logjam_agent 0.38.1 → 0.38.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 47422acd5b4e45b015b0409e1c92cbe469fe883f6d7ae92eaa213434822f460c
4
- data.tar.gz: 204958e60d5036f5d63c779b7af46dd2705aa6a0ba2be0145bb7c8780c72b849
3
+ metadata.gz: 6c18943a93c4707c1d5c8aa2b92925ac997fbd98fc08f9c4c58f9eb485c98f02
4
+ data.tar.gz: e38d8c87ca688037a860a3b4af69d54f255f575d6cd3d5ca8b31e8bb0ff1639b
5
5
  SHA512:
6
- metadata.gz: b55dd07ab0d558ca83236a7971d7cd45116418b026ecf8bb9bc05fb435facd5896584f1f8f9d9e4cc657571001ed2613a4bbadcbd12c253af07cbf96fbba30bb
7
- data.tar.gz: 53288566b7cb06d28a5129f71b4bc236569f0f259595ad14a603baa07085d93ebb25ac031e634096206409ec4b0da6b2d4e332f1ff8dfece3ddf89818eb01d23
6
+ metadata.gz: 1f9eead24427fed2fac91181599f75a87a5389b913b5a9a6042b4ebcfb27ffa7af213f76127182d7d05078bde22cbf3e431f414b86ca27ef8490175e761da60c
7
+ data.tar.gz: f2a10234aea2f2402da52686c9500e2591d852d9757d267032fda58366650aead11b621eb4d0681819acfdfebd3c0d6010329e60758644dbada17f4106c6654b
@@ -0,0 +1,40 @@
1
+ module LogjamAgent
2
+ module Obfuscation
3
+
4
+ mattr_accessor :obfuscate_ips
5
+ self.obfuscate_ips = false
6
+
7
+ # TODO: ipv6 obfuscation
8
+ def ip_obfuscator(ip)
9
+ obfuscate_ips ? ip.to_s.sub(/\d+\z/, 'XXX') : ip
10
+ end
11
+
12
+ mattr_accessor :obfuscated_cookies
13
+ self.obfuscated_cookies = [/_session\z/]
14
+
15
+ def cookie_obfuscator
16
+ @cookie_obfuscator ||= ParameterFilter.new(obfuscated_cookies)
17
+ end
18
+
19
+ begin
20
+ # rails 6.1 and higher
21
+ require "active_support/parameter_filter"
22
+ ParameterFilter = ::ActiveSupport::ParameterFilter
23
+ rescue LoadError
24
+ # rails 6.0 and older
25
+ require "action_dispatch/http/parameter_filter"
26
+ ParameterFilter = ::ActionDispatch::Http::ParameterFilter
27
+ end
28
+
29
+ KEY_RE = '[^&;=\s]+'
30
+ VAL_RE = '[^&;=]+'
31
+ PAIR_RE = %r{(#{KEY_RE})=(#{VAL_RE})}
32
+
33
+ def filter_pairs(str, filter)
34
+ str.gsub(PAIR_RE) do |_|
35
+ filter.filter($1 => $2).first.join("=")
36
+ end
37
+ end
38
+
39
+ end
40
+ end
@@ -216,8 +216,7 @@ module LogjamAgent
216
216
  CONTENT_LENGTH = 'CONTENT_LENGTH'
217
217
  COOKIE = 'HTTP_COOKIE'
218
218
 
219
- KV_RE = '[^&;=]+'
220
- PAIR_RE = %r{(#{KV_RE})=(#{KV_RE})}
219
+ include Obfuscation
221
220
 
222
221
  def extract_headers(request, filter)
223
222
  headers = request.env.reject{|k,v| k =~ HIDDEN_VARIABLES }
@@ -225,15 +224,11 @@ module LogjamAgent
225
224
  headers = filter.filter(headers)
226
225
 
227
226
  if referer = headers[REFERER]
228
- headers[REFERER] = referer.gsub(PAIR_RE) do |_|
229
- filter.filter($1 => $2).first.join("=")
230
- end
227
+ headers[REFERER] = filter_pairs(referer, filter)
231
228
  end
232
229
 
