sqreen 1.1.01481108064-java → 1.1.11481117869-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a9d3f7c3fc865a93d78175383a7f424176a288c1
-  data.tar.gz: 26617b49da228995435b7940a0723201895d41f3
+  metadata.gz: 0380f38a3af0fbb87e91fb92c71261300ac8e705
+  data.tar.gz: e26603f5e01edd06550f54bb66ae4b202b24e5fc
 SHA512:
-  metadata.gz: df9fc5626f01080a479cb72ccea334b06d6c04c62a2fa142c34f5f9cb411e484ca333ea0663a79fa8e7109f5f9dff077f1f116631e17f57383433df410f153e6
-  data.tar.gz: 3da6a48af4310d9fdb6f251b85401ef2ae3ab9ba9ca089c0612be02012f59e0b1671e02c0a29740a8f6bba63a0c6485acbf0ff6c37c94030226c639a31d3a581
+  metadata.gz: b274e896a689f03dbc034ee62ffb06761dfa7361665606bd7d31261a8fdfcc978361e832ad221ab2ceaf767a99eeb7b2bd49b6727b6c578b0c0d545795b48e1e
+  data.tar.gz: 5de74d338c25967869f36a2f6a6da4700d342ea544b0c3db30d7738bc0d0f0cfd490322e12e4f1a35964712f2e6338a817266243888848156fe8946807aaebaa

data/lib/sqreen/events/attack.rb

@@ -54,6 +54,7 @@ module Sqreen
       res[:request]      = request_p              if request_p
       res[:params]       = payload['params']      if payload['params']
       res[:context]      = payload['context']     if payload['context']
+      res[:headers]      = payload['headers']     if payload['headers']
       res
     end
   end

data/lib/sqreen/events/remote_exception.rb

@@ -40,6 +40,7 @@ module Sqreen
           :client_ip => payload['client_ip'],
         },
         :request => payload['request_infos'],
+        :headers => payload['headers'],
         :rule_name => payload['rule_name'],
         :rulespack_id => payload['rulespack_id'],
       }

data/lib/sqreen/frameworks/generic.rb

@@ -2,6 +2,9 @@
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 
 require 'sqreen/events/remote_exception'
+require 'sqreen/callbacks'
+require 'sqreen/exception'
+require 'sqreen/log'
 
 module Sqreen
   module Frameworks
@@ -33,14 +36,49 @@ module Sqreen
         }
       end
 
+      def ip_headers
+        req = request
+        return [] unless req
+        ips = []
+        %w(HTTP_X_FORWARDED_FOR HTTP_CLIENT_IP HTTP_X_REAL_IP HTTP_X_FORWARDED
+           HTTP_X_CLUSTER_CLIENT_IP HTTP_FORWARDED_FOR HTTP_FORWARDED HTTP_VIA
+           REMOTE_ADDR).each do |header|
+          v = req.env[header]
+          ips << [header, v] unless v.nil?
+        end
+        ips << ['rack.ip', req.ip] if req.respond_to?(:ip)
+        ips
+      end
+
+      # What is the current client IP as seen by rack
+      def rack_client_ip
+        req = request
+        return nil unless req
+        return req.ip if req.respond_to?(:ip)
+        req.env['REMOTE_ADDR']
+      end
+
+      # Sourced from rack:Request#trusted_proxy?
+      TRUSTED_PROXIES = /\A127\.0\.0\.1\Z|\A(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|\A::1\Z|\Afd[0-9a-f]{2}:.+|\Alocalhost\Z|\Aunix\Z|\Aunix:/i
+
       # What is the current client IP
       def client_ip
         req = request
         return nil unless req
-        return req.ip if req.respond_to?(:ip)
+        forwarded = req.env['HTTP_X_FORWARDED_FOR']
+        ips = split_ip_addresses(forwarded)
+        last = ips.reject { |ip| ip =~ TRUSTED_PROXIES }.first
+        return last unless last.nil?
         req.env['REMOTE_ADDR']
       end
 
