RubyGems - tcell_agent - Versions diffs - 1.1.12 → 2.2.0 - Mend

tcell_agent 1.1.12 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

checksums.yaml +5 -5
data/bin/tcell_agent +45 -137
data/lib/tcell_agent.rb +12 -14
data/lib/tcell_agent/agent.rb +108 -97
data/lib/tcell_agent/agent/route_manager.rb +0 -16
data/lib/tcell_agent/agent/static_agent.rb +9 -30
data/lib/tcell_agent/config_initializer.rb +66 -0
data/lib/tcell_agent/configuration.rb +69 -345
data/lib/tcell_agent/hooks/login_fraud.rb +30 -33
data/lib/tcell_agent/instrument_servers.rb +23 -0
data/lib/tcell_agent/instrumentation.rb +12 -10
data/lib/tcell_agent/instrumentation/cmdi.rb +29 -25
data/lib/tcell_agent/instrumentation/lfi.rb +84 -0
data/lib/tcell_agent/instrumentation/monkey_patches/file.rb +25 -0
data/lib/tcell_agent/instrumentation/monkey_patches/io.rb +131 -0
data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb +102 -0
data/lib/tcell_agent/logger.rb +49 -114
data/lib/tcell_agent/patches.rb +6 -7
data/lib/tcell_agent/policies/appfirewall_policy.rb +26 -0
data/lib/tcell_agent/policies/command_injection_policy.rb +28 -0
data/lib/tcell_agent/policies/dataloss_policy.rb +44 -44
data/lib/tcell_agent/policies/headers_policy.rb +25 -0
data/lib/tcell_agent/policies/http_redirect_policy.rb +13 -79
data/lib/tcell_agent/policies/js_agent_policy.rb +27 -0
data/lib/tcell_agent/policies/local_file_access.rb +28 -0
data/lib/tcell_agent/policies/login_policy.rb +43 -0
data/lib/tcell_agent/policies/patches_policy.rb +27 -0
data/lib/tcell_agent/policies/policies_manager.rb +68 -0
data/lib/tcell_agent/policies/policy_polling.rb +58 -0
data/lib/tcell_agent/policies/policy_types.rb +14 -0
data/lib/tcell_agent/policies/system_enablements.rb +27 -0
data/lib/tcell_agent/rails/auth/authlogic.rb +46 -75
data/lib/tcell_agent/rails/auth/authlogic_helper.rb +20 -0
data/lib/tcell_agent/rails/auth/devise.rb +100 -105
data/lib/tcell_agent/rails/auth/devise_helper.rb +29 -0
data/lib/tcell_agent/rails/auth/doorkeeper.rb +62 -76
data/lib/tcell_agent/{userinfo.rb → rails/auth/userinfo.rb} +0 -0
data/lib/tcell_agent/rails/csrf_exception.rb +2 -10
data/lib/tcell_agent/rails/dlp.rb +35 -23
data/lib/tcell_agent/rails/dlp_handler.rb +1 -2
data/lib/tcell_agent/rails/js_agent_insert.rb +12 -13
data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb +4 -25
data/lib/tcell_agent/rails/middleware/context_middleware.rb +2 -12
data/lib/tcell_agent/rails/middleware/global_middleware.rb +1 -2
data/lib/tcell_agent/rails/middleware/headers_middleware.rb +14 -34
data/lib/tcell_agent/{rails.rb → rails/railties/tcell_agent_railties.rb} +11 -16
data/lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb +8 -0
data/lib/tcell_agent/rails/routes.rb +10 -12
data/lib/tcell_agent/rails/routes/grape.rb +4 -14
data/lib/tcell_agent/rails/routes/route_id.rb +3 -1
data/lib/tcell_agent/rails/settings_reporter.rb +23 -36
data/lib/tcell_agent/rails/tcell_body_proxy.rb +5 -4
data/lib/tcell_agent/rust/agent_config.rb +60 -0
data/lib/tcell_agent/rust/{libtcellagent-alpine-1.3.2.so → libtcellagent-5.0.2.dylib} +0 -0
data/lib/tcell_agent/rust/{libtcellagent-1.3.2.so → libtcellagent-5.0.2.so} +0 -0
data/lib/tcell_agent/rust/libtcellagent-alpine-5.0.2.so +0 -0
data/lib/tcell_agent/rust/models.rb +6 -52
data/lib/tcell_agent/rust/native_agent.rb +549 -0
data/lib/tcell_agent/rust/native_agent_response.rb +42 -0
data/lib/tcell_agent/rust/native_library.rb +69 -0
data/lib/tcell_agent/rust/tcellagent-5.0.2.dll +0 -0
data/lib/tcell_agent/sensor_events/agent_setting_event.rb +12 -0
data/lib/tcell_agent/sensor_events/{app_config.rb → app_config_setting_event.rb} +0 -6
data/lib/tcell_agent/sensor_events/dlp.rb +2 -6
data/lib/tcell_agent/sensor_events/sensor.rb +0 -62
data/lib/tcell_agent/sensor_events/server_agent.rb +13 -18
data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +0 -108
data/lib/tcell_agent/sensor_events/util/utils.rb +0 -2
data/lib/tcell_agent/servers/passenger.rb +1 -28
data/lib/tcell_agent/servers/puma.rb +3 -21
data/lib/tcell_agent/servers/rails_server.rb +1 -2
data/lib/tcell_agent/servers/thin.rb +2 -2
data/lib/tcell_agent/servers/unicorn.rb +19 -80
data/lib/tcell_agent/servers/webrick.rb +1 -2
data/lib/tcell_agent/settings_reporter.rb +11 -90
data/lib/tcell_agent/sinatra.rb +14 -16
