sqreen 1.23.2 → 1.24.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/lib/sqreen/dependency/sinatra.rb +20 -0
- data/lib/sqreen/events/attack.rb +8 -0
- data/lib/sqreen/frameworks/generic.rb +12 -1
- data/lib/sqreen/graft/hook.ruby_3.rb +1 -1
- data/lib/sqreen/rules/devise_signup_track_cb.rb +1 -1
- data/lib/sqreen/rules/rule_cb.rb +9 -0
- data/lib/sqreen/rules/waf_cb.rb +1 -1
- data/lib/sqreen/signals/conversions.rb +20 -4
- data/lib/sqreen/version.rb +1 -1
- data/lib/sqreen/weave/legacy/instrumentation.rb +4 -0
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 63ea0b26ac35ae810d92bb1f7dee78283af5104c05ea064c20105178e915b109
|
4
|
+
data.tar.gz: ebba0fd2eaffc1c6af1a53949e40e9f06ac58129c5d40b2041db3be0463c8e19
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0d4cd02caf498bb7c25b4882b4f095586bd177058a6f4251945914ea236152d0484f326a07bcf2404bd0524678a136ab240908c4039fd9ee5f6e81a2d0b2d277
|
7
|
+
data.tar.gz: 186e6a5585a8db09bd03cdf85f9a2b6fdaee67a83cf29f06ecc48552d9a10ce37a2f663126c076676ef8f9cbaa6848bb8d893c50a1650f1621eb9629c0742f85
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,23 @@
|
|
1
|
+
## 1.24.3
|
2
|
+
|
3
|
+
* Fix WAF exception reporting corner case
|
4
|
+
|
5
|
+
## 1.24.2
|
6
|
+
|
7
|
+
* Fix kwargs for rule callbacks on Ruby 3+
|
8
|
+
* Fix properties propagation for custom events
|
9
|
+
* Fix Devise key type mismatch for signup
|
10
|
+
|
11
|
+
## 1.24.1
|
12
|
+
|
13
|
+
* Add Datadog trace keeping through sampling
|
14
|
+
* Improve Datadog correlation compatibility with Sinatra
|
15
|
+
* Improve attack event correlation with Datadog spans
|
16
|
+
|
17
|
+
## 1.24.0
|
18
|
+
|
19
|
+
* Add Sqreen event correlation with Datadog traces
|
20
|
+
|
1
21
|
## 1.23.2
|
2
22
|
|
3
23
|
* Fix compatibility with NewRelic for attack events
|
@@ -61,6 +61,26 @@ module Sqreen
|
|
61
61
|
u.append(p)
|
62
62
|
end
|
63
63
|
end
|
64
|
+
|
65
|
+
insert_datadog_middleware(builder, *args, &block)
|
66
|
+
end
|
67
|
+
|
68
|
+
def insert_datadog_middleware(builder, *args, &block)
|
69
|
+
return unless defined?(Datadog) && Datadog.respond_to?(:configuration) && Datadog.configuration.instrumented_integrations.key?(:sinatra)
|
70
|
+
|
71
|
+
Datadog.configure do |c|
|
72
|
+
sinatra_config = Datadog.configuration[:sinatra]
|
73
|
+
|
74
|
+
c.use(
|
75
|
+
:rack,
|
76
|
+
service_name: sinatra_config[:service_name],
|
77
|
+
distributed_tracing: sinatra_config[:distributed_tracing],
|
78
|
+
) unless Datadog.configuration.instrumented_integrations.key?(:rack)
|
79
|
+
end
|
80
|
+
|
81
|
+
insert_middleware(builder, Datadog::Contrib::Rack::TraceMiddleware, args, block) do |p, u|
|
82
|
+
u.insert(0, p)
|
83
|
+
end
|
64
84
|
end
|
65
85
|
|
66
86
|
def wrap_middleware(middleware, *args, &block)
|
data/lib/sqreen/events/attack.rb
CHANGED
@@ -63,6 +63,14 @@ module Sqreen
|
|
63
63
|
payload['context']['backtrace']
|
64
64
|
end
|
65
65
|
|
66
|
+
def datadog_trace_id
|
67
|
+
payload['context']['datadog_trace_id']
|
68
|
+
end
|
69
|
+
|
70
|
+
def datadog_span_id
|
71
|
+
payload['context']['datadog_span_id']
|
72
|
+
end
|
73
|
+
|
66
74
|
def enqueue
|
67
75
|
Sqreen.queue.push(self)
|
68
76
|
end
|
@@ -173,7 +173,18 @@ module Sqreen
|
|
173
173
|
:remote_port => req.env['REMOTE_PORT'],
|
174
174
|
:remote_ip => remote_addr,
|
175
175
|
:client_ip => client_ip,
|
176
|
-
}
|
176
|
+
}.tap do |h|
|
177
|
+
h.merge!(
|
178
|
+
:datadog_trace_id => datadog_span.trace_id,
|
179
|
+
