newrelic_rpm 3.9.0.229 → 3.9.1.236

data/test/multiverse/suites/high_security/high_security_test.rb

@@ -0,0 +1,64 @@
+# encoding: utf-8
+# This file is distributed under New Relic's license terms.
+# See https://github.com/newrelic/rpm/blob/master/LICENSE for complete details.
+
+require 'multiverse_helpers'
+
+# These tests are designed to work in conjunction with a local newrelic.yml
+# file set with "insecure" settings and the server returning "insecure" values,
+# and confirm that high security changes the actual agent behavior, not just
+# the settings in question.
+class HighSecurityTest < Minitest::Test
+
+  include MultiverseHelpers
+
+  setup_and_teardown_agent do |collector|
+    # Because our tests will default to using SSL, we need to stub that out
+    # on our HTTP connects to the fake collector which doesn't have SSL...
+    Net::HTTPSession.any_instance.expects('use_ssl=').with(true).at_least_once
+
+    collector.stub('connect', {
+      "agent_run_id" => 1,
+      "listen_to_server_config" => true,
+
+      "agent_config" => {
+        "capture_params" => true,
+      }
+    }, 200)
+  end
+
+  def test_connects_via_ssl_no_matter_what
+    # Expectation is set in setup since we all need to sidestep the use_ssl=
+    # setting, and mocking gets weird if we call `stubs` then try to `expects`
+    NewRelic::Agent.manual_start(:ssl => false)
+  end
+
+  def test_sends_high_security_flag_in_connect
+    data = $collector.calls_for('connect')
+    assert data.first.body["high_security"]
+  end
+
+  def test_disallows_server_config_from_overriding_high_security
+    refute NewRelic::Agent.config[:capture_params]
+  end
+
+  def test_doesnt_capture_params
+    in_transaction(:filtered_params => { "loose" => "params" }) do
+      # no-op
+    end
+    assert_empty last_transaction_trace_request_params
+  end
+
+  def test_doesnt_record_custom_parameters
+    in_transaction do
+      NewRelic::Agent::TransactionState.tl_get.is_cross_app_caller = true
+      NewRelic::Agent.add_custom_parameters(:not => "allowed")
+    end
+
+    assert_nil last_transaction_trace.params[:custom_params][:not]
+    refute_nil last_transaction_trace.params[:custom_params][:cpu_time]
+    refute_nil last_transaction_trace.params[:custom_params][:'nr.trip_id']
+    refute_nil last_transaction_trace.params[:custom_params][:'nr.path_hash']
+  end
+
+end

data/test/multiverse/suites/rails/action_controller_live_rum_test.rb

@@ -0,0 +1,39 @@
+# encoding: utf-8
+# This file is distributed under New Relic's license terms.
+# See https://github.com/newrelic/rpm/blob/master/LICENSE for complete details.
+
+require './app'
+
+if defined?(ActionController::Live)
+
+class UndeadController < ApplicationController
+  RESPONSE_BODY = "<html><head></head><body>Brains!</body></html>"
+
+  def brains
+    render :inline => RESPONSE_BODY
+  end
+end
+
+class LiveController < UndeadController
+  include ActionController::Live
+end
+
+class ActionControllerLiveRumTest < RailsMultiverseTest
+  include MultiverseHelpers
+
+  JS_LOADER = "JS LOADER IN DA HOUSE"
+
+  setup_and_teardown_agent(:js_agent_loader => JS_LOADER, :beacon => "beacon", :browser_key => "key")
+
+  def test_rum_instrumentation_when_not_streaming
+    get '/undead/brains'
+    assert_includes(response.body, JS_LOADER)
+  end
+
+  def test_excludes_rum_instrumentation_when_streaming_with_action_controller_live
+    get '/live/brains'
+    assert_equal(LiveController::RESPONSE_BODY, response.body)
+  end
+end
+
+end

data/test/multiverse/suites/rails/bad_instrumentation_test.rb

@@ -11,7 +11,9 @@ class BadInstrumentationController < ApplicationController
   # to fail.
   # https://newrelic.atlassian.net/browse/RUBY-1158
   def failwhale
-    NewRelic::Agent::TracedMethodStack.tl_push_frame('failwhale', Time.now)
+    state = NewRelic::Agent::TransactionState.tl_get
+    stack = state.traced_method_stack
+    stack.push_frame(state, 'failwhale')
     render :text => 'everything went great'
   end
 end

