Skip to content

Commit

Permalink
fix: improve code quality
Browse files Browse the repository at this point in the history
  • Loading branch information
@SecSamDev
SecSamDev committed Jan 12, 2024
1 parent dd751d9 commit 983654d
Show file tree
Hide file tree
Showing 60 changed files with 1,296 additions and 1,398 deletions.
2 changes: 1 addition & 1 deletion src/components/command_types.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ pub struct UseCaseDefinition {
#[non_exhaustive]
pub enum LoginUser {
Password(LoginUserPass),
ApiKey(String)
ApiKey(String),
}

#[derive(Serialize, Deserialize, Debug, Clone)]
Expand Down
6 changes: 3 additions & 3 deletions src/components/common.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,16 +69,16 @@ impl SiemComponentCapabilities {
commands: Vec<CommandDefinition>,
tasks: Vec<TaskDefinition>,
metrics: Vec<SiemMetricDefinition>,
) -> SiemComponentCapabilities {
return SiemComponentCapabilities {
) -> Self {
Self {
name,
description,
view,
datasets,
commands,
tasks,
metrics,
};
}
}
pub fn name(&self) -> &str {
&self.name
Expand Down
31 changes: 10 additions & 21 deletions src/components/dataset/calendar.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,47 +18,36 @@ pub struct CalendarSynDataset {
}

impl CalendarSynDataset {
pub fn new(dataset: Arc<CalendarDataset>, comm: Sender<UpdateCalendar>) -> CalendarSynDataset {
return CalendarSynDataset { dataset, comm };
pub fn new(dataset: Arc<CalendarDataset>, comm: Sender<UpdateCalendar>) -> Self {
Self { dataset, comm }
}
/// Used to add IP with custom information like tags.
pub fn insert(&mut self, start: i64, end: i64, data: LogString) {
// Todo: improve with local cache to send retries
match self.comm.try_send(UpdateCalendar::Add((start, end, data))) {
Ok(_) => {}
Err(_) => {}
};
let _ = self.comm.try_send(UpdateCalendar::Add((start, end, data)));
}
pub fn remove(&mut self, start: i64, end: i64) {
// Todo: improve with local cache to send retries
match self.comm.try_send(UpdateCalendar::Remove((start, end))) {
Ok(_) => {}
Err(_) => {}
};
let _ = self.comm.try_send(UpdateCalendar::Remove((start, end)));
}
pub fn update(&mut self, data: CalendarDataset) {
// Todo: improve with local cache to send retries
match self.comm.try_send(UpdateCalendar::Replace(data)) {
Ok(_) => {}
Err(_) => {}
};
let _ = self.comm.try_send(UpdateCalendar::Replace(data));
}
pub fn get(&self, time: i64) -> Option<Vec<&LogString>> {
// Todo improve with cached content
self.dataset.get(time)
}
}

#[derive(Serialize, Debug)]
#[derive(Serialize, Debug, Default)]
pub struct CalendarDataset {
data: BTreeMap<i64, Vec<(i64, i64, LogString)>>,
}

impl CalendarDataset {
pub fn new() -> CalendarDataset {
return CalendarDataset {
data: BTreeMap::new(),
};
pub fn new() -> Self {
Self::default()
}
pub fn insert(&mut self, start: i64, end: i64, data: LogString) {
let start_day = start / 86400000;
Expand Down Expand Up @@ -111,10 +100,10 @@ impl CalendarDataset {
to_ret.push(data);
}
}
if to_ret.len() == 0 {
if to_ret.is_empty() {
return None;
}
return Some(to_ret);
Some(to_ret)
}
None => None,
}
Expand Down
37 changes: 11 additions & 26 deletions src/components/dataset/geo_ip/fast.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,52 +20,40 @@ pub struct GeoIpSynDataset {
comm: Sender<UpdateGeoIp>,
}
impl GeoIpSynDataset {
pub fn new(dataset: Arc<GeoIpDataset>, comm: Sender<UpdateGeoIp>) -> GeoIpSynDataset {
return GeoIpSynDataset { dataset, comm };
pub fn new(dataset: Arc<GeoIpDataset>, comm: Sender<UpdateGeoIp>) -> Self {
Self { dataset, comm }
}
pub fn full_update(&self, dataset: GeoIpDataset) {
match self.comm.send(UpdateGeoIp::Replace(dataset)) {
Ok(_) => {}
Err(_) => {}
};
let _ = self.comm.send(UpdateGeoIp::Replace(dataset));
}

