Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: upgrades go and coraza. #9

Merged
merged 4 commits into from
Feb 22, 2024
Merged
Show file tree
Hide file tree
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 8 additions & 4 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,21 +12,25 @@ on:
- "**/*.md"
- "LICENSE"

env:
GO_VERSION: "1.21.x"
TINYGO_VERSION: "0.30.0"

jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v3
with:
go-version: v1.20.x
go-version: ${{ env.GO_VERSION }}
cache: true
- name: Install tinygo
uses: acifani/setup-tinygo@v1
with:
tinygo-version: '0.30.0'
- name: Build binary
tinygo-version: ${{ env.TINYGO_VERSION }}
- name: Build wasm binary
run: go run mage.go build
- name: Run tests
run: go run mage.go test
Expand Down
25 changes: 25 additions & 0 deletions .golangci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
run:
deadline: 5m

linters:
disable-all: true
enable:
# Enabled by default, see https://golangci-lint.run/usage/linters#enabled-by-default
- deadcode
- errcheck
- gosimple
- govet
- ineffassign
- staticcheck
- structcheck
- typecheck
- unused
- varcheck
- goimports
- gofmt
- gocritic
issues:
exclude-rules:
- path: magefile\.go
linters:
- deadcode
8 changes: 5 additions & 3 deletions example_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ var guest string

func exampleHandler(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Content-Type", "text/plain")
w.Write([]byte("Hello world, transaction not disrupted."))
_, _ = w.Write([]byte("Hello world, transaction not disrupted."))
}

func ExampleMain() {
Expand Down Expand Up @@ -46,15 +46,17 @@ func ExampleMain() {
srvAddress := ":8080"
srv := &http.Server{Addr: srvAddress, Handler: w}

go srv.ListenAndServe()
go func() {
_ = srv.ListenAndServe()
}()

defer srv.Close()

req, _ := http.NewRequest("GET", fmt.Sprintf("http://localhost%s?key=<alert>", srvAddress), nil)

res, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatalf("Failed to call the server: %s", err.Error())
log.Fatalf("Failed to call the server: %s", err.Error()) // nolint: gocritic
}

fmt.Println(res.StatusCode)
Expand Down
18 changes: 9 additions & 9 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,33 +4,33 @@ go 1.20

require (
github.com/corazawaf/coraza-wasilibs v0.0.0-20231002095218-9dd6e48f7443
github.com/corazawaf/coraza/v3 v3.0.4
github.com/http-wasm/http-wasm-guest-tinygo v0.3.0
github.com/http-wasm/http-wasm-host-go v0.5.1
github.com/mccutchen/go-httpbin/v2 v2.9.0
github.com/corazawaf/coraza/v3 v3.1.0
github.com/http-wasm/http-wasm-guest-tinygo v0.3.1
github.com/http-wasm/http-wasm-host-go v0.5.2
github.com/mccutchen/go-httpbin/v2 v2.13.4
github.com/stretchr/testify v1.8.4
github.com/tetratelabs/wazero v1.5.0
github.com/tetratelabs/wazero v1.6.0
)

require (
github.com/kr/pretty v0.2.0 // indirect
github.com/wasilibs/go-aho-corasick v0.5.0 // indirect
github.com/wasilibs/go-libinjection v0.4.0 // indirect
github.com/wasilibs/go-re2 v1.4.0 // indirect
golang.org/x/sync v0.3.0 // indirect
golang.org/x/sync v0.6.0 // indirect
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
)

