diff --git a/configure.ac b/configure.ac
index e7ba58f0..f46b5f06 100644
--- a/configure.ac
+++ b/configure.ac
@@ -247,6 +247,20 @@ AC_ARG_ENABLE(examples,
[buildExamples=true]
)
+# Parser
+AC_ARG_ENABLE(parser-generation,
+ [AC_HELP_STRING([--enable-parser-generation],[Enables parser generation during the build])],
+
+ [case "${enableval}" in
+ yes) buildParser=true ;;
+ no) buildParser=false ;;
+ *) AC_MSG_ERROR(bad value ${enableval} for --enable-parser-generation) ;;
+ esac],
+
+ [buildParser=false]
+ )
+
+
# Decide if we want to build the tests or not.
@@ -268,6 +282,7 @@ if test $buildTestUtilities = true; then
fi
AM_CONDITIONAL([EXAMPLES], [test $buildExamples = true])
+AM_CONDITIONAL([BUILD_PARSER], [test $buildParser = true])
# General link options
@@ -308,6 +323,10 @@ AM_COND_IF([EXAMPLES],
AM_COND_IF([AFL_FUZZER],
[AC_CONFIG_FILES([test/fuzzer/Makefile])])
+AM_COND_IF([BUILD_PARSER],
+ [AC_CONFIG_FILES([src/parser/Makefile])])
+
+
AC_CONFIG_HEADERS([src/config.h])
@@ -464,7 +483,11 @@ if test "$buildExamples" = "true"; then
else
echo " + library examples ....disabled"
fi
-
+if test "$buildParser" = "true"; then
+ echo " + Building parser ....enabled"
+else
+ echo " + Building parser ....disabled"
+fi
echo " "
diff --git a/src/Makefile.am b/src/Makefile.am
index ed63d057..8e09559b 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,19 +1,19 @@
-BUILT_SOURCES= \
- parser/seclang-parser.cc
+if BUILD_PARSER
+export MAYBE_PARSER = parser
+endif
+
+
+SUBDIRS = \
+ $(MAYBE_PARSER)
+
+
lib_LTLIBRARIES = libmodsecurity.la
libmodsecurity_ladir = $(prefix)/include
libmodsecurity_includesub_collectiondir = $(pkgincludedir)/collection/
libmodsecurity_includesub_actionsdir = $(pkgincludedir)/actions/
-CLEANFILES = \
- location.hh \
- position.hh \
- parser/seclang-parser.cc \
- parser/seclang-parser.hh \
- parser/seclang-scanner.cc \
- stack.hh
EXTRA_DIST = $(CLEANFILES)
@@ -238,8 +238,8 @@ BODY_PROCESSORS = \
libmodsecurity_la_SOURCES = \
- parser/seclang-parser.yy \
- parser/seclang-scanner.ll \
+ parser/seclang-parser.cc \
+ parser/seclang-scanner.cc \
parser/driver.cc \
transaction.cc \
audit_log/audit_log.cc \
diff --git a/src/parser/location.hh b/src/parser/location.hh
new file mode 100644
index 00000000..8f642596
--- /dev/null
+++ b/src/parser/location.hh
@@ -0,0 +1,192 @@
+// A Bison parser, made by GNU Bison 3.0.4.
+
+// Locations for Bison parsers in C++
+
+// Copyright (C) 2002-2015 Free Software Foundation, Inc.
+
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see .
+
+// As a special exception, you may create a larger work that contains
+// part or all of the Bison parser skeleton and distribute that work
+// under terms of your choice, so long as that work isn't itself a
+// parser generator using the skeleton or a modified version thereof
+// as a parser skeleton. Alternatively, if you modify or redistribute
+// the parser skeleton itself, you may (at your option) remove this
+// special exception, which will cause the skeleton and the resulting
+// Bison output files to be licensed under the GNU General Public
+// License without this special exception.
+
+// This special exception was added by the Free Software Foundation in
+// version 2.2 of Bison.
+
+/**
+ ** \file location.hh
+ ** Define the yy::location class.
+ */
+
+#ifndef YY_YY_LOCATION_HH_INCLUDED
+# define YY_YY_LOCATION_HH_INCLUDED
+
+# include "position.hh"
+
+
+namespace yy {
+#line 46 "location.hh" // location.cc:296
+ /// Abstract a location.
+ class location
+ {
+ public:
+
+ /// Construct a location from \a b to \a e.
+ location (const position& b, const position& e)
+ : begin (b)
+ , end (e)
+ {
+ }
+
+ /// Construct a 0-width location in \a p.
+ explicit location (const position& p = position ())
+ : begin (p)
+ , end (p)
+ {
+ }
+
+ /// Construct a 0-width location in \a f, \a l, \a c.
+ explicit location (std::string* f,
+ unsigned int l = 1u,
+ unsigned int c = 1u)
+ : begin (f, l, c)
+ , end (f, l, c)
+ {
+ }
+
+
+ /// Initialization.
+ void initialize (std::string* f = YY_NULLPTR,
+ unsigned int l = 1u,
+ unsigned int c = 1u)
+ {
+ begin.initialize (f, l, c);
+ end = begin;
+ }
+
+ /** \name Line and Column related manipulators
+ ** \{ */
+ public:
+ /// Reset initial location to final location.
+ void step ()
+ {
+ begin = end;
+ }
+
+ /// Extend the current location to the COUNT next columns.
+ void columns (int count = 1)
+ {
+ end += count;
+ }
+
+ /// Extend the current location to the COUNT next lines.
+ void lines (int count = 1)
+ {
+ end.lines (count);
+ }
+ /** \} */
+
+
+ public:
+ /// Beginning of the located region.
+ position begin;
+ /// End of the located region.
+ position end;
+ };
+
+ /// Join two locations, in place.
+ inline location& operator+= (location& res, const location& end)
+ {
+ res.end = end.end;
+ return res;
+ }
+
+ /// Join two locations.
+ inline location operator+ (location res, const location& end)
+ {
+ return res += end;
+ }
+
+ /// Add \a width columns to the end position, in place.
+ inline location& operator+= (location& res, int width)
+ {
+ res.columns (width);
+ return res;
+ }
+
+ /// Add \a width columns to the end position.
+ inline location operator+ (location res, int width)
+ {
+ return res += width;
+ }
+
+ /// Subtract \a width columns to the end position, in place.
+ inline location& operator-= (location& res, int width)
+ {
+ return res += -width;
+ }
+
+ /// Subtract \a width columns to the end position.
+ inline location operator- (location res, int width)
+ {
+ return res -= width;
+ }
+
+ /// Compare two location objects.
+ inline bool
+ operator== (const location& loc1, const location& loc2)
+ {
+ return loc1.begin == loc2.begin && loc1.end == loc2.end;
+ }
+
+ /// Compare two location objects.
+ inline bool
+ operator!= (const location& loc1, const location& loc2)
+ {
+ return !(loc1 == loc2);
+ }
+
+ /** \brief Intercept output stream redirection.
+ ** \param ostr the destination output stream
+ ** \param loc a reference to the location to redirect
+ **
+ ** Avoid duplicate information.
+ */
+ template
+ inline std::basic_ostream&
+ operator<< (std::basic_ostream& ostr, const location& loc)
+ {
+ unsigned int end_col = 0 < loc.end.column ? loc.end.column - 1 : 0;
+ ostr << loc.begin;
+ if (loc.end.filename
+ && (!loc.begin.filename
+ || *loc.begin.filename != *loc.end.filename))
+ ostr << '-' << loc.end.filename << ':' << loc.end.line << '.' << end_col;
+ else if (loc.begin.line < loc.end.line)
+ ostr << '-' << loc.end.line << '.' << end_col;
+ else if (loc.begin.column < end_col)
+ ostr << '-' << end_col;
+ return ostr;
+ }
+
+
+} // yy
+#line 192 "location.hh" // location.cc:296
+#endif // !YY_YY_LOCATION_HH_INCLUDED
diff --git a/src/parser/position.hh b/src/parser/position.hh
new file mode 100644
index 00000000..5cd394ac
--- /dev/null
+++ b/src/parser/position.hh
@@ -0,0 +1,180 @@
+// A Bison parser, made by GNU Bison 3.0.4.
+
+// Positions for Bison parsers in C++
+
+// Copyright (C) 2002-2015 Free Software Foundation, Inc.
+
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see .
+
+// As a special exception, you may create a larger work that contains
+// part or all of the Bison parser skeleton and distribute that work
+// under terms of your choice, so long as that work isn't itself a
+// parser generator using the skeleton or a modified version thereof
+// as a parser skeleton. Alternatively, if you modify or redistribute
+// the parser skeleton itself, you may (at your option) remove this
+// special exception, which will cause the skeleton and the resulting
+// Bison output files to be licensed under the GNU General Public
+// License without this special exception.
