mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-14 05:45:59 +03:00
actions: Removes Rule parameter from runtime execute
Generals organization on the Action class
This commit is contained in:
parent
a8d34873c8
commit
3832042531
2
CHANGES
2
CHANGES
@ -3,7 +3,7 @@ v3.x.y - YYYY-MMM-DD (to be released)
|
||||
|
||||
- actions: Computes Rule association while loading the rules given a
|
||||
performance boost on run time.
|
||||
[@zimmerle]
|
||||
[@zimmerle, @martinhsv, @WGH-]
|
||||
- Regression: Mark the test as failed in case of segfault.
|
||||
[@zimmerle]
|
||||
- Replaced t:lowerCase backend for a better performance.
|
||||
|
@ -16,14 +16,9 @@
|
||||
#ifdef __cplusplus
|
||||
|
||||
#include <string>
|
||||
#include <iostream>
|
||||
#include <memory>
|
||||
|
||||
#endif
|
||||
|
||||
#include "modsecurity/intervention.h"
|
||||
#include "modsecurity/rule.h"
|
||||
|
||||
|
||||
#ifndef HEADERS_MODSECURITY_ACTIONS_ACTION_H_
|
||||
#define HEADERS_MODSECURITY_ACTIONS_ACTION_H_
|
||||
@ -32,99 +27,68 @@
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
class RuleWithActions;
|
||||
class RunTimeString;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Action {
|
||||
public:
|
||||
explicit Action(const std::string& _action)
|
||||
: m_actionKind(2),
|
||||
m_name(nullptr),
|
||||
m_parser_payload("") {
|
||||
set_name_and_payload(_action);
|
||||
}
|
||||
Action()
|
||||
: m_name(""),
|
||||
m_parserPayload("")
|
||||
{ }
|
||||
|
||||
|
||||
explicit Action(const std::string& action)
|
||||
: m_name(sort_name(action)),
|
||||
m_parserPayload(sort_payload(action))
|
||||
{ }
|
||||
|
||||
Action(const std::string& _action, int kind)
|
||||
: m_actionKind(kind),
|
||||
m_name(nullptr),
|
||||
m_parser_payload("") {
|
||||
set_name_and_payload(_action);
|
||||
}
|
||||
|
||||
Action(const Action &a)
|
||||
: m_actionKind(a.m_actionKind),
|
||||
m_name(a.m_name),
|
||||
m_parser_payload(a.m_parser_payload) { }
|
||||
: m_name(a.m_name),
|
||||
m_parserPayload(a.m_parserPayload)
|
||||
{ }
|
||||
|
||||
|
||||
Action &operator=(const Action& a) {
|
||||
m_actionKind = a.m_actionKind;
|
||||
m_name = a.m_name;
|
||||
m_parser_payload = a.m_parser_payload;
|
||||
m_parserPayload = a.m_parserPayload;
|
||||
return *this;
|
||||
}
|
||||
|
||||
virtual ~Action() { }
|
||||
|
||||
virtual bool init(std::string *error) { return true; }
|
||||
virtual ~Action()
|
||||
{ }
|
||||
|
||||
virtual std::string execute(const std::string &exp,
|
||||
Transaction *transaction);
|
||||
virtual bool execute(RuleWithActions *rule,
|
||||
Transaction *transaction);
|
||||
/**
|
||||
* This method is meant to be used by transformations — a particular
|
||||
* type of action.
|
||||
*
|
||||
*/
|
||||
virtual void execute(Transaction *t,
|
||||
ModSecString &in,
|
||||
ModSecString &out) {
|
||||
};
|
||||
|
||||
virtual bool isDisruptive() { return false; }
|
||||
virtual bool init(std::string *error) {
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Define the action kind regarding to the execution time.
|
||||
*
|
||||
*
|
||||
*/
|
||||
enum Kind {
|
||||
/**
|
||||
*
|
||||
* Action that are executed while loading the configuration. For instance
|
||||
* the rule ID or the rule phase.
|
||||
*
|
||||
*/
|
||||
ConfigurationKind,
|
||||
/**
|
||||
*
|
||||
* Those are actions that demands to be executed before call the operator.
|
||||
* For instance the tranformations.
|
||||
*
|
||||
*
|
||||
*/
|
||||
RunTimeBeforeMatchAttemptKind,
|
||||
/**
|
||||
*
|
||||
* Actions that are executed after the execution of the operator, only if
|
||||
* the operator returned Match (or True). For instance the disruptive
|
||||
* actions.
|
||||
*
|
||||
*/
|
||||
RunTimeOnlyIfMatchKind,
|
||||
};
|
||||
|
||||
int m_actionKind;
|
||||
std::shared_ptr<std::string> m_name;
|
||||
std::string m_parser_payload;
|
||||
virtual bool execute(Transaction *transaction = nullptr) noexcept {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
virtual bool isDisruptive() {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
const std::string *getName() {
|
||||
return &m_name;
|
||||
}
|
||||
|
||||
|
||||
protected:
|
||||
std::string m_parserPayload;
|
||||
|
||||
|
||||
private:
|
||||
std::string m_name;
|
||||
|
||||
void set_name_and_payload(const std::string& data) {
|
||||
static size_t get_payload_pos(const std::string& data) {
|
||||
size_t pos = data.find(":");
|
||||
std::string t = "t:";
|
||||
|
||||
@ -132,18 +96,34 @@ class Action {
|
||||
pos = data.find(":", 2);
|
||||
}
|
||||
|
||||
return pos;
|
||||
}
|
||||
|
||||
|
||||
static std::string sort_name(const std::string& data) {
|
||||
size_t pos = get_payload_pos(data);
|
||||
if (pos == std::string::npos) {
|
||||
m_name = std::shared_ptr<std::string>(new std::string(data));
|
||||
return;
|
||||
return data;
|
||||
}
|
||||
|
||||
m_name = std::shared_ptr<std::string>(new std::string(data, 0, pos));
|
||||
m_parser_payload = std::string(data, pos + 1, data.length());
|
||||
std::string ret(data, 0, pos);
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) {
|
||||
m_parser_payload.erase(0, 1);
|
||||
m_parser_payload.pop_back();
|
||||
|
||||
static std::string sort_payload(const std::string& data) {
|
||||
size_t pos = get_payload_pos(data);
|
||||
std::string ret("");
|
||||
if (pos != std::string::npos) {
|
||||
ret = std::string(data, pos + 1, data.length());
|
||||
|
||||
if (ret.at(0) == '\'' && ret.size() > 2) {
|
||||
ret.erase(0, 1);
|
||||
ret.pop_back();
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
};
|
||||
|
||||
|
@ -61,7 +61,7 @@ class AuditLog {
|
||||
NativeAuditLogFormat
|
||||
};
|
||||
|
||||
enum AuditLogParts {
|
||||
enum AuditLogPartsEnum {
|
||||
/**
|
||||
* Audit log header (mandatory).
|
||||
*
|
||||
|
@ -37,6 +37,9 @@
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
class Action;
|
||||
namespace transformations {
|
||||
class Transformation;
|
||||
}
|
||||
}
|
||||
namespace variables {
|
||||
class Variable;
|
||||
@ -79,7 +82,7 @@ class RulesExceptions {
|
||||
std::unordered_multimap<double,
|
||||
std::shared_ptr<variables::Variable>> m_variable_update_target_by_id;
|
||||
std::unordered_multimap<double,
|
||||
std::shared_ptr<actions::Action>> m_action_pre_update_target_by_id;
|
||||
std::shared_ptr<actions::transformations::Transformation>> m_action_transformation_update_target_by_id;
|
||||
std::unordered_multimap<double,
|
||||
std::shared_ptr<actions::Action>> m_action_pos_update_target_by_id;
|
||||
std::list<std::string> m_remove_rule_by_msg;
|
||||
|
@ -48,6 +48,8 @@ typedef struct Rules_t RulesSet;
|
||||
#include "modsecurity/variable_value.h"
|
||||
#include "modsecurity/collection/collection.h"
|
||||
#include "modsecurity/variable_origin.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
|
||||
#ifndef NO_LOGS
|
||||
#define ms_dbg(b, c) \
|
||||
@ -568,12 +570,12 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
|
||||
int m_requestBodyAccess;
|
||||
|
||||
/**
|
||||
* The list m_auditLogModifier contains modifications to the `auditlogs'
|
||||
* for this specific request, those modifications can happens via the
|
||||
* utilization of the action: `ctl:auditLogParts='
|
||||
* m_auditLogParts contains auditlog parts for this specific request,
|
||||
* it also holds the modifications can happens via the utilization of
|
||||
* the action: `ctl:auditLogParts='
|
||||
*
|
||||
*/
|
||||
std::list< std::pair<int, std::string> > m_auditLogModifier;
|
||||
int m_auditLogParts;
|
||||
|
||||
/**
|
||||
* Holds the request body, in case of any.
