diff options
| author | Michael Weiser <michael.weiser@gmx.de> | 2019-04-18 08:57:15 +0000 |
|---|---|---|
| committer | Michael Weiser <michael.weiser@gmx.de> | 2019-04-25 12:20:20 +0000 |
| commit | 77d2ff1348a6f1ade05b54b297fc771abd0e14cd (patch) | |
| tree | e7914e3ad89f36b65aced27f53132244f894832f /peekaboo/daemon.py | |
| parent | e6c44a8ca3c2216904731e4d889e53473691c0dc (diff) | |
Validate ruleset config
Validate the ruleset configuration at startup to inform the user about
misconfiguration and exit immediately instead of giving warnings during
seemingly normal operation. This also gives us a chance to pre-compile
regexes for more efficient matching later on.
We give rules a new method get_config() which retrieves their
configuration. This is called for each rule by new method the
validate_config() of the ruleset engine to catch errors. This way the
layout and extent of configuration is still completely governed by the
rule and we can interview it about its happiness with what's provided in
the configuration file.
As an incidental cleanup, merge class PeekabooRulesetConfig into
PeekabooRulesetParser because there's nothing left where it could and
would need to help the rules with an abstraction of the config file.
Also switch class PeekabooConfig to be a subclass of
PeekabooConfigParser so it can (potentially) benefit from the list
parsing code there. By moving the special log level and by-default-type
getters over there as well we end up with nicely generic config classes
that can benefit directly from improvements in the configparser module.
Update the test suite to test and use this new functionality.
Incidentally, remove the convoluted inheritance-based config testing
layout in favour of creating subclasses of the config classes.
Diffstat (limited to 'peekaboo/daemon.py')
| -rw-r--r-- | peekaboo/daemon.py | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/peekaboo/daemon.py b/peekaboo/daemon.py index c7fbf5e..13169a4 100644 --- a/peekaboo/daemon.py +++ b/peekaboo/daemon.py @@ -38,12 +38,14 @@ from argparse import ArgumentParser from sdnotify import SystemdNotifier from sqlalchemy.exc import SQLAlchemyError from peekaboo import PEEKABOO_OWL, __version__ -from peekaboo.config import PeekabooConfig, PeekabooRulesetConfig +from peekaboo.config import PeekabooConfig, PeekabooConfigParser from peekaboo.db import PeekabooDatabase from peekaboo.queuing import JobQueue +from peekaboo.ruleset.engine import RulesetEngine from peekaboo.sample import SampleFactory from peekaboo.server import PeekabooServer -from peekaboo.exceptions import PeekabooDatabaseError, PeekabooConfigException +from peekaboo.exceptions import PeekabooDatabaseError, \ + PeekabooConfigException, PeekabooRulesetConfigError from peekaboo.toolbox.cuckoo import CuckooEmbed, CuckooApi @@ -321,12 +323,22 @@ def run(): # workers of the job queue need the ruleset configuration to create the # ruleset engine with it try: - ruleset_config = PeekabooRulesetConfig(config.ruleset_config) - logger.debug(ruleset_config) + ruleset_config = PeekabooConfigParser(config.ruleset_config) except PeekabooConfigException as error: logging.critical(error) sys.exit(1) + # verify the ruleset configuration by spawning a ruleset engine and having + # it verify it + try: + engine = RulesetEngine(ruleset_config, db_con) + except (KeyError, ValueError, PeekabooConfigException) as error: + logging.critical('Ruleset configuration error: %s', error) + sys.exit(1) + except PeekabooRulesetConfigError as error: + logging.critical(error) + sys.exit(1) + job_queue = JobQueue( worker_count=config.worker_count, ruleset_config=ruleset_config, db_con=db_con, |