+
+// This special exception was added by the Free Software Foundation in
+// version 2.2 of Bison.
+
+/**
+ ** \file position.hh
+ ** Define the yy::position class.
+ */
+
+#ifndef YY_YY_POSITION_HH_INCLUDED
+# define YY_YY_POSITION_HH_INCLUDED
+
+# include // std::max
+# include
+# include
+
+# ifndef YY_NULLPTR
+# if defined __cplusplus && 201103L <= __cplusplus
+# define YY_NULLPTR nullptr
+# else
+# define YY_NULLPTR 0
+# endif
+# endif
+
+
+namespace yy {
+#line 56 "position.hh" // location.cc:296
+ /// Abstract a position.
+ class position
+ {
+ public:
+ /// Construct a position.
+ explicit position (std::string* f = YY_NULLPTR,
+ unsigned int l = 1u,
+ unsigned int c = 1u)
+ : filename (f)
+ , line (l)
+ , column (c)
+ {
+ }
+
+
+ /// Initialization.
+ void initialize (std::string* fn = YY_NULLPTR,
+ unsigned int l = 1u,
+ unsigned int c = 1u)
+ {
+ filename = fn;
+ line = l;
+ column = c;
+ }
+
+ /** \name Line and Column related manipulators
+ ** \{ */
+ /// (line related) Advance to the COUNT next lines.
+ void lines (int count = 1)
+ {
+ if (count)
+ {
+ column = 1u;
+ line = add_ (line, count, 1);
+ }
+ }
+
+ /// (column related) Advance to the COUNT next columns.
+ void columns (int count = 1)
+ {
+ column = add_ (column, count, 1);
+ }
+ /** \} */
+
+ /// File name to which this position refers.
+ std::string* filename;
+ /// Current line number.
+ unsigned int line;
+ /// Current column number.
+ unsigned int column;
+
+ private:
+ /// Compute max(min, lhs+rhs) (provided min <= lhs).
+ static unsigned int add_ (unsigned int lhs, int rhs, unsigned int min)
+ {
+ return (0 < rhs || -static_cast(rhs) < lhs
+ ? rhs + lhs
+ : min);
+ }
+ };
+
+ /// Add \a width columns, in place.
+ inline position&
+ operator+= (position& res, int width)
+ {
+ res.columns (width);
+ return res;
+ }
+
+ /// Add \a width columns.
+ inline position
+ operator+ (position res, int width)
+ {
+ return res += width;
+ }
+
+ /// Subtract \a width columns, in place.
+ inline position&
+ operator-= (position& res, int width)
+ {
+ return res += -width;
+ }
+
+ /// Subtract \a width columns.
+ inline position
+ operator- (position res, int width)
+ {
+ return res -= width;
+ }
+
+ /// Compare two position objects.
+ inline bool
+ operator== (const position& pos1, const position& pos2)
+ {
+ return (pos1.line == pos2.line
+ && pos1.column == pos2.column
+ && (pos1.filename == pos2.filename
+ || (pos1.filename && pos2.filename
+ && *pos1.filename == *pos2.filename)));
+ }
+
+ /// Compare two position objects.
+ inline bool
+ operator!= (const position& pos1, const position& pos2)
+ {
+ return !(pos1 == pos2);
+ }
+
+ /** \brief Intercept output stream redirection.
+ ** \param ostr the destination output stream
+ ** \param pos a reference to the position to redirect
+ */
+ template
+ inline std::basic_ostream&
+ operator<< (std::basic_ostream& ostr, const position& pos)
+ {
+ if (pos.filename)
+ ostr << *pos.filename << ':';
+ return ostr << pos.line << '.' << pos.column;
+ }
+
+
+} // yy
+#line 180 "position.hh" // location.cc:296
+#endif // !YY_YY_POSITION_HH_INCLUDED
diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc
new file mode 100644
index 00000000..8c443a30
--- /dev/null
+++ b/src/parser/seclang-parser.cc
@@ -0,0 +1,4012 @@
+// A Bison parser, made by GNU Bison 3.0.4.
+
+// Skeleton implementation for Bison LALR(1) parsers in C++
+
+// Copyright (C) 2002-2015 Free Software Foundation, Inc.
+
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with this program. If not, see .
+
+// As a special exception, you may create a larger work that contains
+// part or all of the Bison parser skeleton and distribute that work
+// under terms of your choice, so long as that work isn't itself a
+// parser generator using the skeleton or a modified version thereof
+// as a parser skeleton. Alternatively, if you modify or redistribute
+// the parser skeleton itself, you may (at your option) remove this
+// special exception, which will cause the skeleton and the resulting
+// Bison output files to be licensed under the GNU General Public
+// License without this special exception.
+
+// This special exception was added by the Free Software Foundation in
+// version 2.2 of Bison.
+
+
+// First part of user declarations.
+
+#line 37 "seclang-parser.cc" // lalr1.cc:404
+
+# ifndef YY_NULLPTR
+# if defined __cplusplus && 201103L <= __cplusplus
+# define YY_NULLPTR nullptr
+# else
+# define YY_NULLPTR 0
+# endif
+# endif
+
+#include "seclang-parser.hh"
+
+// User implementation prologue.
+
+#line 51 "seclang-parser.cc" // lalr1.cc:412
+// Unqualified %code blocks.
+#line 251 "seclang-parser.yy" // lalr1.cc:413
+
+#include "src/parser/driver.h"
+
+#line 57 "seclang-parser.cc" // lalr1.cc:413
+
+
+#ifndef YY_
+# if defined YYENABLE_NLS && YYENABLE_NLS
+# if ENABLE_NLS
+# include // FIXME: INFRINGES ON USER NAME SPACE.
+# define YY_(msgid) dgettext ("bison-runtime", msgid)
+# endif
+# endif
+# ifndef YY_
+# define YY_(msgid) msgid
+# endif
+#endif
+
+#define YYRHSLOC(Rhs, K) ((Rhs)[K].location)
+/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N].
+ If N is 0, then set CURRENT to the empty location which ends
+ the previous symbol: RHS[0] (always defined). */
+
+# ifndef YYLLOC_DEFAULT
+# define YYLLOC_DEFAULT(Current, Rhs, N) \
+ do \
+ if (N) \
+ { \
+ (Current).begin = YYRHSLOC (Rhs, 1).begin; \
+ (Current).end = YYRHSLOC (Rhs, N).end; \
+ } \
+ else \
+ { \
+ (Current).begin = (Current).end = YYRHSLOC (Rhs, 0).end; \
+ } \
+ while (/*CONSTCOND*/ false)
+# endif
+
+
+// Suppress unused-variable warnings by "using" E.
+#define YYUSE(E) ((void) (E))
+
+// Enable debugging if requested.
+#if YYDEBUG
+
+// A pseudo ostream that takes yydebug_ into account.
+# define YYCDEBUG if (yydebug_) (*yycdebug_)
+
+# define YY_SYMBOL_PRINT(Title, Symbol) \
+ do { \
+ if (yydebug_) \
+ { \
+ *yycdebug_ << Title << ' '; \
+ yy_print_ (*yycdebug_, Symbol); \
+ *yycdebug_ << std::endl; \
+ } \
+ } while (false)
+
+# define YY_REDUCE_PRINT(Rule) \
+ do { \
+ if (yydebug_) \
+ yy_reduce_print_ (Rule); \
+ } while (false)
+
+# define YY_STACK_PRINT() \
+ do { \
+ if (yydebug_) \
+ yystack_print_ (); \
+ } while (false)
+
+#else // !YYDEBUG
+
+# define YYCDEBUG if (false) std::cerr
+# define YY_SYMBOL_PRINT(Title, Symbol) YYUSE(Symbol)
+# define YY_REDUCE_PRINT(Rule) static_cast(0)
+# define YY_STACK_PRINT() static_cast(0)
+
+#endif // !YYDEBUG
+
+#define yyerrok (yyerrstatus_ = 0)
+#define yyclearin (yyla.clear ())
+
+#define YYACCEPT goto yyacceptlab
+#define YYABORT goto yyabortlab
+#define YYERROR goto yyerrorlab
+#define YYRECOVERING() (!!yyerrstatus_)
+
+
+namespace yy {
+#line 143 "seclang-parser.cc" // lalr1.cc:479
+
+ /* Return YYSTR after stripping away unnecessary quotes and
+ backslashes, so that it's suitable for yyerror. The heuristic is
+ that double-quoting is unnecessary unless the string contains an
+ apostrophe, a comma, or backslash (other than backslash-backslash).