|
||||
|
@ -13,16 +13,11 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/accuracy.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
@ -30,9 +25,9 @@ namespace actions {
|
||||
|
||||
bool Accuracy::init(std::string *error) {
|
||||
try {
|
||||
m_accuracy = std::stoi(m_parser_payload);
|
||||
m_accuracy = std::stoi(m_parserPayload);
|
||||
} catch (...) {
|
||||
error->assign("Accuracy: The input \"" + m_parser_payload + "\" is " \
|
||||
error->assign("Accuracy: The input \"" + m_parserPayload + "\" is " \
|
||||
"not a number.");
|
||||
return false;
|
||||
}
|
||||
@ -40,11 +35,5 @@ bool Accuracy::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool Accuracy::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
rule->setAccuracy(m_accuracy);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,29 +13,31 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_ACCURACY_H_
|
||||
#define SRC_ACTIONS_ACCURACY_H_
|
||||
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Accuracy : public Action {
|
||||
class Accuracy : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit Accuracy(const std::string &action)
|
||||
: Action(action, ConfigurationKind),
|
||||
explicit Accuracy(const std::string &action)
|
||||
: Action(action),
|
||||
m_accuracy(0) { }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool init(std::string *error) override;
|
||||
int getAccuracy() const { return m_accuracy; }
|
||||
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setAccuracy(m_accuracy);
|
||||
}
|
||||
|
||||
private:
|
||||
int m_accuracy;
|
||||
|
@ -15,46 +15,10 @@
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/utils/string.h"
|
||||
|
||||
#include "src/actions/block.h"
|
||||
#include "src/actions/chain.h"
|
||||
#include "src/actions/disruptive/deny.h"
|
||||
#include "src/actions/disruptive/redirect.h"
|
||||
#include "src/actions/data/status.h"
|
||||
#include "src/actions/rule_id.h"
|
||||
#include "src/actions/phase.h"
|
||||
#include "src/actions/severity.h"
|
||||
#include "src/actions/capture.h"
|
||||
#include "src/actions/disruptive/pass.h"
|
||||
#include "src/actions/log.h"
|
||||
#include "src/actions/no_log.h"
|
||||
#include "src/actions/no_audit_log.h"
|
||||
#include "src/actions/multi_match.h"
|
||||
|
||||
|
||||
#define IF_MATCH(a) \
|
||||
if (op.compare(1, std::strlen(#a), #a) == 0)
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
std::string Action::execute(const std::string &value,
|
||||
Transaction *transaction) {
|
||||
return value;
|
||||
}
|
||||
|
||||
|
||||
bool Action::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
34
src/actions/action_allowed_in_sec_default_action.h
Normal file
34
src/actions/action_allowed_in_sec_default_action.h
Normal file
@ -0,0 +1,34 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
#ifndef SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_
|
||||
#define SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
class ActionAllowedAsSecDefaultAction : public virtual Action {
|
||||
public:
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
#endif // SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_
|
51
src/actions/action_type_rule_metadata.h
Normal file
51
src/actions/action_type_rule_metadata.h
Normal file
@ -0,0 +1,51 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
#ifndef SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_
|
||||
#define SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
class ActionTypeRuleMetaData : public virtual Action {
|
||||
public:
|
||||
/**
|
||||
*
|
||||
* Action that are executed while loading the configuration. For instance
|
||||
* the rule ID or the rule phase.
|
||||
*
|
||||
*/
|
||||
ActionTypeRuleMetaData()
|
||||
: Action()
|
||||
{ };
|
||||
|
||||
bool execute(Transaction *t) noexcept override {
|
||||
return true;
|
||||
}
|
||||
|
||||
virtual void configure(RuleWithActions *rule) = 0;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
#endif // SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_
|
@ -13,49 +13,32 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <utility>
|
||||
#include <memory>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/run_time_string.h"
|
||||
|
||||
#ifndef SRC_ACTIONS_ACTION_WITH_RUN_TIME_STRING_H_
|
||||
#define SRC_ACTIONS_ACTION_WITH_RUN_TIME_STRING_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
class ActionWithRunTimeString : public Action {
|
||||
|
||||
class ActionWithRunTimeString : public virtual Action {
|
||||
public:
|
||||
ActionWithRunTimeString(
|
||||
const std::string &name,
|
||||
int king,
|
||||
std::unique_ptr<RunTimeString> string)
|
||||
: Action(name, king),
|
||||
m_string(std::move(string))
|
||||
{ };
|
||||
|
||||
ActionWithRunTimeString(const std::string &name,
|
||||
std::unique_ptr<RunTimeString> string)
|
||||
: Action(name),
|
||||
m_string(std::move(string))
|
||||
{ };
|
||||
|
||||
ActionWithRunTimeString(const std::string &name,
|
||||
int king)
|
||||
: Action(name, king),
|
||||
m_string(nullptr)
|
||||
{ };
|
||||
|
||||
ActionWithRunTimeString(const std::string &name)
|
||||
: Action(name),
|
||||
m_string(nullptr)
|
||||
{ };
|
||||
explicit ActionWithRunTimeString(std::unique_ptr<RunTimeString> string = nullptr)
|
||||
: m_string(std::move(string))
|
||||
{ }
|
||||
|
||||
ActionWithRunTimeString(const ActionWithRunTimeString &a)
|
||||
: Action(a),
|
||||
m_string(a.m_string?std::unique_ptr<RunTimeString>(new RunTimeString(*a.m_string.get())):nullptr)
|
||||
{ };
|
||||
: m_string(a.m_string?std::unique_ptr<RunTimeString>(new RunTimeString(*a.m_string.get())):nullptr)
|
||||
{ }
|
||||
|
||||
ActionWithRunTimeString& operator=(const ActionWithRunTimeString& a)
|
||||
{
|
||||
ActionWithRunTimeString& operator=(const ActionWithRunTimeString& a) {
|
||||
m_string = std::unique_ptr<RunTimeString>(new RunTimeString(*a.m_string.get()));
|
||||
return *this;
|
||||
}
|
||||
|
@ -15,19 +15,16 @@
|
||||
|
||||
#include "src/actions/audit_log.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool AuditLog::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool AuditLog::execute(Transaction *transaction) noexcept {
|
||||
transaction->messageSetNoAuditLog(false);
|
||||
return true;
|
||||
}
|
||||
|
@ -13,34 +13,29 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_allowed_in_sec_default_action.h"
|
||||
|
||||
#ifndef SRC_ACTIONS_AUDIT_LOG_H_
|
||||
#define SRC_ACTIONS_AUDIT_LOG_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class AuditLog : public Action {
|
||||
class AuditLog : public ActionAllowedAsSecDefaultAction {
|
||||
public:
|
||||
explicit AuditLog(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
AuditLog()
|
||||
: Action("auditLog")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_AUDIT_LOG_H_
|
||||
|
@ -13,29 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/block.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "modsecurity/intervention.h"
|
||||
#include "src/actions/data/status.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool Block::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
ms_dbg_a(transaction, 8, "Marking request as disruptive.");
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,34 +13,37 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
#include "src/actions/action_allowed_in_sec_default_action.h"
|
||||
|
||||
#ifndef SRC_ACTIONS_DISRUPTIVE_BLOCK_H_
|
||||
#define SRC_ACTIONS_DISRUPTIVE_BLOCK_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
#ifndef SRC_ACTIONS_BLOCK_H_
|
||||
#define SRC_ACTIONS_BLOCK_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Block : public Action {
|
||||
class Block : public ActionTypeRuleMetaData,
|
||||
public ActionAllowedAsSecDefaultAction {
|
||||
public:
|
||||
explicit Block(const std::string &action) : Action(action) { }
|
||||
Block()
|
||||
: Action("block")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setHasBlockAction(true);
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
#endif // SRC_ACTIONS_DISRUPTIVE_BLOCK_H_
|
||||
|
||||
#endif // SRC_ACTIONS_BLOCK_H_
|
||||
|
@ -13,29 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/capture.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <list>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/operators/operator.h"
|
||||
#include "src/operators/pm.h"
|
||||
#include "src/operators/rx.h"
|
||||
#include "src/operators/contains.h"
|
||||
#include "src/operators/detect_sqli.h"
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool Capture::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,25 +13,28 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_CAPTURE_H_
|
||||
#define SRC_ACTIONS_CAPTURE_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
class RuleWithOperator;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Capture : public Action {
|
||||
class Capture : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit Capture(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
Capture()
|
||||
: Action("capture") { }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setHasCaptureAction(true);
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,25 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/chain.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool Chain::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
rule->setHasChainAction(true);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,33 +13,34 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_CHAIN_H_
|
||||
#define SRC_ACTIONS_CHAIN_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
class RuleWithOperator;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Chain : public Action {
|
||||
class Chain : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit Chain(const std::string &action)
|
||||
: Action(action, ConfigurationKind) { }
|
||||
Chain()
|
||||
: Action("chain")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setHasChainAction(true);
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_CHAIN_H_
|
||||
|
@ -13,13 +13,20 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/audit_log_parts.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <utility>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/audit_log.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
@ -27,20 +34,39 @@ namespace ctl {
|
||||
|
||||
|
||||
bool AuditLogParts::init(std::string *error) {
|
||||
std::string what(m_parser_payload, 14, 1);
|
||||
mParts = std::string(m_parser_payload, 15, m_parser_payload.length()-15);
|
||||
std::string what(m_parserPayload, 14, 1);
|
||||
std::string parts_str(m_parserPayload, 15, m_parserPayload.length()-15);
|
||||
|
||||
if ((what != "-") && (what != "+")) {
|
||||
error->assign("ctl:auditLogParts modificators expects add or " \
|
||||
"remove (+/-) in front of the modificator. Got: " + what);
|
||||
return false;
|
||||
}
|
||||
|
||||
int flags = AuditLog::addParts(0, parts_str);
|
||||
|
||||
if (what == "+") {
|
||||
mPartsAction = 0;
|
||||
m_partsToModify = flags;
|
||||
} else {
|
||||
mPartsAction = 1;
|
||||
m_partsToModify = -1 * flags;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool AuditLogParts::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
transaction->m_auditLogModifier.push_back(
|
||||
std::make_pair(mPartsAction, mParts));
|
||||
|
||||
bool AuditLogParts::execute(Transaction *transaction) noexcept {
|
||||
ms_dbg_a(transaction, 7, "AuditLog parts before modification: " +
|
||||
std::to_string(transaction->m_auditLogParts) + ".");
|
||||
|
||||
if (m_partsToModify < 0) {
|
||||
transaction->m_auditLogParts = \
|
||||
transaction->m_auditLogParts & ~(m_partsToModify * -1);
|
||||
} else {
|
||||
transaction->m_auditLogParts = \
|
||||
transaction->m_auditLogParts | m_partsToModify;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -13,14 +13,17 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_
|
||||
#define SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -28,17 +31,17 @@ namespace ctl {
|
||||
|
||||
class AuditLogParts : public Action {
|
||||
public:
|
||||
explicit AuditLogParts(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind),
|
||||
mPartsAction(0),
|
||||
mParts("") { }
|
||||
explicit AuditLogParts(const std::string &action)
|
||||
: Action(action),
|
||||
m_partsToModify(0)
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool init(std::string *error) override;
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
protected:
|
||||
int mPartsAction;
|
||||
std::string mParts;
|
||||
int m_partsToModify;
|
||||
};
|
||||
|
||||
|
||||
@ -46,4 +49,5 @@ class AuditLogParts : public Action {
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_
|
||||
|
@ -13,40 +13,44 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/request_body_access.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/rules_set_properties.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
|
||||
|
||||
bool RequestBodyAccess::init(std::string *error) {
|
||||
std::string what(m_parser_payload, 18, m_parser_payload.size() - 18);
|
||||
std::string what(m_parserPayload, 18, m_parserPayload.size() - 18);
|
||||
|
||||
if (what == "true") {
|
||||
m_request_body_access = true;
|
||||
m_requestBodyAccess = true;
|
||||
} else if (what == "false") {
|
||||
m_request_body_access = false;
|
||||
m_requestBodyAccess = false;
|
||||
} else {
|
||||
error->assign("Internal error. Expected: true or false, got: " \
|
||||
+ m_parser_payload);
|
||||
+ m_parserPayload);
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool RequestBodyAccess::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
if (m_request_body_access) {
|
||||
transaction->m_requestBodyAccess = RulesSetProperties::TrueConfigBoolean;
|
||||
|
||||
bool RequestBodyAccess::execute(Transaction *transaction) noexcept {
|
||||
if (m_requestBodyAccess) {
|
||||
transaction->m_requestBodyAccess =
|
||||
RulesSetProperties::TrueConfigBoolean;
|
||||
} else {
|
||||
transaction->m_requestBodyAccess = RulesSetProperties::FalseConfigBoolean;
|
||||
transaction->m_requestBodyAccess =
|
||||
RulesSetProperties::FalseConfigBoolean;
|
||||
}
|
||||
|
||||
return true;
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
@ -22,6 +23,7 @@
|
||||
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_
|
||||
#define SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -29,14 +31,17 @@ namespace ctl {
|
||||
|
||||
class RequestBodyAccess : public Action {
|
||||
public:
|
||||
explicit RequestBodyAccess(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind),
|
||||
m_request_body_access(false) { }
|
||||
explicit RequestBodyAccess(const std::string &action)
|
||||
: Action(action),
|
||||
m_requestBodyAccess(false)
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
bool m_request_body_access;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
bool m_requestBodyAccess;
|
||||
};
|
||||
|
||||
|
||||
@ -44,4 +49,5 @@ class RequestBodyAccess : public Action {
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_
|
||||
|
@ -13,20 +13,20 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/request_body_processor_json.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
|
||||
|
||||
bool RequestBodyProcessorJSON::execute(RuleWithActions *rule,
|
||||
Transaction *transaction) {
|
||||
bool RequestBodyProcessorJSON::execute(Transaction *transaction) noexcept {
|
||||
transaction->m_requestBodyProcessor = Transaction::JSONRequestBody;
|
||||
transaction->m_variableReqbodyProcessor.set("JSON",
|
||||
transaction->m_variableOffset);
|
||||
|
@ -13,14 +13,17 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_JSON_H_
|
||||
#define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_JSON_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -28,10 +31,11 @@ namespace ctl {
|
||||
|
||||
class RequestBodyProcessorJSON : public Action {
|
||||
public:
|
||||
explicit RequestBodyProcessorJSON(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
explicit RequestBodyProcessorJSON(const std::string &action)
|
||||
: Action(action)
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,20 +13,21 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/request_body_processor_urlencoded.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
|
||||
|
||||
bool RequestBodyProcessorURLENCODED::execute(RuleWithActions *rule,
|
||||
Transaction *transaction) {
|
||||
bool RequestBodyProcessorURLENCODED::execute(
|
||||
Transaction *transaction) noexcept {
|
||||
transaction->m_requestBodyType = Transaction::WWWFormUrlEncoded;
|
||||
transaction->m_variableReqbodyProcessor.set("URLENCODED",
|
||||
transaction->m_variableOffset);
|
||||
|
@ -13,14 +13,17 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_
|
||||
#define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -28,10 +31,11 @@ namespace ctl {
|
||||
|
||||
class RequestBodyProcessorURLENCODED : public Action {
|
||||
public:
|
||||
explicit RequestBodyProcessorURLENCODED(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
explicit RequestBodyProcessorURLENCODED(const std::string &action)
|
||||
: Action(action)
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,20 +13,20 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/request_body_processor_xml.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
|
||||
|
||||
bool RequestBodyProcessorXML::execute(RuleWithActions *rule,
|
||||
Transaction *transaction) {
|
||||
bool RequestBodyProcessorXML::execute(Transaction *transaction) noexcept {
|
||||
transaction->m_requestBodyProcessor = Transaction::XMLRequestBody;
|
||||
transaction->m_variableReqbodyProcessor.set("XML",
|
||||
transaction->m_variableOffset);
|
||||
|
@ -13,14 +13,17 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_XML_H_
|
||||
#define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_XML_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -28,10 +31,11 @@ namespace ctl {
|
||||
|
||||
class RequestBodyProcessorXML : public Action {
|
||||
public:
|
||||
explicit RequestBodyProcessorXML(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
explicit RequestBodyProcessorXML(const std::string &action)
|
||||
: Action(action)
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,22 +13,23 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/rule_engine.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/rules_set_properties.h"
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
|
||||
|
||||
bool RuleEngine::init(std::string *error) {
|
||||
std::string what(m_parser_payload, 11, m_parser_payload.size() - 11);
|
||||
std::string what(m_parserPayload, 11, m_parserPayload.size() - 11);
|
||||
|
||||
if (what == "on") {
|
||||
m_ruleEngine = RulesSetProperties::EnabledRuleEngine;
|
||||
@ -38,14 +39,15 @@ bool RuleEngine::init(std::string *error) {
|
||||
m_ruleEngine = RulesSetProperties::DetectionOnlyRuleEngine;
|
||||
} else {
|
||||
error->assign("Internal error. Expected: On, Off or DetectionOnly; " \
|
||||
"got: " + m_parser_payload);
|
||||
"got: " + m_parserPayload);
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool RuleEngine::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
|
||||
bool RuleEngine::execute(Transaction *transaction) noexcept {
|
||||
std::stringstream a;
|
||||
a << "Setting SecRuleEngine to ";
|
||||
a << modsecurity::RulesSetProperties::ruleEngineStateString(m_ruleEngine);
|
||||
|
@ -13,16 +13,17 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/rules_set_properties.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_CTL_RULE_ENGINE_H_
|
||||
#define SRC_ACTIONS_CTL_RULE_ENGINE_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -30,13 +31,16 @@ namespace ctl {
|
||||
|
||||
class RuleEngine : public Action {
|
||||
public:
|
||||
explicit RuleEngine(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind),
|
||||
m_ruleEngine(RulesSetProperties::PropertyNotSetRuleEngine) { }
|
||||
explicit RuleEngine(const std::string &action)
|
||||
: Action(action),
|
||||
m_ruleEngine(RulesSetProperties::PropertyNotSetRuleEngine)
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
RulesSetProperties::RuleEngine m_ruleEngine;
|
||||
};
|
||||
|
||||
|
@ -13,21 +13,25 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/rule_remove_by_id.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <utility>
|
||||
#include <vector>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "src/utils/string.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
|
||||
|
||||
bool RuleRemoveById::init(std::string *error) {
|
||||
std::string what(m_parser_payload, 15, m_parser_payload.size() - 15);
|
||||
std::string what(m_parserPayload, 15, m_parserPayload.size() - 15);
|
||||
bool added = false;
|
||||
std::vector<std::string> toRemove = utils::string::ssplit(what, ' ');
|
||||
for (std::string &a : toRemove) {
|
||||
@ -83,7 +87,8 @@ bool RuleRemoveById::init(std::string *error) {
|
||||
return false;
|
||||
}
|
||||
|
||||
bool RuleRemoveById::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
|
||||
bool RuleRemoveById::execute(Transaction *transaction) noexcept {
|
||||
for (auto &i : m_ids) {
|
||||
transaction->m_ruleRemoveById.push_back(i);
|
||||
}
|
||||
|
@ -13,7 +13,10 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <utility>
|
||||
#include <list>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
@ -22,6 +25,7 @@
|
||||
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_
|
||||
#define SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -29,12 +33,15 @@ namespace ctl {
|
||||
|
||||
class RuleRemoveById : public Action {
|
||||
public:
|
||||
explicit RuleRemoveById(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
explicit RuleRemoveById(const std::string &action)
|
||||
: Action(action)
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
std::list<std::pair<int, int> > m_ranges;
|
||||
std::list<int> m_ids;
|
||||
};
|
||||
|
@ -13,26 +13,28 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/rule_remove_by_tag.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
|
||||
|
||||
bool RuleRemoveByTag::init(std::string *error) {
|
||||
std::string what(m_parser_payload, 16, m_parser_payload.size() - 16);
|
||||
std::string what(m_parserPayload, 16, m_parserPayload.size() - 16);
|
||||
m_tag = what;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool RuleRemoveByTag::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
|
||||
bool RuleRemoveByTag::execute(Transaction *transaction) noexcept {
|
||||
transaction->m_ruleRemoveByTag.push_back(m_tag);
|
||||
return true;
|
||||
