tcell_agent 0.2.19 → 0.2.21

Sign up to get free protection for your applications and to get access to all the features.
Files changed (60) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE_libinjection +32 -0
  3. data/Rakefile +14 -1
  4. data/ext/libinjection/extconf.rb +3 -0
  5. data/ext/libinjection/libinjection.h +65 -0
  6. data/ext/libinjection/libinjection_html5.c +847 -0
  7. data/ext/libinjection/libinjection_html5.h +54 -0
  8. data/ext/libinjection/libinjection_sqli.c +2317 -0
  9. data/ext/libinjection/libinjection_sqli.h +295 -0
  10. data/ext/libinjection/libinjection_sqli_data.h +9004 -0
  11. data/ext/libinjection/libinjection_wrap.c +3525 -0
  12. data/ext/libinjection/libinjection_xss.c +531 -0
  13. data/ext/libinjection/libinjection_xss.h +21 -0
  14. data/lib/tcell_agent/configuration.rb +0 -48
  15. data/lib/tcell_agent/logger.rb +1 -0
  16. data/lib/tcell_agent/policies/appsensor/database_sensor.rb +8 -20
  17. data/lib/tcell_agent/policies/appsensor/injection_sensor.rb +30 -46
  18. data/lib/tcell_agent/policies/appsensor/login_sensor.rb +1 -4
  19. data/lib/tcell_agent/policies/appsensor/misc_sensor.rb +8 -22
  20. data/lib/tcell_agent/policies/appsensor/payloads_policy.rb +143 -0
  21. data/lib/tcell_agent/policies/appsensor/response_codes_sensor.rb +3 -1
  22. data/lib/tcell_agent/policies/appsensor/sensor.rb +21 -2
  23. data/lib/tcell_agent/policies/appsensor/size_sensor.rb +3 -1
  24. data/lib/tcell_agent/policies/appsensor/sqli_sensor.rb +9 -0
  25. data/lib/tcell_agent/policies/appsensor/user_agent_sensor.rb +1 -5
  26. data/lib/tcell_agent/policies/appsensor/xss_sensor.rb +9 -1
  27. data/lib/tcell_agent/policies/appsensor_policy.rb +40 -19
  28. data/lib/tcell_agent/policies/http_redirect_policy.rb +12 -2
  29. data/lib/tcell_agent/rails/csrf_exception.rb +1 -1
  30. data/lib/tcell_agent/rails/dlp.rb +98 -76
  31. data/lib/tcell_agent/rails/middleware/global_middleware.rb +1 -2
  32. data/lib/tcell_agent/rails/middleware/headers_middleware.rb +2 -2
  33. data/lib/tcell_agent/rails/on_start.rb +53 -20
  34. data/lib/tcell_agent/sensor_events/appsensor_event.rb +12 -19
  35. data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +7 -2
  36. data/lib/tcell_agent/sensor_events/sensor.rb +10 -11
  37. data/lib/tcell_agent/sensor_events/server_agent.rb +17 -12
  38. data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +148 -139
  39. data/lib/tcell_agent/utils/params.rb +24 -21
  40. data/lib/tcell_agent/version.rb +1 -1
  41. data/spec/lib/tcell_agent/configuration_spec.rb +0 -179
  42. data/spec/lib/tcell_agent/policies/appsensor/database_sensor_spec.rb +6 -4
  43. data/spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb +31 -22
  44. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_apply_spec.rb +466 -0
  45. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb +890 -0
  46. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_log_spec.rb +484 -0
  47. data/spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb +4 -3
  48. data/spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb +4 -4
  49. data/spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb +1 -1
  50. data/spec/lib/tcell_agent/policies/appsensor/sqli_sensor_spec.rb +85 -0
  51. data/spec/lib/tcell_agent/policies/appsensor/user_agent_sensor_spec.rb +36 -16
  52. data/spec/lib/tcell_agent/policies/appsensor/xss_sensor_spec.rb +188 -312
  53. data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +61 -0
  54. data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +18 -11
  55. data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +14 -15
  56. data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +1 -1
  57. data/spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb +6 -5
  58. data/spec/lib/tcell_agent/utils/params_spec.rb +28 -108
  59. data/tcell_agent.gemspec +21 -1
  60. metadata +37 -4
@@ -33,6 +33,9 @@ module TCellAgent
33
33
 
34
34
  expect(empty_policy.policy_id).to eq("01a1")
35
35
  expect(empty_policy.enabled).to eq(false)
36
+ expect(empty_policy.payloads_policy).to_not be_nil
37
+ expect(empty_policy.payloads_policy.send_payloads).to eq(false)
38
+ expect(empty_policy.payloads_policy.log_payloads).to eq(false)
36
39
  expect(empty_policy.options["req_size"]).to be_nil
37
40
  expect(empty_policy.options["resp_size"]).to be_nil
38
41
  expect(empty_policy.options["resp_codes"]).to be_nil
@@ -63,6 +66,9 @@ module TCellAgent
63
66
 
64
67
  expect(empty_policy.policy_id).to eq("01a1")
65
68
  expect(empty_policy.enabled).to eq(false)
69
+ expect(empty_policy.payloads_policy).to_not be_nil
70
+ expect(empty_policy.payloads_policy.send_payloads).to eq(false)
71
+ expect(empty_policy.payloads_policy.log_payloads).to eq(false)
66
72
  expect(empty_policy.options["req_size"]).to be_nil
67
73
  expect(empty_policy.options["resp_size"]).to be_nil
68
74
  expect(empty_policy.options["resp_codes"]).to be_nil
@@ -93,6 +99,10 @@ module TCellAgent
93
99
  policy = AppSensorPolicy.from_json(policy_json)
94
100
 
95
101
  expect(policy.policy_id).to eq("01a1")
102
+ expect(policy.enabled).to eq(true)
103
+ expect(policy.payloads_policy).to_not be_nil
104
+ expect(policy.payloads_policy.send_payloads).to eq(true)
105
+ expect(policy.payloads_policy.log_payloads).to eq(true)
96
106
  expect(policy.options["req_size"]).to_not be_nil
97
107
  expect(policy.options["resp_size"]).to_not be_nil
98
108
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -147,6 +157,9 @@ module TCellAgent
147
157
  empty_policy = AppSensorPolicy.from_json(policy_json)
148
158
 
149
159
  expect(empty_policy.policy_id).to eq("01a1")
160
+ expect(empty_policy.enabled).to eq(true)
161
+ expect(empty_policy.payloads_policy.send_payloads).to eq(true)
162
+ expect(empty_policy.payloads_policy.log_payloads).to eq(true)
150
163
  expect(empty_policy.options["req_size"]).to_not be_nil
151
164
  expect(empty_policy.options["resp_size"]).to_not be_nil
152
165
  expect(empty_policy.options["resp_codes"]).to_not be_nil
@@ -211,6 +224,9 @@ module TCellAgent
211
224
  policy = AppSensorPolicy.from_json(policy_json)
212
225
 
213
226
  expect(policy.policy_id).to eq("01a1")
227
+ expect(policy.enabled).to eq(true)
228
+ expect(policy.payloads_policy.send_payloads).to eq(true)
229
+ expect(policy.payloads_policy.log_payloads).to eq(true)
214
230
  expect(policy.options["req_size"]).to_not be_nil
215
231
  expect(policy.options["resp_size"]).to_not be_nil
216
232
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -279,6 +295,9 @@ module TCellAgent
279
295
 
280
296
  expect(empty_policy.policy_id).to eq("01a1")
281
297
  expect(empty_policy.enabled).to eq(false)
298
+ expect(empty_policy.payloads_policy).to_not be_nil
299
+ expect(empty_policy.payloads_policy.send_payloads).to eq(false)
300
+ expect(empty_policy.payloads_policy.log_payloads).to eq(false)
282
301
  expect(empty_policy.options["req_size"]).to be_nil
283
302
  expect(empty_policy.options["resp_size"]).to be_nil
284
303
  expect(empty_policy.options["resp_codes"]).to be_nil
@@ -311,6 +330,9 @@ module TCellAgent
311
330
 
312
331
  expect(empty_policy.policy_id).to eq("01a1")
313
332
  expect(empty_policy.enabled).to eq(false)
333
+ expect(empty_policy.payloads_policy).to_not be_nil
334
+ expect(empty_policy.payloads_policy.send_payloads).to eq(false)
335
+ expect(empty_policy.payloads_policy.log_payloads).to eq(false)
314
336
  expect(empty_policy.options["req_size"]).to be_nil
315
337
  expect(empty_policy.options["resp_size"]).to be_nil
316
338
  expect(empty_policy.options["resp_codes"]).to be_nil
@@ -346,6 +368,9 @@ module TCellAgent
346
368
  policy = AppSensorPolicy.from_json(policy_json)
347
369
 
