Skip to content

Commit d47c723

Browse files
LeiyksAnilm3cataphract
authored
feat(libddwaf): bump to 1.20.1 (#2913)
--------- Signed-off-by: Alexandre Rulleau <alexandre.rulleau@datadoghq.com> Co-authored-by: Anil Mahtani <929854+Anilm3@users.noreply.github.com> Co-authored-by: Gustavo Lopes <mail@geleia.net>
1 parent 84f7fa8 commit d47c723

File tree

24 files changed

+59
-480
lines changed

24 files changed

+59
-480
lines changed

appsec/tests/helper/client_test.cpp

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -155,7 +155,7 @@ TEST(ClientTest, ClientInit)
155155
EXPECT_STREQ(msg_res->status.c_str(), "ok");
156156
EXPECT_EQ(msg_res->meta.size(), 2);
157157
EXPECT_STREQ(
158-
msg_res->meta[std::string(tag::waf_version)].c_str(), "1.18.0");
158+
msg_res->meta[std::string(tag::waf_version)].c_str(), "1.20.1");
159159
EXPECT_STREQ(
160160
msg_res->meta[std::string(tag::event_rules_errors)].c_str(), "{}");
161161

@@ -264,7 +264,7 @@ TEST(ClientTest, ClientInitInvalidRules)
264264
EXPECT_STREQ(msg_res->status.c_str(), "ok");
265265
EXPECT_EQ(msg_res->meta.size(), 2);
266266
EXPECT_STREQ(
267-
msg_res->meta[std::string(tag::waf_version)].c_str(), "1.18.0");
267+
msg_res->meta[std::string(tag::waf_version)].c_str(), "1.20.1");
268268

269269
rapidjson::Document doc;
270270
doc.Parse(msg_res->meta[std::string(tag::event_rules_errors)]);
@@ -637,8 +637,8 @@ TEST(ClientTest, EventWithMultipleActions)
637637
EXPECT_EQ(msg_res->actions.size(),
638638
3); // Block is not generated since there is a redirect
639639
EXPECT_STREQ(msg_res->actions[0].verdict.c_str(), "redirect");
640-
EXPECT_STREQ(
641-
msg_res->actions[0].parameters["location"].c_str(), "localhost");
640+
EXPECT_STREQ(msg_res->actions[0].parameters["location"].c_str(),
641+
"https://localhost");
642642
EXPECT_STREQ(
643643
msg_res->actions[0].parameters["status_code"].c_str(), "303");
644644
EXPECT_STREQ(msg_res->actions[1].verdict.c_str(),

appsec/tests/helper/engine_test.cpp

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,13 @@
44
// This product includes software developed at Datadog
55
// (https://www.datadoghq.com/). Copyright 2021 Datadog, Inc.
66
#include "common.hpp"
7-
#include "json_helper.hpp"
87
#include <engine.hpp>
98
#include <memory>
109
#include <rapidjson/document.h>
1110
#include <subscriber/waf.hpp>
1211

1312
const std::string waf_rule =
14-
R"({"version":"2.1","rules":[{"id":"1","name":"rule1","tags":{"type":"flow1","category":"category1"},"conditions":[{"operator":"match_regex","parameters":{"inputs":[{"address":"arg1","key_path":[]}],"regex":"^string.*"}},{"operator":"match_regex","parameters":{"inputs":[{"address":"arg2","key_path":[]}],"regex":".*"}}]}]})";
13+
R"({"version":"2.1","rules":[{"id":"1","name":"rule1","tags":{"type":"flow1","category":"category1"},"conditions":[{"operator":"match_regex","parameters":{"inputs":[{"address":"arg1","key_path":[]}],"regex":"^string.*"}},{"operator":"match_regex","parameters":{"inputs":[{"address":"arg2","key_path":[]}],"regex":".*"}}]},{"id":"2","name":"rule2","tags":{"type":"flow2","category":"category2"},"conditions":[{"operator":"match_regex","parameters":{"inputs":[{"address":"arg3","key_path":[]}],"regex":"^string.*"}}]}]})";
1514
const std::string waf_rule_with_data =
1615
R"({"version":"2.1","rules":[{"id":"blk-001-001","name":"Block IP Addresses","tags":{"type":"block_ip","category":"security_response"},"conditions":[{"parameters":{"inputs":[{"address":"http.client_ip"}],"data":"blocked_ips"},"operator":"ip_match"}],"transformers":[],"on_match":["block"]}]})";
1716

@@ -704,7 +703,7 @@ TEST(EngineTest, WafSubscriptorUpdateRuleOverrideAndActions)
704703
R"({"rules_override": [{"rules_target":[{"rule_id":"1"}],
705704
"on_match": ["redirect"]}], "actions": [{"id": "redirect",
706705
"type": "redirect_request", "parameters": {"status_code": "303",
707-
"location": "localhost"}}]})");
706+
"location": "https://localhost"}}]})");
708707
e->update(update, meta, metrics);
709708
}
710709

appsec/tests/helper/main.cpp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -190,7 +190,7 @@ std::string create_sample_rules_ok()
190190
"id": "redirect",
191191
"type": "redirect_request",
192192
"parameters": {
193-
"location": "localhost"
193+
"location": "https://localhost"
194194
}
195195
}
196196
]

appsec/tests/helper/remote_config/listeners/engine_listener_test.cpp

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,18 +6,16 @@
66

77
#include "../../common.hpp"
88
#include "../mocks.hpp"
9-
#include "base64.h"
109
#include "engine.hpp"
1110
#include "json_helper.hpp"
1211
#include "remote_config/exception.hpp"
1312
#include "remote_config/listeners/engine_listener.hpp"
14-
#include "remote_config/product.hpp"
1513
#include "subscriber/waf.hpp"
1614
#include <memory>
1715
#include <rapidjson/writer.h>
1816

