corazawaf · jptosso · Aug 16, 2022 · May 27, 2022 · May 30, 2022 · May 30, 2022
diff --git a/.github/workflows/tinygo.yml b/.github/workflows/tinygo.yml
@@ -2,25 +2,33 @@ name: Tinygo tests
 
 on:
   push:
+    branches:
+      - master
+    paths-ignore:
+      - "**/*.md"
+      - "LICENSE"
   pull_request:
+
 jobs:
   test:
     strategy:
       matrix:
-        go-version: [1.18.x, 1.19.x]
+        # TODO(anuraaga): Add 1.19.x after TinyGo adds support for it.
+        go-version: [1.18.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
+    container:
+      image: tinygo/tinygo:0.24.0
     steps:
-    - name: Install Go
-      uses: actions/setup-go@v2
-      with:
-        go-version: ${{ matrix.go-version }}
-    - name: Checkout code
-      uses: actions/checkout@v2
-      with:
-        lfs: true
-        fetch-depth: 0 #for better blame info
-    - name: Download vendored dependencies
-      run: go mod vendor
-    - name: Tests and coverage
-      run: go test -v --tags=tinygo ./...
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Install Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - name: Tests
+        run: tinygo test ./...
diff --git a/examples/http-server/go.mod b/examples/http-server/go.mod
@@ -7,7 +7,10 @@ require github.com/corazawaf/coraza/v3 v3.0.0-00010101000000-000000000000
 require (
 	github.com/cloudflare/ahocorasick v0.0.0-20210425175752-730270c3e184 // indirect
 	github.com/corazawaf/libinjection-go v0.0.0-20220207031228-44e9c4250eb5 // indirect
+	github.com/tidwall/gjson v1.14.1 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
 	golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2 // indirect
 )
 
-replace github.com/corazawaf/coraza/v3 => ../..
+replace github.com/corazawaf/coraza/v3 => ../..
diff --git a/examples/http-server/go.sum b/examples/http-server/go.sum
@@ -9,6 +9,12 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/miekg/dns v1.1.25 h1:dFwPR6SfLtrSwgDcIq2bcU/gVutB4sNApq2HBdqcakg=
 github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
+github.com/tidwall/gjson v1.14.1 h1:iymTbGkQBhveq21bEvAQ81I0LEBork8BFe1CUZXdyuo=
+github.com/tidwall/gjson v1.14.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
+github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
+github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
+github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8=

diff --git a/examples/http-server/main.go b/examples/http-server/main.go
@@ -7,6 +7,7 @@ import (
 	"net/http"
 
 	"github.com/corazawaf/coraza/v3"
+	txhttp "github.com/corazawaf/coraza/v3/http"
 	"github.com/corazawaf/coraza/v3/seclang"
 	"github.com/corazawaf/coraza/v3/types"
 )
@@ -62,7 +63,7 @@ func corazaRequestHandler(h http.Handler) http.Handler {
 			ProcessRequestHeaders and ProcessRequestBody.
 			It fails if any of these functions returns an error and it stops on interruption.
 		*/
-		if it, err := tx.ProcessRequest(r); err != nil {
+		if it, err := txhttp.ProcessRequest(tx, r); err != nil {
 			showCorazaError(w, 500, err.Error())
 			return
 		} else if it != nil {

diff --git a/go.sum b/go.sum
@@ -3,16 +3,17 @@ github.com/corazawaf/libinjection-go v0.0.0-20220207031228-44e9c4250eb5/go.mod h
 github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI=
 github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4=
 github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
+github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
+github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA=
+github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
+github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9 h1:lL+y4Xv20pVlCGyLzNHRC0I0rIHhIL1lTvHizoS/dU8=
+github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9/go.mod h1:EHPiTAKtiFmrMldLUNswFwfZ2eJIYBHktdaUTZxYWRw=
 github.com/tidwall/gjson v1.14.2 h1:6BBkirS0rAHjumnjHF6qgy5d2YAJ1TLIaFE2lzfOLqo=
 github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
 github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
 github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
 github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
 github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
-github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA=
-github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
-github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9 h1:lL+y4Xv20pVlCGyLzNHRC0I0rIHhIL1lTvHizoS/dU8=
-github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9/go.mod h1:EHPiTAKtiFmrMldLUNswFwfZ2eJIYBHktdaUTZxYWRw=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=

diff --git a/http/doc.go b/http/doc.go
@@ -0,0 +1,16 @@
+// Copyright 2022 Juan Pablo Tosso
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package http allows populating a coraza transaction with information from an HTTP Request.
+package http
diff --git a/http/http.go b/http/http.go
@@ -1,3 +1,7 @@
+// tinygo does not support net.http so this package is not needed for it
+//go:build !tinygo
+// +build !tinygo
+
 // Copyright 2022 Juan Pablo Tosso
 //
 // Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/http/http_test.go b/http/http_test.go
@@ -1,3 +1,7 @@
+// tinygo does not support net.http so this package is not needed for it
+//go:build !tinygo
+// +build !tinygo
+
 // Copyright 2022 Juan Pablo Tosso
 //
 // Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/loggers/concurrent_writer.go b/loggers/concurrent_writer.go
@@ -1,3 +1,6 @@
+//go:build !tinygo
+// +build !tinygo
+
 // Copyright 2022 Juan Pablo Tosso
 //
 // Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/loggers/concurrent_writer_test.go b/loggers/concurrent_writer_test.go
@@ -1,3 +1,6 @@
+//go:build !tinygo
+// +build !tinygo
+
 // Copyright 2022 Juan Pablo Tosso
 //
 // Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/loggers/formats.go b/loggers/formats.go
@@ -1,3 +1,20 @@
+//go:build !tinygo
+// +build !tinygo
+
+// Copyright 2022 Juan Pablo Tosso
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 /*
 Package loggers implements a set of log formatters and writers
 for audit logging.
@@ -16,19 +33,7 @@ The following log writers are supported:
 More writers and formatters can be registered using the RegisterWriter and
 RegisterFormatter functions.
 */
-// Copyright 2022 Juan Pablo Tosso
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
+
 package loggers
 
 import (

diff --git a/loggers/formats_test.go b/loggers/formats_test.go
@@ -1,3 +1,6 @@
+//go:build !tinygo
+// +build !tinygo
+
 // Copyright 2022 Juan Pablo Tosso
 //
 // Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/loggers/init.go b/loggers/init.go
@@ -0,0 +1,31 @@
+//go:build !tinygo
+// +build !tinygo
+
+// Copyright 2022 Juan Pablo Tosso
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package loggers
+
+func init() {
+	RegisterLogWriter("concurrent", func() LogWriter {
+		return &concurrentWriter{}
+	})
+	RegisterLogWriter("serial", func() LogWriter {
+		return &serialWriter{}
+	})
+
+	RegisterLogFormatter("json", jsonFormatter)
+	RegisterLogFormatter("jsonlegacy", legacyJSONFormatter)
+	RegisterLogFormatter("native", nativeFormatter)
+}
diff --git a/loggers/init_tinygo.go b/loggers/init_tinygo.go
@@ -0,0 +1,31 @@
+//go:build tinygo
+// +build tinygo
+
+// Copyright 2022 Juan Pablo Tosso
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package loggers
+
+func init() {
+	RegisterLogWriter("concurrent", func() LogWriter {
+		return noopWriter{}
+	})
+	RegisterLogWriter("serial", func() LogWriter {
+		return noopWriter{}
+	})
+
+	RegisterLogFormatter("json", noopFormater)
+	RegisterLogFormatter("jsonlegacy", noopFormater)
+	RegisterLogFormatter("native", noopFormater)
+}
diff --git a/loggers/logger.go b/loggers/logger.go
@@ -76,16 +76,3 @@ func GetLogFormatter(name string) (LogFormatter, error) {
 	}
 	return formatter, nil
 }
-
-func init() {
-	RegisterLogWriter("concurrent", func() LogWriter {
-		return &concurrentWriter{}
-	})
-	RegisterLogWriter("serial", func() LogWriter {
-		return &serialWriter{}
-	})
-
-	RegisterLogFormatter("json", jsonFormatter)
-	RegisterLogFormatter("jsonlegacy", legacyJSONFormatter)
-	RegisterLogFormatter("native", nativeFormatter)
-}
diff --git a/loggers/logger_test.go b/loggers/logger_test.go
@@ -26,6 +26,3 @@ func TestDefaultWriters(t *testing.T) {
 		}
 	}
 }
-func TestWriterPlugins(t *testing.T) {
-
-}
diff --git a/loggers/noop_formater.go b/loggers/noop_formater.go
@@ -0,0 +1,23 @@
+// Currently only used with TinyGo
+//go:build tinygo
+// +build tinygo
+
+// Copyright 2022 Juan Pablo Tosso
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package loggers
+
+func noopFormater(al *AuditLog) ([]byte, error) {
+	return nil, nil
+}
diff --git a/loggers/noop_writer.go b/loggers/noop_writer.go
@@ -0,0 +1,32 @@
+// Currently only used with TinyGo
+//go:build tinygo
+// +build tinygo
+
+// Copyright 2022 Juan Pablo Tosso
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package loggers
+
+import (
+	"github.com/corazawaf/coraza/v3/types"
+)
+
+// noopWriter is used to store logs in a single file
+type noopWriter struct{}
+
+func (noopWriter) Init(types.Config) error { return nil }
+func (noopWriter) Write(*AuditLog) error   { return nil }
+func (noopWriter) Close() error            { return nil }
+
+var _ LogWriter = (*noopWriter)(nil)
diff --git a/loggers/serial_writer.go b/loggers/serial_writer.go
@@ -1,3 +1,6 @@
+//go:build !tinygo
+// +build !tinygo
+
 // Copyright 2022 Juan Pablo Tosso
 //
 // Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/loggers/serial_writer_test.go b/loggers/serial_writer_test.go
@@ -1,3 +1,6 @@
+//go:build !tinygo
+// +build !tinygo
+
 // Copyright 2022 Juan Pablo Tosso
 //
 // Licensed under the Apache License, Version 2.0 (the "License");

diff --git a/operators/detect_sqli.go b/operators/detect_sqli.go
@@ -19,8 +19,7 @@ import (
 	"github.com/corazawaf/libinjection-go"
 )
 
-type detectSQLi struct {
-}
+type detectSQLi struct{}
 
 func (o *detectSQLi) Init(options coraza.RuleOperatorOptions) error {
 	return nil

diff --git a/operators/inspect_file.go b/operators/inspect_file.go
@@ -1,3 +1,6 @@
+//go:build !tinygo
+// +build !tinygo
+
 // Copyright 2022 Juan Pablo Tosso
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,9 +30,7 @@ type inspectFile struct {
 }
 
 func (o *inspectFile) Init(options coraza.RuleOperatorOptions) error {
-	data := options.Arguments
-
-	o.path = data
+	o.path = options.Arguments
 	return nil
 }