RubyGems - newrelic_security - Versions diffs - 0.1.0 - Mend

newrelic_security 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (205) hide show

data/lib/newrelic_security/instrumentation-security/mongo/prepend.rb ADDED Viewed

@@ -0,0 +1,77 @@
+module NewRelic::Security
+  module Instrumentation
+    module Mongo
+      module Collection
+        module Prepend
+          include NewRelic::Security::Instrumentation::Mongo::Collection
+          def find(filter = nil, options = {})
+            retval = nil
+            event = find_on_enter(filter, options) { retval = super }
+            find_on_exit(event) { return retval }
+          end
+          def insert_one(document, opts = {})
+            retval = nil
+            event = insert_one_on_enter(document, opts) { retval = super }
+            insert_one_on_exit(event) { return retval }
+          end
+          def insert_many(documents, options = {})
+            retval = nil
+            event = insert_many_on_enter(documents, options) { retval = super }
+            insert_many_on_exit(event) { return retval }
+          end
+        end
+        module View
+          module Prepend
+            include NewRelic::Security::Instrumentation::Mongo::Collection::View
+            def update_one(spec, opts = {})
+              retval = nil
+              event = update_one_on_enter(spec, opts) { retval = super }
+              update_one_on_exit(event) { return retval }
+            end
+            def update_many(spec, opts = {})
+              retval = nil
+              event = update_many_on_enter(spec, opts) { retval = super }
+              update_many_on_exit(event) { return retval }
+            end
+            def delete_one(opts = {})
+              retval = nil
+              event = delete_one_on_enter(opts) { retval = super }
+              delete_one_on_exit(event) { return retval }
+            end
+            def find_one_and_delete(opts = {})
+              retval = nil
+              event = find_one_and_delete_on_enter(opts) { retval = super }
+              find_one_and_delete_on_exit(event) { return retval }
+            end
+            def delete_many(opts = {})
+              retval = nil
+              event = delete_many_on_enter(opts) { retval = super }
+              delete_many_on_exit(event) { return retval }
+            end
+            def replace_one(replacement, opts = {})
+              retval = nil
+              event = replace_one_on_enter(replacement, opts) { retval = super }
+              replace_one_on_exit(event) { return retval }
+            end
+            def find_one_and_update(document, opts = {})
+              retval = nil
+              event = find_one_and_update_on_enter(document, opts) { retval = super }
+              find_one_and_update_on_exit(event) { return retval }
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/mysql2/chain.rb ADDED Viewed

@@ -0,0 +1,53 @@
+module NewRelic::Security
+  module Instrumentation
+    module Mysql2
+      module Client
+        module Chain
+          def self.instrument!
+            ::Mysql2::Client.class_eval do
+              include NewRelic::Security::Instrumentation::Mysql2::Client
+              alias_method :query_without_security, :query
+              def query(sql, options = {})
+                retval = nil
+                event = query_on_enter(sql, options) { retval = query_without_security(sql, options) }
+                query_on_exit(event) { return retval }
+              end
+              alias_method :prepare_without_security, :prepare
+              def prepare(sql)
+                retval = nil
+                event = prepare_on_enter(sql) { retval = prepare_without_security(sql) }
+                prepare_on_exit(event, retval, sql) { return retval }
+              end
+            end
+          end
+        end
+      end
+      module Statement
+        module Chain
+          def self.instrument!
+            ::Mysql2::Statement.class_eval do
+              include NewRelic::Security::Instrumentation::Mysql2::Statement
+              alias_method :execute_without_security, :execute
+              def execute(*args, **kwargs)
+                retval = nil
+                event = execute_on_enter(*args, **kwargs) { retval = execute_without_security(*args, **kwargs) }
+                execute_on_exit(event) { return retval }
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/mysql2/instrumentation.rb ADDED Viewed

