tcell_agent 0.4.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (199) hide show
  1. checksums.yaml +4 -4
  2. data/Rakefile +9 -22
  3. data/bin/tcell_agent +127 -132
  4. data/lib/tcell_agent/agent/event_processor.rb +23 -22
  5. data/lib/tcell_agent/agent/fork_pipe_manager.rb +7 -7
  6. data/lib/tcell_agent/agent/policy_manager.rb +20 -15
  7. data/lib/tcell_agent/agent/policy_types.rb +5 -11
  8. data/lib/tcell_agent/agent/static_agent.rb +5 -1
  9. data/lib/tcell_agent/agent.rb +6 -4
  10. data/lib/tcell_agent/api.rb +7 -9
  11. data/lib/tcell_agent/appsensor/meta_data.rb +11 -4
  12. data/lib/tcell_agent/authlogic.rb +3 -3
  13. data/lib/tcell_agent/cmdi.rb +6 -4
  14. data/lib/tcell_agent/config/unknown_options.rb +3 -1
  15. data/lib/tcell_agent/configuration.rb +47 -49
  16. data/lib/tcell_agent/devise.rb +2 -2
  17. data/lib/tcell_agent/hooks/login_fraud.rb +58 -29
  18. data/lib/tcell_agent/instrumentation.rb +11 -10
  19. data/lib/tcell_agent/logger.rb +2 -2
  20. data/lib/tcell_agent/patches/meta_data.rb +9 -13
  21. data/lib/tcell_agent/patches.rb +7 -10
  22. data/lib/tcell_agent/policies/clickjacking_policy.rb +4 -5
  23. data/lib/tcell_agent/policies/content_security_policy.rb +6 -12
  24. data/lib/tcell_agent/policies/dataloss_policy.rb +2 -2
  25. data/lib/tcell_agent/policies/http_redirect_policy.rb +2 -2
  26. data/lib/tcell_agent/policies/policy.rb +0 -2
  27. data/lib/tcell_agent/policies/rust_policies.rb +90 -0
  28. data/lib/tcell_agent/policies/secure_headers_policy.rb +2 -2
  29. data/lib/tcell_agent/rails/auth/authlogic.rb +42 -24
  30. data/lib/tcell_agent/rails/auth/devise.rb +44 -23
  31. data/lib/tcell_agent/rails/auth/doorkeeper.rb +33 -15
  32. data/lib/tcell_agent/rails/better_ip.rb +1 -1
  33. data/lib/tcell_agent/rails/csrf_exception.rb +2 -2
  34. data/lib/tcell_agent/rails/dlp/process_request.rb +1 -1
  35. data/lib/tcell_agent/rails/dlp.rb +6 -6
  36. data/lib/tcell_agent/rails/dlp_handler.rb +1 -1
  37. data/lib/tcell_agent/rails/js_agent_insert.rb +1 -1
  38. data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb +1 -1
  39. data/lib/tcell_agent/rails/middleware/context_middleware.rb +3 -2
  40. data/lib/tcell_agent/rails/middleware/headers_middleware.rb +10 -9
  41. data/lib/tcell_agent/rails/routes/grape.rb +6 -6
  42. data/lib/tcell_agent/rails/routes.rb +8 -11
  43. data/lib/tcell_agent/rust/libtcellagent-0.11.1.dylib +0 -0
  44. data/lib/tcell_agent/rust/{libtcellagent-0.6.1.so → libtcellagent-0.11.1.so} +0 -0
  45. data/lib/tcell_agent/rust/models.rb +16 -0
  46. data/lib/tcell_agent/rust/tcellagent-0.11.1.dll +0 -0
  47. data/lib/tcell_agent/rust/whisperer.rb +119 -48
  48. data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +17 -20
  49. data/lib/tcell_agent/sensor_events/command_injection.rb +50 -5
  50. data/lib/tcell_agent/sensor_events/login_fraud.rb +34 -18
  51. data/lib/tcell_agent/sensor_events/patches.rb +21 -0
  52. data/lib/tcell_agent/sensor_events/server_agent.rb +3 -3
  53. data/lib/tcell_agent/sensor_events/util/utils.rb +4 -3
  54. data/lib/tcell_agent/servers/puma.rb +2 -2
  55. data/lib/tcell_agent/servers/unicorn.rb +1 -1
  56. data/lib/tcell_agent/utils/passwords.rb +28 -0
  57. data/lib/tcell_agent/version.rb +1 -1
  58. data/lib/tcell_agent.rb +1 -5
  59. data/spec/apps/rails-3.2/config/tcell_agent.config +15 -0
  60. data/spec/apps/rails-3.2/log/development.log +0 -0
  61. data/spec/apps/rails-3.2/log/test.log +12 -0
  62. data/spec/apps/rails-4.1/log/test.log +0 -0
  63. data/spec/lib/tcell_agent/agent/fork_pipe_manager_spec.rb +46 -45
  64. data/spec/lib/tcell_agent/agent/policy_manager_spec.rb +276 -164
  65. data/spec/lib/tcell_agent/agent/static_agent_spec.rb +44 -47
  66. data/spec/lib/tcell_agent/api/api_spec.rb +16 -16
  67. data/spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb +131 -116
  68. data/spec/lib/tcell_agent/appsensor/meta_data_spec.rb +55 -51
  69. data/spec/lib/tcell_agent/cmdi_spec.rb +413 -436
  70. data/spec/lib/tcell_agent/config/unknown_options_spec.rb +145 -128
  71. data/spec/lib/tcell_agent/configuration_spec.rb +165 -169
  72. data/spec/lib/tcell_agent/hooks/login_fraud_spec.rb +144 -153
  73. data/spec/lib/tcell_agent/instrumentation_spec.rb +84 -85
  74. data/spec/lib/tcell_agent/patches_spec.rb +70 -111
  75. data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +313 -244
  76. data/spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb +28 -28