data/lib/tcell_agent/tcell_context.rb +40 -14
data/lib/tcell_agent/utils/headers.rb +14 -0
data/lib/tcell_agent/version.rb +1 -1
data/spec/lib/tcell_agent/configuration_spec.rb +55 -346
data/spec/lib/tcell_agent/hooks/login_fraud_spec.rb +46 -173
data/spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb +504 -0
data/spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb +435 -0
data/spec/lib/tcell_agent/instrumentation/cmdi_spec.rb +201 -0
data/spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb +326 -0
data/spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb +562 -0
data/spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb +264 -0
data/spec/lib/tcell_agent/instrumentation/lfi_spec.rb +150 -0
data/spec/lib/tcell_agent/patches_spec.rb +25 -43
data/spec/lib/tcell_agent/policies/appfirewall_policy_spec.rb +183 -0
data/spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb +57 -0
data/spec/lib/tcell_agent/policies/command_injection_policy_spec.rb +84 -773
data/spec/lib/tcell_agent/policies/content_security_policy_spec.rb +161 -0
data/spec/lib/tcell_agent/policies/dataloss_policy_spec.rb +9 -9
data/spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb +243 -198
data/spec/lib/tcell_agent/policies/js_agent_policy_spec.rb +75 -0
data/spec/lib/tcell_agent/policies/login_policy_spec.rb +165 -33
data/spec/lib/tcell_agent/policies/patches_policy_spec.rb +84 -277
data/spec/lib/tcell_agent/policies/policies_manager_spec.rb +104 -0
data/spec/lib/tcell_agent/policies/policy_polling_spec.rb +6 -0
data/spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb +56 -0
data/spec/lib/tcell_agent/rails/csrf_exception_spec.rb +9 -18
data/spec/lib/tcell_agent/rails/js_agent_insert_spec.rb +13 -30
data/spec/lib/tcell_agent/rails/logger_spec.rb +27 -7
data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +17 -12
data/spec/lib/tcell_agent/rails/routes/routes_spec.rb +14 -14
data/spec/lib/tcell_agent/rust/agent_config_spec.rb +27 -0
data/spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb +0 -35
data/spec/lib/tcell_agent/settings_reporter_spec.rb +56 -155
data/spec/spec_helper.rb +1 -1
data/spec/support/builders.rb +103 -0
data/spec/support/force_logger_mocking.rb +38 -0
data/spec/support/resources/lfi_sample_file.txt +2 -0
data/spec/support/static_agent_overrides.rb +0 -15
metadata +72 -83
data/lib/tcell_agent/agent/event_processor.rb +0 -326
data/lib/tcell_agent/agent/fork_pipe_manager.rb +0 -113
data/lib/tcell_agent/agent/policy_manager.rb +0 -219
data/lib/tcell_agent/agent/policy_types.rb +0 -30
data/lib/tcell_agent/api.rb +0 -91
data/lib/tcell_agent/appsensor/injections_reporter.rb +0 -24
data/lib/tcell_agent/authlogic.rb +0 -26
data/lib/tcell_agent/config/child_process_events.rb +0 -8
data/lib/tcell_agent/config/unknown_options.rb +0 -123
data/lib/tcell_agent/devise.rb +0 -35
data/lib/tcell_agent/instrumentation/cmdi/backtick.rb +0 -10
data/lib/tcell_agent/instrumentation/cmdi/exec.rb +0 -14
data/lib/tcell_agent/instrumentation/cmdi/popen.rb +0 -28
data/lib/tcell_agent/instrumentation/cmdi/spawn.rb +0 -11
data/lib/tcell_agent/instrumentation/cmdi/system.rb +0 -11
data/lib/tcell_agent/policies/http_tx_policy.rb +0 -60
data/lib/tcell_agent/policies/login_fraud_policy.rb +0 -45
data/lib/tcell_agent/policies/rust_policies.rb +0 -110
data/lib/tcell_agent/rails/on_start.rb +0 -41
data/lib/tcell_agent/rust/libtcellagent-1.3.2.dylib +0 -0
data/lib/tcell_agent/rust/tcellagent-1.3.2.dll +0 -0
data/lib/tcell_agent/rust/whisperer.rb +0 -308
data/lib/tcell_agent/sensor_events/appsensor_event.rb +0 -52
data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +0 -45
data/lib/tcell_agent/sensor_events/command_injection.rb +0 -75
data/lib/tcell_agent/sensor_events/honeytokens.rb +0 -16
data/lib/tcell_agent/sensor_events/login_fraud.rb +0 -60
data/lib/tcell_agent/sensor_events/metrics.rb +0 -123
data/lib/tcell_agent/sensor_events/patches.rb +0 -21
data/lib/tcell_agent/start_background_thread.rb +0 -55
data/lib/tcell_agent/system_info.rb +0 -11
data/lib/tcell_agent/utils/io.rb +0 -38
data/lib/tcell_agent/utils/passwords.rb +0 -28
data/lib/tcell_agent/utils/queue_with_timeout.rb +0 -142
data/spec/lib/tcell_agent/agent/fork_pipe_manager_spec.rb +0 -100
data/spec/lib/tcell_agent/agent/policy_manager_spec.rb +0 -535
