sqreen 1.23.0 → 1.24.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +25 -0
- data/bin/sqreen +43 -0
- data/lib/sqreen/configuration.rb +2 -0
- data/lib/sqreen/dependency/new_relic.rb +1 -1
- data/lib/sqreen/dependency/sinatra.rb +20 -0
- data/lib/sqreen/events/attack.rb +8 -0
- data/lib/sqreen/frameworks/generic.rb +12 -1
- data/lib/sqreen/graft/hook.rb +7 -295
- data/lib/sqreen/graft/hook.ruby_2.rb +305 -0
- data/lib/sqreen/graft/hook.ruby_3.rb +305 -0
- data/lib/sqreen/graft/hook_point.rb +6 -6
- data/lib/sqreen/graft/hook_point.ruby_2.rb +18 -0
- data/lib/sqreen/graft/hook_point.ruby_3.rb +19 -0
- data/lib/sqreen/rules/devise_signup_track_cb.rb +1 -1
- data/lib/sqreen/rules/rule_cb.rb +9 -0
- data/lib/sqreen/runner.rb +11 -0
- data/lib/sqreen/signals/conversions.rb +20 -4
- data/lib/sqreen/version.rb +1 -1
- data/lib/sqreen/weave/legacy/instrumentation.rb +6 -0
- metadata +15 -9
data/lib/sqreen/rules/rule_cb.rb
CHANGED
@@ -70,6 +70,15 @@ module Sqreen
|
|
70
70
|
if payload_tpl.include?('context')
|
71
71
|
payload[:backtrace] = Sqreen::Context.new.bt
|
72
72
|
end
|
73
|
+
if framework.respond_to?(:datadog_span) && (datadog_span = framework.datadog_span)
|
74
|
+
Sqreen::Weave.logger.debug { "attack datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
|
75
|
+
payload.merge!(
|
76
|
+
:datadog_trace_id => datadog_span.trace_id,
|
77
|
+
:datadog_span_id => datadog_span.span_id,
|
78
|
+
)
|
79
|
+
datadog_span.set_tag(Datadog::Ext::ManualTracing::TAG_KEEP, true)
|
80
|
+
datadog_span.set_tag('sqreen.event', true)
|
81
|
+
end
|
73
82
|
framework.observe(:attacks, payload, payload_tpl)
|
74
83
|
end
|
75
84
|
|
data/lib/sqreen/runner.rb
CHANGED
@@ -6,6 +6,7 @@
|
|
6
6
|
require 'ipaddr'
|
7
7
|
require 'timeout'
|
8
8
|
require 'json'
|
9
|
+
require 'pathname'
|
9
10
|
|
10
11
|
require 'sqreen/events/attack'
|
11
12
|
|
@@ -217,6 +218,16 @@ module Sqreen
|
|
217
218
|
session_rules = session.rules
|
218
219
|
rules_pack = session_rules['rules']
|
219
220
|
rulespack_id = session_rules['pack_id']
|
221
|
+
elsif @configuration.get(:rules_dump)
|
222
|
+
rules_dir = (defined?(Rails) ? Rails.root : Pathname.pwd) + 'tmp/sqreen/rules'
|
223
|
+
FileUtils.mkdir_p(rules_dir.to_s)
|
224
|
+
File.open("#{rules_dir}/#{rulespack_id}.json", "wb") { |f| f.write(JSON.pretty_generate(rules_pack)) }
|
225
|
+
FileUtils.mkdir_p("#{rules_dir}/#{rulespack_id}")
|
226
|
+
rules_pack.each do |r|
|
227
|
+
r = r.dup
|
228
|
+
r['rulespack_id'] = rulespack_id
|
229
|
+
File.open("#{rules_dir}/#{rulespack_id}/#{r['name']}.json", "wb") { |f| f.write(JSON.pretty_generate(r)) }
|
230
|
+
end
|
220
231
|
end
|
221
232
|
rules = rules_pack.each { |r| r['rulespack_id'] = rulespack_id }
|
222
233
|
Sqreen.log.info { format('retrieved rulespack id: %s', rulespack_id) }
|
@@ -44,11 +44,17 @@ module Sqreen
|
|
44
44
|
# XXX: not used because we don't use Sqreen::Attack
|
45
45
|
def convert_attack(attack)
|
46
46
|
# no need to set actor/context as we only include them in request records/traces
|
47
|
+
location_h = {}
|
48
|
+
location_h.merge!(stack_trace: attack.backtrace) if attack.backtrace
|
49
|
+
location_h.merge!(datadog_trace_id: datadog_trace_id) if attack.datadog_trace_id
|
50
|
+
location_h.merge!(datadog_span_id: datadog_span_id) if attack.datadog_span_id
|
51
|
+
location = Kit::Signals::Location.new(location_h) unless location_h.empty?
|
52
|
+
|
47
53
|
Kit::Signals::Specialized::Attack.new(
|
48
54
|
signal_name: "sq.agent.attack.#{attack.attack_type}",
|
49
55
|
source: "sqreen:rule:#{attack.rulespack_id}:#{attack.rule_name}",
|
50
56
|
time: attack.time,
|
51
|
-
location:
|
57
|
+
location: location,
|
52
58
|
payload: Kit::Signals::Specialized::Attack::Payload.new(
|
53
59
|
test: attack.test?,
|
54
60
|
block: attack.block?,
|
@@ -59,11 +65,17 @@ module Sqreen
|
|
59
65
|
|
60
66
|
# see Sqreen::Rules::RuleCB.record_event
|
61
67
|
def convert_unstructured_attack(payload)
|
68
|
+
location_h = {}
|
69
|
+
location_h.merge!(stack_trace: payload[:backtrace]) if payload[:backtrace]
|
70
|
+
location_h.merge!(datadog_trace_id: payload[:datadog_trace_id]) if payload[:datadog_span_id]
|
71
|
+
location_h.merge!(datadog_span_id: payload[:datadog_span_id]) if payload[:datadog_span_id]
|
72
|
+
location = Kit::Signals::Location.new(location_h) unless location_h.empty?
|
73
|
+
|
62
74
|
Kit::Signals::Specialized::Attack.new(
|
63
75
|
signal_name: "sq.agent.attack.#{payload[:attack_type]}",
|
64
76
|
source: "sqreen:rule:#{payload[:rulespack_id]}:#{payload[:rule_name]}",
|
65
77
|
time: payload[:time],
|
66
|
-
location:
|
78
|
+
location: location,
|
67
79
|
payload: Kit::Signals::Specialized::Attack::Payload.new(
|
68
80
|
test: payload[:test],
|
69
81
|
block: payload[:block],
|
@@ -185,12 +197,13 @@ module Sqreen
|
|
185
197
|
# see Sqreen::RequestRecord.processed_sdk_calls
|
186
198
|
def convert_track(call_info)
|
187
199
|
options = call_info[:args][1] || {}
|
200
|
+
args = options[:args] || {}
|
188
201
|
Kit::Signals::Specialized::SdkTrackCall.new(
|
189
202
|
signal_name: "sq.sdk.#{call_info[:args][0]}",
|
190
203
|
time: call_info[:time],
|
191
204
|
payload: Kit::Signals::Specialized::SdkTrackCall::Payload.new(
|
192
|
-
properties:
|
193
|
-
user_identifiers:
|
205
|
+
properties: args[:properties],
|
206
|
+
user_identifiers: args[:user_identifiers]
|
194
207
|
)
|
195
208
|
)
|
196
209
|
end
|
@@ -234,6 +247,9 @@ module Sqreen
|
|
234
247
|
status: resp_payload[:status],
|
235
248
|
content_length: resp_payload[:content_length],
|
236
249
|
content_type: resp_payload[:content_type],
|
250
|
+
# datadog
|
251
|
+
datadog_trace_id: req_payload[:datadog_trace_id],
|
252
|
+
datadog_span_id: req_payload[:datadog_span_id],
|
237
253
|
}
|
238
254
|
)
|
239
255
|
end
|
data/lib/sqreen/version.rb
CHANGED
@@ -180,6 +180,8 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
180
180
|
else
|
181
181
|
Sqreen::Weave.logger.error { "rule: #{rule['name']} singed: true result: fail" }
|
182
182
|
end
|
183
|
+
|
184
|
+
valid
|
183
185
|
end
|
184
186
|
if invalid_rules.any?