  77. data/spec/lib/tcell_agent/policies/command_injection_policy_spec.rb +643 -513
  78. data/spec/lib/tcell_agent/policies/content_security_policy_spec.rb +55 -102
  79. data/spec/lib/tcell_agent/policies/dataloss_policy_spec.rb +111 -134
  80. data/spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb +141 -146
  81. data/spec/lib/tcell_agent/policies/http_tx_policy_spec.rb +8 -8
  82. data/spec/lib/tcell_agent/policies/login_policy_spec.rb +15 -17
  83. data/spec/lib/tcell_agent/policies/patches_policy_spec.rb +231 -559
  84. data/spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb +27 -27
  85. data/spec/lib/tcell_agent/rails/better_ip_spec.rb +30 -34
  86. data/spec/lib/tcell_agent/rails/logger_spec.rb +50 -49
  87. data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +182 -199
  88. data/spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb +110 -84
  89. data/spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb +107 -85
  90. data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +68 -40
  91. data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +81 -67
  92. data/spec/lib/tcell_agent/rails/responses_spec.rb +33 -37
  93. data/spec/lib/tcell_agent/rails/routes/grape_spec.rb +116 -121
  94. data/spec/lib/tcell_agent/rails/routes/route_id_spec.rb +25 -28
  95. data/spec/lib/tcell_agent/rails/routes/routes_spec.rb +87 -85
  96. data/spec/lib/tcell_agent/rails_spec.rb +1 -6
  97. data/spec/lib/tcell_agent/rust/models_spec.rb +112 -0
  98. data/spec/lib/tcell_agent/rust/whisperer_spec.rb +502 -179
  99. data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +44 -33
  100. data/spec/lib/tcell_agent/sensor_events/dlp_spec.rb +4 -4
  101. data/spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb +183 -169
  102. data/spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb +25 -25
  103. data/spec/lib/tcell_agent/utils/bounded_queue_spec.rb +17 -20
  104. data/spec/lib/tcell_agent/utils/params_spec.rb +28 -28
  105. data/spec/lib/tcell_agent/utils/passwords_spec.rb +143 -0
  106. data/spec/lib/tcell_agent/utils/strings_spec.rb +35 -35
  107. data/spec/lib/tcell_agent_spec.rb +8 -8
  108. data/spec/spec_helper.rb +4 -4
  109. data/spec/support/middleware_helper.rb +10 -10
  110. data/spec/support/static_agent_overrides.rb +16 -12
  111. data/tcell_agent.gemspec +17 -33
  112. metadata +43 -198
  113. data/LICENSE_libinjection +0 -32
  114. data/Readme.txt +0 -7
  115. data/ext/libinjection/extconf.rb +0 -3
  116. data/ext/libinjection/libinjection.h +0 -65
  117. data/ext/libinjection/libinjection_html5.c +0 -847
  118. data/ext/libinjection/libinjection_html5.h +0 -54
  119. data/ext/libinjection/libinjection_sqli.c +0 -2317
  120. data/ext/libinjection/libinjection_sqli.h +0 -295
  121. data/ext/libinjection/libinjection_sqli_data.h +0 -9004
  122. data/ext/libinjection/libinjection_wrap.c +0 -3525
  123. data/ext/libinjection/libinjection_xss.c +0 -531
  124. data/ext/libinjection/libinjection_xss.h +0 -21
  125. data/lib/tcell_agent/appsensor/injections_matcher.rb +0 -155
  126. data/lib/tcell_agent/appsensor/rules/appsensor_rule_manager.rb +0 -49
  127. data/lib/tcell_agent/appsensor/rules/appsensor_rule_set.rb +0 -67
  128. data/lib/tcell_agent/appsensor/rules/baserules.json +0 -467
  129. data/lib/tcell_agent/patches/block_rule.rb +0 -93
  130. data/lib/tcell_agent/patches/sensors_matcher.rb +0 -31
  131. data/lib/tcell_agent/policies/appsensor/cmdi_sensor.rb +0 -23
  132. data/lib/tcell_agent/policies/appsensor/fpt_sensor.rb +0 -23
  133. data/lib/tcell_agent/policies/appsensor/injection_sensor.rb +0 -117
  134. data/lib/tcell_agent/policies/appsensor/nullbyte_sensor.rb +0 -26
  135. data/lib/tcell_agent/policies/appsensor/retr_sensor.rb +0 -22
  136. data/lib/tcell_agent/policies/appsensor/sqli_sensor.rb +0 -34
  137. data/lib/tcell_agent/policies/appsensor/xss_sensor.rb +0 -34
  138. data/lib/tcell_agent/policies/appsensor_policy.rb +0 -49
  139. data/lib/tcell_agent/policies/command_injection_policy.rb +0 -196
  140. data/lib/tcell_agent/policies/honeytokens_policy.rb +0 -69
  141. data/lib/tcell_agent/policies/patches_policy.rb +0 -84
  142. data/lib/tcell_agent/rust/libtcellagent-0.6.1.dylib +0 -0
  143. data/lib/tcell_agent/rust/tcellagent-0.6.1.dll +0 -0
  144. data/spec/apps/rails-3.2/Gemfile +0 -25
  145. data/spec/apps/rails-3.2/Gemfile.lock +0 -126
  146. data/spec/apps/rails-3.2/Rakefile +0 -7
