github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Core is now ready to deal with SecRulesEngine set to Off

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-09-17 10:59:56 -03:00
parent 11e1a67d58
commit 3e067e7409
2 changed files with 69 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
src/assay.cc
View File

@ -351,8 +351,15 @@ int Assay::processURI(const char *uri, const char *protocol,
*/ */
int Assay::processRequestHeaders() { int Assay::processRequestHeaders() {
debug(4, "Starting phase REQUEST_HEADERS. (SecRules 1)"); debug(4, "Starting phase REQUEST_HEADERS. (SecRules 1)");
this->m_rules->evaluate(ModSecurity::RequestHeadersPhase, this);
return 0; if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
debug(4, "Rule engine disabled, returning...");
return true;
}
this->m_rules->evaluate(ModSecurity::RequestHeadersPhase, this);
return true;
} }
@ -497,6 +504,11 @@ int Assay::addRequestHeader(const unsigned char *key, size_t key_n,
int Assay::processRequestBody() { int Assay::processRequestBody() {
debug(4, "Starting phase REQUEST_BODY. (SecRules 2)"); debug(4, "Starting phase REQUEST_BODY. (SecRules 2)");
if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
debug(4, "Rule engine disabled, returning...");
return true;
}
if (resolve_variable_first("INBOUND_DATA_ERROR") == NULL) { if (resolve_variable_first("INBOUND_DATA_ERROR") == NULL) {
store_variable("INBOUND_DATA_ERROR", "0"); store_variable("INBOUND_DATA_ERROR", "0");
} }
@ -637,7 +649,7 @@ int Assay::processRequestBody() {
} }
this->m_rules->evaluate(ModSecurity::RequestBodyPhase, this); this->m_rules->evaluate(ModSecurity::RequestBodyPhase, this);
return 0; return true;
} }
@ -721,7 +733,7 @@ int Assay::appendRequestBody(const unsigned char *buf, size_t len) {
this->m_requestBody.write(reinterpret_cast<const char*>(buf), len); this->m_requestBody.write(reinterpret_cast<const char*>(buf), len);
return 0; return true;
} }
@ -741,8 +753,14 @@ int Assay::appendRequestBody(const unsigned char *buf, size_t len) {
*/ */
int Assay::processResponseHeaders() { int Assay::processResponseHeaders() {
debug(4, "Starting phase RESPONSE_HEADERS. (SecRules 3)"); debug(4, "Starting phase RESPONSE_HEADERS. (SecRules 3)");
if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
debug(4, "Rule engine disabled, returning...");
return true;
}
this->m_rules->evaluate(ModSecurity::ResponseHeadersPhase, this); this->m_rules->evaluate(ModSecurity::ResponseHeadersPhase, this);
return 0; return true;
} }
@ -853,6 +871,11 @@ int Assay::addResponseHeader(const unsigned char *key, size_t key_n,
int Assay::processResponseBody() { int Assay::processResponseBody() {
debug(4, "Starting phase RESPONSE_BODY. (SecRules 4)"); debug(4, "Starting phase RESPONSE_BODY. (SecRules 4)");
if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
debug(4, "Rule engine disabled, returning...");
return true;
}
if (resolve_variable_first("OUTBOUND_DATA_ERROR") == NULL) { if (resolve_variable_first("OUTBOUND_DATA_ERROR") == NULL) {
store_variable("OUTBOUND_DATA_ERROR", "0"); store_variable("OUTBOUND_DATA_ERROR", "0");
} }
@ -862,7 +885,7 @@ int Assay::processResponseBody() {
std::to_string(m_responseBody.str().size())); std::to_string(m_responseBody.str().size()));
this->m_rules->evaluate(ModSecurity::ResponseBodyPhase, this); this->m_rules->evaluate(ModSecurity::ResponseBodyPhase, this);
return 0; return true;
} }
@ -983,6 +1006,12 @@ int Assay::getResponseBodyLenth() {
*/ */
int Assay::processLogging(int returned_code) { int Assay::processLogging(int returned_code) {
debug(4, "Starting phase LOGGING. (SecRules 5)"); debug(4, "Starting phase LOGGING. (SecRules 5)");
if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
debug(4, "Rule engine disabled, returning...");
return true;
}
this->httpCodeReturned = returned_code; this->httpCodeReturned = returned_code;
this->m_rules->evaluate(ModSecurity::LoggingPhase, this); this->m_rules->evaluate(ModSecurity::LoggingPhase, this);
@ -1015,7 +1044,7 @@ int Assay::processLogging(int returned_code) {
} }
} }
return 0; return true;
} }

34
test/test-cases/regression/secruleengine.json
View File

@ -20,7 +20,7 @@
"version_min":300000, "version_min":300000,
"title":"Testing Disruptive actions (2/n)", "title":"Testing Disruptive actions (2/n)",
"expected":{ "expected":{
"debug_log": "_Not_ running action: deny. Rule _does not_ contains a disruptive action, but SecRuleEngine is not On.", "debug_log": "Rule engine disabled, returning...",
"http_code":200 "http_code":200
}, },
"rules":[ "rules":[
@ -46,5 +46,37 @@
"SecDefaultAction \"phase:2,deny,status:404\"", "SecDefaultAction \"phase:2,deny,status:404\"",
"SecAction \"id:'1',phase:request,nolog,block,t:none\"" "SecAction \"id:'1',phase:request,nolog,block,t:none\""
] ]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Disruptive actions (4/n)",
"expected":{
"debug_log": "Rule engine disabled, returning...",
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecRuleEngine Off",
"SecDefaultAction \"phase:2,deny,status:404\"",
"SecAction \"'id:'1',phase:request,nolog,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Disruptive actions (5/n)",
"expected":{
"debug_log": "Rule engine disabled, returning...",
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecRuleEngine Off",
"SecDefaultAction \"phase:2,deny,status:404\"",
"SecAction \"id:'1',phase:request,nolog,block,t:none\""
]
} }
] ]