7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
# File 'lib/tcell_agent/config/unknown_options.rb', line 7
def self.get_unknown_options(config_json)
messages = []
known_tcell_env_vars = Set.new([
"TCELL_AGENT_SERVER",
"TCELL_AGENT_APP_ID",
"TCELL_AGENT_API_KEY",
"TCELL_HMAC_KEY",
"TCELL_PASSWORD_HMAC_KEY",
"TCELL_AGENT_HOST_IDENTIFIER",
"TCELL_API_URL",
"TCELL_INPUT_URL",
"TCELL_DEMOMODE",
"TCELL_AGENT_HOME",
"TCELL_AGENT_LOG_DIR",
"TCELL_AGENT_CONFIG",
"TCELL_AGENT_ALLOW_UNENCRYPTED_APPSENSOR_PAYLOADS",
"TCELL_AGENT_ALLOW_UNENCRYPTED_APPFIREWALL_PAYLOADS",
"TCELL_AGENT_ALLOW_PAYLOADS",
"TCELL_AGENT_HOME_OWNER"])
ENV.keys.each do |environment_key|
if environment_key =~ /^TCELL_/ && !known_tcell_env_vars.include?(environment_key)
messages << "Unrecognized environment parameter (TCELL_*) found: #{environment_key}"
end
end
begin
key_differences = []
if config_json
first_level_keys = ["version", "applications"]
key_differences = config_json.keys - first_level_keys
applications = config_json.fetch("applications", nil)
if applications
if applications.size > 1
messages << "Multiple applications detected in config file"
elsif applications.size == 1
application = applications[0]
second_level_keys = [
"name",
"app_id",
"api_key",
"fetch_policies_from_tcell",
"preload_policy_filename",
"log_dir",
"tcell_api_url",
"tcell_input_url",
"host_identifier",
"hipaaSafeMode",
"hmac_key",
"password_hmac_key",
"js_agent_api_base_url",
"js_agent_url",
"max_csp_header_bytes",
"event_batch_size_limit",
"allow_unencrypted_appsensor_payloads",
"allow_unencrypted_appfirewall_payloads",
"allow_payloads",
"reverse_proxy",
"reverse_proxy_ip_address_header",
"demomode",
"logging_options",
"data_exposure",
"disable_all",
"enabled",
"enable_event_manager",
"enable_event_consumer",
"enable_policy_polling",
"enable_instrumentation",
"enable_intercept_requests",
"instrument_for_events",
"agent_home_owner",
"enabled_instrumentations"]
key_differences = key_differences + (application.keys - second_level_keys)
if application.fetch("logging_options", nil)
logging_options = application["logging_options"]
key_differences = key_differences + (logging_options.keys - ["enabled", "level", "filename"])
end
if application.fetch("data_exposure", nil)
data_exposure = application["data_exposure"]
key_differences = key_differences + (data_exposure.keys - ["max_data_ex_db_records_per_request"])
end
if application.fetch("enabled_instrumentations", nil)
enabled_instrumentations = application["enabled_instrumentations"]
key_differences = key_differences + (enabled_instrumentations.keys - ["doorkeeper", "devise", "authlogic"])
end
end
end
key_differences.each do |key|
messages << "Unrecognized config setting key: #{key}"
end
end
rescue StandardError => exception
messages << "Something went wrong verifying config file: #{exception}"
end
messages
end
|