348
370
  expect(policy.policy_id).to eq("01a1")
371
+ expect(policy.payloads_policy).to_not be_nil
372
+ expect(policy.payloads_policy.send_payloads).to eq(false)
373
+ expect(policy.payloads_policy.log_payloads).to eq(false)
349
374
  expect(policy.options["req_size"]).to_not be_nil
350
375
  expect(policy.options["resp_size"]).to_not be_nil
351
376
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -409,6 +434,9 @@ module TCellAgent
409
434
  policy = AppSensorPolicy.from_json(policy_json)
410
435
 
411
436
  expect(policy.policy_id).to eq("01a1")
437
+ expect(policy.payloads_policy).to_not be_nil
438
+ expect(policy.payloads_policy.send_payloads).to eq(false)
439
+ expect(policy.payloads_policy.log_payloads).to eq(false)
412
440
  expect(policy.options["req_size"]).to_not be_nil
413
441
  expect(policy.options["resp_size"]).to_not be_nil
414
442
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -457,6 +485,22 @@ module TCellAgent
457
485
  "policy_id" => "01a1",
458
486
  "version" => 2,
459
487
  "data" => {
488
+ "options" => {
489
+ "payloads" => {
490
+ "send_payloads" => true,
491
+ "send_blacklist" => {
492
+ "JSESSIONID" => ["cookie"],
493
+ "ssn" => ["*"],
494
+ "password" => ["*"]
495
+ },
496
+ "send_whitelist" => {},
497
+ "log_payloads" => true,
498
+ "log_blacklist" => {},
499
+ "log_whitelist" => {
500
+ "username" => ["*"]
501
+ }
502
+ }
503
+ },
460
504
  "sensors" => {
461
505
  "req_size" => {
462
506
  "limit" => 1024,
@@ -525,6 +569,7 @@ module TCellAgent
525
569
  policy = AppSensorPolicy.from_json(policy_json)
526
570
 
