sqreen 1.21.1-java → 1.22.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/CHANGELOG.md +7 -0
- data/lib/sqreen/frameworks/generic.rb +12 -0
- data/lib/sqreen/version.rb +1 -1
- data/lib/sqreen/weave/legacy/instrumentation.rb +63 -11
- metadata +7 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: bcd3c75be7987ecc85661f689c667541848198edeab5261e255bc02d2423c4b4
|
4
|
+
data.tar.gz: '05923eb03e291f3e81701829b74ce77f3eea258c6b6dedf9c6c702a8112bdcab'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 67047add0d2b639f78d4af087a628fd4d922f7e3b3dacac29654787a40e5122bdcc0269535187f80cb10afb122c098db8eed288faa24f2a615e743f1b0174bb4
|
7
|
+
data.tar.gz: '088347e94c0e70376871a1fa8fc3c01b0e7324f750418b361055b3db3c78fd2ab2a11100ff9bcc4a404c8f19216cb13e9ef41bbd26ad41d6221bc87391870105'
|
data/CHANGELOG.md
CHANGED
@@ -400,6 +400,18 @@ module Sqreen
|
|
400
400
|
r
|
401
401
|
end
|
402
402
|
|
403
|
+
def body
|
404
|
+
return nil unless request.respond_to?(:body)
|
405
|
+
return nil unless request.body.respond_to?(:read)
|
406
|
+
return nil unless request.body.respond_to?(:rewind)
|
407
|
+
|
408
|
+
body_io = request.body
|
409
|
+
body = body_io.read(4096)
|
410
|
+
body_io.rewind
|
411
|
+
|
412
|
+
body
|
413
|
+
end
|
414
|
+
|
403
415
|
# Expose current working directory
|
404
416
|
def cwd
|
405
417
|
Dir.getwd
|
data/lib/sqreen/version.rb
CHANGED
@@ -96,25 +96,77 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
96
96
|
def instrument!(rules, framework)
|
97
97
|
Sqreen::Weave.logger.debug { "#{rules.count} rules, #{framework}" }
|
98
98
|
|
99
|
+
# TODO: make config able to see if value was user-set or default
|
99
100
|
strategy = Sqreen.config_get(:weave_strategy)
|
101
|
+
# TODO: factor generic hint system out
|
102
|
+
# TODO: factor those hint definitions to dependency
|
103
|
+
strategy_hints = []
|
100
104
|
if strategy == :prepend && !Module.respond_to?(:prepend)
|
101
|
-
Sqreen::Weave.logger.
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
strategy
|
105
|
+
Sqreen::Weave.logger.debug { "strategy: #{strategy.inspect} unavailable, falling back to :chain" }
|
106
|
+
strategy_hints << [:chain, 'Module.respond_to?(:prepend)', 'false']
|
107
|
+
end
|
108
|
+
if Gem::Specification.select { |s| s.name == 'scout_apm' && Gem::Requirement.new('< 2.5.2').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
109
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with scout_apm < 2.5.2, switching to :chain" }
|
110
|
+
strategy_hints << [:chain, 'scout_apm', '< 2.5.2']
|
111
|
+
end
|
112
|
+
if Gem::Specification.select { |s| s.name == 'scout_apm' && Gem::Requirement.new('>= 2.5.2').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
113
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with scout_apm >= 2.5.2, switching to :prepend" }
|
114
|
+
strategy_hints << [:prepend, 'scout_apm', '>= 2.5.2']
|
115
|
+
end
|
116
|
+
if Gem::Specification.select { |s| s.name == 'ddtrace' && Gem::Requirement.new('< 0.27').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
117
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with ddtrace < 0.27, switching to :chain" }
|
118
|
+
strategy_hints << [:chain, 'ddtrace', '< 0.27']
|
119
|
+
end
|
120
|
+
if Gem::Specification.select { |s| s.name == 'ddtrace' && Gem::Requirement.new('>= 0.27').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
121
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with ddtrace >= 0.27, switching to :prepend" }
|
122
|
+
strategy_hints << [:prepend, 'ddtrace', '>= 0.27']
|
123
|
+
end
|
124
|
+
if Gem::Specification.select { |s| s.name == 'skylight' && Gem::Requirement.new('< 5.0.0.beta').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
125
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with skylight < 5.0.0.beta, switching to :chain" }
|
126
|
+
strategy_hints << [:chain, 'skylight', '< 5.0.0.beta']
|
127
|
+
end
|
128
|
+
if Gem::Specification.select { |s| s.name == 'skylight' && Gem::Requirement.new('>= 5.0.0.beta').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
129
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with skylight >= 5.0.0.beta, switching to :prepend" }
|
130
|
+
strategy_hints << [:prepend, 'skylight', '>= 5.0.0.beta']
|
131
|
+
end
|
132
|
+
if strategy_hints.map(&:first).uniq.count > 1
|
133
|
+
raise Sqreen::Exception, "conflicting instrumentation strategies: #{strategy_hints.inspect}"
|
134
|
+
end
|
135
|
+
if strategy_hints.map(&:first).uniq.count == 1 && strategy != strategy_hints.first.first
|
136
|
+
was = strategy
|
137
|
+
strategy = strategy_hints.first.first
|
138
|
+
Sqreen::Weave.logger.warn { "strategy: #{strategy.inspect} was: #{was.inspect} hints: #{strategy_hints.inspect}" }
|
139
|
+
else
|
140
|
+
Sqreen::Weave.logger.info { "strategy: #{strategy.inspect}" }
|
106
141
|
end
|
107
|
-
Sqreen::Weave.logger.debug { "strategy: #{strategy.inspect}" }
|
108
142
|
|
109
143
|
### set up rule signature verifier
|
110
144
|
verifier = nil
|
111
|
-
|
112
|
-
|
113
|
-
|
145
|
+
# TODO: check for JRuby via dependency
|
146
|
+
# TODO: reinstate signatures for JRuby
|
147
|
+
if Sqreen.config_get(:rules_verify_signature) == true && !defined?(::JRUBY_VERSION)
|
114
148
|
verifier = Sqreen::SqreenSignedVerifier.new
|
115
|
-
Sqreen::Weave.logger.debug('
|
149
|
+
Sqreen::Weave.logger.debug('rules: signature status: enabled')
|
116
150
|
else
|
117
|
-
Sqreen::Weave.logger.debug('
|
151
|
+
Sqreen::Weave.logger.debug('rules: signature status: disabled')
|
152
|
+
end
|
153
|
+
|
154
|
+
if verifier
|
155
|
+
invalid_rules = rules.reject do |rule|
|
156
|
+
valid = verifier.verify(rule)
|
157
|
+
|
158
|
+
if valid
|
159
|
+
Sqreen::Weave.logger.debug { "rule: #{rule['name']} signed: true result: ok" }
|
160
|
+
else
|
161
|
+
Sqreen::Weave.logger.error { "rule: #{rule['name']} singed: true result: fail" }
|
162
|
+
end
|
163
|
+
end
|
164
|
+
if invalid_rules.any?
|
165
|
+
Sqreen::Weave.logger.error { "weave: instrument status: abort reason: signature result: fail" }
|
166
|
+
raise Sqreen::Exception, "Signature error: rules: #{invalid_rules.map { |r| r['name'] }.inspect}"
|
167
|
+
else
|
168
|
+
Sqreen::Weave.logger.info { "weave: instrument rules: signed result: ok" }
|
169
|
+
end
|
118
170
|
end
|
119
171
|
|
120
172
|
### force clean instrumentation callback list
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sqreen
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.22.0
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Sqreen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-11-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -17,8 +17,8 @@ dependencies:
|
|
17
17
|
- !ruby/object:Gem::Version
|
18
18
|
version: 0.1.0
|
19
19
|
name: sqreen-backport
|
20
|
-
prerelease: false
|
21
20
|
type: :runtime
|
21
|
+
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
@@ -31,8 +31,8 @@ dependencies:
|
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 0.2.2
|
33
33
|
name: sqreen-kit
|
34
|
-
prerelease: false
|
35
34
|
type: :runtime
|
35
|
+
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
@@ -45,8 +45,8 @@ dependencies:
|
|
45
45
|
- !ruby/object:Gem::Version
|
46
46
|
version: '0'
|
47
47
|
name: therubyrhino
|
48
|
-
prerelease: false
|
49
48
|
type: :runtime
|
49
|
+
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - ">="
|
@@ -59,8 +59,8 @@ dependencies:
|
|
59
59
|
- !ruby/object:Gem::Version
|
60
60
|
version: 0.3.0
|
61
61
|
name: execjs
|
62
|
-
prerelease: false
|
63
62
|
type: :runtime
|
63
|
+
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - ">="
|
@@ -342,8 +342,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
342
342
|
- !ruby/object:Gem::Version
|
343
343
|
version: '0'
|
344
344
|
requirements: []
|
345
|
-
|
346
|
-
rubygems_version: 2.6.14.1
|
345
|
+
rubygems_version: 3.0.6
|
347
346
|
signing_key:
|
348
347
|
specification_version: 4
|
349
348
|
summary: Sqreen Ruby agent
|