implement waf.Close method, based on the PR corazawaf#1200

tty2 · tty2 · commit baf203ec2f9b · 2024-12-31T15:04:46.000+01:00
diff --git a/examples/http-server/persistence_collection/custom/main.go b/examples/http-server/persistence_collection/custom/main.go
@@ -31,8 +31,8 @@ func exampleHandler(w http.ResponseWriter, req *http.Request) {
 }
 
 func main() {
-	directivesFile := "./session.conf"
-	waf := createWAF(directivesFile)
+	directiveFile := "./session.conf"
+	waf := createWAF(directiveFile)
 
 	http.Handle("/", txhttp.WrapHandler(waf, http.HandlerFunc(exampleHandler)))
 
diff --git a/experimental/waf.go b/experimental/waf.go
@@ -4,14 +4,19 @@
 package experimental
 
 import (
-	"github.com/corazawaf/coraza/v3/internal/corazawaf"
+	"io"
+
+	"github.com/corazawaf/coraza/v3"
 	"github.com/corazawaf/coraza/v3/types"
 )
 
-type Options = corazawaf.Options
-
-// WAFWithOptions is an interface that allows to create transactions
-// with options
-type WAFWithOptions interface {
-	NewTransactionWithOptions(Options) types.Transaction
+// WAF IMPORTANT: This interface is experimental and may change in the future
+// WAF v4 interface supports creating transactions with options and
+// closing the WAF instance to release resources
+// This interface will replace coraza.WAF in v4
+type WAF interface {
+	coraza.WAF
+	io.Closer
+	// NewTransactionWithOptions creates a new initialized transaction for this WAF instance
+	NewTransactionWithOptions(coraza.Options) types.Transaction
 }
diff --git a/experimental/waf_test.go b/experimental/waf_test.go
@@ -1,31 +1,32 @@
 // Copyright 2024 Juan Pablo Tosso and the OWASP Coraza contributors
 // SPDX-License-Identifier: Apache-2.0
 
-package experimental_test
+package experimental
 
 import (
-	"fmt"
+	"testing"
 
 	"github.com/corazawaf/coraza/v3"
-	"github.com/corazawaf/coraza/v3/experimental"
 )
 
-func ExampleWAFWithOptions_NewTransactionWithOptions() {
+func TestWAFWithOptions(t *testing.T) {
 	waf, err := coraza.NewWAF(coraza.NewWAFConfig())
 	if err != nil {
-		panic(err)
+		t.Fatal(err)
 	}
 
-	oWAF, ok := waf.(experimental.WAFWithOptions)
+	oWAF, ok := waf.(WAF)
 	if !ok {
-		panic("WAF does not implement WAFWithOptions")
+		t.Fatal("WAF does not implement WAF v4")
 	}
 
-	tx := oWAF.NewTransactionWithOptions(experimental.Options{
+	tx := oWAF.NewTransactionWithOptions(coraza.Options{
 		ID: "abc123",
 	})
 
-	fmt.Println("Transaction ID:", tx.ID())
+	if tx.ID() != "abc123" {
+		t.Error("Transaction ID not set")
+	}
 
 	// Output:
 	// Transaction ID: abc123
diff --git a/http/middleware.go b/http/middleware.go
@@ -105,9 +105,9 @@ func WrapHandler(waf coraza.WAF, h http.Handler) http.Handler {
 		return waf.NewTransaction()
 	}
 
-	if ctxwaf, ok := waf.(experimental.WAFWithOptions); ok {
+	if ctxwaf, ok := waf.(experimental.WAF); ok {
 		newTX = func(r *http.Request) types.Transaction {
-			return ctxwaf.NewTransactionWithOptions(experimental.Options{
+			return ctxwaf.NewTransactionWithOptions(coraza.Options{
 				Context: r.Context(),
 			})
 		}
diff --git a/internal/corazawaf/waf.go b/internal/corazawaf/waf.go
@@ -429,3 +429,16 @@ func (w *WAF) Validate() error {
 
 	return nil
 }
+
+// Close will release resources used by the WAF instance
+func (w *WAF) Close() error {
+	err := w.PersistenceEngine.Close()
+	if err != nil {
+		return fmt.Errorf("failed to close persitence engine: %w", err)
+	}
+	err = w.AuditLogWriter().Close()
+	if err != nil {
+		return fmt.Errorf("failed to close audit log writer: %w", err)
+	}
+	return nil
+}
diff --git a/waf.go b/waf.go
@@ -8,13 +8,17 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/corazawaf/coraza/v3/experimental"
 	"github.com/corazawaf/coraza/v3/internal/corazawaf"
 	"github.com/corazawaf/coraza/v3/internal/environment"
 	"github.com/corazawaf/coraza/v3/internal/seclang"
 	"github.com/corazawaf/coraza/v3/types"
 )
 
+// Options is used to create tranactions with context and ID
+// This is only supported as part of the experimental package
+// experimental.WAF.NewTransactionWithOptions(Options)
+type Options = corazawaf.Options
+
 // WAF instance is used to store configurations and rules
 // Every web application should have a different WAF instance,
 // but you can share an instance if you are ok with sharing
@@ -152,6 +156,11 @@ func (w wafWrapper) NewTransactionWithID(id string) types.Transaction {
 }
 
 // NewTransaction implements the same method on WAF.
-func (w wafWrapper) NewTransactionWithOptions(opts experimental.Options) types.Transaction {
+func (w wafWrapper) NewTransactionWithOptions(opts Options) types.Transaction {
 	return w.waf.NewTransactionWithOptions(opts)
 }
+
+// Close implements the same method on WAF.
+func (w wafWrapper) Close() error {
+	return w.waf.Close()
+}

Original file line number	Diff line number	Diff line change
`@@ -31,8 +31,8 @@ func exampleHandler(w http.ResponseWriter, req *http.Request) {`
`31`	`31`	`}`
`32`	`32`
`33`	`33`	`func main() {`
`34`		`- directivesFile := "./session.conf"`
`35`		`- waf := createWAF(directivesFile)`
	`34`	`+ directiveFile := "./session.conf"`
	`35`	`+ waf := createWAF(directiveFile)`
`36`	`36`
`37`	`37`	`http.Handle("/", txhttp.WrapHandler(waf, http.HandlerFunc(exampleHandler)))`
`38`	`38`
Original file line number	Diff line number	Diff line change
`@@ -105,9 +105,9 @@ func WrapHandler(waf coraza.WAF, h http.Handler) http.Handler {`
`105`	`105`	`return waf.NewTransaction()`
`106`	`106`	`}`
`107`	`107`
`108`		`- if ctxwaf, ok := waf.(experimental.WAFWithOptions); ok {`
	`108`	`+ if ctxwaf, ok := waf.(experimental.WAF); ok {`
`109`	`109`	`newTX = func(r *http.Request) types.Transaction {`
`110`		`- return ctxwaf.NewTransactionWithOptions(experimental.Options{`
	`110`	`+ return ctxwaf.NewTransactionWithOptions(coraza.Options{`
`111`	`111`	`Context: r.Context(),`
`112`	`112`	`})`
`113`	`113`	`}`