linting
This commit is contained in:
Sebastien Blot
parent
2a920124fe
commit
393a8b8ef5
7 changed files with 19 additions and 71 deletions
pkg
acquisition/modules/waap
hubtest
types
waf
|
|
@ -305,7 +305,7 @@ func (w *WaapSource) IsAuth(apiKey string) bool {
|
|||
Timeout: 200 * time.Millisecond,
|
||||
}
|
||||
|
||||
req, err := http.NewRequest("HEAD", w.lapiURL, nil)
|
||||
req, err := http.NewRequest(http.MethodHead, w.lapiURL, nil)
|
||||
if err != nil {
|
||||
log.Errorf("Error creating request: %s", err)
|
||||
return false
|
||||
|
|
|
|||
|
|
@ -581,14 +581,17 @@ func (t *HubTestItem) RunWithNucleiTemplate() error {
|
|||
|
||||
//wait for the waap port to be available
|
||||
if _, err := IsAlive(DefaultWaapHost); err != nil {
|
||||
return fmt.Errorf("Waap is down: %s", err)
|
||||
return fmt.Errorf("waap is down: %s", err)
|
||||
}
|
||||
|
||||
// check if the target is available
|
||||
nucleiTargetParsedURL, err := url.Parse(DefaultNucleiTarget)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to parse target '%s': %s", DefaultNucleiTarget, err)
|
||||
}
|
||||
nucleiTargetHost := nucleiTargetParsedURL.Host
|
||||
if _, err := IsAlive(nucleiTargetHost); err != nil {
|
||||
return fmt.Errorf("Target is down: %s", err)
|
||||
return fmt.Errorf("target is down: %s", err)
|
||||
}
|
||||
|
||||
nucleiConfig := NucleiConfig{
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import (
|
|||
|
||||
/*
|
||||
1. If user triggered a rule that is for a CVE, that has high confidence and that is blocking, ban
|
||||
2. If user triggered 3 distinct rules with medium confidence accross 3 different requests, ban
|
||||
2. If user triggered 3 distinct rules with medium confidence across 3 different requests, ban
|
||||
|
||||
|
||||
any(evt.Waf.ByTag("CVE"), {.confidence == "high" && .action == "block"})
|
||||
|
|
|
|||
|
|
@ -112,10 +112,7 @@ func (e *crzLogEvent) Stringer(key string, val fmt.Stringer) dbg.Event {
|
|||
}
|
||||
|
||||
func (e crzLogEvent) IsEnabled() bool {
|
||||
if e.muted {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
return !e.muted
|
||||
}
|
||||
|
||||
type crzLogger struct {
|
||||
|
|
|
|||
|
|
@ -281,22 +281,22 @@ func NewParsedRequestFromRequest(r *http.Request) (ParsedRequest, error) {
|
|||
// the real source of the request is set in 'x-client-ip'
|
||||
clientIP := r.Header.Get(IPHeaderName)
|
||||
if clientIP == "" {
|
||||
return ParsedRequest{}, fmt.Errorf("Missing '%s' header", IPHeaderName)
|
||||
return ParsedRequest{}, fmt.Errorf("missing '%s' header", IPHeaderName)
|
||||
}
|
||||
// the real target Host of the request is set in 'x-client-host'
|
||||
clientHost := r.Header.Get(HostHeaderName)
|
||||
if clientHost == "" {
|
||||
return ParsedRequest{}, fmt.Errorf("Missing '%s' header", HostHeaderName)
|
||||
return ParsedRequest{}, fmt.Errorf("missing '%s' header", HostHeaderName)
|
||||
}
|
||||
// the real URI of the request is set in 'x-client-uri'
|
||||
clientURI := r.Header.Get(URIHeaderName)
|
||||
if clientURI == "" {
|
||||
return ParsedRequest{}, fmt.Errorf("Missing '%s' header", URIHeaderName)
|
||||
return ParsedRequest{}, fmt.Errorf("missing '%s' header", URIHeaderName)
|
||||
}
|
||||
// the real VERB of the request is set in 'x-client-uri'
|
||||
clientMethod := r.Header.Get(VerbHeaderName)
|
||||
if clientMethod == "" {
|
||||
return ParsedRequest{}, fmt.Errorf("Missing '%s' header", VerbHeaderName)
|
||||
