tcell_agent 2.2.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/tcell_agent/instrument_servers.rb +12 -14
- data/lib/tcell_agent/rails/auth/authlogic.rb +9 -0
- data/lib/tcell_agent/rails/auth/devise.rb +7 -4
- data/lib/tcell_agent/rails/auth/doorkeeper.rb +0 -1
- data/lib/tcell_agent/rails/middleware/global_middleware.rb +3 -0
- data/lib/tcell_agent/servers/puma.rb +7 -7
- data/lib/tcell_agent/servers/rack_puma_handler.rb +23 -0
- data/lib/tcell_agent/servers/rails_server.rb +4 -3
- data/lib/tcell_agent/tcell_context.rb +1 -1
- data/lib/tcell_agent/version.rb +1 -1
- data/spec/lib/tcell_agent/configuration_spec.rb +5 -0
- data/spec/lib/tcell_agent/instrument_servers_spec.rb +95 -0
- data/spec/lib/tcell_agent/policies/patches_policy_spec.rb +2 -2
- data/spec/spec_helper.rb +6 -0
- data/spec/support/builders.rb +2 -1
- data/spec/support/server_mocks/passenger_mock.rb +7 -0
- data/spec/support/server_mocks/puma_mock.rb +17 -0
- data/spec/support/server_mocks/rails_mock.rb +7 -0
- data/spec/support/server_mocks/thin_mock.rb +7 -0
- data/spec/support/server_mocks/unicorn_mock.rb +11 -0
- metadata +15 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5e056172b2170f472b95d9dc96f082b2d881e38d8b066ed82b8c4175157c0d04
|
4
|
+
data.tar.gz: 6e6a4fc3062d22415489aa75fad2cc15e7c8d9dcd9fc6a80aeb7ce6116dd784e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 87a540297c00aedca95f5905687e511233a960ede19aca99cdac65935828bce009413493a8c22af7a33ef59808910df69f9a169274f7f8aec13cdf84c8a361e4
|
7
|
+
data.tar.gz: 9ea327f2786185b027263c74d7d7428aa6c1a5cf7e54ce2bcf070eed2a15630f370984297f1a804aebbd97569379916e6973a337b42be8f2e9e211499422bae9
|
@@ -2,22 +2,20 @@
|
|
2
2
|
|
3
3
|
tcell_server = ENV['TCELL_AGENT_SERVER']
|
4
4
|
|
5
|
-
if tcell_server &&
|
6
|
-
|
7
|
-
end
|
5
|
+
TCellAgent.thread_agent.instrument_built_ins if tcell_server &&
|
6
|
+
tcell_server == 'mock'
|
8
7
|
|
9
|
-
if (tcell_server && tcell_server == 'webrick') ||
|
10
|
-
|
8
|
+
require('tcell_agent/servers/rails_server') if (tcell_server && tcell_server == 'webrick') ||
|
9
|
+
defined?(Rails::Server)
|
11
10
|
|
12
|
-
|
13
|
-
|
11
|
+
require('tcell_agent/servers/thin') if (tcell_server && tcell_server == 'thin') ||
|
12
|
+
defined?(Thin)
|
14
13
|
|
15
|
-
|
16
|
-
|
14
|
+
require('tcell_agent/servers/puma') if (tcell_server && tcell_server == 'puma') ||
|
15
|
+
defined?(Puma)
|
17
16
|
|
18
|
-
|
19
|
-
|
17
|
+
require('tcell_agent/servers/unicorn') if (tcell_server && tcell_server == 'unicorn') ||
|
18
|
+
defined?(Unicorn)
|
20
19
|
|
21
|
-
|
22
|
-
|
23
|
-
end
|
20
|
+
require('tcell_agent/servers/passenger') if (tcell_server && tcell_server == 'passenger') ||
|
21
|
+
defined?(PhusionPassenger)
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'tcell_agent/configuration'
|
2
4
|
require 'tcell_agent/instrumentation'
|
3
5
|
|
@@ -30,6 +32,12 @@ module TCellAgent
|
|
30
32
|
if user_logged_in_before && user_logged_in_after
|
31
33
|
# password changed or logged in as another user
|
32
34
|
elsif !user_logged_in_before && !user_logged_in_after
|
35
|
+
TCellAgent::Instrumentation.safe_block('checking if user is valid') do
|
36
|
+
error_messages = errors.messages[login_field]
|
37
|
+
|
38
|
+
user_valid = error_messages.empty?