@@ -0,0 +1,84 @@
+require_relative 'prepend'
+require_relative 'chain'
+module NewRelic::Security
+  module Instrumentation
+    module Mysql2::Client
+      def query_on_enter(sql, options)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        hash = {}
+        hash[:sql] = sql
+        hash[:parameters] = []
+        event = NewRelic::Security::Agent::Control::Collector.collect(SQL_DB_COMMAND, [hash], MYSQL) unless NewRelic::Security::Instrumentation::InstrumentationUtils.sql_filter_events?(hash[:sql])
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      def query_on_exit(event)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        NewRelic::Security::Agent::Utils.create_exit_event(event)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+      def prepare_on_enter(sql)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      def prepare_on_exit(event, retval, sql)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[retval.object_id] = sql if NewRelic::Security::Agent::Control::HTTPContext.get_context
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+    end
+    module Mysql2::Statement
+      def execute_on_enter(*args, **kwargs)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        hash = {}
+        hash[:sql] = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id] if NewRelic::Security::Agent::Control::HTTPContext.get_context
+        hash[:parameters] = args.map(&:to_s)
+        event = NewRelic::Security::Agent::Control::Collector.collect(SQL_DB_COMMAND, [hash], MYSQL) unless NewRelic::Security::Instrumentation::InstrumentationUtils.sql_filter_events?(hash[:sql])
+        NewRelic::Security::Agent::Control::HTTPContext.get_context.cache.delete(self.object_id) if NewRelic::Security::Agent::Control::HTTPContext.get_context
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      def execute_on_exit(event)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        NewRelic::Security::Agent::Utils.create_exit_event(event)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+    end
+  end
+end
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:mysql2, ::Mysql2::Client, ::NewRelic::Security::Instrumentation::Mysql2::Client)
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:mysql2, ::Mysql2::Statement, ::NewRelic::Security::Instrumentation::Mysql2::Statement)

data/lib/newrelic_security/instrumentation-security/mysql2/prepend.rb ADDED Viewed

@@ -0,0 +1,37 @@
+module NewRelic::Security
+  module Instrumentation
+    module Mysql2
+      module Client
+        module Prepend
+          include NewRelic::Security::Instrumentation::Mysql2::Client
+          def query(sql, options = {})
+            retval = nil
+            event = query_on_enter(sql, options) { retval = super }
+            query_on_exit(event) { return retval }
+          end
+          def prepare(sql)
+            retval = nil
+            event = prepare_on_enter(sql) { retval = super }
+            prepare_on_exit(event, retval, sql) { return retval }
+          end
+        end
+      end
+      module Statement
+        module Prepend
+          include NewRelic::Security::Instrumentation::Mysql2::Statement
+          def execute(*args, **kwargs)
+            retval = nil
+            event = execute_on_enter(*args, **kwargs) { retval = super }
+            execute_on_exit(event) { return retval }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/net_http/chain.rb ADDED Viewed

@@ -0,0 +1,21 @@
+module NewRelic::Security
+  module Instrumentation
+    module NetHTTP
+      module Chain
+        def self.instrument!
+          ::Net::HTTP.class_eval do
+            include NewRelic::Security::Instrumentation::NetHTTP
+            alias_method :transport_request_without_security, :transport_request
+            def transport_request(req, &block)
+              retval = nil
+              event = transport_request_on_enter(req) { retval = transport_request_without_security(req, &block) }
+              transport_request_on_exit(event) { return retval }
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/net_http/instrumentation.rb ADDED Viewed

@@ -0,0 +1,60 @@
+require_relative 'prepend'
+require_relative 'chain'
+module NewRelic::Security
+  module Instrumentation
+    module NetHTTP
+      HTTP = 'http'
+      HTTP_COLON_SLASH_SLAH = 'http://'
+      HTTPS_COLON_SLASH_SLAH = 'https://'
+      def transport_request_on_enter(req)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        ob = {}
+				ob[:Method] = req.method
+				if req.uri != nil && URI === req.uri
+					uri = req.uri
+					ob[:scheme]  = uri.scheme
+					ob[:host]    = uri.host
+					ob[:port]    = uri.port
+					ob[:URI]     = uri.to_s
+					ob[:path]    = uri.path
+					ob[:query]   = uri.query
+				else
+					ob[:scheme]  = self.use_ssl? ? HTTPS : HTTP
+					ob[:host]    = self.address
+					ob[:port]    = self.port
+					ob[:path]    = req.path
+					ob[:query]   = nil
+					ob[:URI] = "#{self.use_ssl? ? HTTPS_COLON_SLASH_SLAH : HTTP_COLON_SLASH_SLAH }#{self.address}:#{self.port}#{req.path}"
+				end
+				ob[:Body] = req.body
+				ob[:Headers] = req.to_hash.transform_values! { |v| v.join}
+        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(req, event) if event
+        ob = nil
+        event
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      def transport_request_on_exit(event)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        NewRelic::Security::Agent::Utils.create_exit_event(event)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+    end
+  end
+end
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:net_http, ::Net::HTTP, ::NewRelic::Security::Instrumentation::NetHTTP)

data/lib/newrelic_security/instrumentation-security/net_http/prepend.rb ADDED Viewed

