sqreen 1.15.0-java → 1.15.5-java

data/lib/sqreen/metrics_store.rb

@@ -3,6 +3,7 @@
 
 require 'sqreen/exception'
 require 'sqreen/metrics'
+require 'sqreen/mono_time'
 
 module Sqreen
   # This store and register metrics
@@ -17,6 +18,7 @@ module Sqreen
     class AlreadyRegisteredMetric < Sqreen::Exception
     end
 
+    # definition keys
     NAME_KEY = 'name'.freeze
     KIND_KEY = 'kind'.freeze
     PERIOD_KEY = 'period'.freeze
@@ -29,7 +31,7 @@ module Sqreen
 
     def initialize
       @store = []
-      @metrics = {}
+      @metrics = {} # name => (metric, period, start)
     end
 
     # Definition contains a name,period and aggregate at least
@@ -54,17 +56,17 @@ module Sqreen
       @metrics.key?(name)
     end
 
+    # @params at [Time] when is the store emptied
     def update(name, at, key, value)
-      at = at.utc
       metric, period, start = @metrics[name]
       raise UnregisteredMetric, "Unknown metric #{name}" unless metric
       next_sample(name, at) if start.nil? || (start + period) < at
-      metric.update(at, key, value)
+      metric.update(key, value)
     end
 
     # Drains every metrics and returns the store content
     # @params at [Time] when is the store emptied
-    def publish(flush = true, at = Time.now.utc)
+    def publish(flush = true, at = Sqreen.time)
       @metrics.each do |name, (_, period, start)|
         next_sample(name, at) if flush || !start.nil? && (start + period) < at
       end
@@ -78,10 +80,13 @@ module Sqreen
     def next_sample(name, at)
       metric = @metrics[name][0]
       r = metric.next_sample(at)
-      @metrics[name][2] = at # start
+      @metrics[name][2] = at # new start
       if r
         r[NAME_KEY] = name
         obs = r[Metric::OBSERVATION_KEY]
+        start_of_mono = Time.now.utc - Sqreen.time
+        r[Metric::START_KEY] = start_of_mono + r[Metric::START_KEY]
+        r[Metric::FINISH_KEY] = start_of_mono + r[Metric::FINISH_KEY]
         @store << r if obs && (!obs.respond_to?(:empty?) || !obs.empty?)
       end
       r

data/lib/sqreen/mono_time.rb

@@ -0,0 +1,18 @@
+module Sqreen
+  has_mono_time = begin
+    Process.clock_gettime Process::CLOCK_MONOTONIC
+    true
+  rescue StandardError
+    false
+  end
+
+  if has_mono_time
+    def self.time
+      Process.clock_gettime Process::CLOCK_MONOTONIC
+    end
+  else
+    def self.time
+      Time.now.to_f
+    end
+  end
+end

data/lib/sqreen/performance_notifications.rb

@@ -1,12 +1,7 @@
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 
-begin
-  Process.clock_gettime Process::CLOCK_MONOTONIC
-  SQREEN_MONO_TIME = Process::CLOCK_MONOTONIC
-rescue StandardError
-  SQREEN_MONO_TIME = nil
-end
+require 'sqreen/mono_time'
 
 module Sqreen
   # This module enable us to keep track of sqreen resource usage
@@ -17,39 +12,29 @@ module Sqreen
     @subscriptions_all = {}
     @subscription_id = 0
     class << self
-      # Subsribe to receive notificiations about an event
-      # returns a subscription indentitifcation
+      # Subscribe to receive notifications about an event
+      # returns a subscription identification
       def subscribe(&block)
         id = (@subscription_id += 1)
         @subscriptions_all[id] = block
         id
       end
 
-      if SQREEN_MONO_TIME
-        def time
-          Process.clock_gettime(SQREEN_MONO_TIME)
-        end
-      else
-        def time
-          Time.now
-        end
-      end
-
       # Is there a subscriber
       def listen_for?
         !@subscriptions_all.empty?
       end
 