1917
const std::string waf_rule =
20-
R"({"version":"2.1","rules":[{"id":"1","name":"rule1","tags":{"type":"flow1","category":"category1"},"conditions":[{"operator":"match_regex","parameters":{"inputs":[{"address":"arg1","key_path":[]}],"regex":".*"}}]}]})";
18+
R"({"version":"2.1","rules":[{"id":"1","name":"rule1","tags":{"type":"flow1","category":"category1"},"conditions":[{"operator":"match_regex","parameters":{"inputs":[{"address":"arg1","key_path":[]}],"regex":".*"}}]},{"id":"2","name":"rule2","tags":{"type":"flow2","category":"category2"},"conditions":[{"operator":"match_regex","parameters":{"inputs":[{"address":"dummy","key_path":[]}],"regex":".*"}}]}]})";
2119

2220
namespace dds::remote_config {
2321

@@ -978,7 +976,7 @@ TEST(RemoteConfigEngineListener, EngineRuleOverrideAndActionsUpdate)
978976
}
979977
const std::string update =
980978
R"({"actions": [{"id": "redirect", "type": "redirect_request", "parameters":
981-
{"status_code": "303", "location": "localhost"}}],"rules_override":
979+
{"status_code": "303", "location": "https://localhost"}}],"rules_override":
982980
[{"rules_target": [{"rule_id": "1"}], "on_match": ["redirect"]}]})";
983981

984982
listener.on_update(get_config("ASM", update));

appsec/tests/helper/waf_test.cpp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ TEST(WafTest, InitWithInvalidRules)
4848
waf::instance::from_settings(cs, ruleset, meta, metrics)};
4949

5050
EXPECT_EQ(meta.size(), 2);
51-
EXPECT_STREQ(meta[std::string(tag::waf_version)].c_str(), "1.18.0");
51+
EXPECT_STREQ(meta[std::string(tag::waf_version)].c_str(), "1.20.1");
5252

5353
rapidjson::Document doc;
5454
doc.Parse(meta[std::string(tag::event_rules_errors)]);

appsec/tests/integration/build.gradle

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -333,7 +333,6 @@ def buildAppSecTask = { String version, String variant ->
333333
cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo \\
334334
-DCMAKE_INSTALL_PREFIX=/appsec \\
335335
-DDD_APPSEC_ENABLE_PATCHELF_LIBC=ON \\
336-
-DCMAKE_TOOLCHAIN_FILE=/build/Toolchain.cmake \\
337336
-DDD_APPSEC_TESTING=ON /project/appsec
338337
make -j extension ddappsec-helper && \\
339338
touch ddappsec.so libddappsec-helper.so

appsec/tests/integration/gradle/images.gradle

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ def phpVersions = [
1111
'8.1': '8.1.26',
1212
'8.2': '8.2.13',
1313
'8.3': '8.3.0',
14+
'8.4': '8.4.0',
1415
]
1516

1617
def arch = System.getProperty('os.arch')

appsec/tests/integration/src/docker/apache2-fpm/Dockerfile

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,10 @@ ARG VARIANT
33
FROM datadog/dd-appsec-php-ci:php-$PHP_VERSION-$VARIANT
44

55
RUN apt-get update && apt-get install -y \
6-
apache2 \
7-
&& rm -rf /var/lib/apt/lists/*
6+
apache2 \
7+
&& rm -rf /var/lib/apt/lists/*
8+
9+
RUN usermod -a -G linux_users www-data
810

911
RUN rm -rf /var/www/html
1012
RUN sed -i '/<Directory \/var\/www\/>/,/<\/Directory>/s/AllowOverride None/AllowOverride All/' /etc/apache2/apache2.conf

appsec/tests/integration/src/docker/apache2-mod/Dockerfile

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,10 @@ ARG VARIANT
33
FROM datadog/dd-appsec-php-ci:php-$PHP_VERSION-$VARIANT
44

55
RUN apt-get update && apt-get install -y \
6-
apache2 \
7-
&& rm -rf /var/lib/apt/lists/*
6+
apache2 \
7+
&& rm -rf /var/lib/apt/lists/*
8+
9+
RUN usermod -a -G linux_users www-data
810

911
RUN rm -rf /var/www/html
1012
RUN sed -i 's@/var/www/html@/var/www/public@' /etc/apache2/sites-available/000-default.conf

appsec/tests/integration/src/docker/nginx-fpm/Dockerfile

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,10 @@ ARG VARIANT
44
FROM datadog/dd-appsec-php-ci:php-$PHP_VERSION-$VARIANT
55

66
RUN apt-get update && apt-get install -y \
7-
nginx \
8-
&& rm -rf /var/lib/apt/lists/*
7+
nginx \
8+
&& rm -rf /var/lib/apt/lists/*
9+
10+
RUN usermod -a -G linux_users www-data
911

1012
RUN rm -rf /var/www/html
1113

0 commit comments

Comments
 (0)