require (
github.com/corazawaf/libinjection-go v0.1.2 // indirect
github.com/corazawaf/libinjection-go v0.1.3 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/magefile/mage v1.15.0
github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/tidwall/gjson v1.17.0
github.com/tidwall/gjson v1.17.1
github.com/tidwall/match v1.1.1 // indirect
github.com/tidwall/pretty v1.2.1 // indirect
golang.org/x/net v0.14.0 // indirect
golang.org/x/net v0.21.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
rsc.io/binaryregexp v0.2.0 // indirect
)
48 changes: 23 additions & 25 deletions go.sum
Original file line number Diff line number Diff line change
@@ -1,38 +1,36 @@
github.com/corazawaf/coraza-wasilibs v0.0.0-20230620081031-05a5097dbea3 h1:c6INlbuM6RdeUU0ySzQsk6lzlqdGdm4GSQhN3qpcvkg=
github.com/corazawaf/coraza-wasilibs v0.0.0-20230620081031-05a5097dbea3/go.mod h1:Ks3GxgMzwgVeo2nbVEPvmw94sOvJ+VjikPGLD5sNXUU=
github.com/corazawaf/coraza-wasilibs v0.0.0-20231002095218-9dd6e48f7443 h1:36dTwNjieaDJB/AxPRUHGKCiCn8Bqpu25fb8OdrPemQ=
github.com/corazawaf/coraza-wasilibs v0.0.0-20231002095218-9dd6e48f7443/go.mod h1:aMVO6E4TFAxXnPmyrrEoXVYeMDovq3IsKwuetAR38JE=
github.com/corazawaf/coraza/v3 v3.0.4 h1:Llemgoh0hp2NggCwcWN8lNiV4Pfe+AWzf1oEcasT234=
github.com/corazawaf/coraza/v3 v3.0.4/go.mod h1:3fTYjY5BZv3nezLpH6NAap0gr3jZfbQWUAu2GF17ET4=
github.com/corazawaf/libinjection-go v0.1.2 h1:oeiV9pc5rvJ+2oqOqXEAMJousPpGiup6f7Y3nZj5GoM=
github.com/corazawaf/libinjection-go v0.1.2/go.mod h1:OP4TM7xdJ2skyXqNX1AN1wN5nNZEmJNuWbNPOItn7aw=
github.com/corazawaf/coraza/v3 v3.1.0 h1:CB6YxNXdbZjUJS/0FVFoFvS8eOVFbIvlNuHNC5dh88c=
github.com/corazawaf/coraza/v3 v3.1.0/go.mod h1:S0bhYQfTu1Ew3YKdI37X1WWu6t4En4Tvw28aKyQFJaU=
github.com/corazawaf/libinjection-go v0.1.3 h1:PUplAYho1BBl0tIVbhDsNRuVGIeUYSiCEc9oQpb2rJU=
github.com/corazawaf/libinjection-go v0.1.3/go.mod h1:OP4TM7xdJ2skyXqNX1AN1wN5nNZEmJNuWbNPOItn7aw=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI=
github.com/http-wasm/http-wasm-guest-tinygo v0.3.0 h1:J11RX1ajUC6fhVtv3ZU5k66SL4EB4DhThHmz4Ilwevw=
github.com/http-wasm/http-wasm-guest-tinygo v0.3.0/go.mod h1:zcKr7h/t5ha2ZWIMwV4iOqhfC/qno/tNPYgybVkn/MQ=
github.com/http-wasm/http-wasm-host-go v0.5.1 h1:pdr46nnh/ya5Nj0rmPKrxI/zx5781yG/tix8P17tcFI=
github.com/http-wasm/http-wasm-host-go v0.5.1/go.mod h1:GslHNHfjfM15UDrxEh/jp9JTreW6xt/zbxQzLkk9YMM=
github.com/foxcpp/go-mockdns v1.1.0 h1:jI0rD8M0wuYAxL7r/ynTrCQQq0BVqfB99Vgk7DlmewI=
github.com/http-wasm/http-wasm-guest-tinygo v0.3.1 h1:OUiRp8tcNjoYANj9yVzS6tH7m9aG2rH5fc8x5U4cP6M=
github.com/http-wasm/http-wasm-guest-tinygo v0.3.1/go.mod h1:zcKr7h/t5ha2ZWIMwV4iOqhfC/qno/tNPYgybVkn/MQ=
github.com/http-wasm/http-wasm-host-go v0.5.2 h1:5d/QgaaJtTF+qd0goBaxJJ7tcHP9n+gQUldJ7TsTexA=
github.com/http-wasm/http-wasm-host-go v0.5.2/go.mod h1:zQB3w+df4hryDEqBorGyA1DwPJ86LfKIASNLFuj6CuI=
github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs=
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/magefile/mage v1.15.0 h1:BvGheCMAsG3bWUDbZ8AyXXpCNwU9u5CB6sM+HNb9HYg=
github.com/magefile/mage v1.15.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A=
github.com/mccutchen/go-httpbin/v2 v2.9.0 h1:0c8loz/kMEdBmcHJZh0MUgKX84U19AlLk7h6nf2Wkx4=
github.com/mccutchen/go-httpbin/v2 v2.9.0/go.mod h1:+DBHcmg6EOeoizuiOI8iL12VIHXx+9YQNlz+gjB9uxk=
github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA=
github.com/mccutchen/go-httpbin/v2 v2.13.4 h1:KjUeehEAcWG+ce5WJVtP3cyquL0Qe/jQ4UWe/N1BVDw=
github.com/mccutchen/go-httpbin/v2 v2.13.4/go.mod h1:f4DUXYlU6yH0V81O4lJIwqpmYdTXXmYwzxMnYEimFPk=
github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM=
github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e h1:POJco99aNgosh92lGqmx7L1ei+kCymivB/419SD15PQ=
github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e/go.mod h1:EHPiTAKtiFmrMldLUNswFwfZ2eJIYBHktdaUTZxYWRw=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/tetratelabs/wazero v1.5.0 h1:Yz3fZHivfDiZFUXnWMPUoiW7s8tC1sjdBtlJn08qYa0=
github.com/tetratelabs/wazero v1.5.0/go.mod h1:0U0G41+ochRKoPKCJlh0jMg1CHkyfK8kDqiirMmKY8A=
github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM=
github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
github.com/tetratelabs/wazero v1.6.0 h1:z0H1iikCdP8t+q341xqepY4EWvHEw8Es7tlqiVzlP3g=
github.com/tetratelabs/wazero v1.6.0/go.mod h1:0U0G41+ochRKoPKCJlh0jMg1CHkyfK8kDqiirMmKY8A=
github.com/tidwall/gjson v1.17.1 h1:wlYEnwqAHgzmhNUFfw7Xalt2JzQvsMx2Se4PcoFCT/U=
github.com/tidwall/gjson v1.17.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
Expand All @@ -45,13 +43,13 @@ github.com/wasilibs/go-libinjection v0.4.0/go.mod h1:zD7fNXKSaTKoSTmrfuP9Gc16alN
github.com/wasilibs/go-re2 v1.4.0 h1:Jp6BM8G/zajgY1BCQUm3i7oGMdR1gA5EBv87wGd2ysc=
github.com/wasilibs/go-re2 v1.4.0/go.mod h1:hLzlKjEgON+17hWjikLx8hJBkikyjQH/lsqCy9t6tIY=
github.com/wasilibs/nottinygc v0.4.0 h1:h1TJMihMC4neN6Zq+WKpLxgd9xCFMw7O9ETLwY2exJQ=
golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8=
golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM=
golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
Expand Down
39 changes: 38 additions & 1 deletion magefile.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,54 @@
package main

import (
"errors"
"fmt"
"os"
"path/filepath"

"github.com/magefile/mage/mg"
"github.com/magefile/mage/sh"
)

var Default = Build

var envoyBinaryPath = "./envoy/envoybin/envoy"

var (
golangCILintVer = "v1.56.2" // https://github.com/golangci/golangci-lint/releases
gosImportsVer = "v0.3.8" // https://github.com/rinchsan/gosimports/releases/tag/v0.3.1
jcchavezs marked this conversation as resolved.
Show resolved Hide resolved
)

var errCommitFormatting = errors.New("files not formatted, please commit formatting changes")

// Format formats code in this repository.
func Format() error {
if err := sh.RunV("go", "mod", "tidy"); err != nil {
return err
}

return sh.RunV("go", "run", fmt.Sprintf("github.com/rinchsan/gosimports/cmd/gosimports@%s", gosImportsVer),
"-w",
"-local",
"github.com/jcchavezs/coraza-http-wasm",
".")
}

// Lint verifies code quality.
func Lint() error {
if err := sh.RunV("go", "run", fmt.Sprintf("github.com/golangci/golangci-lint/cmd/golangci-lint@%s", golangCILintVer), "run"); err != nil {
return err
}

mg.SerialDeps(Format)

if sh.Run("git", "diff", "--exit-code") != nil {
return errCommitFormatting
}

return nil
}

// Build builds the Coraza wasm plugin.
func Build() error {
if err := os.MkdirAll("build", 0755); err != nil {
Expand All @@ -29,7 +66,7 @@ func Test() error {

// E2e runs e2e tests with wazero
func E2e() error {
return sh.RunV("go", "test", "-tags=e2e", "-v", "./...")
return sh.RunV("go", "test", "-run=^TestE2E", "-tags=e2e", "-v", ".")
}

func checkEnvoyBinary() error {
Expand Down
23 changes: 12 additions & 11 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,18 @@ import (
"errors"
"fmt"
"io"
"math/rand"
"net/http"
"strconv"
"strings"

httpwasm "github.com/http-wasm/http-wasm-guest-tinygo/handler"
"github.com/http-wasm/http-wasm-guest-tinygo/handler/api"
"github.com/tidwall/gjson"

"math/rand"

"github.com/corazawaf/coraza-http-wasm/operators"
"github.com/corazawaf/coraza/v3"
"github.com/corazawaf/coraza/v3/debuglog"
"github.com/corazawaf/coraza/v3/types"
httpwasm "github.com/http-wasm/http-wasm-guest-tinygo/handler"
"github.com/http-wasm/http-wasm-guest-tinygo/handler/api"
"github.com/tidwall/gjson"
)

func init() {
Expand Down Expand Up @@ -169,12 +168,14 @@ func handleRequest(req api.Request, res api.Response) (next bool, reqCtx uint32)
client string
cport int
)

// IMPORTANT: Some http.Request.RemoteAddr implementations will not contain port or contain IPV6: [2001:db8::1]:8080
//idx := strings.LastIndexByte(req.RemoteAddr, ':')
//if idx != -1 {
// client = req.RemoteAddr[:idx]
// cport, _ = strconv.Atoi(req.RemoteAddr[idx+1:])
//}
srcAddress := req.GetSourceAddr()
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:) thanks @zetaab

idx := strings.LastIndexByte(srcAddress, ':')
if idx != -1 {
client = srcAddress[:idx]
cport, _ = strconv.Atoi(srcAddress[idx+1:])
}

var it *types.Interruption
// There is no socket access in the request object, so we neither know the server client nor port.
Expand Down
3 changes: 1 addition & 2 deletions operators/operators_go.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,4 @@

package operators

func Register() {
}
func Register() {}
Loading