tcell_agent 1.1.12 → 2.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/bin/tcell_agent +45 -137
- data/lib/tcell_agent.rb +12 -14
- data/lib/tcell_agent/agent.rb +108 -97
- data/lib/tcell_agent/agent/route_manager.rb +0 -16
- data/lib/tcell_agent/agent/static_agent.rb +9 -30
- data/lib/tcell_agent/config_initializer.rb +66 -0
- data/lib/tcell_agent/configuration.rb +69 -345
- data/lib/tcell_agent/hooks/login_fraud.rb +30 -33
- data/lib/tcell_agent/instrument_servers.rb +23 -0
- data/lib/tcell_agent/instrumentation.rb +12 -10
- data/lib/tcell_agent/instrumentation/cmdi.rb +29 -25
- data/lib/tcell_agent/instrumentation/lfi.rb +84 -0
- data/lib/tcell_agent/instrumentation/monkey_patches/file.rb +25 -0
- data/lib/tcell_agent/instrumentation/monkey_patches/io.rb +131 -0
- data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb +102 -0
- data/lib/tcell_agent/logger.rb +49 -114
- data/lib/tcell_agent/patches.rb +6 -7
- data/lib/tcell_agent/policies/appfirewall_policy.rb +26 -0
- data/lib/tcell_agent/policies/command_injection_policy.rb +28 -0
- data/lib/tcell_agent/policies/dataloss_policy.rb +44 -44
- data/lib/tcell_agent/policies/headers_policy.rb +25 -0
- data/lib/tcell_agent/policies/http_redirect_policy.rb +13 -79
- data/lib/tcell_agent/policies/js_agent_policy.rb +27 -0
- data/lib/tcell_agent/policies/local_file_access.rb +28 -0
- data/lib/tcell_agent/policies/login_policy.rb +43 -0
- data/lib/tcell_agent/policies/patches_policy.rb +27 -0
- data/lib/tcell_agent/policies/policies_manager.rb +68 -0
- data/lib/tcell_agent/policies/policy_polling.rb +58 -0
- data/lib/tcell_agent/policies/policy_types.rb +14 -0
- data/lib/tcell_agent/policies/system_enablements.rb +27 -0
- data/lib/tcell_agent/rails/auth/authlogic.rb +46 -75
- data/lib/tcell_agent/rails/auth/authlogic_helper.rb +20 -0
- data/lib/tcell_agent/rails/auth/devise.rb +100 -105
- data/lib/tcell_agent/rails/auth/devise_helper.rb +29 -0
- data/lib/tcell_agent/rails/auth/doorkeeper.rb +62 -76
- data/lib/tcell_agent/{userinfo.rb → rails/auth/userinfo.rb} +0 -0
- data/lib/tcell_agent/rails/csrf_exception.rb +2 -10
- data/lib/tcell_agent/rails/dlp.rb +35 -23
- data/lib/tcell_agent/rails/dlp_handler.rb +1 -2
- data/lib/tcell_agent/rails/js_agent_insert.rb +12 -13
- data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb +4 -25
- data/lib/tcell_agent/rails/middleware/context_middleware.rb +2 -12
- data/lib/tcell_agent/rails/middleware/global_middleware.rb +1 -2
- data/lib/tcell_agent/rails/middleware/headers_middleware.rb +14 -34
- data/lib/tcell_agent/{rails.rb → rails/railties/tcell_agent_railties.rb} +11 -16
- data/lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb +8 -0
- data/lib/tcell_agent/rails/routes.rb +10 -12
- data/lib/tcell_agent/rails/routes/grape.rb +4 -14
- data/lib/tcell_agent/rails/routes/route_id.rb +3 -1
- data/lib/tcell_agent/rails/settings_reporter.rb +23 -36
- data/lib/tcell_agent/rails/tcell_body_proxy.rb +5 -4
- data/lib/tcell_agent/rust/agent_config.rb +60 -0
- data/lib/tcell_agent/rust/{libtcellagent-alpine-1.3.2.so → libtcellagent-5.0.2.dylib} +0 -0
- data/lib/tcell_agent/rust/{libtcellagent-1.3.2.so → libtcellagent-5.0.2.so} +0 -0
- data/lib/tcell_agent/rust/libtcellagent-alpine-5.0.2.so +0 -0
- data/lib/tcell_agent/rust/models.rb +6 -52
- data/lib/tcell_agent/rust/native_agent.rb +549 -0
- data/lib/tcell_agent/rust/native_agent_response.rb +42 -0
- data/lib/tcell_agent/rust/native_library.rb +69 -0
- data/lib/tcell_agent/rust/tcellagent-5.0.2.dll +0 -0
- data/lib/tcell_agent/sensor_events/agent_setting_event.rb +12 -0