  147. data/spec/apps/rails-3.2/app/assets/images/rails.png +0 -0
  148. data/spec/apps/rails-3.2/app/assets/javascripts/application.js +0 -15
  149. data/spec/apps/rails-3.2/app/assets/stylesheets/application.css +0 -13
  150. data/spec/apps/rails-3.2/app/controllers/application_controller.rb +0 -3
  151. data/spec/apps/rails-3.2/app/controllers/t_cell_app_controller.rb +0 -5
  152. data/spec/apps/rails-3.2/app/helpers/application_helper.rb +0 -2
  153. data/spec/apps/rails-3.2/app/views/layouts/application.html.erb +0 -14
  154. data/spec/apps/rails-3.2/app/views/t_cell_app/index.html.erb +0 -1
  155. data/spec/apps/rails-3.2/config/application.rb +0 -63
  156. data/spec/apps/rails-3.2/config/boot.rb +0 -6
  157. data/spec/apps/rails-3.2/config/environment.rb +0 -5
  158. data/spec/apps/rails-3.2/config/environments/test.rb +0 -37
  159. data/spec/apps/rails-3.2/config/routes.rb +0 -11
  160. data/spec/apps/rails-3.2/config.ru +0 -4
  161. data/spec/apps/rails-4.1/Gemfile +0 -7
  162. data/spec/apps/rails-4.1/Gemfile.lock +0 -114
  163. data/spec/apps/rails-4.1/Rakefile +0 -6
  164. data/spec/apps/rails-4.1/app/assets/javascripts/application.js +0 -16
  165. data/spec/apps/rails-4.1/app/assets/stylesheets/application.css +0 -15
  166. data/spec/apps/rails-4.1/app/controllers/application_controller.rb +0 -5
  167. data/spec/apps/rails-4.1/app/controllers/t_cell_app_controller.rb +0 -5
  168. data/spec/apps/rails-4.1/app/helpers/application_helper.rb +0 -2
  169. data/spec/apps/rails-4.1/app/views/layouts/application.html.erb +0 -14
  170. data/spec/apps/rails-4.1/app/views/t_cell_app/index.html.erb +0 -1
  171. data/spec/apps/rails-4.1/config/application.rb +0 -24
  172. data/spec/apps/rails-4.1/config/boot.rb +0 -4
  173. data/spec/apps/rails-4.1/config/environment.rb +0 -5
  174. data/spec/apps/rails-4.1/config/environments/test.rb +0 -41
  175. data/spec/apps/rails-4.1/config/initializers/assets.rb +0 -8
  176. data/spec/apps/rails-4.1/config/initializers/backtrace_silencers.rb +0 -7
  177. data/spec/apps/rails-4.1/config/initializers/cookies_serializer.rb +0 -3
  178. data/spec/apps/rails-4.1/config/initializers/filter_parameter_logging.rb +0 -4
  179. data/spec/apps/rails-4.1/config/initializers/inflections.rb +0 -16
  180. data/spec/apps/rails-4.1/config/initializers/mime_types.rb +0 -4
  181. data/spec/apps/rails-4.1/config/initializers/session_store.rb +0 -3
  182. data/spec/apps/rails-4.1/config/initializers/wrap_parameters.rb +0 -14
  183. data/spec/apps/rails-4.1/config/locales/en.yml +0 -23
  184. data/spec/apps/rails-4.1/config/routes.rb +0 -12
  185. data/spec/apps/rails-4.1/config/secrets.yml +0 -22
  186. data/spec/apps/rails-4.1/config.ru +0 -4
  187. data/spec/controllers/application_controller.rb +0 -12
  188. data/spec/lib/tcell_agent/appsensor/injections_matcher_spec.rb +0 -522
  189. data/spec/lib/tcell_agent/appsensor/rules/appsensor_rule_manager_spec.rb +0 -23
  190. data/spec/lib/tcell_agent/appsensor/rules/appsensor_rule_set_spec.rb +0 -159
  191. data/spec/lib/tcell_agent/patches/block_rule_spec.rb +0 -458
  192. data/spec/lib/tcell_agent/patches/sensors_matcher_spec.rb +0 -35
  193. data/spec/lib/tcell_agent/policies/appsensor/cmdi_sensor_spec.rb +0 -139
  194. data/spec/lib/tcell_agent/policies/appsensor/fpt_sensor_spec.rb +0 -139
  195. data/spec/lib/tcell_agent/policies/appsensor/nullbyte_sensor_spec.rb +0 -167
  196. data/spec/lib/tcell_agent/policies/appsensor/retr_sensor_spec.rb +0 -139
  197. data/spec/lib/tcell_agent/policies/appsensor/sqli_sensor_spec.rb +0 -246
  198. data/spec/lib/tcell_agent/policies/appsensor/xss_sensor_spec.rb +0 -882
  199. data/spec/lib/tcell_agent/policies/honeytokens_policy_spec.rb +0 -22
data/spec/lib/tcell_agent/policies/appsensor/cmdi_sensor_spec.rb DELETED
@@ -1,139 +0,0 @@
1
- require 'spec_helper'
2
-
3
- module TCellAgent
4
- module Policies
5
-
6
- describe CmdiSensor do
7
- context "#initialize" do
8
- context "default sensor" do
9
- it "should have properties set to defaults" do
10
- sensor = CmdiSensor.new
11
- expect(sensor.enabled).to eq(false)
12
- expect(sensor.detection_point).to eq("cmdi")
13
- expect(sensor.exclude_headers).to eq(false)
14
- expect(sensor.exclude_forms).to eq(false)
15
- expect(sensor.exclude_cookies).to eq(false)
16
- expect(sensor.exclusions).to eq({})
17
- expect(sensor.active_pattern_ids).to eq(Set.new)
18
- expect(sensor.v1_compatability_enabled).to eq(false)