data/spec/lib/tcell_agent/agent/static_agent_spec.rb +0 -133
data/spec/lib/tcell_agent/api/api_spec.rb +0 -39
data/spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb +0 -187
data/spec/lib/tcell_agent/cmdi_spec.rb +0 -736
data/spec/lib/tcell_agent/config/unknown_options_spec.rb +0 -213
data/spec/lib/tcell_agent/instrumentation_spec.rb +0 -225
data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +0 -517
data/spec/lib/tcell_agent/policies/http_tx_policy_spec.rb +0 -22
data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +0 -293
data/spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb +0 -198
data/spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb +0 -180
data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +0 -116
data/spec/lib/tcell_agent/rust/models_spec.rb +0 -120
data/spec/lib/tcell_agent/rust/whisperer_spec.rb +0 -704
data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +0 -45
data/spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb +0 -272
data/spec/lib/tcell_agent/utils/bounded_queue_spec.rb +0 -52
data/spec/lib/tcell_agent/utils/passwords_spec.rb +0 -143

data/spec/support/force_logger_mocking.rb ADDED

@@ -0,0 +1,38 @@
+# These modules create a logger and cache it as a class variable.
+# This is an issue in tests when you want to mock out the logger
+# because the cached logger will hold on to the mock object
+# from tests across rspec tests which will result in this message:
+#
+# <Double "logger"> was originally created in one example
+# but has leaked into another example and can no longer
+# be used. rspec-mocks' doubles are designed to only last
+# for one example, and you need to create a new one in each
+# example you wish to use it for.module TCellAgent
+#
+# These overrides will force you to mock out these specific
+# method calls by raising an exception if they are not mocked
+module TCellAgent
+  module Instrumentation
+    def self.get_safe_block_logger
+      raise StandardError, 'It is in your best interest to mock this method in specs'
+    end
+  end
+end
+module TCellAgent
+  module Hooks
+    module LoginFraud
+      def self.get_logger
+        raise StandardError, 'It is in your best interest to mock this method in specs'
+      end
+    end
+  end
+end
+module TCellAgent
+  module DLP
+    def self.get_dlp_logger
+      raise StandardError, 'It is in your best interest to mock this method in specs'
+    end
+  end
+end

data/spec/support/resources/lfi_sample_file.txt ADDED

	@@ -0,0 +1,2 @@
1	+ This is line one.
2	+ This is line two.

data/spec/support/static_agent_overrides.rb CHANGED

@@ -10,7 +10,6 @@ module TCellAgent
   end
   def self.send_event(event)
-    event.post_process
     @@spec_event_queue.push(event)
   end
@@ -18,20 +17,6 @@ module TCellAgent
     self.thread_agent = thread_agent
   end
-  def self.queue_metric(event)
-    thread_agent._queue_metric(event)
-  end
-  def self.increment_session_info(hmac_session_id, user_id, ip_address, user_agent)
-    thread_agent.increment_session_info(hmac_session_id, user_id, ip_address, user_agent)
-  end
-  def self.increment_route(route_id, response_time)
-    thread_agent.increment_route(route_id, response_time)
-  end
-  def self.ensure_event_processor_running; end
   class TCellApi
     def send_event_set(_events)
       puts 'Send Events'

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tcell_agent
 version: !ruby/object:Gem::Version
-  version: 1.1.12
+  version: 2.2.0
 platform: ruby
 authors:
 - Rafael
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-10-22 00:00:00.000000000 Z
+date: 2020-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -109,39 +109,40 @@ files:
 - bin/tcell_agent
 - lib/tcell_agent.rb
 - lib/tcell_agent/agent.rb
-- lib/tcell_agent/agent/event_processor.rb
-- lib/tcell_agent/agent/fork_pipe_manager.rb
-- lib/tcell_agent/agent/policy_manager.rb
-- lib/tcell_agent/agent/policy_types.rb
 - lib/tcell_agent/agent/route_manager.rb
 - lib/tcell_agent/agent/static_agent.rb
-- lib/tcell_agent/api.rb
-- lib/tcell_agent/appsensor/injections_reporter.rb
-- lib/tcell_agent/authlogic.rb
-- lib/tcell_agent/config/child_process_events.rb
-- lib/tcell_agent/config/unknown_options.rb
+- lib/tcell_agent/config_initializer.rb