- data/lib/tcell_agent/sensor_events/{app_config.rb → app_config_setting_event.rb} +0 -6
- data/lib/tcell_agent/sensor_events/dlp.rb +2 -6
- data/lib/tcell_agent/sensor_events/sensor.rb +0 -62
- data/lib/tcell_agent/sensor_events/server_agent.rb +13 -18
- data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +0 -108
- data/lib/tcell_agent/sensor_events/util/utils.rb +0 -2
- data/lib/tcell_agent/servers/passenger.rb +1 -28
- data/lib/tcell_agent/servers/puma.rb +3 -21
- data/lib/tcell_agent/servers/rails_server.rb +1 -2
- data/lib/tcell_agent/servers/thin.rb +2 -2
- data/lib/tcell_agent/servers/unicorn.rb +19 -80
- data/lib/tcell_agent/servers/webrick.rb +1 -2
- data/lib/tcell_agent/settings_reporter.rb +11 -90
- data/lib/tcell_agent/sinatra.rb +14 -16
- data/lib/tcell_agent/tcell_context.rb +40 -14
- data/lib/tcell_agent/utils/headers.rb +14 -0
- data/lib/tcell_agent/version.rb +1 -1
- data/spec/lib/tcell_agent/configuration_spec.rb +55 -346
- data/spec/lib/tcell_agent/hooks/login_fraud_spec.rb +46 -173
- data/spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb +504 -0
- data/spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb +435 -0
- data/spec/lib/tcell_agent/instrumentation/cmdi_spec.rb +201 -0
- data/spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb +326 -0
- data/spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb +562 -0
- data/spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb +264 -0
- data/spec/lib/tcell_agent/instrumentation/lfi_spec.rb +150 -0
- data/spec/lib/tcell_agent/patches_spec.rb +25 -43
- data/spec/lib/tcell_agent/policies/appfirewall_policy_spec.rb +183 -0
- data/spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb +57 -0
- data/spec/lib/tcell_agent/policies/command_injection_policy_spec.rb +84 -773
- data/spec/lib/tcell_agent/policies/content_security_policy_spec.rb +161 -0
- data/spec/lib/tcell_agent/policies/dataloss_policy_spec.rb +9 -9
- data/spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb +243 -198
- data/spec/lib/tcell_agent/policies/js_agent_policy_spec.rb +75 -0
- data/spec/lib/tcell_agent/policies/login_policy_spec.rb +165 -33
- data/spec/lib/tcell_agent/policies/patches_policy_spec.rb +84 -277
- data/spec/lib/tcell_agent/policies/policies_manager_spec.rb +104 -0
- data/spec/lib/tcell_agent/policies/policy_polling_spec.rb +6 -0
- data/spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb +56 -0
- data/spec/lib/tcell_agent/rails/csrf_exception_spec.rb +9 -18
- data/spec/lib/tcell_agent/rails/js_agent_insert_spec.rb +13 -30
- data/spec/lib/tcell_agent/rails/logger_spec.rb +27 -7
- data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +17 -12
- data/spec/lib/tcell_agent/rails/routes/routes_spec.rb +14 -14
- data/spec/lib/tcell_agent/rust/agent_config_spec.rb +27 -0
- data/spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb +0 -35
- data/spec/lib/tcell_agent/settings_reporter_spec.rb +56 -155
- data/spec/spec_helper.rb +1 -1
- data/spec/support/builders.rb +103 -0
- data/spec/support/force_logger_mocking.rb +38 -0
- data/spec/support/resources/lfi_sample_file.txt +2 -0
- data/spec/support/static_agent_overrides.rb +0 -15
- metadata +72 -83
- data/lib/tcell_agent/agent/event_processor.rb +0 -326
- data/lib/tcell_agent/agent/fork_pipe_manager.rb +0 -113
- data/lib/tcell_agent/agent/policy_manager.rb +0 -219
- data/lib/tcell_agent/agent/policy_types.rb +0 -30
- data/lib/tcell_agent/api.rb +0 -91
- data/lib/tcell_agent/appsensor/injections_reporter.rb +0 -24
- data/lib/tcell_agent/authlogic.rb +0 -26
- data/lib/tcell_agent/config/child_process_events.rb +0 -8