return ParsedRequest{}, fmt.Errorf("missing '%s' header", VerbHeaderName)
|
||||
}
|
||||
|
||||
// delete those headers before coraza process the request
|
||||
|
|
@ -310,18 +310,19 @@ func NewParsedRequestFromRequest(r *http.Request) (ParsedRequest, error) {
|
|||
return ParsedRequest{}, fmt.Errorf("unable to parse url '%s': %s", clientURI, err)
|
||||
}
|
||||
|
||||
RemoteAddrNormalized := ""
|
||||
remoteAddrNormalized := ""
|
||||
host, _, err := net.SplitHostPort(r.RemoteAddr)
|
||||
if err != nil {
|
||||
log.Errorf("Invalid waap remote IP source %v: %s", r.RemoteAddr, err.Error())
|
||||
RemoteAddrNormalized = r.RemoteAddr
|
||||
remoteAddrNormalized = r.RemoteAddr
|
||||
} else {
|
||||
ip := net.ParseIP(host)
|
||||
if ip == nil {
|
||||
log.Errorf("Invalid waap remote IP address source %v: %s", r.RemoteAddr, err.Error())
|
||||
RemoteAddrNormalized = r.RemoteAddr
|
||||
remoteAddrNormalized = r.RemoteAddr
|
||||
} else {
|
||||
remoteAddrNormalized = ip.String()
|
||||
}
|
||||
RemoteAddrNormalized = ip.String()
|
||||
}
|
||||
|
||||
return ParsedRequest{
|
||||
|
|
@ -339,6 +340,6 @@ func NewParsedRequestFromRequest(r *http.Request) (ParsedRequest, error) {
|
|||
Args: parsedURL.Query(), //TODO: Check if there's not potential bypass as it excludes malformed args
|
||||
TransferEncoding: r.TransferEncoding,
|
||||
ResponseChannel: make(chan WaapTempResponse),
|
||||
RemoteAddrNormalized: RemoteAddrNormalized,
|
||||
RemoteAddrNormalized: remoteAddrNormalized,
|
||||
}, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,44 +8,4 @@ type exprCustomFunc struct {
|
|||
signature []interface{}
|
||||
}
|
||||
|
||||
/*
|
||||
func GetOnLoadEnv(w *WaapRuntimeConfig) map[string]interface{} {
|
||||
return map[string]interface{}{
|
||||
"DisableInBandRuleByID": w.DisableInBandRuleByID,
|
||||
"DisableOutBandRuleByID": w.DisableOutBandRuleByID,
|
||||
"DisableInBandRuleByTag": w.DisableInBandRuleByTag,
|
||||
"DisableOutBandRuleByTag": w.DisableOutBandRuleByTag,
|
||||
}
|
||||
}
|
||||
*/
|
||||
|
||||
/*var onLoadExprFuncs = []exprCustomFunc{
|
||||
{
|
||||
name: "DisableInBandRuleByID",
|
||||
function: w.DisableInBandRuleByID,
|
||||
signature: []interface{}{
|
||||
new(func(int) error),
|
||||
},
|
||||
},
|
||||
}*/
|
||||
|
||||
var preEvalExprFuncs = []exprCustomFunc{}
|
||||
|
||||
var onMatchExprFuncs = []exprCustomFunc{}
|
||||
|
||||
var exprFuncs = []exprCustomFunc{
|
||||
/*{
|
||||
name: "SetRulesToInband",
|
||||
function: SetRulesToInband,
|
||||
signature: []interface{}{
|
||||
new(func() error),
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "SetRulesToOutOfBand",
|
||||
function: SetRulesToOutOfBand,
|
||||
signature: []interface{}{
|
||||
new(func() error),
|
||||
},
|
||||
},*/
|
||||
}
|
||||
var exprFuncs = []exprCustomFunc{}
|
||||
|
|
|
|||
|
|
@ -6,19 +6,6 @@ import (
|
|||
"github.com/crowdsecurity/crowdsec/pkg/types"
|
||||
)
|
||||
|
||||
var exprFunctionOptions []expr.Option
|
||||
|
||||
func initWafHelpers() {
|
||||
exprFunctionOptions = []expr.Option{}
|
||||
for _, function := range exprFuncs {
|
||||
exprFunctionOptions = append(exprFunctionOptions,
|
||||
expr.Function(function.name,
|
||||
function.function,
|
||||
function.signature...,
|
||||
))
|
||||
}
|
||||
}
|
||||
|
||||
func GetExprWAFOptions(ctx map[string]interface{}) []expr.Option {
|
||||
baseHelpers := exprhelpers.GetExprOptions(ctx)
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue