Fix phases execution

src/actions/phase.cc

@@ -43,16 +43,15 @@ Phase::Phase(std::string action)
     } catch (...) {
         this->phase = 0;
         if (tolower(a) == "request") {
-            this->phase = this->phase +
-                ModSecurity::Phases::RequestHeadersPhase;
+            this->phase = ModSecurity::Phases::RequestHeadersPhase;
             m_secRulesPhase = 2;
         }
         if (tolower(a) == "response") {
-            this->phase = this->phase + ModSecurity::Phases::ResponseBodyPhase;
+            this->phase = ModSecurity::Phases::ResponseBodyPhase;
             m_secRulesPhase = 4;
         }
         if (tolower(a) == "logging") {
-            this->phase = this->phase + ModSecurity::Phases::LoggingPhase;
+            this->phase = ModSecurity::Phases::LoggingPhase;
             m_secRulesPhase = 5;
         }
     }
@@ -60,17 +59,17 @@ Phase::Phase(std::string action)
     if (this->phase == 0) {
       /* Phase 0 is something new, we want to use as ConnectionPhase */
       this->phase = ModSecurity::Phases::ConnectionPhase;
-      m_secRulesPhase = 2;
+      m_secRulesPhase = 1;
     } else {
       /* Otherwise we want to shift the rule to the correct phase */
       m_secRulesPhase = phase;
-      this->phase = phase + ModSecurity::Phases::RequestHeadersPhase - 1;
+      this->phase = phase + 1;
     }
 }
 
 
 bool Phase::init(std::string *error) {
-    if (phase >= ModSecurity::Phases::NUMBER_OF_PHASES) {
+    if (phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
         error->assign("Unknown phase: " + std::to_string(phase));
         return false;
     }

src/parser/driver.cc

@@ -50,7 +50,7 @@ int Driver::addSecMarker(std::string marker) {
 
 
 int Driver::addSecAction(Rule *rule) {
-    if (rule->phase >= ModSecurity::Phases::NUMBER_OF_PHASES) {
+    if (rule->phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
         parserError << "Unknown phase: " << std::to_string(rule->phase);
         parserError << std::endl;
         return false;
@@ -62,7 +62,7 @@ int Driver::addSecAction(Rule *rule) {
 }
 
 int Driver::addSecRule(Rule *rule) {
-    if (rule->phase >= ModSecurity::Phases::NUMBER_OF_PHASES) {
+    if (rule->phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
         parserError << "Unknown phase: " << std::to_string(rule->phase);
         parserError << std::endl;
         return false;

test/test-cases/regression/action-id.json

@@ -134,7 +134,7 @@
       "SecRuleEngine On",
       "SecDebugLog \/tmp\/modsec_debug.log",
       "SecDebugLogLevel 9",
-      "SecRule ARGS \"@rx (value1)\" \"id:1,phase:2,pass,t:trim\""
+      "SecRule ARGS \"@rx (value1)\" \"id:1,phase:3,pass,t:trim\""
     ]
   },
   {
@@ -180,7 +180,7 @@
       "SecRuleEngine On",
       "SecDebugLog \/tmp\/modsec_debug.log",
       "SecDebugLogLevel 9",
-      "SecRule ARGS \"@rx (value1)\" \"id:'1',phase:2,pass,t:trim\""
+      "SecRule ARGS \"@rx (value1)\" \"id:'1',phase:3,pass,t:trim\""
     ]
   },
   {

test/test-cases/regression/actions.json

@@ -249,7 +249,7 @@
     "enabled": 1,
     "version_min": 300000,
     "version_max": 0,
-    "title": "actions :: phase:1,trim,status:500,deny",
+    "title": "actions :: phase:2,trim,status:500,deny",
     "client": {
       "ip": "200.249.12.31",
       "port": 2313
@@ -303,7 +303,7 @@
       "SecRuleEngine On",
       "SecDebugLog \/tmp\/modsec_debug.log",
       "SecDebugLogLevel 9",
-      "SecRule ARGS \"@contains test\" \"id:1,phase:1,t:trim,status:500,deny\""
+      "SecRule ARGS \"@contains test\" \"id:1,phase:2,t:trim,status:500,deny\""
     ]
   },
   {