paraxial 0.9.0 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/paraxial/checker.rb +54 -18
  3. data/lib/paraxial/cli.rb +6 -1
  4. data/lib/paraxial/helpers.rb +8 -0
  5. data/lib/paraxial/version.rb +1 -1
  6. data/lib/paraxial.rb +12 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0a6510720489f0277f96eef42e60e10e7f3958ab6a3763aa3941c022c497a314
4
- data.tar.gz: 497e56a5048f7b6cbb5d2238e5d9059a66cec676dde27d9474faaaee6a5d0fb6
3
+ metadata.gz: 51de7f085eec9d82f197fbad24ff3f18554f3faf16218a6fcbc0181815b9eb92
4
+ data.tar.gz: 577e903cbdb3a2730b47fb0078046c9e808737dac5b7538e2b02dd7d02a46db1
5
5
  SHA512:
6
- metadata.gz: 64182cfa8039d867bbc5e113e5f421a3e1141e833790222c52ae6191099289fbd056cef3163442c949db576d1de76402c8d5196fd05da46169e34f64de77ab71
7
- data.tar.gz: 7fbc2ed7db3b3afb3d43a935e667d4ffc26464034c7070f8d15ba28db03c9ee5fb1fc327d56005ecefd615a39845cc8fe5f5e5aa92975186b3c9f3b615c1410b
6
+ metadata.gz: d77946aedb02e58860ce5be2c651acf438e77189c4349f0847e5a5fb32f560b366d31b376f66f880bc2e52c8cee37cfbd2a62f80a72c900a5923c7353a915abe
7
+ data.tar.gz: 3cf38d2d6726f074f7fc38898942030c820d51338109549ce73f2f832ab41d9f703026019ef1e9f8f7e68ad2ed8d4426a561ad34fa2f805fb1481eb5cd3b686c
data/lib/paraxial/checker.rb CHANGED
@@ -5,6 +5,7 @@ module Paraxial
5
5
  @bans = { 'v4' => Patricia.new, 'v6' => Patricia.new(:AF_INET6) }
6
6
  @buffer = Queue.new
7
7
  @mutex = Mutex.new
8
+ @headers = { 'Content-Type': 'application/json' }
8
9
 
9
10
  if Paraxial::Helpers.get_api_key
10
11
  @thread = Thread.new do
@@ -44,11 +45,8 @@ module Paraxial
44
45
  puts "[Paraxial] HTTP ingest not supported on free tier"
45
46
  else
46
47
  Thread.new do
47
- uri = URI.parse(Paraxial::Helpers.get_ingest_url) # Replace with your endpoint
48
- headers = { 'Content-Type': 'application/json' }
49
- resp = Net::HTTP.post(uri, body.to_json, headers)
50
- puts "ingest_url resp.code: #{resp.code}"
51
- puts resp.body
48
+ uri = URI.parse(Paraxial::Helpers.get_ingest_url)
49
+ Net::HTTP.post(uri, body.to_json, @headers)
52
50
  end
53
51
  end
54
52
  end
@@ -56,11 +54,10 @@ module Paraxial
56
54
 
57
55
  def self.get_abr
58
56
  uri = URI.parse(Paraxial::Helpers.get_abr_url)
59
- headers = { 'Content-Type': 'application/json' }
60
57
 
61
58
  body = { api_key: Paraxial::Helpers.get_api_key }
62
59
  begin
63
- r = Net::HTTP.post(uri, body.to_json, headers)
60
+ r = Net::HTTP.post(uri, body.to_json, @headers)
64
61
  if r.code == '200'
65
62
  put_abr(JSON.parse(r.body))
66
63
  else
@@ -132,7 +129,57 @@ module Paraxial
132
129
  end
133
130
  end
134
131
 
132
+ def self.ban_ip_msg(ip, length, msg)
133
+ if allow_ip?(ip) == true
134
+ local_ban(ip)
135
+
136
+ uri = URI.parse(Paraxial::Helpers.get_ruby_ban_url)
137
+ body =
138
+ {
139
+ bad_ip: ip,
140
+ ban_length: length,
141
+ msg: msg,
142
+ api_key: Paraxial::Helpers.get_api_key
143
+ }
144
+ r = Net::HTTP.post(uri, body.to_json, @headers)
145
+ if r.code == '200'
146
+ :ok
147
+ else
148
+ :error
149
+ end
150
+ else
151
+ :already_banned
152
+ end
153
+ end
154
+
155
+ def self.honeypot_ban(ip, length)
156
+ local_ban(ip)
157
+
158
+ uri = URI.parse(Paraxial::Helpers.get_honeypot_url)
159
+
160
+ body = { api_key: Paraxial::Helpers.get_api_key, bad_ip: ip, ban_length: length }
161
+ r = Net::HTTP.post(uri, body.to_json, @headers)
162
+ if r.code == '200'
163
+ :ok
164
+ else
165
+ :error
166
+ end
167
+ end
168
+
135
169
  def self.ban_ip(ip)
170
+ local_ban(ip)
171
+ uri = URI.parse(Paraxial::Helpers.get_ban_url)
172
+
173
+ body = { api_key: Paraxial::Helpers.get_api_key, ip_address: ip }
174
+ r = Net::HTTP.post(uri, body.to_json, @headers)
175
+ if r.code == '200'
176
+ :ok
177
+ else
178
+ :error
179
+ end
180
+ end
181
+
182
+ def self.local_ban(ip)
136
183
  if ip.include?('.')
137
184
  # IPv4
138
185
  current_t = @bans['v4']
@@ -144,17 +191,6 @@ module Paraxial
144
191
  current_t.add(ip)
145
192
  @bans['v6'] = current_t
146
193
  end
147
-
148
- uri = URI.parse(Paraxial::Helpers.get_ban_url)
149
- headers = { 'Content-Type': 'application/json' }
150
-
151
- body = { api_key: Paraxial::Helpers.get_api_key, ip_address: ip }
152
- r = Net::HTTP.post(uri, body.to_json, headers)
153
- if r.code == '200'
154
- :ok
155
- else
156
- :error
157
- end
158
194
  end
159
195
 
