RubyGems - newrelic_rpm - Versions diffs - 3.9.1.236 → 3.9.2.239 - Mend

newrelic_rpm 3.9.1.236 → 3.9.2.239

Files changed (220) hide show

data/lib/new_relic/agent/configuration/dotted_hash.rb ADDED Viewed

@@ -0,0 +1,52 @@
+# encoding: utf-8
+# This file is distributed under New Relic's license terms.
+# See https://github.com/newrelic/rpm/blob/master/LICENSE for complete details.
+require 'new_relic/agent/configuration'
+module NewRelic
+  module Agent
+    module Configuration
+      class DottedHash < ::Hash
+        def initialize(hash, keep_nesting=false)
+          # Add the hash keys to our collection explicitly so they survive the
+          # dot flattening.  This is typical for full config source instances,
+          # but not for uses of DottedHash serializing for transmission.
+          self.merge!(hash) if keep_nesting
+          self.merge!(dot_flattened(hash))
+          DottedHash.symbolize(self)
+        end
+        def inspect
+          "#<#{self.class.name}:#{object_id} #{super}>"
+        end
+        def to_hash
+          {}.replace(self)
+        end
+        def self.symbolize(hash)
+          hash.keys.each do |key|
+            hash[key.to_sym] = hash.delete(key)
+          end
+        end
+        protected
+        # turns {'a' => {'b' => 'c'}} into {'a.b' => 'c'}
+        def dot_flattened(nested_hash, names=[], result={})
+          nested_hash.each do |key, val|
+            next if val == nil
+            if val.respond_to?(:has_key?)
+              dot_flattened(val, names + [key], result)
+            else
+              result[(names + [key]).join('.')] = val
+            end
+          end
+          result
+        end
+      end
+    end
+  end
+end

data/lib/new_relic/agent/configuration/environment_source.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module NewRelic
   module Agent
     module Configuration
       class EnvironmentSource < DottedHash
-        SUPPORTED_PREFIXES = /^new_relic_|newrelic_/i
+        SUPPORTED_PREFIXES = /^new_relic_|^newrelic_/i
         attr_accessor :alias_map, :type_map

data/lib/new_relic/agent/configuration/manager.rb CHANGED Viewed

@@ -189,6 +189,101 @@ module NewRelic
           end
         end
+        MALFORMED_LABELS_WARNING = "Skipping malformed labels configuration"
+        PARSING_LABELS_FAILURE   = "Failure during parsing labels. Ignoring and carrying on with connect."
+        MAX_LABEL_COUNT  = 64
+        MAX_LABEL_LENGTH = 255
+        def parsed_labels
+          case NewRelic::Agent.config[:labels]
+          when String
+            parse_labels_from_string
+          else
+            parse_labels_from_dictionary
+          end
+        rescue => e
+          NewRelic::Agent.logger.error(PARSING_LABELS_FAILURE, e)
+          []
+        end
+        def parse_labels_from_string
+          labels = NewRelic::Agent.config[:labels]
+          label_pairs = break_label_string_into_pairs(labels)
+          make_label_hash(label_pairs, labels)
+        end
+        def break_label_string_into_pairs(labels)
+          # Strip whitespaces immediately before and after colons or semicolons
+          stripped_labels = labels.gsub(/\s*(:|;)\s*/, '\1')
+          stripped_labels.split(';').map do |pair|
+            pair.split(':')
+          end
+        end
+        def valid_label_pairs?(label_pairs)
+          label_pairs.all? do |pair|
+            pair.length == 2 &&
+              valid_label_item?(pair.first) &&
+              valid_label_item?(pair.last)
+          end
+        end
+        def valid_label_item?(item)
+          case item
+          when String  then !item.empty?
+          when Numeric then true
+          when true    then true
+          when false   then true
+          else false
+          end
+        end
+        def make_label_hash(pairs, labels = nil)
+          # This can accept a hash, so force it down to an array of pairs first
+          pairs = Array(pairs)
+          unless valid_label_pairs?(pairs)
+            NewRelic::Agent.logger.warn("#{MALFORMED_LABELS_WARNING}: #{labels||pairs}")
+            return []
+          end
+          pairs = limit_number_of_labels(pairs)
+          pairs.map do |key, value|
+            {
+              'label_type'  => truncate(key),
+              'label_value' => truncate(value.to_s, key)
+            }
+          end
+        end
+        def truncate(text, key=nil)
+          if text.length > MAX_LABEL_LENGTH
+            if key
+              msg = "The value for the label '#{key}' is longer than the allowed #{MAX_LABEL_LENGTH} and will be truncated. Value = '#{text}'"
+            else
+              msg = "Label name longer than the allowed #{MAX_LABEL_LENGTH} will be truncated. Name = '#{text}'"
+            end
+            NewRelic::Agent.logger.warn(msg)
+            text[0..MAX_LABEL_LENGTH-1]
+          else
+            text
+          end
+        end
+        def limit_number_of_labels(pairs)
+          if pairs.length > MAX_LABEL_COUNT
+            NewRelic::Agent.logger.warn("Too many labels defined. Only taking first #{MAX_LABEL_COUNT}")
+            pairs[0...64]
+          else
+            pairs
+          end
+        end
+        def parse_labels_from_dictionary
+          make_label_hash(NewRelic::Agent.config[:labels])
+        end
         # Generally only useful during initial construction and tests
         def reset_to_defaults
           @high_security_source = nil
@@ -247,8 +342,12 @@ module NewRelic
           stack.compact!
-          @configs_for_testing.each do |config, index|
-            stack.insert(index, config)
+          @configs_for_testing.each do |config, at_start|
+            if at_start
+              stack.insert(0, config)
+            else
+              stack.push(config)
+            end
           end
           stack