@@ -0,0 +1,16 @@
+module NewRelic::Security
+  module Instrumentation
+    module NetHTTP
+      module Prepend
+        include NewRelic::Security::Instrumentation::NetHTTP
+        def transport_request(req, &block)
+          retval = nil
+          event = transport_request_on_enter(req) { retval = super }
+          transport_request_on_exit(event) { return retval }
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/net_ldap/chain.rb ADDED Viewed

@@ -0,0 +1,21 @@
+module NewRelic::Security
+  module Instrumentation
+    module NetLDAP
+      module Chain
+        def self.instrument!
+          ::Net::LDAP.class_eval do
+            include NewRelic::Security::Instrumentation::NetLDAP
+            alias_method :search_without_security, :search
+            def search(args = {}, &block)
+              retval = nil
+              event = search_on_enter(args) { retval = search_without_security(args, &block) }
+              search_on_exit(event) { return retval }
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/net_ldap/instrumentation.rb ADDED Viewed

@@ -0,0 +1,42 @@
+require_relative 'prepend'
+require_relative 'chain'
+module NewRelic::Security
+  module Instrumentation
+    module NetLDAP
+      def search_on_enter(args)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        if args.key?(:base) && !args[:base].empty?
+          hash = {}
+          hash[:name] = args[:base] if args.key?(:base)
+          hash[:filter] = args[:filter] if args.key?(:filter)
+          event = NewRelic::Security::Agent::Control::Collector.collect(LDAP, [hash])
+        else
+          #some times this method is also used during instance creation
+          # to know the capabilities of Ldap server. In these
+          # situations they don't provide the query parameter, so we filter
+          # this event
+          NewRelic::Security::Agent.logger.info "Filtered #{self.class}.#{__method__} because of insufficient args. args : #{args}\n"
+        end
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      def search_on_exit(event)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        NewRelic::Security::Agent::Utils.create_exit_event(event)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+    end
+  end
+end
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:net_ldap, ::Net::LDAP, ::NewRelic::Security::Instrumentation::NetLDAP)

data/lib/newrelic_security/instrumentation-security/net_ldap/prepend.rb ADDED Viewed

@@ -0,0 +1,16 @@
+module NewRelic::Security
+  module Instrumentation
+    module NetLDAP
+      module Prepend
+        include NewRelic::Security::Instrumentation::NetLDAP
+        def search(args = {}, &block)
+          retval = nil
+          event = search_on_enter(args) { retval = super }
+          search_on_exit(event) { return retval }
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/nokogiri/chain.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module NewRelic::Security
+  module Instrumentation
+    module Nokogiri
+      module XML
+        module Node
+          module Chain
+            def self.instrument!
+              ::Nokogiri::XML::Node.class_eval do
+                include NewRelic::Security::Instrumentation::Nokogiri::XML
+                alias_method :xpath_without_security, :xpath
+                def xpath(*var)
+                  retval = nil
+                  event = xpath_on_enter(*var) { retval = xpath_without_security(*var) }
+                  xpath_on_exit(event) { return retval }
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+    module Nokogiri
+      module XML
+        module NodeSet
+          module Chain
+            def self.instrument!
+              ::Nokogiri::XML::NodeSet.class_eval do
+                include NewRelic::Security::Instrumentation::Nokogiri::XML
+                alias_method :xpath_without_security, :xpath
+                def xpath(*var)
+                  retval = nil
+                  event = xpath_on_enter(*var) { retval = xpath_without_security(*var) }
+                  xpath_on_exit(event) { return retval }
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/nokogiri/instrumentation.rb ADDED Viewed

