Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(experimental): adds seclang parser. #1101

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

feat(experimental): adds seclang parser. #1101

wants to merge 8 commits into from

Conversation

jcchavezs
Copy link
Member

@jcchavezs jcchavezs commented Jul 18, 2024
edited by fzipi
Loading

what

  • expose the seclang parser

why

  • allow testing external parsers

@jcchavezs jcchavezs requested a review from a team as a code owner July 18, 2024 20:46
fzipi
fzipi previously approved these changes Jul 18, 2024
View reviewed changes
@fzipi
Copy link
Member

fzipi commented Jul 28, 2024

@jcchavezs Ready to merge?

@jcchavezs
Copy link
Member Author

jcchavezs commented Jul 29, 2024 via email

@s3rj1k
Copy link

s3rj1k commented Sep 18, 2024

@jcchavezs Sorry I've been derailed a bit with other tasks, but this one is on my list, thanks

@s3rj1k
Copy link

s3rj1k commented Oct 6, 2024

Some really simple code to test:

package main

import (
	seclang "github.com/corazawaf/coraza/v3/experimental/seclang"
	"github.com/davecgh/go-spew/spew"
)

func main() {
	p := seclang.NewParser(seclang.NewParserConfig())
	err := p.FromFile("main.conf")
	spew.Dump(err)
}

go.mod:

module demo

go 1.22

require (
        github.com/corazawaf/coraza/v3 v3.2.2-0.20240728144702-a7a4be272baf
        github.com/davecgh/go-spew v1.1.1
)

Truncated output:

failed to parse string: failed to parse string: failed to compile the directive "secaction": ___Actual_Error_Message___

I can import parser from experimental packages, problem here is that it does not give any additional information like line number inside rule file or rule ID at least and error message is wrapped.

The original request idea was to allow external code interface directly with parser and get a bit more information in case of invalid rules, to help actually find invalid rules (line number, id, ...), in current state it does not help much.

@jcchavezs
Copy link
Member Author

Valid point @s3rj1k. Try it now

$ go run examples/parser/main.go 
2024/10/07 10:42:42 [DEBUG] Parsing directive line="SecUnknown LoL"
2024/10/07 10:42:42 [ERROR] unknown directive "secunknown" line=4
(seclang.ParsingError) syntax error, unknown directive "secunknown" on rules/incorrect.conf:4

@s3rj1k
Copy link

s3rj1k commented Oct 7, 2024

@jcchavezs Yep, now it looks great and on-par with libmodsecurity, thanks!

@fzipi
Copy link
Member

fzipi commented Oct 27, 2024

@jcchavezs Do we merge this one?

@jcchavezs
Copy link
Member Author

@s3rj1k any chance you have public the code where you consume this parser? I am inclined to merge this but I would expect to have implementation code using this.

@s3rj1k
Copy link

s3rj1k commented Nov 5, 2024

any chance you have public the code where you consume this parser

sadly zero-chance

@jptosso jptosso added the v4 Work for v4 label Nov 6, 2024
@jcchavezs jcchavezs mentioned this pull request Nov 20, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fzipi fzipi fzipi left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
awaiting feedback v4 Work for v4
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jcchavezs @fzipi @s3rj1k @jptosso