diff --git a/CHANGES b/CHANGES
index f9b458cf..6cdcb867 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,11 @@
-25 Apr 2007 - 2.1.1-breach1
----------------------------
+31 May 2007 - 2.1.2-rc1
+-----------------------
+
+ * Fixed problem with subrequests not being intercepted (only logged).
+
+ * Fixed decoding full-width unicode in t:urlDecodeUni.
+
+ * Only calculate debugging vars when we are debugging.
* Added SecAuditLog2 directive to allow redundent concurrent audit log
index files. This will allow sending audit data to two consoles, etc.
diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c
index 0c7bcaa7..9d7a907c 100644
--- a/apache2/mod_security2.c
+++ b/apache2/mod_security2.c
@@ -54,6 +54,7 @@ int perform_interception(modsec_rec *msr) {
msre_actionset *actionset = NULL;
const char *message = NULL;
const char *phase_text = "";
+ const char *subreq_text = (msr->r->main == NULL) ? "" : "Subrequest. ";
int status = DECLINED;
int log_level = 1;
@@ -92,14 +93,14 @@ int perform_interception(modsec_rec *msr) {
case ACTION_DENY :
if (actionset->intercept_status != 0) {
status = actionset->intercept_status;
- message = apr_psprintf(msr->mp, "Access denied with code %i%s.", status,
- phase_text);
+ message = apr_psprintf(msr->mp, "%sAccess denied with code %i%s.",
+ subreq_text, status, phase_text);
} else {
log_level = 1;
status = HTTP_INTERNAL_SERVER_ERROR;
- message = apr_psprintf(msr->mp, "Access denied with code 500%s "
- "(Internal Error: Invalid status code requested %i).", phase_text,
- actionset->intercept_status);
+ message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s "
+ "(Internal Error: Invalid status code requested %i).",
+ subreq_text, phase_text, actionset->intercept_status);
}
break;
@@ -108,23 +109,25 @@ int perform_interception(modsec_rec *msr) {
if (ap_find_linked_module("mod_proxy.c") == NULL) {
log_level = 1;
status = HTTP_INTERNAL_SERVER_ERROR;
- message = apr_psprintf(msr->mp, "Access denied with code 500%s "
+ message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s "
"(Configuration Error: Proxy action to %s requested but mod_proxy not found).",
- phase_text, log_escape_nq(msr->mp, actionset->intercept_uri));
+ subreq_text, phase_text,
+ log_escape_nq(msr->mp, actionset->intercept_uri));
} else {
msr->r->filename = apr_psprintf(msr->mp, "proxy:%s", actionset->intercept_uri);
msr->r->proxyreq = PROXYREQ_REVERSE;
msr->r->handler = "proxy-server";
status = OK;
- message = apr_psprintf(msr->mp, "Access denied using proxy to %s%s.",
- phase_text, log_escape_nq(msr->mp, actionset->intercept_uri));
+ message = apr_psprintf(msr->mp, "%sAccess denied using proxy to %s%s.",
+ subreq_text, phase_text,
+ log_escape_nq(msr->mp, actionset->intercept_uri));
}
} else {
log_level = 1;
status = HTTP_INTERNAL_SERVER_ERROR;
- message = apr_psprintf(msr->mp, "Access denied with code 500%s "
+ message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s "
"(Configuration Error: Proxy action requested but it does not work in output phases).",
- phase_text);
+ subreq_text, phase_text);
}
break;
@@ -141,29 +144,30 @@ int perform_interception(modsec_rec *msr) {
if (csd) {
if (apr_socket_close(csd) == APR_SUCCESS) {
status = HTTP_FORBIDDEN;
- message = apr_psprintf(msr->mp, "Access denied with connection close%s.",
- phase_text);
+ message = apr_psprintf(msr->mp, "%sAccess denied with connection close%s.",
+ subreq_text, phase_text);
} else {
log_level = 1;
status = HTTP_INTERNAL_SERVER_ERROR;
- message = apr_psprintf(msr->mp, "Access denied with code 500%s "
+ message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s "
"(Error: Connection drop requested but failed to close the "
- " socket).", phase_text);
+ " socket).",
+ subreq_text, phase_text);
}
} else {
log_level = 1;
status = HTTP_INTERNAL_SERVER_ERROR;
- message = apr_psprintf(msr->mp, "Access denied with code 500%s "
+ message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s "
"(Error: Connection drop requested but socket not found.",
- phase_text);
+ subreq_text, phase_text);
}
}
#else
log_level = 1;
status = HTTP_INTERNAL_SERVER_ERROR;
- message = apr_psprintf(msr->mp, "Access denied with code 500%s "
+ message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s "
"(Error: Connection drop not implemented on this platform).",
- phase_text);
+ subreq_text, phase_text);
#endif
break;
@@ -176,22 +180,24 @@ int perform_interception(modsec_rec *msr) {
} else {
status = HTTP_MOVED_TEMPORARILY;
}
- message = apr_psprintf(msr->mp, "Access denied with redirection to %s using "
- "status %i%s.", log_escape_nq(msr->mp, actionset->intercept_uri), status,
+ message = apr_psprintf(msr->mp, "%sAccess denied with redirection to %s using "
+ "status %i%s.",
+ subreq_text,
+ log_escape_nq(msr->mp, actionset->intercept_uri), status,
phase_text);
break;
case ACTION_ALLOW :
status = DECLINED;
- message = apr_psprintf(msr->mp, "Access allowed%s.", phase_text);
+ message = apr_psprintf(msr->mp, "%sAccess allowed%s.", subreq_text, phase_text);
break;
default :
log_level = 1;
status = HTTP_INTERNAL_SERVER_ERROR;
- message = apr_psprintf(msr->mp, "Access denied with code 500%s "
+ message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s "
"(Internal Error: invalid interception action %i).",
- phase_text, actionset->intercept_action);
+ subreq_text, phase_text, actionset->intercept_action);
break;
}
@@ -558,6 +564,10 @@ static int hook_request_late(request_rec *r) {
/* Has this phase been completed already? */
if (msr->phase_request_body_complete) {
+ if (msr->was_intercepted) {
+ msr_log(msr, 4, "Phase REQUEST_BODY request already intercepted. Intercepting additional request.");
+ return perform_interception(msr);
+ }
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Phase REQUEST_BODY already complete, skipping.");
}
diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h
index d7fa2064..4b39aad1 100644
--- a/apache2/modsecurity.h
+++ b/apache2/modsecurity.h
@@ -50,7 +50,7 @@ typedef struct msc_string msc_string;
#include "http_protocol.h"
#define MODULE_NAME "ModSecurity"
-#define MODULE_RELEASE "2.1.1-breach3"
+#define MODULE_RELEASE "2.1.2-rc1"
#define MODULE_NAME_FULL (MODULE_NAME " v" MODULE_RELEASE " (Apache 2.x)")
#define PHASE_REQUEST_HEADERS 1
diff --git a/apache2/msc_util.c b/apache2/msc_util.c
index 5ee37ea1..27732d2f 100644
--- a/apache2/msc_util.c
+++ b/apache2/msc_util.c
@@ -549,8 +549,18 @@ int urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_len)
if ( (VALID_HEX(input[i + 2]))&&(VALID_HEX(input[i + 3]))
&&(VALID_HEX(input[i + 4]))&&(VALID_HEX(input[i + 5])) )
{
- /* We make use of the lower byte here, ignoring the higher byte. */
- *d++ = x2c(&input[i + 4]);
+ /* We first make use of the lower byte here, ignoring the higher byte. */
+ *d = x2c(&input[i + 4]);
+
+ /* Full width ASCII (ff01 - ff5e) needs 0x20 added */
+ if ( (*d > 0x00) && (*d < 0x5f)
+ && ((input[i + 2] == 'f') || (input[i + 2] == 'F'))
+ && ((input[i + 3] == 'f') || (input[i + 3] == 'F')))
+ {
+ *d += 0x20;
+ }
+
+ d++;
count++;
i += 6;
} else {
diff --git a/apache2/re.c b/apache2/re.c
index 0ae8ca96..b51d68ff 100644
--- a/apache2/re.c
+++ b/apache2/re.c
@@ -1166,7 +1166,7 @@ static void msre_perform_disruptive_actions(modsec_rec *msr, msre_rule *rule,
static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
msre_actionset *acting_actionset, apr_pool_t *mptmp)
{
- apr_time_t time_before_regex;
+ apr_time_t time_before_regex = 0;
char *my_error_msg = NULL;
int rc;
@@ -1181,7 +1181,9 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
var->value_len));
}
- time_before_regex = apr_time_now(); /* IMP1 time_before_regex? */
+ if (msr->txcfg->debuglog_level >= 4) {
+ time_before_regex = apr_time_now(); /* IMP1 time_before_regex? */
+ }
rc = rule->op_metadata->execute(msr, rule, var, &my_error_msg);
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Operator completed in %" APR_TIME_T_FMT " usec.",
diff --git a/doc/modsecurity2-apache-reference.xml b/doc/modsecurity2-apache-reference.xml
index f0d6d435..8367bcb1 100644
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -3,7 +3,7 @@
ModSecurity Reference Manual
- Version 2.1.1-breach1 / (April 25, 2007)
+ Version 2.1.2-rc1 / (May 31, 2007)
2004-2007