sqreen 1.1.01481108064-java → 1.1.11481117869-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/sqreen/events/attack.rb +1 -0
- data/lib/sqreen/events/remote_exception.rb +1 -0
- data/lib/sqreen/frameworks/generic.rb +45 -1
- data/lib/sqreen/frameworks/rails.rb +16 -11
- data/lib/sqreen/payload_creator.rb +28 -1
- data/lib/sqreen/rule_callback.rb +5 -0
- data/lib/sqreen/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0380f38a3af0fbb87e91fb92c71261300ac8e705
|
4
|
+
data.tar.gz: e26603f5e01edd06550f54bb66ae4b202b24e5fc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b274e896a689f03dbc034ee62ffb06761dfa7361665606bd7d31261a8fdfcc978361e832ad221ab2ceaf767a99eeb7b2bd49b6727b6c578b0c0d545795b48e1e
|
7
|
+
data.tar.gz: 5de74d338c25967869f36a2f6a6da4700d342ea544b0c3db30d7738bc0d0f0cfd490322e12e4f1a35964712f2e6338a817266243888848156fe8946807aaebaa
|
data/lib/sqreen/events/attack.rb
CHANGED
@@ -2,6 +2,9 @@
|
|
2
2
|
# Please refer to our terms for more information: https://www.sqreen.io/terms.html
|
3
3
|
|
4
4
|
require 'sqreen/events/remote_exception'
|
5
|
+
require 'sqreen/callbacks'
|
6
|
+
require 'sqreen/exception'
|
7
|
+
require 'sqreen/log'
|
5
8
|
|
6
9
|
module Sqreen
|
7
10
|
module Frameworks
|
@@ -33,14 +36,49 @@ module Sqreen
|
|
33
36
|
}
|
34
37
|
end
|
35
38
|
|
39
|
+
def ip_headers
|
40
|
+
req = request
|
41
|
+
return [] unless req
|
42
|
+
ips = []
|
43
|
+
%w(HTTP_X_FORWARDED_FOR HTTP_CLIENT_IP HTTP_X_REAL_IP HTTP_X_FORWARDED
|
44
|
+
HTTP_X_CLUSTER_CLIENT_IP HTTP_FORWARDED_FOR HTTP_FORWARDED HTTP_VIA
|
45
|
+
REMOTE_ADDR).each do |header|
|
46
|
+
v = req.env[header]
|
47
|
+
ips << [header, v] unless v.nil?
|
48
|
+
end
|
49
|
+
ips << ['rack.ip', req.ip] if req.respond_to?(:ip)
|
50
|
+
ips
|
51
|
+
end
|
52
|
+
|
53
|
+
# What is the current client IP as seen by rack
|
54
|
+
def rack_client_ip
|
55
|
+
req = request
|
56
|
+
return nil unless req
|
57
|
+
return req.ip if req.respond_to?(:ip)
|
58
|
+
req.env['REMOTE_ADDR']
|
59
|
+
end
|
60
|
+
|
61
|
+
# Sourced from rack:Request#trusted_proxy?
|
62
|
+
TRUSTED_PROXIES = /\A127\.0\.0\.1\Z|\A(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|\A::1\Z|\Afd[0-9a-f]{2}:.+|\Alocalhost\Z|\Aunix\Z|\Aunix:/i
|
63
|
+
|
36
64
|
# What is the current client IP
|
37
65
|
def client_ip
|
38
66
|
req = request
|
39
67
|
return nil unless req
|
40
|
-
|
68
|
+
forwarded = req.env['HTTP_X_FORWARDED_FOR']
|
69
|
+
ips = split_ip_addresses(forwarded)
|
70
|
+
last = ips.reject { |ip| ip =~ TRUSTED_PROXIES }.first
|
71
|
+
return last unless last.nil?
|
41
72
|
req.env['REMOTE_ADDR']
|
42
73
|
end
|
43
74
|
|
75
|
+
# Get a header by name
|
76
|
+
def header(name)
|
77
|
+
req = request
|
78
|
+
return nil unless req
|
79
|
+
req.env[name]
|
80
|
+
end
|
81
|
+
|
44
82
|
def hostname
|
45
83
|
req = request
|
46
84
|
return nil unless req
|
@@ -277,6 +315,12 @@ module Sqreen
|
|
277
315
|
@cannot_load_rack = true
|
278
316
|
false
|
279
317
|
end
|
318
|
+
|
319
|
+
private
|
320
|
+
|
321
|
+
def split_ip_addresses(ip_addresses)
|
322
|
+
ip_addresses ? ip_addresses.strip.split(/[,\s]+/) : []
|
323
|
+
end
|
280
324
|
end
|
281
325
|
end
|
282
326
|
end
|
@@ -38,19 +38,24 @@ module Sqreen
|
|
38
38
|
[db_type, db_infos]
|
39
39
|
end
|
40
40
|
|
41
|
-
def
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
41
|
+
def ip_headers
|
42
|
+
ret = super
|
43
|
+
remote_ip = rails_client_ip
|
44
|
+
ret << ['action_dispatch.remote_ip', remote_ip] unless remote_ip.nil?
|
45
|
+
ret
|
46
|
+
end
|
47
|
+
|
48
|
+
# What is the current client IP as seen by rails
|
49
|
+
def rails_client_ip
|
50
|
+
req = request
|
51
|
+
return unless req && req.env
|
52
|
+
remote_ip = req.env['action_dispatch.remote_ip']
|
53
|
+
return unless remote_ip
|
46
54
|
# FIXME: - this exist only since Rails 3.2.1
|
47
55
|
# http://apidock.com/rails/v3.2.1/ActionDispatch/RemoteIp/GetIp/calculate_ip
|
48
|
-
if remote_ip.respond_to?(:calculate_ip)
|
49
|
-
|
50
|
-
|
51
|
-
# This might not return the same value as calculate IP
|
52
|
-
return remote_ip.to_s
|
53
|
-
end
|
56
|
+
return remote_ip.calculate_ip if remote_ip.respond_to?(:calculate_ip)
|
57
|
+
# This might not return the same value as calculate IP
|
58
|
+
remote_ip.to_s
|
54
59
|
end
|
55
60
|
|
56
61
|
def request_id
|
@@ -46,7 +46,7 @@ module Sqreen
|
|
46
46
|
if subsection == true
|
47
47
|
return base.merge!(key => full_section(key, framework, rule))
|
48
48
|
end
|
49
|
-
return base if subsection.
|
49
|
+
return base if subsection.empty?
|
50
50
|
base[key] = fields(key, framework, rule)
|
51
51
|
base
|
52
52
|
end
|
@@ -54,6 +54,7 @@ module Sqreen
|
|
54
54
|
FULL_SECTIONS = {
|
55
55
|
'request' => 'request_infos',
|
56
56
|
'params' => 'filtered_request_params',
|
57
|
+
'headers' => 'ip_headers',
|
57
58
|
'local' => 'local_infos',
|
58
59
|
}.freeze
|
59
60
|
|
@@ -72,6 +73,7 @@ module Sqreen
|
|
72
73
|
'rails' => 'rails_params',
|
73
74
|
},
|
74
75
|
'rule' => {},
|
76
|
+
'headers' => {},
|
75
77
|
'context' => {
|
76
78
|
'backtrace' => 'get_current_backtrace',
|
77
79
|
},
|
@@ -81,12 +83,15 @@ module Sqreen
|
|
81
83
|
return RuntimeInfos if section == 'local'
|
82
84
|
return rule if section == 'rule'
|
83
85
|
return Context.new if section == 'context'
|
86
|
+
return HeaderSection.new(framework) if section == 'headers'
|
84
87
|
framework
|
85
88
|
end
|
86
89
|
|
87
90
|
def full_section(section, framework, rule)
|
88
91
|
return section_rule(framework, rule) if section == 'rule'
|
89
92
|
return section_context(framework, rule) if section == 'context'
|
93
|
+
# fast path prevent initializing a HeaderSection
|
94
|
+
return framework.ip_headers if section == 'headers'
|
90
95
|
so = section_object(section, framework, rule)
|
91
96
|
so.send(FULL_SECTIONS[section])
|
92
97
|
end
|
@@ -128,5 +133,27 @@ module Sqreen
|
|
128
133
|
'test' => rule['test'],
|
129
134
|
}
|
130
135
|
end
|
136
|
+
|
137
|
+
# object that default to call on framework header
|
138
|
+
class HeaderSection
|
139
|
+
def initialize(framework)
|
140
|
+
@framework = framework
|
141
|
+
end
|
142
|
+
|
143
|
+
def [](value)
|
144
|
+
if %w(rack_client_ip rails_client_ip ip_headers).include?(value)
|
145
|
+
return @framework.send(value)
|
146
|
+
end
|
147
|
+
@framework.header(value)
|
148
|
+
end
|
149
|
+
|
150
|
+
def ip_headers
|
151
|
+
@framework.ip_headers
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
def section_headers(framework)
|
156
|
+
HeaderSection.new(framework)
|
157
|
+
end
|
131
158
|
end
|
132
159
|
end
|
data/lib/sqreen/rule_callback.rb
CHANGED
@@ -90,6 +90,11 @@ module Sqreen
|
|
90
90
|
rescue => e
|
91
91
|
Sqreen.log.debug("No framework client_ip #{e}")
|
92
92
|
end
|
93
|
+
begin
|
94
|
+
payload['headers'] = framework.ip_headers
|
95
|
+
rescue => e
|
96
|
+
Sqreen.log.debug("No framework ip_headers #{e}")
|
97
|
+
end
|
93
98
|
RemoteException.record(payload)
|
94
99
|
end
|
95
100
|
end
|
data/lib/sqreen/version.rb
CHANGED