       # Instrument a call identified by key
-      def instrument(key, meta = {}, &block)
+      def instrument(rule, cb, meta = {}, &block)
         return yield unless listen_for?
-        _instrument(key, meta, &block)
+        _instrument(rule, cb, meta, &block)
       end
 
-      def notify(key, start, stop, meta = {})
+      def notify(rule, cb, start, stop, meta = {})
         return unless listen_for?
         notifiers.each do |callable|
-          callable.call(key, start, stop, meta)
+          callable.call(rule, cb, start, stop, meta)
         end
       end
 
@@ -70,22 +55,12 @@ module Sqreen
         @subscriptions_all.values
       end
 
-      if SQREEN_MONO_TIME
-        def _instrument(key, meta)
-          start = Process.clock_gettime(SQREEN_MONO_TIME)
-          yield
-        ensure
-          stop = Process.clock_gettime(SQREEN_MONO_TIME)
-          notify(key, start, stop, meta)
-        end
-      else
-        def _instrument(key, meta)
-          start = Time.now
-          yield
-        ensure
-          stop = Time.now
-          notify(key, start, stop, meta)
-        end
+      def _instrument(rule, cb, meta)
+        start = Sqreen.time
+        yield
+      ensure
+        stop = Sqreen.time
+        notify(rule, cb, start, stop, meta)
       end
     end
   end

data/lib/sqreen/performance_notifications/binned_metrics.rb

@@ -16,8 +16,6 @@ module Sqreen
       EVENT_TOTAL_TIME = 'sq'.freeze # sqreen total overhead callback time
       EVENT_PERCENT = 'pct'.freeze # sqreen total overhead percent of time
 
-      EVT_NAME_REGEXP = %r{\ACallbacks/([^/]+)/([^/]+)\z}
-
       # @param metrics_store [Sqreen::MetricsStore]
       def initialize(metrics_store, period, perf_metric_opts, perf_metric_percent_opts)
         @metrics_store = metrics_store
@@ -49,32 +47,28 @@ module Sqreen
         @subid = nil
       end
 
-      def log(event, start, finish, _meta)
-        return unless event =~ EVT_NAME_REGEXP
-        rule, cb = Regexp.last_match.captures
-
+      def log(rule, cb, start, finish, _meta)
         metric_name = "sq.#{rule}.#{cb}"
         ensure_metric(metric_name)
 
-        finish_time = SQREEN_MONO_TIME ? Time.now.utc : finish
         time_millis = (finish - start) * 1000
         # Ensure we always have a timings if we somehow missed the request start
-        SharedStorage[:sqreen_request_time] ||= 0
-        SharedStorage[:sqreen_request_time] += time_millis
-        metrics_store.update(metric_name, finish_time, nil, time_millis)
+        SharedStorage[:sqreen_request_time] =
+          (SharedStorage[:sqreen_request_time] || 0) + time_millis
+        metrics_store.update(metric_name, finish, nil, time_millis)
       end
 
       def start_request
-        SharedStorage[:request_start_time] = PerformanceNotifications.time
+        SharedStorage[:request_start_time] = Sqreen.time
         SharedStorage[:sqreen_request_time] = 0.0
       end
 
       def finish_request
         start_time = SharedStorage[:request_start_time]
-        finish_time = PerformanceNotifications.time
+        finish_time = Sqreen.time
         duration_millis = (finish_time - start_time) * 1000
 
-        finish_time_obj = SQREEN_MONO_TIME ? Time.now.utc : finish_time
+        finish_time_obj = Time.now.utc
         # format of evt is [cat, key, value, timestamp]
         Sqreen.observations_queue.push(
           [EVENT_REQ, nil, duration_millis, finish_time_obj]
@@ -108,7 +102,11 @@ module Sqreen
       class << self
         # @return [Sqreen::PerformanceNotifications::BinnedMetrics]
         attr_reader :instance
-        def enable(metrics_store, period = 60, base = DEFAULT_PERF_BASE, factor = DEFAULT_PERF_UNIT, base_pct = DEFAULT_PERF_PCT_BASE, factor_pct = DEFAULT_PERF_PCT_UNIT)
+        def enable(metrics_store, period = 60,
+                   base = DEFAULT_PERF_BASE,
+                   factor = DEFAULT_PERF_UNIT,
+                   base_pct = DEFAULT_PERF_PCT_BASE,
+                   factor_pct = DEFAULT_PERF_PCT_UNIT)
           disable
           @instance = new(metrics_store, period,
                           {'base'=> base, 'factor' => factor},

data/lib/sqreen/performance_notifications/log.rb

@@ -10,14 +10,19 @@ module Sqreen
       @subid = nil
       @facility = nil
       class << self
-        def log(event, start, finish, meta)
+        def log(rule, cb, start, finish, meta)
           (@facility || Sqreen.log).debug do
             meta_str = nil
             meta_str = ": #{meta.inspect}" unless meta.empty?
+            event = event_name(rule, cb)
             format('%s took %.2fms%s', event, (finish - start) * 1000, meta_str)
           end
         end
 
+        def event_name(rule, cb)
+          "Callbacks/#{rule}/#{cb}"
+        end
+
         def enable(facility = nil)
           return unless @subid.nil?
           @facility = facility

data/lib/sqreen/performance_notifications/log_performance.rb

@@ -2,6 +2,7 @@
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 
 require 'sqreen/performance_notifications'
+require 'sqreen/performance_notifications/log'
 
 module Sqreen
   module PerformanceNotifications
@@ -23,7 +24,8 @@ module Sqreen
           SharedStorage.set(:log_performance_timings, value)
         end
 
-        def log(event, start, finish, _meta)
+        def log(rule, cb, start, finish, _meta)
+          event = event_name(rule, cb)
           timings << [event, start, finish]
         end
 

data/lib/sqreen/performance_notifications/metrics.rb

@@ -2,17 +2,20 @@
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 
 require 'sqreen/performance_notifications'
+require 'sqreen/performance_notifications/log'
+require 'sqreen/runner'
 
 module Sqreen
   module PerformanceNotifications
     # Log performances in sqreen metrics_store
-    class Metrics
+    class Metrics < Log
       @subid = nil
       @facility = nil
       class << self
         EVENT_CAT = 'sqreen_time'.freeze
-        def log(event, start, finish, _meta)
-          evt = [EVENT_CAT, event, (finish - start) * 1000, SQREEN_MONO_TIME ? Time.now.utc : finish]
+        def log(rule, cb, start, finish, _meta)
+          event = event_name(rule, cb)
+          evt = [EVENT_CAT, event, (finish - start) * 1000, Time.now.utc]
           Sqreen.observations_queue.push(evt)
         end
 

data/lib/sqreen/performance_notifications/newrelic.rb

@@ -2,11 +2,14 @@
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 
 require 'sqreen/performance_notifications'
+require 'sqreen/performance_notifications/log'
+require 'sqreen/log'
+require 'sqreen/shared_storage'
 
 module Sqreen
   module PerformanceNotifications
     # Log performances on the console
-    class NewRelic
+    class NewRelic < Log
       @subid = nil
       @level = 0
 
@@ -24,7 +27,8 @@ module Sqreen
           SharedStorage.set(:log_performance_nr_timings, value)
         end
 
-        def log(event, start, finish, _meta)
+        def log(rule, cb, start, finish, _meta)
+          event = event_name(rule, cb)
           timings << [event, start, finish]
         end
 

data/lib/sqreen/remote_command.rb

@@ -59,6 +59,7 @@ module Sqreen
         Sqreen.log.debug { commands.inspect }
         return res_list
       end
+      commands = coalesce_reloads(commands, res_list)
       commands.each do |cmd_json|
         Sqreen.log.debug { cmd_json }
         cmd = RemoteCommand.new(cmd_json)
@@ -69,6 +70,31 @@ module Sqreen
       res_list
     end
 
