSION} for process #{Process.pid}" }
75
77
 
@@ -102,6 +104,8 @@ module Immunio
102
104
  # Be sure all config attributes have a type before this call:
103
105
  load_config
104
106
 
107
+ setup_plugin_registry
108
+
105
109
  Immunio::switch_to_real_logger(config.log_file, config.log_level)
106
110
 
107
111
  if !config.agent_enabled then
@@ -231,6 +235,75 @@ module Immunio
231
235
  def environment=(environment)
232
236
  @processor.environment = environment
233
237
  end
238
+
239
+ def register_plugin(name, version = nil)
240
+ @plugins[name] = {} unless @plugins.has_key?(name)
241
+ @plugins[name]['status'] = 'loaded'
242
+ @plugins[name]['version'] = version if version
243
+
244
+ Immunio.logger.info do
245
+ "Registering plugin '#{name}' => '#{@plugins[name]}'"
246
+ end
247
+ end
248
+
249
+ RECOGNIZED_PLUGINS = [
250
+ ## action_dispatch
251
+ 'ActionDispatch::Cookies::SignedCookieJar',
252
+ 'ActionDispatch::Cookies::UpgradeLegacySignedCookieJar',
253
+ 'ActionDispatch::Cookies::EncryptedCookieJar',
254
+ 'ActionDispatch::Cookies::UpgradeLegacyEncryptedCookieJar',
255
+
256
+ ## action_view
257
+ 'ActionView::Template::Handlers::Erubis',
258
+ 'Haml::Compiler',
259
+ 'Hash',
260
+ 'ActionView::TemplateRenderer',
261
+ 'ActionView::Template',
262
+ 'ActionController::Caching::Fragments',
263
+
264
+ ## active_record
265
+ 'ActiveRecord',
266
+ 'ActiveRecord::ConnectionAdapters::Mysql2Adapter',
267
+ 'ActiveRecord::ConnectionAdapters::MysqlAdapter',
268
+ 'ActiveRecord::ConnectionAdapters::PostgreSQLAdapter',
269
+ 'ActiveRecord::ConnectionAdapters::SQLite3Adapter',
270
+ 'ActiveRecord::ConnectionAdapters::SQLiteAdapter',
271
+ 'ActiveRecord::Sanitization',
272
+ 'Arel::Visitors::ToSql',
273
+ 'ActiveRecord::ConnectionAdapters::AbstractAdapter',
274
+
275
+ ## active_record_relation
276
+ 'ActiveRecord::Relation',
277
+ 'ActiveRecord::SpawnMethods',
278
+ 'ActiveRecord::Querying',
279
+ 'ActiveRecord::StatementCache',
280
+ 'ActiveRecord::Associations::HasManyThroughAssociation',
281
+
282
+ 'Authlogic',
283
+ 'ActionController (CSRF)',
284
+ 'Devise',
285
+ 'Kernel (Eval)',
286
+ 'Immunio::HTTPFinisher',
287
+ 'Immunio::HTTPTracker',
288
+
289
+ ## io
290
+ 'IO',
291
+ 'File',
292
+ 'Kernel (Module)',
293
+
294
+ 'ActionController (Redirect)',
295
+ 'Warden'
296
+ ].freeze
297
+
298
+ private
299
+
300
+ def setup_plugin_registry
301
+ @plugins = {}
302
+
303
+ RECOGNIZED_PLUGINS.each do |name|
304
+ @plugins[name] = { 'status' => 'pending' }
305
+ end
306
+ end
234
307
  end
235
308
 
236
309
  AGENT_INIT_MUTEX = Mutex.new
@@ -32,14 +32,33 @@ end
32
32
  class ActionDispatch::Cookies
33
33
  if defined? SignedCookieJar
34
34
  SignedCookieJar.send :include, Immunio::CookieHooks
35
+
36
+ Immunio.agent.register_plugin(
37
+ 'ActionDispatch::Cookies::SignedCookieJar',
38
+ ActionPack::VERSION::STRING)
35
39
  end
40
+
36
41
  if defined? UpgradeLegacySignedCookieJar
37
42
  UpgradeLegacySignedCookieJar.send :include, Immunio::CookieHooks
43
+
44
+ Immunio.agent.register_plugin(
45
+ 'ActionDispatch::Cookies::UpgradeLegacySignedCookieJar',
46
+ ActionPack::VERSION::STRING)
38
47
  end
48
+
39
49
  if defined? EncryptedCookieJar
40
50
  EncryptedCookieJar.send :include, Immunio::CookieHooks
51
+
52
+ Immunio.agent.register_plugin(
53
+ 'ActionDispatch::Cookies::EncryptedCookieJar',
54
+ ActionPack::VERSION::STRING)
41
55
  end
56
+
42
57
  if defined? UpgradeLegacyEncryptedCookieJar
43
58
  UpgradeLegacyEncryptedCookieJar.send :include, Immunio::CookieHooks
59
+
60
+ Immunio.agent.register_plugin(
61
+ 'ActionDispatch::Cookies::UpgradeLegacyEncryptedCookieJar',
62
+ ActionPack::VERSION::STRING)
44
63
  end
45
64
  end
@@ -533,20 +533,49 @@ end
533
533
 
