github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-09-29 19:24:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

First release of open-appsec source code

Browse Source
This commit is contained in:
roybarda
2022-10-26 19:33:19 +03:00
parent 3883109caf
commit a883352f79
1353 changed files with 276290 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
components/security_apps/waap/include/WaapDefines.h Executable file
View File

@@ -0,0 +1,30 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#pragma once
#define BACKUP_DIRECTORY_PATH "/etc/cp/conf/waap/"
// reduce from 2048 in order to accomodate in 10K max log size in Kibana
#define MAX_LOG_FIELD_SIZE 1536
// maximum bytes response body log field size can reduce from request body log
#define MIN_RESP_BODY_LOG_FIELD_SIZE (std::size_t{500})
// size of clean values LRU cache
#define SIGS_APPLY_CLEAN_CACHE_CAPACITY 4096
// size of suspicious values LRU cache
#define SIGS_APPLY_SUSPICIOUS_CACHE_CAPACITY 4096
// size of SampleType cache capacity
#define SIGS_SAMPLE_TYPE_CACHE_CAPACITY 4096
// ScoreBuilder pool names
#define KEYWORDS_SCORE_POOL_BASE "base_scores"
#define KEYWORDS_SCORE_POOL_HEADERS "headers_scores"

24
components/security_apps/waap/include/i_deepAnalyzer.h Executable file
View File

@@ -0,0 +1,24 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#pragma once
class IWaf2Transaction;
class IWaapConfig;
struct AnalysisResult;
class I_DeepAnalyzer {
public:
virtual AnalysisResult analyzeData(IWaf2Transaction* waf2Trans, const IWaapConfig* pSitePolicy) = 0;
virtual ~I_DeepAnalyzer() {};
};

26
components/security_apps/waap/include/i_ignoreSources.h Executable file
View File

@@ -0,0 +1,26 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __I_IGNORE_SOURCES_H__
#define __I_IGNORE_SOURCES_H__
#include <vector>
#include <string>
class I_IgnoreSources
{
public:
virtual std::vector<std::string>* getSourcesToIgnore() = 0;
virtual bool ready() = 0;
};
#endif

39
components/security_apps/waap/include/i_indicatorsFilter.h Executable file
View File

@@ -0,0 +1,39 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#pragma once
#include <string>
#include "../waap_clib/WaapKeywords.h"
#include "i_serialize.h"
#include <unordered_set>
#include <vector>
class IWaf2Transaction;
class I_IndicatorsFilter{
public:
virtual ~I_IndicatorsFilter() { }
// filters indicators from keywords vector
virtual void filterKeywords(
const std::string &key,
Waap::Keywords::KeywordsSet& keywords,
Waap::Keywords::KeywordsVec& filteredKeywords) = 0;
// register keyword for a specific key
virtual void registerKeywords(const std::string& key, Waap::Keywords::KeywordsSet& keyword,
IWaf2Transaction* pTransaction) = 0;
// returns true if the keyword based on the key should be filtered out
virtual bool shouldFilterKeyword(const std::string &key, const std::string &keyword) const = 0;
};

281
components/security_apps/waap/include/i_serialize.h Executable file
View File