+ YYSTR is taken from yytname. */
+ std::string
+ seclang_parser::yytnamerr_ (const char *yystr)
+ {
+ if (*yystr == '"')
+ {
+ std::string yyr = "";
+ char const *yyp = yystr;
+
+ for (;;)
+ switch (*++yyp)
+ {
+ case '\'':
+ case ',':
+ goto do_not_strip_quotes;
+
+ case '\\':
+ if (*++yyp != '\\')
+ goto do_not_strip_quotes;
+ // Fall through.
+ default:
+ yyr += *yyp;
+ break;
+
+ case '"':
+ return yyr;
+ }
+ do_not_strip_quotes: ;
+ }
+
+ return yystr;
+ }
+
+
+ /// Build a parser object.
+ seclang_parser::seclang_parser (modsecurity::Parser::Driver& driver_yyarg)
+ :
+#if YYDEBUG
+ yydebug_ (false),
+ yycdebug_ (&std::cerr),
+#endif
+ driver (driver_yyarg)
+ {}
+
+ seclang_parser::~seclang_parser ()
+ {}
+
+
+ /*---------------.
+ | Symbol types. |
+ `---------------*/
+
+
+
+ // by_state.
+ inline
+ seclang_parser::by_state::by_state ()
+ : state (empty_state)
+ {}
+
+ inline
+ seclang_parser::by_state::by_state (const by_state& other)
+ : state (other.state)
+ {}
+
+ inline
+ void
+ seclang_parser::by_state::clear ()
+ {
+ state = empty_state;
+ }
+
+ inline
+ void
+ seclang_parser::by_state::move (by_state& that)
+ {
+ state = that.state;
+ that.clear ();
+ }
+
+ inline
+ seclang_parser::by_state::by_state (state_type s)
+ : state (s)
+ {}
+
+ inline
+ seclang_parser::symbol_number_type
+ seclang_parser::by_state::type_get () const
+ {
+ if (state == empty_state)
+ return empty_symbol;
+ else
+ return yystos_[state];
+ }
+
+ inline
+ seclang_parser::stack_symbol_type::stack_symbol_type ()
+ {}
+
+
+ inline
+ seclang_parser::stack_symbol_type::stack_symbol_type (state_type s, symbol_type& that)
+ : super_type (s, that.location)
+ {
+ switch (that.type_get ())
+ {
+ case 6: // "Accuracy"
+ case 7: // "Allow"
+ case 8: // "Append"
+ case 9: // "AuditLog"
+ case 10: // "Block"
+ case 11: // "Capture"
+ case 12: // "Chain"
+ case 13: // "ACTION_CTL_AUDIT_ENGINE"
+ case 14: // "ACTION_CTL_AUDIT_LOG_PARTS"
+ case 15: // "ACTION_CTL_BDY_JSON"
+ case 16: // "ACTION_CTL_BDY_XML"
+ case 17: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+ case 18: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+ case 19: // "ACTION_CTL_RULE_ENGINE"
+ case 20: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+ case 21: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+ case 22: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+ case 23: // "Deny"
+ case 24: // "DeprecateVar"
+ case 25: // "Drop"
+ case 26: // "Exec"
+ case 27: // "ExpireVar"
+ case 28: // "Id"
+ case 29: // "InitCol"
+ case 30: // "Log"
+ case 31: // "LogData"
+ case 32: // "Maturity"
+ case 33: // "Msg"
+ case 34: // "MultiMatch"
+ case 35: // "NoAuditLog"
+ case 36: // "NoLog"
+ case 37: // "Pass"
+ case 38: // "Pause"
+ case 39: // "Phase"
+ case 40: // "Prepend"
+ case 41: // "Proxy"
+ case 42: // "Redirect"
+ case 43: // "Rev"
+ case 44: // "SanatiseArg"
+ case 45: // "SanatiseMatched"
+ case 46: // "SanatiseMatchedBytes"
+ case 47: // "SanatiseRequestHeader"
+ case 48: // "SanatiseResponseHeader"
+ case 49: // "SetEnv"
+ case 50: // "SetSrc"
+ case 51: // "SetSid"
+ case 52: // "SetUID"
+ case 53: // "SetVar"
+ case 54: // "Severity"
+ case 55: // "Skip"
+ case 56: // "SkipAfter"
+ case 57: // "Status"
+ case 58: // "Tag"
+ case 59: // "ACTION_TRANSFORMATION_CMD_LINE"
+ case 60: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+ case 61: // "ACTION_TRANSFORMATION_CSS_DECODE"
+ case 62: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+ case 63: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+ case 64: // "ACTION_TRANSFORMATION_JS_DECODE"
+ case 65: // "ACTION_TRANSFORMATION_LENGTH"
+ case 66: // "ACTION_TRANSFORMATION_LOWERCASE"
+ case 67: // "ACTION_TRANSFORMATION_MD5"
+ case 68: // "ACTION_TRANSFORMATION_NONE"
+ case 69: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+ case 70: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+ case 71: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+ case 72: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+ case 73: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+ case 74: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+ case 75: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+ case 76: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+ case 77: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+ case 78: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+ case 79: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+ case 80: // "ACTION_TRANSFORMATION_SHA1"
+ case 81: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+ case 82: // "ACTION_TRANSFORMATION_TRIM"
+ case 83: // "ACTION_TRANSFORMATION_URL_DECODE"
+ case 84: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+ case 85: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+ case 86: // "Ver"
+ case 87: // "xmlns"
+ case 88: // "CONFIG_COMPONENT_SIG"
+ case 89: // "CONFIG_DIR_AUDIT_DIR"
+ case 90: // "CONFIG_DIR_AUDIT_DIR_MOD"
+ case 91: // "CONFIG_DIR_AUDIT_ENG"
+ case 92: // "CONFIG_DIR_AUDIT_FLE_MOD"
+ case 93: // "CONFIG_DIR_AUDIT_LOG"
+ case 94: // "CONFIG_DIR_AUDIT_LOG2"
+ case 95: // "CONFIG_DIR_AUDIT_LOG_P"
+ case 96: // "CONFIG_DIR_AUDIT_STS"
+ case 97: // "CONFIG_DIR_AUDIT_TPE"
+ case 98: // "CONFIG_DIR_DEBUG_LOG"
+ case 99: // "CONFIG_DIR_DEBUG_LVL"
+ case 100: // "CONFIG_DIR_GEO_DB"
+ case 101: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+ case 102: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+ case 103: // "CONFIG_DIR_REQ_BODY"
+ case 104: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+ case 105: // "CONFIG_DIR_REQ_BODY_LIMIT"
+ case 106: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+ case 107: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+ case 108: // "CONFIG_DIR_RES_BODY"
+ case 109: // "CONFIG_DIR_RES_BODY_LIMIT"
+ case 110: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+ case 111: // "CONFIG_DIR_RULE_ENG"
+ case 112: // "CONFIG_DIR_SEC_ACTION"
+ case 113: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+ case 114: // "CONFIG_DIR_SEC_MARKER"
+ case 115: // "CONFIG_DIR_UNICODE_MAP_FILE"
+ case 116: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+ case 117: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+ case 118: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+ case 119: // "CONFIG_UPDLOAD_KEEP_FILES"
+ case 120: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+ case 121: // "CONFIG_UPLOAD_DIR"
+ case 122: // "CONFIG_UPLOAD_FILE_LIMIT"
+ case 123: // "CONFIG_UPLOAD_FILE_MODE"
+ case 124: // "CONFIG_VALUE_ABORT"
+ case 125: // "CONFIG_VALUE_DETC"
+ case 126: // "CONFIG_VALUE_HTTPS"
+ case 127: // "CONFIG_VALUE_OFF"
+ case 128: // "CONFIG_VALUE_ON"
+ case 129: // "CONFIG_VALUE_PARALLEL"
+ case 130: // "CONFIG_VALUE_PROCESS_PARTIAL"
+ case 131: // "CONFIG_VALUE_REJECT"
+ case 132: // "CONFIG_VALUE_RELEVANT_ONLY"
+ case 133: // "CONFIG_VALUE_SERIAL"
+ case 134: // "CONFIG_VALUE_WARN"
+ case 135: // "CONFIG_XML_EXTERNAL_ENTITY"
+ case 136: // "CONGIG_DIR_RESPONSE_BODY_MP"
+ case 137: // "CONGIG_DIR_SEC_ARG_SEP"
+ case 138: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+ case 139: // "CONGIG_DIR_SEC_DATA_DIR"
+ case 140: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+ case 141: // "CONGIG_DIR_SEC_TMP_DIR"
+ case 142: // "DIRECTIVE"
+ case 143: // "DIRECTIVE_SECRULESCRIPT"
+ case 144: // "FREE_TEXT"
+ case 145: // "NOT"
+ case 146: // "OPERATOR"
+ case 147: // "OPERATOR_BEGINS_WITH"
+ case 148: // "OPERATOR_CONTAINS"
+ case 149: // "OPERATOR_CONTAINS_WORD"
+ case 150: // "OPERATOR_DETECT_SQLI"
+ case 151: // "OPERATOR_DETECT_XSS"
+ case 152: // "OPERATOR_ENDS_WITH"
+ case 153: // "OPERATOR_EQ"
+ case 154: // "OPERATOR_FUZZY_HASH"
+ case 155: // "OPERATOR_GE"
+ case 156: // "OPERATOR_GEOLOOKUP"
+ case 157: // "OPERATOR_GSB_LOOKUP"
+ case 158: // "OPERATOR_GT"
+ case 159: // "OPERATOR_INSPECT_FILE"
+ case 160: // "OPERATOR_IP_MATCH"
+ case 161: // "OPERATOR_IP_MATCH_FROM_FILE"
+ case 162: // "OPERATOR_LE"
+ case 163: // "OPERATOR_LT"
+ case 164: // "OPERATOR_PM"
+ case 165: // "OPERATOR_PM_FROM_FILE"
+ case 166: // "OPERATOR_RBL"
+ case 167: // "OPERATOR_RSUB"
+ case 168: // "OPERATOR_RX"
+ case 169: // "Operator Rx"
+ case 170: // "OPERATOR_STR_EQ"
+ case 171: // "OPERATOR_STR_MATCH"
+ case 172: // "OPERATOR_UNCONDITIONAL_MATCH"
+ case 173: // "OPERATOR_VALIDATE_BYTE_RANGE"
+ case 174: // "OPERATOR_VALIDATE_DTD"
+ case 175: // "OPERATOR_VALIDATE_HASH"
+ case 176: // "OPERATOR_VALIDATE_SCHEMA"
+ case 177: // "OPERATOR_VALIDATE_URL_ENCODING"
+ case 178: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+ case 179: // "OPERATOR_VERIFY_CC"
+ case 180: // "OPERATOR_VERIFY_CPF"
+ case 181: // "OPERATOR_VERIFY_SSN"
+ case 182: // "OPERATOR_WITHIN"
+ case 183: // "OP_QUOTE"
+ case 184: // "QUOTATION_MARK"
+ case 185: // "RUN_TIME_VAR_BLD"
+ case 186: // "RUN_TIME_VAR_DUR"
+ case 187: // "RUN_TIME_VAR_ENV"
+ case 188: // "RUN_TIME_VAR_HSV"
+ case 189: // "RUN_TIME_VAR_REMOTE_USER"
+ case 190: // "RUN_TIME_VAR_RULE"
+ case 191: // "RUN_TIME_VAR_TIME"
+ case 192: // "RUN_TIME_VAR_TIME_DAY"
+ case 193: // "RUN_TIME_VAR_TIME_EPOCH"
+ case 194: // "RUN_TIME_VAR_TIME_HOUR"
+ case 195: // "RUN_TIME_VAR_TIME_MIN"
+ case 196: // "RUN_TIME_VAR_TIME_MON"
+ case 197: // "RUN_TIME_VAR_TIME_SEC"
+ case 198: // "RUN_TIME_VAR_TIME_WDAY"
+ case 199: // "RUN_TIME_VAR_TIME_YEAR"
+ case 200: // "RUN_TIME_VAR_XML"
+ case 201: // "VARIABLE"
+ case 202: // "VARIABLE_COL"
+ case 203: // "VARIABLE_STATUS"
+ case 204: // "VARIABLE_TX"
+ value.move< std::string > (that.value);
+ break;
+
+ case 211: // op
+ case 212: // op_before_init
+ value.move< std::unique_ptr > (that.value);
+ break;
+
+ case 215: // var
+ value.move< std::unique_ptr > (that.value);
+ break;
+
+ case 216: // act
+ value.move< std::unique_ptr > (that.value);
+ break;
+
+ case 214: // variables
+ value.move< std::unique_ptr > > > (that.value);
+ break;
+
+ case 209: // actions
+ case 210: // actions_may_quoted
+ value.move< std::unique_ptr > > > (that.value);
+ break;
+
+ default:
+ break;
+ }
+
+ // that is emptied.
+ that.type = empty_symbol;
+ }
+
+ inline
+ seclang_parser::stack_symbol_type&
+ seclang_parser::stack_symbol_type::operator= (const stack_symbol_type& that)
+ {
+ state = that.state;
+ switch (that.type_get ())
+ {
+ case 6: // "Accuracy"
+ case 7: // "Allow"
+ case 8: // "Append"
+ case 9: // "AuditLog"
+ case 10: // "Block"
+ case 11: // "Capture"
+ case 12: // "Chain"
+ case 13: // "ACTION_CTL_AUDIT_ENGINE"
+ case 14: // "ACTION_CTL_AUDIT_LOG_PARTS"
+ case 15: // "ACTION_CTL_BDY_JSON"
+ case 16: // "ACTION_CTL_BDY_XML"
+ case 17: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+ case 18: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+ case 19: // "ACTION_CTL_RULE_ENGINE"
+ case 20: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+ case 21: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+ case 22: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+ case 23: // "Deny"
+ case 24: // "DeprecateVar"
+ case 25: // "Drop"
+ case 26: // "Exec"
+ case 27: // "ExpireVar"
+ case 28: // "Id"
+ case 29: // "InitCol"
+ case 30: // "Log"
+ case 31: // "LogData"
+ case 32: // "Maturity"
+ case 33: // "Msg"
+ case 34: // "MultiMatch"
+ case 35: // "NoAuditLog"
+ case 36: // "NoLog"
+ case 37: // "Pass"
+ case 38: // "Pause"
+ case 39: // "Phase"
+ case 40: // "Prepend"
+ case 41: // "Proxy"
+ case 42: // "Redirect"
+ case 43: // "Rev"
+ case 44: // "SanatiseArg"
+ case 45: // "SanatiseMatched"
+ case 46: // "SanatiseMatchedBytes"
+ case 47: // "SanatiseRequestHeader"
+ case 48: // "SanatiseResponseHeader"
+ case 49: // "SetEnv"
+ case 50: // "SetSrc"
+ case 51: // "SetSid"
+ case 52: // "SetUID"
+ case 53: // "SetVar"
+ case 54: // "Severity"
+ case 55: // "Skip"
+ case 56: // "SkipAfter"
+ case 57: // "Status"
+ case 58: // "Tag"
+ case 59: // "ACTION_TRANSFORMATION_CMD_LINE"
+ case 60: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+ case 61: // "ACTION_TRANSFORMATION_CSS_DECODE"
+ case 62: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+ case 63: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+ case 64: // "ACTION_TRANSFORMATION_JS_DECODE"
+ case 65: // "ACTION_TRANSFORMATION_LENGTH"
+ case 66: // "ACTION_TRANSFORMATION_LOWERCASE"
+ case 67: // "ACTION_TRANSFORMATION_MD5"
+ case 68: // "ACTION_TRANSFORMATION_NONE"
+ case 69: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+ case 70: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+ case 71: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+ case 72: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+ case 73: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+ case 74: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+ case 75: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+ case 76: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+ case 77: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+ case 78: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+ case 79: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+ case 80: // "ACTION_TRANSFORMATION_SHA1"
+ case 81: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+ case 82: // "ACTION_TRANSFORMATION_TRIM"
+ case 83: // "ACTION_TRANSFORMATION_URL_DECODE"
+ case 84: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+ case 85: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+ case 86: // "Ver"
+ case 87: // "xmlns"
+ case 88: // "CONFIG_COMPONENT_SIG"
+ case 89: // "CONFIG_DIR_AUDIT_DIR"
+ case 90: // "CONFIG_DIR_AUDIT_DIR_MOD"
+ case 91: // "CONFIG_DIR_AUDIT_ENG"
+ case 92: // "CONFIG_DIR_AUDIT_FLE_MOD"
+ case 93: // "CONFIG_DIR_AUDIT_LOG"
+ case 94: // "CONFIG_DIR_AUDIT_LOG2"
+ case 95: // "CONFIG_DIR_AUDIT_LOG_P"
+ case 96: // "CONFIG_DIR_AUDIT_STS"
+ case 97: // "CONFIG_DIR_AUDIT_TPE"
+ case 98: // "CONFIG_DIR_DEBUG_LOG"
+ case 99: // "CONFIG_DIR_DEBUG_LVL"
+ case 100: // "CONFIG_DIR_GEO_DB"
+ case 101: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+ case 102: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+ case 103: // "CONFIG_DIR_REQ_BODY"
+ case 104: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+ case 105: // "CONFIG_DIR_REQ_BODY_LIMIT"
+ case 106: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+ case 107: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+ case 108: // "CONFIG_DIR_RES_BODY"
+ case 109: // "CONFIG_DIR_RES_BODY_LIMIT"
+ case 110: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+ case 111: // "CONFIG_DIR_RULE_ENG"
+ case 112: // "CONFIG_DIR_SEC_ACTION"
+ case 113: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+ case 114: // "CONFIG_DIR_SEC_MARKER"
+ case 115: // "CONFIG_DIR_UNICODE_MAP_FILE"
+ case 116: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+ case 117: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+ case 118: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+ case 119: // "CONFIG_UPDLOAD_KEEP_FILES"
+ case 120: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+ case 121: // "CONFIG_UPLOAD_DIR"
+ case 122: // "CONFIG_UPLOAD_FILE_LIMIT"
+ case 123: // "CONFIG_UPLOAD_FILE_MODE"
+ case 124: // "CONFIG_VALUE_ABORT"
+ case 125: // "CONFIG_VALUE_DETC"
+ case 126: // "CONFIG_VALUE_HTTPS"
+ case 127: // "CONFIG_VALUE_OFF"
+ case 128: // "CONFIG_VALUE_ON"
+ case 129: // "CONFIG_VALUE_PARALLEL"
+ case 130: // "CONFIG_VALUE_PROCESS_PARTIAL"
+ case 131: // "CONFIG_VALUE_REJECT"
+ case 132: // "CONFIG_VALUE_RELEVANT_ONLY"
+ case 133: // "CONFIG_VALUE_SERIAL"
+ case 134: // "CONFIG_VALUE_WARN"
+ case 135: // "CONFIG_XML_EXTERNAL_ENTITY"
+ case 136: // "CONGIG_DIR_RESPONSE_BODY_MP"
+ case 137: // "CONGIG_DIR_SEC_ARG_SEP"
+ case 138: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+ case 139: // "CONGIG_DIR_SEC_DATA_DIR"
+ case 140: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+ case 141: // "CONGIG_DIR_SEC_TMP_DIR"
+ case 142: // "DIRECTIVE"
+ case 143: // "DIRECTIVE_SECRULESCRIPT"
+ case 144: // "FREE_TEXT"
+ case 145: // "NOT"
+ case 146: // "OPERATOR"
+ case 147: // "OPERATOR_BEGINS_WITH"
+ case 148: // "OPERATOR_CONTAINS"
+ case 149: // "OPERATOR_CONTAINS_WORD"
+ case 150: // "OPERATOR_DETECT_SQLI"
+ case 151: // "OPERATOR_DETECT_XSS"
+ case 152: // "OPERATOR_ENDS_WITH"
+ case 153: // "OPERATOR_EQ"
+ case 154: // "OPERATOR_FUZZY_HASH"
+ case 155: // "OPERATOR_GE"
+ case 156: // "OPERATOR_GEOLOOKUP"
+ case 157: // "OPERATOR_GSB_LOOKUP"
+ case 158: // "OPERATOR_GT"
+ case 159: // "OPERATOR_INSPECT_FILE"
+ case 160: // "OPERATOR_IP_MATCH"
+ case 161: // "OPERATOR_IP_MATCH_FROM_FILE"
+ case 162: // "OPERATOR_LE"
+ case 163: // "OPERATOR_LT"
+ case 164: // "OPERATOR_PM"
+ case 165: // "OPERATOR_PM_FROM_FILE"
+ case 166: // "OPERATOR_RBL"
+ case 167: // "OPERATOR_RSUB"
+ case 168: // "OPERATOR_RX"
+ case 169: // "Operator Rx"
+ case 170: // "OPERATOR_STR_EQ"
+ case 171: // "OPERATOR_STR_MATCH"
+ case 172: // "OPERATOR_UNCONDITIONAL_MATCH"
+ case 173: // "OPERATOR_VALIDATE_BYTE_RANGE"
+ case 174: // "OPERATOR_VALIDATE_DTD"
+ case 175: // "OPERATOR_VALIDATE_HASH"
+ case 176: // "OPERATOR_VALIDATE_SCHEMA"
+ case 177: // "OPERATOR_VALIDATE_URL_ENCODING"
+ case 178: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+ case 179: // "OPERATOR_VERIFY_CC"
+ case 180: // "OPERATOR_VERIFY_CPF"
+ case 181: // "OPERATOR_VERIFY_SSN"
+ case 182: // "OPERATOR_WITHIN"
+ case 183: // "OP_QUOTE"
+ case 184: // "QUOTATION_MARK"
+ case 185: // "RUN_TIME_VAR_BLD"
+ case 186: // "RUN_TIME_VAR_DUR"
+ case 187: // "RUN_TIME_VAR_ENV"
+ case 188: // "RUN_TIME_VAR_HSV"
+ case 189: // "RUN_TIME_VAR_REMOTE_USER"
+ case 190: // "RUN_TIME_VAR_RULE"
+ case 191: // "RUN_TIME_VAR_TIME"
+ case 192: // "RUN_TIME_VAR_TIME_DAY"
+ case 193: // "RUN_TIME_VAR_TIME_EPOCH"
+ case 194: // "RUN_TIME_VAR_TIME_HOUR"
+ case 195: // "RUN_TIME_VAR_TIME_MIN"
+ case 196: // "RUN_TIME_VAR_TIME_MON"
+ case 197: // "RUN_TIME_VAR_TIME_SEC"
+ case 198: // "RUN_TIME_VAR_TIME_WDAY"
+ case 199: // "RUN_TIME_VAR_TIME_YEAR"
+ case 200: // "RUN_TIME_VAR_XML"
+ case 201: // "VARIABLE"
+ case 202: // "VARIABLE_COL"
+ case 203: // "VARIABLE_STATUS"
+ case 204: // "VARIABLE_TX"
+ value.copy< std::string > (that.value);
+ break;
+
+ case 211: // op
+ case 212: // op_before_init
+ value.copy< std::unique_ptr > (that.value);
+ break;
+
+ case 215: // var
+ value.copy< std::unique_ptr > (that.value);
+ break;
+
+ case 216: // act
+ value.copy< std::unique_ptr > (that.value);
+ break;
+
+ case 214: // variables
+ value.copy< std::unique_ptr > > > (that.value);
+ break;
+
+ case 209: // actions
+ case 210: // actions_may_quoted
+ value.copy< std::unique_ptr > > > (that.value);
+ break;
+
+ default:
+ break;
+ }
+
+ location = that.location;
+ return *this;
+ }
+
+
+ template
+ inline
+ void
+ seclang_parser::yy_destroy_ (const char* yymsg, basic_symbol& yysym) const
+ {
+ if (yymsg)
+ YY_SYMBOL_PRINT (yymsg, yysym);
+ }
+
+#if YYDEBUG
+ template
+ void
+ seclang_parser::yy_print_ (std::ostream& yyo,
+ const basic_symbol& yysym) const
+ {
+ std::ostream& yyoutput = yyo;
+ YYUSE (yyoutput);
+ symbol_number_type yytype = yysym.type_get ();
+ // Avoid a (spurious) G++ 4.8 warning about "array subscript is
+ // below array bounds".
+ if (yysym.empty ())
+ std::abort ();
+ yyo << (yytype < yyntokens_ ? "token" : "nterm")
+ << ' ' << yytname_[yytype] << " ("
+ << yysym.location << ": ";
+ YYUSE (yytype);
+ yyo << ')';
+ }
+#endif
+
+ inline
+ void
+ seclang_parser::yypush_ (const char* m, state_type s, symbol_type& sym)
+ {
+ stack_symbol_type t (s, sym);
+ yypush_ (m, t);
+ }
+
+ inline
+ void
+ seclang_parser::yypush_ (const char* m, stack_symbol_type& s)
+ {
+ if (m)
+ YY_SYMBOL_PRINT (m, s);
+ yystack_.push (s);
+ }
+
+ inline
+ void
+ seclang_parser::yypop_ (unsigned int n)
+ {
+ yystack_.pop (n);
+ }
+
+#if YYDEBUG
+ std::ostream&
+ seclang_parser::debug_stream () const
+ {
+ return *yycdebug_;
+ }
+
+ void
+ seclang_parser::set_debug_stream (std::ostream& o)
+ {
+ yycdebug_ = &o;
+ }
+
+
+ seclang_parser::debug_level_type
+ seclang_parser::debug_level () const
+ {
+ return yydebug_;
+ }
+
+ void
+ seclang_parser::set_debug_level (debug_level_type l)
+ {
+ yydebug_ = l;
+ }
+#endif // YYDEBUG
+
+ inline seclang_parser::state_type
+ seclang_parser::yy_lr_goto_state_ (state_type yystate, int yysym)
+ {
+ int yyr = yypgoto_[yysym - yyntokens_] + yystate;
+ if (0 <= yyr && yyr <= yylast_ && yycheck_[yyr] == yystate)
+ return yytable_[yyr];
+ else
+ return yydefgoto_[yysym - yyntokens_];
+ }
+
+ inline bool
+ seclang_parser::yy_pact_value_is_default_ (int yyvalue)
+ {
+ return yyvalue == yypact_ninf_;
+ }
+
+ inline bool
+ seclang_parser::yy_table_value_is_error_ (int yyvalue)
+ {
+ return yyvalue == yytable_ninf_;
+ }
+
+ int
+ seclang_parser::parse ()
+ {
+ // State.