 - lib/tcell_agent/configuration.rb
-- lib/tcell_agent/devise.rb
 - lib/tcell_agent/hooks/login_fraud.rb
+- lib/tcell_agent/instrument_servers.rb
 - lib/tcell_agent/instrumentation.rb
 - lib/tcell_agent/instrumentation/cmdi.rb
-- lib/tcell_agent/instrumentation/cmdi/backtick.rb
-- lib/tcell_agent/instrumentation/cmdi/exec.rb
-- lib/tcell_agent/instrumentation/cmdi/popen.rb
-- lib/tcell_agent/instrumentation/cmdi/spawn.rb
-- lib/tcell_agent/instrumentation/cmdi/system.rb
+- lib/tcell_agent/instrumentation/lfi.rb
+- lib/tcell_agent/instrumentation/monkey_patches/file.rb
+- lib/tcell_agent/instrumentation/monkey_patches/io.rb
+- lib/tcell_agent/instrumentation/monkey_patches/kernel.rb
 - lib/tcell_agent/logger.rb
 - lib/tcell_agent/patches.rb
+- lib/tcell_agent/policies/appfirewall_policy.rb
+- lib/tcell_agent/policies/command_injection_policy.rb
 - lib/tcell_agent/policies/dataloss_policy.rb
+- lib/tcell_agent/policies/headers_policy.rb
 - lib/tcell_agent/policies/http_redirect_policy.rb
-- lib/tcell_agent/policies/http_tx_policy.rb
-- lib/tcell_agent/policies/login_fraud_policy.rb
+- lib/tcell_agent/policies/js_agent_policy.rb
+- lib/tcell_agent/policies/local_file_access.rb
+- lib/tcell_agent/policies/login_policy.rb
+- lib/tcell_agent/policies/patches_policy.rb
+- lib/tcell_agent/policies/policies_manager.rb
 - lib/tcell_agent/policies/policy.rb
-- lib/tcell_agent/policies/rust_policies.rb
-- lib/tcell_agent/rails.rb
+- lib/tcell_agent/policies/policy_polling.rb
+- lib/tcell_agent/policies/policy_types.rb
+- lib/tcell_agent/policies/system_enablements.rb
 - lib/tcell_agent/rails/auth/authlogic.rb
+- lib/tcell_agent/rails/auth/authlogic_helper.rb
 - lib/tcell_agent/rails/auth/devise.rb
+- lib/tcell_agent/rails/auth/devise_helper.rb
 - lib/tcell_agent/rails/auth/doorkeeper.rb
+- lib/tcell_agent/rails/auth/userinfo.rb
 - lib/tcell_agent/rails/better_ip.rb
 - lib/tcell_agent/rails/csrf_exception.rb
 - lib/tcell_agent/rails/dlp.rb
@@ -152,7 +153,8 @@ files:
 - lib/tcell_agent/rails/middleware/context_middleware.rb
 - lib/tcell_agent/rails/middleware/global_middleware.rb
 - lib/tcell_agent/rails/middleware/headers_middleware.rb
-- lib/tcell_agent/rails/on_start.rb
+- lib/tcell_agent/rails/railties/tcell_agent_railties.rb
+- lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb
 - lib/tcell_agent/rails/responses.rb
 - lib/tcell_agent/rails/routes.rb
 - lib/tcell_agent/rails/routes/grape.rb
@@ -160,22 +162,19 @@ files:
 - lib/tcell_agent/rails/settings_reporter.rb
 - lib/tcell_agent/rails/tcell_body_proxy.rb
 - lib/tcell_agent/routes/table.rb
-- lib/tcell_agent/rust/libtcellagent-1.3.2.dylib
-- lib/tcell_agent/rust/libtcellagent-1.3.2.so
-- lib/tcell_agent/rust/libtcellagent-alpine-1.3.2.so
+- lib/tcell_agent/rust/agent_config.rb
+- lib/tcell_agent/rust/libtcellagent-5.0.2.dylib
+- lib/tcell_agent/rust/libtcellagent-5.0.2.so
+- lib/tcell_agent/rust/libtcellagent-alpine-5.0.2.so
 - lib/tcell_agent/rust/models.rb
-- lib/tcell_agent/rust/tcellagent-1.3.2.dll
-- lib/tcell_agent/rust/whisperer.rb
-- lib/tcell_agent/sensor_events/app_config.rb
-- lib/tcell_agent/sensor_events/appsensor_event.rb
-- lib/tcell_agent/sensor_events/appsensor_meta_event.rb
-- lib/tcell_agent/sensor_events/command_injection.rb
+- lib/tcell_agent/rust/native_agent.rb
+- lib/tcell_agent/rust/native_agent_response.rb
+- lib/tcell_agent/rust/native_library.rb
+- lib/tcell_agent/rust/tcellagent-5.0.2.dll
+- lib/tcell_agent/sensor_events/agent_setting_event.rb
+- lib/tcell_agent/sensor_events/app_config_setting_event.rb
 - lib/tcell_agent/sensor_events/discovery.rb
 - lib/tcell_agent/sensor_events/dlp.rb
-- lib/tcell_agent/sensor_events/honeytokens.rb
-- lib/tcell_agent/sensor_events/login_fraud.rb
-- lib/tcell_agent/sensor_events/metrics.rb
-- lib/tcell_agent/sensor_events/patches.rb
 - lib/tcell_agent/sensor_events/sensor.rb
 - lib/tcell_agent/sensor_events/server_agent.rb
 - lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb
@@ -188,63 +187,56 @@ files:
 - lib/tcell_agent/servers/webrick.rb
 - lib/tcell_agent/settings_reporter.rb
 - lib/tcell_agent/sinatra.rb
-- lib/tcell_agent/start_background_thread.rb
-- lib/tcell_agent/system_info.rb
 - lib/tcell_agent/tcell_context.rb
-- lib/tcell_agent/userinfo.rb
-- lib/tcell_agent/utils/io.rb