|
39
|
+
end
|
40
|
+
|
33
41
|
login_policy.report_login_failure(
|
34
42
|
user_id,
|
35
43
|
password,
|
@@ -38,6 +46,7 @@ module TCellAgent
|
|
38
46
|
tcell_data
|
39
47
|
)
|
40
48
|
elsif !user_logged_in_before && user_logged_in_after
|
49
|
+
tcell_data.user_id = user_id if user_id && tcell_data.user_id.nil?
|
41
50
|
login_policy.report_login_success(
|
42
51
|
user_id,
|
43
52
|
request.env,
|
@@ -19,7 +19,8 @@ module TCellAgent
|
|
19
19
|
password = tcell_data.password
|
20
20
|
password ||= _get_tcell_password
|
21
21
|
|
22
|
-
user_valid =
|
22
|
+
user_valid = warden_message != :not_found_in_database if defined?(warden_message)
|
23
|
+
|
23
24
|
login_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LOGINFRAUD)
|
24
25
|
login_policy.report_login_failure(
|
25
26
|
user_id,
|
@@ -96,11 +97,11 @@ module TCellAgent
|
|
96
97
|
end
|
97
98
|
|
98
99
|
TCellAgent::Instrumentation.safe_block('Devise Authenticatable Validate') do
|
99
|
-
if send_event && TCellAgent.configuration.
|
100
|
-
TCellAgent.configuration.should_intercept_requests?
|
100
|
+
if send_event && TCellAgent.configuration.should_intercept_requests?
|
101
101
|
username = nil
|
102
102
|
(authentication_keys || []).each do |auth_key|
|
103
|
-
attr = authentication_hash[auth_key]
|
103
|
+
attr = authentication_hash[auth_key] unless authentication_hash.nil?
|
104
|
+
|
104
105
|
if attr
|
105
106
|
username ||= ''
|
106
107
|
username += attr
|
@@ -110,6 +111,8 @@ module TCellAgent
|
|
110
111
|
tcell_data = request.env[TCellAgent::Instrumentation::TCELL_ID]
|
111
112
|
return is_valid unless tcell_data
|
112
113
|
|
114
|
+
tcell_data.user_id = username if username && tcell_data.user_id.nil?
|
115
|
+
|
113
116
|
login_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LOGINFRAUD)
|
114
117
|
login_policy.report_login_success(
|
115
118
|
username,
|
@@ -24,6 +24,9 @@ module TCellAgent
|
|
24
24
|
def call(env)
|
25
25
|
if TCellAgent.configuration.should_intercept_requests?
|
26
26
|
request = Rack::Request.new(env)
|
27
|
+
|
28
|
+
request['init'] = true
|
29
|
+
|
27
30
|
TCellAgent::Instrumentation.safe_block('Setting session_id & user_id') do
|
28
31
|
if request.session
|
29
32
|
env[TCellAgent::Instrumentation::TCELL_ID].session_id =
|
@@ -4,21 +4,21 @@ if defined?(Puma.cli_config)
|
|
4
4
|
# Puma is running in single mode, so run both the initial instrumentation and
|
5
5
|
# start the agent
|
6
6
|
Puma::Runner.class_eval do
|
7
|
-
alias_method :
|
7
|
+
alias_method :tcell_original_start_server, :start_server
|
8
8
|
def start_server
|
9
|
-
TCellAgent.thread_agent.start('Puma
|
9
|
+
TCellAgent.thread_agent.start('Puma')
|
10
10
|
|
11
|
-
|
11
|
+
tcell_original_start_server
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
15
15
|
else
|
16
16
|
Puma::Server.class_eval do
|
17
|
-
alias_method :
|
17
|
+
alias_method :tcell_original_run, :run
|
18
18
|
def run(background = true)
|
19
19
|
TCellAgent.thread_agent.start('Puma Cluster Mode (Worker)')
|
20
20
|
|
21
|
-
|
21
|
+
tcell_original_run(background)
|
22
22
|
end
|
23
23
|
end
|
24
24
|
end
|
@@ -28,11 +28,11 @@ if defined?(Puma.cli_config)
|
|
28
28
|
# Instrumentation will run for each worker but there's
|
29
29
|
# nothing we can do about that (Unicorn's preload_app behaves the same way)
|
30
30
|
Puma::Server.class_eval do
|
31
|
-
alias_method :
|
31
|
+
alias_method :tcell_original_run, :run
|
32
32
|
def run(background = true)
|
33
33
|
TCellAgent.thread_agent.start('Puma Cluster Mode (Worker)')
|
34
34
|
|
35
|
-
|
35
|
+
tcell_original_run(background)
|
36
36
|
end
|
37
37
|
end
|
38
38
|
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
Rack::Handler::Puma.class_eval do