data/test/multiverse/suites/rails/parameter_capture_test.rb

@@ -146,24 +146,4 @@ class ParameterCaptureTest < RailsMultiverseTest
     end
     assert_equal('/parameter_capture/sql', last_sql_trace.url)
   end
-
-  def last_traced_error
-    NewRelic::Agent.agent.error_collector.errors.last
-  end
-
-  def last_traced_error_request_params
-    last_traced_error.params[:request_params]
-  end
-
-  def last_transaction_trace
-    NewRelic::Agent.agent.transaction_sampler.last_sample
-  end
-
-  def last_transaction_trace_request_params
-    last_transaction_trace.params[:request_params]
-  end
-
-  def last_sql_trace
-    NewRelic::Agent.agent.sql_sampler.sql_traces.values.last
-  end
 end

data/test/new_relic/agent/agent/connect_test.rb

@@ -149,36 +149,31 @@ class NewRelic::Agent::Agent::ConnectTest < Minitest::Test
 
   def test_set_sql_recording_default
     with_config(:'transaction_tracer.record_sql' => 'obfuscated') do
-      assert_equal(:obfuscated, NewRelic::Agent::Database.record_sql_method,
-                   "should default to :obfuscated, was #{NewRelic::Agent::Database.record_sql_method}")
+      assert_equal(:obfuscated, NewRelic::Agent::Database.record_sql_method)
     end
   end
 
   def test_set_sql_recording_off
     with_config(:'transaction_tracer.record_sql' => 'off') do
-      assert_equal(:off, NewRelic::Agent::Database.record_sql_method,
-                   "should be set to :off, was #{NewRelic::Agent::Database.record_sql_method}")
+      assert_equal(:off, NewRelic::Agent::Database.record_sql_method)
     end
   end
 
   def test_set_sql_recording_none
     with_config(:'transaction_tracer.record_sql' => 'none') do
-      assert_equal(:off, NewRelic::Agent::Database.record_sql_method,
-                   "should be set to :off, was #{NewRelic::Agent::Database.record_sql_method}")
+      assert_equal(:off, NewRelic::Agent::Database.record_sql_method)
     end
   end
 
   def test_set_sql_recording_raw
     with_config(:'transaction_tracer.record_sql' => 'raw') do
-      assert_equal(:raw, NewRelic::Agent::Database.record_sql_method,
-                   "should be set to :raw, was #{NewRelic::Agent::Database.record_sql_method}")
+      assert_equal(:raw, NewRelic::Agent::Database.record_sql_method)
     end
   end
 
   def test_set_sql_recording_falsy
     with_config(:'transaction_tracer.record_sql' => false) do
-      assert_equal(:off, NewRelic::Agent::Database.record_sql_method,
-                   "should be set to :off, was #{NewRelic::Agent::Database.record_sql_method}")
+      assert_equal(:off, NewRelic::Agent::Database.record_sql_method)
     end
   end
 

data/test/new_relic/agent/agent_test.rb

@@ -300,6 +300,16 @@ module NewRelic
         @agent.send(:connect, :force_reconnect => true)
       end
 
+      def test_connect_logs_error_for_all_exceptions
+        bad = Class.new(Exception)
+        @agent.stubs(:should_connect?).raises(bad)
+        ::NewRelic::Agent.logger.expects(:error).once
+
+        assert_raises(bad) do
+          @agent.send(:connect)
+        end
+      end
+
       def test_connect_settings
         settings = @agent.connect_settings
         assert settings.include?(:pid)
@@ -309,6 +319,7 @@ module NewRelic
         assert settings.include?(:agent_version)
         assert settings.include?(:environment)
         assert settings.include?(:settings)
+        assert settings.include?(:high_security)
       end
 
       def test_connect_settings_checks_environment_report_can_marshal

data/test/new_relic/agent/browser_token_test.rb

@@ -17,27 +17,31 @@ module NewRelic::Agent
     end
 
     def test_get_token_with_embedded_tags_sanitized
-      assert_token("", 'NRAGENT' => 'tk=1234<tag>evil</tag>5678')
+      assert_token(nil, 'NRAGENT' => 'tk=1234<tag>evil</tag>5678')
     end
 
     def test_get_token_with_embedded_utf8_js_sanitized
-      assert_token("1234&amp;#34&amp;#93&amp;#41&amp;#595678", 'NRAGENT' => "tk=1234&#34&#93&#41&#595678")
+      assert_token(nil, 'NRAGENT' => "tk=1234&#34&#93&#41&#595678")
+    end
+
+    def test_get_token_with_embedded_utf7_js_sanitized
+      assert_token(nil, 'NRAGENT' => 'tk=+ADw-SCRIPT+AD4-alert(1)+ADw-/SCRIPT+AD4-')
     end
 
     def test_get_token_replaces_double_quoted_token_with_empty_string
-      assert_token("", 'NRAGENT' => 'tk="""deadbeef"""')
+      assert_token(nil, 'NRAGENT' => 'tk="""deadbeef"""')
     end
 