527
571
  expect(policy.policy_id).to eq("01a1")
572
+ expect(policy.payloads_policy).to_not be_nil
528
573
  expect(policy.options["req_size"]).to_not be_nil
529
574
  expect(policy.options["resp_size"]).to_not be_nil
530
575
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -563,8 +608,24 @@ module TCellAgent
563
608
  expect(policy.options["fpt"].v1_compatability_enabled).to eq(false)
564
609
  expect(policy.options["nullbyte"].v1_compatability_enabled).to eq(false)
565
610
  expect(policy.options["retr"].v1_compatability_enabled).to eq(false)
611
+
612
+ expect(policy.payloads_policy.send_payloads).to eq(true)
613
+ expect(policy.payloads_policy.send_blacklist).to eq({
614
+ "jsessionid" => Set.new(["cookie"]),
615
+ "ssn" => Set.new(["*"]),
616
+ "password" => Set.new(["*"])
617
+ })
618
+ expect(policy.payloads_policy.use_send_whitelist).to eq(true)
619
+ expect(policy.payloads_policy.send_whitelist).to eq({})
620
+ expect(policy.payloads_policy.log_payloads).to eq(true)
621
+ expect(policy.payloads_policy.log_blacklist).to eq({})
622
+ expect(policy.payloads_policy.use_log_whitelist).to eq(true)
623
+ expect(policy.payloads_policy.log_whitelist).to eq({
624
+ "username" => Set.new(["*"]),
625
+ })
566
626
  end
567
627
  end
628
+
568
629
  end
569
630
  end
570
631
  end
@@ -71,7 +71,8 @@ module TCellAgent
71
71
  "remote_addr"=>"1.3.3.4",
72
72
  "m"=>"GET",
73
73
  "pattern"=>"1",
74
- "loc"=>"http://example.org/foo?xyz="}
74
+ "uri"=>"http://example.org/foo?xyz=",
75
+ "meta"=>{"l" => "query"}}
75
76
  expect(TCellAgent.event_queue).to include(expected_as)
76
77
  end
77
78
  it "alerts on post xss payload" do
@@ -83,7 +84,8 @@ module TCellAgent
83
84
  "remote_addr"=>"1.2.3.4",
84
85
  "m"=>"POST",
85
86
  "pattern"=>"1",
86
- "loc"=>"http://example.org/foo"}
87
+ "uri"=>"http://example.org/foo",
88
+ "meta"=>{"l" => "body"}}
87
89
  expect(TCellAgent.event_queue).to include(expected_as)
88
90
  end #/it
89
91
  it "alerts on get xss payload with route_id" do
@@ -93,10 +95,11 @@ module TCellAgent
93
95
  "dp"=>"xss",
94
96
  "param"=>"xyz",
95
97
  "remote_addr"=>nil,
96
- "rou"=>"myrouteid",
98
+ "rid"=>"myrouteid",
97
99
  "m"=>"GET",
98
100
  "pattern"=>"1",
99
- "loc"=>"http://example.org/foo?xyz="}
101
+ "uri"=>"http://example.org/foo?xyz=",
102
+ "meta"=>{"l" => "query"}}
100
103
  expect(TCellAgent.event_queue).to include(expected_as)
101
104
  end
102
105
  it "checks that payload is sent in xss with route_id" do
@@ -108,11 +111,12 @@ module TCellAgent
108
111
  "dp"=>"xss",
109
112
  "param"=>"xyz",
110
113
  "remote_addr"=>nil,
111
- "rou"=>"myrouteid",
114
+ "rid"=>"myrouteid",
112
115
  "m"=>"GET",
113
116
  "pattern"=>"1",
114
- "loc"=>"http://example.org/foo?xyz=",
115
- "payload"=>"<script>alert(1)</script>"}
117
+ "uri"=>"http://example.org/foo?xyz=",
118
+ "payload"=>"<script>alert(1)</script>",
119
+ "meta"=>{"l" => "query"}}
116
120
  TCellAgent.configuration.allow_unencrypted_appfirewall_payloads= old_uap
117
121
  expect(TCellAgent.event_queue).to include(expected_as)
118
122
  end
@@ -142,7 +146,8 @@ module TCellAgent
142
146
  "remote_addr"=>"1.3.3.4",
143
147
  "m"=>"GET",
144
148
  "pattern"=>"1",
145
- "loc"=>"http://example.org/foo?xyz=&def="}
149
+ "uri"=>"http://example.org/foo?xyz=&def=",
150
+ "meta"=>{"l" => "query"}}
146
151
  expect(TCellAgent.event_queue).to include(expected_as)
147
152
  end
148
153
  end #/conext
@@ -169,7 +174,8 @@ module TCellAgent
169
174
  "remote_addr"=>"1.3.3.4",
170
175
  "m"=>"GET",
171
176
  "pattern"=>"2",
172
- "loc"=>"http://example.org/foo?xyz="}
177
+ "uri"=>"http://example.org/foo?xyz=",
178
+ "meta"=>{"l" => "query"}}
173
179
  expect(TCellAgent.event_queue).to include(expected_as)
174
180
  end
175
181
  it "checks that payload is sent" do
@@ -183,8 +189,9 @@ module TCellAgent
183
189
  "remote_addr"=>"1.3.3.4",
184
190
  "m"=>"GET",
185
191
  "pattern"=>"2",
186
- "loc"=>"http://example.org/foo?xyz=",
187
- "payload"=>"/etc/passwd"}
192
+ "uri"=>"http://example.org/foo?xyz=",
193
+ "payload"=>"/etc/passwd",
194
+ "meta"=>{"l" => "query"}}
188
195
  TCellAgent.configuration.allow_unencrypted_appfirewall_payloads = old_uap
189
196
  expect(TCellAgent.event_queue).to include(expected_as)
190
197
  end
@@ -12,9 +12,9 @@ module TCellAgent
12
12
 
13
13
  attr_reader :request_body
14
14
 
15
- def initialize(route_id=nil, session_id=nil)
15
+ def initialize(route_id=nil, hmac_session_id=nil)
16
16
  @route_id = route_id
17
- @session_id = session_id
17
+ @hmac_session_id = hmac_session_id
18
18
  @request_headers = {}
19
19
  end
20
20
 
