Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(experimental): adds seclang parser. #1101

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

feat(experimental): adds seclang parser. #1101

wants to merge 7 commits into from

Conversation

jcchavezs
Copy link
Member

@jcchavezs jcchavezs commented Jul 18, 2024
edited by fzipi
Loading

what

  • expose the seclang parser

why

  • allow testing external parsers

@jcchavezs jcchavezs requested a review from a team as a code owner July 18, 2024 20:46
@fzipi
Copy link
Member

fzipi commented Jul 28, 2024

@jcchavezs Ready to merge?

@jcchavezs
Copy link
Member Author

jcchavezs commented Jul 29, 2024 via email

@s3rj1k
Copy link

s3rj1k commented Sep 18, 2024

@jcchavezs Sorry I've been derailed a bit with other tasks, but this one is on my list, thanks

@s3rj1k
Copy link

s3rj1k commented Oct 6, 2024

Some really simple code to test:

package main

import (
	seclang "github.com/corazawaf/coraza/v3/experimental/seclang"
	"github.com/davecgh/go-spew/spew"
)

func main() {
	p := seclang.NewParser(seclang.NewParserConfig())
	err := p.FromFile("main.conf")
	spew.Dump(err)
}

go.mod:

module demo

go 1.22

require (
        github.com/corazawaf/coraza/v3 v3.2.2-0.20240728144702-a7a4be272baf
        github.com/davecgh/go-spew v1.1.1
)

Truncated output:

failed to parse string: failed to parse string: failed to compile the directive "secaction": ___Actual_Error_Message___

I can import parser from experimental packages, problem here is that it does not give any additional information like line number inside rule file or rule ID at least and error message is wrapped.

The original request idea was to allow external code interface directly with parser and get a bit more information in case of invalid rules, to help actually find invalid rules (line number, id, ...), in current state it does not help much.

@jcchavezs
Copy link
Member Author

Valid point @s3rj1k. Try it now

$ go run examples/parser/main.go 
2024/10/07 10:42:42 [DEBUG] Parsing directive line="SecUnknown LoL"
2024/10/07 10:42:42 [ERROR] unknown directive "secunknown" line=4
(seclang.ParsingError) syntax error, unknown directive "secunknown" on rules/incorrect.conf:4

@s3rj1k
Copy link

s3rj1k commented Oct 7, 2024

@jcchavezs Yep, now it looks great and on-par with libmodsecurity, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fzipi fzipi fzipi approved these changes

Assignees
No one assigned
Labels
awaiting feedback
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jcchavezs @fzipi @s3rj1k