+- lib/tcell_agent/utils/headers.rb
 - lib/tcell_agent/utils/params.rb
-- lib/tcell_agent/utils/passwords.rb
-- lib/tcell_agent/utils/queue_with_timeout.rb
 - lib/tcell_agent/utils/strings.rb
 - lib/tcell_agent/version.rb
-- spec/lib/tcell_agent/agent/fork_pipe_manager_spec.rb
-- spec/lib/tcell_agent/agent/policy_manager_spec.rb
-- spec/lib/tcell_agent/agent/static_agent_spec.rb
-- spec/lib/tcell_agent/api/api_spec.rb
-- spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb
-- spec/lib/tcell_agent/cmdi_spec.rb
-- spec/lib/tcell_agent/config/unknown_options_spec.rb
 - spec/lib/tcell_agent/configuration_spec.rb
 - spec/lib/tcell_agent/hooks/login_fraud_spec.rb
-- spec/lib/tcell_agent/instrumentation_spec.rb
+- spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
+- spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
+- spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
+- spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb
+- spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb
+- spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb
+- spec/lib/tcell_agent/instrumentation/lfi_spec.rb
 - spec/lib/tcell_agent/patches_spec.rb
-- spec/lib/tcell_agent/policies/appsensor_policy_spec.rb
+- spec/lib/tcell_agent/policies/appfirewall_policy_spec.rb
+- spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb
 - spec/lib/tcell_agent/policies/command_injection_policy_spec.rb
+- spec/lib/tcell_agent/policies/content_security_policy_spec.rb
 - spec/lib/tcell_agent/policies/dataloss_policy_spec.rb
 - spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb
-- spec/lib/tcell_agent/policies/http_tx_policy_spec.rb
+- spec/lib/tcell_agent/policies/js_agent_policy_spec.rb
 - spec/lib/tcell_agent/policies/login_policy_spec.rb
 - spec/lib/tcell_agent/policies/patches_policy_spec.rb
+- spec/lib/tcell_agent/policies/policies_manager_spec.rb
+- spec/lib/tcell_agent/policies/policy_polling_spec.rb
+- spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb
 - spec/lib/tcell_agent/rails/better_ip_spec.rb
 - spec/lib/tcell_agent/rails/csrf_exception_spec.rb
 - spec/lib/tcell_agent/rails/dlp_spec.rb
 - spec/lib/tcell_agent/rails/js_agent_insert_spec.rb
 - spec/lib/tcell_agent/rails/logger_spec.rb
-- spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb
-- spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb
-- spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb
-- spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb
 - spec/lib/tcell_agent/rails/responses_spec.rb
 - spec/lib/tcell_agent/rails/routes/grape_spec.rb
 - spec/lib/tcell_agent/rails/routes/route_id_spec.rb
 - spec/lib/tcell_agent/rails/routes/routes_spec.rb
 - spec/lib/tcell_agent/rails_spec.rb
-- spec/lib/tcell_agent/rust/models_spec.rb
-- spec/lib/tcell_agent/rust/whisperer_spec.rb
-- spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb
+- spec/lib/tcell_agent/rust/agent_config_spec.rb
 - spec/lib/tcell_agent/sensor_events/dlp_spec.rb
-- spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb
 - spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
 - spec/lib/tcell_agent/settings_reporter_spec.rb
 - spec/lib/tcell_agent/tcell_context_spec.rb
-- spec/lib/tcell_agent/utils/bounded_queue_spec.rb
 - spec/lib/tcell_agent/utils/params_spec.rb
-- spec/lib/tcell_agent/utils/passwords_spec.rb
 - spec/lib/tcell_agent/utils/strings_spec.rb
 - spec/spec_helper.rb
+- spec/support/builders.rb
+- spec/support/force_logger_mocking.rb
 - spec/support/middleware_helper.rb
+- spec/support/resources/lfi_sample_file.txt
 - spec/support/resources/normal_config.json
 - spec/support/static_agent_overrides.rb
 - tcell_agent.gemspec
@@ -269,58 +261,55 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.5.2.3
+rubygems_version: 3.0.3
 signing_key:
 specification_version: 4
 summary: tCell.io Agent for Rails
 test_files:
-- spec/lib/tcell_agent/agent/fork_pipe_manager_spec.rb
-- spec/lib/tcell_agent/agent/policy_manager_spec.rb
-- spec/lib/tcell_agent/agent/static_agent_spec.rb
-- spec/lib/tcell_agent/api/api_spec.rb
-- spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb
-- spec/lib/tcell_agent/cmdi_spec.rb
-- spec/lib/tcell_agent/config/unknown_options_spec.rb
 - spec/lib/tcell_agent/configuration_spec.rb