@@ -23,7 +23,7 @@ module TCellAgent
23
23
  rack_request = Rack::Request.new(env)
24
24
  response_headers = {'Content-Type' => 'text/html'}
25
25
  env["tcell.request_data"].transaction_id = "a-b-c-d-e-f"
26
- env["tcell.request_data"].session_id = @session_id
26
+ env["tcell.request_data"].hmac_session_id = @hmac_session_id
27
27
  env["tcell.request_data"].route_id = @route_id
28
28
  if (rack_request.params['rv'])
29
29
  response_headers["Location"] = rack_request.params['rv']
@@ -40,7 +40,7 @@ module TCellAgent
40
40
  describe HeadersMiddleware do
41
41
 
42
42
  let(:app) { MockAppsensorRackApp.new }
43
- let(:app2) { MockAppsensorRackApp.new(route_id="myrouteid", session_id="plainsessionid") }
43
+ let(:app2) { MockAppsensorRackApp.new("myrouteid", "hmac_sessionid") }
44
44
 
45
45
  subject { withTCellMiddleware( app ) }
46
46
 
@@ -57,11 +57,11 @@ module TCellAgent
57
57
  TCellAgent.thread_agent.processPolicyJson({"http-redirect"=>{
58
58
  "policy_id"=>"153ed270-7481-11e5-9194-95dad9b9dec3",
59
59
  "data"=>{
60
- "enabled"=>true,
61
- "block"=>false,
62
- "whitelist"=>[]
63
- }
64
- }}, cache=false)
60
+ "enabled"=>true,
61
+ "block"=>false,
62
+ "whitelist"=>[]
63
+ }
64
+ }}, cache=false)
65
65
  TCellAgent.empty_event_queue
66
66
  end
67
67
  it "sends redirect" do
@@ -73,17 +73,16 @@ module TCellAgent
73
73
  it "sends redirect event with extra info" do
74
74
  response = request2.get("/some/path2?abcdef=adsfsadf&rv=https://www.google.com", 'CONTENT_TYPE' => 'text/html', 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
75
75
  expect(response['Location']).to eq("https://www.google.com")
76
- expected_as = {"event_type"=>"redirect", "method"=>"GET", "from_domain"=>"example.org", "status_code"=>200, "remote_addr"=>"1.3.3.4", "rid"=>"myrouteid", "from"=>"/some/path2?abcdef=&rv=", "to"=>"www.google.com", "sid"=>"cb3fab8131c0e32cb80916d0d6954729eb66ea5782016625f278e7317e35259e"}
76
+ expected_as = {"event_type"=>"redirect", "method"=>"GET", "from_domain"=>"example.org", "status_code"=>200, "remote_addr"=>"1.3.3.4", "rid"=>"myrouteid", "from"=>"/some/path2?abcdef=&rv=", "to"=>"www.google.com", "sid"=>"hmac_sessionid"}
77
77
  expect(TCellAgent.event_queue).to include(expected_as)
78
78
  end
79
79
 
80
- end #/conext
81
-
82
- end #/context
83
- end #/describe
80
+ end #/conext
81
+ end #/context
82
+ end #/describe
84
83
 
85
84
 
85
+ end
86
86
  end
87
87
  end
88
88
  end
89
- end
@@ -56,7 +56,7 @@ module TCellAgent
56
56
  {username:"tester",password:"pass"}.to_json
57
57
  )
58
58
 
59
- expect(@app_sensor_event_process.body_dict).to eq({"username"=>"tester","password"=>"pass"})
59
+ expect(@app_sensor_event_process.body_dict).to eq({["username"]=>"tester",["password"]=>"pass"})
60
60
  end
61
61
  end
62
62
 