@@ -0,0 +1,281 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#pragma once
#include <chrono>
#include <fstream>
#include "i_time_get.h"
#include "i_encryptor.h"
#include "rest.h"
#include "i_messaging.h"
#include "i_mainloop.h"
#include "i_agent_details.h"
static const uint max_send_obj_retries = 3;
USE_DEBUG_FLAG(D_WAAP);
class RestGetFile : public ClientRest
{
public:
// decrypts and load json
bool loadJson(const std::string& json);
// gen json and encrypt
Maybe<std::string> genJson() const;
};
struct FileMetaData
{
std::string filename;
std::string modified;
};
class RemoteFilesList : public ClientRest
{
public:
RemoteFilesList();
// parses xml instead of json
// extracts a file list in <Contents><Key>
bool loadJson(const std::string& xml);
const std::vector<FileMetaData>& getFilesMetadataList() const;
const std::vector<std::string>& getFilesList() const;
private:
RestParam<std::vector<FileMetaData>> files;
std::vector<std::string> filesPathsList;
};
class I_Serializable {
public:
virtual void serialize(std::ostream& stream) = 0;
virtual void deserialize(std::istream& stream) = 0;
};
class I_RemoteSyncSerialize {
public:
virtual bool postData() = 0;
virtual void pullData(const std::vector<std::string>& files) = 0;
virtual void processData() = 0;
virtual void postProcessedData() = 0;
virtual void pullProcessedData(const std::vector<std::string>& files) = 0;
virtual void updateState(const std::vector<std::string>& files) = 0;
};
class I_Backup {
public:
// open stream and serialize data
virtual void saveData() = 0;
// open stream and deserialize data
virtual void restore() = 0;
};
class SerializeToFileBase :
public I_Backup,
public I_Serializable
{
public:
SerializeToFileBase(std::string filePath);
virtual ~SerializeToFileBase();
virtual void saveData();
virtual void restore();
virtual void setFilePath(const std::string &new_file_path);
protected:
// saved file name for testing
std::string m_filePath;
private:
void loadFromFile(std::string filePath);
};
class SerializeToFilePeriodically : public SerializeToFileBase
{
public:
SerializeToFilePeriodically(std::chrono::seconds pollingIntervals, std::string filePath);
virtual ~SerializeToFilePeriodically();
void setInterval(std::chrono::seconds newInterval);
protected:
void backupWorker();
private:
std::chrono::microseconds m_lastSerialization;
std::chrono::seconds m_interval;
};
class WaapComponent;
class SerializeToLocalAndRemoteSyncBase : public I_RemoteSyncSerialize, public SerializeToFileBase
{
public:
SerializeToLocalAndRemoteSyncBase(std::chrono::minutes interval,
std::chrono::seconds waitForSync,
const std::string& filePath,
const std::string& remotePath,
const std::string& assetId,
const std::string& owner);
virtual ~SerializeToLocalAndRemoteSyncBase();
virtual void restore();
virtual void syncWorker();
void setInterval(std::chrono::seconds newInterval);
std::chrono::seconds getIntervalDuration() const;
void setRemoteSyncEnabled(bool enabled);
protected:
void mergeProcessedFromRemote();
std::string getPostDataUrl();
std::string getUri();
size_t getIntervalsCount();
template<typename T>
bool sendObject(T &obj, I_Messaging::Method method, std::string uri)
{
I_Messaging *messaging = Singleton::Consume<I_Messaging>::by<WaapComponent>();
I_AgentDetails *agentDetails = Singleton::Consume<I_AgentDetails>::by<WaapComponent>();
if (agentDetails->getOrchestrationMode() == OrchestrationMode::OFFLINE) {
dbgDebug(D_WAAP) << "offline mode not sending object";
return false;
}
if (agentDetails->getOrchestrationMode() == OrchestrationMode::HYBRID) {
Flags <MessageConnConfig> conn_flags;
conn_flags.setFlag(MessageConnConfig::EXTERNAL);
std::string tenant_header = "X-Tenant-Id: " + agentDetails->getTenantId();
return messaging->sendObject(
obj,
method,
getSharedStorageHost(),
80,
conn_flags,
uri,
tenant_header,
nullptr,
MessageTypeTag::WAAP_LEARNING);
}
return messaging->sendObject(
obj,
method,
uri,
"",
nullptr,
true,
MessageTypeTag::WAAP_LEARNING);
}
template<typename T>
bool sendObjectWithRetry(T &obj, I_Messaging::Method method, std::string uri)
{
I_MainLoop *mainloop = Singleton::Consume<I_MainLoop>::by<WaapComponent>();
for (uint i = 0; i < max_send_obj_retries; i++)
{
if (sendObject(obj, method, uri))
{
dbgTrace(D_WAAP) <<
"object sent successfully after " << i << " retry attempts";
return true;
}
dbgWarning(D_WAAP) << "Failed to send object. Attempt: " << i;
mainloop->yield(true);
}
dbgError(D_WAAP) << "Failed to send object, reached maximum attempts: " <<
max_send_obj_retries;
return false;
}
template<typename T>
bool sendNoReplyObject(T &obj, I_Messaging::Method method, std::string uri)
{
I_Messaging *messaging = Singleton::Consume<I_Messaging>::by<WaapComponent>();
I_AgentDetails *agentDetails = Singleton::Consume<I_AgentDetails>::by<WaapComponent>();
if (agentDetails->getOrchestrationMode() == OrchestrationMode::OFFLINE) {
dbgDebug(D_WAAP) << "offline mode not sending object";
return false;
}
if (agentDetails->getOrchestrationMode() == OrchestrationMode::HYBRID) {
Flags<MessageConnConfig> conn_flags;
conn_flags.setFlag(MessageConnConfig::EXTERNAL);
std::string tenant_header = "X-Tenant-Id: " + agentDetails->getTenantId();
return messaging->sendNoReplyObject(
obj,
method,
getSharedStorageHost(),
80,
conn_flags,
uri,
tenant_header,
nullptr,
MessageTypeTag::WAAP_LEARNING);
}
return messaging->sendNoReplyObject(
obj,
method,
uri,
"",
nullptr,
true,
MessageTypeTag::WAAP_LEARNING);
}
template<typename T>
bool sendNoReplyObjectWithRetry(T &obj, I_Messaging::Method method, std::string uri)
{
I_MainLoop *mainloop= Singleton::Consume<I_MainLoop>::by<WaapComponent>();
for (uint i = 0; i < max_send_obj_retries; i++)
{
if (sendNoReplyObject(obj, method, uri))
{
dbgTrace(D_WAAP) <<
"object sent successfully after " << i << " retry attempts";
return true;
}
dbgWarning(D_WAAP) << "Failed to send object. Attempt: " << i;
mainloop->yield(true);
}
dbgError(D_WAAP) << "Failed to send object, reached maximum attempts: " <<
max_send_obj_retries;
return false;
}
const std::string m_remotePath; // Created from tenentId + / + assetId + / + class
std::chrono::seconds m_interval;
std::string m_owner;
private:
bool localSyncAndProcess();
void updateStateFromRemoteService();
RemoteFilesList getProcessedFilesList();
RemoteFilesList getRemoteProcessedFilesList();
std::string getWindowId();
bool isBase();
std::string getLearningHost();
std::string getSharedStorageHost();
I_MainLoop* m_pMainLoop;
std::chrono::microseconds m_waitForSync;
uint m_workerRoutineId;
size_t m_daysCount;
size_t m_windowsCount;
size_t m_intervalsCounter;
bool m_remoteSyncEnabled;
const std::string m_assetId;
std::string m_type;
std::string m_lastProcessedModified;
Maybe<std::string> m_shared_storage_host;
Maybe<std::string> m_learning_host;
};