|
185
187
|
Sqreen::Weave.logger.error { "weave: instrument status: abort reason: signature result: fail" }
|
@@ -242,6 +244,9 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
242
244
|
|
243
245
|
# shrinkwrap_timer = Sqreen::Graft::Timer.new('weave,shrinkwrap')
|
244
246
|
# shrinkwrap_timer.start
|
247
|
+
if defined?(Datadog) && Datadog.tracer && (datadog_span = Datadog.tracer.active_root_span)
|
248
|
+
Sqreen::Weave.logger.debug { "request datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
|
249
|
+
end
|
245
250
|
|
246
251
|
request_timer = Sqreen::Graft::Timer.new("request")
|
247
252
|
request_timer.start
|
@@ -267,6 +272,7 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
267
272
|
timed_level: timed_level,
|
268
273
|
skipped_callbacks: [],
|
269
274
|
# timed_shrinkwrap: shrinkwrap_timer,
|
275
|
+
datadog_span: datadog_span,
|
270
276
|
}
|
271
277
|
|
272
278
|
# shrinkwrap_timer.stop
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sqreen
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.24.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sqreen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 1980-01-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: sqreen-backport
|
@@ -30,14 +30,14 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.2.
|
33
|
+
version: 0.2.4
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 0.2.
|
40
|
+
version: 0.2.4
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: sq_mini_racer
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -47,7 +47,7 @@ dependencies:
|
|
47
47
|
version: '0.2'
|
48
48
|
- - "<"
|
49
49
|
- !ruby/object:Gem::Version
|
50
|
-
version: 0.
|
50
|
+
version: 0.5.a
|
51
51
|
type: :runtime
|
52
52
|
prerelease: false
|
53
53
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -57,7 +57,7 @@ dependencies:
|
|
57
57
|
version: '0.2'
|
58
58
|
- - "<"
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: 0.
|
60
|
+
version: 0.5.a
|
61
61
|
- !ruby/object:Gem::Dependency
|
62
62
|
name: libsqreen
|
63
63
|
requirement: !ruby/object:Gem::Requirement
|
@@ -75,7 +75,8 @@ dependencies:
|
|
75
75
|
description: Sqreen is a SaaS based Application protection and monitoring platform
|
76
76
|
that integrates directly into your Ruby applications. Learn more at https://sqreen.com.
|
77
77
|
email: contact@sqreen.com
|
78
|
-
executables:
|
78
|
+
executables:
|
79
|
+
- sqreen
|
79
80
|
extensions: []
|
80
81
|
extra_rdoc_files: []
|
81
82
|
files:
|
@@ -84,6 +85,7 @@ files:
|
|
84
85
|
- LICENSE
|
85
86
|
- README.md
|
86
87
|
- Rakefile
|
88
|
+
- bin/sqreen
|
87
89
|
- lib/sqreen.rb
|
88
90
|
- lib/sqreen/actions.rb
|
89
91
|
- lib/sqreen/actions/actions_index.rb
|
@@ -198,7 +200,11 @@ files:
|
|
198
200
|
- lib/sqreen/graft/call.rb
|
199
201
|
- lib/sqreen/graft/callback.rb
|
200
202
|
- lib/sqreen/graft/hook.rb
|
203
|
+
- lib/sqreen/graft/hook.ruby_2.rb
|
204
|
+
- lib/sqreen/graft/hook.ruby_3.rb
|
201
205
|
- lib/sqreen/graft/hook_point.rb
|
206
|
+
- lib/sqreen/graft/hook_point.ruby_2.rb
|
207
|
+
- lib/sqreen/graft/hook_point.ruby_3.rb
|
202
208
|
- lib/sqreen/graft/hook_point_error.rb
|
203
209
|
- lib/sqreen/invalid_signature_exception.rb
|
204
210
|
- lib/sqreen/js.rb
|
@@ -341,14 +347,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
341
347
|
requirements:
|
342
348
|
- - ">="
|
343
349
|
- !ruby/object:Gem::Version
|
344
|
-
version:
|
350
|
+
version: '2.0'
|
345
351
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
346
352
|
requirements:
|
347
353
|
- - ">="
|
348
354
|
- !ruby/object:Gem::Version
|
349
355
|
version: '0'
|
350
356
|
requirements: []
|
351
|
-
rubygems_version: 3.2.
|
357
|
+
rubygems_version: 3.2.26
|
352
358
|
signing_key:
|
353
359
|
specification_version: 4
|
354
360
|
summary: Sqreen Ruby agent
|