     def test_get_token_replaces_single_quoted_token_with_empty_string
-      assert_token("", 'NRAGENT' => "tk='''deadbeef'''")
+      assert_token(nil, 'NRAGENT' => "tk='''deadbeef'''")
     end
 
     def test_get_token_replaces_token_started_with_multiple_Lt_with_empty_string
-      assert_token("", 'NRAGENT' => 'tk=<<<deadbeef')
+      assert_token(nil, 'NRAGENT' => 'tk=<<<deadbeef')
     end
 
     def test_get_token_replaces_token_started_with_multiple_gt_with_empty_string
-      assert_token("", 'NRAGENT' => 'tk=>>>deadbeef')
+      assert_token(nil, 'NRAGENT' => 'tk=>>>deadbeef')
     end
 
     def test_get_token_bare_value_replaced_with_nil

data/test/new_relic/agent/configuration/default_source_test.rb

@@ -54,6 +54,12 @@ module NewRelic::Agent::Configuration
       end
     end
 
+    def test_config_search_paths_include_application_root
+      NewRelic::Control.instance.stubs(:root).returns('app_root')
+      paths = DefaultSource.config_search_paths.call
+      assert paths.any? { |p| p.include? 'app_root' }
+    end
+
     def fetch_config_value(key)
       accessor = key.to_sym
       config = @default_source

data/test/new_relic/agent/configuration/high_security_source_test.rb

@@ -0,0 +1,83 @@
+# encoding: utf-8
+# This file is distributed under New Relic's license terms.
+# See https://github.com/newrelic/rpm/blob/master/LICENSE for complete details.
+
+require File.expand_path(File.join(File.dirname(__FILE__),'..','..','..','test_helper'))
+require 'new_relic/agent/configuration/high_security_source'
+
+module NewRelic::Agent::Configuration
+  class HighSecuritySourceTest < Minitest::Test
+    def test_leaves_obfuscated_record_sql_parameters
+      local_settings = {
+        :'transaction_tracer.record_sql' => 'obfuscated',
+        :'slow_sql.record_sql'           => 'obfuscated'
+      }
+
+      source = HighSecuritySource.new(local_settings)
+
+      assert_equal('obfuscated', source[:'transaction_tracer.record_sql'])
+      assert_equal('obfuscated', source[:'slow_sql.record_sql'])
+    end
+
+    def test_leaves_off_record_sql_parameters
+      local_settings = {
+        :'transaction_tracer.record_sql' => 'off',
+        :'slow_sql.record_sql'           => 'off'
+      }
+
+      source = HighSecuritySource.new(local_settings)
+
+      assert_equal('off', source[:'transaction_tracer.record_sql'])
+      assert_equal('off', source[:'slow_sql.record_sql'])
+    end
+
+    def test_changes_raw_record_sql_to_obfuscated
+      local_settings = {
+        :'transaction_tracer.record_sql' => 'raw',
+        :'slow_sql.record_sql'           => 'raw'
+      }
+
+      source = HighSecuritySource.new(local_settings)
+
+      assert_equal('obfuscated', source[:'transaction_tracer.record_sql'])
+      assert_equal('obfuscated', source[:'slow_sql.record_sql'])
+    end
+
+    def test_forces_unrecognized_values_to_off
+      local_settings = {
+        :'transaction_tracer.record_sql' => 'jibberish',
+        :'slow_sql.record_sql'           => 'junk'
+      }
+
+      expects_logging(:info, includes('jibberish'))
+
+      source = HighSecuritySource.new(local_settings)
+
+      assert_equal('off', source[:'transaction_tracer.record_sql'])
+      assert_equal('off', source[:'slow_sql.record_sql'])
+    end
+
+    def test_logs_when_changing_raw_to_obfuscated
+      local_settings = {
+        :'transaction_tracer.record_sql' => 'raw',
+        :'slow_sql.record_sql'           => 'raw'
+      }
+
+      expects_logging(:info, all_of(includes('raw'), includes('obfuscated')))
+
+      HighSecuritySource.new(local_settings)
+    end
+
+    def test_no_logging_when_allowed_values
+      local_settings = {
+        :'transaction_tracer.record_sql' => 'off',
+        :'slow_sql.record_sql'           => 'obfuscated'
+      }
+
+      expects_no_logging(:info)
+
+      HighSecuritySource.new(local_settings)
+    end
+
+  end
+end

data/test/new_relic/agent/configuration/manager_test.rb

@@ -45,16 +45,20 @@ module NewRelic::Agent::Configuration
 
     def test_sources_applied_in_correct_order
       # in order of precedence
-      server_source = ServerSource.new(:foo => 'foo'                )
-      manual_source = ManualSource.new(:foo => 'bad' , :bar => 'bar')
+      high_security = HighSecuritySource.new({})
+      server_source = ServerSource.new(:foo => 'foo', :capture_params => true)
+      manual_source = ManualSource.new(:foo => 'bad', :bar => 'bar',
+                                       :capture_params => true)
 
