sqreen 1.15.7.beta1-java → 1.15.7-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/sqreen/rules_callbacks/blacklist_ips.rb +26 -10
- data/lib/sqreen/trie.rb +1 -0
- data/lib/sqreen/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ab0f7f327746411e048e85c39d5a85eb0e5160de4561d9dd996b689313db356e
|
4
|
+
data.tar.gz: a6b48b211b1694a109e57e394ceec8c678b31585a3313211d028ab0798467b2d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3e951226c019ee021a9203609971bef97b9bc738f43a624c41e4eedae17803009f3d6232f336422522b6f9b0453b631423674327c5f3ebb78db1e7a7f0506905
|
7
|
+
data.tar.gz: 19297ce483987c4c714a76b76409ca7139ebda5ec01f4da7ca79ce5d80a6faa1b37d732df9548037c00319ac1b82e40f906c384e29dfb9a869c088fc0010cd89
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# Copyright (c) 2015 Sqreen. All Rights Reserved.
|
2
2
|
# Please refer to our terms for more information: https://www.sqreen.io/terms.html
|
3
3
|
|
4
|
-
require '
|
4
|
+
require 'sqreen/trie'
|
5
5
|
|
6
6
|
require 'sqreen/rule_callback'
|
7
7
|
|
@@ -11,8 +11,9 @@ module Sqreen
|
|
11
11
|
class BlacklistIPsCB < RuleCB
|
12
12
|
def initialize(klass, method, rule_hash)
|
13
13
|
super(klass, method, rule_hash)
|
14
|
-
@
|
15
|
-
Sqreen.
|
14
|
+
@trie_v4 = Sqreen::Trie.new
|
15
|
+
@trie_v6 = Sqreen::Trie.new(nil, nil, Socket::AF_INET6)
|
16
|
+
insert_values(@data['values'])
|
16
17
|
end
|
17
18
|
|
18
19
|
def pre(_inst, _args, _budget = nil, &_block)
|
@@ -26,18 +27,33 @@ module Sqreen
|
|
26
27
|
advise_action(:raise, :skip_rem_cbs => true)
|
27
28
|
end
|
28
29
|
|
29
|
-
|
30
|
+
private
|
31
|
+
|
32
|
+
def insert_values(ranges)
|
33
|
+
Sqreen.log.info 'no ips given for IP blacklisting' if ranges.empty?
|
34
|
+
|
35
|
+
ranges.map { |r| Prefix.from_str(r, r) }.each do |prefix|
|
36
|
+
trie_for(prefix).insert prefix
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def trie_for(prefix)
|
41
|
+
prefix.family == Socket::AF_INET6 ? @trie_v6 : @trie_v4
|
42
|
+
end
|
30
43
|
|
31
44
|
# Is this a blacklisted ip?
|
32
45
|
# return the ip blacklisted range that match ip
|
33
46
|
def find_blacklisted_ip(rip)
|
34
|
-
|
35
|
-
|
47
|
+
begin
|
48
|
+
ipa = IPAddr.new(rip)
|
49
|
+
rescue
|
50
|
+
Sqreen.log.info "invalid IP address given by framework: #{rip}"
|
51
|
+
return nil
|
36
52
|
end
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
53
|
+
|
54
|
+
range = trie_for(ipa).search_best(ipa.to_i, ipa.family)
|
55
|
+
return nil unless range
|
56
|
+
range.data
|
41
57
|
end
|
42
58
|
end
|
43
59
|
end
|
data/lib/sqreen/trie.rb
CHANGED
data/lib/sqreen/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sqreen
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.15.7
|
4
|
+
version: 1.15.7
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Sqreen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-11-
|
11
|
+
date: 2018-11-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -148,9 +148,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
148
148
|
version: '0'
|
149
149
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
150
150
|
requirements:
|
151
|
-
- - "
|
151
|
+
- - ">="
|
152
152
|
- !ruby/object:Gem::Version
|
153
|
-
version:
|
153
|
+
version: '0'
|
154
154
|
requirements: []
|
155
155
|
rubyforge_project:
|
156
156
|
rubygems_version: 2.7.7
|