tcell_agent 0.2.19 → 0.2.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE_libinjection +32 -0
  3. data/Rakefile +14 -1
  4. data/ext/libinjection/extconf.rb +3 -0
  5. data/ext/libinjection/libinjection.h +65 -0
  6. data/ext/libinjection/libinjection_html5.c +847 -0
  7. data/ext/libinjection/libinjection_html5.h +54 -0
  8. data/ext/libinjection/libinjection_sqli.c +2317 -0
  9. data/ext/libinjection/libinjection_sqli.h +295 -0
  10. data/ext/libinjection/libinjection_sqli_data.h +9004 -0
  11. data/ext/libinjection/libinjection_wrap.c +3525 -0
  12. data/ext/libinjection/libinjection_xss.c +531 -0
  13. data/ext/libinjection/libinjection_xss.h +21 -0
  14. data/lib/tcell_agent/configuration.rb +0 -48
  15. data/lib/tcell_agent/logger.rb +1 -0
  16. data/lib/tcell_agent/policies/appsensor/database_sensor.rb +8 -20
  17. data/lib/tcell_agent/policies/appsensor/injection_sensor.rb +30 -46
  18. data/lib/tcell_agent/policies/appsensor/login_sensor.rb +1 -4
  19. data/lib/tcell_agent/policies/appsensor/misc_sensor.rb +8 -22
  20. data/lib/tcell_agent/policies/appsensor/payloads_policy.rb +143 -0
  21. data/lib/tcell_agent/policies/appsensor/response_codes_sensor.rb +3 -1
  22. data/lib/tcell_agent/policies/appsensor/sensor.rb +21 -2
  23. data/lib/tcell_agent/policies/appsensor/size_sensor.rb +3 -1
  24. data/lib/tcell_agent/policies/appsensor/sqli_sensor.rb +9 -0
  25. data/lib/tcell_agent/policies/appsensor/user_agent_sensor.rb +1 -5
  26. data/lib/tcell_agent/policies/appsensor/xss_sensor.rb +9 -1
  27. data/lib/tcell_agent/policies/appsensor_policy.rb +40 -19
  28. data/lib/tcell_agent/policies/http_redirect_policy.rb +12 -2
  29. data/lib/tcell_agent/rails/csrf_exception.rb +1 -1
  30. data/lib/tcell_agent/rails/dlp.rb +98 -76
  31. data/lib/tcell_agent/rails/middleware/global_middleware.rb +1 -2
  32. data/lib/tcell_agent/rails/middleware/headers_middleware.rb +2 -2
  33. data/lib/tcell_agent/rails/on_start.rb +53 -20
  34. data/lib/tcell_agent/sensor_events/appsensor_event.rb +12 -19
  35. data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +7 -2
  36. data/lib/tcell_agent/sensor_events/sensor.rb +10 -11
  37. data/lib/tcell_agent/sensor_events/server_agent.rb +17 -12
  38. data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +148 -139
  39. data/lib/tcell_agent/utils/params.rb +24 -21
  40. data/lib/tcell_agent/version.rb +1 -1
  41. data/spec/lib/tcell_agent/configuration_spec.rb +0 -179
  42. data/spec/lib/tcell_agent/policies/appsensor/database_sensor_spec.rb +6 -4
  43. data/spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb +31 -22
  44. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_apply_spec.rb +466 -0
  45. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb +890 -0
  46. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_log_spec.rb +484 -0
  47. data/spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb +4 -3
  48. data/spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb +4 -4
  49. data/spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb +1 -1
  50. data/spec/lib/tcell_agent/policies/appsensor/sqli_sensor_spec.rb +85 -0
  51. data/spec/lib/tcell_agent/policies/appsensor/user_agent_sensor_spec.rb +36 -16
  52. data/spec/lib/tcell_agent/policies/appsensor/xss_sensor_spec.rb +188 -312
  53. data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +61 -0
  54. data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +18 -11
  55. data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +14 -15
  56. data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +1 -1
  57. data/spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb +6 -5
  58. data/spec/lib/tcell_agent/utils/params_spec.rb +28 -108
  59. data/tcell_agent.gemspec +21 -1
  60. metadata +37 -4
@@ -33,6 +33,9 @@ module TCellAgent
33
33
 
