Merge pull request #90 from zecure/dev

Release 2.2.0

.github/workflows/analyze.yml

@@ -0,0 +1,66 @@
+name: Analyze
+on:
+  push:
+    branches:
+      - master
+      - dev
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  blacklist:
+    name: Blacklist
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Compare regular expressions with samples
+        run: |
+          ./misc/blacklist/helper.py --test
+
+  sonarcloud:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    env:
+      SONAR_SCANNER_VERSION: 4.7.0.2747
+      SONAR_SERVER_URL: "https://sonarcloud.io"
+      BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 11
+      - name: Download and set up sonar-scanner
+        env:
+          SONAR_SCANNER_DOWNLOAD_URL: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
+        run: |
+          mkdir -p $HOME/.sonar
+          curl -sSLo $HOME/.sonar/sonar-scanner.zip ${{ env.SONAR_SCANNER_DOWNLOAD_URL }} 
+          unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
+          echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH
+      - name: Download and set up build-wrapper
+        env:
+          BUILD_WRAPPER_DOWNLOAD_URL: ${{ env.SONAR_SERVER_URL }}/static/cpp/build-wrapper-linux-x86.zip
+        run: |
+          curl -sSLo $HOME/.sonar/build-wrapper-linux-x86.zip ${{ env.BUILD_WRAPPER_DOWNLOAD_URL }}
+          unzip -o $HOME/.sonar/build-wrapper-linux-x86.zip -d $HOME/.sonar/
+          echo "$HOME/.sonar/build-wrapper-linux-x86" >> $GITHUB_PATH
+      - name: Install dependencies
+        run: |
+          sudo apt-get install -y build-essential cmake libssl-dev libboost-system-dev libboost-thread-dev libboost-program-options-dev libboost-regex-dev libboost-test-dev libasio-dev libjsoncpp-dev libcrypto++-dev libdbi-dev
+      - name: Run cmake
+        run: |
+          cmake .
+      - name: Run unit tests
+        run: |
+          make tests && make test
+      - name: Run build-wrapper
+        run: |
+          build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} make shadowd
+      - name: Run sonar-scanner
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: |
+          sonar-scanner --define sonar.host.url="${{ env.SONAR_SERVER_URL }}" --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}" -Dproject.settings=.sonarcloud.properties -Dsonar.cfamily.cache.enabled=false -Dsonar.cfamily.threads=1

.sonarcloud.properties

@@ -3,3 +3,4 @@ sonar.exclusions=misc/*, tests/*
 sonar.tests=tests
 sonar.sourceEncoding=UTF-8
 sonar.projectKey=zecure_shadowd
+sonar.organization=zecure

CMakeLists.txt

@@ -8,8 +8,8 @@ set(CMAKE_POSITION_INDEPENDENT_CODE ON)
 
 # Version
 set(SHADOWD_MAJOR_VERSION 2)
-set(SHADOWD_MINOR_VERSION 1)
-set(SHADOWD_PATCH_VERSION 1)
+set(SHADOWD_MINOR_VERSION 2)
+set(SHADOWD_PATCH_VERSION 0)
 set(SHADOWD_VERSION
     ${SHADOWD_MAJOR_VERSION}.${SHADOWD_MINOR_VERSION}.${SHADOWD_PATCH_VERSION}
 )

Dockerfile

@@ -1,4 +1,4 @@
-FROM ubuntu:focal AS builder
+FROM ubuntu:20.04 AS builder
 RUN apt-get update && \
     DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        build-essential \
@@ -21,7 +21,7 @@ RUN cmake -DCMAKE_INSTALL_PREFIX:PATH=/usr -DCMAKE_BUILD_TYPE=Release .. && \
     make shadowd
 
 
-FROM ubuntu:focal
+FROM ubuntu:20.04
 MAINTAINER Hendrik Buchwald
 ENV SHADOWD_ADDRESS 0.0.0.0
 EXPOSE 9115
@@ -57,4 +57,4 @@ RUN addgroup \
 COPY --from=builder /shadowd/misc/docker/docker-entrypoint.sh /
 COPY --from=builder /shadowd/build/src/shadowd /usr/bin/shadowd
 ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["/usr/bin/shadowd", "-c", "/etc/shadowd/shadowd.ini", "-U", "shadowd", "-G", "shadowd"]
+CMD ["/usr/bin/shadowd", "-c", "/etc/shadowd/shadowd.ini", "-U", "shadowd", "-G", "shadowd", "-W"]

Doxyfile

@@ -38,7 +38,7 @@ PROJECT_NAME           = "Shadow Daemon"
 # could be handy for archiving the generated documentation or if some version
 # control system is used.
 
-PROJECT_NUMBER         = "2.1.1"
+PROJECT_NUMBER         = "2.2.0"
 
 # Using the PROJECT_BRIEF tag one can provide an optional one line description
 # for a project that appears at the top of each page and should give viewer a

README.md

@@ -1,13 +1,10 @@
-![Logo](http://shadowd.zecure.org/img/logo_small.png)
+![Logo](https://shadowd.zecure.org/img/logo_small.png)
 
-[![Build Status](https://app.travis-ci.com/zecure/shadowd.svg?branch=master)](https://app.travis-ci.com/zecure/shadowd)
+[![Build Status](https://github.com/zecure/shadowd/actions/workflows/analyze.yml/badge.svg)](https://github.com/zecure/shadowd/actions/workflows/analyze.yml)
 [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=zecure_shadowd&metric=alert_status)](https://sonarcloud.io/dashboard?id=zecure_shadowd)
 
-**Shadow Daemon** is a collection of tools to **detect**, **record** and **prevent** **attacks** on *web applications*.
-Technically speaking, Shadow Daemon is a **web application firewall** that intercepts requests and filters out malicious parameters.
-It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.
-
-This is the main component that handles the analysis and storage of requests.
+**Shadow Daemon** is a *web application firewall* that intercepts requests at application-level.
+This repository contains the main component of Shadow Daemon that handles the analysis and storage of requests.
 
 # Documentation
 For the full documentation please refer to [shadowd.zecure.org](https://shadowd.zecure.org/).

include/blacklist.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/blacklist_filter.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/blacklist_rule.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/cache.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/cached.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/config.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/config_exception.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/connection.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/connection_exception.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/core_exception.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/daemon.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/database.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public
@@ -68,11 +68,12 @@ namespace swd {
              * @param password The database password, originating from the config
              * @param name The database name, originating from the config
              * @param encoding The database encoding, originating from the config
+             * @param wait Retry connecting to the database
              */
             void connect(const std::string& driver, const std::string& host,
              const std::string& port, const std::string& username,
              const std::string& password, const std::string& name,
-             const std::string& encoding);
+             const std::string& encoding, bool wait);
 
             /**
              * @brief Close the database connection.

include/database_exception.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/hash.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/integrity.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/integrity_rule.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/log.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/parameter.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/profile.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/reply.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/reply_handler.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/request.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public

include/request_handler.h

@@ -1,7 +1,7 @@
 /**
  * Shadow Daemon -- Web Application Firewall
  *
- *   Copyright (C) 2014-2021 Hendrik Buchwald <[email protected]>
+ *   Copyright (C) 2014-2022 Hendrik Buchwald <[email protected]>
  *
  * This file is part of Shadow Daemon. Shadow Daemon is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public