tcell_agent 2.1.1 → 2.4.0

data/lib/tcell_agent/config/unknown_options.rb

@@ -1,119 +0,0 @@
-require 'set'
-
-module TCellAgent
-  module Config
-    module Validate
-      def self.get_unknown_options(config_json)
-        messages = []
-
-        known_tcell_env_vars = Set.new(
-          [
-            'TCELL_AGENT_SERVER', # this is only meant for specs
-            'TCELL_AGENT_APP_ID',
-            'TCELL_AGENT_API_KEY',
-            'TCELL_HMAC_KEY',
-            'TCELL_PASSWORD_HMAC_KEY',
-            'TCELL_AGENT_HOST_IDENTIFIER',
-            'TCELL_API_URL',
-            'TCELL_INPUT_URL',
-            'TCELL_DEMOMODE',
-            'TCELL_AGENT_HOME',
-            'TCELL_AGENT_LOG_DIR',
-            'TCELL_AGENT_CONFIG',
-            'TCELL_AGENT_ALLOW_PAYLOADS',
-            'TCELL_AGENT_LOG_LEVEL',
-            'TCELL_AGENT_LOG_FILENAME',
-            'TCELL_AGENT_LOG_ENABLED'
-          ]
-        )
-
-        ENV.keys.each do |environment_key|
-          if environment_key =~ /^TCELL_/ && !known_tcell_env_vars.include?(environment_key)
-            messages << "Unrecognized environment parameter (TCELL_*) found: #{environment_key}"
-          end
-        end
-
-        begin
-          key_differences = []
-
-          if config_json
-            first_level_keys = %w[version applications]
-
-            key_differences = config_json.keys - first_level_keys
-
-            applications = config_json.fetch('applications', nil)
-            if applications
-
-              if applications.size > 1
-                messages << 'Multiple applications detected in config file'
-
-              elsif applications.size == 1
-                application = applications[0]
-
-                second_level_keys = %w[
-                  name
-                  app_id
-                  api_key
-                  fetch_policies_from_tcell
-                  preload_policy_filename
-                  log_dir
-                  tcell_api_url
-                  tcell_input_url
-                  host_identifier
-                  hipaaSafeMode
-                  hmac_key
-                  password_hmac_key
-                  js_agent_api_base_url
-                  js_agent_url
-                  max_csp_header_bytes
-                  event_batch_size_limit
-                  allow_payloads
-                  reverse_proxy
-                  reverse_proxy_ip_address_header
-                  demomode
-                  logging_options
-                  data_exposure
-                  disable_all
-                  enabled
-                  enable_event_manager
-                  enable_policy_polling
-                  enable_instrumentation
-                  enable_intercept_requests
-                  instrument_for_events
-                  enabled_instrumentations
-                  stdout_logger
-                ]
-
-                key_differences += (application.keys - second_level_keys)
-
-                if application.fetch('logging_options', nil)
-                  logging_options = application['logging_options']
-                  key_differences += (logging_options.keys - %w[enabled level filename])
-                end
-
-                if application.fetch('data_exposure', nil)
-                  data_exposure = application['data_exposure']
-                  key_differences += (data_exposure.keys - ['max_data_ex_db_records_per_request'])
-                end
-
-                if application.fetch('enabled_instrumentations', nil)
-                  enabled_instrumentations = application['enabled_instrumentations']
-                  key_differences += (enabled_instrumentations.keys - %w[doorkeeper devise authlogic])
-                end
-              end
-            end
-
-            key_differences.each do |key|
-              messages << "Unrecognized config setting key: #{key}"
-            end
-
-          end
-        rescue StandardError => exception
-          messages << "Something went wrong verifying config file: #{exception}"
-        end
-
-        messages
-      end
-    end
-  end
-end

data/lib/tcell_agent/devise.rb

@@ -1,33 +0,0 @@
-if TCellAgent.configuration.should_instrument_devise? && defined?(Devise)
-  require 'devise'
-  require 'devise/rails'
-  require 'devise/strategies/database_authenticatable'
-  require 'tcell_agent/userinfo'
-
-  module TCellAgent
-    if defined?(Devise)
-      TCellAgent::UserInformation.class_eval do
-        class << self
-          alias_method :original_get_user_from_request, :get_user_from_request
-          def get_user_from_request(request)
-            orig_user_id = original_get_user_from_request(request)
-            begin
-              if request.session && request.session.key?('warden.user.user.key')
-                userkey = request.session['warden.user.user.key']
-                user_id = if userkey.length == 2
-                            userkey[0][0]
-                          else
-                            userkey[1][0]
-                          end
-                return user_id.to_s if user_id.is_a? Integer
-              end
-            rescue StandardError
-              return orig_user_id
-            end
-            orig_user_id
-          end
-        end
-      end
-    end
-  end
-end

data/lib/tcell_agent/instrumentation/monkey_patches/file.rb

@@ -1,25 +0,0 @@
-class File
-  class << self
-    alias_method :tcell_original_new, :new
-    def new(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      tcell_original_new(*args, &block)
-    end
-
-    alias_method :tcell_original_open, :open
-    def open(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      tcell_original_open(*args, &block)
-    end
-  end
-end