34
34
  expect(empty_policy.policy_id).to eq("01a1")
35
35
  expect(empty_policy.enabled).to eq(false)
36
+ expect(empty_policy.payloads_policy).to_not be_nil
37
+ expect(empty_policy.payloads_policy.send_payloads).to eq(false)
38
+ expect(empty_policy.payloads_policy.log_payloads).to eq(false)
36
39
  expect(empty_policy.options["req_size"]).to be_nil
37
40
  expect(empty_policy.options["resp_size"]).to be_nil
38
41
  expect(empty_policy.options["resp_codes"]).to be_nil
@@ -63,6 +66,9 @@ module TCellAgent
63
66
 
64
67
  expect(empty_policy.policy_id).to eq("01a1")
65
68
  expect(empty_policy.enabled).to eq(false)
69
+ expect(empty_policy.payloads_policy).to_not be_nil
70
+ expect(empty_policy.payloads_policy.send_payloads).to eq(false)
71
+ expect(empty_policy.payloads_policy.log_payloads).to eq(false)
66
72
  expect(empty_policy.options["req_size"]).to be_nil
67
73
  expect(empty_policy.options["resp_size"]).to be_nil
68
74
  expect(empty_policy.options["resp_codes"]).to be_nil
@@ -93,6 +99,10 @@ module TCellAgent
93
99
  policy = AppSensorPolicy.from_json(policy_json)
94
100
 
95
101
  expect(policy.policy_id).to eq("01a1")
102
+ expect(policy.enabled).to eq(true)
103
+ expect(policy.payloads_policy).to_not be_nil
104
+ expect(policy.payloads_policy.send_payloads).to eq(true)
105
+ expect(policy.payloads_policy.log_payloads).to eq(true)
96
106
  expect(policy.options["req_size"]).to_not be_nil
97
107
  expect(policy.options["resp_size"]).to_not be_nil
98
108
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -147,6 +157,9 @@ module TCellAgent
147
157
  empty_policy = AppSensorPolicy.from_json(policy_json)
148
158
 
149
159
  expect(empty_policy.policy_id).to eq("01a1")
160
+ expect(empty_policy.enabled).to eq(true)
161
+ expect(empty_policy.payloads_policy.send_payloads).to eq(true)
162
+ expect(empty_policy.payloads_policy.log_payloads).to eq(true)
150
163
  expect(empty_policy.options["req_size"]).to_not be_nil
151
164
  expect(empty_policy.options["resp_size"]).to_not be_nil
152
165
  expect(empty_policy.options["resp_codes"]).to_not be_nil
@@ -211,6 +224,9 @@ module TCellAgent
211
224
  policy = AppSensorPolicy.from_json(policy_json)
212
225
 
213
226
  expect(policy.policy_id).to eq("01a1")
227
+ expect(policy.enabled).to eq(true)
228
+ expect(policy.payloads_policy.send_payloads).to eq(true)
229
+ expect(policy.payloads_policy.log_payloads).to eq(true)
214
230
  expect(policy.options["req_size"]).to_not be_nil
215
231
  expect(policy.options["resp_size"]).to_not be_nil
216
232
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -279,6 +295,9 @@ module TCellAgent
279
295
 
280
296
  expect(empty_policy.policy_id).to eq("01a1")
281
297
  expect(empty_policy.enabled).to eq(false)
298
+ expect(empty_policy.payloads_policy).to_not be_nil
299
+ expect(empty_policy.payloads_policy.send_payloads).to eq(false)
300
+ expect(empty_policy.payloads_policy.log_payloads).to eq(false)
282
301
  expect(empty_policy.options["req_size"]).to be_nil
283
302
  expect(empty_policy.options["resp_size"]).to be_nil
284
303
  expect(empty_policy.options["resp_codes"]).to be_nil
@@ -311,6 +330,9 @@ module TCellAgent
311
330
 
312
331
  expect(empty_policy.policy_id).to eq("01a1")
313
332
  expect(empty_policy.enabled).to eq(false)
333
+ expect(empty_policy.payloads_policy).to_not be_nil
334
+ expect(empty_policy.payloads_policy.send_payloads).to eq(false)
335
+ expect(empty_policy.payloads_policy.log_payloads).to eq(false)
314
336
  expect(empty_policy.options["req_size"]).to be_nil
315
337
  expect(empty_policy.options["resp_size"]).to be_nil
316
338
  expect(empty_policy.options["resp_codes"]).to be_nil
@@ -346,6 +368,9 @@ module TCellAgent
346
368
  policy = AppSensorPolicy.from_json(policy_json)
347
369
 
