tcell_agent 1.1.12 → 2.2.0

data/lib/tcell_agent/rails/on_start.rb

@@ -1,41 +0,0 @@
-# See the file "LICENSE" for the full license governing this code.
-
-# require 'tcell_agent/authlogic' if defined?(Authlogic)
-
-require 'rails'
-
-require 'tcell_agent/configuration'
-
-require 'tcell_agent/rails/routes'
-require 'tcell_agent/rails/dlp/process_request'
-
-TCellAgent::Instrumentation::Rails.send_language_info
-TCellAgent::Instrumentation::Rails.send_framework_info
-
-if Rails.application
-  if TCellAgent.configuration.enabled && TCellAgent.configuration.should_instrument?
-    TCellAgent::Instrumentation::Rails.send_settings(Rails.application)
-  end
-
-else
-  module TCellAgent
-    class MyRailtie < Rails::Railtie
-      initializer 'activeservice.autoload', :after => :set_autoload_paths do |_app|
-        Rails.application.config.to_prepare do
-          require 'tcell_agent/devise' if defined?(Devise)
-          require 'tcell_agent/rails/auth/devise' if defined?(Devise)
-          require 'tcell_agent/authlogic' if defined?(Authlogic)
-          require 'tcell_agent/rails/auth/authlogic' if defined?(Authlogic)
-          require 'tcell_agent/rails/auth/doorkeeper'
-        end
-
-        # TODO: will this get run ever?
-        if TCellAgent.configuration.enabled
-          Rails.application.config.after_initialize do
-            TCellAgent::Instrumentation::Rails.send_settings(Rails.application)
-          end
-        end
-      end
-    end
-  end
-end