19
- end
20
- end
21
-
22
- context "setting enabled on sensor" do
23
- it "should be enabled" do
24
- sensor = CmdiSensor.new({"enabled" => true})
25
- expect(sensor.enabled).to eq(true)
26
- expect(sensor.detection_point).to eq("cmdi")
27
- expect(sensor.exclude_headers).to eq(false)
28
- expect(sensor.exclude_forms).to eq(false)
29
- expect(sensor.exclude_cookies).to eq(false)
30
- expect(sensor.exclusions).to eq({})
31
- expect(sensor.active_pattern_ids).to eq(Set.new)
32
- expect(sensor.v1_compatability_enabled).to eq(false)
33
- end
34
- end
35
-
36
- context "setting exclude_headers on sensor" do
37
- it "should have exclude_headers" do
38
- sensor = CmdiSensor.new({"exclude_headers" => true})
39
- expect(sensor.enabled).to eq(false)
40
- expect(sensor.detection_point).to eq("cmdi")
41
- expect(sensor.exclude_headers).to eq(true)
42
- expect(sensor.exclude_forms).to eq(false)
43
- expect(sensor.exclude_cookies).to eq(false)
44
- expect(sensor.exclusions).to eq({})
45
- expect(sensor.active_pattern_ids).to eq(Set.new)
46
- expect(sensor.v1_compatability_enabled).to eq(false)
47
- end
48
- end
49
-
50
- context "setting exclude_forms on sensor" do
51
- it "should have exclude_forms" do
52
- sensor = CmdiSensor.new({"exclude_forms" => true})
53
- expect(sensor.enabled).to eq(false)
54
- expect(sensor.detection_point).to eq("cmdi")
55
- expect(sensor.exclude_headers).to eq(false)
56
- expect(sensor.exclude_forms).to eq(true)
57
- expect(sensor.exclude_cookies).to eq(false)
58
- expect(sensor.exclusions).to eq({})
59
- expect(sensor.active_pattern_ids).to eq(Set.new)
60
- expect(sensor.v1_compatability_enabled).to eq(false)
61
- end
62
- end
63
-
64
- context "setting exclude_cookies on sensor" do
65
- it "should have exclude_cookies" do
66
- sensor = CmdiSensor.new({"exclude_cookies" => true})
67
- expect(sensor.enabled).to eq(false)
68
- expect(sensor.detection_point).to eq("cmdi")
69
- expect(sensor.exclude_headers).to eq(false)
70
- expect(sensor.exclude_forms).to eq(false)
71
- expect(sensor.exclude_cookies).to eq(true)
72
- expect(sensor.exclusions).to eq({})
73
- expect(sensor.active_pattern_ids).to eq(Set.new)
74
- expect(sensor.v1_compatability_enabled).to eq(false)
75
- end
76
- end
77
-
78
- context "setting exclusions on sensor" do
79
- it "should have exclude_cookies" do
80
- sensor = CmdiSensor.new({"exclusions" => {"word" => Set.new(["form", "header"])}})
81
- expect(sensor.enabled).to eq(false)
82
- expect(sensor.detection_point).to eq("cmdi")
83
- expect(sensor.exclude_headers).to eq(false)
84
- expect(sensor.exclude_forms).to eq(false)
85
- expect(sensor.exclude_cookies).to eq(false)
86
- expect(sensor.exclusions).to eq(
87
- {"word"=>Set.new(["form", "header"])}
88
- )
89
- expect(sensor.active_pattern_ids).to eq(Set.new)
90
- expect(sensor.v1_compatability_enabled).to eq(false)
91
- end
92
- end
93
-
94
- context "setting active_pattern_ids on sensor" do
95
- it "should have active_pattern_ids" do
96
- sensor = CmdiSensor.new({"patterns" => ["1", "2", "3"]})
97
- expect(sensor.enabled).to eq(false)
98
- expect(sensor.detection_point).to eq("cmdi")
99
- expect(sensor.exclude_headers).to eq(false)
100
- expect(sensor.exclude_forms).to eq(false)
101
- expect(sensor.exclude_cookies).to eq(false)
102
- expect(sensor.exclusions).to eq({})
103
- expect(sensor.active_pattern_ids).to eq(
104
- Set.new(["1", "2", "3"])
105
- )
106
- expect(sensor.v1_compatability_enabled).to eq(false)
107
- end
108
- end
109
-
110
- context "setting v1_compatability_enabled on sensor" do
111
- it "should have v1_compatability_enabled" do
112
- sensor = CmdiSensor.new({"v1_compatability_enabled" => true})
113
- expect(sensor.enabled).to eq(false)
114
- expect(sensor.detection_point).to eq("cmdi")
115
- expect(sensor.exclude_headers).to eq(false)
116
- expect(sensor.exclude_forms).to eq(false)
117
- expect(sensor.exclude_cookies).to eq(false)
118
- expect(sensor.exclusions).to eq({})
119
- expect(sensor.active_pattern_ids).to eq(Set.new)
120
- expect(sensor.v1_compatability_enabled).to eq(true)
121
- end
122
- end
123
-
124
- end
125
-
126
- describe "#applicable_for_param_type?" do
127
- it "should be applicable for all param types" do
128
- sensor = CmdiSensor.new
129
- expect(sensor.applicable_for_param_type?(InjectionSensor::GET_PARAM)).to eq(true)
130
- expect(sensor.applicable_for_param_type?(InjectionSensor::POST_PARAM)).to eq(true)
131