348
370
  expect(policy.policy_id).to eq("01a1")
371
+ expect(policy.payloads_policy).to_not be_nil
372
+ expect(policy.payloads_policy.send_payloads).to eq(false)
373
+ expect(policy.payloads_policy.log_payloads).to eq(false)
349
374
  expect(policy.options["req_size"]).to_not be_nil
350
375
  expect(policy.options["resp_size"]).to_not be_nil
351
376
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -409,6 +434,9 @@ module TCellAgent
409
434
  policy = AppSensorPolicy.from_json(policy_json)
410
435
 
411
436
  expect(policy.policy_id).to eq("01a1")
437
+ expect(policy.payloads_policy).to_not be_nil
438
+ expect(policy.payloads_policy.send_payloads).to eq(false)
439
+ expect(policy.payloads_policy.log_payloads).to eq(false)
412
440
  expect(policy.options["req_size"]).to_not be_nil
413
441
  expect(policy.options["resp_size"]).to_not be_nil
414
442
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -457,6 +485,22 @@ module TCellAgent
457
485
  "policy_id" => "01a1",
458
486
  "version" => 2,
459
487
  "data" => {
488
+ "options" => {
489
+ "payloads" => {
490
+ "send_payloads" => true,
491
+ "send_blacklist" => {
492
+ "JSESSIONID" => ["cookie"],
493
+ "ssn" => ["*"],
494
+ "password" => ["*"]
495
+ },
496
+ "send_whitelist" => {},
497
+ "log_payloads" => true,
498
+ "log_blacklist" => {},
499
+ "log_whitelist" => {
500
+ "username" => ["*"]
501
+ }
502
+ }
503
+ },
460
504
  "sensors" => {
461
505
  "req_size" => {
462
506
  "limit" => 1024,
@@ -525,6 +569,7 @@ module TCellAgent
525
569
  policy = AppSensorPolicy.from_json(policy_json)
526
570
 
527
571
  expect(policy.policy_id).to eq("01a1")
572
+ expect(policy.payloads_policy).to_not be_nil
528
573
  expect(policy.options["req_size"]).to_not be_nil
529
574
  expect(policy.options["resp_size"]).to_not be_nil
530
575
  expect(policy.options["resp_codes"]).to_not be_nil
@@ -563,8 +608,24 @@ module TCellAgent
563
608
  expect(policy.options["fpt"].v1_compatability_enabled).to eq(false)
564
609
  expect(policy.options["nullbyte"].v1_compatability_enabled).to eq(false)
565
610
  expect(policy.options["retr"].v1_compatability_enabled).to eq(false)
611
+
612
+ expect(policy.payloads_policy.send_payloads).to eq(true)
613
+ expect(policy.payloads_policy.send_blacklist).to eq({
614
+ "jsessionid" => Set.new(["cookie"]),
615
+ "ssn" => Set.new(["*"]),
616
+ "password" => Set.new(["*"])
617
+ })
618
+ expect(policy.payloads_policy.use_send_whitelist).to eq(true)
619
+ expect(policy.payloads_policy.send_whitelist).to eq({})
620
+ expect(policy.payloads_policy.log_payloads).to eq(true)
621
+ expect(policy.payloads_policy.log_blacklist).to eq({})
622
+ expect(policy.payloads_policy.use_log_whitelist).to eq(true)
623
+ expect(policy.payloads_policy.log_whitelist).to eq({
624
+ "username" => Set.new(["*"]),
625
+ })
566
626
  end
567
627
  end
628
+
568
629
  end
569
630
  end
570
631
  end
@@ -71,7 +71,8 @@ module TCellAgent
71
71
  "remote_addr"=>"1.3.3.4",
72
72
  "m"=>"GET",
73
73
  "pattern"=>"1",
74
- "loc"=>"http://example.org/foo?xyz="}
74
+ "uri"=>"http://example.org/foo?xyz=",
75
+ "meta"=>{"l" => "query"}}
75
76
  expect(TCellAgent.event_queue).to include(expected_as)
76
77
  end
77
78
  it "alerts on post xss payload" do
@@ -83,7 +84,8 @@ module TCellAgent
83
84
  "remote_addr"=>"1.2.3.4",
84
85
  "m"=>"POST",
85
86
  "pattern"=>"1",
86
- "loc"=>"http://example.org/foo"}
87
+ "uri"=>"http://example.org/foo",
88
+ "meta"=>{"l" => "body"}}
87
89
  expect(TCellAgent.event_queue).to include(expected_as)
88
90
  end #/it
89
91
  it "alerts on get xss payload with route_id" do
@@ -93,10 +95,11 @@ module TCellAgent
93
95
  "dp"=>"xss",
94
96
  "param"=>"xyz",
95
97
  "remote_addr"=>nil,
96
- "rou"=>"myrouteid",
98
+ "rid"=>"myrouteid",
97
99
  "m"=>"GET",
98
100
  "pattern"=>"1",
99
- "loc"=>"http://example.org/foo?xyz="}
101
+ "uri"=>"http://example.org/foo?xyz=",
102
+ "meta"=>{"l" => "query"}}
100
103
  expect(TCellAgent.event_queue).to include(expected_as)
101
104
  end
102
105
  it "checks that payload is sent in xss with route_id" do
@@ -108,11 +111,12 @@ module TCellAgent
108
111
  "dp"=>"xss",
109
112
  "param"=>"xyz",
110
113
  "remote_addr"=>nil,
111
- "rou"=>"myrouteid",
114
+ "rid"=>"myrouteid",
112
115
  "m"=>"GET",
113
116
  "pattern"=>"1",
114
- "loc"=>"http://example.org/foo?xyz=",
115
- "payload"=>"<script>alert(1)</script>"}
117
+ "uri"=>"http://example.org/foo?xyz=",
118
+ "payload"=>"<script>alert(1)</script>",
119
+ "meta"=>{"l" => "query"}}
116
120
  TCellAgent.configuration.allow_unencrypted_appfirewall_payloads= old_uap
117
121
  expect(TCellAgent.event_queue).to include(expected_as)
118
122
  end
@@ -142,7 +146,8 @@ module TCellAgent
142
146
  "remote_addr"=>"1.3.3.4",
143
147
  "m"=>"GET",
144
148
  "pattern"=>"1",
145
- "loc"=>"http://example.org/foo?xyz=&def="}
149
+ "uri"=>"http://example.org/foo?xyz=&def=",
150
+ "meta"=>{"l" => "query"}}
146
151
  expect(TCellAgent.event_queue).to include(expected_as)
147
152
  end
148
153
  end #/conext
@@ -169,7 +174,8 @@ module TCellAgent
169
174
  "remote_addr"=>"1.3.3.4",
170
175
  "m"=>"GET",
171
176
  "pattern"=>"2",
172
- "loc"=>"http://example.org/foo?xyz="}
177
+ "uri"=>"http://example.org/foo?xyz=",
178
+ "meta"=>{"l" => "query"}}
173
179
  expect(TCellAgent.event_queue).to include(expected_as)
174
180
  end
175
181
  it "checks that payload is sent" do
@@ -183,8 +189,9 @@ module TCellAgent
183
189
  "remote_addr"=>"1.3.3.4",
184
190
  "m"=>"GET",
185
191
  "pattern"=>"2",
186
- "loc"=>"http://example.org/foo?xyz=",
187
- "payload"=>"/etc/passwd"}
192
+ "uri"=>"http://example.org/foo?xyz=",
193
+ "payload"=>"/etc/passwd",
194
+ "meta"=>{"l" => "query"}}
188
195
  TCellAgent.configuration.allow_unencrypted_appfirewall_payloads = old_uap
189
196
  expect(TCellAgent.event_queue).to include(expected_as)
190
197
  end
@@ -12,9 +12,9 @@ module TCellAgent
12
12
 
13
13
  attr_reader :request_body
14
14
 
15
- def initialize(route_id=nil, session_id=nil)
15
+ def initialize(route_id=nil, hmac_session_id=nil)
16
16
  @route_id = route_id
17
- @session_id = session_id
17
+ @hmac_session_id = hmac_session_id
18
18
  @request_headers = {}
19
19
  end
20
20
 