144
components/security_apps/waap/include/i_transaction.h Executable file
View File

@@ -0,0 +1,144 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#pragma once
#include "../waap_clib/WaapDecision.h"
#include "../include/WaapDefines.h"
#include "../waap_clib/Csrf.h"
#include "../waap_clib/Waf2Util.h"
#include "../waap_clib/WaapOpenRedirect.h"
#include "../waap_clib/FpMitigation.h"
#include "../waap_clib/DeepParser.h"
#include "http_inspection_events.h"
enum HeaderType {
UNKNOWN_HEADER,
HOST_HEADER,
USER_AGENT_HEADER,
COOKIE_HEADER,
REFERER_HEADER,
CONTENT_TYPE_HEADER,
CLEAN_HEADER,
OTHER_KNOWN_HEADERS
};
struct AnalysisResult;
class WaapAssetState;
struct Waf2TransactionFlags {
bool endResponseHeadersCalled;
bool requestDataPushStarted;
bool responseDataPushStarted;
Waf2TransactionFlags():
endResponseHeadersCalled(false),
requestDataPushStarted(false),
responseDataPushStarted(false)
{
}
};
class IWaf2Transaction {
public:
virtual ~IWaf2Transaction() {}
virtual uint64_t getIndex() const = 0;
virtual void setIndex(uint64_t index) = 0;
virtual std::shared_ptr<WaapAssetState> getAssetState() = 0;
virtual IWaapConfig* getSiteConfig() = 0;
virtual DeepParser& getDeepParser() = 0;
virtual bool get_ignoreScore() const = 0;
virtual void addNote(const std::string &note) = 0;
virtual bool shouldIgnoreOverride(const Waf2ScanResult &res) = 0;
virtual bool reportScanResult(const Waf2ScanResult &res) = 0;
virtual const std::string getHost() const = 0;
virtual Waap::OpenRedirect::State &getOpenRedirectState() = 0;
virtual const std::string getLocation() const = 0;
virtual const std::string getUserAgent() const = 0;
virtual const std::string getParam() const = 0;
virtual const std::vector<std::string> getKeywordMatches() const = 0;
virtual const std::vector<std::string> getKeywordsCombinations() const = 0;
virtual const std::string getContentTypeStr() const = 0;
virtual Waap::Util::ContentType getContentType() const = 0;
virtual const std::string getKeywordMatchesStr() const = 0;
virtual const std::string getSample() const = 0;
virtual const std::string getLastScanSample() const = 0;
virtual const std::string& getLastScanParamName() const = 0;
virtual const std::string getMethod() const = 0;
virtual const std::string getHdrContent(std::string hdrName) const = 0;
virtual const WaapDecision &getWaapDecision() const = 0;
virtual const std::string& getRemoteAddr() const = 0;
virtual const std::string getUri() const = 0;
virtual const std::string getUriStr() const = 0;
virtual const std::string& getSourceIdentifier() const = 0;
virtual double getScore() const = 0;
virtual const std::vector<double> getScoreArray() const = 0;
virtual Waap::CSRF::State& getCsrfState() = 0;
virtual ngx_http_cp_verdict_e getUserLimitVerdict() = 0;
virtual const std::string getUserLimitVerdictStr() const = 0;
virtual const std::string getViolatedUserLimitTypeStr() const = 0;
virtual void checkShouldInject() = 0;
virtual void completeInjectionResponseBody(std::string& strInjection) = 0;
virtual void sendLog() = 0;
virtual bool decideAfterHeaders() = 0;
virtual int decideFinal(
int mode,
AnalysisResult &transactionResult,
const std::string &poolName=KEYWORDS_SCORE_POOL_BASE,
PolicyCounterType fpClassification = UNKNOWN_TYPE) = 0;
virtual bool decideResponse() = 0;
virtual void clearAllInjectionReasons() = 0;
virtual bool shouldInspectResponse() = 0;
virtual bool shouldInjectResponse() = 0;
virtual bool shouldInjectCSRF() = 0;
virtual bool shouldInjectSecurityHeaders() = 0;
virtual void handleSecurityHeadersInjection(
std::vector<std::pair<std::string, std::string>>& injectHeaderStrs) = 0;
virtual void disableShouldInjectSecurityHeaders() = 0;
virtual void handleCsrfHeaderInjection(std::string& injectStr) = 0;
virtual bool findHtmlTagToInject(const char* data, int data_len, int& pos) = 0;
virtual bool isHtmlType(const char* data, int data_len) = 0;
virtual HeaderType detectHeaderType(const char* name, int name_len) = 0;
virtual void start() = 0;
virtual void set_transaction_time(const char* log_time) = 0;
virtual void set_transaction_remote(const char* remote_addr, int remote_port) = 0;
virtual void set_transaction_local(const char* local_addr, int local_port) = 0;
// Request
virtual void set_method(const char* method) = 0;
virtual void set_uri(const char* uri) = 0;
virtual void start_request_hdrs() = 0;
virtual void add_request_hdr(const char* name, int name_len, const char* value, int value_len) = 0;
virtual void end_request_hdrs() = 0;
virtual void start_request_body() = 0;
virtual void add_request_body_chunk(const char* data, int data_len) = 0;
virtual void end_request_body() = 0;
virtual void end_request() = 0;
// Response
virtual void start_response(int response_status, int http_version) = 0;
virtual void start_response_hdrs() = 0;
virtual void add_response_hdr(const char* name, int name_len, const char* value, int value_len) = 0;
virtual void end_response_hdrs() = 0;
virtual void start_response_body() = 0;
virtual void add_response_body_chunk(const char* data, int data_len) = 0;
virtual void end_response_body() = 0;
virtual void end_response() = 0;
virtual void collectFoundPatterns() = 0;
virtual ReportIS::Severity computeEventSeverityFromDecision() const = 0;
virtual void finish() = 0;
virtual Waf2TransactionFlags &getTransactionFlags() = 0;
};

69
components/security_apps/waap/include/i_waapConfig.h Executable file
View File

