sqreen 1.15.7.beta1 → 1.15.7

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4c12b98d858bc3b796b65d4cbda2f57306371958a84ef0cba7e418279527fdc2
4
- data.tar.gz: 1d4e7f4994731ca11be8f5a9d14c0fc302072499490549676376ec9af811f024
3
+ metadata.gz: 29143768deb93b6a47c7804f971242b4700652a3e32ebd7f100346c522da5e73
4
+ data.tar.gz: 38eb496eb742d27392ae5587d551668fba57432d29f0dc4199e2f82d6614eb7e
5
5
  SHA512:
6
- metadata.gz: ae84a664f4676c90d088f36b57db1b5de7d324df684bb544391489ac037ed8788dcc76f64f3195b04e8b6d57da1bbb990895681eedebb10508d6c0a825c41533
7
- data.tar.gz: dbbe4acbc9d91b8fd79f8d1cbc20223220abcd5cbcb36b505ccdebf8b664b3dc24ecd4b8c78b852c56bff64c197eeeb3aa7a21544abf0a0a2681fa8dfe00e0cf
6
+ metadata.gz: 9a87ceb16ebfbfaa5039ad6425b55bc882d622a448608c7e935e9670e65482ea1d2795c8ef9854d61cfa3a8542354c73cd3e295ea5f85549fe044e60ee529ba1
7
+ data.tar.gz: 5dbaeadca8d7fb1f96b4b7710c8ccef57b10b45522b344f7fe2b0440f8cd8b9675e337a52e4a51efbc16d822d43f5ab9397a51ee2647dc38a0948cb7b05bad77
@@ -1,7 +1,7 @@
1
1
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
 
4
- require 'ipaddr'
4
+ require 'sqreen/trie'
5
5
 
6
6
  require 'sqreen/rule_callback'
7
7
 
@@ -11,8 +11,9 @@ module Sqreen
11
11
  class BlacklistIPsCB < RuleCB
12
12
  def initialize(klass, method, rule_hash)
13
13
  super(klass, method, rule_hash)
14
- @ips = Hash[@data['values'].map { |v| [v, IPAddr.new(v)] }]
15
- Sqreen.log.info 'no ips given for IP blacklisting' if @ips.empty?
14
+ @trie_v4 = Sqreen::Trie.new
15
+ @trie_v6 = Sqreen::Trie.new(nil, nil, Socket::AF_INET6)
16
+ insert_values(@data['values'])
16
17
  end
17
18
 
18
19
  def pre(_inst, _args, _budget = nil, &_block)
@@ -26,18 +27,33 @@ module Sqreen
26
27
  advise_action(:raise, :skip_rem_cbs => true)
27
28
  end
28
29
 
29
- protected
30
+ private
31
+
32
+ def insert_values(ranges)
33
+ Sqreen.log.info 'no ips given for IP blacklisting' if ranges.empty?
34
+
35
+ ranges.map { |r| Prefix.from_str(r, r) }.each do |prefix|
36
+ trie_for(prefix).insert prefix
37
+ end
38
+ end
39
+
40
+ def trie_for(prefix)
41
+ prefix.family == Socket::AF_INET6 ? @trie_v6 : @trie_v4
42
+ end
30
43
 
31
44
  # Is this a blacklisted ip?
32
45
  # return the ip blacklisted range that match ip
33
46
  def find_blacklisted_ip(rip)
34
- ret = (@ips || {}).find do |_, ip|
35
- ip.include?(rip)
47
+ begin
48
+ ipa = IPAddr.new(rip)
49
+ rescue
50
+ Sqreen.log.info "invalid IP address given by framework: #{rip}"
51
+ return nil
36
52
  end
37
- return nil unless ret
38
- ret.first
39
- rescue
40
- nil
53
+
54
+ range = trie_for(ipa).search_best(ipa.to_i, ipa.family)
55
+ return nil unless range
56
+ range.data
41
57
  end
42
58
  end
43
59
  end
@@ -182,6 +182,7 @@ module Sqreen
182
182
 
183
183
  def node_to_ip_addr(node)
184
184
  ret = IPAddr.new(node.prefix.address, node.prefix.family)
185
+ ret.send(:mask!, node.prefix.bitlen)
185
186
  ret.singleton_class.send(:define_method, :data) { node.prefix.data }
186
187
  ret
187
188
  end
@@ -1,5 +1,5 @@
1
1
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
  module Sqreen
4
- VERSION = '1.15.7.beta1'.freeze
4
+ VERSION = '1.15.7'.freeze
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.15.7.beta1
4
+ version: 1.15.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-11-23 00:00:00.000000000 Z
11
+ date: 2018-11-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sq_mini_racer
@@ -134,9 +134,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
134
134
  version: '0'
135
135
  required_rubygems_version: !ruby/object:Gem::Requirement
136
136
  requirements:
137
- - - ">"
137
+ - - ">="
138
138
  - !ruby/object:Gem::Version
139
- version: 1.3.1
139
+ version: '0'
140
140
  requirements: []
141
141
  rubyforge_project:
142
142
  rubygems_version: 2.7.7