@@ -23,7 +23,7 @@ module TCellAgent
23
23
  rack_request = Rack::Request.new(env)
24
24
  response_headers = {'Content-Type' => 'text/html'}
25
25
  env["tcell.request_data"].transaction_id = "a-b-c-d-e-f"
26
- env["tcell.request_data"].session_id = @session_id
26
+ env["tcell.request_data"].hmac_session_id = @hmac_session_id
27
27
  env["tcell.request_data"].route_id = @route_id
28
28
  if (rack_request.params['rv'])
29
29
  response_headers["Location"] = rack_request.params['rv']
@@ -40,7 +40,7 @@ module TCellAgent
40
40
  describe HeadersMiddleware do
41
41
 
42
42
  let(:app) { MockAppsensorRackApp.new }
43
- let(:app2) { MockAppsensorRackApp.new(route_id="myrouteid", session_id="plainsessionid") }
43
+ let(:app2) { MockAppsensorRackApp.new("myrouteid", "hmac_sessionid") }
44
44
 
45
45
  subject { withTCellMiddleware( app ) }
46
46
 
@@ -57,11 +57,11 @@ module TCellAgent
57
57
  TCellAgent.thread_agent.processPolicyJson({"http-redirect"=>{
58
58
  "policy_id"=>"153ed270-7481-11e5-9194-95dad9b9dec3",
59
59
  "data"=>{
60
- "enabled"=>true,
61
- "block"=>false,
62
- "whitelist"=>[]
63
- }
64
- }}, cache=false)
60
+ "enabled"=>true,
61
+ "block"=>false,
62
+ "whitelist"=>[]
63
+ }
64
+ }}, cache=false)
65
65
  TCellAgent.empty_event_queue
66
66
  end
67
67
  it "sends redirect" do
@@ -73,17 +73,16 @@ module TCellAgent
73
73
  it "sends redirect event with extra info" do
74
74
  response = request2.get("/some/path2?abcdef=adsfsadf&rv=https://www.google.com", 'CONTENT_TYPE' => 'text/html', 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
75
75
  expect(response['Location']).to eq("https://www.google.com")
76
- expected_as = {"event_type"=>"redirect", "method"=>"GET", "from_domain"=>"example.org", "status_code"=>200, "remote_addr"=>"1.3.3.4", "rid"=>"myrouteid", "from"=>"/some/path2?abcdef=&rv=", "to"=>"www.google.com", "sid"=>"cb3fab8131c0e32cb80916d0d6954729eb66ea5782016625f278e7317e35259e"}
76
+ expected_as = {"event_type"=>"redirect", "method"=>"GET", "from_domain"=>"example.org", "status_code"=>200, "remote_addr"=>"1.3.3.4", "rid"=>"myrouteid", "from"=>"/some/path2?abcdef=&rv=", "to"=>"www.google.com", "sid"=>"hmac_sessionid"}
77
77
  expect(TCellAgent.event_queue).to include(expected_as)
78
78
  end
79
79
 
80
- end #/conext
81
-
82
- end #/context
83
- end #/describe
80
+ end #/conext
81
+ end #/context
82
+ end #/describe
84
83
 
85
84
 
85
+ end
86
86
  end
87
87
  end
88
88
  end
89
- end
@@ -56,7 +56,7 @@ module TCellAgent
56
56
  {username:"tester",password:"pass"}.to_json
57
57
  )
58
58
 
59
- expect(@app_sensor_event_process.body_dict).to eq({"username"=>"tester","password"=>"pass"})
59
+ expect(@app_sensor_event_process.body_dict).to eq({["username"]=>"tester",["password"]=>"pass"})
60
60
  end
61
61
  end
62
62
 