- expect(sensor.applicable_for_param_type?(InjectionSensor::JSON_PARAM)).to eq(true)
132
- expect(sensor.applicable_for_param_type?(InjectionSensor::COOKIE_PARAM)).to eq(false)
133
- expect(sensor.applicable_for_param_type?(InjectionSensor::URI_PARAM)).to eq(true)
134
- end
135
- end
136
- end
137
-
138
- end
139
- end
data/spec/lib/tcell_agent/policies/appsensor/fpt_sensor_spec.rb DELETED
@@ -1,139 +0,0 @@
1
- require 'spec_helper'
2
-
3
- module TCellAgent
4
- module Policies
5
-
6
- describe FptSensor do
7
- context "#initialize" do
8
- context "default sensor" do
9
- it "should have properties set to defaults" do
10
- sensor = FptSensor.new
11
- expect(sensor.enabled).to eq(false)
12
- expect(sensor.detection_point).to eq("fpt")
13
- expect(sensor.exclude_headers).to eq(false)
14
- expect(sensor.exclude_forms).to eq(false)
15
- expect(sensor.exclude_cookies).to eq(false)
16
- expect(sensor.exclusions).to eq({})
17
- expect(sensor.active_pattern_ids).to eq(Set.new)
18
- expect(sensor.v1_compatability_enabled).to eq(false)
19
- end
20
- end
21
-
22
- context "setting enabled on sensor" do
23
- it "should be enabled" do
24
- sensor = FptSensor.new({"enabled" => true})
25
- expect(sensor.enabled).to eq(true)
26
- expect(sensor.detection_point).to eq("fpt")
27
- expect(sensor.exclude_headers).to eq(false)
28
- expect(sensor.exclude_forms).to eq(false)
29
- expect(sensor.exclude_cookies).to eq(false)
30
- expect(sensor.exclusions).to eq({})
31
- expect(sensor.active_pattern_ids).to eq(Set.new)
32
- expect(sensor.v1_compatability_enabled).to eq(false)
33
- end
34
- end
35
-
36
- context "setting exclude_headers on sensor" do
37
- it "should have exclude_headers" do
38
- sensor = FptSensor.new({"exclude_headers" => true})
39
- expect(sensor.enabled).to eq(false)
40
- expect(sensor.detection_point).to eq("fpt")
41
- expect(sensor.exclude_headers).to eq(true)
42
- expect(sensor.exclude_forms).to eq(false)
43
- expect(sensor.exclude_cookies).to eq(false)
44
- expect(sensor.exclusions).to eq({})
45
- expect(sensor.active_pattern_ids).to eq(Set.new)
46
- expect(sensor.v1_compatability_enabled).to eq(false)
47
- end
48
- end
49
-
50
- context "setting exclude_forms on sensor" do
51
- it "should have exclude_forms" do
52
- sensor = FptSensor.new({"exclude_forms" => true})
53
- expect(sensor.enabled).to eq(false)
54
- expect(sensor.detection_point).to eq("fpt")
55
- expect(sensor.exclude_headers).to eq(false)
56
- expect(sensor.exclude_forms).to eq(true)
57
- expect(sensor.exclude_cookies).to eq(false)
58
- expect(sensor.exclusions).to eq({})
59
- expect(sensor.active_pattern_ids).to eq(Set.new)
60
- expect(sensor.v1_compatability_enabled).to eq(false)
61
- end
62
- end
63
-
64
- context "setting exclude_cookies on sensor" do
65
- it "should have exclude_cookies" do
66
- sensor = FptSensor.new({"exclude_cookies" => true})
67
- expect(sensor.enabled).to eq(false)
68
- expect(sensor.detection_point).to eq("fpt")
69
- expect(sensor.exclude_headers).to eq(false)
70
- expect(sensor.exclude_forms).to eq(false)
71
- expect(sensor.exclude_cookies).to eq(true)
72
- expect(sensor.exclusions).to eq({})
73
- expect(sensor.active_pattern_ids).to eq(Set.new)
74
- expect(sensor.v1_compatability_enabled).to eq(false)
75
- end
76
- end
77
-
78
- context "setting exclusions on sensor" do
79
- it "should have exclude_cookies" do
80
- sensor = FptSensor.new({"exclusions" => {"word" => ["form", "header"]}})
81
- expect(sensor.enabled).to eq(false)
82
- expect(sensor.detection_point).to eq("fpt")
83
- expect(sensor.exclude_headers).to eq(false)
84
- expect(sensor.exclude_forms).to eq(false)
85
- expect(sensor.exclude_cookies).to eq(false)
86
- expect(sensor.exclusions).to eq(
87
- {"word"=>Set.new(["form", "header"])}
88
- )
89
- expect(sensor.active_pattern_ids).to eq(Set.new)
90
- expect(sensor.v1_compatability_enabled).to eq(false)
91
- end
92
- end
93
-
94
- context "setting active_pattern_ids on sensor" do
95
- it "should have active_pattern_ids" do
96
- sensor = FptSensor.new({"patterns" => ["1", "2", "3"]})
97
- expect(sensor.enabled).to eq(false)
98
- expect(sensor.detection_point).to eq("fpt")
99
- expect(sensor.exclude_headers).to eq(false)
100
- expect(sensor.exclude_forms).to eq(false)
101
- expect(sensor.exclude_cookies).to eq(false)
102
- expect(sensor.exclusions).to eq({})
103
- expect(sensor.active_pattern_ids).to eq(
104
- Set.new(["1", "2", "3"])
105
- )
106