 - spec/lib/tcell_agent/hooks/login_fraud_spec.rb
-- spec/lib/tcell_agent/instrumentation_spec.rb
+- spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
+- spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
+- spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
+- spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb
+- spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb
+- spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb
+- spec/lib/tcell_agent/instrumentation/lfi_spec.rb
 - spec/lib/tcell_agent/patches_spec.rb
-- spec/lib/tcell_agent/policies/appsensor_policy_spec.rb
+- spec/lib/tcell_agent/policies/appfirewall_policy_spec.rb
+- spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb
 - spec/lib/tcell_agent/policies/command_injection_policy_spec.rb
+- spec/lib/tcell_agent/policies/content_security_policy_spec.rb
 - spec/lib/tcell_agent/policies/dataloss_policy_spec.rb
 - spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb
-- spec/lib/tcell_agent/policies/http_tx_policy_spec.rb
+- spec/lib/tcell_agent/policies/js_agent_policy_spec.rb
 - spec/lib/tcell_agent/policies/login_policy_spec.rb
 - spec/lib/tcell_agent/policies/patches_policy_spec.rb
+- spec/lib/tcell_agent/policies/policies_manager_spec.rb
+- spec/lib/tcell_agent/policies/policy_polling_spec.rb
+- spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb
 - spec/lib/tcell_agent/rails/better_ip_spec.rb
 - spec/lib/tcell_agent/rails/csrf_exception_spec.rb
 - spec/lib/tcell_agent/rails/dlp_spec.rb
 - spec/lib/tcell_agent/rails/js_agent_insert_spec.rb
 - spec/lib/tcell_agent/rails/logger_spec.rb
-- spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb
-- spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb
-- spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb
-- spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb
 - spec/lib/tcell_agent/rails/responses_spec.rb
 - spec/lib/tcell_agent/rails/routes/grape_spec.rb
 - spec/lib/tcell_agent/rails/routes/route_id_spec.rb
 - spec/lib/tcell_agent/rails/routes/routes_spec.rb
 - spec/lib/tcell_agent/rails_spec.rb
-- spec/lib/tcell_agent/rust/models_spec.rb
-- spec/lib/tcell_agent/rust/whisperer_spec.rb
-- spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb
+- spec/lib/tcell_agent/rust/agent_config_spec.rb
 - spec/lib/tcell_agent/sensor_events/dlp_spec.rb
-- spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb
 - spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
 - spec/lib/tcell_agent/settings_reporter_spec.rb
 - spec/lib/tcell_agent/tcell_context_spec.rb
-- spec/lib/tcell_agent/utils/bounded_queue_spec.rb
 - spec/lib/tcell_agent/utils/params_spec.rb
-- spec/lib/tcell_agent/utils/passwords_spec.rb
 - spec/lib/tcell_agent/utils/strings_spec.rb
 - spec/spec_helper.rb
+- spec/support/builders.rb
+- spec/support/force_logger_mocking.rb
 - spec/support/middleware_helper.rb
+- spec/support/resources/lfi_sample_file.txt
 - spec/support/resources/normal_config.json
 - spec/support/static_agent_overrides.rb

data/lib/tcell_agent/agent/event_processor.rb DELETED

@@ -1,326 +0,0 @@
-# See the file "LICENSE" for the full license governing this code.
-require 'tcell_agent/logger'
-require 'tcell_agent/version'
-require 'tcell_agent/api'
-require 'tcell_agent/configuration'
-require 'tcell_agent/policies/http_tx_policy'
-require 'tcell_agent/policies/http_redirect_policy'
-require 'tcell_agent/sensor_events/server_agent'
-require 'tcell_agent/sensor_events/metrics'
-require 'tcell_agent/utils/queue_with_timeout'
-require 'tcell_agent/agent/fork_pipe_manager'
-require 'tcell_agent/agent/static_agent'
-require 'net/http'
-require 'thread'
-require 'logger'
-require 'json'
-module TCellAgent
-  class Agent # rubocop:disable Metrics/ClassLength
-    # cmdi events are special because they can be triggered very easily by running any shell command.
-    # Startup scripts are likely to run shell commands. It's not a good idea to startup the event
-    # processor before worker processses are forked, so the safest thing to do is let a different
-    # event start the event processor to avoid deadlocking worker processes.
-    def safe_to_send_cmdi_events?
-      event_processor_running?
-    end
-    def ensure_event_processor_running
-      if event_processor_running?
