go-agent: github.com/sqreen/go-agent/agent/internal Index | Files | Directories

package internal

import "github.com/sqreen/go-agent/agent/internal"


Package Files

agent.go batch.go client.go command.go metrics.go version.go

func Start Uses

func Start()

Start the agent when enabled and back-off restart it when unhandled errors or panics occur.

The algorithm is based on multiple levels of try/catch equivalents called here "safe calls": - Level 1: a safe goroutine loop retrying the agent in case of unhandled

error or panic.

- Level 2: a safe call to the agent initialization. - Level 3: a safe call to the agent main loop. - Level 4, implicit here: internal agent errors that can be directly

handled by the agent without having to stop it.

Each level catches unhandled errors or panics of lower levels: - When the agent's main loop fails, it is caught and returned to the upper

level to try to send it in a separate safe call, as the agent is no
longer considered reliable.

- If a panic occurs in this overall agent error handling, everything is

considered unreliable and therefore aborted.

- Otherwise, the overall agent initialization and main loop is re-executed

with a backoff sleep.

- If this backoff-retry loop fails, the outer-most safe goroutine captures

it an silently return.

func TrySendAppException Uses

func TrySendAppException(logger plog.DebugLogger, cfg *config.Config, exception error)

TrySendAppException is a special client function allowing to send app-level exceptions

func UserEventMetricsStoreKey Uses

func UserEventMetricsStoreKey(event *record.UserEvent) (json.Marshaler, error)

func ValidateCredentialsConfiguration Uses

func ValidateCredentialsConfiguration(token, appName string) (err error)

type Agent Uses

type Agent struct {
    // contains filtered or unexported fields

func New Uses

func New(cfg *config.Config) *Agent

func (*Agent) ActionsReload Uses

func (a *Agent) ActionsReload() error

func (*Agent) AddExceptionEvent Uses

func (a *Agent) AddExceptionEvent(e *ExceptionEvent)

func (*Agent) AddHTTPRequestRecord Uses

func (a *Agent) AddHTTPRequestRecord(rr *record.RequestRecord)

func (*Agent) AddUserEvent Uses

func (a *Agent) AddUserEvent(event record.UserEventFace)

func (*Agent) AddWhitelistEvent Uses

func (a *Agent) AddWhitelistEvent(matchedWhitelistEntry string)

func (*Agent) FindActionByIP Uses

func (a *Agent) FindActionByIP(ip net.IP) (action actor.Action, exists bool, err error)

func (*Agent) FindActionByUserID Uses

func (a *Agent) FindActionByUserID(userID map[string]string) (action actor.Action, exists bool)

func (*Agent) GracefulStop Uses

func (a *Agent) GracefulStop()

func (*Agent) InstrumentationDisable Uses

func (a *Agent) InstrumentationDisable() error

InstrumentationDisable disables the agent instrumentation, which includes for now the SDK.

func (*Agent) InstrumentationEnable Uses

func (a *Agent) InstrumentationEnable() (string, error)

func (*Agent) IsIPWhitelisted Uses

func (a *Agent) IsIPWhitelisted(ip net.IP) (whitelisted bool, matchedCIDR string, err error)

func (*Agent) NewRequestRecord Uses

func (a *Agent) NewRequestRecord(req *http.Request) (types.RequestRecord, *http.Request)

func (*Agent) RulesReload Uses

func (a *Agent) RulesReload() (string, error)