@@ -6,13 +6,14 @@ module TCellAgent
6
6
  describe Util do
7
7
  context "SHA256 Hash test" do
8
8
  it "Create simple HMAC" do
9
- expect(Util.hmac("testdata","testkey")).to eq("220afe7c01cca398fff2fc2c3687be94ded74f1b853db65707bf8440055217b0")
9
+ expect(Util).to receive(:get_hmac_key).and_return("testkey")
10
+ expect(Util.hmac("testdata")).to eq("220afe7c01cca398fff2fc2c3687be94")
10
11
  end
11
12
  it "Check with config HMAC" do
12
13
  old_hmac = TCellAgent.configuration.hmac_key
13
14
  hmac_key = "HMAC KEY 123"
14
15
  TCellAgent.configuration.hmac_key = hmac_key
15
- expect(Util.getHmacKey).to eq(hmac_key)
16
+ expect(Util.get_hmac_key).to eq(hmac_key)
16
17
  TCellAgent.configuration.hmac_key = old_hmac
17
18
  end
18
19
  end
@@ -32,7 +33,7 @@ module TCellAgent
32
33
  it "Parsing uri" do
33
34
  TCellAgent.configuration.app_id = nil
34
35
  original_uri = "http://foo.com/posts?id=30&limit=5#time=1305298413"
35
- expect_santized_uri = "http://foo.com/posts?id=61aa3630ced0e67b63a1c61e3b86f4d30d6ec2c5b6c37f8aac8d8a813e66df73&limit=89abb06a7bf0401b5911e61b68660c241d002ffb1685a6d2a5ba3853c73e9111#time=1305298413"
36
+ expect_santized_uri = "http://foo.com/posts?id=61aa3630ced0e67b63a1c61e3b86f4d3&limit=89abb06a7bf0401b5911e61b68660c24#time=1305298413"
36
37
  expect(Util.sanitize_uri(original_uri)).to eq(expect_santized_uri)
37
38
  end
38
39
  it "returns an empty set" do
@@ -42,13 +43,13 @@ module TCellAgent
42
43
  end
43
44
  it "parses a cookie" do
44
45
  TCellAgent.configuration.app_id = nil
45
- expect(Util.santize_request_cookie_string("x=y;z=a")).to eq("x=97cb9e2aa3ec93888b356dbcf13b280e2a8c16fc1f594a783395503d42321707;z=566c1a1c12ad909d628d4537e10773bf085a07bc4199fdf776e162c96480c5ec")
46
+ expect(Util.santize_request_cookie_string("x=y;z=a")).to eq("x=97cb9e2aa3ec93888b356dbcf13b280e;z=566c1a1c12ad909d628d4537e10773bf")
46
47
  end
47
48
  end
48
49
  context "Parsing a response set-cookie and replacing values" do
49
50
  it "sanitize a typical response set-cookie value" do
50
51
  santized_string = Util.santize_response_cookie_string("name=Nicholas; expires=Sat, 02 May 2009 23:38:25 GMT; httponly")
51
- expect(santized_string).to eq("name=beb56c04cdd764f6b7cbe6c078236aeb7246748abae29b530b93d3f5d4587eb0=; expires=Sat, 02 May 2009 23:38:25 GMT=; httponly=")
52
+ expect(santized_string).to eq("name=beb56c04cdd764f6b7cbe6c078236aeb=; expires=Sat, 02 May 2009 23:38:25 GMT=; httponly=")
52
53
  end
53
54
  end
54
55
  end
@@ -1,116 +1,36 @@
1
+ # encoding: utf-8
2
+
1
3
  require 'spec_helper'
2
4
 