-        TCellAgent.logger.debug('[Agent::ensure_event_processor_running] Event processor already running, no need to start')
-        return
-      end
-      if TCellAgent.configuration.should_start_event_manager? == false
-        TCellAgent.logger.debug('[Agent::ensure_event_processor_running] TCellAgent.configuration.should_start_event_manager? is false, no need to start')
-        return
-      end
-      @worker_mutex.synchronize do
-        return if event_processor_running?
-        initialize_processor_variables if parent_process? == false
-        start_event_processor
-      end
-    end
-    def event_processor_running?
-      if TCellAgent::Agent.parent_process? == false
-        TCellAgent.logger.debug('[Agent::event_processor_running?] Not a parent process, so returning true')
-        return true
-      end
-      @event_processor_thread && @event_processor_thread.alive?
-    end
-    def stop_event_processor
-      TCellAgent.logger.debug('Stopping event processor thread')
-      @event_processor_thread.exit if @event_processor_thread && @event_processor_thread.alive?
-    end
-    def send_dispatch_events(tapi)
-      events_to_send = []
-      @event_dispatch_monitor.synchronize do
-        events_to_send = @dispatch_events
-        @dispatch_events = []
-      end
-      unless @response_time_table.empty?
-        metrics_event = TCellAgent::SensorEvents::MetricsEvent.new
-        metrics_event.set_route_count_table(@response_time_table)
-        events_to_send.push(metrics_event)
-        @mutex.synchronize do
-          @response_time_table = {}
-        end
-      end
-      if @sessions_metrics.sessions?
-        sessions_to_send = []
-        @sessions_metrics_mutex.synchronize do
-          sessions_to_send = @sessions_metrics
-          @sessions_metrics = TCellAgent::SensorEvents::SessionsMetric.new
-        end
-        events_to_send.push(sessions_to_send)
-      end
-      return if tapi.send_event_set(events_to_send)
-      ensured_events = events_to_send.find_all { |item| item.ensure == true }
-      @event_dispatch_monitor.synchronize do
-        @dispatch_events.push(*ensured_events)
-      end
-    end
-    def start_event_processor(send_empties = true)
-      return if TCellAgent.configuration.should_start_event_manager? == false
-      if TCellAgent.configuration.should_start_event_manager_in_child_processes?
-        TCellAgent.logger.debug('Enabling event manager in child processes')
-        require('tcell_agent/config/child_process_events')
-      end
-      if TCellAgent::Agent.parent_process? == false
-        TCellAgent.logger.debug('[Agent::start_event_processor] Not a parent process, so not starting event processor thread')
-        return
-      end
-      TCellAgent.logger.debug('[Agent::start_event_processor] Starting event processor thread')
-      @events_send_empties = send_empties
-      Thread.abort_on_exception = true
-      @event_processor_thread = Thread.new do
-        begin
-          tapi = TCellApi.new
-          last_run_time = Time.now
-          loop do
-            begin
-              begin
-                now = Time.now
-                wait_for = @dispatch_events_timeout - (now - last_run_time).to_i.abs
-                event = @event_queue.pop([wait_for, 1].max)
-                if event.nil?
-                  if @events_send_empties || !@dispatch_events.empty?
-                    last_run_time = Time.now
-                    send_dispatch_events(tapi)
-                  end
-                else
-                  event.post_process
-                  if event.send == true
-                    @event_dispatch_monitor.synchronize do
-                      @dispatch_events.push(event)
-                    end
-                  end
-                  if event.flush || @dispatch_events.length >= @dispatch_events_limit || wait_for < 0
-                    last_run_time = Time.now
-                    send_dispatch_events(tapi)
-                  end
-                end
-              rescue ThreadError => te
-                TCellAgent.logger.error("ThreadError while processing events: #{te.message}")
-                TCellAgent.logger.debug(te.backtrace)
-                last_run_time = Time.now
-                @event_dispatch_monitor.synchronize do
-                  @dispatch_events = []
-                end
-              end
-            rescue TCellAgent::ConfigurationException
-              Thread.exit
-            rescue StandardError => e
-              last_run_time = Time.now
-              TCellAgent.logger.error("Exception while processing events: #{e.message}")
-              TCellAgent.logger.debug(e.backtrace)
-              @event_dispatch_monitor.synchronize do
-                @dispatch_events = []
-              end
-            end
-          end
-        rescue StandardError => xyz
-          TCellAgent.logger.error("Exception while starting processor: #{xyz.message}")
-          TCellAgent.logger.debug(xyz.backtrace)
-        end
-      end
-    end
-    def ensure_fork_event_thread_running
-      TCellAgent.logger.debug('[Agent::ensure_fork_event_thread_running] Ensuring the fork event thread is running')
-      return if event_fork_thread_running?
-      @fork_event_thread_mutex.synchronize do
-        return if event_fork_thread_running?
-        start_fork_event_thread
-      end
-    end
-    def event_fork_thread_running?
-      if TCellAgent::Agent.parent_process?
-        TCellAgent.logger.debug('[Agent::event_fork_thread_running?] Parent process, so returning true')
-        return true
-      end
-      @fork_event_thread && @fork_event_thread.alive?
