first persistence draft

[jptosso]

Adds persistence support using in-memory storage.

Current challenges

• It only contains a test implementation. It must not be used in production
• Right now there is no way to kill connections, we should implement WAF close in v4
• There are race conditions for writing under high concurrency
• I refactored collections.Map, now it implements collection.Editable, which is also implemented by collection.Persistent. That way, both persistent and map collections can be easily edited in setvar. Maps are still the same, the only difference is that some methods come from editable.

Usage

SecPersistenceEngine default
SecPersistenceTTL 3600
SecRule &REQUEST_COOKIES:session "@gt 0" "id:1,phase:1, initcol:session=%{REQUEST_COOKIES.session}"
SecRule REQUEST_URL "/login.php" "id:2, phase:4, setvar:session.username=%{RESPONSE_ARGS.json.username}"

SecAction "id:3,phase:5,log,msg:'User: %{SESSION.username}'"

[codecov]

Codecov Report

Patch coverage: 74.73% and project coverage change: -0.20% ⚠️

Comparison is base (5d3b707) 81.51% compared to head (db06ddb) 81.31%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #866      +/-   ##
==========================================
- Coverage   81.51%   81.31%   -0.20%     
==========================================
  Files         160      165       +5     
  Lines        9033     9280     +247     
==========================================
+ Hits         7363     7546     +183     
- Misses       1418     1467      +49     
- Partials      252      267      +15     

Flag	Coverage Δ
default	76.70% <72.63%> (+0.10%)	⬆️
examples	25.04% <8.83%> (-0.45%)	⬇️
ftw	45.72% <17.31%> (-1.06%)	⬇️
ftw-multiphase	47.78% <17.31%> (-1.12%)	⬇️
tinygo	74.26% <36.70%> (-0.51%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
experimental/plugins/persistence.go	0.00% <0.00%> (ø)
types/variables/variables.go	100.00% <ø> (ø)
internal/seclang/directives.go	76.20% <45.45%> (-0.70%)	⬇️
internal/actions/initcol.go	61.76% <45.83%> (-38.24%)	⬇️
internal/corazawaf/waf.go	86.78% <50.00%> (-1.46%)	⬇️
internal/variables/variablesmap.gen.go	77.03% <50.00%> (-0.09%)	⬇️
internal/persistence/persistence.go	62.50% <62.50%> (ø)
internal/corazawaf/transaction.go	78.30% <63.63%> (-0.23%)	⬇️
internal/persistence/noop.go	75.00% <75.00%> (ø)
internal/actions/setvar.go	63.55% <77.77%> (+3.36%)	⬆️
... and 2 more

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[jptosso]

This is not a breaking change, as it still implements Keyed and it keeps the same functions (?)