}
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
@ -22,6 +23,7 @@
|
||||
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_TAG_H_
|
||||
#define SRC_ACTIONS_CTL_RULE_REMOVE_BY_TAG_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -29,13 +31,16 @@ namespace ctl {
|
||||
|
||||
class RuleRemoveByTag : public Action {
|
||||
public:
|
||||
explicit RuleRemoveByTag(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind),
|
||||
m_tag("") { }
|
||||
explicit RuleRemoveByTag(const std::string &action)
|
||||
: Action(action),
|
||||
m_tag("")
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
std::string m_tag;
|
||||
};
|
||||
|
||||
|
@ -13,14 +13,15 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/rule_remove_target_by_id.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <vector>
|
||||
#include <utility>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "src/utils/string.h"
|
||||
|
||||
|
||||
@ -30,7 +31,7 @@ namespace ctl {
|
||||
|
||||
|
||||
bool RuleRemoveTargetById::init(std::string *error) {
|
||||
std::string what(m_parser_payload, 21, m_parser_payload.size() - 21);
|
||||
std::string what(m_parserPayload, 21, m_parserPayload.size() - 21);
|
||||
std::vector<std::string> param = utils::string::split(what, ';');
|
||||
|
||||
if (param.size() < 2) {
|
||||
@ -51,7 +52,8 @@ bool RuleRemoveTargetById::init(std::string *error) {
|
||||
return true;
|
||||
}
|
||||
|
||||
bool RuleRemoveTargetById::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
|
||||
bool RuleRemoveTargetById::execute(Transaction *transaction) noexcept {
|
||||
transaction->m_ruleRemoveTargetById.push_back(
|
||||
std::make_pair(m_id, m_target));
|
||||
return true;
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
@ -22,6 +23,7 @@
|
||||
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_
|
||||
#define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -29,14 +31,17 @@ namespace ctl {
|
||||
|
||||
class RuleRemoveTargetById : public Action {
|
||||
public:
|
||||
explicit RuleRemoveTargetById(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind),
|
||||
explicit RuleRemoveTargetById(const std::string &action)
|
||||
: Action(action),
|
||||
m_id(0),
|
||||
m_target("") { }
|
||||
m_target("")
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
int m_id;
|
||||
std::string m_target;
|
||||
};
|
||||
|
@ -13,14 +13,15 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/ctl/rule_remove_target_by_tag.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <vector>
|
||||
#include <utility>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "src/utils/string.h"
|
||||
|
||||
|
||||
@ -30,7 +31,7 @@ namespace ctl {
|
||||
|
||||
|
||||
bool RuleRemoveTargetByTag::init(std::string *error) {
|
||||
std::string what(m_parser_payload, 22, m_parser_payload.size() - 22);
|
||||
std::string what(m_parserPayload, 22, m_parserPayload.size() - 22);
|
||||
std::vector<std::string> param = utils::string::split(what, ';');
|
||||
|
||||
if (param.size() < 2) {
|
||||
@ -44,7 +45,8 @@ bool RuleRemoveTargetByTag::init(std::string *error) {
|
||||
return true;
|
||||
}
|
||||
|
||||
bool RuleRemoveTargetByTag::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
|
||||
bool RuleRemoveTargetByTag::execute(Transaction *transaction) noexcept {
|
||||
transaction->m_ruleRemoveTargetByTag.push_back(
|
||||
std::make_pair(m_tag, m_target));
|
||||
return true;
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
@ -22,6 +23,7 @@
|
||||
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_
|
||||
#define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace ctl {
|
||||
@ -29,12 +31,15 @@ namespace ctl {
|
||||
|
||||
class RuleRemoveTargetByTag : public Action {
|
||||
public:
|
||||
explicit RuleRemoveTargetByTag(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
explicit RuleRemoveTargetByTag(const std::string &action)
|
||||
: Action(action)
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
std::string m_tag;
|
||||
std::string m_target;
|
||||
};
|
||||
@ -44,4 +49,5 @@ class RuleRemoveTargetByTag : public Action {
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_
|
||||
|
@ -13,11 +13,10 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/data/status.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
@ -26,11 +25,12 @@ namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace data {
|
||||
|
||||
|
||||
bool Status::init(std::string *error) {
|
||||
try {
|
||||
m_status = std::stoi(m_parser_payload);
|
||||
m_status = std::stoi(m_parserPayload);
|
||||
} catch (...) {
|
||||
error->assign("Not a valid number: " + m_parser_payload);
|
||||
error->assign("Not a valid number: " + m_parserPayload);
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -38,7 +38,7 @@ bool Status::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool Status::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool Status::execute(Transaction *transaction) noexcept {
|
||||
transaction->m_it.status = m_status;
|
||||
return true;
|
||||
}
|
||||
|
@ -13,32 +13,36 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "src/actions/action_allowed_in_sec_default_action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_DATA_STATUS_H_
|
||||
#define SRC_ACTIONS_DATA_STATUS_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
namespace data {
|
||||
|
||||
|
||||
class Status : public Action {
|
||||
class Status : public ActionAllowedAsSecDefaultAction {
|
||||
public:
|
||||
explicit Status(const std::string &action) : Action(action, 2),
|
||||
m_status(0) { }
|
||||
explicit Status(const std::string &action)
|
||||
: Action(action),
|
||||
m_status(0)
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
int m_status;
|
||||
};
|
||||
|
||||
@ -46,6 +50,6 @@ class Status : public Action {
|
||||
} // namespace data
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_DATA_STATUS_H_
|
||||
|
@ -13,16 +13,19 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/disruptive/allow.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
#include "src/utils/string.h"
|
||||
#include "modsecurity/modsecurity.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
@ -31,7 +34,7 @@ namespace disruptive {
|
||||
|
||||
|
||||
bool Allow::init(std::string *error) {
|
||||
std::string a = utils::string::tolower(m_parser_payload);
|
||||
std::string a = utils::string::tolower(m_parserPayload);
|
||||
|
||||
if (a == "phase") {
|
||||
m_allowType = PhaseAllowType;
|
||||
@ -49,7 +52,7 @@ bool Allow::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool Allow::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool Allow::execute(Transaction *transaction) noexcept {
|
||||
ms_dbg_a(transaction, 4, "Dropping the evaluation of upcoming rules " \
|
||||
"in favor of an `allow' action of type: " \
|
||||
+ allowTypeToName(m_allowType));
|
||||
|
@ -13,20 +13,20 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "src/actions/disruptive/disruptive_action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_DISRUPTIVE_ALLOW_H_
|
||||
#define SRC_ACTIONS_DISRUPTIVE_ALLOW_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
class RuleWithOperator;
|
||||
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
@ -51,17 +51,18 @@ enum AllowType : int {
|
||||
};
|
||||
|
||||
|
||||
class Allow : public Action {
|
||||
class Allow : public ActionDisruptive {
|
||||
public:
|
||||
explicit Allow(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind),
|
||||
m_allowType(NoneAllowType) { }
|
||||
|
||||
explicit Allow(const std::string &action)
|
||||
: Action(action),
|
||||
m_allowType(NoneAllowType)
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool isDisruptive() override { return true; }
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
AllowType m_allowType;
|
||||
|
||||
static std::string allowTypeToName(AllowType a) {
|
||||
@ -83,6 +84,6 @@ class Allow : public Action {
|
||||
} // namespace disruptive
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_DISRUPTIVE_ALLOW_H_
|
||||
|
@ -13,22 +13,26 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/disruptive/deny.h"
|
||||
|
||||
#include <string.h>
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <cstring>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
bool Deny::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool Deny::execute(Transaction *transaction) noexcept {
|
||||
ms_dbg_a(transaction, 8, "Running action deny");
|
||||
|
||||
if (transaction->m_it.status == 200) {
|
||||
@ -37,9 +41,10 @@ bool Deny::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
|
||||
transaction->m_it.disruptive = true;
|
||||
intervention::freeLog(&transaction->m_it);
|
||||
transaction->messageGetLast()->setRule(rule);
|
||||
transaction->m_it.log = strdup(
|
||||
transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
|
||||
transaction->messageGetLast()->log(
|
||||
RuleMessage::LogMessageInfo::ClientLogMessageInfo)
|
||||
.c_str());
|
||||
|
||||
return true;
|
||||
}
|
||||
|
@ -13,28 +13,31 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
#include "src/actions/disruptive/disruptive_action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_DISRUPTIVE_DENY_H_
|
||||
#define SRC_ACTIONS_DISRUPTIVE_DENY_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
class Deny : public Action {
|
||||
class Deny : public ActionDisruptive {
|
||||
public:
|
||||
explicit Deny(const std::string &action) : Action(action) { }
|
||||
Deny()
|
||||
: Action("deny")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool isDisruptive() override { return true; }
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
@ -42,4 +45,5 @@ class Deny : public Action {
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_DISRUPTIVE_DENY_H_
|
||||
|
45
src/actions/disruptive/disruptive_action.h
Normal file
45
src/actions/disruptive/disruptive_action.h
Normal file
@ -0,0 +1,45 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_allowed_in_sec_default_action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_
|
||||
#define SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
class ActionDisruptive : public ActionAllowedAsSecDefaultAction {
|
||||
public:
|
||||
bool isDisruptive() override {
|
||||
return true;
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
} // namespace disruptive
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_
|
@ -13,26 +13,26 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/disruptive/drop.h"
|
||||
|
||||
#include <string.h>
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <cstring>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/utils/string.h"
|
||||
#include "modsecurity/modsecurity.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
bool Drop::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool Drop::execute(Transaction *transaction) noexcept {
|
||||
ms_dbg_a(transaction, 8, "Running action drop " \
|
||||
"[executing deny instead of drop.]");
|
||||
|
||||
@ -42,9 +42,11 @@ bool Drop::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
|
||||
transaction->m_it.disruptive = true;
|
||||
intervention::freeLog(&transaction->m_it);
|
||||
transaction->messageGetLast()->setRule(rule);
|
||||
|
||||
transaction->m_it.log = strdup(
|
||||
transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
