libddwaf 1.0.14.1.0.beta1 → 1.0.14.2.1.beta1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/package.yml +2 -2
  3. data/.github/workflows/test.yml +4 -4
  4. data/lib/datadog/{security → appsec}/waf/version.rb +2 -3
  5. data/lib/datadog/{security → appsec}/waf.rb +23 -27
  6. data/lib/libddwaf.rb +1 -1
  7. data/libddwaf.gemspec +4 -4
  8. metadata +8 -11
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b9102fbbb384562ba050a80547ecd45ee2a39f08bd2c8c65d6fc9cd0d5a7b067
4
- data.tar.gz: c5b00121032b40b06840dcfbf74a66d4ae766829f77d8f804adca3d4fc227094
3
+ metadata.gz: e0e9161c6e4b7bc71963dbdd1dccd97c39746e5eee90015a41f2d57cee377031
4
+ data.tar.gz: 4781e93c1751034e1978a7feb0fe53dd7f8e1885fb9a5cd9d55e48744ee224f1
5
5
  SHA512:
6
- metadata.gz: 26d9c14c7673535b63eb66a72cf66b3360014df34ca1d2a87f92f41425c5a46a497040f4d4a67837889740dbf82ce2cb5c334555a0bc9c418ca73abfbe570863
7
- data.tar.gz: a0f9e86ac0bd685e4387213e05e0f7d8e07bf78ae25a8b159c6a41bbf5fb97ebb51f2e90b753a5876b85ef906e2379d457fe0f0d80f2305a6169b997a0af508c
6
+ metadata.gz: '0847c77f7f0e4814cb87c195947d74f90143091a45f9c4fee2779552fb995c8753188397c8631373ddbd8e3c195fa8803b0ab52aa5b7414c19d6164bd88ea31f'
7
+ data.tar.gz: 03d731a4309c4337008273bd6f8061ea0858e396d64a4f53f46d478f0d59a584c945d7087b1a62fbd51ba8b756fa29281c341ef4546a913dc52191e334af3dcb
data/.github/workflows/package.yml CHANGED
@@ -172,7 +172,7 @@ jobs:
172
172
  run: docker exec -w "${PWD}" ${{ steps.container.outputs.id }} gem install --verbose pkg/*.gem
173
173
  - name: Run smoke test
174
174
  run: |
175
- docker exec -w "${PWD}" ${{ steps.container.outputs.id }} ruby -r 'libddwaf' -e 'v = Datadog::Security::WAF::LibDDWAF::Version.new; Datadog::Security::WAF::LibDDWAF.ddwaf_get_version(v); p [v[:major], v[:minor], v[:patch]]'
175
+ docker exec -w "${PWD}" ${{ steps.container.outputs.id }} ruby -r 'libddwaf' -e 'v = Datadog::AppSec::WAF::LibDDWAF::Version.new; Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version(v); p [v[:major], v[:minor], v[:patch]]'
176
176
  test-darwin:
177
177
  needs: package-binary
178
178
  strategy:
@@ -199,4 +199,4 @@ jobs:
199
199
  run: gem install --verbose pkg/*.gem
200
200
  - name: Run smoke test
201
201
  run: |
202
- ruby -r 'libddwaf' -e 'v = Datadog::Security::WAF::LibDDWAF::Version.new; Datadog::Security::WAF::LibDDWAF.ddwaf_get_version(v); p [v[:major], v[:minor], v[:patch]]'
202
+ ruby -r 'libddwaf' -e 'v = Datadog::AppSec::WAF::LibDDWAF::Version.new; Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version(v); p [v[:major], v[:minor], v[:patch]]'
data/.github/workflows/test.yml CHANGED
@@ -11,13 +11,13 @@ jobs:
11
11
  - os: ubuntu-20.04
12
12
  cpu: x86_64
13
13
  platform: x86_64-linux
14
- image: ruby:3.1-rc
14
+ image: ruby:3.1
15
15
  qemu: amd64
16
16
  libc: gnu
17
17
  - os: ubuntu-20.04
18
18
  cpu: aarch64
19
19
  platform: aarch64-linux
20
- image: ruby:3.1-rc
20
+ image: ruby:3.1
21
21
  qemu: arm64
22
22
  libc: gnu
23
23
  - os: ubuntu-20.04
@@ -89,13 +89,13 @@ jobs:
89
89
  - os: ubuntu-20.04
90
90
  cpu: x86_64
91
91
  platform: x86_64-linux
92
- image: ruby:3.1-rc-alpine
92
+ image: ruby:3.1-alpine
93
93
  qemu: amd64
94
94
  libc: musl
95
95
  - os: ubuntu-20.04
96
96
  cpu: aarch64
97
97
  platform: aarch64-linux
98
- image: ruby:3.1-rc-alpine
98
+ image: ruby:3.1-alpine
99
99
  qemu: arm64
100
100
  libc: musl
101
101
  - os: ubuntu-20.04
data/lib/datadog/{security → appsec}/waf/version.rb RENAMED
@@ -1,11 +1,10 @@
1
1
  module Datadog
2
- module Security
2
+ module AppSec
3
3
  module WAF
4
4
  module VERSION
5
5
  BASE_STRING = '1.0.14'
6
- STRING = "#{BASE_STRING}.1.0.beta1"
6
+ STRING = "#{BASE_STRING}.2.1.beta1"
7
7
  MINIMUM_RUBY_VERSION = '2.1'
8
- MAXIMUM_RUBY_VERSION = '3.2'
9
8
  end
10
9
  end
11
10
  end
data/lib/datadog/{security → appsec}/waf.rb RENAMED
@@ -1,9 +1,9 @@
1
1
  require 'ffi'
2
2
  require 'json'
3
- require 'datadog/security/waf/version'
3
+ require 'datadog/appsec/waf/version'
4
4
 
