First release of open-appsec source code

components/include/generic_rulebase/evaluators/asset_eval.h

@@ -0,0 +1,36 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __ASSET_EVAL_H__
+#define __ASSET_EVAL_H__
+
+#include "environment/evaluator_templates.h"
+#include "i_environment.h"
+#include "singleton.h"
+
+class AssetMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    AssetMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "assetId"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::string asset_id;
+};
+
+#endif // __ASSET_EVAL_H__

components/include/generic_rulebase/evaluators/connection_eval.h

@@ -0,0 +1,127 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __CONNECTION_EVAL_H__
+#define __CONNECTION_EVAL_H__
+
+#include "environment/evaluator_templates.h"
+#include "i_environment.h"
+#include "singleton.h"
+#include "connkey.h"
+
+class IpAddressMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    IpAddressMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "ipAddress"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::vector<CustomRange<IPAddr>> values;
+};
+
+class SourceIpMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    SourceIpMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "sourceIP"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::vector<CustomRange<IPAddr>> values;
+};
+
+class DestinationIpMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    DestinationIpMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "destinationIP"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::vector<CustomRange<IPAddr>> values;
+};
+
+class SourcePortMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    SourcePortMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "sourcePort"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::vector<CustomRange<PortNumber>> values;
+};
+
+class ListeningPortMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    ListeningPortMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "listeningPort"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::vector<CustomRange<PortNumber>> values;
+};
+
+class IpProtocolMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    IpProtocolMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "ipProtocol"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::vector<CustomRange<IPProto>> values;
+};
+
+class UrlMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    UrlMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "url"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::vector<std::string> values;
+};
+
+#endif // __CONNECTION_EVAL_H__

components/include/generic_rulebase/evaluators/http_transaction_data_eval.h

@@ -0,0 +1,74 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __HTTP_TRANSACTION_DATA_EVAL_H__
+#define __HTTP_TRANSACTION_DATA_EVAL_H__
+
+#include "environment/evaluator_templates.h"
+#include "i_environment.h"
+#include "singleton.h"
+#include "connkey.h"
+
+class EqualHost : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    EqualHost(const std::vector<std::string> &params);
+
+    static std::string getName() { return "EqualHost"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+private:
+    std::string host;
+};
+
+class EqualListeningIP : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    EqualListeningIP(const std::vector<std::string> &params);
+
+    static std::string getName() { return "EqualListeningIP"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+private:
+    IPAddr listening_ip;
+};
+
+class EqualListeningPort : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    EqualListeningPort(const std::vector<std::string> &params);
+
+    static std::string getName() { return "EqualListeningPort"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+private:
+    PortNumber listening_port;
+};
+
+class BeginWithUri : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    BeginWithUri(const std::vector<std::string> &params);
+
+    static std::string getName() { return "BeginWithUri"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+private:
+    std::string uri_prefix;
+};
+
+#endif // __HTTP_TRANSACTION_DATA_EVAL_H__

components/include/generic_rulebase/evaluators/parameter_eval.h

@@ -0,0 +1,36 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __PARAMETER_EVAL_H__
+#define __PARAMETER_EVAL_H__
+
+#include "environment/evaluator_templates.h"
+#include "i_environment.h"
+#include "singleton.h"
+
+class ParameterMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    ParameterMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "parameterId"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::string parameter_id;
+};
+
+#endif // __PARAMETER_EVAL_H__

components/include/generic_rulebase/evaluators/practice_eval.h

@@ -0,0 +1,36 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __PRACTICE_EVAL_H__
+#define __PRACTICE_EVAL_H__
+
+#include "environment/evaluator_templates.h"
+#include "i_environment.h"
+#include "singleton.h"
+
+class PracticeMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    PracticeMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "practiceId"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::string practice_id;
+};
+
+#endif // __PRACTICE_EVAL_H__

components/include/generic_rulebase/evaluators/query_eval.h

@@ -0,0 +1,43 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __QUERY_EVAL_H__
+#define __QUERY_EVAL_H__
+
+#include "environment/evaluator_templates.h"
+#include "i_environment.h"
+#include "i_generic_rulebase.h"
+#include "singleton.h"
+
+class QueryMatcher
+        :
+    public EnvironmentEvaluator<bool>,
+    Singleton::Consume<I_Environment>,
+    Singleton::Consume<I_GenericRulebase>
+{
+public:
+    QueryMatcher(const std::vector<std::string> &query_params);
+
+    static std::string getName() { return "matchQuery"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+private:
+    static const std::string contextKeyToString(Context::MetaDataType type);
+
+    std::string key;
+    std::unordered_set<std::string> values;
+    bool is_any = false;
+};
+
+#endif // __QUERY_EVAL_H__

components/include/generic_rulebase/evaluators/trigger_eval.h

@@ -0,0 +1,36 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __TRIGGER_EVAL_H__
+#define __TRIGGER_EVAL_H__
+
+#include "environment/evaluator_templates.h"
+#include "i_environment.h"
+#include "singleton.h"
+
+class TriggerMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    TriggerMatcher(const std::vector<std::string> &params);
+
+    static std::string getName() { return "triggerId"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::string trigger_id;
+};
+
+#endif // __TRIGGER_EVAL_H__

components/include/generic_rulebase/evaluators/zone_eval.h

@@ -0,0 +1,36 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __ZONE_EVAL_H__
+#define __ZONE_EVAL_H__
+
+#include "environment/evaluator_templates.h"
+#include "i_environment.h"
+#include "singleton.h"
+
+class ZoneMatcher : public EnvironmentEvaluator<bool>, Singleton::Consume<I_Environment>
+{
+public:
+    ZoneMatcher(const std::vector<std::string> &zones);
+
+    static std::string getName() { return "zoneId"; }
+
+    Maybe<bool, Context::Error> evalVariable() const override;
+
+    static std::string ctx_key;
+
+private:
+    std::string zone_id;
+};
+
+#endif // __ZONE_EVAL_H__