/// This method must not be used with this dataset, because no source will give you accurate data to update this dataset. Maybe some firewalls, but updating the dataset with each log information is not a good idea.
pub fn insert(&mut self, ip: SiemIp, net: u8, data: GeoIpInfo) {
// Todo: improve with local cache to send retries
match self.comm.try_send(UpdateGeoIp::Add((ip, net, data))) {
Ok(_) => {}
Err(_) => {}
};
let _ = self.comm.try_send(UpdateGeoIp::Add((ip, net, data)));
}
pub fn get(&self, ip: &SiemIp) -> Option<&GeoIpInfo> {
// Todo improve with cached added IPs
self.dataset.get(ip)
}
}
#[derive(Serialize, Debug)]
#[derive(Serialize, Debug, Default)]
pub struct GeoIpDataset {
data4: BTreeMap<u32, BTreeMap<u32, GeoIpInfo>>,
data6: BTreeMap<u32, BTreeMap<u128, GeoIpInfo>>,
}

impl GeoIpDataset {
pub fn new() -> GeoIpDataset {
return GeoIpDataset {
data4: BTreeMap::new(),
data6: BTreeMap::new(),
};
pub fn new() -> Self {
Self::default()
}
pub fn insert(&mut self, ip: SiemIp, net: u8, data: GeoIpInfo) {
match ip {
SiemIp::V4(ip) => {
let ip_net = ip & std::u32::MAX.checked_shl((32 - net) as u32).unwrap_or(0);
if self.data4.contains_key(&(net as u32)) {
match self.data4.get_mut(&(net as u32)) {
Some(dataset) => {
dataset.insert(ip_net, data);
}
None => {}
if let Some(dataset) = self.data4.get_mut(&(net as u32)) {
dataset.insert(ip_net, data);
};
} else {
let mut new_net = BTreeMap::new();
Expand All @@ -76,11 +64,8 @@ impl GeoIpDataset {
SiemIp::V6(ip) => {
let ip_net = ip & std::u128::MAX.checked_shl((128 - net) as u32).unwrap_or(0);
if self.data6.contains_key(&(net as u32)) {
match self.data6.get_mut(&(net as u32)) {
Some(dataset) => {
dataset.insert(ip_net, data);
}
None => {}
if let Some(dataset) = self.data6.get_mut(&(net as u32)) {
dataset.insert(ip_net, data);
};
} else {
let mut new_net = BTreeMap::new();
Expand Down
21 changes: 12 additions & 9 deletions src/components/dataset/geo_ip/mod.rs
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
#[cfg(not(feature="slow_geoip"))]
#[cfg(not(feature = "slow_geoip"))]
mod fast;
#[cfg(feature="slow_geoip")]
#[cfg(feature = "slow_geoip")]
mod slow;

use serde::{Serialize, Deserialize};
#[cfg(feature="slow_geoip")]
use serde::{Deserialize, Serialize};
#[cfg(feature = "slow_geoip")]
use sled::IVec;

use crate::prelude::types::LogString;
Expand All @@ -19,21 +19,24 @@ pub struct GeoIpInfo {
pub isp: LogString, // More important than country in my opinion because Geolocalization is very imprecise.
pub asn: u32,
}
#[cfg(feature="slow_geoip")]
#[cfg(feature = "slow_geoip")]
impl Into<IVec> for GeoIpInfo {
fn into(self) -> IVec {
IVec::from(serde_json::to_string(&self).unwrap().as_bytes())
}
}
#[cfg(feature="slow_geoip")]
#[cfg(feature = "slow_geoip")]
impl From<IVec> for GeoIpInfo {
fn from(value: IVec) -> Self {
let s: GeoIpInfo = serde_json::from_slice(&value).unwrap();
s
}
}
#[cfg(not(feature="slow_geoip"))]
#[cfg(not(feature = "slow_geoip"))]
pub use fast::{GeoIpDataset, GeoIpSynDataset, UpdateGeoIp};

#[cfg(feature="slow_geoip")]
pub use slow::{SlowGeoIpDataset as GeoIpDataset, SlowGeoIpSynDataset as GeoIpSynDataset, UpdateSlowGeoIp as UpdateGeoIp};
#[cfg(feature = "slow_geoip")]
pub use slow::{
SlowGeoIpDataset as GeoIpDataset, SlowGeoIpSynDataset as GeoIpSynDataset,
UpdateSlowGeoIp as UpdateGeoIp,
};
29 changes: 16 additions & 13 deletions src/components/dataset/geo_ip/slow.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ impl SlowGeoIpSynDataset {
}
#[derive(Debug)]
pub struct SlowGeoIpDataset {
tree: sled::Db
tree: sled::Db,
}
impl Serialize for SlowGeoIpDataset {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
Expand All @@ -57,7 +57,7 @@ impl Serialize for SlowGeoIpDataset {
}
}
impl SlowGeoIpDataset {
pub fn new(path : &str) -> Self {
pub fn new(path: &str) -> Self {
let tree = sled::open(path).expect("open");
return Self { tree };
}
Expand All @@ -74,23 +74,23 @@ impl SlowGeoIpDataset {
ret[i] = byt;
i += 1;
}
},
}
SiemIp::V6(v) => {
let v = v & std::u128::MAX.checked_shl((128 - net) as u32).unwrap_or(0);
let v = v & std::u128::MAX.checked_shl((128 - net) as u32).unwrap_or(0);
ret[17] = 1;
let mut i = 0;
for byt in v.to_be_bytes() {
ret[i] = byt;
i += 1;
}
},
}
}
ret
}
pub fn get(&self, ip: &SiemIp) -> Option<GeoIpInfo> {
let (zeros, max_net) = match ip {
SiemIp::V4(ip) => (ip.trailing_zeros() as u8, 32u8),
SiemIp::V6(ip) => (ip.trailing_zeros() as u8, 128u8)
SiemIp::V6(ip) => (ip.trailing_zeros() as u8, 128u8),
};
for net in zeros..max_net {
let key = Self::get_key(ip, net);
Expand All @@ -100,12 +100,12 @@ impl SlowGeoIpDataset {
None => continue,
Some(v) => v,
};
let geo_ip : GeoIpInfo = v.into();
return Some(geo_ip)
},
let geo_ip: GeoIpInfo = v.into();
return Some(geo_ip);
}
Err(err) => {
crate::warn!("Error getting value in SLED: {:?}", err);
},
}
}
}
None
Expand All @@ -122,7 +122,10 @@ mod tests {
use super::*;
#[test]
fn geo_ip_should_find_ip() {
let tmp = std::env::temp_dir().join("slow_geo_ip").to_string_lossy().to_string();
let tmp = std::env::temp_dir()
.join("slow_geo_ip")
.to_string_lossy()
.to_string();
let info = GeoIpInfo {
city: LogString::Borrowed("LocalCity"),
country: LogString::Borrowed("LocalCountry"),
Expand Down Expand Up @@ -154,8 +157,8 @@ mod tests {
longitude: 0.2,
asn: 1,
};
let arr : IVec= info.clone().into();
let info2 :GeoIpInfo = arr.into();
let arr: IVec = info.clone().into();
let info2: GeoIpInfo = arr.into();
assert_eq!("LocalCity", info2.city);
assert_eq!(info.asn, info2.asn);
println!("{:?}", info2);
Expand Down
Loading

0 comments on commit 983654d

Please sign in to comment.