github_mirrors/attachment
3
0
Fork 1
mirror of https://github.com/openappsec/attachment.git synced 2026-01-17 16:00:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added changes

Browse Source
This commit is contained in:
Granyaa
2026-01-15 13:08:57 +02:00
parent a350041f25
commit a04ffb0fa6
2 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
attachments/kong/plugins/open-appsec-waf-kong-plugin/handler.lua
View File

@@ -14,6 +14,7 @@ NanoHandler.processed_requests = {}
-- per-worker state -- per-worker state
local pending = {} -- sid -> { semaphore, verdict } local pending = {} -- sid -> { semaphore, verdict }
local verdict_listener_started = false
local function drain_queue() local function drain_queue()
kong.log.debug("drain_queue: Starting to drain queue") kong.log.debug("drain_queue: Starting to drain queue")
@@ -38,10 +39,16 @@ local function drain_queue()
end end
local function start_verdict_listener() local function start_verdict_listener()
if verdict_listener_started then
kong.log.debug("Verdict listener already started, skipping")
return true
end
local socket_fd = nano.get_attachment_socket() local socket_fd = nano.get_attachment_socket()
if not socket_fd or socket_fd < 0 then if not socket_fd or socket_fd < 0 then
kong.log.err("Failed to get attachment socket") kong.log.err("Failed to get attachment socket")
return verdict_listener_started = false
return false
end end
kong.log.info("Starting verdict listener on socket fd: ", socket_fd) kong.log.info("Starting verdict listener on socket fd: ", socket_fd)
@@ -58,10 +65,12 @@ local function start_verdict_listener()
local ok, err = sock:setfd(socket_fd) local ok, err = sock:setfd(socket_fd)
if not ok then if not ok then
kong.log.err("Failed to set socket fd: ", err) kong.log.err("Failed to set socket fd: ", err)
verdict_listener_started = false
return return
end end
kong.log.info("Listening on verdict socket") kong.log.info("Listening on verdict socket")
verdict_listener_started = true
while true do while true do
-- Use socket as a doorbell - wait for any data -- Use socket as a doorbell - wait for any data
@@ -71,8 +80,9 @@ local function start_verdict_listener()
-- Continue waiting -- Continue waiting
goto continue goto continue
else else
kong.log.err("verdict_listener: Error receiving from verdict socket: ", err) kong.log.err("verdict_listener: Fatal error receiving from verdict socket: ", err, " - marking listener as stopped")
goto continue verdict_listener_started = false
break
end end
end end
@@ -95,6 +105,12 @@ end
-- **Handles Request Headers (DecodeHeaders Equivalent)** -- **Handles Request Headers (DecodeHeaders Equivalent)**
function NanoHandler.access(conf) function NanoHandler.access(conf)
-- Ensure verdict listener is running
if not verdict_listener_started then
kong.log.info("access: Verdict listener not started, attempting to start")
start_verdict_listener()
end
kong.log.debug("access: Starting access phase") kong.log.debug("access: Starting access phase")
local headers = kong.request.get_headers() local headers = kong.request.get_headers()
local session_id = nano.generate_session_id() local session_id = nano.generate_session_id()

2
core/shmem_ipc_2/shared_ring_queue.h
View File

@@ -23,7 +23,7 @@ extern "C"
{ {
#endif // __cplusplus #endif // __cplusplus
#define SHARED_MEMORY_SEGMENT_ENTRY_SIZE 1024 #define SHARED_MEMORY_SEGMENT_ENTRY_SIZE 4096
#define MAX_ONE_WAY_QUEUE_NAME_LENGTH 64 #define MAX_ONE_WAY_QUEUE_NAME_LENGTH 64
#define CORRUPTED_SHMEM_ERROR -2 #define CORRUPTED_SHMEM_ERROR -2