|
||||
transaction->messageGetLast()->log(
|
||||
RuleMessage::LogMessageInfo::ClientLogMessageInfo)
|
||||
.c_str());
|
||||
|
||||
return true;
|
||||
}
|
||||
|
@ -13,27 +13,31 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
#include "src/actions/disruptive/disruptive_action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_DISRUPTIVE_DROP_H_
|
||||
#define SRC_ACTIONS_DISRUPTIVE_DROP_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
class Drop : public Action {
|
||||
class Drop : public ActionDisruptive {
|
||||
public:
|
||||
explicit Drop(const std::string &action) : Action(action) { }
|
||||
Drop()
|
||||
: Action("drop")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool isDisruptive() override { return true; }
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,23 +13,25 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/disruptive/pass.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
bool Pass::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool Pass::execute(Transaction *transaction) noexcept {
|
||||
intervention::free(&transaction->m_it);
|
||||
intervention::reset(&transaction->m_it);
|
||||
|
||||
|
@ -13,26 +13,31 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "src/actions/disruptive/disruptive_action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_DISRUPTIVE_PASS_H_
|
||||
#define SRC_ACTIONS_DISRUPTIVE_PASS_H_
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
class Pass : public Action {
|
||||
class Pass : public ActionDisruptive {
|
||||
public:
|
||||
explicit Pass(const std::string &action) : Action(action) { }
|
||||
Pass()
|
||||
: Action("pass")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool isDisruptive() override { return true; }
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,32 +13,31 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/disruptive/redirect.h"
|
||||
|
||||
#include <string.h>
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "src/utils/string.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
bool Redirect::init(std::string *error) {
|
||||
m_status = 302;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
bool Redirect::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool Redirect::execute(Transaction *transaction) noexcept {
|
||||
std::string m_urlExpanded(getEvaluatedRunTimeString(transaction));
|
||||
/* if it was changed before, lets keep it. */
|
||||
if (transaction->m_it.status == 200
|
||||
|| (!(transaction->m_it.status <= 307 && transaction->m_it.status >= 301))) {
|
||||
|| (!(transaction->m_it.status <= 307
|
||||
&& transaction->m_it.status >= 301))) {
|
||||
transaction->m_it.status = m_status;
|
||||
}
|
||||
|
||||
@ -46,9 +45,11 @@ bool Redirect::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
transaction->m_it.url = strdup(m_urlExpanded.c_str());
|
||||
transaction->m_it.disruptive = true;
|
||||
intervention::freeLog(&transaction->m_it);
|
||||
transaction->messageGetLast()->setRule(rule);
|
||||
|
||||
transaction->m_it.log = strdup(
|
||||
transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
|
||||
transaction->messageGetLast()->log(
|
||||
RuleMessage::LogMessageInfo::ClientLogMessageInfo)
|
||||
.c_str());
|
||||
|
||||
return true;
|
||||
}
|
||||
|
@ -13,49 +13,49 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
#include <utility>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "src/actions/action_with_run_time_string.h"
|
||||
#include "src/actions/disruptive/disruptive_action.h"
|
||||
#include "src/run_time_string.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
|
||||
#define SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
|
||||
namespace actions {
|
||||
namespace disruptive {
|
||||
|
||||
|
||||
class Redirect : public ActionWithRunTimeString {
|
||||
class Redirect : public ActionWithRunTimeString, public ActionDisruptive {
|
||||
public:
|
||||
explicit Redirect(std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(
|
||||
"redirert",
|
||||
RunTimeOnlyIfMatchKind,
|
||||
std::move(runTimeString)),
|
||||
m_status(0)
|
||||
{ };
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action("redirect"),
|
||||
m_status(302)
|
||||
{ }
|
||||
|
||||
|
||||
explicit Redirect(const Redirect &action)
|
||||
: ActionWithRunTimeString(action),
|
||||
ActionDisruptive(action),
|
||||
Action(action),
|
||||
m_status(action.m_status)
|
||||
{ };
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
bool isDisruptive() override { return true; }
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new Redirect(*this);
|
||||
}
|
||||
|
||||
@ -67,6 +67,6 @@ class Redirect : public ActionWithRunTimeString {
|
||||
} // namespace disruptive
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
|
||||
|
@ -13,15 +13,18 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/exec.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
#include "src/utils/system.h"
|
||||
#include "src/engine/lua.h"
|
||||
|
||||
@ -33,7 +36,7 @@ namespace actions {
|
||||
bool Exec::init(std::string *error) {
|
||||
std::string err;
|
||||
|
||||
m_script = utils::find_resource(m_parser_payload, "", &err);
|
||||
m_script = utils::find_resource(m_parserPayload, "", &err);
|
||||
|
||||
if (m_script.size() == 0) {
|
||||
error->assign("exec: Script not found: " + err);
|
||||
@ -49,7 +52,7 @@ bool Exec::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool Exec::execute(RuleWithActions *rule, Transaction *t) {
|
||||
bool Exec::execute(Transaction *t) noexcept {
|
||||
ms_dbg_a(t, 8, "Running script... " + m_script);
|
||||
m_lua.run(t);
|
||||
return true;
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
@ -21,22 +22,21 @@
|
||||
#ifndef SRC_ACTIONS_EXEC_H_
|
||||
#define SRC_ACTIONS_EXEC_H_
|
||||
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Exec : public Action {
|
||||
public:
|
||||
explicit Exec(const std::string &action)
|
||||
explicit Exec(const std::string &action)
|
||||
: Action(action),
|
||||
m_script("") { }
|
||||
m_script("")
|
||||
{ }
|
||||
|
||||
~Exec() { }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
bool init(std::string *error) override;
|
||||
|
||||
private:
|
||||
|
@ -13,14 +13,17 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/init_col.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
@ -28,9 +31,9 @@ namespace actions {
|
||||
|
||||
|
||||
bool InitCol::init(std::string *error) {
|
||||
int posEquals = m_parser_payload.find("=");
|
||||
int posEquals = m_parserPayload.find("=");
|
||||
|
||||
if (m_parser_payload.size() < 2) {
|
||||
if (m_parserPayload.size() < 2) {
|
||||
error->assign("Something wrong with initcol format: too small");
|
||||
return false;
|
||||
}
|
||||
@ -40,7 +43,7 @@ bool InitCol::init(std::string *error) {
|
||||
return false;
|
||||
}
|
||||
|
||||
m_collection_key = std::string(m_parser_payload, 0, posEquals);
|
||||
m_collection_key = std::string(m_parserPayload, 0, posEquals);
|
||||
|
||||
if (m_collection_key != "ip" &&
|
||||
m_collection_key != "global" &&
|
||||
@ -54,7 +57,7 @@ bool InitCol::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool InitCol::execute(RuleWithActions *rule, Transaction *t) {
|
||||
bool InitCol::execute(Transaction *t) noexcept {
|
||||
std::string collectionName(getEvaluatedRunTimeString(t));
|
||||
|
||||
if (m_collection_key == "ip") {
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <utility>
|
||||
#include <memory>
|
||||
@ -33,23 +34,22 @@ class InitCol : public ActionWithRunTimeString {
|
||||
public:
|
||||
InitCol(
|
||||
const std::string &action,
|
||||
std::unique_ptr<RunTimeString> runTimeString
|
||||
) : ActionWithRunTimeString(
|
||||
action,
|
||||
std::move(runTimeString)
|
||||
)
|
||||
{ };
|
||||
std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action(action)
|
||||
{ }
|
||||
|
||||
InitCol(const InitCol &action)
|
||||
: ActionWithRunTimeString(action),
|
||||
Action(action),
|
||||
m_collection_key(action.m_collection_key)
|
||||
{ };
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new InitCol(*this);
|
||||
}
|
||||
|
||||
|
@ -13,25 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/log.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "src/operators/operator.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool Log::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,29 +13,36 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
#include "src/actions/action_allowed_in_sec_default_action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_LOG_H_
|
||||
#define SRC_ACTIONS_LOG_H_
|
||||
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Log : public Action {
|
||||
class Log : public ActionTypeRuleMetaData,
|
||||
public ActionAllowedAsSecDefaultAction {
|
||||
public:
|
||||
explicit Log(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
Log()
|
||||
: Action("log")
|
||||
{ }
|
||||
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setHasLogAction(true);
|
||||
}
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
@ -13,25 +13,21 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/log_data.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool LogData::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
transaction->messageGetLast()->m_data = getEvaluatedRunTimeString(transaction);
|
||||
|
||||
bool LogData::execute(Transaction *transaction) noexcept {
|
||||
transaction->messageGetLast()->m_data =
|
||||
getEvaluatedRunTimeString(transaction);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -13,42 +13,39 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
#include <utility>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
#include "src/actions/action_with_run_time_string.h"
|
||||
#include "src/run_time_string.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_LOG_DATA_H_
|
||||
#define SRC_ACTIONS_LOG_DATA_H_
|
||||
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class LogData : public ActionWithRunTimeString {
|
||||
public:
|
||||
explicit LogData(std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(
|
||||
"logdata",
|
||||
RunTimeOnlyIfMatchKind,
|
||||
std::move(runTimeString)
|
||||
)
|
||||
{ };
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action("logdata")
|
||||
{ }
|
||||
|
||||
explicit LogData(const LogData &data)
|
||||
: ActionWithRunTimeString(data)
|
||||
{ };
|
||||
: ActionWithRunTimeString(data),
|
||||
Action(data)
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new LogData(*this);
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,16 +13,11 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/maturity.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
@ -30,9 +25,9 @@ namespace actions {
|
||||
|
||||
bool Maturity::init(std::string *error) {
|
||||
try {
|
||||
m_maturity = std::stoi(m_parser_payload);
|
||||
m_maturity = std::stoi(m_parserPayload);
|
||||
} catch (...) {
|
||||
error->assign("Maturity: The input \"" + m_parser_payload + "\" is " \
|
||||
error->assign("Maturity: The input \"" + m_parserPayload + "\" is " \
|
||||
"not a number.");
|
||||
return false;
|
||||
}
|
||||
@ -40,10 +35,5 @@ bool Maturity::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool Maturity::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,9 +13,11 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_MATURITY_H_
