RubyGems - tcell_agent - Versions diffs - 2.3.0 → 2.4.0 - Mend

tcell_agent 2.3.0 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

checksums.yaml +4 -4
data/LICENSE +2 -2
data/bin/tcell_agent +6 -11
data/lib/tcell_agent/agent.rb +18 -13
data/lib/tcell_agent/config_initializer.rb +0 -4
data/lib/tcell_agent/configuration.rb +4 -4
data/lib/tcell_agent/hooks/login_fraud.rb +1 -1
data/lib/tcell_agent/instrumentation.rb +14 -6
data/lib/tcell_agent/instrumentation/cmdi.rb +32 -0
data/lib/tcell_agent/instrumentation/lfi.rb +55 -9
data/lib/tcell_agent/instrumentation/monkey_patches/ruby_2/file.rb +21 -0
data/lib/tcell_agent/instrumentation/monkey_patches/ruby_2/io.rb +75 -0
data/lib/tcell_agent/instrumentation/monkey_patches/ruby_2/kernel.rb +80 -0
data/lib/tcell_agent/instrumentation/monkey_patches/ruby_3/file.rb +21 -0
data/lib/tcell_agent/instrumentation/monkey_patches/ruby_3/io.rb +75 -0
data/lib/tcell_agent/instrumentation/monkey_patches/ruby_3/kernel.rb +80 -0
data/lib/tcell_agent/logger.rb +2 -2
data/lib/tcell_agent/policies/dataloss_policy.rb +15 -8
data/lib/tcell_agent/policies/headers_policy.rb +2 -2
data/lib/tcell_agent/policies/patches_policy.rb +8 -4
data/lib/tcell_agent/policies/policies_manager.rb +1 -0
data/lib/tcell_agent/policies/policy_polling.rb +4 -3
data/lib/tcell_agent/rails/auth/doorkeeper.rb +1 -0
data/lib/tcell_agent/rails/better_ip.rb +7 -19
data/lib/tcell_agent/rails/dlp.rb +48 -48
data/lib/tcell_agent/rails/dlp/process_request.rb +5 -0
data/lib/tcell_agent/rails/dlp_handler.rb +9 -10
data/lib/tcell_agent/rails/js_agent_insert.rb +2 -3
data/lib/tcell_agent/rails/middleware/context_middleware.rb +2 -1
data/lib/tcell_agent/rails/middleware/global_middleware.rb +1 -5
data/lib/tcell_agent/rails/middleware/headers_middleware.rb +1 -0
data/lib/tcell_agent/rails/routes/grape.rb +2 -1
data/lib/tcell_agent/rails/settings_reporter.rb +0 -8
data/lib/tcell_agent/rails/tcell_body_proxy.rb +4 -6
data/lib/tcell_agent/routes/table.rb +3 -0
data/lib/tcell_agent/rust/agent_config.rb +9 -0
data/lib/tcell_agent/rust/{libtcellagent-alpine-6.2.1.so → libtcellagent-alpine.so} +0 -0
data/lib/tcell_agent/rust/{tcellagent-6.2.1.dll → libtcellagent-x64.dll} +0 -0
data/lib/tcell_agent/rust/{libtcellagent-6.2.1.dylib → libtcellagent.dylib} +0 -0
data/lib/tcell_agent/rust/{libtcellagent-6.2.1.so → libtcellagent.so} +0 -0
data/lib/tcell_agent/rust/native_agent.rb +48 -58
data/lib/tcell_agent/rust/native_library.rb +7 -10
data/lib/tcell_agent/sensor_events/server_agent.rb +3 -100
data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +1 -0
data/lib/tcell_agent/servers/puma.rb +25 -8
data/lib/tcell_agent/servers/rack_puma_handler.rb +13 -3
data/lib/tcell_agent/servers/webrick.rb +13 -3
data/lib/tcell_agent/settings_reporter.rb +0 -14
data/lib/tcell_agent/sinatra.rb +1 -0
data/lib/tcell_agent/tcell_context.rb +15 -6
data/lib/tcell_agent/utils/headers.rb +0 -1
data/lib/tcell_agent/utils/strings.rb +2 -2
data/lib/tcell_agent/version.rb +1 -1
data/spec/cruby_spec_helper.rb +26 -0
data/spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb +2 -2
data/spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb +211 -272
data/spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb +207 -223
data/spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb +89 -70
data/spec/lib/tcell_agent/instrumentation/lfi_spec.rb +73 -0
data/spec/lib/tcell_agent/patches_spec.rb +2 -1
data/spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb +1 -2
data/spec/lib/tcell_agent/policies/content_security_policy_spec.rb +5 -6
data/spec/lib/tcell_agent/policies/patches_policy_spec.rb +21 -2
data/spec/lib/tcell_agent/policies/policies_manager_spec.rb +1 -1
data/spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb +14 -8
data/spec/lib/tcell_agent/rails/better_ip_spec.rb +9 -11
data/spec/lib/tcell_agent/rails/csrf_exception_spec.rb +6 -6
data/spec/lib/tcell_agent/rails/dlp_spec.rb +1 -0
data/spec/lib/tcell_agent/rails/js_agent_insert_spec.rb +10 -2
data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +2 -1
data/spec/lib/tcell_agent/rails/routes/route_id_spec.rb +4 -4
data/spec/lib/tcell_agent/settings_reporter_spec.rb +2 -16
data/spec/lib/tcell_agent/tcell_context_spec.rb +6 -5
data/spec/spec_helper.rb +3 -1
data/spec/support/builders.rb +2 -1
data/spec/support/server_mocks/puma_mock.rb +4 -0
data/spec/support/shared_spec.rb +29 -0
data/tcell_agent.gemspec +14 -14
metadata +23 -19
data/Rakefile +0 -18
data/lib/tcell_agent/instrumentation/monkey_patches/file.rb +0 -25
data/lib/tcell_agent/instrumentation/monkey_patches/io.rb +0 -131
data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb +0 -102

data/Rakefile DELETED Viewed

@@ -1,18 +0,0 @@
-require 'rspec/core/rake_task'
-RSpec::Core::RakeTask.new(:spec)
-desc 'Run tests'
-task :default => [:spec]
-task :test => :spec
-task 'init-integration-tests' do
-  system('docker-compose run railsintegration224 bundle install')
-  system('docker-compose run railsintegration224 bundle exec rake db:create db:setup')
-  system('docker-compose stop')
-end
-task 'integration-test' do
-  system('docker-compose up railsintegration224')
-  system('docker-compose stop')
-end

data/lib/tcell_agent/instrumentation/monkey_patches/file.rb DELETED Viewed

@@ -1,25 +0,0 @@
-class File
-  class << self
-    alias_method :tcell_original_new, :new
-    def new(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      tcell_original_new(*args, &block)
-    end
-    alias_method :tcell_original_open, :open
-    def open(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      tcell_original_open(*args, &block)
-    end
-  end
-end

data/lib/tcell_agent/instrumentation/monkey_patches/io.rb DELETED Viewed

@@ -1,131 +0,0 @@
-class IO
-  class << self
-    alias_method :tcell_original_binread, :binread
-    def binread(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      if path.empty?
-        cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-        if cmd && TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-      tcell_original_binread(*args, &block)
-    end
-    alias_method :tcell_original_binwrite, :binwrite
-    def binwrite(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Write'
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      tcell_original_binwrite(*args, &block)
-    end
-    alias_method :tcell_original_foreach, :foreach
-    def foreach(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Read'
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      tcell_original_foreach(*args, &block)
-    end
-    alias_method :tcell_original_popen, :popen
-    def popen(*args, &block)
-      unless args.empty?
-        cmd = ''
-        TCellAgent::Instrumentation.safe_block('CMDI Parsing popen *args') do
-          args_copy = Array.new(args)
-          args_copy.shift if args_copy.first.is_a?(Hash)
-          args_copy.pop if args_copy.last.is_a?(Hash)
-          cmd = if args_copy.first.is_a?(String)
-                  args_copy.shift
-                else
-                  TCellAgent::Cmdi.parse_command(*args_copy.shift)
-                end
-        end
-        if TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-      tcell_original_popen(*args, &block)
-    end
-    alias_method :tcell_original_read, :read
-    def read(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Read'
-      if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      if path.empty?
-        cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-        if cmd && TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-      tcell_original_read(*args, &block)
-    end
-    alias_method :tcell_original_readlines, :readlines
-    def readlines(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Read'
-      if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      if path.empty?
-        cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-        if cmd && TCellAgent::Cmdi.block_command?(cmd)
-          raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-        end
-      end
-      tcell_original_readlines(*args, &block)
-    end
-    alias_method :tcell_original_sysopen, :sysopen
-    def sysopen(*args, &block)
-      path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      tcell_original_sysopen(*args, &block)
-    end
-    alias_method :tcell_original_write, :write
-    def write(*args, &block)
-      path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-      mode = 'Write'
-      if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-        raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-      end
-      tcell_original_write(*args, &block)
-    end
-  end
-end

data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb DELETED Viewed

@@ -1,102 +0,0 @@
-module Kernel
-  private
-  alias_method :tcell_original_backtick, :`
-  alias_method :tcell_original_exec, :exec
-  alias_method :tcell_original_open, :open
-  alias_method :tcell_original_gets, :gets
-  alias_method :tcell_original_readline, :readline
-  alias_method :tcell_original_spawn, :spawn
-  alias_method :tcell_original_system, :system
-  class << self
-    alias_method :tcell_original_exec, :exec
-    alias_method :tcell_original_open, :open
-    alias_method :tcell_original_gets, :gets
-    alias_method :tcell_original_readline, :readline
-    alias_method :tcell_original_spawn, :spawn
-    alias_method :tcell_original_system, :system
-  end
-  def `(cmd)
-    if TCellAgent::Cmdi.block_command?(cmd)
-      raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-    end
-    tcell_original_backtick(cmd)
-  end
-  if TCellAgent.configuration.should_instrument?('kernel_exec')
-    def exec(*args)
-      cmd = TCellAgent::Cmdi.parse_command(*args)
-      if TCellAgent::Cmdi.block_command?(cmd)
-        raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-      end
-      tcell_original_exec(*args)
-    end
-  end
-  def gets(*args, &block)
-    path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
-    if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-      raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-    end
-    tcell_original_gets(*args, &block)
-  end
-  def open(*args, &block)
-    path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
-    if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-      raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-    end
-    if path.empty?
-      cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
-      if cmd && TCellAgent::Cmdi.block_command?(cmd)
-        raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-      end
-    end
-    tcell_original_open(*args, &block)
-  end
-  def readline(*args, &block)
-    path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
-    if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
-      raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
-    end
-    tcell_original_readline(*args, &block)
-  end
-  def spawn(*args)
-    cmd = TCellAgent::Cmdi.parse_command(*args)
-    if TCellAgent::Cmdi.block_command?(cmd)
-      raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-    end
-    tcell_original_spawn(*args)
-  end
-  def system(*args)
-    cmd = TCellAgent::Cmdi.parse_command(*args)
-    if TCellAgent::Cmdi.block_command?(cmd)
-      raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
-    end
-    tcell_original_system(*args)
-  end
-  module_function :`
-  module_function :exec
-  module_function :gets
-  module_function :open
-  module_function :readline
-  module_function :spawn
-  module_function :system
-end