-    end
-    def start_fork_event_thread
-      TCellAgent.logger.debug('[Agent::start_fork_event_thread] Starting event fork thread')
-      @fork_event_thread = Thread.new do
-        loop do
-          begin
-            event = @fork_event_queue.pop
-            if event.send
-              TCellAgent::Agent.send_to_event_pipe(event)
-            else
-              event.post_process
-            end
-          rescue StandardError => e
-            TCellAgent.logger.error("Exception while processing (forked) events: #{e.message}")
-            TCellAgent.logger.debug(e.backtrace)
-          end
-        end
-      end
-    end
-    def queue_forked_event(event)
-      ensure_fork_event_thread_running
-      if @fork_event_queue.length > 100
-        TCellAgent.logger.debug('Dropping (forked) event because queue full')
-        return
-      end
-      @fork_event_queue.push(event)
-    rescue StandardError => queue_exception
-      TCellAgent.logger.debug("Could not add (forked) event #{queue_exception.message}")
-      TCellAgent.logger.debug(queue_exception.backtrace)
-    end
-    def ensure_metrics_event_thread_running
-      return if event_metrics_thread_running?
-      @metrics_event_thread_mutex.synchronize do
-        return if event_metrics_thread_running?
-        start_metrics_event_thread
-      end
-    end
-    def event_metrics_thread_running?
-      return true if TCellAgent::Agent.parent_process?
-      @metrics_event_thread && @metrics_event_thread.alive?
-    end
-    def stop_metrics_event_thread
-      TCellAgent.logger.debug('Stopping metrics event thread')
-      @metrics_event_thread.exit if @metrics_event_thread && @metrics_event_thread.alive?
-    end
-    def start_metrics_event_thread
-      return if TCellAgent.configuration.should_consume_event? == false
-      @metrics_event_thread = Thread.new do
-        loop do
-          begin
-            event = @metrics_event_queue.pop
-            TCellAgent::Agent.send_to_metrics_pipe(event)
-          rescue StandardError => e
-            TCellAgent.logger.error("Exception while processing (forked) metrics: #{e.message}")
-            TCellAgent.logger.debug(e.backtrace)
-          end
-        end
-      end
-    end
-    def _queue_metric(event)
-      return unless TCellAgent.configuration.should_consume_event?
-      begin
-        ensure_metrics_event_thread_running
-        if @metrics_event_queue.length > 100
-          TCellAgent.logger.debug('Dropping (forked) metric because queue full')
-          return
-        end
-        @metrics_event_queue.push(event)
-      rescue StandardError => queue_exception
-        TCellAgent.logger.debug("Could not add (forked) metric #{queue_exception.message}")
-        TCellAgent.logger.debug(queue_exception.backtrace)
-      end
-    end
-    def queue_sensor_event(event)
-      return unless TCellAgent.configuration.should_consume_event?
-      if TCellAgent::Agent.parent_process? == false
-        queue_forked_event(event)
-        return
-      end
-      begin
-        ensure_event_processor_running
-        @event_queue_monitor.synchronize do
-          @event_queue.push(event, 10)
-        end
-      rescue StandardError => queue_exception
-        TCellAgent.logger.debug("Dropping event because queue full #{queue_exception.message}")
-        TCellAgent.logger.debug(queue_exception.backtrace)
-      end
-    end
-    def increment_session_info(hmac_session_id, user_id, ip_address, user_agent)
-      TCellAgent::Instrumentation.safe_block('Incrementing session info') do
-        if TCellAgent::Agent.parent_process? == false
-          TCellAgent.queue_metric(
-            '_type' => 'increment_session_info',
-            'hmac_session_id' => hmac_session_id,
-            'user_id' => user_id,
-            'ip_address' => ip_address,
-            'user_agent' => user_agent
-          )
-          return
-        end
-        @sessions_metrics_mutex.synchronize do
-          @sessions_metrics.add_session_info(hmac_session_id, user_id, ip_address, user_agent)
-        end
-        if @sessions_metrics.flush
-          TCellAgent.send_event(TCellAgent::SensorEvents::FlushDummyEvent.new)
-        end
-      end
-    end
-    def increment_route(route_id, response_time)
-      TCellAgent::Instrumentation.safe_block('Incrementing route') do
-        if TCellAgent::Agent.parent_process? == false
-          TCellAgent.queue_metric(
-            '_type' => 'increment_route',
-            'route_id' => route_id,
-            'response_time' => response_time
-          )
-          return
-        end
-        @mutex.synchronize do
-          route_id = '?' if route_id.nil? || route_id == ''
-          @response_time_table[route_id] = @response_time_table.fetch(route_id, {})
-          @response_time_table[route_id]['c'] = @response_time_table[route_id].fetch('c', 0) + 1
-          @response_time_table[route_id]['mx'] = [@response_time_table[route_id].fetch('mx', 0), response_time].max
-          @response_time_table[route_id]['mn'] = [@response_time_table[route_id].fetch('mn', response_time), response_time].min
-          @response_time_table[route_id]['t'] = ((@response_time_table[route_id].fetch('t', 0) * (@response_time_table[route_id]['c'] - 1)) + response_time) / @response_time_table[route_id]['c']
-        end
-      end
-    end
-  end
-end