From 3e067e7409c39b17e007ced106e75a79ec88ad2f Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <fcosta@trustwave.com>
Date: Thu, 17 Sep 2015 10:59:56 -0300
Subject: [PATCH] Core is now ready to deal with SecRulesEngine set to Off

---
 src/assay.cc                                  | 43 ++++++++++++++++---
 test/test-cases/regression/secruleengine.json | 34 ++++++++++++++-
 2 files changed, 69 insertions(+), 8 deletions(-)

diff --git a/src/assay.cc b/src/assay.cc
index 5e857b08..6cc04c91 100644
--- a/src/assay.cc
+++ b/src/assay.cc
@@ -351,8 +351,15 @@ int Assay::processURI(const char *uri, const char *protocol,
  */
 int Assay::processRequestHeaders() {
     debug(4, "Starting phase REQUEST_HEADERS.  (SecRules 1)");
-        this->m_rules->evaluate(ModSecurity::RequestHeadersPhase, this);
-    return 0;
+
+    if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
+        debug(4, "Rule engine disabled, returning...");
+        return true;
+    }
+
+    this->m_rules->evaluate(ModSecurity::RequestHeadersPhase, this);
+
+    return true;
 }
 
 
@@ -497,6 +504,11 @@ int Assay::addRequestHeader(const unsigned char *key, size_t key_n,
 int Assay::processRequestBody() {
     debug(4, "Starting phase REQUEST_BODY. (SecRules 2)");
 
+    if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
+        debug(4, "Rule engine disabled, returning...");
+        return true;
+    }
+
     if (resolve_variable_first("INBOUND_DATA_ERROR") == NULL) {
         store_variable("INBOUND_DATA_ERROR", "0");
     }
@@ -637,7 +649,7 @@ int Assay::processRequestBody() {
     }
 
     this->m_rules->evaluate(ModSecurity::RequestBodyPhase, this);
-    return 0;
+    return true;
 }
 
 
@@ -721,7 +733,7 @@ int Assay::appendRequestBody(const unsigned char *buf, size_t len) {
 
     this->m_requestBody.write(reinterpret_cast<const char*>(buf), len);
 
-    return 0;
+    return true;
 }
 
 
@@ -741,8 +753,14 @@ int Assay::appendRequestBody(const unsigned char *buf, size_t len) {
  */
 int Assay::processResponseHeaders() {
     debug(4, "Starting phase RESPONSE_HEADERS. (SecRules 3)");
+
+    if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
+        debug(4, "Rule engine disabled, returning...");
+        return true;
+    }
+
     this->m_rules->evaluate(ModSecurity::ResponseHeadersPhase, this);
-    return 0;
+    return true;
 }
 
 
@@ -853,6 +871,11 @@ int Assay::addResponseHeader(const unsigned char *key, size_t key_n,
 int Assay::processResponseBody() {
     debug(4, "Starting phase RESPONSE_BODY. (SecRules 4)");
 
+    if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
+        debug(4, "Rule engine disabled, returning...");
+        return true;
+    }
+
     if (resolve_variable_first("OUTBOUND_DATA_ERROR") == NULL) {
         store_variable("OUTBOUND_DATA_ERROR", "0");
     }
@@ -862,7 +885,7 @@ int Assay::processResponseBody() {
         std::to_string(m_responseBody.str().size()));
 
     this->m_rules->evaluate(ModSecurity::ResponseBodyPhase, this);
-    return 0;
+    return true;
 }
 
 
@@ -983,6 +1006,12 @@ int Assay::getResponseBodyLenth() {
  */
 int Assay::processLogging(int returned_code) {
     debug(4, "Starting phase LOGGING. (SecRules 5)");
+
+    if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
+        debug(4, "Rule engine disabled, returning...");
+        return true;
+    }
+
     this->httpCodeReturned = returned_code;
     this->m_rules->evaluate(ModSecurity::LoggingPhase, this);
 
@@ -1015,7 +1044,7 @@ int Assay::processLogging(int returned_code) {
         }
     }
 
-    return 0;
+    return true;
 }
 
 
diff --git a/test/test-cases/regression/secruleengine.json b/test/test-cases/regression/secruleengine.json
index 94e367db..75526c5e 100644
--- a/test/test-cases/regression/secruleengine.json
+++ b/test/test-cases/regression/secruleengine.json
@@ -20,7 +20,7 @@
     "version_min":300000,
     "title":"Testing Disruptive actions (2/n)",
     "expected":{
-      "debug_log": "_Not_ running action: deny. Rule _does not_ contains a disruptive action, but SecRuleEngine is not On.",
+      "debug_log": "Rule engine disabled, returning...",
       "http_code":200
     },
     "rules":[
@@ -46,5 +46,37 @@
       "SecDefaultAction \"phase:2,deny,status:404\"",
       "SecAction \"id:'1',phase:request,nolog,block,t:none\""
     ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Disruptive actions (4/n)",
+    "expected":{
+      "debug_log": "Rule engine disabled, returning...",
+      "http_code":200
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecRuleEngine Off",
+      "SecDefaultAction \"phase:2,deny,status:404\"",
+      "SecAction \"'id:'1',phase:request,nolog,t:none\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Disruptive actions (5/n)",
+    "expected":{
+      "debug_log": "Rule engine disabled, returning...",
+      "http_code":200
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecRuleEngine Off",
+      "SecDefaultAction \"phase:2,deny,status:404\"",
+      "SecAction \"id:'1',phase:request,nolog,block,t:none\""
+    ]
   }
 ]
\ No newline at end of file