534
534
  # Add XSS hooks if enabled
535
535
  if Immunio::agent.plugin_enabled?("xss") then
536
+ action_view_version =
537
+ if ActionView.respond_to?(:version)
538
+ ActionView.version.to_s
539
+ else
540
+ Rails.version
541
+ end
542
+
536
543
  # Hook into template engines.
537
544
  ActionView::Template::Handlers::Erubis.send :include, Immunio::ErubisHooks
538
545
 
546
+ Immunio.agent.register_plugin(
547
+ 'ActionView::Template::Handlers::Erubis',
548
+ action_view_version)
549
+
539
550
  ActiveSupport.on_load(:after_initialize) do
540
551
  # Wait after Rails initialization to patch custom template engines.
541
552
  if defined? Haml::Compiler
542
553
  Haml::Compiler.send :include, Immunio::HamlHooks
554
+ Immunio.agent.register_plugin('Haml::Compiler', Haml::VERSION)
543
555
  end
544
556
 
545
557
  Hash.send :include, Immunio::ActiveSupportHooks
558
+ Immunio.agent.register_plugin('Hash', RUBY_VERSION)
546
559
  end
547
560
 
548
561
  # Hook into rendering process of Rails.
549
562
  ActionView::TemplateRenderer.send :include, Immunio::TemplateRendererHooks
563
+
564
+ Immunio.agent.register_plugin(
565
+ 'ActionView::TemplateRenderer',
566
+ action_view_version)
567
+
550
568
  ActionView::Template.send :include, Immunio::TemplateHooks
551
- ActionController::Caching::Fragments.send :include, Immunio::FragmentCachingHooks
569
+
570
+ Immunio.agent.register_plugin(
571
+ 'ActionView::Template',
572
+ action_view_version)
573
+
574
+ ActionController::Caching::Fragments.send(
575
+ :include,
576
+ Immunio::FragmentCachingHooks)
577
+
578
+ Immunio.agent.register_plugin(
579
+ 'ActionController::Caching::Fragments',
580
+ action_view_version)
552
581
  end
@@ -681,28 +681,66 @@ module Immunio
681
681
  end
682
682
  end
683
683
 
684
+ Immunio.agent.register_plugin('ActiveRecord', ActiveRecord::VERSION::STRING)
685
+
684
686
  # Hook into quoting methods at the highest level possible in the ancestors chain.
685
687
  # In case the quote methods were overridden in a child class.
686
688
  module ActiveRecord::ConnectionAdapters
687
689
  if defined? Mysql2Adapter
688
690
  Mysql2Adapter.send :include, Immunio::QuotingHooks
691
+
692
+ Immunio.agent.register_plugin(
693
+ 'ActiveRecord::ConnectionAdapters::Mysql2Adapter',
694
+ ActiveRecord::VERSION::STRING)
689
695
  elsif defined? MysqlAdapter
690
696
  MysqlAdapter.send :include, Immunio::QuotingHooks
697
+
698
+ Immunio.agent.register_plugin(
699
+ 'ActiveRecord::ConnectionAdapters::MysqlAdapter',
700
+ ActiveRecord::VERSION::STRING)
691
701
  end
702
+
692
703
  if defined? PostgreSQLAdapter
693
704
  PostgreSQLAdapter.send :include, Immunio::QuotingHooks
705
+
706
+ Immunio.agent.register_plugin(
707
+ 'ActiveRecord::ConnectionAdapters::PostgreSQLAdapter',
708
+ ActiveRecord::VERSION::STRING)
694
709
  end
710
+
695
711
  if defined? SQLite3Adapter
696
712
  SQLite3Adapter.send :include, Immunio::QuotingHooks
713
+
714
+ Immunio.agent.register_plugin(
715
+ 'ActiveRecord::ConnectionAdapters::SQLite3Adapter',
716
+ ActiveRecord::VERSION::STRING)
697
717
  elsif defined? SQLiteAdapter
698
718
  SQLiteAdapter.send :include, Immunio::QuotingHooks
719
+
720
+ Immunio.agent.register_plugin(
721
+ 'ActiveRecord::ConnectionAdapters::SQLiteAdapter',
722
+ ActiveRecord::VERSION::STRING)
699
723
  end
700
724
  end
701
725
 
