newrelic_rpm 3.5.6.48.beta → 3.5.6.55

data/.gitignore

@@ -19,3 +19,4 @@ tags
 gems/newrelic_rpm.gemspec
 gems/newrelic_rpm*.tar.gz
 lib/new_relic/build.rb
+.pryrc

data/CHANGELOG

@@ -3,12 +3,64 @@
 
 ## v3.5.6 ##
 
+  * Use HTTPS by default
+
+    The agent now defaults to using SSL when it communicates with New Relic's
+    servers.  By defaults already configured, New Relic does not transmit any
+    sensitive information (e.g. SQL parameters are masked), but SSL adds 
+    another layer of security.  Upgrading customers may need to remove the
+    "ssl: false" directive from their newrelic.yml to enable ssl.  Customers on
+    Jruby may need to install the jruby-openssl gem to take advantage of this
+    feature.
+
   * Fix two Resque-related issues
 
     Fixes a possible hang on exit of an instrumented Resque master process
     (https://github.com/defunkt/resque/issues/578), as well as a file descriptor
     leak that could occur during startup of the Resque master process.
 
+  * Fix for error graph over 100%
+
+    Some errors were double counted toward the overall error total. This
+    resulted in graphs with error percentages over 100%. This duplication did
+    not impact the specific error traces captured, only the total metric.
+
+  * Notice gracefully handled errors in Sinatra
+
+    When show_exceptions was set to false in Sinatra, errors weren't caught
+    by New Relic's error collector. Now handled errors also have the chance
+    to get reported back.
+
+  * Ruby 2.0 compatibility fixes
+
+    Ruby 2.0 no longer finds protected methods by default, but will with a flag.
+    http://tenderlovemaking.com/2012/09/07/protected-methods-and-ruby-2-0.html
+
+    Thanks Ravil Bayramgalin and Charlie Somerville for the fixes.
+
+  * Auto-detect Trinidad as dispatcher
+
+    Code already existing for detecting Trinidad as a dispatcher, but was only
+    accessible via an ENV variable. This now auto-detects on startup. Thanks
+    Robert Rasmussen for catching that.
+
+  * Coercion of types in collector communication
+
+    Certain metrics can be recorded with a Ruby Rational type, which JSON
+    serializes as a string rather than a floating point value. We now treat
+    coerce each outgoing value, and log issues before sending the data.
+
+  * Developer mode fix for chart error
+
+    Added require to fix a NameError in developer mode for summary page. Thanks
+    to Ryan B. Harvey.
+
+  * Don't touch deprecated RAILS_ROOT if on Rails 3
+
+    Under some odd startup conditions, we would look for the RAILS_ROOT constant
+    after failing to find the ::Rails.root in a Rails 3 app, causing deprecation
+    warnings. Thanks for Adrian Irving-Beer for the fix.
+
 ## v3.5.5 ##
 
