From d7dbf8552562edcfb53ab2024d8ceccc33823021 Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Tue, 30 Jun 2020 20:53:29 +0300 Subject: cel: fix validation of expression result type (#3526) * cel: fix validation of expression result type The earlier code used the proto.Equals from github.com/gogo/protobuf, which failed to compare two messages of the same type for some reason. Switching to proto.Equal from the canonical github.com/golang/protobuf fixes the issue. * deps: remove deprecated github.com/golang/protobuf in favor of google.golang.org/protobuf * downgrade github.com/smallstep/nosql to resolve warning pb.proto warning --- modules/caddyhttp/celmatcher.go | 4 +-- modules/caddyhttp/celmatcher_test.go | 51 ++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 2 deletions(-) create mode 100644 modules/caddyhttp/celmatcher_test.go (limited to 'modules') diff --git a/modules/caddyhttp/celmatcher.go b/modules/caddyhttp/celmatcher.go index 6c9cc96..83e01cf 100644 --- a/modules/caddyhttp/celmatcher.go +++ b/modules/caddyhttp/celmatcher.go @@ -25,8 +25,6 @@ import ( "github.com/caddyserver/caddy/v2" "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" - "github.com/gogo/protobuf/proto" - "github.com/golang/protobuf/ptypes/timestamp" "github.com/google/cel-go/cel" "github.com/google/cel-go/checker/decls" "github.com/google/cel-go/common/types" @@ -35,6 +33,8 @@ import ( "github.com/google/cel-go/ext" "github.com/google/cel-go/interpreter/functions" exprpb "google.golang.org/genproto/googleapis/api/expr/v1alpha1" + "google.golang.org/protobuf/proto" + timestamp "google.golang.org/protobuf/types/known/timestamppb" ) func init() { diff --git a/modules/caddyhttp/celmatcher_test.go b/modules/caddyhttp/celmatcher_test.go new file mode 100644 index 0000000..0e3b335 --- /dev/null +++ b/modules/caddyhttp/celmatcher_test.go @@ -0,0 +1,51 @@ +// Copyright 2015 Matthew Holt and The Caddy Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package caddyhttp + +import ( + "testing" + + "github.com/caddyserver/caddy/v2" +) + +func TestMatchExpressionProvision(t *testing.T) { + tests := []struct { + name string + expression *MatchExpression + wantErr bool + }{ + { + name: "boolean mtaches succeed", + expression: &MatchExpression{ + Expr: "{http.request.uri.query} != ''", + }, + wantErr: false, + }, + { + name: "reject expressions with non-boolean results", + expression: &MatchExpression{ + Expr: "{http.request.uri.query}", + }, + wantErr: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if err := tt.expression.Provision(caddy.Context{}); (err != nil) != tt.wantErr { + t.Errorf("MatchExpression.Provision() error = %v, wantErr %v", err, tt.wantErr) + } + }) + } +} -- cgit v1.2.3