|
||||
#define SRC_ACTIONS_MATURITY_H_
|
||||
@ -27,15 +29,17 @@ class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Maturity : public Action {
|
||||
class Maturity : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit Maturity(const std::string &action)
|
||||
: Action(action, ConfigurationKind),
|
||||
explicit Maturity(const std::string &action)
|
||||
: Action(action),
|
||||
m_maturity(0) { }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool init(std::string *error) override;
|
||||
int getMaturity() const { return m_maturity; }
|
||||
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setMaturity(m_maturity);
|
||||
}
|
||||
|
||||
private:
|
||||
int m_maturity;
|
||||
|
@ -13,16 +13,19 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/msg.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
#include "src/run_time_string.h"
|
||||
|
||||
/*
|
||||
* Description: Assigns a custom message to the rule or chain in which it
|
||||
@ -46,7 +49,7 @@ namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool Msg::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool Msg::execute(Transaction *transaction) noexcept {
|
||||
std::string msg = getEvaluatedRunTimeString(transaction);
|
||||
transaction->messageGetLast()->m_message = msg;
|
||||
ms_dbg_a(transaction, 9, "Saving msg: " + msg);
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
#include <utility>
|
||||
@ -34,20 +35,18 @@ namespace actions {
|
||||
class Msg : public ActionWithRunTimeString {
|
||||
public:
|
||||
explicit Msg(std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(
|
||||
"msg",
|
||||
RunTimeOnlyIfMatchKind,
|
||||
std::move(runTimeString)
|
||||
)
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action("msg")
|
||||
{ };
|
||||
|
||||
explicit Msg(const Msg &action)
|
||||
: ActionWithRunTimeString(action)
|
||||
: ActionWithRunTimeString(action),
|
||||
Action(action)
|
||||
{ };
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new Msg(*this);
|
||||
}
|
||||
};
|
||||
|
@ -13,22 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/multi_match.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool MultiMatch::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,33 +13,34 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_MULTI_MATCH_H_
|
||||
#define SRC_ACTIONS_MULTI_MATCH_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
class RuleWithOperator;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class MultiMatch : public Action {
|
||||
class MultiMatch : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit MultiMatch(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
MultiMatch()
|
||||
: Action("multiMatch")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setHasMultimatchAction(true);
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_MULTI_MATCH_H_
|
||||
|
@ -13,20 +13,17 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/no_audit_log.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool NoAuditLog::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool NoAuditLog::execute(Transaction *transaction) noexcept {
|
||||
transaction->messageSetNoAuditLog(true);
|
||||
return true;
|
||||
}
|
||||
|
@ -13,33 +13,32 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "src/actions/action_allowed_in_sec_default_action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_NO_AUDIT_LOG_H_
|
||||
#define SRC_ACTIONS_NO_AUDIT_LOG_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class NoAuditLog : public Action {
|
||||
class NoAuditLog : public ActionAllowedAsSecDefaultAction {
|
||||
public:
|
||||
explicit NoAuditLog(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
NoAuditLog()
|
||||
: Action("noAuditLog")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_NO_AUDIT_LOG_H_
|
||||
|
@ -13,26 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/no_log.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "src/operators/operator.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool NoLog::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,29 +13,34 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
#include "src/actions/action_allowed_in_sec_default_action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_NO_LOG_H_
|
||||
#define SRC_ACTIONS_NO_LOG_H_
|
||||
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class NoLog : public Action {
|
||||
class NoLog : public ActionTypeRuleMetaData,
|
||||
public ActionAllowedAsSecDefaultAction {
|
||||
public:
|
||||
explicit NoLog(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind) { }
|
||||
NoLog()
|
||||
: Action("noLog")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setHasNoLogAction(true);
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
@ -15,25 +15,22 @@
|
||||
|
||||
#include "src/actions/phase.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "modsecurity/modsecurity.h"
|
||||
|
||||
#include "src/utils/string.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
bool Phase::init(std::string *error) {
|
||||
std::string a = utils::string::tolower(m_parser_payload);
|
||||
std::string a = utils::string::tolower(m_parserPayload);
|
||||
m_phase = -1;
|
||||
|
||||
try {
|
||||
m_phase = std::stoi(m_parser_payload);
|
||||
m_phase = std::stoi(m_parserPayload);
|
||||
if (m_phase == 0) {
|
||||
m_phase = modsecurity::Phases::ConnectionPhase;
|
||||
m_secRulesPhase = 0;
|
||||
@ -53,7 +50,7 @@ bool Phase::init(std::string *error) {
|
||||
m_phase = modsecurity::Phases::LoggingPhase;
|
||||
m_secRulesPhase = 5;
|
||||
} else {
|
||||
error->assign("Unknown phase: " + m_parser_payload);
|
||||
error->assign("Unknown phase: " + m_parserPayload);
|
||||
return false;
|
||||
}
|
||||
} catch (...) {
|
||||
@ -73,10 +70,5 @@ bool Phase::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool Phase::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
rule->setPhase(m_phase);
|
||||
return true;
|
||||
}
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,38 +13,48 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_PHASE_H_
|
||||
#define SRC_ACTIONS_PHASE_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
class RuleWithOperator;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Phase : public Action {
|
||||
class Phase : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit Phase(const std::string &action) : Action(action, ConfigurationKind),
|
||||
explicit Phase(const std::string &action)
|
||||
: Action(action),
|
||||
m_phase(0),
|
||||
m_secRulesPhase(0) { }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setPhase(m_phase);
|
||||
}
|
||||
|
||||
int getSecRulePhase() const {
|
||||
return m_secRulesPhase;
|
||||
}
|
||||
|
||||
int getPhase() const {
|
||||
return m_phase;
|
||||
}
|
||||
|
||||
private:
|
||||
int m_phase;
|
||||
int m_secRulesPhase;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
#endif // SRC_ACTIONS_PHASE_H_
|
||||
|
@ -13,28 +13,18 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/rev.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool Rev::init(std::string *error) {
|
||||
m_rev = m_parser_payload;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
bool Rev::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
m_revision = m_parserPayload;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -13,30 +13,35 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_REV_H_
|
||||
#define SRC_ACTIONS_REV_H_
|
||||
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Rev : public Action {
|
||||
class Rev : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit Rev(const std::string &action) : Action(action, ConfigurationKind) { }
|
||||
explicit Rev(const std::string &action)
|
||||
: Action(action),
|
||||
m_revision("")
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool init(std::string *error) override;
|
||||
std::string getRevision() const { return m_rev; }
|
||||
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setRevision(m_revision);
|
||||
}
|
||||
|
||||
private:
|
||||
std::string m_rev;
|
||||
std::string m_revision;
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,22 +13,18 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/rule_id.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool RuleId::init(std::string *error) {
|
||||
std::string a = m_parser_payload;
|
||||
std::string a = m_parserPayload;
|
||||
|
||||
try {
|
||||
m_ruleId = std::stod(a);
|
||||
@ -50,11 +46,5 @@ bool RuleId::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool RuleId::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
rule->setId(m_ruleId);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,38 +13,40 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_RULE_ID_H_
|
||||
#define SRC_ACTIONS_RULE_ID_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
class RuleWithOperator;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class RuleId : public Action {
|
||||
class RuleId : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit RuleId(const std::string &action)
|
||||
: Action(action, ConfigurationKind),
|
||||
m_ruleId(0) { }
|
||||
explicit RuleId(const std::string &action)
|
||||
: Action(action),
|
||||
m_ruleId(0)
|
||||
{ }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setId(m_ruleId);
|
||||
}
|
||||
|
||||
private:
|
||||
double m_ruleId;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_RULE_ID_H_
|
||||
|
@ -13,22 +13,26 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/set_env.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/utils/string.h"
|
||||
#include "src/rule_with_actions.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
#include "src/run_time_string.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool SetENV::execute(RuleWithActions *rule, Transaction *t) {
|
||||
bool SetENV::execute(Transaction *t) noexcept {
|
||||
std::string colNameExpanded(getEvaluatedRunTimeString(t));
|
||||
|
||||
ms_dbg_a(t, 8, "Setting envoriment variable: "
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <utility>
|
||||
#include <memory>
|
||||
@ -33,20 +34,18 @@ namespace actions {
|
||||
class SetENV : public ActionWithRunTimeString {
|
||||
public:
|
||||
explicit SetENV(std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(
|
||||
"setenv",
|
||||
RunTimeOnlyIfMatchKind,
|
||||
std::move(runTimeString)
|
||||
)
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action("setenv")
|
||||
{ };
|
||||
|
||||
explicit SetENV(const SetENV &action)
|
||||
: ActionWithRunTimeString(action)
|
||||
: ActionWithRunTimeString(action),
|
||||
Action(action)
|
||||
{ };
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new SetENV(*this);
|
||||
}
|
||||
};
|
||||
|
@ -13,20 +13,24 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/set_rsc.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool SetRSC::execute(RuleWithActions *rule, Transaction *t) {
|
||||
bool SetRSC::execute(Transaction *t) noexcept {
|
||||
std::string colNameExpanded(getEvaluatedRunTimeString(t));
|
||||
ms_dbg_a(t, 8, "RESOURCE initiated with value: \'"
|
||||
+ colNameExpanded + "\'.");
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <utility>
|
||||
#include <memory>
|
||||
@ -33,20 +34,18 @@ namespace actions {
