Module: TCellAgent::SensorEvents::Util

Defined in:
lib/tcell_agent/sensor_events/util/utils.rb,
lib/tcell_agent/sensor_events/util/redirect_utils.rb,
lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb

Class Method Summary collapse

Class Method Details

.calculateRouteId(method, path, params = nil) ⇒ Object 



16
17
18
19
20
21
22
 
# File 'lib/tcell_agent/sensor_events/util/utils.rb', line 16

def self.calculateRouteId(method, path, params=nil)
  route_id = jhash("#{method}|#{path}")
  if (route_id)
    route_id = route_id.to_s
  end
  route_id
end

.domainFromUrl(url) ⇒ Object 



16
17
18
19
 
# File 'lib/tcell_agent/sensor_events/util/redirect_utils.rb', line 16

def self.domainFromUrl(url)
  uri = URI.parse(url)
  uri.host
end

.getHmacKeyObject 



13
14
15
16
17
18
19
20
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 13

def self.getHmacKey
    if (TCellAgent.configuration.hmac_key)
        return TCellAgent.configuration.hmac_key
    elsif (TCellAgent.configuration.app_id)
        return TCellAgent.configuration.app_id
    end
    return "tcell_hmac_key"
end

.hmac(data, hmacKey) ⇒ Object 



21
22
23
24
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 21

def self.hmac(data, hmacKey)
    hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), hmacKey.to_s, data)
    return hmac
end

.jhash(str) ⇒ Object 



11
12
13
14
15
 
# File 'lib/tcell_agent/sensor_events/util/utils.rb', line 11

def self.jhash(str)
  str.each_char.reduce(0) do |result, char|
    [((result << 5) - result) + char.ord].pack('L').unpack('l').first
  end 
end

.request_sanitized_json(request) ⇒ Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 25

def self.request_sanitized_json(request)
    sanitized_headers = Hash.new
    headers = request.headers.select {|k,v| k.start_with? 'HTTP_'}
        .collect {|pair| [pair[0].sub(/^HTTP_/, ''), pair[1]]}
        .sort
    headers.each do |header_name, header_value|
        lower_header_name = header_name.downcase
        if lower_header_name == "cookie"
            sanitized_headers[header_name] = [self.santize_request_cookie_string(header_value)]
        elsif ["content_type", "content_length","user_agent","csp"].include?(lower_header_name)
            sanitized_headers[header_name] = [header_value]
        else
            sanitized_headers[header_name] = []
        end
    end
    new_request = {"method"=>request.request_method,
                   "uri"=>self.sanitize_uri(request.fullpath),
                   "headers"=>sanitized_headers}
    request_body = request.body.read    
    if request_body
        new_request["post_data"] = sanitize_query_string(request_body)
    end
    new_request
end

.response_sanitized_json(response) ⇒ Object 



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 49

def self.response_sanitized_json(response)
    status, headers, body = *response
    sanitized_headers = Hash.new
    content_type = "unknown"
    headers.each do |header_name, header_value|
        lower_header_name = header_name.downcase
        if lower_header_name == "set-cookie"
            sanitized_headers[header_name] = [self.santize_response_cookie_string(header_value)]
        else
            if lower_header_name == "content-type"
                content_type = header_value
            end
            if ["content-type", "content-length"].include?(lower_header_name)
                sanitized_headers[header_name] = [header_value]
            else
                sanitized_headers[header_name] = []
            end
        end
    end
    new_response = {"status"=> status, 
                    "headers"=>sanitized_headers}
    new_response
end

.sanitize_query_string(query) ⇒ Object 



102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 102

def self.sanitize_query_string(query)
    hmacKey = Util.getHmacKey()
    params = CGI::parse(query)
    params.each do |param_name, param_values|
        if param_values == nil || param_values.length == 0
            next
        end
        if (param_name.match(/password/i) || 
            param_name.match(/passwd/i) || 
            param_name.match(/token/i) || 
            param_name.match(/sessionid/i))
            params[param_name] = ["?"]
            next
        end
        new_param_values = []
        param_values.each do |param_value|
            h = Util.hmac(param_value, hmacKey)
            new_param_values.push << h
        end
        params[param_name] = new_param_values
    end
    params.map{|k,v| "#{k}=#{v.join(',')}"}.join('&')
end

.sanitize_uri(uri_string) ⇒ Object 



135
136
137
138
139
140
141
142
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 135

def self.sanitize_uri(uri_string)
    uri = URI(uri_string)
    query = uri.query
    if (query)
        uri.query = sanitize_query_string(query)
    end
    return uri.to_s
end

.santize_request_cookie_string(request_cookie_string) ⇒ Object 



72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 72

def self.santize_request_cookie_string(request_cookie_string)
    hmacKey = Util.getHmacKey()
    sanitized_cookies = Hash.new
    cookies = CGI::Cookie::parse(request_cookie_string)
    cookies.each do |cookie_name, cookie_value|
        if cookie_value.length != 1
            next
        end
        sanitized_cookies[cookie_name] = Util.hmac(cookie_value[0], hmacKey)
    end
    sanitized_cookies.map{|k,v| "#{k}=#{v}"}.join(';')
end

.santize_response_cookie_string(response_cookie_string_value) ⇒ Object 



84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 84

def self.santize_response_cookie_string(response_cookie_string_value)
    hmacKey = Util.getHmacKey()
    cookie_parts = response_cookie_string_value.split('; ')
    cookie_string = cookie_parts[0]
    cookies = CGI::Cookie::parse(cookie_string)
    if cookies.length != 1
        return "[COOKIEMALFORMED]"
    end
    cookie_name = cookies.keys.first
    cookie_values = cookies.values.first
    if (cookie_values.length != 1)
        return "[COOKIEHADTOOMANYVALUES]"
    end
    h = Util.hmac(cookie_values[0], hmacKey)
    new_cookie_string = "#{cookie_name}=#{h}"
    cookie_parts[0] = new_cookie_string  
    cookie_parts.map{|k,v| "#{k}=#{v}"}.join('; ')
end

.strip_uri_values(uri_string) ⇒ Object 



143
144
145
146
147
148
149
150
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 143

def self.strip_uri_values(uri_string)
    uri = URI(uri_string)
    query = uri.query
    if (query)
        uri.query = strip_values_query_string(query)
    end
    return uri.to_s
end

.strip_values_query_string(query) ⇒ Object 



125
126
127
128
129
130
131
132
133
134
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 125

def self.strip_values_query_string(query)
    params = CGI::parse(query)
    params.each do |param_name, param_values|
        if param_values == nil || param_values.length == 0
            next
        end
        params[param_name] = [""]
    end
    params.map{|k,v| "#{k}=#{v.join(',')}"}.join('&')
end

.wildcardMatch(target, wildcardPattern) ⇒ Object 



11
12
13
14
15
 
# File 'lib/tcell_agent/sensor_events/util/redirect_utils.rb', line 11

def self.wildcardMatch(target, wildcardPattern)
  escaped = Regexp.escape(wildcardPattern).gsub('\*','.*?')
  regex = Regexp.new "^#{escaped}$", Regexp::IGNORECASE
  !!(target =~ regex)
end