- data/lib/tcell_agent/config/unknown_options.rb +0 -123
- data/lib/tcell_agent/devise.rb +0 -35
- data/lib/tcell_agent/instrumentation/cmdi/backtick.rb +0 -10
- data/lib/tcell_agent/instrumentation/cmdi/exec.rb +0 -14
- data/lib/tcell_agent/instrumentation/cmdi/popen.rb +0 -28
- data/lib/tcell_agent/instrumentation/cmdi/spawn.rb +0 -11
- data/lib/tcell_agent/instrumentation/cmdi/system.rb +0 -11
- data/lib/tcell_agent/policies/http_tx_policy.rb +0 -60
- data/lib/tcell_agent/policies/login_fraud_policy.rb +0 -45
- data/lib/tcell_agent/policies/rust_policies.rb +0 -110
- data/lib/tcell_agent/rails/on_start.rb +0 -41
- data/lib/tcell_agent/rust/libtcellagent-1.3.2.dylib +0 -0
- data/lib/tcell_agent/rust/tcellagent-1.3.2.dll +0 -0
- data/lib/tcell_agent/rust/whisperer.rb +0 -308
- data/lib/tcell_agent/sensor_events/appsensor_event.rb +0 -52
- data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +0 -45
- data/lib/tcell_agent/sensor_events/command_injection.rb +0 -75
- data/lib/tcell_agent/sensor_events/honeytokens.rb +0 -16
- data/lib/tcell_agent/sensor_events/login_fraud.rb +0 -60
- data/lib/tcell_agent/sensor_events/metrics.rb +0 -123
- data/lib/tcell_agent/sensor_events/patches.rb +0 -21
- data/lib/tcell_agent/start_background_thread.rb +0 -55
- data/lib/tcell_agent/system_info.rb +0 -11
- data/lib/tcell_agent/utils/io.rb +0 -38
- data/lib/tcell_agent/utils/passwords.rb +0 -28
- data/lib/tcell_agent/utils/queue_with_timeout.rb +0 -142
- data/spec/lib/tcell_agent/agent/fork_pipe_manager_spec.rb +0 -100
- data/spec/lib/tcell_agent/agent/policy_manager_spec.rb +0 -535
- data/spec/lib/tcell_agent/agent/static_agent_spec.rb +0 -133
- data/spec/lib/tcell_agent/api/api_spec.rb +0 -39
- data/spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb +0 -187
- data/spec/lib/tcell_agent/cmdi_spec.rb +0 -736
- data/spec/lib/tcell_agent/config/unknown_options_spec.rb +0 -213
- data/spec/lib/tcell_agent/instrumentation_spec.rb +0 -225
- data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +0 -517
- data/spec/lib/tcell_agent/policies/http_tx_policy_spec.rb +0 -22
- data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +0 -293
- data/spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb +0 -198
- data/spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb +0 -180
- data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +0 -116
- data/spec/lib/tcell_agent/rust/models_spec.rb +0 -120
- data/spec/lib/tcell_agent/rust/whisperer_spec.rb +0 -704
- data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +0 -45
- data/spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb +0 -272
- data/spec/lib/tcell_agent/utils/bounded_queue_spec.rb +0 -52
- data/spec/lib/tcell_agent/utils/passwords_spec.rb +0 -143
@@ -17,9 +17,9 @@ module TCellAgent
|
|
17
17
|
describe '.instrument_route' do
|
18
18
|
context 'with a nil route' do
|
19
19
|
it "shouldn't be reported" do
|
20
|
-
configuration = double('configuration', :
|
20
|
+
configuration = double('configuration', :should_instrument? => true)
|
21
21
|
|
22
|
-
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
22
|
+
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
23
23
|
expect(TCellAgent::Instrumentation).to_not receive(:instrument_grape_api)
|
24
24
|
expect(TCellAgent::SensorEvents::Util).to_not receive(:calculate_route_id)
|
25
25
|
|
@@ -33,7 +33,7 @@ module TCellAgent
|
|
33
33
|
stub_const('::Rails::VERSION::MAJOR', 5)
|
34
34
|
stub_const('::Rails::VERSION::MINOR', 0)
|
35
35
|
|
36
|
-
configuration = double('configuration', :
|
36
|
+