+    # will need changes if we ever distinguish forced/soft reloads
+    # ('force' parameter in the command)
+    def self.coalesce_reloads(commands, res_list)
+      new_commands = []
+      saw_rules_reload = false
+      commands.reverse_each do |cmd_json|
+        name = cmd_json['name']
+        unless name == 'rules_reload'
+          new_commands.unshift cmd_json
+          next
+        end
+
+        if saw_rules_reload
+          res_list[cmd_json['uuid']] =
+            { :status => false, :reason => "redundant rules_reload ignored" }
+        else
+          saw_rules_reload = true
+          new_commands.unshift cmd_json
+          next
+        end
+      end
+
+      new_commands
+    end
+
     def to_h
       {
         :name => @name,

data/lib/sqreen/rule_attributes.rb

@@ -19,6 +19,7 @@ module Sqreen
       METRICS = 'metrics'.freeze
       CONDITIONS = 'conditions'.freeze
       CALL_COUNT_INTERVAL = 'call_count_interval'.freeze
+      PRIORITY = 'priority'.freeze
 
       freeze
     end

data/lib/sqreen/rule_callback.rb

@@ -47,6 +47,44 @@ module Sqreen
         @rule[Attrs::RULESPACK_ID]
       end
 
+      def priority
+        @rule[Attrs::PRIORITY] || super
+      end
+
+      # Record an attack event into Sqreen system
+      # @param infos [Hash] Additional information about request
+      def record_event(infos, at = Time.now.utc)
+        return unless framework
+        payload = {
+          :infos => infos,
+          :rulespack_id => rulespack_id,
+          :rule_name => rule_name,
+          :test => test,
+          :time => at,
+        }
+        if payload_tpl.include?('context')
+          payload[:backtrace] = Sqreen::Context.new.bt
+        end
+        framework.observe(:attacks, payload, payload_tpl)
+      end
+
+      # Record an exception that just occurred
+      # @param exception [Exception] Exception to send over
+      # @param infos [Hash] Additional contextual information
+      def record_exception(exception, infos = {}, at = Time.now.utc)
+        return unless framework
+        payload = {
+          :exception => exception,
+          :infos => infos,
+          :rulespack_id => rulespack_id,
+          :rule_name => rule_name,
+          :test => test,
+          :time => at,
+          :backtrace => exception.backtrace || Sqreen::Context.bt,
+        }
+        framework.observe(:sqreen_exceptions, payload)
+      end
+
       # Recommend taking an action (optionnally adding more data/context)
       #
       # This will format the requested action and optionnally

data/lib/sqreen/rules_callbacks/binding_accessor_matcher.rb

@@ -3,6 +3,7 @@
 
 require 'sqreen/rule_callback'
 require 'sqreen/binding_accessor'
+require 'sqreen/mono_time'
 require 'sqreen/rules_callbacks/matcher_rule'
 
 module Sqreen
@@ -49,7 +50,7 @@ module Sqreen
 
       def pre(inst, args, budget = nil, &_block)
         unless budget.nil?
-          finish = budget + Sqreen::PerformanceNotifications.time.to_f
+          finish = budget + Sqreen.time
         end
         resol_cache = Hash.new do |hash, accessor|
           hash[accessor] = accessor.resolve(binding, framework, inst, args)
@@ -61,7 +62,7 @@ module Sqreen
             next unless val.respond_to?(:each)
             next if val.respond_to?(:seek)
             val.each do |v|
-              if !budget.nil? && Sqreen::PerformanceNotifications.time.to_f > finish
+              if !budget.nil? && Sqreen.time > finish
                 return nil
               end
               next if !v.is_a?(String) || (!matcher.min_size.nil? && v.size < matcher.min_size)

data/lib/sqreen/rules_callbacks/blacklist_ips.rb

@@ -23,7 +23,7 @@ module Sqreen
         return unless found
         Sqreen.log.debug { "Found blacklisted IP #{ip} - found: #{found}" }
         record_observation('blacklisted', found, 1)
-        advise_action(:raise)
+        advise_action(:raise, :skip_rem_cbs => true)
       end
 
       protected