data/lib/tcell_agent/rust/whisperer.rb

@@ -1,308 +0,0 @@
-require 'tcell_agent/rust/models'
-require 'tcell_agent/logger'
-
-module TCellAgent
-  module Rust
-    require 'ffi'
-
-    module Wrapper
-      extend FFI::Library
-
-      VERSION = '1.3.2'.freeze
-      prefix = 'lib'
-      extension = '.so'
-      variant = ''
-      if /cygwin|mswin|mingw|bccwin|wince|emx/ =~ RUBY_PLATFORM
-        extension = '.dll'
-        prefix = ''
-      elsif /darwin/ =~ RUBY_PLATFORM
-        extension = '.dylib'
-      elsif /musl/ =~ RUBY_PLATFORM
-        variant = 'alpine-'
-      end
-
-      begin
-        ffi_lib File.join(File.dirname(__FILE__),
-                          "#{prefix}tcellagent-#{variant}#{VERSION}#{extension}")
-
-        # All the rust library calls have the following response api:
-        #
-        # result [int]: 0+ length of buffer_out answer
-        #               -1 general error
-        #               -2 buffer_out is not big enough for response
-        #               -3 buffer_out is null
-
-        attach_function :create_agent, %i[pointer size_t pointer size_t], :int
-        attach_function :free_agent, [:pointer], :int
-        attach_function :update_policies, %i[pointer pointer size_t pointer size_t], :int
-        attach_function :appfirewall_apply, %i[pointer pointer size_t pointer size_t], :int
-        attach_function :patches_apply, %i[pointer pointer size_t pointer size_t], :int
-        attach_function :cmdi_apply, %i[pointer pointer size_t pointer size_t], :int
-        attach_function :get_headers, %i[pointer pointer size_t pointer size_t], :int
-        attach_function :get_js_agent_script_tag, %i[pointer pointer size_t pointer size_t], :int
-
-        def self.common_lib_available?
-          true
-        end
-      rescue LoadError => load_error
-        puts "tCell.io Failed to load common agent library. #{load_error.message}"
-        TCellAgent.logger.error("Failed to load common agent library. #{load_error.message}")
-        TCellAgent.logger.debug(load_error.backtrace)
-
-        def self.common_lib_available? # rubocop:disable Lint/DuplicateMethods
-          false
-        end
-      end
-    end
-
-    module Whisperer
-      def self.convert_result(function_called, result_size, result)
-        if result_size < 0
-          TCellAgent.logger.error(
-            "Error response from `#{function_called}` in native library: #{result_size}"
-          )
-        else
-          begin
-            response = JSON.parse(result.get_string(0, result_size))
-            if response['error']
-              TCellAgent.logger.error("#{function_called} returned an error: #{response['error']}")
-              response = {}
-            end
-
-            return response
-          rescue JSON::ParserError
-            # don't log the actual error since it might contain payload information
-            TCellAgent.logger.error(
-              "Could not parse json response from `#{function_called}` in native library."
-            )
-          end
-        end
-
-        {}
-      end
-
-      def self.create_agent
-        if TCellAgent::Rust::Wrapper.common_lib_available?
-          agent_config = {
-            'skip_logger' => true,
-            'application' => {
-              'app_id' => TCellAgent.configuration.app_id,
-              'api_key' =>  TCellAgent.configuration.api_key,
-              'allow_payloads' => !!TCellAgent.configuration.allow_payloads, # rubocop:disable Style/DoubleNegation
-              'js_agent_api_base_url' => TCellAgent.configuration.js_agent_api_base_url,
-              'js_agent_url' => TCellAgent.configuration.js_agent_url
-            },
-            'appfirewall' => {
-              'enable_body_xxe_inspection' => true,
-              'enable_body_json_inspection' => true,
-              'allow_log_payloads' => true
-            },
-            'policy_versions' => {
-              'patches' => 1,
-              'login' => 1,
-              'appsensor' => 2,
-              'regex' => 1,
-              'csp-headers' => 1,
-              'http-redirect' => 1,
-              'clickjacking' => 1,
-              'secure-headers' => 1,
-              'canaries' => 1,
-              'dlp' => 1,
-              'cmdi' => 1,
-              'jsagentinjection' => 1
-            },
-            'max_header_size' => TCellAgent.configuration.max_csp_header_bytes || (1024 * 1024)
-          }
-          config_pointer = FFI::MemoryPointer.from_string(
-            JSON.dump(agent_config)
-          )
-
-          buf = FFI::MemoryPointer.new(:uint8, 1024 * 8)
-          # config_pointer.size - 1: strips null terminator
-          result_size = TCellAgent::Rust::Wrapper.create_agent(
-            config_pointer, config_pointer.size - 1, buf, buf.size
-          )
-          return convert_result('create_agent', result_size, buf)
-        end
-
-        {}
-      end
-
-      def self.free_agent(agent_ptr)
-        if TCellAgent::Rust::Wrapper.common_lib_available? &&
-           agent_ptr
-          TCellAgent::Rust::Wrapper.free_agent(
-            FFI::Pointer.new(agent_ptr)
-          )
-        end
-      end
-
-      def self.update_policies(agent_ptr, policies)
-        if TCellAgent::Rust::Wrapper.common_lib_available? &&
-           agent_ptr &&
-           TCellAgent::Utils::Strings.present?(policies)
-          policies_pointer = FFI::MemoryPointer.from_string(
-            JSON.dump(policies)
-          )
-