- expect(sensor.v1_compatability_enabled).to eq(false)
107
- end
108
- end
109
-
110
- context "setting v1_compatability_enabled on sensor" do
111
- it "should have v1_compatability_enabled" do
112
- sensor = FptSensor.new({"v1_compatability_enabled" => true})
113
- expect(sensor.enabled).to eq(false)
114
- expect(sensor.detection_point).to eq("fpt")
115
- expect(sensor.exclude_headers).to eq(false)
116
- expect(sensor.exclude_forms).to eq(false)
117
- expect(sensor.exclude_cookies).to eq(false)
118
- expect(sensor.exclusions).to eq({})
119
- expect(sensor.active_pattern_ids).to eq(Set.new)
120
- expect(sensor.v1_compatability_enabled).to eq(true)
121
- end
122
- end
123
-
124
- end
125
-
126
- describe "#applicable_for_param_type?" do
127
- it "should be applicable for all param types" do
128
- sensor = FptSensor.new
129
- expect(sensor.applicable_for_param_type?(InjectionSensor::GET_PARAM)).to eq(true)
130
- expect(sensor.applicable_for_param_type?(InjectionSensor::POST_PARAM)).to eq(true)
131
- expect(sensor.applicable_for_param_type?(InjectionSensor::JSON_PARAM)).to eq(true)
132
- expect(sensor.applicable_for_param_type?(InjectionSensor::COOKIE_PARAM)).to eq(false)
133
- expect(sensor.applicable_for_param_type?(InjectionSensor::URI_PARAM)).to eq(true)
134
- end
135
- end
136
- end
137
-
138
- end
139
- end
data/spec/lib/tcell_agent/policies/appsensor/nullbyte_sensor_spec.rb DELETED
@@ -1,167 +0,0 @@
1
- require 'spec_helper'
2
-
3
- module TCellAgent
4
- module Policies
5
-
6
- describe NullbyteSensor do
7
- context "#initialize" do
8
- context "default sensor" do
9
- it "should have properties set to defaults" do
10
- sensor = NullbyteSensor.new
11
- expect(sensor.enabled).to eq(false)
12
- expect(sensor.detection_point).to eq("null")
13
- expect(sensor.exclude_headers).to eq(false)
14
- expect(sensor.exclude_forms).to eq(false)
15
- expect(sensor.exclude_cookies).to eq(false)
16
- expect(sensor.exclusions).to eq({})
17
- expect(sensor.active_pattern_ids).to eq(Set.new)
18
- expect(sensor.v1_compatability_enabled).to eq(false)
19
- end
20
- end
21
-
22
- context "setting enabled on sensor" do
23
- it "should be enabled" do
24
- sensor = NullbyteSensor.new({"enabled" => true})
25
- expect(sensor.enabled).to eq(true)
26
- expect(sensor.detection_point).to eq("null")
27
- expect(sensor.exclude_headers).to eq(false)
28
- expect(sensor.exclude_forms).to eq(false)
29
- expect(sensor.exclude_cookies).to eq(false)
30
- expect(sensor.exclusions).to eq({})
31
- expect(sensor.active_pattern_ids).to eq(Set.new)
32
- expect(sensor.v1_compatability_enabled).to eq(false)
33
- end
34
- end
35
-
36
- context "setting exclude_headers on sensor" do
37
- it "should have exclude_headers" do
38
- sensor = NullbyteSensor.new({"exclude_headers" => true})
39
- expect(sensor.enabled).to eq(false)
40
- expect(sensor.detection_point).to eq("null")
41
- expect(sensor.exclude_headers).to eq(true)
42
- expect(sensor.exclude_forms).to eq(false)
43
- expect(sensor.exclude_cookies).to eq(false)
44
- expect(sensor.exclusions).to eq({})
45
- expect(sensor.active_pattern_ids).to eq(Set.new)
46
- expect(sensor.v1_compatability_enabled).to eq(false)
47
- end
48
- end
49
-
50
- context "setting exclude_forms on sensor" do
51
- it "should have exclude_forms" do
52
- sensor = NullbyteSensor.new({"exclude_forms" => true})
53
- expect(sensor.enabled).to eq(false)
54
- expect(sensor.detection_point).to eq("null")
55
- expect(sensor.exclude_headers).to eq(false)
56
- expect(sensor.exclude_forms).to eq(true)
57
- expect(sensor.exclude_cookies).to eq(false)
58
- expect(sensor.exclusions).to eq({})
59
- expect(sensor.active_pattern_ids).to eq(Set.new)
60
- expect(sensor.v1_compatability_enabled).to eq(false)
61
- end
62
- end
63
-
64
- context "setting exclude_cookies on sensor" do
65
- it "should have exclude_cookies" do
66
- sensor = NullbyteSensor.new({"exclude_cookies" => true})
67
- expect(sensor.enabled).to eq(false)
68
- expect(sensor.detection_point).to eq("null")
69
- expect(sensor.exclude_headers).to eq(false)
70
- expect(sensor.exclude_forms).to eq(false)
71
- expect(sensor.exclude_cookies).to eq(true)
72
- expect(sensor.exclusions).to eq({})
73
- expect(sensor.active_pattern_ids).to eq(Set.new)
74
- expect(sensor.v1_compatability_enabled).to eq(false)
75
- end
76
- end
77
-
78
- context "setting exclusions on sensor" do
79
- it "should have exclude_cookies" do
80
- sensor = NullbyteSensor.new({"exclusions" => {"word" => ["form", "header"]}})
81
- expect(sensor.enabled).to eq(false)
82
- expect(sensor.detection_point).to eq("null")
83
- expect(sensor.exclude_headers).to eq(false)
84
- expect(sensor.exclude_forms).to eq(false)
85
- expect(sensor.exclude_cookies).to eq(false)
86
- expect(sensor.exclusions).to eq(
87
- {"word"=>Set.new(["form", "header"])}
88
- )
89
- expect(sensor.active_pattern_ids).to eq(Set.new)
90
- expect(sensor.v1_compatability_enabled).to eq(false)
91
- end
92
- end
93
-
94
- context "setting active_pattern_ids on sensor" do
95
- it "should have active_pattern_ids" do
96
- sensor = NullbyteSensor.new({"patterns" => ["1", "2", "3"]})
97
- expect(sensor.enabled).to eq(false)
98
- expect(sensor.detection_point).to eq("null")
99
- expect(sensor.exclude_headers).to eq(false)
100
- expect(sensor.exclude_forms).to eq(false)
101
- expect(sensor.exclude_cookies).to eq(false)
102
- expect(sensor.exclusions).to eq({})
103
- expect(sensor.active_pattern_ids).to eq(
104
- Set.new(["1", "2", "3"])
105
- )
106
- expect(sensor.v1_compatability_enabled).to eq(false)
107
- end
108
- end
109
-
110
- context "setting v1_compatability_enabled on sensor" do
111
- it "should have v1_compatability_enabled" do
112
- sensor = NullbyteSensor.new({"v1_compatability_enabled" => true})
113
- expect(sensor.enabled).to eq(false)
114
- expect(sensor.detection_point).to eq("null")
115
- expect(sensor.exclude_headers).to eq(false)
116
- expect(sensor.exclude_forms).to eq(false)
117
- expect(sensor.exclude_cookies).to eq(false)
118
- expect(sensor.exclusions).to eq({})
119
- expect(sensor.active_pattern_ids).to eq(Set.new)
120
- expect(sensor.v1_compatability_enabled).to eq(true)
121
- end
122
- end
123
-
124
- end
125
-
126
- context "#get_ruleset" do
127
- it "should use a different key to obtain the ruleset" do
128
- sensor = XssSensor.new
129
- expect_any_instance_of(AppSensorRuleManager).to receive(:get_ruleset_for).with("xss")
130
- sensor.get_ruleset
131
-
132
- sensor = SqliSensor.new
133
- expect_any_instance_of(AppSensorRuleManager).to receive(:get_ruleset_for).with("sqli")
134
- sensor.get_ruleset
135
-
136
- sensor = CmdiSensor.new
137
- expect_any_instance_of(AppSensorRuleManager).to receive(:get_ruleset_for).with("cmdi")
138
- sensor.get_ruleset
139
-
140
- sensor = FptSensor.new
141
- expect_any_instance_of(AppSensorRuleManager).to receive(:get_ruleset_for).with("fpt")
142
- sensor.get_ruleset
143
-
144
- sensor = RetrSensor.new
145
- expect_any_instance_of(AppSensorRuleManager).to receive(:get_ruleset_for).with("retr")
146
- sensor.get_ruleset
147
-
148
- sensor = NullbyteSensor.new
149
- expect_any_instance_of(AppSensorRuleManager).to receive(:get_ruleset_for).with("nullbyte")
150
- sensor.get_ruleset
151
- end
152
- end
153
-
154
- describe "#applicable_for_param_type?" do
155
- it "should be applicable for all param types" do
156
- sensor = NullbyteSensor.new
157
- expect(sensor.applicable_for_param_type?(InjectionSensor::GET_PARAM)).to eq(true)
158
- expect(sensor.applicable_for_param_type?(InjectionSensor::POST_PARAM)).to eq(true)
159
- expect(sensor.applicable_for_param_type?(InjectionSensor::JSON_PARAM)).to eq(true)
160
- expect(sensor.applicable_for_param_type?(InjectionSensor::COOKIE_PARAM)).to eq(false)
161
- expect(sensor.applicable_for_param_type?(InjectionSensor::URI_PARAM)).to eq(true)
162
- end
163
- end
164
- end
165
-
166
- end
167
- end
data/spec/lib/tcell_agent/policies/appsensor/retr_sensor_spec.rb DELETED
@@ -1,139 +0,0 @@
1
- require 'spec_helper'
2
-
3
- module TCellAgent
4
- module Policies
5
-
6
- describe RetrSensor do
7
- context "#initialize" do
8
- context "default sensor" do
9
- it "should have properties set to defaults" do
10
- sensor = RetrSensor.new
11
- expect(sensor.enabled).to eq(false)
12
- expect(sensor.detection_point).to eq("retr")
13
- expect(sensor.exclude_headers).to eq(false)
14
- expect(sensor.exclude_forms).to eq(false)
15
- expect(sensor.exclude_cookies).to eq(false)
16
- expect(sensor.exclusions).to eq({})
17
- expect(sensor.active_pattern_ids).to eq(Set.new)
18
- expect(sensor.v1_compatability_enabled).to eq(false)
19
- end
20
- end
21
-
22
- context "setting enabled on sensor" do
23
- it "should be enabled" do
24
- sensor = RetrSensor.new({"enabled" => true})
25
- expect(sensor.enabled).to eq(true)
26
- expect(sensor.detection_point).to eq("retr")
27
- expect(sensor.exclude_headers).to eq(false)
28
- expect(sensor.exclude_forms).to eq(false)
29
- expect(sensor.exclude_cookies).to eq(false)
30
- expect(sensor.exclusions).to eq({})
31
- expect(sensor.active_pattern_ids).to eq(Set.new)
32
- expect(sensor.v1_compatability_enabled).to eq(false)
33
- end
34
- end
35
-
36
- context "setting exclude_headers on sensor" do
37
- it "should have exclude_headers" do
38
- sensor = RetrSensor.new({"exclude_headers" => true})
39
- expect(sensor.enabled).to eq(false)
40
- expect(sensor.detection_point).to eq("retr")
41
- expect(sensor.exclude_headers).to eq(true)
42
- expect(sensor.exclude_forms).to eq(false)
43
- expect(sensor.exclude_cookies).to eq(false)
44
- expect(sensor.exclusions).to eq({})
45
- expect(sensor.active_pattern_ids).to eq(Set.new)
46
- expect(sensor.v1_compatability_enabled).to eq(false)
47
- end
48
- end
49
-
50
- context "setting exclude_forms on sensor" do
51
- it "should have exclude_forms" do
52
- sensor = RetrSensor.new({"exclude_forms" => true})
53
- expect(sensor.enabled).to eq(false)
54
- expect(sensor.detection_point).to eq("retr")
55
- expect(sensor.exclude_headers).to eq(false)
56
- expect(sensor.exclude_forms).to eq(true)
57
- expect(sensor.exclude_cookies).to eq(false)
58
- expect(sensor.exclusions).to eq({})
59
- expect(sensor.active_pattern_ids).to eq(Set.new)
60
- expect(sensor.v1_compatability_enabled).to eq(false)
61
- end
62
- end
63
-
64
- context "setting exclude_cookies on sensor" do
65
- it "should have exclude_cookies" do
66
- sensor = RetrSensor.new({"exclude_cookies" => true})
67
- expect(sensor.enabled).to eq(false)
68
- expect(sensor.detection_point).to eq("retr")
69
- expect(sensor.exclude_headers).to eq(false)
70
- expect(sensor.exclude_forms).to eq(false)
71
- expect(sensor.exclude_cookies).to eq(true)
72
- expect(sensor.exclusions).to eq({})
73
- expect(sensor.active_pattern_ids).to eq(Set.new)
74
- expect(sensor.v1_compatability_enabled).to eq(false)
75
- end
76
- end
77
-
78
- context "setting exclusions on sensor" do
79
- it "should have exclude_cookies" do
80
- sensor = RetrSensor.new({"exclusions" => {"word" => ["form", "header"]}})
81
- expect(sensor.enabled).to eq(false)
82
- expect(sensor.detection_point).to eq("retr")
83
- expect(sensor.exclude_headers).to eq(false)
84
- expect(sensor.exclude_forms).to eq(false)
85
- expect(sensor.exclude_cookies).to eq(false)
86
- expect(sensor.exclusions).to eq(
87
- {"word"=>Set.new(["form", "header"])}
88
- )
89
- expect(sensor.active_pattern_ids).to eq(Set.new)
90
- expect(sensor.v1_compatability_enabled).to eq(false)
91
- end
92
- end
93
-
94
- context "setting active_pattern_ids on sensor" do
95
- it "should have active_pattern_ids" do
96
- sensor = RetrSensor.new({"patterns" => ["1", "2", "3"]})
97
- expect(sensor.enabled).to eq(false)
98
- expect(sensor.detection_point).to eq("retr")
99
- expect(sensor.exclude_headers).to eq(false)
100
- expect(sensor.exclude_forms).to eq(false)
101
- expect(sensor.exclude_cookies).to eq(false)
102
- expect(sensor.exclusions).to eq({})
103
- expect(sensor.active_pattern_ids).to eq(
104
- Set.new(["1", "2", "3"])
105
- )
106
- expect(sensor.v1_compatability_enabled).to eq(false)
107
- end
108
- end
109
-
110
- context "setting v1_compatability_enabled on sensor" do
111
- it "should have v1_compatability_enabled" do
112
- sensor = RetrSensor.new({"v1_compatability_enabled" => true})
113
- expect(sensor.enabled).to eq(false)
114
- expect(sensor.detection_point).to eq("retr")
115
- expect(sensor.exclude_headers).to eq(false)
116
- expect(sensor.exclude_forms).to eq(false)
117
- expect(sensor.exclude_cookies).to eq(false)
118
- expect(sensor.exclusions).to eq({})
119
- expect(sensor.active_pattern_ids).to eq(Set.new)
120
- expect(sensor.v1_compatability_enabled).to eq(true)
121
- end
122
- end
123
-
124
- end
125
-
126
- describe "#applicable_for_param_type?" do
127
- it "should be applicable for all param types" do
128
- sensor = RetrSensor.new
129
- expect(sensor.applicable_for_param_type?(InjectionSensor::GET_PARAM)).to eq(true)
130
- expect(sensor.applicable_for_param_type?(InjectionSensor::POST_PARAM)).to eq(false)
131
- expect(sensor.applicable_for_param_type?(InjectionSensor::JSON_PARAM)).to eq(false)
132
- expect(sensor.applicable_for_param_type?(InjectionSensor::COOKIE_PARAM)).to eq(true)
133
- expect(sensor.applicable_for_param_type?(InjectionSensor::URI_PARAM)).to eq(true)
134
- end
135
- end
136
- end
137
-
138
- end
139
- end