3
5
  module TCellAgent
4
6
  module Utils
5
7
 
6
- class ParamsTest
7
- include TCellAgent::Utils::Params
8
- end
9
-
10
- describe ParamsTest do
11
- before(:each) do
12
- @p_test = ParamsTest.new
13
- end
14
-
15
- context "#param_deep_loop" do
16
- context "with a parameter hash" do
17
- context "there is no match" do
18
- it "should return nil" do
19
- result = @p_test.param_deep_loop(
20
- "hash_param",
21
- {
22
- key_one: "no match",
23
- key_dos: "no match"
24
- }
25
- ) do |param_name, param_value|
26
- nil
27
- end
28
-
29
- expect(result).to be_nil
30
- end
31
- end
32
- context "there is a match" do
33
- it "should return the match" do
34
- result = @p_test.param_deep_loop(
35
- "hash_param",
36
- {
37
- key_one: "no match",
38
- key_dos: "i'm a match"
39
- }
40
- ) do |param_name, param_value|
41
- if param_value =~ /i'm a match/
42
- "#{param_name} - #{param_value}"
43
- else
44
- nil
45
- end
46
- end
47
-
48
- expect(result).to eq("key_dos - i'm a match")
49
- end
50
- end
51
- end
52
-
53
- context "with a parameter array" do
54
- context "there is no match" do
55
- it "should return nil" do
56
- result = @p_test.param_deep_loop(
57
- "array_param",
58
- [ "no match", "no match" ]
59
- ) do |param_name, param_value|
60
- nil
61
- end
62
-
63
- expect(result).to be_nil
64
- end
65
- end
66
- context "there is a match" do
67
- it "should return the match" do
68
- result = @p_test.param_deep_loop(
69
- "array_param",
70
- [ "no match", "i'm a match" ]
71
- ) do |param_name, param_value|
72
- if param_value =~ /i'm a match/
73
- "#{param_name} - #{param_value}"
74
- else
75
- nil
76
- end
77
- end
78
-
79
- expect(result).to eq("array_param - i'm a match")
80
- end
81
- end
82
- end
83
-
84
- context "with a paramater string" do
85
- context "there is no match" do
86
- it "should return nil" do
87
- result = @p_test.param_deep_loop(
88
- "string_param",
89
- "no match",
90
- ) do |param_name, param_value|
91
- nil
92
- end
93
-
94
- expect(result).to be_nil
95
- end
96
- end
97
-
98
- context "there is a match" do
99
- it "should return the match" do
100
- result = @p_test.param_deep_loop(
101
- "string_param",
102
- "i'm a match"
103
- ) do |param_name, param_value|
104
- if param_value =~ /i'm a match/
105
- "#{param_name} - #{param_value}"
106
- else
107
- nil
108
- end
109
- end
110
-
111
- expect(result).to eq("string_param - i'm a match")
112
- end
113
- end
8
+ describe Params do
9
+ context "flatten" do
10
+ it "should" do
11
+ expect(
12
+ Params.flatten( {
13
+ action: "index",
14
+ utf8char: "Müller",
15
+ waitlist_entries: {email: "emailone", preferences: {email: "emaildos"}},
16
+ email_preferences: [:daily_digest, :reminders, "Müller"],
17
+ users: [
18
+ {email: "one@email.com"},
19
+ {email: "dos@email.com"},
20
+ ]
21
+ },
22
+ nil)
23
+ ).to eq({
24
+ ["action"]=>"index",
25
+ ["utf8char"] => "Müller",
26
+ ["waitlist_entries", "email"]=>"emailone",
27
+ ["waitlist_entries", "preferences", "email"]=>"emaildos",
28
+ [0, "email_preferences"]=>"daily_digest",
29
+ [1, "email_preferences"]=>"reminders",
30
+ [2, "email_preferences"]=>"Müller",
31
+ [0, "users", "email"]=>"one@email.com",
32
+ [1, "users", "email"]=>"dos@email.com"
33
+ })
114
34
  end
115
35
  end
116
36
  end
data/tcell_agent.gemspec CHANGED
@@ -14,7 +14,24 @@ Gem::Specification.new do |spec|
14
14
  spec.homepage = "https://www.tcell.io"
15
15
  spec.license = "Copyright (c) 2015 tCell.io (see LICENSE file)"
16
16
 
