github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Makes @geoLookup optional depending on the availability of libGeoIP

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-11-20 09:52:36 -03:00
parent 21cae53d47
commit 09a958544d
6 changed files with 51 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/modsecurity.cc
View File

@ -58,7 +58,9 @@ ModSecurity::~ModSecurity() {
#ifdef MSC_WITH_CURL
curl_global_cleanup();
#endif
#ifdef WITH_GEOIP
Utils::GeoLookup::getInstance().cleanUp();
#endif
}

8
src/operators/geo_lookup.cc
View File

@ -15,7 +15,9 @@
#include "operators/geo_lookup.h"
#ifdef WITH_GEOIP
#include <GeoIPCity.h>
#endif
#include <string>
#include <functional>
@ -31,10 +33,11 @@ namespace operators {
bool GeoLookup::evaluate(Assay *assay, const std::string &exp) {
using std::placeholders::_1;
using std::placeholders::_2;
GeoIPRecord *gir;
bool ret = true;
#ifdef WITH_GEOIP
GeoIPRecord *gir;
if (assay) {
ret = Utils::GeoLookup::getInstance().lookup(exp, &gir,
std::bind(&GeoLookup::debug, this, assay, _1, _2));
@ -85,6 +88,7 @@ bool GeoLookup::evaluate(Assay *assay, const std::string &exp) {
GeoIPRecord_delete(gir);
}
#endif // WITH_GEOIP
return ret;
}

25
src/parser/seclang-parser.yy
View File

@ -220,6 +220,7 @@ using ModSecurity::Variables::Tx;
%token <std::string> CONFIG_DIR_GEO_DB
%token <std::string> OPERATOR
%token <std::string> OPERATOR_GEOIP
%token <std::string> FREE_TEXT
%token <std::string> ACTION
%token <std::string> ACTION_ACCURACY
@ -361,6 +362,23 @@ op:
}
$$ = op;
}
| OPERATOR_GEOIP
{
#ifdef WITH_GEOIP
Operator *op = Operator::instantiate($1);
const char *error = NULL;
if (op->init(driver.ref.back(), &error) == false) {
driver.error(@0, error);
YYERROR;
}
$$ = op;
#else
std::stringstream ss;
ss << "This version of ModSecurity was not compiled with GeoIP support.";
driver.error(@0, ss.str());
YYERROR;
#endif // WITH_GEOIP
}
| FREE_TEXT
{
Operator *op = Operator::instantiate("\"@rx " + $1 + "\"");
@ -521,6 +539,7 @@ expression:
/* Debug log: end */
| CONFIG_DIR_GEO_DB
{
#ifdef WITH_GEOIP
std::string file = ModSecurity::find_resource($1, driver.ref.back());
if (GeoLookup::getInstance().setDataBase(file) == false) {
std::stringstream ss;
@ -529,6 +548,12 @@ expression:
driver.error(@0, ss.str());
YYERROR;
}
#else
std::stringstream ss;
ss << "This version of ModSecurity was not compiled with GeoIP support.";
driver.error(@0, ss.str());
YYERROR;
#endif // WITH_GEOIP
}
/* Body limits */
| CONFIG_DIR_REQ_BODY_LIMIT

7
src/parser/seclang-scanner.ll
View File

@ -103,8 +103,8 @@ DICT_ELEMENT [^ \t|]+
OPERATOR (?i:(?:@inspectFile|@fuzzyHash|@validateByteRange|@validateDTD|@validateHash|@validateSchema|@verifyCC|@verifyCPF|@verifySSN|@gsbLookup|@rsub)|(?:\!{0,1})(?:@within|@containsWord|@contains|@endsWith|@eq|@ge|@gt|@ipMatchF|@ipMatch|@ipMatchFromFile|@le|@lt|@pmf|@pm|@pmFromFile|@rbl|@rx|@streq|@strmatch|@beginsWith))
OPERATORNOARG (?i:@detectSQLi|@detectXSS|@geoLookup|@validateUrlEncoding|@validateUtf8Encoding)
OPERATORNOARG (?i:@detectSQLi|@detectXSS|@validateUrlEncoding|@validateUtf8Encoding)
OPERATOR_GEOIP (?i:@geoLookup)
TRANSFORMATION t:(sha1|hexEncode|lowercase|urlDecodeUni|urlDecode|none|compressWhitespace|removeWhitespace|replaceNulls|removeNulls|htmlEntityDecode|jsDecode|cssDecode|trim|normalizePathWin|normalisePath|length|utf8toUnicode|urldecode|removeComments|replaceComments)
@ -281,7 +281,8 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
<EXPECTING_OPERATOR>{
{SOMETHING} { BEGIN(INITIAL); return yy::seclang_parser::make_FREE_TEXT(yytext, *driver.loc.back()); }
["]{OPERATOR}[ ]{FREE_TEXT}["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATORNOARG}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATORNOARG}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATOR_GEOIP}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR_GEOIP(yytext, *driver.loc.back()); }
}
{ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }

8
src/utils/geo_lookup.cc
View File

@ -31,9 +31,13 @@ namespace Utils {
GeoLookup::~GeoLookup() {
#ifdef WITH_GEOIP
cleanUp();
#endif // WITH_GEOIP
}
#ifdef WITH_GEOIP
void GeoLookup::cleanUp() {
if (m_gi != NULL) {
GeoIP_delete(m_gi);
@ -41,10 +45,8 @@ void GeoLookup::cleanUp() {
}
}
bool GeoLookup::setDataBase(const std::string& filePath) {
m_gi = GeoIP_open(filePath.c_str(), GEOIP_INDEX_CACHE);
if (m_gi == NULL) {
return false;
}
@ -71,6 +73,8 @@ bool GeoLookup::lookup(const std::string& target, GeoIPRecord **gir,
return true;
}
#endif // WITH_GEOIP
} // namespace Utils
} // namespace ModSecurity

10
src/utils/geo_lookup.h
View File

@ -18,7 +18,9 @@
#include <string>
#include <functional>
#ifdef WITH_GEOIP // WITH_GEOIP
#include <GeoIPCity.h>
#endif
#ifndef SRC_UTILS_GEO_LOOKUP_H_
#define SRC_UTILS_GEO_LOOKUP_H_
@ -35,11 +37,12 @@ class GeoLookup {
static GeoLookup instance;
return instance;
}
#ifdef WITH_GEOIP
bool setDataBase(const std::string& filePath);
bool lookup(const std::string& target, GeoIPRecord **georec,
std::function<bool(int, std::string)> callback);
void cleanUp();
#endif // WITH_GEOIP
private:
GeoLookup()
@ -47,8 +50,11 @@ class GeoLookup {
~GeoLookup();
GeoLookup(GeoLookup const&);
void operator=(GeoLookup const&);
#ifdef WITH_GEOIP
GeoIP *m_gi;
#else // WITH_GEOIP
void *m_gi;
#endif // WITH_GEOIP
};