:datadog_span_id => datadog_span.span_id,
|
180
|
+
) if datadog_span
|
181
|
+
end
|
182
|
+
end
|
183
|
+
|
184
|
+
def datadog_span
|
185
|
+
return unless defined?(Datadog) && (tracer = Datadog.tracer)
|
186
|
+
|
187
|
+
tracer.active_span
|
177
188
|
end
|
178
189
|
|
179
190
|
def response_infos
|
@@ -112,7 +112,7 @@ module Sqreen
|
|
112
112
|
|
113
113
|
flow = catch(Ball.new) do |ball|
|
114
114
|
Timer.new(c.name, &timed_callbacks_proc).measure(ignore: chrono) do
|
115
|
-
c.call(CallbackCall.new(c, remaining, hooked_call.instance, hooked_call.args_passed), ball)
|
115
|
+
c.call(CallbackCall.new(c, remaining, hooked_call.instance, kwargs.empty? ? hooked_call.args_passed : hooked_call.args_passed + [kwargs]), ball)
|
116
116
|
end
|
117
117
|
end
|
118
118
|
|
@@ -20,7 +20,7 @@ module Sqreen
|
|
20
20
|
keys = args[1].class.authentication_keys
|
21
21
|
ip = framework.client_ip
|
22
22
|
category = 'auto-signup'
|
23
|
-
data = data.select { |k, _| keys.include?(k) }
|
23
|
+
data = data.select { |k, _| keys.map(&:to_s).include?(k.to_s) }
|
24
24
|
|
25
25
|
if data.empty?
|
26
26
|
Sqreen.log.debug { "#{category} from #{ip} but keys empty" }
|
data/lib/sqreen/rules/rule_cb.rb
CHANGED
@@ -70,6 +70,15 @@ module Sqreen
|
|
70
70
|
if payload_tpl.include?('context')
|
71
71
|
payload[:backtrace] = Sqreen::Context.new.bt
|
72
72
|
end
|
73
|
+
if framework.respond_to?(:datadog_span) && (datadog_span = framework.datadog_span)
|
74
|
+
Sqreen::Weave.logger.debug { "attack datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
|
75
|
+
payload.merge!(
|
76
|
+
:datadog_trace_id => datadog_span.trace_id,
|
77
|
+
:datadog_span_id => datadog_span.span_id,
|
78
|
+
)
|
79
|
+
datadog_span.set_tag(Datadog::Ext::ManualTracing::TAG_KEEP, true)
|
80
|
+
datadog_span.set_tag('sqreen.event', true)
|
81
|
+
end
|
73
82
|
framework.observe(:attacks, payload, payload_tpl)
|
74
83
|
end
|
75
84
|
|
data/lib/sqreen/rules/waf_cb.rb
CHANGED
@@ -44,11 +44,17 @@ module Sqreen
|
|
44
44
|
# XXX: not used because we don't use Sqreen::Attack
|
45
45
|
def convert_attack(attack)
|
46
46
|
# no need to set actor/context as we only include them in request records/traces
|
47
|
+
location_h = {}
|
48
|
+
location_h.merge!(stack_trace: attack.backtrace) if attack.backtrace
|
49
|
+
location_h.merge!(datadog_trace_id: datadog_trace_id) if attack.datadog_trace_id
|
50
|
+
location_h.merge!(datadog_span_id: datadog_span_id) if attack.datadog_span_id
|
51
|
+
location = Kit::Signals::Location.new(location_h) unless location_h.empty?
|
52
|
+
|
47
53
|
Kit::Signals::Specialized::Attack.new(
|
48
54
|
signal_name: "sq.agent.attack.#{attack.attack_type}",
|
49
55
|
source: "sqreen:rule:#{attack.rulespack_id}:#{attack.rule_name}",
|
50
56
|
time: attack.time,
|
51
|
-
location:
|
57
|
+
location: location,
|
52
58
|
payload: Kit::Signals::Specialized::Attack::Payload.new(
|
53
59
|
test: attack.test?,
|
54
60
|
block: attack.block?,
|
@@ -59,11 +65,17 @@ module Sqreen
|
|
59
65
|
|
60
66
|
# see Sqreen::Rules::RuleCB.record_event
|
61
67
|
def convert_unstructured_attack(payload)
|
68
|
+
location_h = {}
|
69
|
+
location_h.merge!(stack_trace: payload[:backtrace]) if payload[:backtrace]
|
70
|
+
location_h.merge!(datadog_trace_id: payload[:datadog_trace_id]) if payload[:datadog_span_id]
|
71
|
+
location_h.merge!(datadog_span_id: payload[:datadog_span_id]) if payload[:datadog_span_id]
|
72
|
+
location = Kit::Signals::Location.new(location_h) unless location_h.empty?