17
- spec.files = Dir['Rakefile', '{lib,config,spec}/**/*', 'README*', 'LICENSE*','tcell_agent.gemspec']
17
+ spec.files = Dir[
18
+ 'Rakefile',
19
+ 'lib/tcell_agent.rb',
20
+ '{lib/tcell_agent,spec}/**/*',
21
+ 'README*',
22
+ 'LICENSE*',
23
+ 'LICENSE_libinjection',
24
+ 'tcell_agent.gemspec',
25
+ 'ext/libinjection/libinjection.h',
26
+ 'ext/libinjection/libinjection_html5.c',
27
+ 'ext/libinjection/libinjection_html5.h',
28
+ 'ext/libinjection/libinjection_sqli.c',
29
+ 'ext/libinjection/libinjection_sqli.h',
30
+ 'ext/libinjection/libinjection_sqli_data.h',
31
+ 'ext/libinjection/libinjection_wrap.c',
32
+ 'ext/libinjection/libinjection_xss.c',
33
+ 'ext/libinjection/libinjection_xss.h'
34
+ ]
18
35
  spec.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
19
36
  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
20
37
  spec.require_paths = ["lib","config","spec"]
@@ -26,4 +43,7 @@ Gem::Specification.new do |spec|
26
43
  spec.add_development_dependency "bundler", ">= 1.7"
27
44
  spec.add_development_dependency "rake", "~> 10.0"
28
45
  spec.add_development_dependency "rspec","~>0.9"
46
+ spec.add_development_dependency "rake-compiler"
47
+
48
+ spec.extensions = %w[ext/libinjection/extconf.rb]
29
49
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tcell_agent
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.19
4
+ version: 0.2.21
5
5
  platform: ruby
6
6
  authors:
7
7
  - Garrett
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-15 00:00:00.000000000 Z
11
+ date: 2016-10-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rest-client
@@ -108,16 +108,32 @@ dependencies:
108
108
  - - ~>
109
109
  - !ruby/object:Gem::Version
110
110
  version: '0.9'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rake-compiler
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - '>='
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - '>='
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
111
125
  description: This agent allows users to use the tCell.io service with their Rails
112
126
  or Sinatra app.
113
127
  email:
114
128
  - garrett@tcell.io
115
129
  executables:
116
130
  - tcell_agent
117
- extensions: []
131
+ extensions:
132
+ - ext/libinjection/extconf.rb
118
133
  extra_rdoc_files: []
119
134
  files:
120
135
  - Rakefile
136
+ - lib/tcell_agent.rb
121
137
  - lib/tcell_agent/agent/event_processor.rb
122
138
  - lib/tcell_agent/agent/fork_pipe_manager.rb
123
139
  - lib/tcell_agent/agent/policy_manager.rb
@@ -141,6 +157,7 @@ files:
141
157
  - lib/tcell_agent/policies/appsensor/login_sensor.rb
142
158
  - lib/tcell_agent/policies/appsensor/misc_sensor.rb
143
159
  - lib/tcell_agent/policies/appsensor/nullbyte_sensor.rb
160
+ - lib/tcell_agent/policies/appsensor/payloads_policy.rb
144
161
  - lib/tcell_agent/policies/appsensor/request_size_sensor.rb
145
162
  - lib/tcell_agent/policies/appsensor/response_codes_sensor.rb
146
163
  - lib/tcell_agent/policies/appsensor/response_size_sensor.rb
@@ -202,7 +219,6 @@ files:
202
219
  - lib/tcell_agent/utils/queue_with_timeout.rb
203
220
  - lib/tcell_agent/utils/strings.rb
204
221
  - lib/tcell_agent/version.rb
205
- - lib/tcell_agent.rb
206
222
  - spec/apps/rails-3.2/app/assets/images/rails.png
207
223
  - spec/apps/rails-3.2/app/assets/javascripts/application.js
208
224
  - spec/apps/rails-3.2/app/assets/stylesheets/application.css
@@ -262,6 +278,9 @@ files:
262
278
  - spec/lib/tcell_agent/policies/appsensor/login_sensor_spec.rb
263
279
  - spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb
264
280
  - spec/lib/tcell_agent/policies/appsensor/nullbyte_sensor_spec.rb
281
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_apply_spec.rb
282
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb
283
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_log_spec.rb
265
284
  - spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb
266
285
  - spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb
267
286
  - spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb
@@ -302,8 +321,19 @@ files:
302
321
  - spec/support/static_agent_overrides.rb
303
322
  - README.md
304
323
  - LICENSE
324
+ - LICENSE_libinjection
305
325
  - tcell_agent.gemspec
326
+ - ext/libinjection/libinjection.h
327
+ - ext/libinjection/libinjection_html5.c
328
+ - ext/libinjection/libinjection_html5.h
329
+ - ext/libinjection/libinjection_sqli.c
330
+ - ext/libinjection/libinjection_sqli.h
331
+ - ext/libinjection/libinjection_sqli_data.h
332
+ - ext/libinjection/libinjection_wrap.c
333
+ - ext/libinjection/libinjection_xss.c
334
+ - ext/libinjection/libinjection_xss.h
306
335
  - bin/tcell_agent
336
+ - ext/libinjection/extconf.rb
307
337
  homepage: https://www.tcell.io
308
338
  licenses:
309
339
  - Copyright (c) 2015 tCell.io (see LICENSE file)
@@ -390,6 +420,9 @@ test_files:
390
420
  - spec/lib/tcell_agent/policies/appsensor/login_sensor_spec.rb
391
421
  - spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb
392
422
  - spec/lib/tcell_agent/policies/appsensor/nullbyte_sensor_spec.rb
423
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_apply_spec.rb
424
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb
425
+ - spec/lib/tcell_agent/policies/appsensor/payloads_policy_log_spec.rb
393
426
  - spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb
394
427
  - spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb
395
428
  - spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb