mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 11:16:33 +03:00
Adds support to the resource collection
This commit is contained in:
Felipe Zimmerle
@@ -43,7 +43,9 @@ bool InitCol::init(std::string *error) {
|
||||
m_collection_key = std::string(m_parser_payload, 0, posEquals);
|
||||
m_collection_value = std::string(m_parser_payload, posEquals + 1);
|
||||
|
||||
if (m_collection_key != "ip" && m_collection_key != "global") {
|
||||
if (m_collection_key != "ip" &&
|
||||
m_collection_key != "global" &&
|
||||
m_collection_key != "resource") {
|
||||
error->assign("Something wrong with initcol: collection must be `ip' or `global'");
|
||||
return false;
|
||||
}
|
||||
@@ -61,6 +63,8 @@ bool InitCol::evaluate(Rule *rule, Transaction *t) {
|
||||
t->m_collections.m_ip_collection_key = collectionName;
|
||||
} else if (m_collection_key == "global") {
|
||||
t->m_collections.m_global_collection_key = collectionName;
|
||||
} else if (m_collection_key == "resource") {
|
||||
t->m_collections.m_resource_collection_key = collectionName;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -34,10 +34,12 @@ namespace collection {
|
||||
|
||||
|
||||
Collections::Collections(Collection *global,
|
||||
Collection *ip, Collection *session, Collection *user)
|
||||
: m_global_collection_key(""),
|
||||
Collection *ip, Collection *session, Collection *user,
|
||||
Collection *resource) : m_global_collection_key(""),
|
||||
m_ip_collection_key(""),
|
||||
m_resource_collection_key(""),
|
||||
m_global_collection(global),
|
||||
m_resource_collection(resource),
|
||||
m_ip_collection(ip),
|
||||
m_session_collection(session),
|
||||
m_user_collection(user),
|
||||
@@ -72,6 +74,14 @@ void Collections::storeOrUpdateFirst(const std::string& collectionName,
|
||||
return;
|
||||
}
|
||||
|
||||
if (tolower(collectionName) == "resource"
|
||||
&& !m_resource_collection_key.empty()) {
|
||||
m_resource_collection->storeOrUpdateFirst(collectionName + ":"
|
||||
+ variableName, m_resource_collection_key, targetValue);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
if (tolower(collectionName) == "session"
|
||||
&& !m_session_collection_key.empty()) {
|
||||
m_session_collection->storeOrUpdateFirst(collectionName + ":"
|
||||
@@ -147,6 +157,12 @@ std::string* Collections::resolveFirst(const std::string& collectionName,
|
||||
+ ":" + var, m_global_collection_key);
|
||||
}
|
||||
|
||||
if (tolower(collectionName) == "resource"
|
||||
&& !m_resource_collection_key.empty()) {
|
||||
return m_resource_collection->resolveFirst(toupper(collectionName)
|
||||
+ ":" + var, m_resource_collection_key);
|
||||
}
|
||||
|
||||
if (tolower(collectionName) == "session"
|
||||
&& !m_session_collection_key.empty()) {
|
||||
return m_session_collection->resolveFirst(toupper(collectionName)
|
||||
@@ -191,6 +207,13 @@ void Collections::resolveSingleMatch(const std::string& var,
|
||||
return;
|
||||
}
|
||||
|
||||
if (tolower(collection) == "resource"
|
||||
&& !m_resource_collection_key.empty()) {
|
||||
m_resource_collection->resolveSingleMatch(var,
|
||||
m_resource_collection_key, l);
|
||||
return;
|
||||
}
|
||||
|
||||
if (tolower(collection) == "session"
|
||||
&& !m_session_collection_key.empty()) {
|
||||
m_session_collection->resolveSingleMatch(var,
|
||||
@@ -226,6 +249,13 @@ void Collections::resolveMultiMatches(const std::string& var,
|
||||
return;
|
||||
}
|
||||
|
||||
if (tolower(collection) == "resource"
|
||||
&& !m_resource_collection_key.empty()) {
|
||||
m_resource_collection->resolveMultiMatches(var,
|
||||
m_resource_collection_key, l);
|
||||
return;
|
||||
}
|
||||
|
||||
if (tolower(collection) == "session"
|
||||
&& !m_session_collection_key.empty()) {
|
||||
m_session_collection->resolveMultiMatches(var,
|
||||
@@ -261,6 +291,13 @@ void Collections::resolveRegularExpression(const std::string& var,
|
||||
return;
|
||||
}
|
||||
|
||||
if (tolower(collection) == "resource"
|
||||
&& !m_resource_collection_key.empty()) {
|
||||
m_resource_collection->resolveRegularExpression(toupper(collection)
|
||||
+ ":" + var, m_resource_collection_key, l);
|
||||
return;
|
||||
}
|
||||
|
||||
if (tolower(collection) == "session"
|
||||
&& !m_session_collection_key.empty()) {
|
||||
m_session_collection->resolveRegularExpression(toupper(collection)
|
||||
|
||||
@@ -47,6 +47,7 @@ namespace modsecurity {
|
||||
ModSecurity::ModSecurity()
|
||||
: m_connector(""),
|
||||
m_global_collection(new collection::backend::InMemoryPerProcess()),
|
||||
m_resource_collection(new collection::backend::InMemoryPerProcess()),
|
||||
m_ip_collection(new collection::backend::InMemoryPerProcess()),
|
||||
m_session_collection(new collection::backend::InMemoryPerProcess()),
|
||||
m_user_collection(new collection::backend::InMemoryPerProcess()),
|
||||
@@ -67,6 +68,7 @@ ModSecurity::~ModSecurity() {
|
||||
Utils::GeoLookup::getInstance().cleanUp();
|
||||
#endif
|
||||
delete m_global_collection;
|
||||
delete m_resource_collection;
|
||||
delete m_ip_collection;
|
||||
delete m_session_collection;
|
||||
delete m_user_collection;
|
||||
|
||||
@@ -116,7 +116,8 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
|
||||
m_logCbData(logCbData),
|
||||
m_ms(ms),
|
||||
m_collections(ms->m_global_collection, ms->m_ip_collection,
|
||||
ms->m_session_collection, ms->m_user_collection),
|
||||
ms->m_session_collection, ms->m_user_collection,
|
||||
ms->m_resource_collection),
|
||||
m_xml(new RequestBodyProcessor::XML(this)) {
|
||||
m_id = std::to_string(this->m_timeStamp) + \
|
||||
std::to_string(generate_transaction_unique_id());
|
||||
|
||||
Reference in New Issue
Block a user