702
726
  module ActiveRecord::Sanitization
703
727
  ClassMethods.send :include, Immunio::SanitizeHooks
728
+
729
+ Immunio.agent.register_plugin(
730
+ 'ActiveRecord::Sanitization',
731
+ ActiveRecord::VERSION::STRING)
704
732
  end
705
733
 
706
734
  Arel::Visitors::ToSql.send :include, Immunio::ArelToSqlHooks
707
735
 
708
- ActiveRecord::ConnectionAdapters::AbstractAdapter.send :include, Immunio::QueryExecutionHooks
736
+ Immunio.agent.register_plugin(
737
+ 'Arel::Visitors::ToSql',
738
+ ActiveRecord::VERSION::STRING)
739
+
740
+ ActiveRecord::ConnectionAdapters::AbstractAdapter.send(
741
+ :include,
742
+ Immunio::QueryExecutionHooks)
743
+
744
+ Immunio.agent.register_plugin(
745
+ 'ActiveRecord::ConnectionAdapters::AbstractAdapter',
746
+ ActiveRecord::VERSION::STRING)
@@ -365,8 +365,56 @@ module Immunio
365
365
  end
366
366
  end
367
367
 
368
- ActiveRecord::Relation.send :include, Immunio::RelationHooks if defined? ActiveRecord::Relation
369
- ActiveRecord::Relation.send :include, Immunio::SpawnHooks if defined? ActiveRecord::SpawnMethods
370
- ActiveRecord::Relation.send :include, Immunio::QueryingHooks if defined? ActiveRecord::Querying
371
- ActiveRecord::StatementCache.send :include, Immunio::StatementCacheHooks if defined? ActiveRecord::StatementCache
372
- ActiveRecord::Associations::HasManyThroughAssociation.send :include, Immunio::HasManyThroughAssociationHooks if defined? ActiveRecord::Associations::HasManyThroughAssociation
368
+ module ActiveRecord
369
+ if defined? Relation
370
+ Relation.send(
371
+ :include,
372
+ Immunio::RelationHooks)
373
+
374
+ Immunio.agent.register_plugin(
375
+ 'ActiveRecord::Relation',
376
+ ActiveRecord::VERSION::STRING)
377
+
378
+ if defined? SpawnMethods
379
+ Relation.send(
380
+ :include,
381
+ Immunio::SpawnHooks)
382
+
383
+ Immunio.agent.register_plugin(
384
+ 'ActiveRecord::SpawnMethods',
385
+ ActiveRecord::VERSION::STRING)
386
+ end
387
+
388
+ if defined? Querying
389
+ Relation.send(
390
+ :include,
391
+ Immunio::QueryingHooks)
392
+
393
+ Immunio.agent.register_plugin(
394
+ 'ActiveRecord::Querying',
395
+ ActiveRecord::VERSION::STRING)
396
+ end
397
+ end
398
+
399
+ if defined? StatementCache
400
+ StatementCache.send(
401
+ :include,
402
+ Immunio::StatementCacheHooks)
403
+
404
+ Immunio.agent.register_plugin(
405
+ 'ActiveRecord::StatementCache',
406
+ ActiveRecord::VERSION::STRING)
407
+ end
408
+
409
+ module Associations
410
+ if defined? HasManyThroughAssociation
411
+ HasManyThroughAssociation.send(
412
+ :include,
413
+ Immunio::HasManyThroughAssociationHooks)
414
+
415
+ Immunio.agent.register_plugin(
416
+ 'ActiveRecord::Associations::HasManyThroughAssociation',
417
+ ActiveRecord::VERSION::STRING)
418
+ end
419
+ end
420
+ end
@@ -77,4 +77,8 @@ if defined? Authlogic
77
77
  end
78
78
 