   * Add thread profiling support

data/gem-public_cert.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDODCCAiCgAwIBAgIBADANBgkqhkiG9w0BAQUFADBCMREwDwYDVQQDDAhzZWN1
+cml0eTEYMBYGCgmSJomT8ixkARkWCG5ld3JlbGljMRMwEQYKCZImiZPyLGQBGRYD
+Y29tMB4XDTEzMDIxMjE5MDcwN1oXDTE0MDIxMjE5MDcwN1owQjERMA8GA1UEAwwI
+c2VjdXJpdHkxGDAWBgoJkiaJk/IsZAEZFghuZXdyZWxpYzETMBEGCgmSJomT8ixk
+ARkWA2NvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJyYRvlk1XUo
+8JhWQcE/v6RmpK//JbeKvTKnmWVUKz5oTDSOg/LKEhzChpJJVSOMJHCxd4OoxkIN
+pjQF5U2af1m5ONeN1j4p4MujbwNeqxsJmixGLK/BZ9xTnbpYAa6xCRN1UfEcu3O9
+jjLHX3c63ghldwRBn/c2ZD6anMtDeq3C5MLiycFs9h7JXOa3cTTHLZknkYIoHMKN
+EFri5zlks50lbeaVvFRm4IMrYWRsEwzLZWaMOy68BVZe0UlBBKSMnzJfWkbdRRcm
+xqu7viu4hrrCGjUmdHKnl6tf7BY7wqQyKjj+O5DhayKmKRuQcEX8QVnsM+ayqiVU
+EtMiwNScUnsCAwEAAaM5MDcwCQYDVR0TBAIwADAdBgNVHQ4EFgQUOauaMsU0Elp6
+hiUisj4l63ZunSUwCwYDVR0PBAQDAgSwMA0GCSqGSIb3DQEBBQUAA4IBAQAuwrHh
+jOjIfAQoEbGakiwHTeImqmC1EjBEWb1+U+rC2OcsSQ3+2Q0mGq2u3lAphAeLa6i5
+WXb5OdQqZY2aI7NgMxRG98/+TcIlAT8tDR0e6/+QBlBuDXP3YI5Nuhp5U4LEvghr
+jEPaEo0AFPc1JpSO/zKmktU+e9VRAE+q55gLthP8fe0uZvtGUn0KgDbXJyOuGlHF
+J93N937OcyA2rD8gR1qkr3/0/we1dwLZnL6kN4p8nGzPgXZgOHsmTdYZ2ryYowtb
+Kc9+v+QxnbZYpu2IaPXOvm3T8G4O6qZvhnLh/Uien++Dj8eFBecTPoM8pVjK3ph5
+n/EwuZCcE6ghtCCM
+-----END CERTIFICATE-----

data/lib/new_relic/agent.rb

@@ -123,6 +123,9 @@ module NewRelic
     # drop it and not try to resend
     class UnrecoverableServerException < ServerConnectionException; end
 
+    # An unrecoverable client-side error that prevents the agent from continuing
+    class UnrecoverableAgentException < ServerConnectionException; end
+
     # Reserved for future use.  Meant to represent a problem on the server side.
     class ServerError < StandardError; end
 

data/lib/new_relic/agent/agent.rb

@@ -224,8 +224,7 @@ module NewRelic
         # loop if it exists and is running.
         #
         # Options:
-        # :force_send => (true/false) # force the agent to send data
-        # before shutting down
+        # :force_send  => (true/false) # force the agent to send data
         def shutdown(options={})
           run_loop_before_exit = Agent.config[:force_send]
           return if not started?
@@ -238,7 +237,6 @@ module NewRelic
 
           # if litespeed, then ignore all future SIGUSR1 - it's
           # litespeed trying to shut us down
-
           if Agent.config[:dispatcher] == :litespeed
             Signal.trap("SIGUSR1", "IGNORE")
             Signal.trap("SIGTERM", "IGNORE")
@@ -686,6 +684,12 @@ module NewRelic
             disconnect
           end
 
+          def handle_unrecoverable_agent_error(error)
+            ::NewRelic::Agent.logger.error(error.message)
+            disconnect
+            shutdown
+          end
+
           # Checks whether we should send environment info, and if so,
           # returns the snapshot from the local environment
           def environment_for_connect
@@ -800,11 +804,9 @@ module NewRelic
               @traces = transaction_traces
             end
           end
-          if errors && errors.respond_to?(:any?) && errors.any?
-            if @unsent_errors
-              @unsent_errors = @unsent_errors + errors
-            else
-              @unsent_errors = errors
+          if errors && errors.respond_to?(:each)
+            errors.each do |err|
+              @error_collector.add_to_error_queue(err)
             end
           end
         end
@@ -842,6 +844,8 @@ module NewRelic
           @connect_state = :connected
         rescue NewRelic::Agent::LicenseException => e
           handle_license_error(e)
+        rescue NewRelic::Agent::UnrecoverableAgentException => e
+          handle_unrecoverable_agent_error(e)
         rescue Timeout::Error, StandardError => e
           log_error(e)
           if opts[:keep_retrying]
@@ -1024,13 +1028,16 @@ module NewRelic
         def transmit_data(disconnecting=false)
           now = Time.now
           ::NewRelic::Agent.logger.debug "Sending data to New Relic Service"
-          harvest_and_send_errors
-          harvest_and_send_slowest_sample
-          harvest_and_send_slowest_sql
-          harvest_and_send_timeslice_data
-          harvest_and_send_thread_profile(disconnecting)
 
