sqreen 1.19.3 → 1.19.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0d97982d41a665543af13ead18a3bc8c7d99f19d7fcec01ceec794b7e3246455
4
- data.tar.gz: 7b7083f02e36c9f57ca229e34f2a5f65b7b89ddeef45b73fb3f8c94861596622
3
+ metadata.gz: a1a0d2f8489dac7835a9d2135b0e35c15848a4fa094f7912f9979a83a9d2670e
4
+ data.tar.gz: 9bfc5db45531824d4f968f45fe495c9fad5da7c258c368fec5821aba8f66b124
5
5
  SHA512:
6
- metadata.gz: aaceed944d797ab2062f691aa5bf68d4e64253add714667c064cf3d6f3effe0dcada5f84fbcd757f317da341d3e87519c0c6cd2987029a97feef37e899fc9eab
7
- data.tar.gz: fc1bf68e638b438eb9f35c1e6bccffecd40b59afecdeddb71b442a3e4da3e664eb1513ad36a0668621705f2bbdc30fb0d6e87226261f8824277e07fead436b1d
6
+ metadata.gz: f2c2e5a91c6e415c6003dae1c3ca775b9d40eaacb34e4d28d07c991e46941bcb0bb0f1e9d01bdb1644562fb35852c9fb222bd8f1b83a008be3871ee6a5880cb9
7
+ data.tar.gz: 9164671762553af1f0cd658e3d654432a3eebfe81050f32d9cf8fc7c36fedb8c40a530629e57a16bec62536a080a931a2f2b34ba1fcb33521ab2964db38bc224
@@ -1,3 +1,7 @@
1
+ ## 1.19.4
2
+
3
+ * Fix signature check
4
+
1
5
  ## 1.19.3
2
6
 
3
7
  * Improve WAF PII protection
@@ -4,5 +4,5 @@
4
4
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
5
5
 
6
6
  module Sqreen
7
- VERSION = '1.19.3'.freeze
7
+ VERSION = '1.19.4'.freeze
8
8
  end
@@ -8,6 +8,7 @@ require 'sqreen/graft/hook_point'
8
8
  require 'sqreen/call_countable'
9
9
  require 'sqreen/rules'
10
10
  require 'sqreen/rules/record_request_context'
11
+ require 'sqreen/sqreen_signed_verifier'
11
12
 
12
13
  class Sqreen::Weave::Legacy::Instrumentation
13
14
  attr_accessor :metrics_engine
@@ -84,6 +85,15 @@ class Sqreen::Weave::Legacy::Instrumentation
84
85
 
85
86
  ### set up rule signature verifier
86
87
  verifier = nil
88
+ if Sqreen.features['rules_signature'] &&
89
+ Sqreen.config_get(:rules_verify_signature) == true &&
90
+ !defined?(::JRUBY_VERSION)
91
+ verifier = Sqreen::SqreenSignedVerifier.new
92
+ Sqreen::Weave.logger.debug('Rules signature enabled')
93
+ else
94
+ Sqreen::Weave.logger.debug('Rules signature disabled')
95
+ end
96
+
87
97
  ### force clean instrumentation callback list
88
98
  @hooks = []
89
99
  ### for each rule description
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.19.3
4
+ version: 1.19.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-06-05 00:00:00.000000000 Z
11
+ date: 2020-07-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sq_mini_racer
@@ -253,8 +253,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
253
253
  - !ruby/object:Gem::Version
254
254
  version: '0'
255
255
  requirements: []
256
- rubyforge_project:
257
- rubygems_version: 2.7.7
256
+ rubygems_version: 3.1.2
258
257
  signing_key:
259
258
  specification_version: 4
260
259
  summary: Sqreen Ruby agent