sqreen 0.7.01462198090-java → 0.7.01464629603-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c894685dce5beefefaf5c48a1eb62a45f16ce2a0
4
- data.tar.gz: 034caa13665675561c4880d67b2073d5d843e042
3
+ metadata.gz: 80d1d023f3b57ae372f03c67e2c916663a500a8c
4
+ data.tar.gz: 7006f4103e6e1e99677dbb21d13c2f3dbe540bd0
5
5
  SHA512:
6
- metadata.gz: 9b6aba627699858a45b971466f4d84521c021e92d51bf80de24facacd0e5d2a25425a9de147cd83fa07ff23709af3b56d7efc53b0931361eedf8faf1afc91492
7
- data.tar.gz: 0b326706836e3bd162064ab8d3aca7d0085b79a893c90d8f35ffff6bc367bf718454ab5f705bd2bee012a6b3634ad5012dd519ad0d3082ccd1546a61b95d7b8b
6
+ metadata.gz: db99bc6d2b7c52f0f684cf18bbea98ec51c51c026cfdaea40a44260eec7921d25ef75772f6b2046259116d1f18fcdc57ce45731664058fd4b000a42b791eb061
7
+ data.tar.gz: 57c54f89c94d734227840c3392035550bb83910c698f551c749e90dc3214c7d01e55865cdfa4e6ea9ee60127fd22e0860dfd26c44187413b726e31d4fe93f1f3
@@ -41,11 +41,28 @@ class ConditionEvaluator
41
41
  return false if hval.respond_to?(:empty?) && hval.empty?
42
42
  v = hval.to_s
43
43
  return false if v.size < min_value_size
44
- value.to_s.include?(v)
44
+ ConditionEvaluator.str_include?(value.to_s, v)
45
45
  end
46
46
  end
47
47
  end
48
48
 
49
+ # Test is a str contains what. Rencode if necessary
50
+ def self.str_include?(str, what)
51
+ str1 = if str.encoding != Encoding::UTF_8
52
+ str.encode(Encoding::UTF_8, :invalid => :replace,
53
+ :undef => :replace)
54
+ else
55
+ str
56
+ end
57
+ str2 = if what.encoding != Encoding::UTF_8
58
+ what.encode(Encoding::UTF_8, :invalid => :replace,
59
+ :undef => :replace)
60
+ else
61
+ what
62
+ end
63
+ str1.include?(str2)
64
+ end
65
+
49
66
  # Initialize evaluator
50
67
  # @param cond [Hash] condition Hash
51
68
  def initialize(cond)
@@ -156,7 +173,11 @@ class ConditionEvaluator
156
173
  unless res[0].respond_to?(:include?)
157
174
  raise(Sqreen::Exception, "no include on res #{res[0].inspect}")
158
175
  end
159
- res[0].include?(res[1])
176
+ if res[0].is_a?(String)
177
+ ConditionEvaluator.str_include?(res[0], res[1])
178
+ else
179
+ res[0].include?(res[1])
180
+ end
160
181
  when HASH_INC_OPERATOR
161
182
  ConditionEvaluator.hash_val_include?(res[0], res[1], res[2])
162
183
  else
@@ -28,4 +28,7 @@ module Sqreen
28
28
 
29
29
  class NotImplementedYet < Exception
30
30
  end
31
+
32
+ class InvalidSignatureException < Exception
33
+ end
31
34
  end
@@ -483,7 +483,7 @@ module Sqreen
483
483
  if Sqreen.features['rules_signature'] &&
484
484
  Sqreen.config_get(:rules_verify_signature) &&
485
485
  !defined?(::JRUBY_VERSION)
486
- verifier = Sqreen::RulesSignature.new
486
+ verifier = Sqreen::SqreenSignedVerifier.new
487
487
  else
488
488
  Sqreen.log.debug('Rules signature is not enabled')
489
489
  end
@@ -44,7 +44,9 @@ module Sqreen
44
44
  # @param verifier [SqreenSignedVerifier] Signed verifier
45
45
  def self::cb_from_rule(hash_rule, metrics_store = nil, verifier = nil)
46
46
  # Check rules signature
47
- verifier.verify(hash_rule) if verifier
47
+ if verifier
48
+ raise InvalidSignatureException unless verifier.verify(hash_rule)
49
+ end
48
50
 
49
51
  hook = hash_rule[Attrs::HOOKPOINT]
50
52
  klass = hook[Attrs::KLASS]
@@ -75,6 +75,9 @@ module Sqreen
75
75
  k
76
76
  end)] = ret[k] end
77
77
  record_event(ret[:record]) unless ret[:record].nil?
78
+ unless ret['observations'].nil?
79
+ ret['observations'].each { |obs| record_observation(*obs) }
80
+ end
78
81
  return !ret[:call].nil?
79
82
  else
80
83
  raise Sqreen::Exception, "Invalid return type #{ret.inspect}"
@@ -5,14 +5,16 @@ require 'sqreen/rule_callback'
5
5
 