233
- if (cookie = headers[COOKIE]) && LogjamAgent.obfuscated_cookies.present?
234
- headers[COOKIE] = cookie.gsub(PAIR_RE) do |_|
235
- LogjamAgent.cookie_obfuscator.filter($1 => $2).first.join("=")
236
- end
230
+ if (cookie = headers[COOKIE]) && obfuscated_cookies.present?
231
+ headers[COOKIE] = filter_pairs(cookie, cookie_obfuscator)
237
232
  end
238
233
 
239
234
  headers.keys.each do |k|
@@ -1,3 +1,3 @@
1
1
  module LogjamAgent
2
- VERSION = "0.38.1"
2
+ VERSION = "0.38.3"
3
3
  end
@@ -125,7 +125,7 @@ module LogjamAgent
125
125
  end
126
126
 
127
127
  def log_warning(message)
128
- LogjamAgent.error_handler.call ForwardingWarning.new(message)
128
+ LogjamAgent.error_handler&.call ForwardingWarning.new(message)
129
129
  end
130
130
 
131
131
  VALID_RESPONSE_CODES = [200,202]
data/lib/logjam_agent.rb CHANGED
@@ -10,6 +10,7 @@ end
10
10
 
11
11
  require "logjam_agent/version"
12
12
  require "logjam_agent/util"
13
+ require "logjam_agent/obfuscation"
13
14
  require "logjam_agent/zmq_forwarder"
14
15
  require "logjam_agent/forwarders"
15
16
  require "logjam_agent/request"
@@ -77,26 +78,7 @@ module LogjamAgent
77
78
  mattr_accessor :ensure_ping_at_exit
78
79
  self.ensure_ping_at_exit = true
79
80
 
80
- mattr_accessor :obfuscate_ips
81
- self.obfuscate_ips = false
82
-
83
- # TODO: ipv6 obfuscation
84
- def self.ip_obfuscator(ip)
85
- obfuscate_ips ? ip.to_s.sub(/\d+\z/, 'XXX') : ip
86
- end
87
-
88
- mattr_accessor :obfuscated_cookies
89
- self.obfuscated_cookies = [/_session\z/]
90
-
91
- def self.cookie_obfuscator
92
- @cookie_obfuscator ||=
93
- if defined?(ActiveSupport::ParameterFilter)
94
- ActiveSupport::ParameterFilter.new(obfuscated_cookies)
95
- else
96
- ActionDispatch::Http::ParameterFilter.new(obfuscated_cookies)
97
- end
98
- end
99
-
81
+ extend Obfuscation
100
82
  extend RequestHandling
101
83
  extend SelectiveLogging
102
84
 
@@ -0,0 +1,28 @@
1
+ require_relative "test_helper.rb"
2
+
3
+ module LogjamAgent
4
+ class ObfuscatorTest < MiniTest::Test
5
+ include Obfuscation
6
+
7
+ test "obfuscates session cookie by default" do
8
+ filter = LogjamAgent.cookie_obfuscator
9
+ assert_equal "_session=[FILTERED]", filter_pairs("_session=data", filter)
10
+ assert_equal "my_session=[FILTERED]", filter_pairs("my_session=mdata", filter)
11
+ assert_equal "blabber=1; _session=[FILTERED]", filter_pairs("blabber=1; _session=data", filter)
12
+ assert_equal "blabber=1; _session=[FILTERED]; blubber=2", filter_pairs("blabber=1; _session=data; blubber=2", filter)
13
+ end
14
+
15
+ test "obfuscates with complex regex" do
16
+ filter = ParameterFilter.new([/(login|_session)\z/])
17
+ assert_equal "_session=[FILTERED]; login=[FILTERED]", filter_pairs("_session=my_session; login=foo", filter)
18
+ assert_equal "_session=[FILTERED]; my_login=[FILTERED]", filter_pairs("_session=my_session; my_login=foo", filter)
19
+ end
20
+
21
+ test "obfuscates with exact matches" do
22
+ filter = ParameterFilter.new([/\A(login|.*_session)\z/])
23
+ assert_equal "_session=[FILTERED]; login=[FILTERED]", filter_pairs("_session=my_session; login=foo", filter)
24
+ assert_equal "_session=[FILTERED]; my_login=foo", filter_pairs("_session=my_session; my_login=foo", filter)
25
+ assert_equal "my_session=[FILTERED]; my_login=foo", filter_pairs("my_session=my_session; my_login=foo", filter)
26
+ end
27
+ end
28
+ end
data/test/sinatra_app.rb CHANGED
@@ -1,12 +1,15 @@
1
1
  $:.unshift File.expand_path('../../lib', __FILE__)
2
2
 
3
3
  require 'logjam_agent/sinatra'
4
+ require 'sinatra/cookies'
4
5
 
5
6
  class SinatraTestApp < Sinatra::Base
6
7
  register LogjamAgent::Sinatra
7
8
 
8
9
  use LogjamAgent::Sinatra::Middleware
9
10
 
11
+ helpers Sinatra::Cookies
12
+
10
13
  configure do
11
14
  set :root, File.expand_path('../..', __FILE__)
12
15
  set :environment, :test
@@ -24,6 +27,8 @@ class SinatraTestApp < Sinatra::Base
24
27
  end
25
28
 
26
29
  get '/index' do
30
+ cookies[:foo] = 'bar'
31
+ cookies[:frerks] = "no micro"
27
32
  logger.info 'Hello World!'
28
33
  'Hello World!'
29
34
  end
@@ -1,6 +1,7 @@
1
1
  $:.unshift File.expand_path('../../lib', __FILE__)
2
2
 
3
3
  require 'logjam_agent/sinatra'
4
+ require 'sinatra/cookies'
4
5
 
5
6
  use LogjamAgent::Sinatra::Middleware
6
7
 
@@ -27,5 +28,7 @@ end
27
28
  get '/index' do
28
29
  action_name "Simple#index"
29
30
  logger.info 'Hello World!'
31
+ cookies[:foo] = 'bar'
32
+ cookies[:frerks] = "no micro"
30
33
  'Hello World!'
31
34
  end
@@ -12,7 +12,10 @@ module LogjamAgent
12
12
  end
13
13
 
14
14
  def test_root
15
- get '/index?mumu=1&password=5'
15
+ cookie_jar = ::Rack::Test::CookieJar.new
16
+ cookie_jar['foo'] = 'bar'
17
+ cookie_jar['baz'] = 'gni'
18
+ get '/index?mumu=1&password=5', {}, 'HTTP_COOKIE' => cookie_jar.for(nil)
16
19
  assert_equal 'Hello World!', last_response.body
17
20
  end
18
21
 
data/test/sinatra_test.rb CHANGED
@@ -24,7 +24,10 @@ module LogjamAgent
24
24
  end
25
25
 
26
26
  def test_root
27
- get '/index?mumu=1&password=5'
27
+ cookie_jar = ::Rack::Test::CookieJar.new
28
+ cookie_jar['foo'] = 'bar'
29
+ cookie_jar['baz'] = 'gni'
30
+ get '/index?mumu=1&password=5', {}, 'HTTP_COOKIE' => cookie_jar.for(nil)
28
31
  assert_equal 'Hello World!', last_response.body
29
32
  assert_equal 200, last_response.status
30
33
 
@@ -49,6 +52,8 @@ module LogjamAgent
49
52
  assert_equal method, "GET"
50
53
  assert_equal url, "/index?mumu=1&password=[FILTERED]"
51
54
  assert_equal(query_parameters, { "mumu" => "1", "password" => "[FILTERED]" })
55
+ assert_match(/baz=gni/, request_info["headers"]["Cookie"])
56
+ assert_match(/foo=\[FILTERED\]/, request_info["headers"]["Cookie"])
52
57
  end
53
58
 
54
59
  end
data/test/test_helper.rb CHANGED
@@ -1,3 +1,8 @@
1
+ require 'simplecov'
2
+ SimpleCov.start do
3
+ add_filter %r{^/test/}
4
+ end
5
+
1
6
  require 'minitest/autorun'
2
7
  require 'minitest/unit'
3
8
  require 'minitest/pride' if ENV['RAINBOW_COLORED_TESTS'] == "1" && $stdout.tty?
@@ -15,6 +20,9 @@ require "logjam_agent/receiver"
15
20
  # for Sinatra
16
21
  ENV['RACK_ENV'] = "test"
17
22
 
23
+ # Obfuscate the foo cookie.
24
+ LogjamAgent.obfuscated_cookies = [/\A(foo|.*_session)\z/]
25
+
18
26
  class MockLogDev
19
27
  attr_reader :lines
20
28
  def initialize
@@ -58,5 +58,20 @@ module LogjamAgent
58
58
  f.forward(data, :routing_key => "x", :app_env => "a-b")
59
59
  end
60
60
 
61
+ test "can log forwarding warnings if error_handler is defined" do
62
+ msg = nil
63
+ LogjamAgent.expects(:error_handler).returns(->(m){ msg = m})
64
+ ZMQForwarder.new.__send__(:log_warning, "xxx")
65
+ assert_instance_of ForwardingWarning, msg
66
+ assert_equal "xxx", msg.message
67
+ end
68
+
69
+ test "does not log forwading warnings if error_handler is nil" do
70
+ msg = nil
71
+ LogjamAgent.expects(:error_handler).returns(nil)
72
+ ZMQForwarder.new.__send__(:log_warning, "xxx")
73
+ assert_nil msg
74
+ end
75
+
61
76
  end
62
77
  end
metadata CHANGED
@@ -1,169 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logjam_agent
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.38.1
4
+ version: 0.38.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Stefan Kaes
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-11-14 00:00:00.000000000 Z
11
+ date: 2023-03-20 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: rake
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - ">="
18
- - !ruby/object:Gem::Version
19
- version: '0'
20
- type: :development
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - ">="
25
- - !ruby/object:Gem::Version
26
- version: '0'
27
- - !ruby/object:Gem::Dependency
28
- name: i18n
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - ">="
32
- - !ruby/object:Gem::Version
33
- version: '0'
34
- type: :development
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - ">="
39
- - !ruby/object:Gem::Version
40
- version: '0'
41
- - !ruby/object:Gem::Dependency
42
- name: snappy
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - ">="
46
- - !ruby/object:Gem::Version
47
- version: '0'
48
- type: :development
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - ">="
53
- - !ruby/object:Gem::Version
54
- version: '0'
55
- - !ruby/object:Gem::Dependency
56
- name: lz4-ruby
57
- requirement: !ruby/object:Gem::Requirement
58
- requirements:
59
- - - ">="
60
- - !ruby/object:Gem::Version
61
- version: '0'
62
- type: :development
63
- prerelease: false
64
- version_requirements: !ruby/object:Gem::Requirement
65
- requirements:
66
- - - ">="
67
- - !ruby/object:Gem::Version
68
- version: '0'
69
- - !ruby/object:Gem::Dependency
70
- name: oj
71
- requirement: !ruby/object:Gem::Requirement
72
- requirements:
73
- - - ">="
74
- - !ruby/object:Gem::Version
75
- version: '0'
76
- type: :development
77
- prerelease: false
78
- version_requirements: !ruby/object:Gem::Requirement
79
- requirements:
80
- - - ">="
81
- - !ruby/object:Gem::Version
82
- version: '0'
83
- - !ruby/object:Gem::Dependency
84
- name: byebug
85
- requirement: !ruby/object:Gem::Requirement
86
- requirements:
87
- - - ">="
88
- - !ruby/object:Gem::Version
89
- version: '0'
90
- type: :development
91
- prerelease: false
92
- version_requirements: !ruby/object:Gem::Requirement
93
- requirements:
94
- - - ">="
95
- - !ruby/object:Gem::Version
96
- version: '0'
97
- - !ruby/object:Gem::Dependency
98
- name: minitest
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - ">="
102
- - !ruby/object:Gem::Version
103
- version: '0'
104
- type: :development
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - ">="
109
- - !ruby/object:Gem::Version
110
- version: '0'
111
- - !ruby/object:Gem::Dependency
112
- name: mocha
113
- requirement: !ruby/object:Gem::Requirement
114
- requirements:
115
- - - ">="
116
- - !ruby/object:Gem::Version
117
- version: '0'
118
- type: :development
119
- prerelease: false
120
- version_requirements: !ruby/object:Gem::Requirement
121
- requirements:
122
- - - ">="
123
- - !ruby/object:Gem::Version
124
- version: '0'
125
- - !ruby/object:Gem::Dependency
126
- name: sinatra
127
- requirement: !ruby/object:Gem::Requirement
128
- requirements:
129
- - - ">="
130
- - !ruby/object:Gem::Version
131
- version: '0'
132
- type: :development
133
- prerelease: false
134
- version_requirements: !ruby/object:Gem::Requirement
135
- requirements:
136
- - - ">="
137
- - !ruby/object:Gem::Version
138
- version: '0'
139
- - !ruby/object:Gem::Dependency
140
- name: rack-test
141
- requirement: !ruby/object:Gem::Requirement
142
- requirements:
143
- - - ">="
144
- - !ruby/object:Gem::Version
145
- version: '0'
146
- type: :development
147
- prerelease: false
148
- version_requirements: !ruby/object:Gem::Requirement
149
- requirements:
150
- - - ">="
151
- - !ruby/object:Gem::Version
152
- version: '0'
153
- - !ruby/object:Gem::Dependency
154
- name: appraisal
155
- requirement: !ruby/object:Gem::Requirement
156
- requirements:
157
- - - ">="
158
- - !ruby/object:Gem::Version
159
- version: '0'
160
- type: :development
161
- prerelease: false
162
- version_requirements: !ruby/object:Gem::Requirement
163
- requirements:
164
- - - ">="
165
- - !ruby/object:Gem::Version
166
- version: '0'
167
13
  - !ruby/object:Gem::Dependency
168
14
  name: activesupport
169
15
  requirement: !ruby/object:Gem::Requirement
@@ -238,6 +84,7 @@ files:
238
84
  - lib/logjam_agent/logging_attributes.rb
239
85
  - lib/logjam_agent/middleware.rb
240
86
  - lib/logjam_agent/monkey_patches/ffi-rzmq-patch.rb
87
+ - lib/logjam_agent/obfuscation.rb
241
88
  - lib/logjam_agent/rack/logger.rb
242
89
  - lib/logjam_agent/rack/rails_support.rb
243
90
  - lib/logjam_agent/rack/sinatra_request.rb
@@ -252,6 +99,7 @@ files:
252
99
  - lib/logjam_agent/version.rb
253
100
  - lib/logjam_agent/zmq_forwarder.rb
254
101
  - test/json_logging_test.rb
102
+ - test/obfuscator_test.rb
255
103
  - test/request_test.rb
256
104
  - test/selective_logging_test.rb
257
105
  - test/sinatra_app.rb
@@ -280,18 +128,19 @@ required_rubygems_version: !ruby/object:Gem::Requirement
280
128
  - !ruby/object:Gem::Version
281
129
  version: '0'
282
130
  requirements: []
283
- rubygems_version: 3.3.19
131
+ rubygems_version: 3.3.26
284
132
  signing_key:
285
133
  specification_version: 4
286
134
  summary: Logjam client library to be used with logjam
287
135
  test_files:
288
- - test/sinatra_app.rb
136
+ - test/json_logging_test.rb
137
+ - test/obfuscator_test.rb
138
+ - test/request_test.rb
289
139
  - test/selective_logging_test.rb
290
- - test/sinatra_classic_test.rb
140
+ - test/sinatra_app.rb
291
141
  - test/sinatra_classic_app.rb
292
- - test/request_test.rb
293
- - test/zmq_forwarder_test.rb
294
- - test/util_test.rb
295
- - test/test_helper.rb
296
- - test/json_logging_test.rb
142
+ - test/sinatra_classic_test.rb
297
143
  - test/sinatra_test.rb
144
+ - test/test_helper.rb
145
+ - test/util_test.rb
146
+ - test/zmq_forwarder_test.rb