|
4
|
+
class << self
|
5
|
+
alias_method :tcell_original_config, :config
|
6
|
+
def config(app, options = {})
|
7
|
+
conf = tcell_original_config(app, options)
|
8
|
+
|
9
|
+
if defined?(Puma::Server) && !Puma::Server.instance_methods.include?(:tcell_original_run)
|
10
|
+
Puma::Server.class_eval do
|
11
|
+
alias_method :tcell_original_run, :run
|
12
|
+
def run(background = true)
|
13
|
+
TCellAgent.thread_agent.start('Puma')
|
14
|
+
|
15
|
+
tcell_original_run(background)
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
conf
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -5,16 +5,17 @@
|
|
5
5
|
Rails::Server.class_eval do
|
6
6
|
alias_method :tcell_build_app, :build_app
|
7
7
|
def build_app(app)
|
8
|
+
require('tcell_agent/servers/rack_puma_handler') if defined?(Rack::Handler::Puma)
|
8
9
|
require('tcell_agent/servers/unicorn') if defined?(Unicorn::HttpServer)
|
9
10
|
require('tcell_agent/servers/webrick') if defined?(Rack::Handler::WEBrick)
|
10
11
|
require('tcell_agent/servers/thin') if defined?(Thin::Server)
|
11
12
|
|
12
13
|
if defined?(Puma::Server)
|
13
14
|
Puma::Server.class_eval do
|
14
|
-
alias_method :
|
15
|
+
alias_method :tcell_original_run, :run
|
15
16
|
def run(background = true)
|
16
|
-
TCellAgent.thread_agent.start('Puma
|
17
|
-
|
17
|
+
TCellAgent.thread_agent.start('Puma')
|
18
|
+
tcell_original_run(background)
|
18
19
|
end
|
19
20
|
end
|
20
21
|
end
|
data/lib/tcell_agent/version.rb
CHANGED
@@ -16,6 +16,8 @@ module TCellAgent
|
|
16
16
|
context 'with no parameters' do
|
17
17
|
it 'should return true' do
|
18
18
|
config = Configuration.new
|
19
|
+
config.enabled = true
|
20
|
+
config.instrument = true
|
19
21
|
|
20
22
|
expect(config.should_instrument?).to be_truthy
|
21
23
|
end
|
@@ -23,6 +25,9 @@ module TCellAgent
|
|
23
25
|
context 'with parameters' do
|
24
26
|
it 'should return true' do
|
25
27
|
config = Configuration.new
|
28
|
+
config.enabled = true
|
29
|
+
config.instrument = true
|
30
|
+
config.disabled_instrumentation = Set.new
|
26
31
|
|
27
32
|
expect(config.should_instrument?('devise')).to be_truthy
|
28
33
|
end
|
@@ -0,0 +1,95 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
def test_rails
|
4
|
+
expect(Rails::Server.instance_methods.include?(:tcell_build_app)).to be_truthy
|
5
|
+
end
|
6
|
+
|
7
|
+
def test_thin
|
8
|
+
expect(Thin::Server.instance_methods.include?(:original_start)).to be_truthy
|
9
|
+
end
|
10
|
+
|
11
|
+
def test_unicorn
|
12
|
+
expect(Unicorn::HttpServer::START_CTX[0]).to be_falsy
|
13
|
+
expect(Unicorn::HttpServer.instance_methods.include?(:tcell_init_worker_process)).to be_truthy
|
14
|
+
expect(Unicorn::HttpServer.instance_methods.include?(:tcell_load_config!)).to be_truthy
|
15
|
+
end
|
16
|
+
|
17
|
+
def test_passenger
|
18
|
+
expect(PhusionPassenger::LoaderSharedHelpers.instance_methods.include?(:tcell_before_handling_requests))
|
19
|
+
end
|
20
|
+
|
21
|
+
def test_puma
|
22
|
+
expect(Puma.cli_config.options[:preload_app]).to be_falsey
|
23
|
+
expect(Puma::Server.instance_methods.include?(:original_run)).to be_truthy
|
24
|
+
end
|
25
|
+
|
26
|
+
def test_server(filenames, funcs)
|
27
|
+
fork do
|
28
|
+
filenames.each do |file|
|
29
|
+
load file
|
30
|
+
end
|
31
|
+
|
32
|
+
load 'tcell_agent/instrument_servers.rb'
|
33
|
+
|
34
|
+
funcs.each do |func|
|
35
|
+
method(func).call
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
describe 'instrument_servers' do
|
41
|
+
context 'with single server dependency' do
|
42
|
+
context 'with webrick server' do
|
43
|
+
it 'should instrument Webrick' do
|
44
|
+
mocks = ['spec/support/server_mocks/rails_mock.rb']
|
45
|
+
tests = [:test_rails]
