beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

always set the transaction in the current request (#2682)

Browse source
This commit is contained in:
blotus 2023-12-22 11:44:06 +01:00 committed by GitHub
parent a62e28fdfb
commit b6f272d09a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
pkg/acquisition/modules/appsec/appsec_runner.go
View file

@ -110,7 +110,6 @@ func (r *AppsecRunner) Init(datadir string) error {
func (r *AppsecRunner) processRequest(tx appsec.ExtendedTransaction, request *appsec.ParsedRequest) error { func (r *AppsecRunner) processRequest(tx appsec.ExtendedTransaction, request *appsec.ParsedRequest) error {
var in *corazatypes.Interruption var in *corazatypes.Interruption
var err error var err error
request.Tx = tx
if request.Tx.IsRuleEngineOff() { if request.Tx.IsRuleEngineOff() {
r.logger.Debugf("rule engine is off, skipping") r.logger.Debugf("rule engine is off, skipping")
@ -129,7 +128,7 @@ func (r *AppsecRunner) processRequest(tx appsec.ExtendedTransaction, request *ap
//FIXME: should we abort here ? //FIXME: should we abort here ?
} }
request.Tx.Tx.ProcessConnection(request.RemoteAddr, 0, "", 0) request.Tx.ProcessConnection(request.RemoteAddr, 0, "", 0)
for k, v := range request.Args { for k, v := range request.Args {
for _, vv := range v { for _, vv := range v {
@ -194,6 +193,7 @@ func (r *AppsecRunner) processRequest(tx appsec.ExtendedTransaction, request *ap
func (r *AppsecRunner) ProcessInBandRules(request *appsec.ParsedRequest) error { func (r *AppsecRunner) ProcessInBandRules(request *appsec.ParsedRequest) error {
tx := appsec.NewExtendedTransaction(r.AppsecInbandEngine, request.UUID) tx := appsec.NewExtendedTransaction(r.AppsecInbandEngine, request.UUID)
r.AppsecRuntime.InBandTx = tx r.AppsecRuntime.InBandTx = tx
request.Tx = tx
if len(r.AppsecRuntime.InBandRules) == 0 { if len(r.AppsecRuntime.InBandRules) == 0 {
return nil return nil
} }
@ -202,11 +202,12 @@ func (r *AppsecRunner) ProcessInBandRules(request *appsec.ParsedRequest) error {
} }
func (r *AppsecRunner) ProcessOutOfBandRules(request *appsec.ParsedRequest) error { func (r *AppsecRunner) ProcessOutOfBandRules(request *appsec.ParsedRequest) error {
tx := appsec.NewExtendedTransaction(r.AppsecOutbandEngine, request.UUID)
r.AppsecRuntime.OutOfBandTx = tx
request.Tx = tx
if len(r.AppsecRuntime.OutOfBandRules) == 0 { if len(r.AppsecRuntime.OutOfBandRules) == 0 {
return nil return nil
} }
tx := appsec.NewExtendedTransaction(r.AppsecOutbandEngine, request.UUID)
r.AppsecRuntime.OutOfBandTx = tx
err := r.processRequest(tx, request) err := r.processRequest(tx, request)
return err return err
} }
@ -348,7 +349,7 @@ func (r *AppsecRunner) handleRequest(request *appsec.ParsedRequest) {
// time spent to process out of band rules // time spent to process out of band rules
outOfBandParsingElapsed := time.Since(startOutOfBandParsing) outOfBandParsingElapsed := time.Since(startOutOfBandParsing)
AppsecOutbandParsingHistogram.With(prometheus.Labels{"source": request.RemoteAddrNormalized}).Observe(outOfBandParsingElapsed.Seconds()) AppsecOutbandParsingHistogram.With(prometheus.Labels{"source": request.RemoteAddrNormalized, "appsec_engine": request.AppsecEngine}).Observe(outOfBandParsingElapsed.Seconds())
if request.Tx.IsInterrupted() { if request.Tx.IsInterrupted() {
r.handleOutBandInterrupt(request) r.handleOutBandInterrupt(request)
} }