5
5
  module Datadog
6
- module Security
6
+ module AppSec
7
7
  module WAF
8
8
  module LibDDWAF
9
9
  class Error < StandardError; end
@@ -46,7 +46,7 @@ module Datadog
46
46
  end
47
47
 
48
48
  def self.shared_lib_path
49
- File.join(__dir__, "../../../vendor/libddwaf/libddwaf-#{Datadog::Security::WAF::VERSION::BASE_STRING}-#{local_os}-#{local_cpu}/lib/libddwaf#{shared_lib_extname}")
49
+ File.join(__dir__, "../../../vendor/libddwaf/libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{local_os}-#{local_cpu}/lib/libddwaf#{shared_lib_extname}")
50
50
  end
51
51
 
52
52
  ffi_lib [shared_lib_path]
@@ -127,6 +127,8 @@ module Datadog
127
127
  attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config], :ddwaf_handle
128
128
  attach_function :ddwaf_destroy, [:ddwaf_handle], :void
129
129
 
130
+ attach_function :ddwaf_required_addresses, [:ddwaf_handle, :pointer], :pointer
131
+
130
132
  # running
131
133
 
132
134
  typedef :pointer, :ddwaf_context
@@ -251,13 +253,7 @@ module Datadog
251
253
 
252
254
  obj
253
255
  else
254
- obj = LibDDWAF::Object.new
255
- res = LibDDWAF.ddwaf_object_invalid(obj)
256
- if res.null?
257
- fail LibDDWAF::Error, "Could not convert into object: #{val}"
258
- end
259
-
260
- obj
256
+ ruby_to_object(''.freeze)
261
257
  end
262
258
  end
263
259
 
@@ -279,8 +275,8 @@ module Datadog
279
275
  end
280
276
  when :ddwaf_obj_map
281
277
  (0...obj[:nbEntries]).each.with_object({}) do |i, h|
282
- ptr = obj[:valueUnion][:array] + i * Datadog::Security::WAF::LibDDWAF::Object.size
283
- o = Datadog::Security::WAF::LibDDWAF::Object.new(ptr)
278
+ ptr = obj[:valueUnion][:array] + i * Datadog::AppSec::WAF::LibDDWAF::Object.size
279
+ o = Datadog::AppSec::WAF::LibDDWAF::Object.new(ptr)
284
280
  l = o[:parameterNameLength]
285
281
  k = o[:parameterName].read_bytes(l)
286
282
  v = object_to_ruby(LibDDWAF::Object.new(ptr))
@@ -294,7 +290,7 @@ module Datadog
294
290
  logger.debug { { level: level, func: func, file: file, message: message.read_bytes(len) }.inspect }
295
291
  end
296
292
 