-          buf = FFI::MemoryPointer.new(:uint8, 1024 * 8)
-          # policies_pointer.size - 1: strips null terminator
-          result_size = TCellAgent::Rust::Wrapper.update_policies(
-            FFI::Pointer.new(agent_ptr),
-            policies_pointer,
-            policies_pointer.size - 1,
-            buf,
-            buf.size
-          )
-          return convert_result('update_policies', result_size, buf)
-        end
-
-        {}
-      end
-
-      def self.apply_appfirewall(agent_ptr, appsensor_meta)
-        if TCellAgent::Rust::Wrapper.common_lib_available? &&
-           agent_ptr &&
-           appsensor_meta
-          request_response_json = TCellAgent::Rust::Models.create_request_response(
-            appsensor_meta
-          )
-          request_response_pointer = FFI::MemoryPointer.from_string(
-            JSON.dump(request_response_json)
-          )
-
-          buf = FFI::MemoryPointer.new(:uint8, 1024 * 32)
-          # request_response_pointer.size - 1: strips null terminator
-          result_size = TCellAgent::Rust::Wrapper.appfirewall_apply(
-            FFI::Pointer.new(agent_ptr),
-            request_response_pointer,
-            request_response_pointer.size - 1,
-            buf,
-            buf.size
-          )
-          return convert_result('apply_appfirewall', result_size, buf)
-        end
-
-        {}
-      end
-
-      def self.apply_patches(agent_ptr, appsensor_meta)
-        if TCellAgent::Rust::Wrapper.common_lib_available? &&
-           agent_ptr &&
-           appsensor_meta
-          patches_request_json = TCellAgent::Rust::Models.create_patches_request(
-            appsensor_meta
-          )
-          patches_request_pointer = FFI::MemoryPointer.from_string(
-            JSON.dump(patches_request_json)
-          )
-
-          buf = FFI::MemoryPointer.new(:uint8, 1024 * 32)
-          # patches_request_pointer.size - 1: strips null terminator
-          result_size = TCellAgent::Rust::Wrapper.patches_apply(
-            FFI::Pointer.new(agent_ptr),
-            patches_request_pointer,
-            patches_request_pointer.size - 1,
-            buf,
-            buf.size
-          )
-          return convert_result('apply_patches', result_size, buf)
-        end
-
-        {}
-      end
-
-      def self.apply_cmdi(agent_ptr, command, tcell_context)
-        if TCellAgent::Rust::Wrapper.common_lib_available? &&
-           agent_ptr &&
-           TCellAgent::Utils::Strings.present?(command)
-          method = tcell_context && tcell_context.request_method
-          path = tcell_context && tcell_context.path
-          command_info = {
-            'command' => command,
-            'method' => method,
-            'path' => path
-          }
-          command_pointer = FFI::MemoryPointer.from_string(
-            JSON.dump(command_info)
-          )
-
-          buf = FFI::MemoryPointer.new(:uint8, 1024 * 32)
-          # patches_request_pointer.size - 1: strips null terminator
-          result_size = TCellAgent::Rust::Wrapper.cmdi_apply(
-            FFI::Pointer.new(agent_ptr),
-            command_pointer,
-            command_pointer.size - 1,
-            buf,
-            buf.size
-          )
-          return convert_result('apply_cmdi', result_size, buf)
-        end
-
-        {}
-      end
-
-      def self.get_headers(agent_ptr, tcell_context)
-        if TCellAgent::Rust::Wrapper.common_lib_available? &&
-           agent_ptr &&
-           tcell_context
-          method = tcell_context.request_method
-          path = tcell_context.path
-          route_id = tcell_context.route_id
-          session_id = tcell_context.hmac_session_id
-          headers_request = {
-            :method => method,
-            :path => path,
-            :route_id => route_id && route_id.to_s,
-            :session_id => session_id && session_id.to_s
-          }
-          headers_request_pointer = FFI::MemoryPointer.from_string(
-            JSON.dump(headers_request)
-          )
-
-          buf = FFI::MemoryPointer.new(:uint8, 1024 * 16)
-          # patches_request_pointer.size - 1: strips null terminator
-          result_size = TCellAgent::Rust::Wrapper.get_headers(
-            FFI::Pointer.new(agent_ptr),
-            headers_request_pointer,
-            headers_request_pointer.size - 1,
-            buf,
-            buf.size
-          )
-          return convert_result('get_headers', result_size, buf)
-        end
-
-        {}
-      end
-
-      def self.get_js_agent_script_tag(agent_ptr, tcell_context)
-        if TCellAgent::Rust::Wrapper.common_lib_available? &&
-           agent_ptr &&
-           tcell_context
-          method = tcell_context.request_method
-          path = tcell_context.path
-          jsagent_request = {
-            :method => method,
-            :path => path
-          }
-          jsagent_request_pointer = FFI::MemoryPointer.from_string(
-            JSON.dump(jsagent_request)
-          )
-
-          buf = FFI::MemoryPointer.new(:uint8, 1024 * 8)
-          # patches_request_pointer.size - 1: strips null terminator
-          result_size = TCellAgent::Rust::Wrapper.get_js_agent_script_tag(
-            FFI::Pointer.new(agent_ptr),
-            jsagent_request_pointer,
-            jsagent_request_pointer.size - 1,
-            buf,
-            buf.size
-          )
-          return convert_result('get_js_agent_script_tag', result_size, buf)
-        end
-
-        {}
-      end
-    end
-  end
-end

