Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(experimental): adds seclang parser. #1101

Draft
wants to merge 8 commits into
base: main
Choose a base branch
from

Conversation

jcchavezs
Copy link
Member

@jcchavezs jcchavezs commented Jul 18, 2024

what

  • expose the seclang parser

why

  • allow testing external parsers

@jcchavezs jcchavezs requested a review from a team as a code owner July 18, 2024 20:46
fzipi
fzipi previously approved these changes Jul 18, 2024
@fzipi
Copy link
Member

fzipi commented Jul 28, 2024

@jcchavezs Ready to merge?

@jcchavezs
Copy link
Member Author

jcchavezs commented Jul 29, 2024 via email

@s3rj1k
Copy link

s3rj1k commented Sep 18, 2024

@jcchavezs Sorry I've been derailed a bit with other tasks, but this one is on my list, thanks

@s3rj1k
Copy link

s3rj1k commented Oct 6, 2024

Some really simple code to test:

package main

import (
	seclang "github.com/corazawaf/coraza/v3/experimental/seclang"
	"github.com/davecgh/go-spew/spew"
)

func main() {
	p := seclang.NewParser(seclang.NewParserConfig())
	err := p.FromFile("main.conf")
	spew.Dump(err)
}

go.mod:

module demo

go 1.22

require (
        github.com/corazawaf/coraza/v3 v3.2.2-0.20240728144702-a7a4be272baf
        github.com/davecgh/go-spew v1.1.1
)

Truncated output:

failed to parse string: failed to parse string: failed to compile the directive "secaction": ___Actual_Error_Message___

I can import parser from experimental packages, problem here is that it does not give any additional information like line number inside rule file or rule ID at least and error message is wrapped.

The original request idea was to allow external code interface directly with parser and get a bit more information in case of invalid rules, to help actually find invalid rules (line number, id, ...), in current state it does not help much.

@jcchavezs
Copy link
Member Author

Valid point @s3rj1k. Try it now

$ go run examples/parser/main.go 
2024/10/07 10:42:42 [DEBUG] Parsing directive line="SecUnknown LoL"
2024/10/07 10:42:42 [ERROR] unknown directive "secunknown" line=4
(seclang.ParsingError) syntax error, unknown directive "secunknown" on rules/incorrect.conf:4

@s3rj1k
Copy link

s3rj1k commented Oct 7, 2024

@jcchavezs Yep, now it looks great and on-par with libmodsecurity, thanks!

@fzipi
Copy link
Member

fzipi commented Oct 27, 2024

@jcchavezs Do we merge this one?

@jcchavezs
Copy link
Member Author

@s3rj1k any chance you have public the code where you consume this parser? I am inclined to merge this but I would expect to have implementation code using this.

@s3rj1k
Copy link

s3rj1k commented Nov 5, 2024

any chance you have public the code where you consume this parser

sadly zero-chance

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants