Skip to main content

libddwaf/
config.rs

1use crate::object::WafMap;
2use crate::waf_map;
3
4/// The configuration for a new [`Builder`](crate::Builder).
5#[derive(Clone, Default, Debug)]
6pub struct Config {
7    obfuscator: Obfuscator,
8}
9impl Config {
10    /// Creates a new [`Config`] with the provided [`Obfuscator`].
11    #[must_use]
12    pub fn new(obfuscator: Obfuscator) -> Self {
13        Self { obfuscator }
14    }
15
16    #[must_use]
17    pub fn as_waf_object(&self) -> WafMap {
18        let mut map = WafMap::new(2);
19        let mut used: u16 = 0;
20        if let Some(key_regex) = self.obfuscator.key_regex() {
21            map[used as usize] = ("key_regex", key_regex).into();
22            used += 1;
23        }
24        if let Some(value_regex) = self.obfuscator.value_regex() {
25            map[used as usize] = ("value_regex", value_regex).into();
26            used += 1;
27        }
28        map.truncate(used);
29
30        waf_map!(("obfuscator", map))
31    }
32}
33
34/// Obfuscation configuration for the WAF.
35///
36/// This is effectively a pair of regular expressions that are respectively used
37/// to determine which key and value data to obfuscate when producing WAF
38/// outputs.
39#[derive(Clone, Debug)]
40pub struct Obfuscator {
41    key_regex: Option<Vec<u8>>,
42    value_regex: Option<Vec<u8>>,
43}
44impl Obfuscator {
45    /// Creates a new [`Obfuscator`] with the provided key and value regular
46    /// expressions.
47    ///
48    /// # Panics
49    /// Panics if the provided key or value cannot be turned into a [`CString`].
50    pub fn new<T: Into<Vec<u8>>, U: Into<Vec<u8>>>(
51        key_regex: Option<T>,
52        value_regex: Option<U>,
53    ) -> Self {
54        Self {
55            key_regex: key_regex.map(Into::into),
56            value_regex: value_regex.map(Into::into),
57        }
58    }
59
60    /// Returns the regular expression used to determine key data to be obfuscated, if one has been
61    /// set.
62    #[must_use]
63    pub fn key_regex(&self) -> Option<&[u8]> {
64        self.key_regex.as_deref()
65    }
66
67    /// Returns the regular expression used to determine value data to be obfuscated, if one has
68    /// been set.
69    #[must_use]
70    pub fn value_regex(&self) -> Option<&[u8]> {
71        self.value_regex.as_deref()
72    }
73}
74
75impl Default for Obfuscator {
76    fn default() -> Self {
77        // This actually uses the default regexes from libddwaf
78        Obfuscator::new(None::<&str>, None::<&str>)
79    }
80}