6
6
  module Sqreen
7
7
  module Rules
8
- SQREEN_HEADER_NAME = 'X-Protected-By'.freeze
9
- SQREEN_HEADER_VALUE = 'Sqreen'.freeze
10
-
11
8
  # Display sqreen presence
12
9
  class HeadersInsertCB < RuleCB
13
10
  def post(rv, _inst, *_args, &_block)
14
11
  return unless rv && rv.respond_to?(:[]) && rv[1].is_a?(Hash)
15
- rv[1][SQREEN_HEADER_NAME] = SQREEN_HEADER_VALUE
12
+ return nil unless @data
13
+ headers = @data['values'] || []
14
+ return if headers.empty?
15
+ headers.each do |name, value|
16
+ rv[1][name] = value
17
+ end
16
18
  nil
17
19
  end
18
20
  end
@@ -8,12 +8,17 @@ module Sqreen
8
8
  class InspectRuleCB < RuleCB
9
9
  def pre(_inst, *args, &_block)
10
10
  Sqreen.log.debug { "<< #{@klass} #{@method} #{Thread.current}" }
11
- Sqreen.log.debug { args.join ' ' }
11
+ Sqreen.log.debug { args.map(&:inspect).join(' ') }
12
12
  end
13
13
 
14
- def post(_rv, _inst, *_args, &_block)
15
- Sqreen.log.debug { ">> #{@klass} #{@method} #{Thread.current}" }
16
- byebug if defined? byebug and @data.is_a?(Hash) and @data[:break] == 1
14
+ def post(rv, _inst, *_args, &_block)
15
+ Sqreen.log.debug { ">> #{rv.inspect} #{@klass} #{@method} #{Thread.current}" }
16
+ byebug if defined? byebug && @data.is_a?(Hash) && @data[:break] == 1
17
+ end
18
+
19
+ def failing(rv, _inst, *_args, &_block)
20
+ Sqreen.log.debug { "># #{rv.inspect} #{@klass} #{@method} #{Thread.current}" }
21
+ byebug if defined? byebug && @data.is_a?(Hash) && @data[:break] == 1
17
22
  end
18
23
  end
19
24
  end
@@ -29,7 +29,7 @@ module Sqreen
29
29
  REQUIRED_SIGNED_KEYS = %w(hookpoint name callbacks conditions).freeze
30
30
  SIGNATURE_KEY = 'signature'.freeze
31
31
  SIGNATURE_VALUE_KEY = 'value'.freeze
32
- SIGNED_KEYS_KEY = 'signed_keys'.freeze
32
+ SIGNED_KEYS_KEY = 'keys'.freeze
33
33
  SIGNATURE_VERSION = 'v0_9'.freeze
34
34
  PUBLIC_KEY = <<-END.gsub(/^ */, '').freeze
35
35
  -----BEGIN PUBLIC KEY-----
@@ -114,14 +114,14 @@ module Sqreen
114
114
  raise Sqreen::Exception, 'no signature found' unless sigs
115
115
 
116
116
  sig = sigs[SIGNATURE_VERSION]
117
- msg = "signature #{SIGNATURE_VERSION} not found"
117
+ msg = "signature #{SIGNATURE_VERSION} not found (#{sigs})"
118
118
  raise Sqreen::Exception, msg unless sig
119
119
 
120
120
  sig_value = sig[SIGNATURE_VALUE_KEY]
121
121
  raise Sqreen::Exception, 'no signature value found' unless sig_value
122
122
 
123
123
  signed_keys = sig[SIGNED_KEYS_KEY]
124
- raise Sqreen::Exception, 'no signed keys found' unless signed_keys
124
+ raise Sqreen::Exception, "no signed keys found (#{sig})" unless signed_keys
125
125
 
126
126
  inc = Set.new(signed_keys).superset?(Set.new(@required_signed_keys))
127
127
  raise Sqreen::Exception, 'signed keys miss equired keys' unless inc
@@ -130,6 +130,8 @@ module Sqreen
130
130
  end
131
131
 
132
132
  def verify(hash_rule)
133
+ # Return true if rule signature is correct, else false
134
+
133
135
  signed_keys, sig_value = get_sig_infos_or_fail(hash_rule)
134
136
 
135
137
  norm_str = normalize(hash_rule, signed_keys)
@@ -2,5 +2,5 @@
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
  # Warning This file is auto generated! DO NOT edit.
4
4
  module Sqreen
5
- VERSION = "0.7.01462198090".freeze
5
+ VERSION = "0.7.01464629603".freeze
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.01462198090
4
+ version: 0.7.01464629603
5
5
  platform: java
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-05-02 00:00:00.000000000 Z
11
+ date: 2016-05-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: execjs
@@ -136,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
136
136
  version: '0'
137
137
  requirements: []
138
138
  rubyforge_project:
139
- rubygems_version: 2.6.2
139
+ rubygems_version: 2.6.4
140
140
  signing_key:
141
141
  specification_version: 4
142
142
  summary: Sqreen Ruby agent