297
- Datadog::Security::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
293
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
298
294
  end
299
295
 
300
296
  class Handle
@@ -305,12 +301,12 @@ module Datadog
305
301
  DEFAULT_MAX_TIME_STORE = 0
306
302
 
307
303
  def initialize(rule, config = {})
308
- rule_obj = Datadog::Security::WAF.ruby_to_object(rule)
304
+ rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
309
305
  if rule_obj.null? || rule_obj[:type] == :ddwaf_object_invalid
310
306
  fail LibDDWAF::Error, "Could not convert object #{rule.inspect}"
311
307
  end
312
308
 
313
- config_obj = Datadog::Security::WAF::LibDDWAF::Config.new
309
+ config_obj = Datadog::AppSec::WAF::LibDDWAF::Config.new
314
310
  if config_obj.null?
315
311
  fail LibDDWAF::Error, 'Could not create config struct'
316
312
  end
@@ -319,19 +315,19 @@ module Datadog
319
315
  config_obj[:maxMapDepth] = config[:max_map_depth] || DEFAULT_MAX_MAP_DEPTH
320
316
  config_obj[:maxTimeStore] = config[:max_time_store] || DEFAULT_MAX_TIME_STORE
321
317
 
322
- @handle_obj = Datadog::Security::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj)
318
+ @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj)
323
319
  if @handle_obj.null?
324
320
  fail LibDDWAF::Error, 'Could not create handle'
325
321
  end
326
322
 
327
323
  ObjectSpace.define_finalizer(self, Handle.finalizer(handle_obj))
328
324
  ensure
329
- Datadog::Security::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
325
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
330
326
  end
331
327
 
332
328
  def self.finalizer(handle_obj)
333
329
  proc do |object_id|
334
- Datadog::Security::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
330
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
335
331
  end
336
332
  end
337
333
  end
@@ -343,9 +339,9 @@ module Datadog
343
339
 
344
340
  def initialize(handle)
345
341
  handle_obj = handle.handle_obj
346
- free_func = Datadog::Security::WAF::LibDDWAF::ObjectNoFree
342
+ free_func = Datadog::AppSec::WAF::LibDDWAF::ObjectNoFree
347
343
 
348
- @context_obj = Datadog::Security::WAF::LibDDWAF.ddwaf_context_init(handle_obj, free_func)
344
+ @context_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_init(handle_obj, free_func)
349
345
  if @context_obj.null?
350
346
  fail LibDDWAF::Error, 'Could not create context'
351
347
  end
@@ -358,9 +354,9 @@ module Datadog
358
354
  def self.finalizer(context_obj, input_objs)
359
355
  proc do |object_id|
360
356
  input_objs.each do |input_obj|
361
- Datadog::Security::WAF::LibDDWAF.ddwaf_object_free(input_obj)
357
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(input_obj)
362
358
  end
363
- Datadog::Security::WAF::LibDDWAF.ddwaf_context_destroy(context_obj)
359
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_destroy(context_obj)
364
360
  end
365
361
  end
366
362
 
@@ -369,19 +365,19 @@ module Datadog
369
365
  ddwaf_err_internal: :err_internal,
370
366
  ddwaf_err_invalid_object: :err_invalid_object,
371
367
  ddwaf_err_invalid_argument: :err_invalid_argument,
372
- ddwaf_err_timeout: :err_invalid_object,
368
+ ddwaf_err_timeout: :err_timeout,
373
369
  ddwaf_good: :good,
374
370
  ddwaf_monitor: :monitor,
375
371
  ddwaf_block: :block,
376
372
  }
377
373
 
378
374
  def run(input, timeout = DEFAULT_TIMEOUT_US)
379
- input_obj = Datadog::Security::WAF.ruby_to_object(input)
375
+ input_obj = Datadog::AppSec::WAF.ruby_to_object(input)
380
376
  if input_obj.null?
381
377
  fail LibDDWAF::Error, "Could not convert input: #{input.inspect}"
382
378
  end
383
379
 