|
||||
class SetRSC : public ActionWithRunTimeString {
|
||||
public:
|
||||
explicit SetRSC(std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(
|
||||
"setsrc",
|
||||
RunTimeOnlyIfMatchKind,
|
||||
std::move(runTimeString)
|
||||
)
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action("setsrc")
|
||||
{ };
|
||||
|
||||
explicit SetRSC(const SetRSC &action)
|
||||
: ActionWithRunTimeString(action)
|
||||
: ActionWithRunTimeString(action),
|
||||
Action(action)
|
||||
{ };
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new SetRSC(*this);
|
||||
}
|
||||
};
|
||||
|
@ -13,20 +13,24 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/set_sid.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool SetSID::execute(RuleWithActions *rule, Transaction *t) {
|
||||
bool SetSID::execute(Transaction *t) noexcept {
|
||||
std::string colNameExpanded(getEvaluatedRunTimeString(t));
|
||||
ms_dbg_a(t, 8, "Session ID initiated with value: \'"
|
||||
+ colNameExpanded + "\'.");
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <utility>
|
||||
#include <memory>
|
||||
@ -33,20 +34,18 @@ namespace actions {
|
||||
class SetSID : public ActionWithRunTimeString {
|
||||
public:
|
||||
explicit SetSID(std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(
|
||||
"setsid",
|
||||
RunTimeOnlyIfMatchKind,
|
||||
std::move(runTimeString)
|
||||
)
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action("setsid")
|
||||
{ };
|
||||
|
||||
SetSID(const SetSID &action)
|
||||
: ActionWithRunTimeString(action)
|
||||
: ActionWithRunTimeString(action),
|
||||
Action(action)
|
||||
{ };
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new SetSID(*this);
|
||||
}
|
||||
};
|
||||
|
@ -13,20 +13,24 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/set_uid.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool SetUID::execute(RuleWithActions *rule, Transaction *t) {
|
||||
bool SetUID::execute(Transaction *t) noexcept {
|
||||
std::string colNameExpanded(getEvaluatedRunTimeString(t));
|
||||
ms_dbg_a(t, 8, "User collection initiated with value: \'"
|
||||
+ colNameExpanded + "\'.");
|
||||
|
@ -13,6 +13,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
#include <utility>
|
||||
@ -33,23 +34,20 @@ namespace actions {
|
||||
class SetUID : public ActionWithRunTimeString {
|
||||
public:
|
||||
explicit SetUID(std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(
|
||||
"setuid",
|
||||
RunTimeOnlyIfMatchKind,
|
||||
std::move(runTimeString)
|
||||
)
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action("setuid")
|
||||
{ };
|
||||
|
||||
explicit SetUID(const SetUID &action)
|
||||
: ActionWithRunTimeString(action)
|
||||
: ActionWithRunTimeString(action),
|
||||
Action(action)
|
||||
{ };
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new SetUID(*this);
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
|
||||
|
@ -13,24 +13,24 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/set_var.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "src/utils/string.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
#include "src/variables/global.h"
|
||||
#include "src/variables/ip.h"
|
||||
#include "src/variables/resource.h"
|
||||
#include "src/variables/session.h"
|
||||
#include "src/variables/tx.h"
|
||||
#include "src/variables/user.h"
|
||||
#include "src/variables/variable.h"
|
||||
#include "src/rule_with_operator.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
@ -42,7 +42,7 @@ bool SetVar::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool SetVar::execute(RuleWithActions *rule, Transaction *t) {
|
||||
bool SetVar::execute(Transaction *t) noexcept {
|
||||
std::string targetValue;
|
||||
std::string resolvedPre;
|
||||
|
||||
|
@ -13,23 +13,26 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <memory>
|
||||
#include <string>
|
||||
#include <utility>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "src/actions/action_with_run_time_string.h"
|
||||
#include "src/variables/variable_with_runtime_string.h"
|
||||
#include "src/rule_with_operator.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_SET_VAR_H_
|
||||
#define SRC_ACTIONS_SET_VAR_H_
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
class RuleWithOperator;
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
enum SetVarOperation {
|
||||
/* Set variable to something */
|
||||
setOperation,
|
||||
@ -43,57 +46,66 @@ enum SetVarOperation {
|
||||
unsetOperation,
|
||||
};
|
||||
|
||||
|
||||
class SetVar : public ActionWithRunTimeString {
|
||||
public:
|
||||
SetVar(SetVarOperation operation,
|
||||
std::unique_ptr<modsecurity::variables::Variable> variable,
|
||||
std::unique_ptr<RunTimeString> predicate)
|
||||
: ActionWithRunTimeString("setvar", std::move(predicate)),
|
||||
: ActionWithRunTimeString(std::move(predicate)),
|
||||
m_operation(operation),
|
||||
m_variable(std::move(variable))
|
||||
{ };
|
||||
m_variable(std::move(variable)),
|
||||
Action("setvar")
|
||||
{ }
|
||||
|
||||
|
||||
SetVar(SetVarOperation operation,
|
||||
std::unique_ptr<modsecurity::variables::Variable> variable)
|
||||
: ActionWithRunTimeString("setvar"),
|
||||
: ActionWithRunTimeString(),
|
||||
Action("setvar"),
|
||||
m_operation(operation),
|
||||
m_variable(std::move(variable))
|
||||
{ };
|
||||
{ }
|
||||
|
||||
|
||||
SetVar(const SetVar &var)
|
||||
: ActionWithRunTimeString(var),
|
||||
Action(var),
|
||||
m_operation(var.m_operation),
|
||||
m_variable(var.m_variable)
|
||||
{
|
||||
variables::RuleVariable *rv = dynamic_cast<variables::RuleVariable *>(m_variable.get());
|
||||
m_variable(var.m_variable) {
|
||||
variables::RuleVariable *rv = dynamic_cast<variables::RuleVariable *>(
|
||||
m_variable.get());
|
||||
if (rv != nullptr) {
|
||||
auto nrv = rv->clone();
|
||||
rv = dynamic_cast<variables::RuleVariable *>(nrv);
|
||||
rv->populate(nullptr);
|
||||
m_variable = std::unique_ptr<variables::Variable>(nrv);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
bool init(std::string *error) override;
|
||||
|
||||
void populate(RuleWithActions *rule) override {
|
||||
ActionWithRunTimeString::populate(rule);
|
||||
variables::RuleVariable *rulev = dynamic_cast<variables::RuleVariable *>(m_variable.get());
|
||||
variables::RuleVariable *rulev =
|
||||
dynamic_cast<variables::RuleVariable *>(
|
||||
m_variable.get());
|
||||
|
||||
if (rulev != nullptr) {
|
||||
rulev->populate(rule);
|
||||
}
|
||||
variables::VariableWithRunTimeString *rulev2 = dynamic_cast<variables::VariableWithRunTimeString *>(m_variable.get());
|
||||
variables::VariableWithRunTimeString *rulev2 =
|
||||
dynamic_cast<variables::VariableWithRunTimeString *>(
|
||||
m_variable.get());
|
||||
|
||||
if (rulev2 != nullptr) {
|
||||
rulev2->populate(rule);
|
||||
}
|
||||
}
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new SetVar(*this);
|
||||
}
|
||||
|
||||
@ -102,6 +114,7 @@ class SetVar : public ActionWithRunTimeString {
|
||||
std::shared_ptr<modsecurity::variables::Variable> m_variable;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
@ -13,18 +13,18 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/severity.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
|
||||
#include "src/utils/string.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
@ -32,7 +32,7 @@ namespace actions {
|
||||
|
||||
|
||||
bool Severity::init(std::string *error) {
|
||||
std::string a = utils::string::tolower(m_parser_payload);
|
||||
std::string a = utils::string::tolower(m_parserPayload);
|
||||
if (a == "emergency") {
|
||||
m_severity = 0;
|
||||
return true;
|
||||
@ -71,10 +71,5 @@ bool Severity::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool Severity::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
@ -13,37 +13,41 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_type_rule_metadata.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_SEVERITY_H_
|
||||
#define SRC_ACTIONS_SEVERITY_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Severity : public Action {
|
||||
class Severity : public ActionTypeRuleMetaData {
|
||||
public:
|
||||
explicit Severity(const std::string &action)
|
||||
explicit Severity(const std::string &action)
|
||||
: Action(action),
|
||||
m_severity(0) { }
|
||||
m_severity(0)
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool init(std::string *error) override;
|
||||
|
||||
void configure(RuleWithActions *rule) override {
|
||||
rule->setSeverity(m_severity);
|
||||
}
|
||||
|
||||
private:
|
||||
int m_severity;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_SEVERITY_H_
|
||||
|
@ -13,14 +13,18 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/skip.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
@ -28,9 +32,9 @@ namespace actions {
|
||||
|
||||
bool Skip::init(std::string *error) {
|
||||
try {
|
||||
m_skip_next = std::stoi(m_parser_payload);
|
||||
m_skip_next = std::stoi(m_parserPayload);
|
||||
} catch (...) {
|
||||
error->assign("Skip: The input \"" + m_parser_payload + "\" is " \
|
||||
error->assign("Skip: The input \"" + m_parserPayload + "\" is " \
|
||||
"not a number.");
|
||||
return false;
|
||||
}
|
||||
@ -38,7 +42,7 @@ bool Skip::init(std::string *error) {
|
||||
}
|
||||
|
||||
|
||||
bool Skip::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool Skip::execute(Transaction *transaction) noexcept {
|
||||
ms_dbg_a(transaction, 5, "Skipping the next " + \
|
||||
std::to_string(m_skip_next) + " rules.");
|
||||
|
||||
|
@ -13,10 +13,12 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_SKIP_H_
|
||||
#define SRC_ACTIONS_SKIP_H_
|
||||
|
||||
@ -29,13 +31,14 @@ namespace actions {
|
||||
|
||||
class Skip : public Action {
|
||||
public:
|
||||
explicit Skip(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind),
|
||||
explicit Skip(const std::string &action)
|
||||
: Action(action),
|
||||
m_skip_next(0) { }
|
||||
|
||||
bool init(std::string *error) override;
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
private:
|
||||
int m_skip_next;
|
||||
};
|
||||
|
||||
|
@ -13,21 +13,24 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/skip_after.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/rules_set.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool SkipAfter::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
bool SkipAfter::execute(Transaction *transaction) noexcept {
|
||||
ms_dbg_a(transaction, 5, "Setting skipAfter for: " + *m_skipName);
|
||||
transaction->addMarker(m_skipName);
|
||||
return true;
|
||||
|
@ -13,34 +13,38 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_SKIP_AFTER_H_
|
||||
#define SRC_ACTIONS_SKIP_AFTER_H_
|
||||
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class SkipAfter : public Action {
|
||||
public:
|
||||
explicit SkipAfter(const std::string &action)
|
||||
: Action(action, RunTimeOnlyIfMatchKind),
|
||||
m_skipName(std::make_shared<std::string>(m_parser_payload)) { }
|
||||
explicit SkipAfter(const std::string &action)
|
||||
: Action(action),
|
||||
m_skipName(std::make_shared<std::string>(m_parserPayload))
|
||||
{ }
|
||||
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
private:
|
||||
std::shared_ptr<std::string> m_skipName;
|
||||
// FIXME: This should be a regular pointer instead of a shared pointer.