data/lib/new_relic/agent/configuration/manual_source.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# encoding: utf-8
+# This file is distributed under New Relic's license terms.
+# See https://github.com/newrelic/rpm/blob/master/LICENSE for complete details.
+require 'new_relic/agent/configuration/dotted_hash'
+module NewRelic
+  module Agent
+    module Configuration
+      class ManualSource < DottedHash
+        def initialize(hash)
+          super(hash, true)
+        end
+      end
+    end
+  end
+end

data/lib/new_relic/agent/configuration/server_source.rb CHANGED Viewed

@@ -12,7 +12,8 @@ module NewRelic
               # when value is "apdex_f" remove the config and defer to default
               hash['agent_config'].delete('transaction_tracer.transaction_threshold')
             end
-            super(hash.delete('agent_config'))
+            hoist_agent_config(hash)
           end
           if hash['web_transactions_apdex']
@@ -38,15 +39,22 @@ module NewRelic
           gated_features.each do |feature, gate_key|
             if server_config.has_key?(gate_key)
               allowed_by_server = server_config[gate_key]
-              requested_value = ungated_value(feature, existing_config)
+              requested_value = ungated_value(feature, server_config, existing_config)
               effective_value = (allowed_by_server && requested_value)
               server_config[feature] = effective_value
             end
           end
         end
-        def ungated_value(key, existing_config)
-          self.has_key?(key) ? self[key] : existing_config[key]
+        def ungated_value(key, server_config, existing_config)
+          server_config.has_key?(key) ? server_config[key] : existing_config[key]
+        end
+        # Move agent_config subkey to top level of hash, symbolizing it too
+        def hoist_agent_config(hash)
+          agent_config = hash.delete('agent_config')
+          DottedHash.symbolize(agent_config)
+          hash.merge!(agent_config)
         end
       end
     end