|
73
|
+
|
62
74
|
Kit::Signals::Specialized::Attack.new(
|
63
75
|
signal_name: "sq.agent.attack.#{payload[:attack_type]}",
|
64
76
|
source: "sqreen:rule:#{payload[:rulespack_id]}:#{payload[:rule_name]}",
|
65
77
|
time: payload[:time],
|
66
|
-
location:
|
78
|
+
location: location,
|
67
79
|
payload: Kit::Signals::Specialized::Attack::Payload.new(
|
68
80
|
test: payload[:test],
|
69
81
|
block: payload[:block],
|
@@ -185,12 +197,13 @@ module Sqreen
|
|
185
197
|
# see Sqreen::RequestRecord.processed_sdk_calls
|
186
198
|
def convert_track(call_info)
|
187
199
|
options = call_info[:args][1] || {}
|
200
|
+
args = options[:args] || {}
|
188
201
|
Kit::Signals::Specialized::SdkTrackCall.new(
|
189
202
|
signal_name: "sq.sdk.#{call_info[:args][0]}",
|
190
203
|
time: call_info[:time],
|
191
204
|
payload: Kit::Signals::Specialized::SdkTrackCall::Payload.new(
|
192
|
-
properties:
|
193
|
-
user_identifiers:
|
205
|
+
properties: args[:properties],
|
206
|
+
user_identifiers: args[:user_identifiers]
|
194
207
|
)
|
195
208
|
)
|
196
209
|
end
|
@@ -234,6 +247,9 @@ module Sqreen
|
|
234
247
|
status: resp_payload[:status],
|
235
248
|
content_length: resp_payload[:content_length],
|
236
249
|
content_type: resp_payload[:content_type],
|
250
|
+
# datadog
|
251
|
+
datadog_trace_id: req_payload[:datadog_trace_id],
|
252
|
+
datadog_span_id: req_payload[:datadog_span_id],
|
237
253
|
}
|
238
254
|
)
|
239
255
|
end
|
data/lib/sqreen/version.rb
CHANGED
@@ -244,6 +244,9 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
244
244
|
|
245
245
|
# shrinkwrap_timer = Sqreen::Graft::Timer.new('weave,shrinkwrap')
|
246
246
|
# shrinkwrap_timer.start
|
247
|
+
if defined?(Datadog) && Datadog.tracer && (datadog_span = Datadog.tracer.active_root_span)
|
248
|
+
Sqreen::Weave.logger.debug { "request datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
|
249
|
+
end
|
247
250
|
|
248
251
|
request_timer = Sqreen::Graft::Timer.new("request")
|
249
252
|
request_timer.start
|
@@ -269,6 +272,7 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
269
272
|
timed_level: timed_level,
|
270
273
|
skipped_callbacks: [],
|
271
274
|
# timed_shrinkwrap: shrinkwrap_timer,
|
275
|
+
datadog_span: datadog_span,
|
272
276
|
}
|
273
277
|
|
274
278
|
# shrinkwrap_timer.stop
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sqreen
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.24.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sqreen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 1980-01-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: sqreen-backport
|
@@ -30,14 +30,14 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.2.
|
33
|
+
version: 0.2.4
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 0.2.
|
40
|
+
version: 0.2.4
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: sq_mini_racer
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -47,7 +47,7 @@ dependencies:
|
|
47
47
|
version: '0.2'
|
48
48
|
- - "<"
|
49
49
|
- !ruby/object:Gem::Version
|
50
|
-
version: 0.
|
50
|
+
version: 0.5.a
|
51
51
|
type: :runtime
|
52
52
|
prerelease: false
|
53
53
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -57,7 +57,7 @@ dependencies:
|
|
57
57
|
version: '0.2'
|
58
58
|
- - "<"
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: 0.
|
60
|
+
version: 0.5.a
|
61
61
|
- !ruby/object:Gem::Dependency
|
62
62
|
name: libsqreen
|
63
63
|
requirement: !ruby/object:Gem::Requirement
|
@@ -354,7 +354,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
354
354
|
- !ruby/object:Gem::Version
|
355
355
|
version: '0'
|
356
356
|
requirements: []
|
357
|
-
rubygems_version: 3.2.
|
357
|
+
rubygems_version: 3.2.26
|
358
358
|
signing_key:
|
359
359
|
specification_version: 4
|
360
360
|
summary: Sqreen Ruby agent
|