configuration = double('configuration', :should_instrument? => true)
|
37
37
|
route = double(
|
38
38
|
'route',
|
39
39
|
:path => double('path', :spec => '/regular/route'),
|
@@ -41,7 +41,7 @@ module TCellAgent
|
|
41
41
|
:app => double('app', :app => 'some_app')
|
42
42
|
)
|
43
43
|
|
44
|
-
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
44
|
+
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
45
45
|
expect(route).to receive(:verb).and_return('GET|POST').twice
|
46
46
|
expect(TCellAgent::SensorEvents::AppRoutesSensorEvent).to receive(:new).with(
|
47
47
|
'/regular/route', 'GET', '-1187510355', nil, '{}'
|
@@ -59,7 +59,7 @@ module TCellAgent
|
|
59
59
|
stub_const('::Rails::VERSION::MAJOR', 5)
|
60
60
|
stub_const('::Rails::VERSION::MINOR', 0)
|
61
61
|
|
62
|
-
configuration = double('configuration', :
|
62
|
+
configuration = double('configuration', :should_instrument? => true)
|
63
63
|
route = double(
|
64
64
|
'route',
|
65
65
|
:path => double('path', :spec => '/grape'),
|
@@ -67,7 +67,7 @@ module TCellAgent
|
|
67
67
|
:app => double('app', :app => GrapeRoute)
|
68
68
|
)
|
69
69
|
|
70
|
-
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
70
|
+
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
71
71
|
expect(route).to receive(:verb).and_return('GET|POST')
|
72
72
|
expect(TCellAgent::SensorEvents::Util).to_not receive(:calculate_route_id)
|
73
73
|
expect(TCellAgent::Instrumentation).to receive(:instrument_grape_api).with(
|
@@ -85,7 +85,7 @@ module TCellAgent
|
|
85
85
|
stub_const('::Rails::VERSION::MAJOR', 4)
|
86
86
|
stub_const('::Rails::VERSION::MINOR', 2)
|
87
87
|
|
88
|
-
configuration = double('configuration', :
|
88
|
+
configuration = double('configuration', :should_instrument? => true)
|
89
89
|
route = double(
|
90
90
|
'route',
|
91
91
|
:path => double('path', :spec => '/regular/route'),
|
@@ -94,7 +94,7 @@ module TCellAgent
|
|
94
94
|
:app => double('app', :app => 'some_app')
|
95
95
|
)
|
96
96
|
|
97
|
-
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
97
|
+
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
98
98
|
expect(TCellAgent::Instrumentation).to_not receive(:instrument_grape_api)
|
99
99
|
expect(route).to receive(:verb).and_return(/DELETE/).at_least(9)
|
100
100
|
expect(TCellAgent::SensorEvents::AppRoutesSensorEvent).to receive(:new).with(
|
@@ -110,7 +110,7 @@ module TCellAgent
|
|
110
110
|
stub_const('::Rails::VERSION::MAJOR', 4)
|
111
111
|
stub_const('::Rails::VERSION::MINOR', 2)
|
112
112
|
|
113
|
-
configuration = double('configuration', :
|
113
|
+
configuration = double('configuration', :should_instrument? => true)
|
114
114
|
route = double(
|
115
115
|
'route',
|
116
116
|
:path => double('path', :spec => '/grape'),
|
@@ -119,7 +119,7 @@ module TCellAgent
|
|
119
119
|
:app => double('app', :app => GrapeRoute)
|
120
120
|
)
|
121
121
|
|
122
|
-
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
122
|
+
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
123
123
|
expect(TCellAgent::Instrumentation).to receive(:instrument_grape_api).with(
|
124
124
|
'/grape', ['/api/grape/route']
|
125
125
|
)
|
@@ -136,7 +136,7 @@ module TCellAgent
|
|
136
136
|
stub_const('::Rails::VERSION::MAJOR', 4)
|
137
137
|
stub_const('::Rails::VERSION::MINOR', 1)
|
138
138
|
|
139
|
-
configuration = double('configuration', :
|
139
|
+
configuration = double('configuration', :should_instrument? => true)
|
140
140
|
route = double(
|
141
141
|
'route',
|
142
142
|
:path => double('path', :spec => '/regular/route'),
|
@@ -145,7 +145,7 @@ module TCellAgent
|
|
145
145
|