data/lib/new_relic/agent/configuration/yaml_source.rb CHANGED Viewed

@@ -17,33 +17,18 @@ module NewRelic
             @file_path = validate_config_file_path(path)
             return unless @file_path
-            ::NewRelic::Agent.logger.info("Reading configuration from #{path}")
-            file = File.read(@file_path)
-            # Next two are for populating the newrelic.yml via erb binding, necessary
-            # when using the default newrelic.yml file
-            generated_for_user = ''
-            license_key = ''
-            erb = ERB.new(file).result(binding)
-            confighash = with_yaml_engine { YAML.load(erb) }
-            ::NewRelic::Agent.logger.error("Config (#{path}) doesn't include a '#{env}' environment!") unless
-              confighash.key?(env)
-            config = merge!(confighash[env] || {})
+            ::NewRelic::Agent.logger.info("Reading configuration from #{path} (#{Dir.pwd})")
+            raw_file = File.read(@file_path)
+            erb_file = process_erb(raw_file)
+            config   = process_yaml(erb_file, env, config)
           rescue ScriptError, StandardError => e
-            ::NewRelic::Agent.logger.error("Failed to read or parse configuration file at #{path}: #{e}")
-          end
-          if config['transaction_tracer'] &&
-              config['transaction_tracer']['transaction_threshold'] =~ /apdex_f/i
-            # when value is "apdex_f" remove the config and defer to default
-            config['transaction_tracer'].delete('transaction_threshold')
+            ::NewRelic::Agent.logger.error("Failed to read or parse configuration file at #{path}", e)
           end
+          substitute_transaction_threshold(config)
           booleanify_values(config, 'agent_enabled', 'enabled', 'monitor_daemons')
-          super(config)
+          super(config, true)
         end
         protected
@@ -82,6 +67,44 @@ module NewRelic
           )
         end
+        def process_erb(file)
+          begin
+            # Exclude lines that are commented out so failing Ruby code in an
+            # ERB template commented at the YML level is fine. Leave the line,
+            # though, so ERB line numbers remain correct.
+            file.gsub!(/^\s*#.*$/, '#')
+            # Next two are for populating the newrelic.yml via erb binding, necessary
+            # when using the default newrelic.yml file
+            generated_for_user = ''
+            license_key = ''
+            ERB.new(file).result(binding)
+          rescue ScriptError, StandardError => e
+            ::NewRelic::Agent.logger.error("Failed ERB processing configuration file. This is typically caused by a Ruby error in <% %> templating blocks in your newrelic.yml file.", e)
+            nil
+          end
+        end
+        def process_yaml(file, env, config)
+          if file
+            confighash = with_yaml_engine { YAML.load(file) }
+            ::NewRelic::Agent.logger.error("Config (#{path}) doesn't include a '#{env}' environment!") unless confighash.key?(env)
+            config = confighash[env] || {}
+          end
+          config
+        end
+        def substitute_transaction_threshold(config)
+          if config['transaction_tracer'] &&
+              config['transaction_tracer']['transaction_threshold'] =~ /apdex_f/i
+            # when value is "apdex_f" remove the config and defer to default
+            config['transaction_tracer'].delete('transaction_threshold')
+          end
+        end
         def with_yaml_engine
           return yield unless NewRelic::LanguageSupport.needs_syck?
@@ -92,6 +115,7 @@ module NewRelic
           result
         end
         def booleanify_values(config, *keys)
           # auto means defer ro default
           keys.each do |option|

data/lib/new_relic/agent/cross_app_monitor.rb CHANGED Viewed

@@ -59,7 +59,7 @@ module NewRelic
           end
         end
-        events.subscribe(:after_call) do |env, (status_code, headers, body)| #THREAD_LOCAL_ACCESS
+        events.subscribe(:after_call) do |env, (_status_code, headers, _body)| #THREAD_LOCAL_ACCESS
           state = NewRelic::Agent::TransactionState.tl_get
           insert_response_header(state, env, headers)

data/lib/new_relic/agent/cross_app_tracing.rb CHANGED Viewed

@@ -249,7 +249,7 @@ module NewRelic
       # Return the set of metric objects appropriate for the given cross app
       # +response+.
       def metrics_for_crossapp_response( request, response )
-        xp_id, txn_name, q_time, r_time, req_len, _ = extract_appdata( response )
+        xp_id, txn_name, _q_time, _r_time, _req_len, _ = extract_appdata( response )
         check_crossapp_id( xp_id )
         check_transaction_name( txn_name )

data/lib/new_relic/agent/database/obfuscation_helpers.rb CHANGED Viewed

@@ -6,30 +6,71 @@ module NewRelic
   module Agent
     module Database
       module ObfuscationHelpers
-        NUMERICS = /\b\d+\b/
-        SINGLE_QUOTES = /'(?:[^']|'')*'/
-        DOUBLE_QUOTES = /"(?:[^"]|"")*"/
+        # Note that the following two regexes are applied to a reversed version
+        # of the query. This is why the backslash escape sequences (\' and \")
+        # appear reversed within them.
+        #
+        # Note that some database adapters (notably, PostgreSQL with
+        # standard_conforming_strings on and MySQL with NO_BACKSLASH_ESCAPES on)
+        # do not apply special treatment to backslashes within quoted string
+        # literals. We don't have an easy way of determining whether the
+        # database connection from which a query was captured was operating in
+        # one of these modes, but the obfuscation is done in such a way that it
+        # should not matter.
+        #
+        # Reversing the query string before obfuscation allows us to get around
+        # the fact that a \' appearing within a string may or may not terminate
+        # the string, because we know that a string cannot *start* with a \'.
+        REVERSE_SINGLE_QUOTES_REGEX = /'(?:''|'\\|[^'])*'/
+        REVERSE_ANY_QUOTES_REGEX    = /'(?:''|'\\|[^'])*'|"(?:""|"\\|[^"])*"/
-        def remove_escaped_quotes(sql)
-          sql.gsub(/\\"/, '').gsub(/\\'/, '')
-        end
+        NUMERICS_REGEX = /\b\d+\b/
+        # We take a conservative, overly-aggressive approach to obfuscating
+        # comments, and drop everything from the query after encountering any
+        # character sequence that could be a comment initiator. We do this after
+        # removal of string literals to avoid accidentally over-obfuscating when
+        # a string literal contains a comment initiator.
+        SQL_COMMENT_REGEX = Regexp.new('(?:/\*|--|#).*', Regexp::MULTILINE).freeze
+        # We use these to check whether the query contains any quote characters
+        # after obfuscation. If so, that's a good indication that the original
+        # query was malformed, and so our obfuscation can't reliabily find
+        # literals. In such a case, we'll replace the entire query with a
+        # placeholder.
+        LITERAL_SINGLE_QUOTE = "'".freeze
+        LITERAL_DOUBLE_QUOTE = '"'.freeze
+        PLACEHOLDER = '?'.freeze
         def obfuscate_single_quote_literals(sql)
-          sql.gsub(SINGLE_QUOTES, '?')
+          obfuscated = sql.reverse
+          obfuscated.gsub!(REVERSE_SINGLE_QUOTES_REGEX, PLACEHOLDER)
+          obfuscated.reverse!
+          obfuscated
         end
-        def obfuscate_double_quote_literals(sql)
-          sql.gsub(DOUBLE_QUOTES, '?')
+        def obfuscate_quoted_literals(sql)
+          obfuscated = sql.reverse
+          obfuscated.gsub!(REVERSE_ANY_QUOTES_REGEX, PLACEHOLDER)
+          obfuscated.reverse!
+          obfuscated
         end
         def obfuscate_numeric_literals(sql)
-          sql.gsub(NUMERICS, "?")
+          sql.gsub(NUMERICS_REGEX, PLACEHOLDER)
+        end
+        def remove_comments(sql)
+          sql.gsub(SQL_COMMENT_REGEX, PLACEHOLDER)
+        end
+        def contains_single_quotes?(str)
+          str.include?(LITERAL_SINGLE_QUOTE)
         end
-        def find_literals(sql)
-          literals = sql.scan(NUMERICS)
-          literals << sql.scan(SINGLE_QUOTES)
-          literals.flatten
+        def contains_quotes?(str)
+          str.include?(LITERAL_SINGLE_QUOTE) || str.include?(LITERAL_DOUBLE_QUOTE)
         end
       end
     end

data/lib/new_relic/agent/database/obfuscator.rb CHANGED Viewed

@@ -13,6 +13,9 @@ module NewRelic
         attr_reader :obfuscator
+        QUERY_TOO_LARGE_MESSAGE     = "Query too large (over 16k characters) to safely obfuscate"
+        FAILED_TO_OBFUSCATE_MESSAGE = "Failed to obfuscate SQL query - quote characters remained after obfuscation"
         def initialize
           reset
         end
@@ -46,17 +49,29 @@ module NewRelic
         def default_sql_obfuscator(sql)
           if sql[-3,3] == '...'
-            return "Query too large (over 16k characters) to safely obfuscate"
+            return QUERY_TOO_LARGE_MESSAGE
           end
           stmt = sql.kind_of?(Statement) ? sql : Statement.new(sql)
-          adapter = stmt.adapter
-          obfuscated = remove_escaped_quotes(stmt)
-          obfuscated = obfuscate_single_quote_literals(obfuscated)
-          if !(adapter.to_s =~ /postgres/ || adapter.to_s =~ /sqlite/)
-            obfuscated = obfuscate_double_quote_literals(obfuscated)
+          obfuscate_double_quotes = stmt.adapter.to_s !~ /postgres|sqlite/
+          obfuscated = obfuscate_numeric_literals(stmt)
+          if obfuscate_double_quotes
+            obfuscated = obfuscate_quoted_literals(obfuscated)
+            obfuscated = remove_comments(obfuscated)
+            if contains_quotes?(obfuscated)
+              obfuscated = FAILED_TO_OBFUSCATE_MESSAGE
+            end
+          else
+            obfuscated = obfuscate_single_quote_literals(obfuscated)
+            obfuscated = remove_comments(obfuscated)
+            if contains_single_quotes?(obfuscated)
+              obfuscated = FAILED_TO_OBFUSCATE_MESSAGE
+            end
           end
-          obfuscated = obfuscate_numeric_literals(obfuscated)
           obfuscated.to_s # return back to a regular String
         end
       end