       # load them out of order, just to prove that load order
       # doesn't determine precedence
       @manager.replace_or_add_config(manual_source)
       @manager.replace_or_add_config(server_source)
+      @manager.replace_or_add_config(high_security)
 
       assert_equal 'foo', @manager['foo']
       assert_equal 'bar', @manager['bar']
+      assert_equal false, @manager['capture_params']
     end
 
     def test_identifying_config_source
@@ -276,6 +280,7 @@ module NewRelic::Agent::Configuration
       refute @manager.config_classes_for_testing.include?(ManualSource)
       refute @manager.config_classes_for_testing.include?(ServerSource)
       refute @manager.config_classes_for_testing.include?(YamlSource)
+      refute @manager.config_classes_for_testing.include?(HighSecuritySource)
     end
   end
 end

data/test/new_relic/agent/cross_app_monitor_test.rb

@@ -208,6 +208,22 @@ module NewRelic::Agent
       assert_metrics_recorded(["ClientApplication/#{REQUEST_CROSS_APP_ID}/all"])
     end
 
+    def test_path_hash
+      with_config(:app_name => 'test') do
+        h0 = @monitor.path_hash('23547', 0)
+        h1 = @monitor.path_hash('step1', 0)
+        h2 = @monitor.path_hash('step2', h1.to_i(16))
+        h3 = @monitor.path_hash('step3', h2.to_i(16))
+        h4 = @monitor.path_hash('step4', h3.to_i(16))
+
+        assert_equal("eaaec1df", h0)
+        assert_equal("2e9a0b02", h1)
+        assert_equal("01d3f0eb", h2)
+        assert_equal("9a1b45e5", h3)
+        assert_equal("e9eecfee", h4)
+      end
+    end
+
     #
     # Helpers
     #
@@ -241,7 +257,7 @@ module NewRelic::Agent
 
     def for_id(id)
       encoded_id = id == "" ? "" : Base64.encode64(id)
-      encoded_txn_info = Base64.encode64( NewRelic::JSONWrapper.dump([ REF_TRANSACTION_GUID, false ]) )
+      encoded_txn_info = json_dump_and_encode([ REF_TRANSACTION_GUID, false ])
 
       return {
         NEWRELIC_ID_HEADER => encoded_id,

data/test/new_relic/agent/cross_app_tracing_test.rb

@@ -17,18 +17,19 @@ module NewRelic
                                    :type => "Fake",
                                    :method => "GET")
         @response = stub_everything
+        @state = NewRelic::Agent::TransactionState.tl_get
       end
 
       def test_start_trace
-        t0, segment = CrossAppTracing.start_trace(request)
-        refute_nil t0
+        t0      = Time.now
+        segment = CrossAppTracing.start_trace(@state, t0, request)
         refute_nil segment
       end
 
-      def test_start_trace_has_time_even_on_agent_failure
-        NewRelic::Agent::TracedMethodStack.stubs(:tl_push_frame).raises("Boom!")
-        t0, segment = CrossAppTracing.start_trace(request)
-        refute_nil t0
+      def test_start_trace_has_nil_segment_on_agent_failure
+        @state.traced_method_stack.stubs(:push_frame).raises("Boom!")
+        t0      = Time.now
+        segment = CrossAppTracing.start_trace(@state, t0, request)
         assert_nil segment
       end
 
@@ -37,24 +38,24 @@ module NewRelic
 
       def test_finish_trace_allows_nil_segment
         expects_no_logging(:error)
-        CrossAppTracing.finish_trace(Time.now, nil, request, response)
+        CrossAppTracing.finish_trace(@state, Time.now, nil, request, response)
       end
 
       def test_finish_trace_allows_nil_request
         expects_no_logging(:error)
         expects_pop_frame
-        CrossAppTracing.finish_trace(Time.now, segment, nil, response)
+        CrossAppTracing.finish_trace(@state, Time.now, segment, nil, response)
       end
 
       def test_finish_trace_allows_nil_response
         expects_no_logging(:error)
         expects_pop_frame
-        CrossAppTracing.finish_trace(Time.now, segment, request, nil)
+        CrossAppTracing.finish_trace(@state, Time.now, segment, request, nil)
       end
 
 
       def expects_pop_frame
-        NewRelic::Agent::TracedMethodStack.stubs(:tl_pop_frame).once
+        @state.traced_method_stack.stubs(:pop_frame).once
       end
     end
   end