:app => 'some_app'
|
146
146
|
)
|
147
147
|
|
148
|
-
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
148
|
+
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
149
149
|
expect(TCellAgent::Instrumentation).to_not receive(:instrument_grape_api)
|
150
150
|
expect(route).to receive(:verb).and_return(/PUT/).at_least(9)
|
151
151
|
expect(TCellAgent::SensorEvents::AppRoutesSensorEvent).to receive(:new).with(
|
@@ -160,7 +160,7 @@ module TCellAgent
|
|
160
160
|
it 'should instrument the grape endpoint' do
|
161
161
|
stub_const('::Rails::VERSION::MAJOR', 4)
|
162
162
|
stub_const('::Rails::VERSION::MINOR', 1)
|
163
|
-
configuration = double('configuration', :
|
163
|
+
configuration = double('configuration', :should_instrument? => true)
|
164
164
|
route = double(
|
165
165
|
'route',
|
166
166
|
:path => double('path', :spec => '/grape'),
|
@@ -169,7 +169,7 @@ module TCellAgent
|
|
169
169
|
:app => GrapeRoute
|
170
170
|
)
|
171
171
|
|
172
|
-
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
172
|
+
expect(TCellAgent).to receive(:configuration).and_return(configuration)
|
173
173
|
expect(TCellAgent::Instrumentation).to receive(:instrument_grape_api).with(
|
174
174
|
'/grape', ['/api/grape/route']
|
175
175
|
)
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module TCellAgent
|
4
|
+
module Rust
|
5
|
+
describe AgentConfig do
|
6
|
+
context 'with initializers set' do
|
7
|
+
before do
|
8
|
+
TCellAgent.configure do |config|
|
9
|
+
config.app_id = 'initializer_app_id_set'
|
10
|
+
config.api_key = 'initializer_api_key_set'
|
11
|
+
config.enabled_instrumentations = { 'authlogic' => false, :devise => false, 'doorkeeper' => false }
|
12
|
+
config.hmac_key = config.app_id
|
13
|
+
end
|
14
|
+
end
|
15
|
+
it 'should return the correct values' do
|
16
|
+
config = AgentConfig.new(TCellAgent.initializer_configuration)
|
17
|
+
|
18
|
+
expect(config['agent_type']).to eq 'Ruby'
|
19
|
+
expect(config['overrides']['disabled_instrumentation']).to contain_exactly('authlogic', 'devise', 'doorkeeper')
|
20
|
+
expect(config['overrides']['applications'][0][:api_key]).to eq 'initializer_api_key_set'
|
21
|
+
expect(config['overrides']['applications'][0][:app_id]).to eq 'initializer_app_id_set'
|
22
|
+
expect(config['overrides']['applications'][0][:api_key]).to eq 'initializer_api_key_set'
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -17,41 +17,6 @@ module TCellAgent
|
|
17
17
|
TCellAgent.configuration.hmac_key = old_hmac
|
18
18
|
end
|
19
19
|
end
|
20
|
-
context 'Parsing request cookies and replacing values' do
|
21
|
-
it 'Parsing regular uri without params' do
|
22
|
-
TCellAgent.configuration.app_id = nil
|
23
|
-
original_uri = 'http://foo.com/posts'
|
24
|
-
expect_santized_uri = 'http://foo.com/posts'
|
25
|
-
expect(Util.sanitize_uri(original_uri)).to eq(expect_santized_uri)
|
26
|
-
end
|
27
|
-
it 'Parsing regular uri with regular query string' do
|
28
|
-
TCellAgent.configuration.app_id = nil
|
29
|
-
original_uri = 'http://foo.com/posts?abcd'
|
30
|
-
expect_santized_uri = 'http://foo.com/posts?abcd='
|
31
|
-
expect(Util.sanitize_uri(original_uri)).to eq(expect_santized_uri)
|
32
|
-
end
|
33
|
-
it 'Parsing uri' do
|
34
|
-
TCellAgent.configuration.app_id = nil
|
35
|
-
original_uri = 'http://foo.com/posts?id=30&limit=5#time=1305298413'
|
36
|
-
expect_santized_uri = 'http://foo.com/posts?id=61aa3630ced0e67b63a1c61e3b86f4d3&limit=89abb06a7bf0401b5911e61b68660c24#time=1305298413'
|
37
|
-
expect(Util.sanitize_uri(original_uri)).to eq(expect_santized_uri)
|
38
|
-
end
|
39
|
-
it 'returns an empty set' do
|
40
|
-
TCellAgent.configuration.app_id = nil
|
41
|
-
expect(Util.santize_request_cookie_string('ABC')).to eq('')
|
42
|
-
expect(Util.santize_request_cookie_string('abcd=')).to match('')
|
43
|
-
end
|
44
|
-
it 'parses a cookie' do
|
45
|
-
TCellAgent.configuration.app_id = nil
|
46
|
-
expect(Util.santize_request_cookie_string('x=y;z=a')).to eq('x=97cb9e2aa3ec93888b356dbcf13b280e;z=566c1a1c12ad909d628d4537e10773bf')
|
47
|
-
end
|
48
|
-
end
|
49
|
-
context 'Parsing a response set-cookie and replacing values' do
|
50
|
-
it 'sanitize a typical response set-cookie value' do
|
51
|
-
santized_string = Util.santize_response_cookie_string('name=Nicholas; expires=Sat, 02 May 2009 23:38:25 GMT; httponly')
|
52
|
-
expect(santized_string).to eq('name=beb56c04cdd764f6b7cbe6c078236aeb=; expires=Sat, 02 May 2009 23:38:25 GMT=; httponly=')
|
53
|
-
end
|
54
|
-
end
|
55
20
|
end
|
56
21
|
end
|
57
22
|
end
|
@@ -1,162 +1,63 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
1
3
|
module TCellAgent
|
2
4
|
describe '.report_settings' do
|
3
5
|
require 'tcell_agent/settings_reporter'
|
4
6
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
'group' => 'unknown'
|
60
|
-
}
|
61
|
-
)
|
62
|
-
expect(logger).to receive(:debug).with(anything).at_least(:once)
|
63
|
-
expect(TCellAgent).to receive(:send_event).with(
|
64
|
-
hash_including('event_type' => 'server_agent_packages')
|
65
|
-
) # packages event
|
66
|
-
expect(TCellAgent).to receive(:send_event).with(
|
67
|
-
{
|
68
|
-
'event_type' => 'app_config_setting',
|
69
|
-
'package' => 'tcell',
|
70
|
-
'section' => 'config',
|
71
|
-
'name' => 'native_lib_loaded',
|
72
|
-
'value' => 'true'
|
73
|
-
}
|
74
|
-
)
|
75
|
-
expect(TCellAgent).to receive(:send_event).with(
|
76
|
-
{
|
77
|
-
'event_type' => 'app_config_setting',
|
78
|
-
'package' => 'tcell',
|
79
|
-
'section' => 'config',
|
80
|
-
'name' => 'allow_payloads',
|
81
|
-
'value' => 'true'
|
82
|
-
}
|
83
|
-
)
|
84
|
-
expect(TCellAgent).to receive(:send_event).with(
|
85
|
-
{
|
86
|
-
'event_type' => 'app_config_setting',
|
87
|
-
'package' => 'tcell',
|
88
|
-
'section' => 'config',
|
89
|
-
'name' => 'reverse_proxy',
|
90
|
-
'value' => 'true'
|
91
|
-
}
|
92
|
-
)
|
93
|
-
expect(TCellAgent).to receive(:send_event).with(
|
94
|
-
{
|
95
|
-
'event_type' => 'app_config_setting',
|
96
|
-
'package' => 'tcell',
|
97
|
-
'section' => 'config',
|
98
|
-
'name' => 'config_filename',
|
99
|
-
'value' => 'config-filename'
|
100
|
-
}
|
101
|
-
)
|
102
|
-
expect(TCellAgent).to receive(:send_event).with(
|
103
|
-
{
|
104
|
-
'event_type' => 'app_config_setting',
|
105
|
-
'package' => 'tcell',
|
106
|
-
'section' => 'config',
|
107
|
-
'name' => 'logging_directory',
|
108
|
-
'value' => 'agent-log-dir'
|
109
|
-
}
|
110
|
-
)
|
111
|
-
expect(TCellAgent).to receive(:send_event).with(
|
112
|
-
{
|
113
|
-
'event_type' => 'app_config_setting',
|
114
|
-
'package' => 'tcell',
|
115
|
-
'section' => 'config',
|
116
|
-
'name' => 'agent_home_directory',
|
117
|
-
'value' => 'agent-home-dir'
|
118
|
-
}
|
119
|
-
)
|
120
|
-
expect(TCellAgent).to receive(:send_event).with(
|
121
|
-
{
|
122
|
-
'event_type' => 'app_config_setting',
|
123
|
-
'package' => 'tcell',
|
124
|
-
'section' => 'config',
|
125
|
-
'name' => 'agent_home_owner',
|
126
|
-
'value' => ''
|
127
|
-
}
|
128
|
-
)
|
129
|
-
expect(TCellAgent).to receive(:send_event).with(
|
130
|
-
{
|
131
|
-
'event_type' => 'app_config_setting',
|
132
|
-
'package' => 'tcell',
|
133
|
-
'section' => 'config',
|
134
|
-
'name' => 'logging_enabled',
|
135
|
-
'value' => 'true'
|
136
|
-
}
|
137
|
-
)
|
138
|
-
expect(TCellAgent).to receive(:send_event).with(
|
139
|
-
{
|
140
|
-
'event_type' => 'app_config_setting',
|
141
|
-
'package' => 'tcell',
|
142
|
-
'section' => 'config',
|
143
|
-
'name' => 'logging_level',
|
144
|
-
'value' => 'INFO'
|
145
|
-
}
|
146
|
-
)
|
147
|
-
expect(TCellAgent).to receive(:send_event).with(
|
148
|
-
{
|
149
|
-
'event_type' => 'app_config_setting',
|
150
|
-
'package' => 'tcell',
|
151
|
-
'section' => 'config',
|
152
|
-
'name' => 'reverse_proxy_ip_address_header',
|
153
|
-
'value' => ''
|
154
|
-
}
|
155
|
-
)
|
156
|
-
|
157
|
-
TCellAgent.report_settings(true)
|
158
|
-
end
|
159
|
-
end
|
7
|
+
it 'should not report all the settings' do
|
8
|
+
logger = double('logger')
|
9
|
+
configuration = double('configuration',
|
10
|
+
:enabled => true,
|
11
|
+
:should_instrument? => true,
|
12
|
+
:logger => logger,
|
13
|
+
:allow_payloads => true,
|
14
|
+
:reverse_proxy => true,
|
15
|
+
:reverse_proxy_ip_address_header => nil,
|
16
|
+
:log_filename => 'log-filename',
|
17
|
+
:agent_log_dir => 'agent-log-dir',
|
18
|
+
:agent_home_dir => 'agent-home-dir',
|
19
|
+
:agent_home_owner => nil,
|
20
|
+
:log_tag => nil,
|
21
|
+
:logging_options => {
|
22
|
+
},
|
23
|
+
:hmac_key => nil)
|
24
|
+
|
25
|
+
expect(TCellAgent).to receive(:configuration).and_return(
|
26
|
+
configuration
|
27
|
+
).at_least(:once)
|
28
|
+
expect(TCellAgent).to receive(:logger).and_return(logger).at_least(:once)
|
29
|
+
expect(Thread).to receive(:new).and_yield
|
30
|
+
expect(logger).to receive(:debug).with('TCellAgent::SensorEvents::ServerAgentDetailsSensorEvent', 'User unknown')
|
31
|
+
expect(logger).to receive(:debug).with('TCellAgent::SensorEvents::ServerAgentDetailsSensorEvent', 'Group unknown')
|
32
|
+
expect(TCellAgent).to receive(:send_event).with(
|
33
|
+
{
|
34
|
+
'event_type' => 'server_agent_details',
|
35
|
+
'user' => 'unknown',
|
36
|
+
'group' => 'unknown'
|
37
|
+
}
|
38
|
+
)
|
39
|
+
expect(logger).to receive(:debug).with(anything, anything).at_least(:once)
|
40
|
+
expect(TCellAgent).to receive(:send_event).with(
|
41
|
+
hash_including('event_type' => 'server_agent_packages')
|
42
|
+
) # packages event
|
43
|
+
expect(TCellAgent).to receive(:send_event).with(
|
44
|
+
{
|
45
|
+
'event_type' => 'server_agent_details',
|
46
|
+
'language' => 'Ruby',
|
47
|
+
'language_version' => RUBY_VERSION
|
48
|
+
}
|
49
|
+
)
|
50
|
+
expect(TCellAgent).to receive(:send_event).with(
|
51
|
+
{
|
52
|
+
'event_type' => 'app_config_setting',
|
53
|
+
'package' => 'tcell',
|
54
|
+
'section' => 'config',
|
55
|
+
'name' => 'native_lib_loaded',
|
56
|
+
'value' => 'true'
|
57
|
+
}
|
58
|
+
)
|
59
|
+
|
60
|
+
TCellAgent.report_settings
|
160
61
|
end
|
161
62
|
end
|
162
63
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -2,6 +2,7 @@ require 'rspec'
|
|
2
2
|
require 'rails'
|
3
3
|
require 'webmock/rspec'
|
4
4
|
require 'fork_break'
|
5
|
+
require 'rack/request'
|
5
6
|
|
6
7
|
if ENV['COVERAGE']
|
7
8
|
require 'simplecov'
|
@@ -10,7 +11,6 @@ end
|
|
10
11
|
|
11
12
|
ENV['TCELL_AGENT_SERVER'] = 'mock'
|
12
13
|
require File.join(File.dirname(__FILE__), '..', 'lib', 'tcell_agent')
|
13
|
-
require File.join(File.dirname(__FILE__), '..', 'lib', 'tcell_agent', 'rails') if defined?(Rails)
|
14
14
|
|
15
15
|
Dir[File.join(File.dirname(__FILE__), 'support', '**', '*.rb')].each { |f| require f }
|
16
16
|
|
@@ -0,0 +1,103 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'tcell_agent/config_initializer'
|
3
|
+
|
4
|