func (*Agent) RulespackID Uses

func (a *Agent) RulespackID() string

func (*Agent) SendAppBundle Uses

func (a *Agent) SendAppBundle() error

func (*Agent) Serve Uses

func (a *Agent) Serve() error

func (*Agent) SetCIDRWhitelist Uses

func (a *Agent) SetCIDRWhitelist(cidrs []string) error

type AttackEventAPIAdaptor Uses

type AttackEventAPIAdaptor record.AttackEvent

func (*AttackEventAPIAdaptor) GetBlock Uses

func (a *AttackEventAPIAdaptor) GetBlock() bool

func (*AttackEventAPIAdaptor) GetInfo Uses

func (a *AttackEventAPIAdaptor) GetInfo() interface{}

func (*AttackEventAPIAdaptor) GetRuleName Uses

func (a *AttackEventAPIAdaptor) GetRuleName() string

func (*AttackEventAPIAdaptor) GetTest Uses

func (a *AttackEventAPIAdaptor) GetTest() bool

func (*AttackEventAPIAdaptor) GetTime Uses

func (a *AttackEventAPIAdaptor) GetTime() time.Time

type CommandHandler Uses

type CommandHandler func(args []json.RawMessage) (output string, err error)

CommandHandler is a function pointer type to a command handler. Command arguments need to be validated by the handler itself.

type CommandManager Uses

type CommandManager struct {
    // contains filtered or unexported fields

func NewCommandManager Uses

func NewCommandManager(agent CommandManagerAgent, logger *plog.Logger) *CommandManager

func (*CommandManager) ActionsReload Uses

func (m *CommandManager) ActionsReload([]json.RawMessage) (string, error)

func (*CommandManager) Do Uses

func (m *CommandManager) Do(commands []api.CommandRequest) map[string]api.CommandResult

func (*CommandManager) GetBundle Uses

func (m *CommandManager) GetBundle([]json.RawMessage) (string, error)

func (*CommandManager) IPSWhitelist Uses

func (m *CommandManager) IPSWhitelist(args []json.RawMessage) (string, error)

func (*CommandManager) InstrumentationEnable Uses

func (m *CommandManager) InstrumentationEnable([]json.RawMessage) (string, error)

func (*CommandManager) InstrumentationRemove Uses

func (m *CommandManager) InstrumentationRemove([]json.RawMessage) (string, error)

func (*CommandManager) RulesReload Uses

func (m *CommandManager) RulesReload([]json.RawMessage) (string, error)

type CommandManagerAgent Uses

type CommandManagerAgent interface {
    InstrumentationEnable() (rulespackID string, err error)
    InstrumentationDisable() error
    ActionsReload() error
    SetCIDRWhitelist([]string) error
    RulesReload() (rulespackID string, err error)
    SendAppBundle() error

CommandManagerAgent defines the expected agent SDK and allows to easily implement functional tests by mocking it up.

type Event Uses

type Event interface{}

type ExceptionEvent Uses

type ExceptionEvent struct {
    // contains filtered or unexported fields

func NewExceptionEvent Uses

func NewExceptionEvent(err error, rulespackID string) *ExceptionEvent

func (*ExceptionEvent) GetBacktrace Uses

func (e *ExceptionEvent) GetBacktrace() []api.StackFrame

func (*ExceptionEvent) GetContext Uses

func (e *ExceptionEvent) GetContext() api.ExceptionContext

func (*ExceptionEvent) GetInfos Uses

func (e *ExceptionEvent) GetInfos() interface{}

func (*ExceptionEvent) GetKlass Uses

func (e *ExceptionEvent) GetKlass() string

func (*ExceptionEvent) GetMessage Uses

func (e *ExceptionEvent) GetMessage() string

func (*ExceptionEvent) GetRulespackID Uses

func (e *ExceptionEvent) GetRulespackID() string

func (*ExceptionEvent) GetTime Uses

func (e *ExceptionEvent) GetTime() time.Time

type HTTPRequestRecordEvent Uses

type HTTPRequestRecordEvent struct {
    // contains filtered or unexported fields

func NewHTTPRequestRecordEvent Uses

func NewHTTPRequestRecordEvent(rr record.RequestRecordForAgentFace, rulespackID string, cfg *config.Config, logger plog.ErrorLogger) *HTTPRequestRecordEvent

func (*HTTPRequestRecordEvent) GetClientIp Uses

func (r *HTTPRequestRecordEvent) GetClientIp() string

func (*HTTPRequestRecordEvent) GetObserved Uses

func (r *HTTPRequestRecordEvent) GetObserved() api.RequestRecord_Observed

func (*HTTPRequestRecordEvent) GetRequest Uses

func (e *HTTPRequestRecordEvent) GetRequest() api.RequestRecord_Request

func (*HTTPRequestRecordEvent) GetResponse Uses

func (r *HTTPRequestRecordEvent) GetResponse() api.RequestRecord_Response

func (*HTTPRequestRecordEvent) GetRulespackId Uses

func (r *HTTPRequestRecordEvent) GetRulespackId() string

func (*HTTPRequestRecordEvent) GetVersion Uses

func (r *HTTPRequestRecordEvent) GetVersion() string

type InvalidCredentialsConfiguration Uses

type InvalidCredentialsConfiguration struct {
    // contains filtered or unexported fields

func (InvalidCredentialsConfiguration) Cause Uses

func (e InvalidCredentialsConfiguration) Cause() error

func (InvalidCredentialsConfiguration) Unwrap Uses

func (e InvalidCredentialsConfiguration) Unwrap() error

type LoginError Uses

type LoginError struct {
    // contains filtered or unexported fields

func NewLoginError Uses

func NewLoginError(err error) LoginError

func (LoginError) Cause Uses

func (e LoginError) Cause() error

func (LoginError) Error Uses

func (e LoginError) Error() string

func (LoginError) Unwrap Uses

func (e LoginError) Unwrap() error

type RequestAPIAdaptor Uses

type RequestAPIAdaptor struct {
    // contains filtered or unexported fields

func (*RequestAPIAdaptor) GetHeaders Uses

func (a *RequestAPIAdaptor) GetHeaders() []api.RequestRecord_Request_Header

func (*RequestAPIAdaptor) GetHost Uses

func (a *RequestAPIAdaptor) GetHost() string

func (*RequestAPIAdaptor) GetParameters Uses

func (a *RequestAPIAdaptor) GetParameters() api.RequestRecord_Request_Parameters

func (*RequestAPIAdaptor) GetPath Uses

func (a *RequestAPIAdaptor) GetPath() string

func (*RequestAPIAdaptor) GetPort Uses

func (a *RequestAPIAdaptor) GetPort() string

func (*RequestAPIAdaptor) GetRawPath Uses

func (a *RequestAPIAdaptor) GetRawPath() string

func (*RequestAPIAdaptor) GetReferer Uses

func (a *RequestAPIAdaptor) GetReferer() string

func (*RequestAPIAdaptor) GetRemoteIp Uses

func (a *RequestAPIAdaptor) GetRemoteIp() string

func (*RequestAPIAdaptor) GetRemotePort Uses

func (a *RequestAPIAdaptor) GetRemotePort() string

func (*RequestAPIAdaptor) GetRid Uses

func (a *RequestAPIAdaptor) GetRid() string

func (*RequestAPIAdaptor) GetScheme Uses

func (a *RequestAPIAdaptor) GetScheme() string

func (*RequestAPIAdaptor) GetUserAgent Uses

func (a *RequestAPIAdaptor) GetUserAgent() string

func (*RequestAPIAdaptor) GetVerb Uses

func (a *RequestAPIAdaptor) GetVerb() string


actorPackage actor manages and associates IP addresses or user IDs to security actions such as redirecting, blacklisting or whitelisting.
binding-accessorA binding accessor is an expression allowing to get data from a given context.
metricsPackage metrics provides shared metrics stores.
ruleThis package manages the rules by instantiating the callbacks and attaching them to their corresponding hooks.
sqlib/sqhookPackage sqhook allows to attach at run time (ie.
sqlib/sqsafeThis package provides functions making sure panics are safely caught and do not break the running program.

Package internal imports 28 packages (graph) and is imported by 1 packages. Updated 2020-01-27. Refresh now. Tools for package owners.