@@ -0,0 +1,36 @@
+require_relative 'prepend'
+require_relative 'chain'
+module NewRelic::Security
+  module Instrumentation
+    module Nokogiri::XML
+      def xpath_on_enter(*var)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        paths, _, _, binds = extract_params(var)
+        hash = { :paths => paths, :variables => binds }
+        event = NewRelic::Security::Agent::Control::Collector.collect(XPATH, [hash])
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      def xpath_on_exit(event)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        NewRelic::Security::Agent::Utils.create_exit_event(event)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+    end
+  end
+end
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:nokogiri, ::Nokogiri::XML::Node, ::NewRelic::Security::Instrumentation::Nokogiri::XML::Node)
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:nokogiri, ::Nokogiri::XML::NodeSet, ::NewRelic::Security::Instrumentation::Nokogiri::XML::NodeSet)
+# TODO: check if this hook can replace both the hooks, Nokogiri::XML::Searchable#xpath

data/lib/newrelic_security/instrumentation-security/nokogiri/prepend.rb ADDED Viewed

@@ -0,0 +1,31 @@
+module NewRelic::Security
+  module Instrumentation
+    module Nokogiri
+      module XML
+        module Node
+          module Prepend
+            include NewRelic::Security::Instrumentation::Nokogiri::XML
+            def xpath(*var)
+              retval = nil
+              event = xpath_on_enter(*var) { retval = super }
+              xpath_on_exit(event) { return retval }
+            end
+          end
+        end
+        module NodeSet
+          module Prepend
+            include NewRelic::Security::Instrumentation::Nokogiri::XML
+            def xpath(*var)
+              retval = nil
+              event = xpath_on_enter(*var) { retval = super }
+              xpath_on_exit(event) { return retval }
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/padrino/chain.rb ADDED Viewed

@@ -0,0 +1,26 @@
+module NewRelic::Security
+  module Instrumentation
+    module Padrino
+      module PathRouter
+        module Router
+          module Chain
+            def self.instrument!
+              ::Padrino::PathRouter::Router.class_eval do
+                include NewRelic::Security::Instrumentation::Padrino::PathRouter::Router
+                alias_method :call_without_security, :call
+                def call(env, &block)
+                  retval = nil
+                  event = call_on_enter(env) { retval = call_without_security(env, &block) }
+                  call_on_exit(event, retval) { return retval }
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/padrino/instrumentation.rb ADDED Viewed

@@ -0,0 +1,42 @@
+require_relative 'prepend'
+require_relative 'chain'
+module NewRelic::Security
+  module Instrumentation
+    module Padrino::PathRouter::Router
+      def call_on_enter(env)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
+        NewRelic::Security::Agent::Utils.get_app_routes(:padrino, self) if NewRelic::Security::Agent.agent.route_map.empty?
+        extracted_env = env.instance_variable_get(:@env)
+        NewRelic::Security::Agent::Control::HTTPContext.set_context(extracted_env)
+        ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context
+        ctxt.route = "#{extracted_env[REQUEST_METHOD].to_s}@#{extracted_env[PATH_INFO].to_s}" if ctxt
+        NewRelic::Security::Agent::Utils.parse_fuzz_header(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      def call_on_exit(event, retval)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
+        NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
+        NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent::Control::HTTPContext.reset_context
+        NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+    end
+  end
+end
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:padrino, ::Padrino::PathRouter::Router, ::NewRelic::Security::Instrumentation::Padrino::PathRouter::Router)

data/lib/newrelic_security/instrumentation-security/padrino/prepend.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module NewRelic::Security
+  module Instrumentation
+    module Padrino
+      module PathRouter
+        module Router
+          module Prepend
+            include NewRelic::Security::Instrumentation::Padrino::PathRouter::Router
+            def call(env, &block)
+              retval = nil
+              event = call_on_enter(env) { retval = super }
+              call_on_exit(event, retval) { return retval }
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/patron/chain.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module NewRelic::Security
+  module Instrumentation
+    module Patron
+      module Session
+        module Chain
+          def self.instrument!
+            ::Patron::Session.class_eval do
+              include NewRelic::Security::Instrumentation::Patron::Session
+              alias_method :request_without_security, :request
+              def request(action, url, headers, options = {})
+                retval = nil
+                event = request_on_enter(action, url, headers, options) { retval = request_without_security(action, url, headers, options) }
+                request_on_exit(event) { return retval }
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end