data/lib/tcell_agent/instrumentation/monkey_patches/io.rb

@@ -1,131 +0,0 @@
-class IO
-  class << self
-    alias_method :tcell_original_binread, :binread
-    def binread(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-
-      if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      if path.empty?
-        cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-        if cmd && TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-
-      tcell_original_binread(*args, &block)
-    end
-
-    alias_method :tcell_original_binwrite, :binwrite
-    def binwrite(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Write'
-
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      tcell_original_binwrite(*args, &block)
-    end
-
-    alias_method :tcell_original_foreach, :foreach
-    def foreach(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Read'
-
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      tcell_original_foreach(*args, &block)
-    end
-
-    alias_method :tcell_original_popen, :popen
-    def popen(*args, &block)
-      unless args.empty?
-        cmd = ''
-
-        TCellAgent::Instrumentation.safe_block('CMDI Parsing popen *args') do
-          args_copy = Array.new(args)
-          args_copy.shift if args_copy.first.is_a?(Hash)
-          args_copy.pop if args_copy.last.is_a?(Hash)
-
-          cmd = if args_copy.first.is_a?(String)
-                  args_copy.shift
-                else
-                  TCellAgent::Cmdi.parse_command(*args_copy.shift)
-                end
-        end
-
-        if TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-
-      tcell_original_popen(*args, &block)
-    end
-
-    alias_method :tcell_original_read, :read
-    def read(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Read'
-
-      if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      if path.empty?
-        cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-        if cmd && TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-
-      tcell_original_read(*args, &block)
-    end
-
-    alias_method :tcell_original_readlines, :readlines
-    def readlines(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Read'
-
-      if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      if path.empty?
-        cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-        if cmd && TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-
-      tcell_original_readlines(*args, &block)
-    end
-
-    alias_method :tcell_original_sysopen, :sysopen
-    def sysopen(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      tcell_original_sysopen(*args, &block)
-    end
-
-    alias_method :tcell_original_write, :write
-    def write(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Write'
-
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      tcell_original_write(*args, &block)
-    end
-  end
-end

data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb

@@ -1,163 +0,0 @@
-module Kernel
-  class << self
-    alias_method :tcell_original_1_open, :open
-    def open(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-
-      if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      if path.empty?
-        cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-        if cmd && TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-
-      tcell_original_1_open(*args, &block)
-    end
-
-    alias_method :tcell_original_1_gets, :gets
-    def gets(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
-
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      tcell_original_1_gets(*args, &block)
-    end
-
-    alias_method :tcell_original_readline, :readline
-    def readline(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
-
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-
-      tcell_original_readline(*args, &block)
-    end
-
-    alias_method :tcell_original_1_spawn, :spawn
-    def spawn(*args)
-      cmd = TCellAgent::Cmdi.parse_command(*args)
-      if TCellAgent::Cmdi.block_command?(cmd)
-        raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-      end
-
-      tcell_original_1_spawn(*args)
-    end
-
-    alias_method :tcell_original_1_system, :system
-    def system(*args)
-      cmd = TCellAgent::Cmdi.parse_command(*args)
-      if TCellAgent::Cmdi.block_command?(cmd)
-        raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-      end
-
-      tcell_original_1_system(*args)
-    end
-  end
-
-  alias_method :tcell_original_backtick, :`
-  def `(cmd)
-    if TCellAgent::Cmdi.block_command?(cmd)
-      raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-    end
-
-    tcell_original_backtick(cmd)
-  end
-
-  alias_method :tcell_original_2_open, :open
-  def open(*args, &block)
-    path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-
-    if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-      raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-    end
-
-    if path.empty?
-      cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-      if cmd && TCellAgent::Cmdi.block_command?(cmd)
-        raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-      end
-    end
-
-    tcell_original_2_open(*args, &block)
-  end
-
-  alias_method :tcell_original_2_gets, :gets
-  def gets(*args, &block)
-    path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
-
-    if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-      raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-    end
-
-    tcell_original_2_gets(*args, &block)
-  end
-
-  alias_method :tcell_original_readline, :readline
-  def readline(*args, &block)
-    path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
-
-    if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-      raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-    end
-
-    tcell_original_readline(*args, &block)
-  end
-
-  alias_method :tcell_original_2_spawn, :spawn
-  def spawn(*args)
-    cmd = TCellAgent::Cmdi.parse_command(*args)
-    if TCellAgent::Cmdi.block_command?(cmd)
-      raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-    end
-
-    tcell_original_2_spawn(*args)
-  end
-
-  alias_method :tcell_original_2_system, :system
-  def system(*args)
-    cmd = TCellAgent::Cmdi.parse_command(*args)
-    if TCellAgent::Cmdi.block_command?(cmd)
-      raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-    end
-
-    tcell_original_2_system(*args)
-  end
-end
-
-if TCellAgent.configuration.should_instrument_cmdi_exec?
-  module Kernel
-    class << self
-      alias_method :tcell_original_exec, :exec
-      def exec(*args)
-        cmd = TCellAgent::Cmdi.parse_command(*args)
-        if TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-
-        tcell_original_exec(*args)
-      end
-    end
-
-    alias_method :tcell_original_exec, :exec
-
-    private
-
-    def exec(*args)
-      cmd = TCellAgent::Cmdi.parse_command(*args)
-      if TCellAgent::Cmdi.block_command?(cmd)
-        raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-      end
-
-      tcell_original_exec(*args)
-    end
-  end
-else
-  TCellAgent.logger.debug('Disabling cmdi Kernel::exec instrumentation', 'TCellAgent::Cmdi')
-end