github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

BeanShell support and documentation

Browse Source
This commit is contained in:
Mihai Pitu 2013-09-18 17:11:31 +01:00 committed by Felipe Zimmerle
parent e87b970dc5
commit 29f4bd15ea
5 changed files with 169 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
apache2/re_actions.c
View File

@ -16,7 +16,6 @@
#include <ctype.h>
#include "apr_lib.h"
#include "apr_strmatch.h"
#include "apr_env.h"
/**
* Register action with the engine.
@ -2195,90 +2194,6 @@ static char *msre_action_exec_validate(msre_engine *engine, apr_pool_t *mp, msre
return NULL;
}
int beanshell_execute(const char *script, modsec_rec *msr, apr_pool_t *mptmp, msre_rule *rule)
{
apr_status_t rv;
apr_pool_t *mp = mptmp;
apr_procattr_t *pattr;
int argc = 0;
const char* argv[8];
apr_proc_t proc;
int st;
apr_exit_why_e why;
const char* env[8];
const char *progname = "java";
if ((rv = apr_procattr_create(&pattr, mp)) != APR_SUCCESS) {
return 0;
}
if ((rv = apr_procattr_io_set(pattr, APR_CHILD_BLOCK, APR_CHILD_BLOCK, APR_CHILD_BLOCK)) != APR_SUCCESS) {
return 0;
}
if ((rv = apr_procattr_cmdtype_set(pattr, APR_PROGRAM_PATH)) != APR_SUCCESS) {
return 0;
}
//rv = apr_procattr_dir_set(pattr, ".");
argv[argc++] = progname;
argv[argc++] = "-classpath";
#ifdef BEANSHELL_JAR
argv[argc++] = BEANSHELL_JAR; // "/jars/bsh-2.0b4.jar";
#else
argv[argc++] = "*";
#endif
argv[argc++] = "bsh.Interpreter";
argv[argc++] = (const char*) script;
argv[argc++] = NULL;
apr_env_set("envvar", "This is a value", mp);
//apr_env_delete("envvar", mp);
if (msr->txcfg->debuglog_level >= 8) {
msr_log(msr, 8, "BeanShell: Executing script: %s", script);
}
if ((rv = apr_proc_create(&proc, progname, (const char* const*)argv,
NULL, pattr, mp)) != APR_SUCCESS) {
msr_log(msr, 1, "Could not find java to execute: %s", script);
return rv;
}
rv = apr_proc_wait(&proc, &st, &why, APR_WAIT);
if (APR_STATUS_IS_CHILD_DONE(rv)) {
if (proc.err != NULL) {
while (1) {
char buf[1024];
apr_file_pipe_timeout_set(proc.err, -1);
/* read the command's output through the pipe */
rv = apr_file_gets(buf, sizeof(buf), proc.err);
if (rv != APR_SUCCESS) {
break;
}
msr_log(msr, 1, "Script stderr: %s\n", buf);
}
apr_file_close(proc.err);
}
while (1) {
char buf[1024];
apr_file_pipe_timeout_set(proc.out, -1);
/* read the command's output through the pipe */
rv = apr_file_gets(buf, sizeof(buf), proc.out);
if (rv != APR_SUCCESS) {
break;
}
//if (msr->txcfg->debuglog_level >= 8) {
msr_log(msr, 1, "BeanShell script output: %s\n", buf);
//}
}
apr_file_close(proc.out);
} else {
msr_log(msr, 1, "Failed to execute: %s", script);
}
}
static apr_status_t msre_action_exec_execute(modsec_rec *msr, apr_pool_t *mptmp,
msre_rule *rule, msre_action *action)
{
@ -2291,7 +2206,7 @@ static apr_status_t msre_action_exec_execute(modsec_rec *msr, apr_pool_t *mptmp,
action->param[lenparam - 1] == 'h')) {
//beanshell_execute(action->param, msr, mptmp, rule);
char *script_output = NULL;
int rc;
const char *start = "java -classpath bsh*.jar bsh.Interpreter ";
char *command = (char*) apr_palloc(mptmp, strlen(start) + lenparam + 1);
@ -2299,7 +2214,7 @@ static apr_status_t msre_action_exec_execute(modsec_rec *msr, apr_pool_t *mptmp,
strcpy(command, start);
strcat(command, action->param);
command[strlen(start) + lenparam] = '\0';
int rc = apache2_exec(msr, command, NULL, &script_output);
rc = apache2_exec(msr, command, NULL, &script_output);
if (rc != 1) {
msr_log(msr, 1, "Failed to execute: %s", action->param);
return 0;