160
196
  def self.allow_ip?(ip)
data/lib/paraxial/cli.rb CHANGED
@@ -15,6 +15,7 @@ module Paraxial
15
15
  option :repo_owner, type: :string, desc: 'Repository owner'
16
16
  option :repo_name, type: :string, desc: 'Repository name'
17
17
  option :pr_number, type: :numeric, desc: 'Pull request number'
18
+ option :exit_code, type: :boolean, default: false, desc: 'Non-zero exit code if findings > 0'
18
19
 
19
20
  def scan
20
21
  puts '[Paraxial] Scan starting...'
@@ -27,7 +28,6 @@ module Paraxial
27
28
  puts '- rubocop-erb'
28
29
  end
29
30
 
30
-
31
31
  if Paraxial::Helpers.get_api_key.nil?
32
32
  puts '[Paraxial] Environment variable PARAXIAL_API_KEY not found'
33
33
  else
@@ -36,6 +36,7 @@ module Paraxial
36
36
  repo_owner = options[:repo_owner]
37
37
  repo_name = options[:repo_name]
38
38
  pr_number = options[:pr_number]
39
+ exit_code = options[:exit_code]
39
40
 
40
41
  cops = 'Paraxial,Security/Eval,Security/IoMethods,Security/JSONLoad,Security/MarshalLoad,Security/Open,Security/YAMLLoad'
41
42
  rubocop = `rubocop --require paraxial --only #{cops} --disable-pending-cops --format json`
@@ -95,6 +96,10 @@ module Paraxial
95
96
  else
96
97
  :ok
97
98
  end
99
+
100
+ if exit_code and (findings.length > 0)
101
+ exit(1)
102
+ end
98
103
  end
99
104
  end
100
105
 
data/lib/paraxial/helpers.rb CHANGED
@@ -24,6 +24,14 @@ module Paraxial
24
24
  get_paraxial_url + '/api/ingest'
25
25
  end
26
26
 
27
+ def self.get_honeypot_url
28
+ get_paraxial_url + '/api/honeypot_ban_x'
29
+ end
30
+
31
+ def self.get_ruby_ban_url
32
+ get_paraxial_url + '/api/ruby_ban_x'
33
+ end
34
+
27
35
  def self.get_api_key
28
36
  @paraxial_api_key ||= ENV['PARAXIAL_API_KEY']
29
37
  end
data/lib/paraxial/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Paraxial
4
- VERSION = '0.9.0'
4
+ VERSION = '1.0.0'
5
5
  end
data/lib/paraxial.rb CHANGED
@@ -59,7 +59,6 @@ module Paraxial
59
59
  cloud_ip: request.env['paraxial.cloud_ip'],
60
60
  host: request.host
61
61
  }
62
- puts req_hash
63
62
  Paraxial::Checker.req_to_buff(req_hash)
64
63
  end
65
64
 
@@ -127,6 +126,18 @@ module Paraxial
127
126
  Paraxial::Checker.ban_ip(ip)
128
127
  end
129
128
 
129
+ def self.ban_ip_msg(ip, length, msg)
130
+ return if Paraxial::Helpers.get_api_key.nil?
131
+
132
+ Paraxial::Checker.ban_ip_msg(ip, length, msg)
133
+ end
134
+
135
+ def self.honeypot_ban(ip, length = :week)
136
+ return if Paraxial::Helpers.get_api_key.nil?
137
+
138
+ Paraxial::Checker.honeypot_ban(ip, length)
139
+ end
140
+
130
141
  def self.allow_ip?(ip)
131
142
  return if Paraxial::Helpers.get_api_key.nil?
132
143
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: paraxial
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.0
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael Lubas
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-09-21 00:00:00.000000000 Z
11
+ date: 2024-09-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec