code_public/ja4sentinel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: correction race conditions et amélioration robustesse
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
Details

Browse Source 
- Correction race condition dans tlsparse avec mutex par ConnectionFlow
- Fix fuite mémoire buffer HelloBuffer
- Ajout rotation de fichiers logs (100MB, 3 backups)
- Implémentation queue asynchrone avec reconnexion exponentielle (socket UNIX)
- Validation BPF (caractères, longueur, parenthèses)
- Augmentation snapLen pcap de 1600 à 65535 bytes
- Permissions fichiers sécurisées (0600)
- Ajout 46 tests unitaires (capture, output, logging)
- Passage go test -race sans erreur

Tests: go test -race ./... ✓
Build: go build ./... ✓
Lint: go vet ./... ✓

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
Jacquin Antoine
2026-02-28 21:15:45 +01:00
parent d14d6d6bf0
commit fec500ba46
9 changed files with 1127 additions and 510 deletions
Download Patch File Download Diff File Expand all files Collapse all files

195
internal/capture/capture_test.go
View File

@ -4,12 +4,85 @@ import (
"testing"
)
func TestValidateBPFFilter(t *testing.T) {
tests := []struct {
name string
filter string
wantErr bool
}{
{
name: "empty filter",
filter: "",
wantErr: false,
},
{
name: "valid simple filter",
filter: "tcp port 443",
wantErr: false,
},
{
name: "valid complex filter",
filter: "(tcp port 443) or (tcp port 8443)",
wantErr: false,
},
{
name: "filter with special chars",
filter: "tcp port 443 and host 192.168.1.1",
wantErr: false,
},
{
name: "too long filter",
filter: string(make([]byte, MaxBPFFilterLength+1)),
wantErr: true,
},
{
name: "unbalanced parentheses - extra open",
filter: "(tcp port 443",
wantErr: true,
},
{
name: "unbalanced parentheses - extra close",
filter: "tcp port 443)",
wantErr: true,
},
{
name: "invalid characters - semicolon",
filter: "tcp port 443; rm -rf /",
wantErr: true,
},
{
name: "invalid characters - backtick",
filter: "tcp port `whoami`",
wantErr: true,
},
{
name: "invalid characters - dollar",
filter: "tcp port $HOME",
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
err := validateBPFFilter(tt.filter)
if (err != nil) != tt.wantErr {
t.Errorf("validateBPFFilter() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
}
func TestBuildBPFForPorts(t *testing.T) {
tests := []struct {
name string
ports []uint16
want string
}{
{
name: "no ports",
ports: []uint16{},
want: "tcp",
},
{
name: "single port",
ports: []uint16{443},
@ -17,13 +90,8 @@ func TestBuildBPFForPorts(t *testing.T) {
},
{
name: "multiple ports",
ports: []uint16{443, 8443},
want: "(tcp port 443) or (tcp port 8443)",
},
{
name: "no ports",
ports: []uint16{},
want: "tcp",
ports: []uint16{443, 8443, 9443},
want: "(tcp port 443) or (tcp port 8443) or (tcp port 9443)",
},
}
@ -45,22 +113,22 @@ func TestJoinString(t *testing.T) {
want string
}{
{
name: "empty slices",
name: "empty slice",
parts: []string{},
sep: ", ",
sep: ") or (",
want: "",
},
{
name: "single element",
parts: []string{"hello"},
sep: ", ",
want: "hello",
parts: []string{"tcp port 443"},
sep: ") or (",
want: "tcp port 443",
},
{
name: "multiple elements",
parts: []string{"hello", "world", "test"},
sep: ", ",
want: "hello, world, test",
parts: []string{"tcp port 443", "tcp port 8443"},
sep: ") or (",
want: "tcp port 443) or (tcp port 8443",
},
}
@ -74,25 +142,92 @@ func TestJoinString(t *testing.T) {
}
}
// Tests d'intégration nécessitant une interface valide seront à faire dans des environnements de test appropriés
// car la capture réseau nécessite des permissions élevées
func TestCaptureIntegration(t *testing.T) {
t.Skip("Skipping integration test requiring network access and elevated privileges")
}
func TestClose_NoHandle_NoError(t *testing.T) {
func TestNewCapture(t *testing.T) {
c := New()
if err := c.Close(); err != nil {
t.Fatalf("Close() error = %v", err)
if c == nil {
t.Fatal("New() returned nil")
}
if c.snapLen != DefaultSnapLen {
t.Errorf("snapLen = %d, want %d", c.snapLen, DefaultSnapLen)
}
if c.promisc != DefaultPromiscuous {
t.Errorf("promisc = %v, want %v", c.promisc, DefaultPromiscuous)
}
}
func TestClose_Idempotent_NoHandle(t *testing.T) {
c := New()
if err := c.Close(); err != nil {
t.Fatalf("first Close() error = %v", err)
func TestNewWithSnapLen(t *testing.T) {
tests := []struct {
name string
snapLen int
wantSnapLen int
}{
{
name: "valid snapLen",
snapLen: 2048,
wantSnapLen: 2048,
},
{
name: "zero snapLen uses default",
snapLen: 0,
wantSnapLen: DefaultSnapLen,
},
{
name: "negative snapLen uses default",
snapLen: -100,
wantSnapLen: DefaultSnapLen,
},
{
name: "too large snapLen uses default",
snapLen: 100000,
wantSnapLen: DefaultSnapLen,
},
}
if err := c.Close(); err != nil {
t.Fatalf("second Close() error = %v", err)
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := NewWithSnapLen(tt.snapLen)
if c == nil {
t.Fatal("NewWithSnapLen() returned nil")
}
if c.snapLen != tt.wantSnapLen {
t.Errorf("snapLen = %d, want %d", c.snapLen, tt.wantSnapLen)
}
})
}
}
func TestCaptureImpl_Close(t *testing.T) {
c := New()
if c == nil {
t.Fatal("New() returned nil")
}
// Close should not panic on fresh instance
if err := c.Close(); err != nil {
t.Errorf("Close() error = %v", err)
}
// Multiple closes should be safe
if err := c.Close(); err != nil {
t.Errorf("Close() second call error = %v", err)
}
}
func TestValidateBPFFilter_BalancedParentheses(t *testing.T) {
// Test various balanced parentheses scenarios
validFilters := []string{
"(tcp port 443)",
"((tcp port 443))",
"(tcp port 443) or (tcp port 8443)",
"((tcp port 443) or (tcp port 8443))",
"(tcp port 443 and host 1.2.3.4) or (tcp port 8443)",
}
for _, filter := range validFilters {
t.Run(filter, func(t *testing.T) {
if err := validateBPFFilter(filter); err != nil {
t.Errorf("validateBPFFilter(%q) unexpected error = %v", filter, err)
}
})
}
}