|
46
|
+
test_server(mocks, tests)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
context 'with Thin server' do
|
51
|
+
it 'should instrument Thin' do
|
52
|
+
mocks = ['spec/support/server_mocks/thin_mock.rb']
|
53
|
+
tests = [:test_thin]
|
54
|
+
test_server(mocks, tests)
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
context 'with Puma server' do
|
59
|
+
it 'should instrument Puma' do
|
60
|
+
mocks = ['spec/support/server_mocks/puma_mock.rb']
|
61
|
+
tests = [:test_puma]
|
62
|
+
test_server(mocks, tests)
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
context 'with Unicorn server' do
|
67
|
+
it 'should instrument Unicorn' do
|
68
|
+
mocks = ['spec/support/server_mocks/unicorn_mock.rb']
|
69
|
+
tests = [:test_unicorn]
|
70
|
+
test_server(mocks, tests)
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
context 'with Passenger server' do
|
75
|
+
it 'should instrument Unicorn' do
|
76
|
+
mocks = ['spec/support/server_mocks/passenger_mock.rb']
|
77
|
+
tests = [:test_passenger]
|
78
|
+
test_server(mocks, tests)
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
context 'with multiple server dependencies' do
|
83
|
+
it 'should instrument all servers available' do
|
84
|
+
mocks = ['spec/support/server_mocks/rails_mock.rb',
|
85
|
+
'spec/support/server_mocks/thin_mock.rb',
|
86
|
+
'spec/support/server_mocks/puma_mock.rb',
|
87
|
+
'spec/support/server_mocks/unicorn_mock.rb',
|
88
|
+
'spec/support/server_mocks/passenger_mock.rb']
|
89
|
+
|
90
|
+
tests = %i[test_rails test_thin test_puma test_unicorn test_passenger]
|
91
|
+
|
92
|
+
test_server(mocks, tests)
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
@@ -73,7 +73,7 @@ module TCellAgent
|
|
73
73
|
TCellAgent::Rust::NativeAgent.free_agent(@native_agent.agent_ptr)
|
74
74
|
end
|
75
75
|
|
76
|
-
context 'request has nil ip'
|
76
|
+
context 'request has nil ip' do
|
77
77
|
it 'should not block request' do
|
78
78
|
meta_data = TCellAgent::Tests::MetaDataBuilder.new.update_attribute(
|
79
79
|
'remote_address', nil
|
@@ -83,7 +83,7 @@ module TCellAgent
|
|
83
83
|
end
|
84
84
|
end
|
85
85
|
|
86
|
-
context 'request has empty ip'
|
86
|
+
context 'request has empty ip' do
|
87
87
|
it 'should not block request' do
|
88
88
|
meta_data = TCellAgent::Tests::MetaDataBuilder.new.update_attribute(
|
89
89
|
'remote_address', ''
|
data/spec/spec_helper.rb
CHANGED
@@ -20,3 +20,9 @@ end
|
|
20
20
|
|
21
21
|
require 'tcell_agent/agent'
|
22
22
|
require 'tcell_agent/rails/routes'
|
23
|
+
|
24
|
+
TCellAgent.configuration.enabled = true
|
25
|
+
TCellAgent.configuration.instrument = true
|
26
|
+
TCellAgent.configuration.enable_intercept_requests = true
|
27
|
+
TCellAgent.configuration.disabled_instrumentation = []
|
28
|
+
TCellAgent.thread_agent.instrument_built_ins
|
data/spec/support/builders.rb
CHANGED
@@ -17,11 +17,12 @@ module TCellAgent
|
|
17
17
|
@configuration.allow_payloads = true
|
18
18
|
@configuration.js_agent_api_base_url = @configuration.tcell_api_url
|
19
19
|
@configuration.js_agent_url = 'https://jsagent.tcell.io/tcellagent.min.js'
|
20
|
-
@configuration.cache_dir = nil
|
21
20
|
@configuration.agent_log_dir = 'tcell/logs'
|
22
21
|
@configuration.logging_options = { :enabled => false }
|
23
22
|
@configuration.host_identifier = 'python-test-suite'
|
24
23
|
@configuration.reverse_proxy_ip_address_header = 'X-Forwarded-For'
|
24
|
+
@configuration.enable_intercept_requests = true
|
25
|
+
@configuration.enabled = true
|
25
26
|
end
|
26
27
|
|
27
28
|
def update_attribute(attribute, setting)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tcell_agent
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.2.
|
4
|
+
version: 2.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rafael
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-08-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ffi
|
@@ -181,6 +181,7 @@ files:
|
|
181
181
|
- lib/tcell_agent/sensor_events/util/utils.rb
|
182
182
|
- lib/tcell_agent/servers/passenger.rb
|
183
183
|
- lib/tcell_agent/servers/puma.rb
|
184
|
+
- lib/tcell_agent/servers/rack_puma_handler.rb
|
184
185
|
- lib/tcell_agent/servers/rails_server.rb
|
185
186
|
- lib/tcell_agent/servers/thin.rb
|
186
187
|
- lib/tcell_agent/servers/unicorn.rb
|
@@ -194,6 +195,7 @@ files:
|
|
194
195
|
- lib/tcell_agent/version.rb
|
195
196
|
- spec/lib/tcell_agent/configuration_spec.rb
|
196
197
|
- spec/lib/tcell_agent/hooks/login_fraud_spec.rb
|
198
|
+
- spec/lib/tcell_agent/instrument_servers_spec.rb
|
197
199
|
- spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
|
198
200
|
- spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
|
199
201
|
- spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
|
@@ -238,6 +240,11 @@ files:
|
|
238
240
|
- spec/support/middleware_helper.rb
|
239
241
|
- spec/support/resources/lfi_sample_file.txt
|
240
242
|
- spec/support/resources/normal_config.json
|
243
|
+
- spec/support/server_mocks/passenger_mock.rb
|
244
|
+
- spec/support/server_mocks/puma_mock.rb
|
245
|
+
- spec/support/server_mocks/rails_mock.rb
|
246
|
+
- spec/support/server_mocks/thin_mock.rb
|
247
|
+
- spec/support/server_mocks/unicorn_mock.rb
|
241
248
|
- spec/support/static_agent_overrides.rb
|
242
249
|
- tcell_agent.gemspec
|
243
250
|
homepage: https://www.tcell.io
|
@@ -268,6 +275,7 @@ summary: tCell.io Agent for Rails
|
|
268
275
|
test_files:
|
269
276
|
- spec/lib/tcell_agent/configuration_spec.rb
|
270
277
|
- spec/lib/tcell_agent/hooks/login_fraud_spec.rb
|
278
|
+
- spec/lib/tcell_agent/instrument_servers_spec.rb
|
271
279
|
- spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
|
272
280
|
- spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
|
273
281
|
- spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
|
@@ -312,4 +320,9 @@ test_files:
|
|
312
320
|
- spec/support/middleware_helper.rb
|
313
321
|
- spec/support/resources/lfi_sample_file.txt
|
314
322
|
- spec/support/resources/normal_config.json
|
323
|
+
- spec/support/server_mocks/passenger_mock.rb
|
324
|
+
- spec/support/server_mocks/puma_mock.rb
|
325
|
+
- spec/support/server_mocks/rails_mock.rb
|
326
|
+
- spec/support/server_mocks/thin_mock.rb
|
327
|
+
- spec/support/server_mocks/unicorn_mock.rb
|
315
328
|
- spec/support/static_agent_overrides.rb
|