-          check_for_agent_commands
+          @service.session do # use http keep-alive
+            harvest_and_send_errors
+            harvest_and_send_slowest_sample
+            harvest_and_send_slowest_sql
+            harvest_and_send_timeslice_data
+            harvest_and_send_thread_profile(disconnecting)
+
+            check_for_agent_commands
+          end
         rescue => e
           retry_count ||= 0
           retry_count += 1

data/lib/new_relic/agent/agent_logger.rb

@@ -32,6 +32,10 @@ module NewRelic
         @log.debug(format_messages(msgs))
       end
 
+      def is_startup_logger?
+        false
+      end
+
       # Allows for passing exceptions in explicitly, which format with backtrace
       def format_messages(msgs)
         msgs.map do |msg|
@@ -120,12 +124,16 @@ module NewRelic
       end
     end
 
-    # BBase class for startup logging and testing in multiverse
+    # Base class for startup logging and testing in multiverse
     class MemoryLogger
       def initialize
         @messages = []
       end
 
+      def is_startup_logger?
+        true
+      end
+
       attr_accessor :messages, :level
 
       def fatal(*msgs)

data/lib/new_relic/agent/configuration/defaults.rb

@@ -30,7 +30,7 @@ module NewRelic
             when 4
               :rails4
             else
-              Agent.logger.error "Detected unsupported Rails version #{Rails::VERSION::STRING}"
+              ::NewRelic::Agent::Agent.logger.error "Detected unsupported Rails version #{Rails::VERSION::STRING}"
             end
           when defined?(::Sinatra) && defined?(::Sinatra::Base) then :sinatra
           when defined?(::NewRelic::IA) then :external
@@ -55,8 +55,8 @@ module NewRelic
         :api_host               => 'rpm.newrelic.com',
         :port                   => Proc.new { self[:ssl] ? 443 : 80 },
         :api_port               => Proc.new { self[:port] },
-        :ssl                    => false,
-        :verify_certificate     => false,
+        :ssl                    => true,
+        :verify_certificate     => true,
         :sync_startup           => false,
         :send_data_on_exit      => true,
         :post_size_limit        => 2 * 1024 * 1024, # 2 megs

data/lib/new_relic/agent/configuration/mask_defaults.rb

@@ -4,6 +4,7 @@ module NewRelic
       MASK_DEFAULTS = {
         :'thread_profiler' =>         Proc.new { !NewRelic::Agent::ThreadProfiler.is_supported? },
         :'thread_profiler.enabled' => Proc.new { !NewRelic::Agent::ThreadProfiler.is_supported? },
+        :verify_certificate =>  Proc.new{ true }
       }
     end
   end

data/lib/new_relic/agent/error_collector.rb

@@ -21,6 +21,8 @@ module NewRelic
       # Returns a new error collector
       def initialize
         @errors = []
+        @seen_error_ids = []
+
         # lookup of exception class names to ignore.  Hash for fast access
         @ignore = {}
         @capture_source = Agent.config[:'error_collector.capture_source']
@@ -92,7 +94,11 @@ module NewRelic
         end
 
         # Increments a statistic that tracks total error rate
-        def increment_error_count!
+        # Be sure not to double-count same exception. This clears per harvest.
+        def increment_error_count!(exception)
+          return if @seen_error_ids.include?(exception.object_id)
+          @seen_error_ids << exception.object_id
+
           NewRelic::Agent.get_stats("Errors/all").increment_count
         end
 
@@ -102,7 +108,7 @@ module NewRelic
         def should_exit_notice_error?(exception)
           if enabled?
             if !error_is_ignored?(exception)
-              increment_error_count!
+              increment_error_count!(exception)
               return exception.nil? # exit early if the exception is nil
             end
           end
@@ -240,6 +246,9 @@ module NewRelic
           errors = @errors
           @errors = []
 
+          # Only expect to re-see errors on same request, so clear on harvest
+          @seen_error_ids = []
+
           if unsent_errors && !unsent_errors.empty?
             errors = unsent_errors + errors
           end

data/lib/new_relic/agent/instrumentation/browser_monitoring_timings.rb

@@ -4,12 +4,12 @@ module NewRelic
       class BrowserMonitoringTimings
 
         def initialize(queue_time_in_seconds, transaction)
-          @now = Time.now
+          @now = Time.now.to_i
           if transaction.nil?
             @start_time_in_seconds = 0.0
           else
             @transaction_name = transaction.transaction_name
-            @start_time_in_seconds = transaction.start_time
+            @start_time_in_seconds = transaction.start_time.to_i
           end
 
           @queue_time_in_seconds = clamp_to_positive(queue_time_in_seconds)

data/lib/new_relic/agent/instrumentation/rails3/action_controller.rb

@@ -149,7 +149,7 @@ DependencyDetection.defer do
 
       def render_with_newrelic(context, options)
         # This is needed for rails 3.2 compatibility
-        @details = extract_details(options) if respond_to? :extract_details
+        @details = extract_details(options) if respond_to? :extract_details, true
         identifier = determine_template(options) ? determine_template(options).identifier : nil
         str = "View/#{NewRelic::Agent::Instrumentation::Rails3::ActionView::NewRelic.template_metric(identifier, options)}/Rendering"
         trace_execution_scoped str do

data/lib/new_relic/agent/instrumentation/sinatra.rb

@@ -5,7 +5,8 @@ DependencyDetection.defer do
 
   depends_on do
     defined?(::Sinatra) && defined?(::Sinatra::Base) &&
-      Sinatra::Base.private_method_defined?(:dispatch!)
+      Sinatra::Base.private_method_defined?(:dispatch!) &&
+      Sinatra::Base.private_method_defined?(:process_route)
   end
 
   executes do
@@ -45,7 +46,14 @@ module NewRelic
           perform_action_with_newrelic_trace(:category => :sinatra,
                                              :name => txn_name,
                                              :params => @request.params) do
-            dispatch_without_newrelic
+            result = dispatch_without_newrelic
+
+            # Will only see an error raised if :show_exceptions is true, but
+            # will always see them in the env hash if they occur
+            had_error = env.has_key?('sinatra.error')
+            ::NewRelic::Agent.notice_error(env['sinatra.error']) if had_error
+
+            result
           end
         end
 

data/lib/new_relic/agent/new_relic_service.rb

@@ -29,7 +29,16 @@ module NewRelic
         Agent.config.register_callback(:'audit_log.enabled') do |enabled|
           @audit_logger.enabled = enabled
         end
-        
+        Agent.config.register_callback(:ssl) do |ssl|
+          if !ssl
+            ::NewRelic::Agent.logger.warn("Agent is configured not to use SSL when communicating with New Relic's servers")
+          elsif !Agent.config[:verify_certificate]
+            ::NewRelic::Agent.logger.warn("Agent is configured to use SSL but to skip certificate validation when communicating with New Relic's servers")
+          else
+            ::NewRelic::Agent.logger.debug("Agent is configured to use SSL")
+          end
+        end
+
         Agent.config.register_callback(:marshaller) do |marshaller|
           begin
             if marshaller == 'json'
@@ -106,6 +115,73 @@ module NewRelic
         [data, encoding]
       end
 
+      # One session with the service's endpoint.  In this case the session
+      # represents 1 tcp connection which may transmit multiple HTTP requests
+      # via keep-alive.
+      def session(&block)
+        raise ArgumentError, "#{self.class}#shared_connection must be passed a block" unless block_given?
+
+        http = create_http_connection
+
+        # Immediately open a TCP connection to the server and leave it open for
+        # multiple requests.
+        ::NewRelic::Agent.logger.debug("Opening TCP connection to #{http.address}:#{http.port}")
+        http.start
+        begin
+          @shared_tcp_connection = http
+          block.call
+        ensure
+          @shared_tcp_connection = nil
+          # Close the TCP socket
+          ::NewRelic::Agent.logger.debug("Closing TCP connection to #{http.address}:#{http.port}")
+          http.finish
+        end
+      end
+
+      # Return a Net::HTTP connection object to make a call to the collector.
+      # We'll reuse the same handle for cases where we're using keep-alive, or
+      # otherwise create a new one.
+      def http_connection
+        @shared_tcp_connection || create_http_connection
+      end
+
+      # Return the Net::HTTP with proxy configuration given the NewRelic::Control::Server object.
+      def create_http_connection
+        proxy_server = control.proxy_server
+        # Proxy returns regular HTTP if @proxy_host is nil (the default)
+        http_class = Net::HTTP::Proxy(proxy_server.name, proxy_server.port,
+                                      proxy_server.user, proxy_server.password)
+
+        http = http_class.new((@collector.ip || @collector.name), @collector.port)
+        if Agent.config[:ssl]
+          begin
+            # Jruby 1.6.8 requires a gem for full ssl support and will throw
+            # an error when use_ssl=(true) is called and jruby-openssl isn't
+            # installed
+            http.use_ssl = true
+            if Agent.config[:verify_certificate]
+              http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+              http.ca_file = cert_file_path
+            else
+              http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+            end
+          rescue StandardError, LoadError
+            msg = "Agent is configured to use SSL, but SSL is not available in the environment. "
+            msg << "Either disable SSL in the agent configuration, or install SSL support."
+            raise UnrecoverableAgentException.new(msg)
+          end
+        end
+        ::NewRelic::Agent.logger.debug("Created net/http handle to #{http.address}:#{http.port}")
+        http
+      end
+
+
+      # The path to the certificate file used to verify the SSL
+      # connection if verify_peer is enabled
+      def cert_file_path
+        File.expand_path(File.join(control.newrelic_root, 'cert', 'cacert.pem'))
+      end
+
       private
 
       # A shorthand for NewRelic::Control.instance
@@ -183,31 +259,33 @@ module NewRelic
         request.content_type = "application/octet-stream"
         request.body = opts[:data]
 
-        ::NewRelic::Agent.logger.debug "Connect to #{opts[:collector]}#{opts[:uri]}"
-
         response = nil
-        http = control.http_connection(@collector)
+        http = http_connection
         http.read_timeout = nil
         begin
           NewRelic::TimerLib.timeout(@request_timeout) do
+            ::NewRelic::Agent.logger.debug "Sending request to #{opts[:collector]}#{opts[:uri]}"
             response = http.request(request)
           end
         rescue Timeout::Error
           ::NewRelic::Agent.logger.warn "Timed out trying to post data to New Relic (timeout = #{@request_timeout} seconds)" unless @request_timeout < 30
           raise
         end
-        if response.is_a? Net::HTTPUnauthorized
+        case response
+        when Net::HTTPSuccess
+          true # fall through
+        when Net::HTTPUnauthorized
           raise LicenseException, 'Invalid license key, please contact support@newrelic.com'
-        elsif response.is_a? Net::HTTPServiceUnavailable
+        when Net::HTTPServiceUnavailable
           raise ServerConnectionException, "Service unavailable (#{response.code}): #{response.message}"
-        elsif response.is_a? Net::HTTPGatewayTimeOut
+        when Net::HTTPGatewayTimeOut
           ::NewRelic::Agent.logger.warn("Timed out getting response: #{response.message}")
           raise Timeout::Error, response.message
-        elsif response.is_a? Net::HTTPRequestEntityTooLarge
+        when Net::HTTPRequestEntityTooLarge
           raise UnrecoverableServerException, '413 Request Entity Too Large'
-        elsif response.is_a? Net::HTTPUnsupportedMediaType
+        when Net::HTTPUnsupportedMediaType
           raise UnrecoverableServerException, '415 Unsupported Media Type'
-        elsif !(response.is_a? Net::HTTPSuccess)
+        else
           raise ServerConnectionException, "Unexpected response from server (#{response.code}): #{response.message}"
         end
         response
@@ -216,6 +294,8 @@ module NewRelic
         raise NewRelic::Agent::ServerConnectionException, "Recoverable error connecting to the server: #{e}"
       end
 
+
+
       # Decompresses the response from the server, if it is gzip
       # encoded, otherwise returns it verbatim
       def decompress_response(response)