+
module TCellAgent
|
5
|
+
module Tests
|
6
|
+
class ConfigurationBuilder
|
7
|
+
def initialize
|
8
|
+
@configuration = TCellAgent::ConfigInitializer.new
|
9
|
+
@configuration.fetch_policies_from_tcell = false
|
10
|
+
@configuration.max_csp_header_bytes = nil
|
11
|
+
@configuration.app_id = 'TestAppId-AppId'
|
12
|
+
@configuration.api_key = 'TestAppId-AppId'
|
13
|
+
@configuration.tcell_api_url = 'https://api.tcell-preview.io/agents/api/v1'
|
14
|
+
@configuration.tcell_input_url = 'https://input.tcell-preview.io/api/v1'
|
15
|
+
@configuration.hmac_key = nil
|
16
|
+
@configuration.password_hmac_key = nil
|
17
|
+
@configuration.allow_payloads = true
|
18
|
+
@configuration.js_agent_api_base_url = @configuration.tcell_api_url
|
19
|
+
@configuration.js_agent_url = 'https://jsagent.tcell.io/tcellagent.min.js'
|
20
|
+
@configuration.cache_dir = nil
|
21
|
+
@configuration.agent_log_dir = 'tcell/logs'
|
22
|
+
@configuration.logging_options = { :enabled => false }
|
23
|
+
@configuration.host_identifier = 'python-test-suite'
|
24
|
+
@configuration.reverse_proxy_ip_address_header = 'X-Forwarded-For'
|
25
|
+
end
|
26
|
+
|
27
|
+
def update_attribute(attribute, setting)
|
28
|
+
@configuration.send("#{attribute}=", setting)
|
29
|
+
|
30
|
+
self
|
31
|
+
end
|
32
|
+
|
33
|
+
def build
|
34
|
+
@configuration
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
class TCellContextBuilder
|
39
|
+
def initialize
|
40
|
+
@tcell_context = TCellAgent::Instrumentation::TCellData.new
|
41
|
+
@tcell_context.session_id = 'session-id'
|
42
|
+
@tcell_context.user_id = 'user-id'
|
43
|
+
@tcell_context.user_agent = 'user-agent'
|
44
|
+
@tcell_context.remote_address = '127.0.0.1'
|
45
|
+
@tcell_context.transaction_id = nil
|
46
|
+
@tcell_context.route_id = 'route-id'
|
47
|
+
@tcell_context.path = '/some/path'
|
48
|
+
@tcell_context.fullpath = '/some/path?hide-my-value=sensitive'
|
49
|
+
@tcell_context.uri = 'http://domain.com/some/path?hide-my-value=sensitive'
|
50
|
+
@tcell_context.patches_blocking_triggered = false
|
51
|
+
@tcell_context.request_method = 'GET'
|
52
|
+
@tcell_context.referrer = 'http://domain.com/home?_utm=some-value'
|
53
|
+
end
|
54
|
+
|
55
|
+
def update_attribute(attribute, setting)
|
56
|
+
@tcell_context.send("#{attribute}=", setting)
|
57
|
+
|
58
|
+
self
|
59
|
+
end
|
60
|
+
|
61
|
+
def build
|
62
|
+
@tcell_context
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
class MetaDataBuilder
|
67
|
+
def initialize
|
68
|
+
@meta_data = TCellAgent::MetaData.new(
|
69
|
+
'GET',
|
70
|
+
'127.0.0.1',
|
71
|
+
'route-id',
|
72
|
+
'session-id',
|
73
|
+
'user-id',
|
74
|
+
SecureRandom.uuid,
|
75
|
+
'http://domain.com/some/path?hide-my-value=sensitive'
|
76
|
+
)
|
77
|
+
|
78
|
+
@meta_data.path = '/some/path'
|
79
|
+
@meta_data.request_content_bytes_len = 0
|
80
|
+
@meta_data.response_content_bytes_len = 0
|
81
|
+
@meta_data.response_code = 0
|
82
|
+
@meta_data.user_agent = 'user-agent'
|
83
|
+
@meta_data.get_dict = {}
|
84
|
+
@meta_data.cookie_dict = {}
|
85
|
+
@meta_data.headers_dict = {}
|
86
|
+
@meta_data.post_dict = {}
|
87
|
+
@meta_data.path_parameters = {}
|
88
|
+
request = Rack::Request.new({ 'CONTENT_TYPE' => 'text/html', 'rack.input' => {} })
|
89
|
+
@meta_data.set_parameter_dicts(request)
|
90
|
+
end
|
91
|
+
|
92
|
+
def update_attribute(attribute, setting)
|
93
|
+
@meta_data.send("#{attribute}=", setting)
|
94
|
+
|
95
|
+
self
|
96
|
+
end
|
97
|
+
|
98
|
+
def build
|
99
|
+
@meta_data
|
100
|
+
end
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|