@@ -6,13 +6,14 @@ module TCellAgent
6
6
  describe Util do
7
7
  context "SHA256 Hash test" do
8
8
  it "Create simple HMAC" do
9
- expect(Util.hmac("testdata","testkey")).to eq("220afe7c01cca398fff2fc2c3687be94ded74f1b853db65707bf8440055217b0")
9
+ expect(Util).to receive(:get_hmac_key).and_return("testkey")
10
+ expect(Util.hmac("testdata")).to eq("220afe7c01cca398fff2fc2c3687be94")
10
11
  end
11
12
  it "Check with config HMAC" do
12
13
  old_hmac = TCellAgent.configuration.hmac_key
13
14
  hmac_key = "HMAC KEY 123"
14
15
  TCellAgent.configuration.hmac_key = hmac_key
15
- expect(Util.getHmacKey).to eq(hmac_key)
16
+ expect(Util.get_hmac_key).to eq(hmac_key)
16
17
  TCellAgent.configuration.hmac_key = old_hmac
17
18
  end
18
19
  end
@@ -32,7 +33,7 @@ module TCellAgent
32
33
  it "Parsing uri" do
33
34
  TCellAgent.configuration.app_id = nil
34
35
  original_uri = "http://foo.com/posts?id=30&limit=5#time=1305298413"
35
- expect_santized_uri = "http://foo.com/posts?id=61aa3630ced0e67b63a1c61e3b86f4d30d6ec2c5b6c37f8aac8d8a813e66df73&limit=89abb06a7bf0401b5911e61b68660c241d002ffb1685a6d2a5ba3853c73e9111#time=1305298413"
36
+ expect_santized_uri = "http://foo.com/posts?id=61aa3630ced0e67b63a1c61e3b86f4d3&limit=89abb06a7bf0401b5911e61b68660c24#time=1305298413"
36
37
  expect(Util.sanitize_uri(original_uri)).to eq(expect_santized_uri)
37
38
  end
38
39
  it "returns an empty set" do
@@ -42,13 +43,13 @@ module TCellAgent
42
43
  end
43
44
  it "parses a cookie" do
44
45
  TCellAgent.configuration.app_id = nil
45
- expect(Util.santize_request_cookie_string("x=y;z=a")).to eq("x=97cb9e2aa3ec93888b356dbcf13b280e2a8c16fc1f594a783395503d42321707;z=566c1a1c12ad909d628d4537e10773bf085a07bc4199fdf776e162c96480c5ec")
46
+ expect(Util.santize_request_cookie_string("x=y;z=a")).to eq("x=97cb9e2aa3ec93888b356dbcf13b280e;z=566c1a1c12ad909d628d4537e10773bf")
46
47
  end
47
48
  end
48
49
  context "Parsing a response set-cookie and replacing values" do
49
50
  it "sanitize a typical response set-cookie value" do
50
51
  santized_string = Util.santize_response_cookie_string("name=Nicholas; expires=Sat, 02 May 2009 23:38:25 GMT; httponly")
51
- expect(santized_string).to eq("name=beb56c04cdd764f6b7cbe6c078236aeb7246748abae29b530b93d3f5d4587eb0=; expires=Sat, 02 May 2009 23:38:25 GMT=; httponly=")
52
+ expect(santized_string).to eq("name=beb56c04cdd764f6b7cbe6c078236aeb=; expires=Sat, 02 May 2009 23:38:25 GMT=; httponly=")
52
53
  end
53
54
  end
54
55
  end
@@ -1,116 +1,36 @@
1
+ # encoding: utf-8
2
+
1
3
  require 'spec_helper'
2
4
 
3
5
  module TCellAgent
4
6
  module Utils
5
7
 
6
- class ParamsTest
7
- include TCellAgent::Utils::Params
8
- end
9
-
10
- describe ParamsTest do
11
- before(:each) do
12
- @p_test = ParamsTest.new
13
- end
14
-
15
- context "#param_deep_loop" do
16
- context "with a parameter hash" do
17
- context "there is no match" do
18
- it "should return nil" do
19
- result = @p_test.param_deep_loop(
20
- "hash_param",
21
- {
22
- key_one: "no match",
23
- key_dos: "no match"
24
- }
25
- ) do |param_name, param_value|
26
- nil
27
- end
28
-
29
- expect(result).to be_nil
30
- end
31
- end
32
- context "there is a match" do
33
- it "should return the match" do
34
- result = @p_test.param_deep_loop(
35
- "hash_param",
36
- {
37
- key_one: "no match",
38
- key_dos: "i'm a match"
39
- }
40
- ) do |param_name, param_value|
41
- if param_value =~ /i'm a match/
42
- "#{param_name} - #{param_value}"
43
- else
44
- nil
45
- end
46
- end
47
-
48
- expect(result).to eq("key_dos - i'm a match")
49
- end
50
- end
51
- end
52
-
53
- context "with a parameter array" do
54
- context "there is no match" do
55
- it "should return nil" do
56
- result = @p_test.param_deep_loop(
57
- "array_param",
58
- [ "no match", "no match" ]
59
- ) do |param_name, param_value|
60
- nil
61
- end
62
-
63
- expect(result).to be_nil
64
- end
65
- end
66
- context "there is a match" do
67
- it "should return the match" do
68
- result = @p_test.param_deep_loop(
69
- "array_param",
70
- [ "no match", "i'm a match" ]
71
- ) do |param_name, param_value|
72
- if param_value =~ /i'm a match/
73
- "#{param_name} - #{param_value}"
74
- else
75
- nil
76
- end
77
- end
78
-
79
- expect(result).to eq("array_param - i'm a match")
80
- end
81
- end
82
- end
83
-
84
- context "with a paramater string" do
85
- context "there is no match" do
86
- it "should return nil" do
87
- result = @p_test.param_deep_loop(
88
- "string_param",
89
- "no match",
90
- ) do |param_name, param_value|
91
- nil
92
- end
93
-
94
- expect(result).to be_nil
95
- end
96
- end
97
-
98
- context "there is a match" do
99
- it "should return the match" do
100
- result = @p_test.param_deep_loop(
101
- "string_param",
102
- "i'm a match"
103
- ) do |param_name, param_value|
104
- if param_value =~ /i'm a match/
105
- "#{param_name} - #{param_value}"
106
- else
107
- nil
108
- end
109
- end
110
-
111
- expect(result).to eq("string_param - i'm a match")
112
- end
113
- end
8
+ describe Params do
9
+ context "flatten" do
10
+ it "should" do
11
+ expect(
12
+ Params.flatten( {
13
+ action: "index",
14
+ utf8char: "Müller",
15
+ waitlist_entries: {email: "emailone", preferences: {email: "emaildos"}},
16
+ email_preferences: [:daily_digest, :reminders, "Müller"],
17
+ users: [
18
+ {email: "one@email.com"},
19
+ {email: "dos@email.com"},
20
+ ]
21
+ },
22
+ nil)
23
+ ).to eq({
24
+ ["action"]=>"index",
25
+ ["utf8char"] => "Müller",
26
+ ["waitlist_entries", "email"]=>"emailone",
27
+ ["waitlist_entries", "preferences", "email"]=>"emaildos",
28
+ [0, "email_preferences"]=>"daily_digest",
29
+ [1, "email_preferences"]=>"reminders",
30
+ [2, "email_preferences"]=>"Müller",
31
+ [0, "users", "email"]=>"one@email.com",
32
+ [1, "users", "email"]=>"dos@email.com"
33
+ })
114
34
  end
115
35
  end
116
36
  end
data/tcell_agent.gemspec CHANGED
@@ -14,7 +14,24 @@ Gem::Specification.new do |spec|
14
14
  spec.homepage = "https://www.tcell.io"
15
15
  spec.license = "Copyright (c) 2015 tCell.io (see LICENSE file)"
16
16
 
17
- spec.files = Dir['Rakefile', '{lib,config,spec}/**/*', 'README*', 'LICENSE*','tcell_agent.gemspec']
17
+ spec.files = Dir[
18
+ 'Rakefile',
19
+ 'lib/tcell_agent.rb',
20
+ '{lib/tcell_agent,spec}/**/*',
21
+ 'README*',
22
+ 'LICENSE*',
23
+ 'LICENSE_libinjection',
24
+ 'tcell_agent.gemspec',
25
+ 'ext/libinjection/libinjection.h',
26
+ 'ext/libinjection/libinjection_html5.c',
27
+ 'ext/libinjection/libinjection_html5.h',
28
+ 'ext/libinjection/libinjection_sqli.c',
29
+ 'ext/libinjection/libinjection_sqli.h',
30
+ 'ext/libinjection/libinjection_sqli_data.h',
31
+ 'ext/libinjection/libinjection_wrap.c',
32
+ 'ext/libinjection/libinjection_xss.c',
33
+ 'ext/libinjection/libinjection_xss.h'
34
+ ]
18
35
  spec.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
19
36
  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
20
37
  spec.require_paths = ["lib","config","spec"]
@@ -26,4 +43,7 @@ Gem::Specification.new do |spec|
26
43
  spec.add_development_dependency "bundler", ">= 1.7"
27
44
  spec.add_development_dependency "rake", "~> 10.0"
28
45
  spec.add_development_dependency "rspec","~>0.9"
46
+ spec.add_development_dependency "rake-compiler"
47
+
48
+ spec.extensions = %w[ext/libinjection/extconf.rb]
29
49
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tcell_agent
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.19
4
+ version: 0.2.21
5
5
  platform: ruby
6
6
  authors:
7
7
  - Garrett
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-15 00:00:00.000000000 Z
11
+ date: 2016-10-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rest-client
@@ -108,16 +108,32 @@ dependencies:
108
108
  - - ~>
109
109
  - !ruby/object:Gem::Version
110
110
  version: '0.9'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rake-compiler
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - '>='
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - '>='
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
111
125
  description: This agent allows users to use the tCell.io service with their Rails
112
126
  or Sinatra app.
113
127
  email:
114
128
  - garrett@tcell.io
115
129
  executables:
116
130
  - tcell_agent
117
- extensions: []
131
+ extensions:
132
+ - ext/libinjection/extconf.rb
118
133
  extra_rdoc_files: []
119
134
  files:
120
135
  - Rakefile
136
+ - lib/tcell_agent.rb
121
137
  - lib/tcell_agent/agent/event_processor.rb
122
138
  - lib/tcell_agent/agent/fork_pipe_manager.rb
123
139
  - lib/tcell_agent/agent/policy_manager.rb
@@ -141,6 +157,7 @@ files:
141
157
  - lib/tcell_agent/policies/appsensor/login_sensor.rb
142
158
  - lib/tcell_agent/policies/appsensor/misc_sensor.rb
143
159
  - lib/tcell_agent/policies/appsensor/nullbyte_sensor.rb
160
+ - lib/tcell_agent/policies/appsensor/payloads_policy.rb
144
161
  - lib/tcell_agent/policies/appsensor/request_size_sensor.rb
145
162
  - lib/tcell_agent/policies/appsensor/response_codes_sensor.rb
146
163
  - lib/tcell_agent/policies/appsensor/response_size_sensor.rb
@@ -202,7 +219,6 @@ files:
202
219
  - lib/tcell_agent/utils/queue_with_timeout.rb
203
220
  - lib/tcell_agent/utils/strings.rb
204
221
  - lib/tcell_agent/version.rb
205
- - lib/tcell_agent.rb
206
222
  - spec/apps/rails-3.2/app/assets/images/rails.png
207
223
  - spec/apps/rails-3.2/app/assets/javascripts/application.js
208
224
  - spec/apps/rails-3.2/app/assets/stylesheets/application.css
@@ -262,6 +278,9 @@ files:
262
278
  - spec/lib/tcell_agent/policies/appsensor/login_sensor_spec.rb
263
279
  - spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb
264
280
  - spec/lib/tcell_agent/policies/appsensor/nullbyte_sensor_spec.rb
281
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_apply_spec.rb
282
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb
283
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_log_spec.rb
265
284
  - spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb
266
285
  - spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb
267
286
  - spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb
@@ -302,8 +321,19 @@ files:
302
321
  - spec/support/static_agent_overrides.rb
303
322
  - README.md
304
323
  - LICENSE
324
+ - LICENSE_libinjection
305
325
  - tcell_agent.gemspec
326
+ - ext/libinjection/libinjection.h
327
+ - ext/libinjection/libinjection_html5.c
328
+ - ext/libinjection/libinjection_html5.h
329
+ - ext/libinjection/libinjection_sqli.c
330
+ - ext/libinjection/libinjection_sqli.h
331
+ - ext/libinjection/libinjection_sqli_data.h
332
+ - ext/libinjection/libinjection_wrap.c
333
+ - ext/libinjection/libinjection_xss.c
334
+ - ext/libinjection/libinjection_xss.h
306
335
  - bin/tcell_agent
336
+ - ext/libinjection/extconf.rb
307
337
  homepage: https://www.tcell.io
308
338
  licenses:
309
339
  - Copyright (c) 2015 tCell.io (see LICENSE file)
@@ -390,6 +420,9 @@ test_files:
390
420
  - spec/lib/tcell_agent/policies/appsensor/login_sensor_spec.rb
391
421
  - spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb
392
422
  - spec/lib/tcell_agent/policies/appsensor/nullbyte_sensor_spec.rb
423
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_apply_spec.rb
424
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb
425
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_log_spec.rb
393
426
  - spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb
394
427
  - spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb
395
428
  - spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb