Module: TCellAgent::SensorEvents::Util

Defined in:
lib/tcell_agent/sensor_events/util/utils.rb,
lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb

Class Method Summary collapse

Class Method Details

.calculateRouteId(method, path, params = nil) ⇒ Object 



17
18
19
20
21
22
23
 
# File 'lib/tcell_agent/sensor_events/util/utils.rb', line 17

def self.calculateRouteId(method, path, params=nil)
  route_id = jhash("#{(method || "").downcase}|#{path}")
  if (route_id)
    route_id = route_id.to_s
  end
  route_id
end

.clean_header_keys(request_env_or_header_keys) ⇒ Object 



161
162
163
164
165
166
167
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 161

def self.clean_header_keys(request_env_or_header_keys)
  if request_env_or_header_keys.is_a?(Hash)
    request_env_or_header_keys.select {|k,v| k.start_with? 'HTTP_'}.collect {|k,v| k.sub(/^HTTP_/, '') }
  else
    request_env_or_header_keys.map { |k| k.sub(/^HTTP_/, '') }
  end
end

.get_hmac_keyObject 



152
153
154
155
156
157
158
159
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 152

def self.get_hmac_key
  if (TCellAgent.configuration.hmac_key)
    return TCellAgent.configuration.hmac_key
  elsif (TCellAgent.configuration.app_id)
    return TCellAgent.configuration.app_id
  end
  return "tcell_hmac_key"
end

.hmac(data) ⇒ Object 



13
14
15
16
17
18
19
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 13

def self.hmac(data)
  hmac_key = Util.get_hmac_key()

  h = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), hmac_key.to_s, data)

  return h[0...h.length/2]
end

.jhash(str) ⇒ Object 



11
12
13
14
15
 
# File 'lib/tcell_agent/sensor_events/util/utils.rb', line 11

def self.jhash(str)
  str.each_char.reduce(0) do |result, char|
    [((result << 5) - result) + char.ord].pack('L').unpack('l').first
  end
end

.request_sanitized_json(request) ⇒ Object 



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 21

def self.request_sanitized_json(request)
  sanitized_headers = Hash.new
  headers = request.headers.select {|k,v| k.start_with? 'HTTP_'}
    .collect {|pair| [pair[0].sub(/^HTTP_/, ''), pair[1]]}
    .sort
  headers.each do |header_name, header_value|
    lower_header_name = header_name.downcase
    if lower_header_name == "cookie"
      sanitized_headers[header_name] = [self.santize_request_cookie_string(header_value)]
    elsif ["content_type", "content_length","user_agent","csp"].include?(lower_header_name)
      sanitized_headers[header_name] = [header_value]
    else
      sanitized_headers[header_name] = []
    end
  end
  new_request = {"method"=>request.request_method,
                 "uri"=>self.sanitize_uri(request.fullpath),
                 "headers"=>sanitized_headers}
  request_body = request.body.read
  if request_body
    new_request["post_data"] = sanitize_query_string(request_body)
  end
  new_request
end

.response_sanitized_json(response) ⇒ Object 



46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 46

def self.response_sanitized_json(response)
  status, headers, body = *response
  sanitized_headers = Hash.new
  content_type = "unknown"
  headers.each do |header_name, header_value|
    lower_header_name = header_name.downcase
    if lower_header_name == "set-cookie"
      sanitized_headers[header_name] = [self.santize_response_cookie_string(header_value)]
    else
      if lower_header_name == "content-type"
        content_type = header_value
      end
      if ["content-type", "content-length"].include?(lower_header_name)
        sanitized_headers[header_name] = [header_value]
      else
        sanitized_headers[header_name] = []
      end
    end
  end
  new_response = {"status"=> status,
                  "headers"=>sanitized_headers}
  new_response
end

.sanitize_query_string(query) ⇒ Object 



100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 100

def self.sanitize_query_string(query)
  params = CGI::parse(query)
  params.each do |param_name, param_values|
    if param_values == nil || param_values.length == 0
      next
    end
    if (param_name.match(/password/i) ||
        param_name.match(/passwd/i) ||
        param_name.match(/token/i) ||
        param_name.match(/sessionid/i))
      params[param_name] = ["?"]
      next
    end
    new_param_values = []
    param_values.each do |param_value|
      h = Util.hmac(param_value)
      new_param_values.push << h
    end
    params[param_name] = new_param_values
  end
  params.map{|k,v| "#{k}=#{v.join(',')}"}.join('&')
end

.sanitize_uri(uri_string) ⇒ Object 



134
135
136
137
138
139
140
141
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 134

def self.sanitize_uri(uri_string)
  uri = URI(uri_string)
  query = uri.query
  if (query)
    uri.query = sanitize_query_string(query)
  end
  return uri.to_s
end

.santize_request_cookie_string(request_cookie_string) ⇒ Object 



70
71
72
73
74
75
76
77
78
79
80
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 70

def self.santize_request_cookie_string(request_cookie_string)
  sanitized_cookies = Hash.new
  cookies = CGI::Cookie::parse(request_cookie_string)
  cookies.each do |cookie_name, cookie_value|
    if cookie_value.length != 1
      next
    end
    sanitized_cookies[cookie_name] = Util.hmac(cookie_value[0])
  end
  sanitized_cookies.map{|k,v| "#{k}=#{v}"}.join(';')
end

.santize_response_cookie_string(response_cookie_string_value) ⇒ Object 



82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 82

def self.santize_response_cookie_string(response_cookie_string_value)
  cookie_parts = response_cookie_string_value.split('; ')
  cookie_string = cookie_parts[0]
  cookies = CGI::Cookie::parse(cookie_string)
  if cookies.length != 1
    return "[COOKIEMALFORMED]"
  end
  cookie_name = cookies.keys.first
  cookie_values = cookies.values.first
  if (cookie_values.length != 1)
    return "[COOKIEHADTOOMANYVALUES]"
  end
  h = Util.hmac(cookie_values[0])
  new_cookie_string = "#{cookie_name}=#{h}"
  cookie_parts[0] = new_cookie_string
  cookie_parts.map{|k,v| "#{k}=#{v}"}.join('; ')
end

.strip_uri_values(uri_string) ⇒ Object 



143
144
145
146
147
148
149
150
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 143

def self.strip_uri_values(uri_string)
  uri = URI(uri_string)
  query = uri.query
  if (query)
    uri.query = strip_values_query_string(query)
  end
  return uri.to_s
end

.strip_values_query_string(query) ⇒ Object 



123
124
125
126
127
128
129
130
131
132
 
# File 'lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb', line 123

def self.strip_values_query_string(query)
  params = CGI::parse(query)
  params.each do |param_name, param_values|
    if param_values == nil || param_values.length == 0
      next
    end
    params[param_name] = [""]
  end
  params.map{|k,v| "#{k}=#{v.join(',')}"}.join('&')
end