# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details. # frozen_string_literal: true cs__scoped_require 'contrast/utils/object_share' cs__scoped_require 'contrast/utils/os' cs__scoped_require 'contrast/components/interface' module Contrast module Api # This class acts as the interface for the communication between the Agent # and the Service (SpeedRacer) as well as functions as a way for the Agent # to manage the bundled Service. class Speedracer include Contrast::Components::Interface access_component :logging, :contrast_service, :app_context attr_reader :client_number, :host, :port, :socket, :connection, :messages_total @instance_count = 0 @instance_mutex = Mutex.new def self.next_client_number @instance_mutex.synchronize do @instance_count += 1 # Rollover things rescue StandardError @instance_count = 1 end end def self.read_only_instance_count @instance_count.dup end def initialize connection @client_number = Contrast::Api::Speedracer.next_client_number @messages_total = 0 @pid = Process.pid.to_i @ppid = Process.ppid.to_i @connection = connection end # Allow for the start of a Service, but block so that we only attempt to # start the service one try at a time in the case multiple threads are # trying to send messages. def start_service zombie_check service_starter_thread.join(5) is_service_started = Contrast::Utils::OS.running? logger.error(nil, 'The bundled service could not be started. The agent will not function properly.') unless is_service_started is_service_started end # Wrap the given DTM in a Contrast::Api::Dtm::Message and send it to the # Service for processing # # @param event [Contrast::Api::Dtm] One of the DTMs valid for the event field of # Contrast::Api::Dtm::Message def send_one event msg = build_message(event) send_message(msg) end private # check if there's a zombie service that exists, and wait on it if so. # currently, this only happens when trying to initialize speedracer def zombie_check return if windows? zombie_pid_list = Contrast::Utils::OS.zombie_pids zombie_pid_list.each do |pid| Process.wait(pid.to_i) end end def windows? @_windows = Contrast::Utils::OS.windows? if @_windows.nil? @_windows end def determine_startup_options return { out: :out, err: :err } if Contrast::Agent::FeatureState.instance.service_control[:logger_path] == 'STDOUT' { out: File::NULL, err: File::NULL } end # This is a separate method so we can overwrite it globally in specs def spawn_service options = determine_startup_options spawn 'contrast_service', options end def service_starter_thread Contrast::Agent::Thread.new do # Always check to see if it already started unless Contrast::Utils::OS.running? # Spawn the service process spawn_service # Block until service is running sleep(0.1) until Contrast::Utils::OS.running? end end end # Wrap the given event in a Contrast::Api::Dtm::Message # # @param event [Contrast::Api::Dtm] One of the DTMs valid for the event field of # Contrast::Api::Dtm::Message # @return Contrast::Api::Dtm::Message def build_message event message = base_message case event when Contrast::Api::Dtm::ServerActivity message.server_activity = event when Contrast::Api::Dtm::AgentStartup message.agent_startup = event when Contrast::Api::Dtm::ApplicationCreate message.application_create = event when Contrast::Api::Dtm::ApplicationUpdate message.application_update = event when Contrast::Api::Dtm::Activity message.activity = event when Contrast::Api::Dtm::HttpRequest message.prefilter = event when Contrast::Api::Dtm::HttpResponse message.postfilter = event when Contrast::Api::Dtm::Poll message.poll = event when Contrast::Api::Dtm::ObservedRoute message.observed_route = event else logger.error("Unknown event type #{ event.cs__class.name } received. Unsure how to send.") return end # TODO: RUBY-794 make ID structured for parsing logger.debug("Wrapping the event #{ event.__id__ } in message #{ message.__id__ } (#{ message.pid }-#{ message.message_count }.") message end def base_message msg = Contrast::Api::Dtm::Message.new msg.app_name = APP_CONTEXT.name msg.app_path = APP_CONTEXT.path msg.app_language = Contrast::Utils::ObjectShare::RUBY msg.client_id = APP_CONTEXT.client_id msg.client_number = client_number msg.client_total = Contrast::Api::Speedracer.read_only_instance_count msg.message_count = (@messages_total += 1) msg.pid = APP_CONTEXT.pid msg.ppid = APP_CONTEXT.ppid msg end def send_message msg # TODO: RUBY-794 make PID & Count structured for parsing logger.debug "[m__id__:#{ msg.__id__ }]\tSending message #{ msg.pid }-#{ msg.message_count }." to_service = Contrast::Api::Dtm::Message.encode(msg) from_service = send_marshaled(to_service) response = Contrast::Api::Settings::AgentSettings.decode(from_service) # TODO: RUBY-794 make PID & Count structured for parsing log_message = "[m__id__:#{ msg.__id__ }]\tReceived response: " \ "#{ response ? response.__id__ : '[No Response]' } for " \ "message #{ msg.pid }-#{ msg.message_count }." logger.debug(log_message) response rescue StandardError => e # TODO: RUBY-794 make PID & Count structured for parsing logger.error(e, "[m__id__:#{ msg.__id__ }]\tSending failed for message #{ msg.pid }-#{ msg.message_count }.") raise e # reraise to let SocketClient manage the connection end def send_marshaled marshaled connection.send_marshaled(marshaled) end end end end