data/lib/tcell_agent/sensor_events/appsensor_event.rb

@@ -1,52 +0,0 @@
-require 'tcell_agent/sensor_events/sensor'
-
-module TCellAgent
-  module SensorEvents
-    class TCellAppSensorEvent < TCellSensorEvent
-      def initialize(location,
-                     detection_point,
-                     method,
-                     remote_address,
-                     param,
-                     route_id,
-                     meta,
-                     hmac_session_id,
-                     user_id,
-                     payload,
-                     pattern,
-                     full_uri)
-        super('as')
-        self['dp'] = detection_point
-
-        self['param'] = param.to_s if param
-        self['m'] = method.to_s if method
-        self['pattern'] = pattern if pattern
-        self['meta'] = meta if meta
-        self['rid'] = route_id.to_s if route_id
-        self['full_uri'] = full_uri if full_uri
-        self['uri'] = location if location
-        self['uid'] = user_id.to_s if user_id
-        self['sid'] = hmac_session_id if hmac_session_id
-        self['remote_addr'] = remote_address.to_s if remote_address
-        self['payload'] = payload if payload
-      end
-
-      def self.build_from_native_lib_event(event)
-        TCellAppSensorEvent.new(
-          event['uri'],
-          event['detection_point'],
-          event['method'],
-          event['remote_address'],
-          event['parameter'],
-          event['route_id'],
-          event['meta'],
-          event['session_id'],
-          event['user_id'],
-          event['payload'],
-          event['pattern'],
-          event['full_uri']
-        )
-      end
-    end
-  end
-end

data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb

@@ -1,45 +0,0 @@
-require 'tcell_agent/agent'
-require 'tcell_agent/agent/policy_types'
-require 'tcell_agent/tcell_context'
-require 'tcell_agent/sensor_events/sensor'
-
-module TCellAgent
-  module SensorEvents
-    class AppSensorMetaEvent < TCellAgent::SensorEvents::TCellSensorEvent
-      class << self
-        def build(request, response_content_length, response_code, response_headers)
-          meta_data = TCellAgent::MetaData.from_request(request)
-
-          tcell_context = request.env[TCellAgent::Instrumentation::TCELL_ID]
-          meta_data.csrf_exception_name = tcell_context.csrf_exception_name
-          meta_data.user_agent = tcell_context.user_agent
-          meta_data.path_parameters = tcell_context.path_parameters
-          meta_data.sql_exceptions = tcell_context.sql_exceptions
-          meta_data.database_result_sizes = tcell_context.database_result_sizes
-
-          meta_data.response_content_bytes_len = response_content_length
-
-          meta_data.response_code = response_code
-          meta_data.response_headers = response_headers
-
-          AppSensorMetaEvent.new(meta_data)
-        end
-      end
-
-      attr_accessor :meta_data
-
-      def initialize(meta_data)
-        @send = false
-
-        @meta_data = meta_data
-      end
-
-      def post_process
-        rust_policies = TCellAgent.policy(TCellAgent::PolicyTypes::RUST)
-        return unless rust_policies
-
-        rust_policies.check_appfirewall_injections(@meta_data)
-      end
-    end
-  end
-end