Coraza v2 status

[jptosso]

I will start working on Coraza v2, if you are only using the high level APIs (Create WAF, tx, seclang and transaction manipulation) your migration will be smooth, because only low level APIs will be rewritten.

The idea of v2 is to extend compatibility with modsecurity v2 and remove CGO dependencies.

• full v2 Seclang compatibility (not deprecated or removed modsecurity features and not PCRE): Modifications like the new SecAuditLog will be rolled back
• The audit engine will work just like the modsecurity engine, but it will support json2 for the Coraza format
• Debug logging will be like modsecurity but in a structured format

Other important features are:

• Remove dependency from Seclang, now it's easier to create rules however you want
• Many new native plugin interfaces
• Almost no dependencies

Coraza v2 will only support highly tested features, every other feature will be included as a plugin until it can be merged to the main project. Only plugins without dependencies will be merged, some exceptions might be made.

v2.0

• Add names to operators, actions and transformations #102
• Better internal APIs (public APIs are going to be kept)
• @rx will use RE2 instead of PCRE and create a PCRE plugin
• Remove @detectSQLi and @detectXSS, replace them with libinjection plugin
• Complete logging rework (audit) #101
• Complete logging rework (error)
• New API to add error callback for transactions (something like tx.AddLogCb(cb))
• Create a CRS compatibility plugin, which includes libinjection and pcre, maybe it can be a branch
• Extend body processors interface, maybe transform them to plugin infrastructure
• Rework the test engine, it has a lot of bugs
• Add JSON support #99
• Create audit log plugins interface (formatters and writers) #103
• 100% compatibility with OWASP CRS on Coraza v2 (99.96%) #105
• Pass lint checks
• Add file mode to body processors #76

v2.x

• Handle temporary files from multipart
• Replace persistent collections with an internal persistence engine for plugins
• Add windows support