+      # Get a header by name
+      def header(name)
+        req = request
+        return nil unless req
+        req.env[name]
+      end
+
       def hostname
         req = request
         return nil unless req
@@ -277,6 +315,12 @@ module Sqreen
         @cannot_load_rack = true
         false
       end
+
+      private
+
+      def split_ip_addresses(ip_addresses)
+        ip_addresses ? ip_addresses.strip.split(/[,\s]+/) : []
+      end
     end
   end
 end

data/lib/sqreen/frameworks/rails.rb

@@ -38,19 +38,24 @@ module Sqreen
         [db_type, db_infos]
       end
 
-      def client_ip
-        request = SharedStorage.get :request
-        return unless request && request.env
-        remote_ip = request.env['action_dispatch.remote_ip']
-        return super unless remote_ip
+      def ip_headers
+        ret = super
+        remote_ip = rails_client_ip
+        ret << ['action_dispatch.remote_ip', remote_ip] unless remote_ip.nil?
+        ret
+      end
+
+      # What is the current client IP as seen by rails
+      def rails_client_ip
+        req = request
+        return unless req && req.env
+        remote_ip = req.env['action_dispatch.remote_ip']
+        return unless remote_ip
         # FIXME: - this exist only since Rails 3.2.1
         # http://apidock.com/rails/v3.2.1/ActionDispatch/RemoteIp/GetIp/calculate_ip
-        if remote_ip.respond_to?(:calculate_ip)
-          return remote_ip.calculate_ip
-        else
-          # This might not return the same value as calculate IP
-          return remote_ip.to_s
-        end
+        return remote_ip.calculate_ip if remote_ip.respond_to?(:calculate_ip)
+        # This might not return the same value as calculate IP
+        remote_ip.to_s
       end
 
       def request_id

data/lib/sqreen/payload_creator.rb

@@ -46,7 +46,7 @@ module Sqreen
       if subsection == true
         return base.merge!(key => full_section(key, framework, rule))
       end
-      return base if subsection.size == 0
+      return base if subsection.empty?
       base[key] = fields(key, framework, rule)
       base
     end
@@ -54,6 +54,7 @@ module Sqreen
     FULL_SECTIONS = {
       'request' => 'request_infos',
       'params' => 'filtered_request_params',
+      'headers' => 'ip_headers',
       'local' => 'local_infos',
     }.freeze
 
@@ -72,6 +73,7 @@ module Sqreen
         'rails' => 'rails_params',
       },
       'rule' => {},
+      'headers' => {},
       'context' => {
         'backtrace' => 'get_current_backtrace',
       },
@@ -81,12 +83,15 @@ module Sqreen
       return RuntimeInfos if section == 'local'
       return rule if section == 'rule'
       return Context.new if section == 'context'
+      return HeaderSection.new(framework) if section == 'headers'
       framework
     end
 
     def full_section(section, framework, rule)
       return section_rule(framework, rule) if section == 'rule'
       return section_context(framework, rule) if section == 'context'
+      # fast path prevent initializing a HeaderSection
+      return framework.ip_headers if section == 'headers'
       so = section_object(section, framework, rule)
       so.send(FULL_SECTIONS[section])
     end
@@ -128,5 +133,27 @@ module Sqreen
         'test' => rule['test'],
       }
     end
+
+    # object that default to call on framework header
+    class HeaderSection
+      def initialize(framework)
+        @framework = framework
+      end
+
+      def [](value)
+        if %w(rack_client_ip rails_client_ip ip_headers).include?(value)
+          return @framework.send(value)
+        end
+        @framework.header(value)
+      end
+
+      def ip_headers
+        @framework.ip_headers
+      end
+    end
+
+    def section_headers(framework)
+      HeaderSection.new(framework)
+    end
   end
 end

data/lib/sqreen/rule_callback.rb

@@ -90,6 +90,11 @@ module Sqreen
         rescue => e
           Sqreen.log.debug("No framework client_ip #{e}")
         end
+        begin
+          payload['headers'] = framework.ip_headers
+        rescue => e
+          Sqreen.log.debug("No framework ip_headers #{e}")
+        end
         RemoteException.record(payload)
       end
     end

data/lib/sqreen/version.rb

@@ -2,5 +2,5 @@
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 # Warning This file is auto generated! DO NOT edit.
 module Sqreen
-  VERSION = "1.1.01481108064".freeze
+  VERSION = "1.1.11481117869".freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.1.01481108064
+  version: 1.1.11481117869
 platform: java
 authors:
 - Sqreen