384
- result_obj = Datadog::Security::WAF::LibDDWAF::Result.new
380
+ result_obj = Datadog::AppSec::WAF::LibDDWAF::Result.new
385
381
  if result_obj.null?
386
382
  fail LibDDWAF::Error, "Could not create result object"
387
383
  end
@@ -389,7 +385,7 @@ module Datadog
389
385
  # retain C objects in memory for subsequent calls to run
390
386
  @input_objs << input_obj
391
387
 
392
- code = Datadog::Security::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
388
+ code = Datadog::AppSec::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
393
389
 
394
390
  result = Result.new(
395
391
  ACTION_MAP_OUT[result_obj[:action]],
@@ -400,7 +396,7 @@ module Datadog
400
396
 
401
397
  [ACTION_MAP_OUT[code], result]
402
398
  ensure
403
- Datadog::Security::WAF::LibDDWAF.ddwaf_result_free(result_obj) if result_obj
399
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_result_free(result_obj) if result_obj
404
400
  end
405
401
  end
406
402
  end
data/lib/libddwaf.rb CHANGED
@@ -1 +1 @@
1
- require 'datadog/security/waf'
1
+ require 'datadog/appsec/waf'
data/libddwaf.gemspec CHANGED
@@ -2,12 +2,12 @@
2
2
 
3
3
  lib = File.expand_path('../lib', __FILE__)
4
4
  $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
- require 'datadog/security/waf/version'
5
+ require 'datadog/appsec/waf/version'
6
6
 
7
7
  Gem::Specification.new do |spec|
8
8
  spec.name = 'libddwaf'
9
- spec.version = Datadog::Security::WAF::VERSION::STRING
10
- spec.required_ruby_version = [">= #{Datadog::Security::WAF::VERSION::MINIMUM_RUBY_VERSION}", "< #{Datadog::Security::WAF::VERSION::MAXIMUM_RUBY_VERSION}"]
9
+ spec.version = Datadog::AppSec::WAF::VERSION::STRING
10
+ spec.required_ruby_version = [">= #{Datadog::AppSec::WAF::VERSION::MINIMUM_RUBY_VERSION}"]
11
11
  spec.required_rubygems_version = '>= 2.0.0'
12
12
  spec.authors = ['Datadog, Inc.']
13
13
  spec.email = ['dev@datadoghq.com']
@@ -36,5 +36,5 @@ Gem::Specification.new do |spec|
36
36
  end
37
37
  spec.require_paths = ['lib']
38
38
 
39
- spec.add_dependency 'ffi'
39
+ spec.add_dependency 'ffi', '~> 1.0'
40
40
  end
metadata CHANGED
@@ -1,29 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libddwaf
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.14.1.0.beta1
4
+ version: 1.0.14.2.1.beta1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Datadog, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-14 00:00:00.000000000 Z
11
+ date: 2022-03-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ">="
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '0'
19
+ version: '1.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ">="
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '0'
26
+ version: '1.0'
27
27
  description: 'libddwaf packages a WAF implementation in C++, exposed to Ruby
28
28
 
29
29
  '
@@ -43,8 +43,8 @@ files:
43
43
  - LICENSE.BSD3
44
44
  - NOTICE
45
45
  - README.md
46
- - lib/datadog/security/waf.rb
47
- - lib/datadog/security/waf/version.rb
46
+ - lib/datadog/appsec/waf.rb
47
+ - lib/datadog/appsec/waf/version.rb
48
48
  - lib/libddwaf.rb
49
49
  - libddwaf.gemspec
50
50
  homepage: https://github.com/DataDog/libddwaf
@@ -61,9 +61,6 @@ required_ruby_version: !ruby/object:Gem::Requirement
61
61
  - - ">="
62
62
  - !ruby/object:Gem::Version
63
63
  version: '2.1'
64
- - - "<"
65
- - !ruby/object:Gem::Version
66
- version: '3.2'
67
64
  required_rubygems_version: !ruby/object:Gem::Requirement
68
65
  requirements:
69
66
  - - ">="