|
||||
std::shared_ptr<std::string> m_skipName;
|
||||
};
|
||||
|
||||
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
|
||||
#endif // SRC_ACTIONS_SKIP_AFTER_H_
|
||||
|
@ -13,16 +13,18 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/tag.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <memory>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/rule.h"
|
||||
#include "modsecurity/rule_message.h"
|
||||
/**
|
||||
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
|
||||
* It should be removed.
|
||||
*/
|
||||
#include "modsecurity/rules_set.h"
|
||||
|
||||
|
||||
/**
|
||||
* Description: Assigns a tag (category) to a rule or a chain.
|
||||
@ -50,11 +52,8 @@ namespace modsecurity {
|
||||
namespace actions {
|
||||
|
||||
|
||||
bool Tag::execute(RuleWithActions *rule, Transaction *transaction) {
|
||||
std::string tag = getTagName(transaction);
|
||||
ms_dbg_a(transaction, 9, "Rule tag: " + tag);
|
||||
|
||||
transaction->messageGetLast()->m_tags.push_back(tag);
|
||||
bool Tag::execute(Transaction *transaction) noexcept {
|
||||
ms_dbg_a(transaction, 9, "Rule tag: " + getTagName(transaction));
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -13,44 +13,44 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
#include <memory>
|
||||
#include <utility>
|
||||
|
||||
#include "modsecurity/actions/action.h"
|
||||
#include "src/actions/action_with_run_time_string.h"
|
||||
#include "src/actions/action_allowed_in_sec_default_action.h"
|
||||
|
||||
#ifndef SRC_ACTIONS_TAG_H_
|
||||
#define SRC_ACTIONS_TAG_H_
|
||||
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
namespace actions {
|
||||
|
||||
|
||||
class Tag : public ActionWithRunTimeString {
|
||||
class Tag : public ActionWithRunTimeString,
|
||||
public ActionAllowedAsSecDefaultAction {
|
||||
public:
|
||||
explicit Tag(std::unique_ptr<RunTimeString> runTimeString)
|
||||
: ActionWithRunTimeString(
|
||||
"tag",
|
||||
RunTimeOnlyIfMatchKind,
|
||||
std::move(runTimeString)
|
||||
)
|
||||
{ };
|
||||
: ActionWithRunTimeString(std::move(runTimeString)),
|
||||
Action("tag")
|
||||
{ }
|
||||
|
||||
explicit Tag(const Tag &action)
|
||||
: ActionWithRunTimeString(action)
|
||||
{ };
|
||||
: ActionWithRunTimeString(action),
|
||||
Action(action)
|
||||
{ }
|
||||
|
||||
bool execute(RuleWithActions *rule, Transaction *transaction) override;
|
||||
bool execute(Transaction *transaction) noexcept override;
|
||||
|
||||
inline std::string getTagName(Transaction *transaction) const {
|
||||
return getEvaluatedRunTimeString(transaction);
|
||||
}
|
||||
|
||||
virtual ActionWithRunTimeString *clone() override {
|
||||
|
||||
ActionWithRunTimeString *clone() override {
|
||||
return new Tag(*this);
|
||||
}
|
||||
};
|
||||
|
@ -13,17 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/transformations/base64_decode.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <algorithm>
|
||||
#include <functional>
|
||||
#include <cctype>
|
||||
#include <locale>
|
||||
|
||||
#include "modsecurity/modsecurity.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "src/actions/transformations/transformation.h"
|
||||
#include "src/utils/base64.h"
|
||||
|
||||
|
||||
@ -32,9 +28,9 @@ namespace actions {
|
||||
namespace transformations {
|
||||
|
||||
|
||||
void Base64Decode::execute(Transaction *t,
|
||||
ModSecString &in,
|
||||
ModSecString &out) {
|
||||
void Base64Decode::execute(const Transaction *t,
|
||||
const ModSecString &in,
|
||||
ModSecString &out) noexcept {
|
||||
std::string value(in.c_str(), in.size());
|
||||
std::string ret = Utils::Base64::decode(value);
|
||||
out.assign(ret.c_str(), ret.size());
|
||||
|
@ -13,35 +13,39 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/modsecurity.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
#include "src/actions/transformations/transformation.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_
|
||||
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace transformations {
|
||||
|
||||
|
||||
class Base64Decode : public Transformation {
|
||||
public:
|
||||
explicit Base64Decode(const std::string &action)
|
||||
: Transformation(action) { }
|
||||
Base64Decode()
|
||||
: Action("t:base64Decode")
|
||||
{ }
|
||||
|
||||
void execute(Transaction *t,
|
||||
ModSecString &in,
|
||||
ModSecString &out) override;
|
||||
void execute(const Transaction *t,
|
||||
const ModSecString &in,
|
||||
ModSecString &out) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
} // namespace transformations
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
#endif
|
||||
|
||||
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_
|
||||
|
@ -13,17 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/transformations/base64_decode_ext.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <algorithm>
|
||||
#include <functional>
|
||||
#include <cctype>
|
||||
#include <locale>
|
||||
|
||||
#include "modsecurity/modsecurity.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "src/actions/transformations/transformation.h"
|
||||
#include "src/utils/base64.h"
|
||||
|
||||
|
||||
@ -32,9 +28,9 @@ namespace actions {
|
||||
namespace transformations {
|
||||
|
||||
|
||||
void Base64DecodeExt::execute(Transaction *t,
|
||||
ModSecString &in,
|
||||
ModSecString &out) {
|
||||
void Base64DecodeExt::execute(const Transaction *t,
|
||||
const ModSecString &in,
|
||||
ModSecString &out) noexcept {
|
||||
std::string ret = Utils::Base64::decode_forgiven(in.c_str());
|
||||
out.assign(ret.c_str(), ret.size());
|
||||
}
|
||||
|
@ -13,35 +13,39 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/modsecurity.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
#include "src/actions/transformations/transformation.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_
|
||||
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace transformations {
|
||||
|
||||
|
||||
class Base64DecodeExt : public Transformation {
|
||||
public:
|
||||
explicit Base64DecodeExt(const std::string &action)
|
||||
: Transformation(action) { }
|
||||
Base64DecodeExt()
|
||||
: Action("t:base64DecodeExt")
|
||||
{ }
|
||||
|
||||
void execute(Transaction *t,
|
||||
ModSecString &in,
|
||||
ModSecString &out) override;
|
||||
void execute(const Transaction *t,
|
||||
const ModSecString &in,
|
||||
ModSecString &out) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
} // namespace transformations
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
#endif
|
||||
|
||||
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_
|
||||
|
@ -13,17 +13,13 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "src/actions/transformations/base64_encode.h"
|
||||
|
||||
#include <iostream>
|
||||
#include <string>
|
||||
#include <algorithm>
|
||||
#include <functional>
|
||||
#include <cctype>
|
||||
#include <locale>
|
||||
|
||||
#include "modsecurity/modsecurity.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "src/actions/transformations/transformation.h"
|
||||
#include "src/utils/base64.h"
|
||||
|
||||
|
||||
@ -32,9 +28,9 @@ namespace actions {
|
||||
namespace transformations {
|
||||
|
||||
|
||||
void Base64Encode::execute(Transaction *t,
|
||||
ModSecString &in,
|
||||
ModSecString &out) {
|
||||
void Base64Encode::execute(const Transaction *t,
|
||||
const ModSecString &in,
|
||||
ModSecString &out) noexcept {
|
||||
std::string ret = Utils::Base64::encode(
|
||||
std::string(in.c_str(), in.size()));
|
||||
out.assign(ret.c_str(), ret.size());
|
||||
|
@ -13,35 +13,39 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/modsecurity.h"
|
||||
#include "modsecurity/actions/action.h"
|
||||
|
||||
#include "src/actions/transformations/transformation.h"
|
||||
|
||||
|
||||
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_
|
||||
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_
|
||||
|
||||
#ifdef __cplusplus
|
||||
namespace modsecurity {
|
||||
class Transaction;
|
||||
|
||||
namespace modsecurity {
|
||||
namespace actions {
|
||||
namespace transformations {
|
||||
|
||||
|
||||
class Base64Encode : public Transformation {
|
||||
public:
|
||||
explicit Base64Encode(const std::string &action)
|
||||
: Transformation(action) { }
|
||||
Base64Encode()
|
||||
: Action("t:base64Encode")
|
||||
{ }
|
||||
|
||||
void execute(Transaction *t,
|
||||
ModSecString &in,
|
||||
ModSecString &out) override;
|
||||
void execute(const Transaction *t,
|
||||
const ModSecString &in,
|
||||
ModSecString &out) noexcept override;
|
||||
};
|
||||
|
||||
|
||||
} // namespace transformations
|
||||
} // namespace actions
|
||||
} // namespace modsecurity
|
||||
|
||||
#endif
|
||||
|
||||
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user