38
java/ModSecurityLoader/dist/ModSecurityLoaderConfig.xml vendored Normal file
View File

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<ModSecurityLoader>
<!--
OPTIONAL parameters for loading native libraries from absolute paths. This is an alternitive to specifying
-Djava.library.path=/path/to/libs/ variable which is used by the JVM to search libraries.
zlib1 and libapriconv-1 are Windows only libraries
-->
<init-param>
<param-name>zlib1</param-name>
<param-value>c:\work\mod_security2\java\libs\zlib1.dll</param-value>
</init-param>
<init-param>
<param-name>libxml2</param-name>
<param-value>c:\work\mod_security2\java\libs\libxml2.dll</param-value>
</init-param>
<init-param>
<param-name>libpcre</param-name>
<param-value>c:\work\mod_security2\java\libs\pcre.dll</param-value>
</init-param>
<init-param>
<param-name>libapr-1</param-name>
<param-value>c:\work\mod_security2\java\libs\libapr-1.dll</param-value>
</init-param>
<init-param>
<param-name>libapriconv-1</param-name>
<param-value>c:\work\mod_security2\java\libs\libapriconv-1.dll</param-value>
</init-param>
<init-param>
<param-name>libaprutil-1</param-name>
<param-value>c:\work\mod_security2\java\libs\libaprutil-1.dll</param-value>
</init-param>
<init-param>
<param-name>libModSecurityJNI</param-name>
<param-value>c:\work\mod_security2\java\libs\ModSecurityJNI.dll</param-value>
</init-param>
</ModSecurityLoader>

140
java/ModSecurityLoader/src/org/modsecurity/loader/ModSecurityLoader.java
View File

@ -1,52 +1,120 @@
package org.modsecurity.loader;
import java.io.File;
import java.util.HashMap;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
public class ModSecurityLoader {
//private static final String MODSECURITYLIBSDIR_PATH = "c:\\work\\mod_security\\java\\libs\\"; //directory with ModSecurity native libraries
public static final String CONFIG_FILENAME = "ModSecurityLoaderConfig.xml";
private static final String zlibParamName = "zlib1";
private static final String libxml2ParamName = "libxml2";
private static final String libpcreParamName = "libpcre";
private static final String libaprParamName = "libapr-1";
private static final String libapriconvParamName = "libapriconv-1";
private static final String libaprutilParamName = "libaprutil-1";
private static final String libModSecurityJNIParamName = "libModSecurityJNI";
static {
System.out.println("ModSecurity loader static block executed.");
// File modSecDir = new File(MODSECURITYLIBSDIR_PATH);
// File[] flibs = modSecDir.listFiles();
// loadLib(flibs, "zlib1");
// loadLib(flibs, "libxml2");
// loadLib(flibs, "pcre");
// loadLib(flibs, "libapr-1");
// loadLib(flibs, "libapriconv-1");
// loadLib(flibs, "libaprutil-1");
// loadLib(flibs, "ModSecurityJNI");
//System.out.println("ModSecurity loader static block executed.");
//alternative load, this requires native libraries to be in java.library.path, you can set it
//by specifying server VM start-up option: -Djava.library.path=path/to/libs/
//try load native libraries from config file with native libs paths, otherwise get paths from the
// server VM start-up option: -Djava.library.path=path/to/libs/
HashMap<String, String> libPaths = new HashMap<String, String>();
try {
System.loadLibrary("zlib1"); //needed for libxml2 in Windows
} catch(UnsatisfiedLinkError ex) {
}
System.loadLibrary("libxml2");
System.loadLibrary("pcre");
System.loadLibrary("libapr-1");
try {
System.loadLibrary("libapriconv-1");
} catch(UnsatisfiedLinkError ex) { //needed for libaprutil-1 in Windows
}
System.loadLibrary("libaprutil-1");
System.loadLibrary("ModSecurityJNI");
System.out.println("ModSecurity native libraries loaded.");
}
Document dom;
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
dom = db.parse(CONFIG_FILENAME);
private static void loadLib(File[] files, String lib) {
for (int i = 0; i < files.length; i++) {
if (files[i].getName().startsWith(lib)) {
System.load(files[i].getAbsolutePath());
break;
Element doc = dom.getDocumentElement();
NodeList nl = doc.getElementsByTagName("init-param");
for (int i = 0; i < nl.getLength(); i++) {
String key = null;
String value = null;
Node initParam = nl.item(i);
NodeList keyNl = ((Element) initParam).getElementsByTagName("param-name");
if (keyNl.getLength() > 0 && keyNl.item(0).hasChildNodes()) {
key = keyNl.item(0).getFirstChild().getNodeValue();
}
NodeList valNl = ((Element) initParam).getElementsByTagName("param-value");
if (valNl.getLength() > 0 && valNl.item(0).hasChildNodes()) {
value = valNl.item(0).getFirstChild().getNodeValue();
}
if (key != null && value != null) {
libPaths.put(key, value);
}
}
} catch (Exception ex) {
}
if (!libPaths.containsKey(zlibParamName)) {
libPaths.put(zlibParamName, null);
}
if (!libPaths.containsKey(libxml2ParamName)) {
libPaths.put(libxml2ParamName, null);
}
if (!libPaths.containsKey(libpcreParamName)) {
libPaths.put(libpcreParamName, null);
}
if (!libPaths.containsKey(libaprParamName)) {
libPaths.put(libaprParamName, null);
}
if (!libPaths.containsKey(libapriconvParamName)) {
libPaths.put(libapriconvParamName, null);
}
if (!libPaths.containsKey(libaprutilParamName)) {
libPaths.put(libaprutilParamName, null);
}
if (!libPaths.containsKey(libModSecurityJNIParamName)) {
libPaths.put(libModSecurityJNIParamName, null);
}
try {
loadLib("zlib1", libPaths.get(zlibParamName));
} catch (UnsatisfiedLinkError err) {
}
loadLib("xml2", libPaths.get(libxml2ParamName));
loadLib("pcre", libPaths.get(libpcreParamName));
loadLib("apr-1", libPaths.get(libaprParamName));
try {
loadLib("apriconv-1", libPaths.get(libapriconvParamName));
} catch (UnsatisfiedLinkError err) {
}
loadLib("aprutil-1", libPaths.get(libaprutilParamName));
loadLib("ModSecurityJNI", libPaths.get(libModSecurityJNIParamName));
}
private static void loadLib(String name, String absolutePath) throws UnsatisfiedLinkError {
try {
System.load(absolutePath);
return;
} catch (NullPointerException ex) {
} catch (UnsatisfiedLinkError ex) {
throw ex;
}
try {
System.loadLibrary(name);
return;
} catch (UnsatisfiedLinkError ex) {
}
try {
System.loadLibrary("lib" + name);
} catch (UnsatisfiedLinkError ex) {
throw ex;
}
}
public static void main(String[] args) {
}
}

BIN
java/ModSecurityTestApp/dist/ModSecurityTestApp.war vendored
View File

Binary file not shown.

26
java/ModSecurityTestApp/web/help.html
View File

@ -39,7 +39,7 @@
</p>
<br />
<h2>Installation</h2>
<h2 id="installation">Installation</h2>
<p>
First you need to choose whether to download and compile ModSecurity from the project's version control web-site:
<a href="https://github.com/SpiderLabs/ModSecurity">github.com/SpiderLabs/ModSecurity</a> or using pre-compiled binaries from
@ -212,6 +212,30 @@ sudo cp ./java/.libs/libModSecurityJNI.so /usr/lib/
</ol>
<br/>
<h2 id="beanshell">BeanShell scripting with ModSecurity</h2>
<p>
You can use <a href="http://www.beanshell.org/">BeanShell</a> scripts in <span class="code">SecRule</span>
ModSecurity directives using the <span class="code">exec</span> action. First you need to put the
<span class="code">bsh.jar</span> file (which can be downloaded from <a href="http://www.beanshell.org/download.html">beanshell.org</a>)
into the current directory of your server (for example <span class="code">$CATALINA_HOME/bin</span> in Tomcat).
An example of an <span class="code">exec</span> can be the following:
</p>
<pre class="codecanvas">
<code>
SecAction "setenv:msg=%{rule.msg},exec:/usr/local/apache/conf/beanshell_script.bsh"
</code>
</pre>
<p>
The environment variable set in the <span class="code">SecAction</span> can be accessed in BeanShell scripts
using:
</p>
<pre class="codecanvas">
<code>
System.getenv("msg");
</code>
</pre>
<br/>
<br/>
</td>