79
79
  Authlogic::Session::Base.send :include, Immunio::Authlogic::SessionHooks
80
+
81
+ Immunio.agent.register_plugin(
82
+ 'Authlogic',
83
+ Gem.loaded_specs['authlogic'].version.to_s)
80
84
  end
@@ -24,3 +24,7 @@ module Immunio
24
24
  end
25
25
 
26
26
  ActionController::Base.send :include, Immunio::CsrfHook
27
+
28
+ Immunio.agent.register_plugin(
29
+ 'ActionController (CSRF)',
30
+ ActionPack::VERSION::STRING)
@@ -37,4 +37,7 @@ if defined? Devise
37
37
  end
38
38
 
39
39
  Devise::Models::Recoverable::ClassMethods.send :include, Immunio::DeviseRecoverableHooks
40
+
41
+ require 'devise/version'
42
+ Immunio.agent.register_plugin('Devise', Devise::VERSION)
40
43
  end
@@ -76,13 +76,9 @@ module Immunio
76
76
  hostname_ip: hostname_ip,
77
77
  ips: ips
78
78
  },
79
- dependencies: {}
79
+ plugins: Immunio.agent.plugins
80
80
  }
81
81
 
82
- Gem.loaded_specs.each_pair do |name, spec|
83
- info[:dependencies][name] = spec.version.to_s
84
- end
85
-
86
82
  Immunio.agent.environment = info
87
83
  end
88
84
  end
@@ -41,4 +41,5 @@ if Immunio::agent.plugin_enabled?("eval") then
41
41
  Kernel.send :include, Immunio::KernelEvalHook
42
42
  Kernel.extend Immunio::KernelEvalHook
43
43
  Immunio.logger.debug { "Eval: All hooks installed." }
44
+ Immunio.agent.register_plugin('Kernel (Eval)', RUBY_VERSION)
44
45
  end
@@ -4,6 +4,7 @@ module Immunio
4
4
  # Rack middleware running at the very end of the stack to finish HTTP requests.
5
5
  class HTTPFinisher
6
6
  def initialize(app)
7
+ Immunio.agent.register_plugin(self.class.name)
7
8
  @app = app
8
9
  end
9
10
 
@@ -5,6 +5,7 @@ module Immunio
5
5
  # Rack middleware tracking HTTP requests and responses and triggers the proper hooks.
6
6
  class HTTPTracker
7
7
  def initialize(app)
8
+ Immunio.agent.register_plugin(self.class.name)
8
9
  @app = app
9
10
  end
10
11
 
@@ -104,6 +104,8 @@ if Immunio.agent.plugin_enabled?("file_io")
104
104
  IO.extend Immunio::IOClassHooks
105
105
  File.extend Immunio::FileClassHooks
106
106
  Immunio.logger.debug { "IO: All hooks installed." }
107
+ Immunio.agent.register_plugin('IO', RUBY_VERSION)
108
+ Immunio.agent.register_plugin('File', RUBY_VERSION)
107
109
  end
108
110
 
109
111
  # Add Kernel hooks if enabled
@@ -112,4 +114,5 @@ if Immunio.agent.plugin_enabled?("shell_command")
112
114
  Kernel.send :include, Immunio::KernelModuleHooks
113
115
  Kernel.extend Immunio::KernelModuleHooks
114
116
  Immunio.logger.debug { "Shell: All hooks installed." }
117
+ Immunio.agent.register_plugin('Kernel (Module)', RUBY_VERSION)
115
118
  end
@@ -39,4 +39,8 @@ end
39
39
  if Immunio::agent.plugin_enabled?("redirect") then
40
40
  ActionController::Base.send :include, Immunio::RedirectHook
41
41
  Immunio.logger.debug { "Redirect: All hooks installed." }
42
+
43
+ Immunio.agent.register_plugin(
44
+ 'ActionController (Redirect)',
45
+ ActionPack::VERSION::STRING)
42
46
  end
@@ -66,4 +66,7 @@ if defined?(Warden::Manager)
66
66
  alias :call_without_immunio :call
67
67
  alias :call :call_with_immunio
68
68
  end
69
+
70
+ require 'warden/version'
71
+ Immunio.agent.register_plugin('Warden', Warden::VERSION)
69
72
  end
@@ -1,5 +1,5 @@
1
1
  module Immunio
2
2
  AGENT_TYPE = "agent-ruby"
3
- VERSION = "1.1.0"
3
+ VERSION = "1.1.1"
4
4
  VM_VERSION = "2.2.0"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: immunio
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 1.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Immunio
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-08-10 00:00:00.000000000 Z
11
+ date: 2016-10-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails