go-agent: github.com/sqreen/go-agent/agent/internal/rule Index | Files | Directories

package rule

import "github.com/sqreen/go-agent/agent/internal/rule"

This package manages the rules by instantiating the callbacks and attaching them to their corresponding hooks.

Package rule implements the engine to manage rules.

Main requirements: - Rules can be globally enabled or disabled, independently from setting

the list of rules.

- Rule hookpoints can be undefined, ie. the backend sent more rules than

actually required.

- Errors regarding hookpoint or callbacks should be handled. - Setting new rules when already enabled and having active rules should be

atomic at the hook level. For example, having a new SQLi rule should not
introduce a time when it is disabled, but should instead be replaced with
the new one atomically.


Package Files

callback.go doc.go rule.go signature.go

func NewCallbacks Uses

func NewCallbacks(name string, rule *CallbackContext, nextProlog sqhook.PrologCallback) (prolog sqhook.PrologCallback, err error)

NewCallbacks returns the prolog and epilog callbacks of the given callback name. And error is returned if the callback name is unknown.

func NewECDSAPublicKey Uses

func NewECDSAPublicKey(PEMPublicKey string) (*ecdsa.PublicKey, error)

NewECDSAPublicKey creates a ECDSA public key from a PEM public key.

func Verify Uses

func Verify(publicKey *ecdsa.PublicKey, hash []byte, signature []byte) error

Verify returns a non-nil error when message verification against the public key failed, nil otherwise.

func VerifyRuleSignature Uses

func VerifyRuleSignature(r *api.Rule, publicKey *ecdsa.PublicKey) error

VerifyRuleSignature returns a non-nil error when the rule signature is invalid, nil otherwise.

type CallbackContext Uses

type CallbackContext struct {
    // contains filtered or unexported fields

func NewCallbackContext Uses

func NewCallbackContext(r *api.Rule, logger Logger, metricsEngine *metrics.Engine, errorMetricsStore *metrics.Store) *CallbackContext

func (*CallbackContext) Config Uses

func (d *CallbackContext) Config() interface{}

func (*CallbackContext) PushMetricsValue Uses

func (d *CallbackContext) PushMetricsValue(key interface{}, value uint64)

type CallbacksConstructorFunc Uses

type CallbacksConstructorFunc func(rule callback.Context, nextProlog sqhook.PrologCallback) (prolog sqhook.PrologCallback, err error)

CallbackConstructorFunc is a function returning a callback function configured with the given data. The data types are known by the constructor that can type-assert them.

type Engine Uses

type Engine struct {
    // contains filtered or unexported fields

func NewEngine Uses

func NewEngine(logger Logger, metricsEngine *metrics.Engine, publicKey *ecdsa.PublicKey) *Engine

NewEngine returns a new rule engine.

func (*Engine) Disable Uses

func (e *Engine) Disable()

Disable the hooks currently attached to callbacks.

func (*Engine) Enable Uses

func (e *Engine) Enable()

Enable the hooks of the ongoing configured rules.

func (*Engine) PackID Uses

func (e *Engine) PackID() string

PackID returns the ID of the current pack of rules.

func (*Engine) SetRules Uses

func (e *Engine) SetRules(packID string, rules []api.Rule, errorMetricsStore *metrics.Store)

SetRules set the currents rules. If rules were already set, it will replace them by atomically modifying the hooks, and removing what is left.

type Logger Uses

type Logger interface {

Logger interface required by this package.



Package rule imports 18 packages (graph) and is imported by 1 packages. Updated 2019-08-13. Refresh now. Tools for package owners.