@@ -0,0 +1,69 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#pragma once
#include "../waap_clib/WaapOverride.h"
#include "../waap_clib/WaapTrigger.h"
#include "../waap_clib/TrustedSources.h"
#include "../waap_clib/WaapParameters.h"
#include "../waap_clib/WaapOpenRedirectPolicy.h"
#include "../waap_clib/WaapErrorDisclosurePolicy.h"
#include "../waap_clib/CsrfPolicy.h"
#include "../waap_clib/UserLimitsPolicy.h"
#include "../waap_clib/RateLimiting.h"
#include "../waap_clib/SecurityHeadersPolicy.h"
#include <memory>
enum class BlockingLevel {
NO_BLOCKING = 0,
LOW_BLOCKING_LEVEL,
MEDIUM_BLOCKING_LEVEL,
HIGH_BLOCKING_LEVEL
};
enum class AttackMitigationMode
{
DISABLED = 0,
LEARNING,
PREVENT,
UNKNOWN
};
class IWaapConfig {
public:
virtual const std::string& get_AssetId() const = 0;
virtual const std::string& get_AssetName() const = 0;
virtual const BlockingLevel& get_BlockingLevel() const = 0;
virtual const std::string& get_PracticeId() const = 0;
virtual const std::string& get_PracticeName() const = 0;
virtual const std::string& get_PracticeSubType() const = 0;
virtual const std::string& get_RuleId() const = 0;
virtual const std::string& get_RuleName() const = 0;
virtual const bool& get_WebAttackMitigation() const = 0;
virtual const std::string& get_WebAttackMitigationAction() const = 0;
virtual const std::shared_ptr<Waap::Override::Policy>& get_OverridePolicy() const = 0;
virtual const std::shared_ptr<Waap::Trigger::Policy>& get_TriggerPolicy() const = 0;
virtual const std::shared_ptr<Waap::TrustedSources::TrustedSourcesParameter>& get_TrustedSourcesPolicy() const = 0;
virtual const std::shared_ptr<Waap::Parameters::WaapParameters>& get_WaapParametersPolicy() const = 0;
virtual const std::shared_ptr<Waap::OpenRedirect::Policy>& get_OpenRedirectPolicy() const = 0;
virtual const std::shared_ptr<Waap::ErrorDisclosure::Policy>& get_ErrorDisclosurePolicy() const = 0;
virtual const std::shared_ptr<Waap::Csrf::Policy>& get_CsrfPolicy() const = 0;
virtual const std::shared_ptr<Waap::RateLimiting::Policy>& get_RateLimitingPolicy() const = 0;
virtual const std::shared_ptr<Waap::RateLimiting::Policy>& get_ErrorLimitingPolicy() const = 0;
virtual const std::shared_ptr<Waap::SecurityHeaders::Policy>& get_SecurityHeadersPolicy() const = 0;
virtual const std::shared_ptr<Waap::UserLimits::Policy>& get_UserLimitsPolicy() const = 0;
virtual void printMe(std::ostream& os) const = 0;
};

27
components/security_apps/waap/include/i_waap_asset_state.h Executable file
View File

@@ -0,0 +1,27 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#pragma once
#include "WaapEnums.h"
class I_WaapAssetState {
public:
virtual void updateScores() = 0;
virtual std::string getSignaturesScoresFilePath() const = 0;
virtual std::string getSignaturesFilterDir() const = 0;
virtual bool isKeywordOfType(const std::string& keyword, ParamType type) const = 0;
virtual bool isBinarySampleType(const std::string & sample) const = 0;
virtual bool isWBXMLSampleType(const std::string & sample) const = 0;
virtual std::set<std::string> getSampleType(const std::string& sample) const = 0;
};

1178
components/security_apps/waap/include/picojson.h Executable file
View File

File diff suppressed because it is too large Load Diff

100
components/security_apps/waap/include/reputation_features_events.h Executable file
View File

@@ -0,0 +1,100 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __REPUTATION_FEATURES_EVENTS_H__
#define __REPUTATION_FEATURES_EVENTS_H__
#include "event.h"
#include "http_inspection_events.h"
using ResponseCode = uint16_t;
class ReputationFeaturesEntry;
class TearDownEvent : public Event<TearDownEvent>
{
public:
TearDownEvent(ReputationFeaturesEntry *pEntry) : m_pEntry(pEntry)
{
}
ReputationFeaturesEntry *
getEntry() const
{
return m_pEntry;
}
private:
ReputationFeaturesEntry *m_pEntry;
};
class IdentifiersEvent : public Event<IdentifiersEvent>
{
public:
IdentifiersEvent(const std::string &sourceId, const std::string &assetId)
:
m_sourceId(sourceId),
m_assetId(assetId)
{ }
const std::string &
getSourceId() const
{
return m_sourceId;
}
const std::string &
getAssetId() const
{
return m_assetId;
}
private:
const std::string m_sourceId;
const std::string m_assetId;
};
class DetectionEvent : public Event<DetectionEvent>
{
public:
DetectionEvent(const std::string &location, const std::vector<std::string> &indicators)
:
m_location(location),
m_indicators(indicators)
{ }
// LCOV_EXCL_START - sync functions, can only be tested once the sync module exists
DetectionEvent() {}
template <typename T>
void
serialize(T &ar)
{
ar(m_location, m_indicators);
}
// LCOV_EXCL_STOP
const std::string&
getLocation() const
{
return m_location;
}
private:
std::string m_location;
std::vector<std::string> m_indicators;
};
#endif // __REPUTATION_FEATURES_EVENTS_H__