+ int yyn;
+ /// Length of the RHS of the rule being reduced.
+ int yylen = 0;
+
+ // Error handling.
+ int yynerrs_ = 0;
+ int yyerrstatus_ = 0;
+
+ /// The lookahead symbol.
+ symbol_type yyla;
+
+ /// The locations where the error started and ended.
+ stack_symbol_type yyerror_range[3];
+
+ /// The return value of parse ().
+ int yyresult;
+
+ // FIXME: This shoud be completely indented. It is not yet to
+ // avoid gratuitous conflicts when merging into the master branch.
+ try
+ {
+ YYCDEBUG << "Starting parse" << std::endl;
+
+
+ // User initialization code.
+ #line 244 "/home/zimmerle/core/ModSecurity/src/parser/seclang-parser.yy" // lalr1.cc:741
+{
+ // Initialize the initial location.
+ yyla.location.begin.filename = yyla.location.end.filename = &driver.file;
+}
+
+#line 865 "seclang-parser.cc" // lalr1.cc:741
+
+ /* Initialize the stack. The initial state will be set in
+ yynewstate, since the latter expects the semantical and the
+ location values to have been already stored, initialize these
+ stacks with a primary value. */
+ yystack_.clear ();
+ yypush_ (YY_NULLPTR, 0, yyla);
+
+ // A new symbol was pushed on the stack.
+ yynewstate:
+ YYCDEBUG << "Entering state " << yystack_[0].state << std::endl;
+
+ // Accept?
+ if (yystack_[0].state == yyfinal_)
+ goto yyacceptlab;
+
+ goto yybackup;
+
+ // Backup.
+ yybackup:
+
+ // Try to take a decision without lookahead.
+ yyn = yypact_[yystack_[0].state];
+ if (yy_pact_value_is_default_ (yyn))
+ goto yydefault;
+
+ // Read a lookahead token.
+ if (yyla.empty ())
+ {
+ YYCDEBUG << "Reading a token: ";
+ try
+ {
+ symbol_type yylookahead (yylex (driver));
+ yyla.move (yylookahead);
+ }
+ catch (const syntax_error& yyexc)
+ {
+ error (yyexc);
+ goto yyerrlab1;
+ }
+ }
+ YY_SYMBOL_PRINT ("Next token is", yyla);
+
+ /* If the proper action on seeing token YYLA.TYPE is to reduce or
+ to detect an error, take that action. */
+ yyn += yyla.type_get ();
+ if (yyn < 0 || yylast_ < yyn || yycheck_[yyn] != yyla.type_get ())
+ goto yydefault;
+
+ // Reduce or error.
+ yyn = yytable_[yyn];
+ if (yyn <= 0)
+ {
+ if (yy_table_value_is_error_ (yyn))
+ goto yyerrlab;
+ yyn = -yyn;
+ goto yyreduce;
+ }
+
+ // Count tokens shifted since error; after three, turn off error status.
+ if (yyerrstatus_)
+ --yyerrstatus_;
+
+ // Shift the lookahead token.
+ yypush_ ("Shifting", yyn, yyla);
+ goto yynewstate;
+
+ /*-----------------------------------------------------------.
+ | yydefault -- do the default action for the current state. |
+ `-----------------------------------------------------------*/
+ yydefault:
+ yyn = yydefact_[yystack_[0].state];
+ if (yyn == 0)
+ goto yyerrlab;
+ goto yyreduce;
+
+ /*-----------------------------.
+ | yyreduce -- Do a reduction. |
+ `-----------------------------*/
+ yyreduce:
+ yylen = yyr2_[yyn];
+ {
+ stack_symbol_type yylhs;
+ yylhs.state = yy_lr_goto_state_(yystack_[yylen].state, yyr1_[yyn]);
+ /* Variants are always initialized to an empty instance of the
+ correct type. The default '$$ = $1' action is NOT applied
+ when using variants. */
+ switch (yyr1_[yyn])
+ {
+ case 6: // "Accuracy"
+ case 7: // "Allow"
+ case 8: // "Append"
+ case 9: // "AuditLog"
+ case 10: // "Block"
+ case 11: // "Capture"
+ case 12: // "Chain"
+ case 13: // "ACTION_CTL_AUDIT_ENGINE"
+ case 14: // "ACTION_CTL_AUDIT_LOG_PARTS"
+ case 15: // "ACTION_CTL_BDY_JSON"
+ case 16: // "ACTION_CTL_BDY_XML"
+ case 17: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+ case 18: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+ case 19: // "ACTION_CTL_RULE_ENGINE"
+ case 20: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+ case 21: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+ case 22: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+ case 23: // "Deny"
+ case 24: // "DeprecateVar"
+ case 25: // "Drop"
+ case 26: // "Exec"
+ case 27: // "ExpireVar"
+ case 28: // "Id"
+ case 29: // "InitCol"
+ case 30: // "Log"
+ case 31: // "LogData"
+ case 32: // "Maturity"
+ case 33: // "Msg"
+ case 34: // "MultiMatch"
+ case 35: // "NoAuditLog"
+ case 36: // "NoLog"
+ case 37: // "Pass"
+ case 38: // "Pause"
+ case 39: // "Phase"
+ case 40: // "Prepend"
+ case 41: // "Proxy"
+ case 42: // "Redirect"
+ case 43: // "Rev"
+ case 44: // "SanatiseArg"
+ case 45: // "SanatiseMatched"
+ case 46: // "SanatiseMatchedBytes"
+ case 47: // "SanatiseRequestHeader"
+ case 48: // "SanatiseResponseHeader"
+ case 49: // "SetEnv"
+ case 50: // "SetSrc"
+ case 51: // "SetSid"
+ case 52: // "SetUID"
+ case 53: // "SetVar"
+ case 54: // "Severity"
+ case 55: // "Skip"
+ case 56: // "SkipAfter"
+ case 57: // "Status"
+ case 58: // "Tag"
+ case 59: // "ACTION_TRANSFORMATION_CMD_LINE"
+ case 60: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+ case 61: // "ACTION_TRANSFORMATION_CSS_DECODE"
+ case 62: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+ case 63: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+ case 64: // "ACTION_TRANSFORMATION_JS_DECODE"
+ case 65: // "ACTION_TRANSFORMATION_LENGTH"
+ case 66: // "ACTION_TRANSFORMATION_LOWERCASE"
+ case 67: // "ACTION_TRANSFORMATION_MD5"
+ case 68: // "ACTION_TRANSFORMATION_NONE"
+ case 69: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+ case 70: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+ case 71: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+ case 72: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+ case 73: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+ case 74: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+ case 75: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+ case 76: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+ case 77: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+ case 78: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+ case 79: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+ case 80: // "ACTION_TRANSFORMATION_SHA1"
+ case 81: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+ case 82: // "ACTION_TRANSFORMATION_TRIM"
+ case 83: // "ACTION_TRANSFORMATION_URL_DECODE"
+ case 84: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+ case 85: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+ case 86: // "Ver"
+ case 87: // "xmlns"
+ case 88: // "CONFIG_COMPONENT_SIG"
+ case 89: // "CONFIG_DIR_AUDIT_DIR"
+ case 90: // "CONFIG_DIR_AUDIT_DIR_MOD"
+ case 91: // "CONFIG_DIR_AUDIT_ENG"
+ case 92: // "CONFIG_DIR_AUDIT_FLE_MOD"
+ case 93: // "CONFIG_DIR_AUDIT_LOG"
+ case 94: // "CONFIG_DIR_AUDIT_LOG2"
+ case 95: // "CONFIG_DIR_AUDIT_LOG_P"
+ case 96: // "CONFIG_DIR_AUDIT_STS"
+ case 97: // "CONFIG_DIR_AUDIT_TPE"
+ case 98: // "CONFIG_DIR_DEBUG_LOG"
+ case 99: // "CONFIG_DIR_DEBUG_LVL"
+ case 100: // "CONFIG_DIR_GEO_DB"
+ case 101: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+ case 102: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+ case 103: // "CONFIG_DIR_REQ_BODY"
+ case 104: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+ case 105: // "CONFIG_DIR_REQ_BODY_LIMIT"
+ case 106: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+ case 107: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+ case 108: // "CONFIG_DIR_RES_BODY"
+ case 109: // "CONFIG_DIR_RES_BODY_LIMIT"
+ case 110: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+ case 111: // "CONFIG_DIR_RULE_ENG"
+ case 112: // "CONFIG_DIR_SEC_ACTION"
+ case 113: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+ case 114: // "CONFIG_DIR_SEC_MARKER"
+ case 115: // "CONFIG_DIR_UNICODE_MAP_FILE"
+ case 116: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+ case 117: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+ case 118: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+ case 119: // "CONFIG_UPDLOAD_KEEP_FILES"
+ case 120: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+ case 121: // "CONFIG_UPLOAD_DIR"
+ case 122: // "CONFIG_UPLOAD_FILE_LIMIT"
+ case 123: // "CONFIG_UPLOAD_FILE_MODE"
+ case 124: // "CONFIG_VALUE_ABORT"
+ case 125: // "CONFIG_VALUE_DETC"
+ case 126: // "CONFIG_VALUE_HTTPS"
+ case 127: // "CONFIG_VALUE_OFF"
+ case 128: // "CONFIG_VALUE_ON"
+ case 129: // "CONFIG_VALUE_PARALLEL"
+ case 130: // "CONFIG_VALUE_PROCESS_PARTIAL"
+ case 131: // "CONFIG_VALUE_REJECT"
+ case 132: // "CONFIG_VALUE_RELEVANT_ONLY"
+ case 133: // "CONFIG_VALUE_SERIAL"
+ case 134: // "CONFIG_VALUE_WARN"
+ case 135: // "CONFIG_XML_EXTERNAL_ENTITY"
+ case 136: // "CONGIG_DIR_RESPONSE_BODY_MP"
+ case 137: // "CONGIG_DIR_SEC_ARG_SEP"
+ case 138: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+ case 139: // "CONGIG_DIR_SEC_DATA_DIR"
+ case 140: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+ case 141: // "CONGIG_DIR_SEC_TMP_DIR"
+ case 142: // "DIRECTIVE"
+ case 143: // "DIRECTIVE_SECRULESCRIPT"
+ case 144: // "FREE_TEXT"
+ case 145: // "NOT"
+ case 146: // "OPERATOR"
+ case 147: // "OPERATOR_BEGINS_WITH"
+ case 148: // "OPERATOR_CONTAINS"
+ case 149: // "OPERATOR_CONTAINS_WORD"
+ case 150: // "OPERATOR_DETECT_SQLI"
+ case 151: // "OPERATOR_DETECT_XSS"
+ case 152: // "OPERATOR_ENDS_WITH"
+ case 153: // "OPERATOR_EQ"
+ case 154: // "OPERATOR_FUZZY_HASH"
+ case 155: // "OPERATOR_GE"
+ case 156: // "OPERATOR_GEOLOOKUP"
+ case 157: // "OPERATOR_GSB_LOOKUP"
+ case 158: // "OPERATOR_GT"
+ case 159: // "OPERATOR_INSPECT_FILE"
+ case 160: // "OPERATOR_IP_MATCH"
+ case 161: // "OPERATOR_IP_MATCH_FROM_FILE"
+ case 162: // "OPERATOR_LE"
+ case 163: // "OPERATOR_LT"
+ case 164: // "OPERATOR_PM"
+ case 165: // "OPERATOR_PM_FROM_FILE"
+ case 166: // "OPERATOR_RBL"
+ case 167: // "OPERATOR_RSUB"
+ case 168: // "OPERATOR_RX"
+ case 169: // "Operator Rx"
+ case 170: // "OPERATOR_STR_EQ"
+ case 171: // "OPERATOR_STR_MATCH"
+ case 172: // "OPERATOR_UNCONDITIONAL_MATCH"
+ case 173: // "OPERATOR_VALIDATE_BYTE_RANGE"
+ case 174: // "OPERATOR_VALIDATE_DTD"
+ case 175: // "OPERATOR_VALIDATE_HASH"
+ case 176: // "OPERATOR_VALIDATE_SCHEMA"
+ case 177: // "OPERATOR_VALIDATE_URL_ENCODING"
+ case 178: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+ case 179: // "OPERATOR_VERIFY_CC"
+ case 180: // "OPERATOR_VERIFY_CPF"
+ case 181: // "OPERATOR_VERIFY_SSN"
+ case 182: // "OPERATOR_WITHIN"
+ case 183: // "OP_QUOTE"
+ case 184: // "QUOTATION_MARK"
+ case 185: // "RUN_TIME_VAR_BLD"
+ case 186: // "RUN_TIME_VAR_DUR"
+ case 187: // "RUN_TIME_VAR_ENV"
+ case 188: // "RUN_TIME_VAR_HSV"
+ case 189: // "RUN_TIME_VAR_REMOTE_USER"
+ case 190: // "RUN_TIME_VAR_RULE"
+ case 191: // "RUN_TIME_VAR_TIME"
+ case 192: // "RUN_TIME_VAR_TIME_DAY"
+ case 193: // "RUN_TIME_VAR_TIME_EPOCH"
+ case 194: // "RUN_TIME_VAR_TIME_HOUR"
+ case 195: // "RUN_TIME_VAR_TIME_MIN"
+ case 196: // "RUN_TIME_VAR_TIME_MON"
+ case 197: // "RUN_TIME_VAR_TIME_SEC"
+ case 198: // "RUN_TIME_VAR_TIME_WDAY"
+ case 199: // "RUN_TIME_VAR_TIME_YEAR"
+ case 200: // "RUN_TIME_VAR_XML"
+ case 201: // "VARIABLE"
+ case 202: // "VARIABLE_COL"
+ case 203: // "VARIABLE_STATUS"
+ case 204: // "VARIABLE_TX"
+ yylhs.value.build< std::string > ();
+ break;
+
+ case 211: // op
+ case 212: // op_before_init
+ yylhs.value.build< std::unique_ptr > ();
+ break;
+
+ case 215: // var
+ yylhs.value.build< std::unique_ptr > ();
+ break;
+
+ case 216: // act
+ yylhs.value.build< std::unique_ptr > ();
+ break;
+
+ case 214: // variables
+ yylhs.value.build< std::unique_ptr > > > ();
+ break;
+
+ case 209: // actions
+ case 210: // actions_may_quoted
+ yylhs.value.build< std::unique_ptr > > > ();
+ break;
+
+ default:
+ break;
+ }
+
+
+ // Compute the default @$.
+ {
+ slice slice (yystack_, yylen);
+ YYLLOC_DEFAULT (yylhs.location, slice, yylen);
+ }
+
+ // Perform the reduction.
+ YY_REDUCE_PRINT (yyn);
+ try
+ {
+ switch (yyn)
+ {
+ case 2:
+#line 488 "seclang-parser.yy" // lalr1.cc:859
+ {
+ return 0;
+ }
+#line 1201 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 6:
+#line 501 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setStorageDirMode(strtol(yystack_[0].value.as< std::string > ().c_str(), NULL, 8));
+ }
+#line 1209 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 7:
+#line 507 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setStorageDir(yystack_[0].value.as< std::string > ());
+ }
+#line 1217 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 8:
+#line 513 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::RelevantOnlyAuditLogStatus);
+ }
+#line 1225 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 9:
+#line 517 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::OffAuditLogStatus);
+ }
+#line 1233 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 10:
+#line 521 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::OnAuditLogStatus);
+ }
+#line 1241 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 11:
+#line 527 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setFileMode(strtol(yystack_[0].value.as< std::string > ().c_str(), NULL, 8));
+ }
+#line 1249 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 12:
+#line 533 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setFilePath2(yystack_[0].value.as< std::string > ());
+ }
+#line 1257 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 13:
+#line 539 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setParts(yystack_[0].value.as< std::string > ());
+ }
+#line 1265 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 14:
+#line 545 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setFilePath1(yystack_[0].value.as< std::string > ());
+ }
+#line 1273 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 15:
+#line 551 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string relevant_status(yystack_[0].value.as< std::string > ());
+ relevant_status.pop_back();
+ relevant_status.erase(0, 1);
+ driver.m_auditLog->setRelevantStatus(relevant_status);
+ }
+#line 1284 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 16:
+#line 560 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::SerialAuditLogType);
+ }
+#line 1292 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 17:
+#line 564 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::ParallelAuditLogType);
+ }
+#line 1300 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 18:
+#line 568 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::HttpsAuditLogType);
+ }
+#line 1308 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 19:
+#line 574 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_uploadKeepFiles = modsecurity::RulesProperties::TrueConfigBoolean;
+ }
+#line 1316 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 20:
+#line 578 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_uploadKeepFiles = modsecurity::RulesProperties::FalseConfigBoolean;
+ }
+#line 1324 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 21:
+#line 582 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_uploadFileLimit.m_set = true;
+ driver.m_uploadFileLimit.m_value = strtol(yystack_[0].value.as< std::string > ().c_str(), NULL, 10);
+ }
+#line 1333 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 22:
+#line 587 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_uploadFileMode.m_set = true;
+ driver.m_uploadFileMode.m_value = strtol(yystack_[0].value.as< std::string > ().c_str(), NULL, 8);
+ }
+#line 1342 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 23:
+#line 592 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_uploadDirectory.m_set = true;
+ driver.m_uploadDirectory.m_value = yystack_[0].value.as< std::string > ();
+ }
+#line 1351 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 24:
+#line 597 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_tmpSaveUploadedFiles = modsecurity::RulesProperties::TrueConfigBoolean;
+ }
+#line 1359 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 25:
+#line 601 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_tmpSaveUploadedFiles = modsecurity::RulesProperties::FalseConfigBoolean;
+ }
+#line 1367 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 26:
+#line 608 "seclang-parser.yy" // lalr1.cc:859
+ {
+ yylhs.value.as< std::unique_ptr > > > () = std::move(yystack_[1].value.as< std::unique_ptr > > > ());
+ }
+#line 1375 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 27:
+#line 612 "seclang-parser.yy" // lalr1.cc:859
+ {
+ yylhs.value.as< std::unique_ptr > > > () = std::move(yystack_[0].value.as< std::unique_ptr > > > ());
+ }
+#line 1383 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 28:
+#line 619 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_INIT(yystack_[0].value.as< std::unique_ptr > (), yystack_[3].location)
+ yystack_[2].value.as< std::unique_ptr > > > ()->push_back(std::move(yystack_[0].value.as< std::unique_ptr > ()));
+ yylhs.value.as< std::unique_ptr > > > () = std::move(yystack_[2].value.as< std::unique_ptr > > > ());
+ }
+#line 1393 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 29:
+#line 625 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::unique_ptr>> b(new std::vector>());
+ ACTION_INIT(yystack_[0].value.as< std::unique_ptr > (), yystack_[1].location)
+ b->push_back(std::move(yystack_[0].value.as< std::unique_ptr > ()));
+ yylhs.value.as< std::unique_ptr > > > () = std::move(b);
+ }
+#line 1404 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 30:
+#line 635 "seclang-parser.yy" // lalr1.cc:859
+ {
+ yylhs.value.as< std::unique_ptr > () = std::move(yystack_[0].value.as< std::unique_ptr > ());
+ std::string error;
+ if (yylhs.value.as< std::unique_ptr > ()->init(driver.ref.back(), &error) == false) {
+ driver.error(yystack_[1].location, error);
+ YYERROR;
+ }
+ }
+#line 1417 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 31:
+#line 644 "seclang-parser.yy" // lalr1.cc:859
+ {
+ yylhs.value.as< std::unique_ptr > () = std::move(yystack_[0].value.as< std::unique_ptr > ());
+ yylhs.value.as< std::unique_ptr > ()->m_negation = true;
+ std::string error;
+ if (yylhs.value.as< std::unique_ptr > ()->init(driver.ref.back(), &error) == false) {
+ driver.error(yystack_[2].location, error);
+ YYERROR;
+ }
+ }
+#line 1431 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 32:
+#line 654 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Rx(utils::string::removeBracketsIfNeeded(yystack_[0].value.as< std::string > ())));
+ std::string error;
+ if (yylhs.value.as< std::unique_ptr > ()->init(driver.ref.back(), &error) == false) {
+ driver.error(yystack_[1].location, error);
+ YYERROR;
+ }
+ }
+#line 1444 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 33:
+#line 663 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Rx("!" + utils::string::removeBracketsIfNeeded(yystack_[0].value.as< std::string > ())));
+ std::string error;
+ if (yylhs.value.as< std::unique_ptr > ()->init(driver.ref.back(), &error) == false) {
+ driver.error(yystack_[2].location, error);
+ YYERROR;
+ }
+ }
+#line 1457 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 34:
+#line 675 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::UnconditionalMatch());
+ }
+#line 1465 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 35:
+#line 679 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::DetectSQLi());
+ }
+#line 1473 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 36:
+#line 683 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::DetectXSS());
+ }
+#line 1481 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 37:
+#line 687 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::ValidateUrlEncoding());
+ }
+#line 1489 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 38:
+#line 691 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::ValidateUtf8Encoding());
+ }
+#line 1497 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 39:
+#line 695 "seclang-parser.yy" // lalr1.cc:859
+ {
+ /* $$ = new operators::InspectFile($1); */
+ OPERATOR_NOT_SUPPORTED("InspectFile", yystack_[2].location);
+ }
+#line 1506 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 40:
+#line 700 "seclang-parser.yy" // lalr1.cc:859
+ {
+ /* $$ = new operators::FuzzyHash(); */
+ OPERATOR_NOT_SUPPORTED("FuzzyHash", yystack_[2].location);
+ }
+#line 1515 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 41:
+#line 705 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::ValidateByteRange(yystack_[0].value.as< std::string > ()));
+ }
+#line 1523 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 42:
+#line 709 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::ValidateDTD(yystack_[0].value.as< std::string > ()));
+ }
+#line 1531 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 43:
+#line 713 "seclang-parser.yy" // lalr1.cc:859
+ {
+ /* $$ = new operators::ValidateHash($1); */
+ OPERATOR_NOT_SUPPORTED("ValidateHash", yystack_[2].location);
+ }
+#line 1540 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 44:
+#line 718 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::ValidateSchema(yystack_[0].value.as< std::string > ()));
+ }
+#line 1548 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 45:
+#line 722 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::VerifyCC(yystack_[0].value.as< std::string > ()));
+ }
+#line 1556 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 46:
+#line 726 "seclang-parser.yy" // lalr1.cc:859
+ {
+ /* $$ = new operators::VerifyCPF($1); */
+ OPERATOR_NOT_SUPPORTED("VerifyCPF", yystack_[2].location);
+ }
+#line 1565 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 47:
+#line 731 "seclang-parser.yy" // lalr1.cc:859
+ {
+ /* $$ = new operators::VerifySSN($1); */
+ OPERATOR_NOT_SUPPORTED("VerifySSN", yystack_[2].location);
+ }
+#line 1574 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 48:
+#line 736 "seclang-parser.yy" // lalr1.cc:859
+ {
+ /* $$ = new operators::GsbLookup($1); */
+ OPERATOR_NOT_SUPPORTED("GsbLookup", yystack_[2].location);
+ }
+#line 1583 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 49:
+#line 741 "seclang-parser.yy" // lalr1.cc:859
+ {
+ /* $$ = new operators::Rsub($1); */
+ OPERATOR_NOT_SUPPORTED("Rsub", yystack_[2].location);
+ }
+#line 1592 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 50:
+#line 746 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Within(yystack_[0].value.as< std::string > ()));
+ }
+#line 1600 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 51:
+#line 750 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::ContainsWord(yystack_[0].value.as< std::string > ()));
+ }
+#line 1608 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 52:
+#line 754 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Contains(yystack_[0].value.as< std::string > ()));
+ }
+#line 1616 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 53:
+#line 758 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::EndsWith(yystack_[0].value.as< std::string > ()));
+ }
+#line 1624 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 54:
+#line 762 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Eq(yystack_[0].value.as< std::string > ()));
+ }
+#line 1632 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 55:
+#line 766 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Ge(yystack_[0].value.as< std::string > ()));
+ }
+#line 1640 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 56:
+#line 770 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Gt(yystack_[0].value.as< std::string > ()));
+ }
+#line 1648 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 57:
+#line 774 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::IpMatchF(yystack_[0].value.as< std::string > ()));
+ }
+#line 1656 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 58:
+#line 778 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::IpMatch(yystack_[0].value.as< std::string > ()));
+ }
+#line 1664 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 59:
+#line 782 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Le(yystack_[0].value.as< std::string > ()));
+ }
+#line 1672 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 60:
+#line 786 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Lt(yystack_[0].value.as< std::string > ()));
+ }
+#line 1680 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 61:
+#line 790 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::PmFromFile(yystack_[0].value.as< std::string > ()));
+ }
+#line 1688 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 62:
+#line 794 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Pm(yystack_[0].value.as< std::string > ()));
+ }
+#line 1696 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 63:
+#line 798 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Rbl(yystack_[0].value.as< std::string > ()));
+ }
+#line 1704 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 64:
+#line 802 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::Rx(yystack_[0].value.as< std::string > ()));
+ }
+#line 1712 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 65:
+#line 806 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::StrEq(yystack_[0].value.as< std::string > ()));
+ }
+#line 1720 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 66:
+#line 810 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::StrMatch(yystack_[0].value.as< std::string > ()));
+ }
+#line 1728 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 67:
+#line 814 "seclang-parser.yy" // lalr1.cc:859
+ {
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::BeginsWith(yystack_[0].value.as< std::string > ()));
+ }
+#line 1736 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 68:
+#line 818 "seclang-parser.yy" // lalr1.cc:859
+ {
+#ifdef WITH_GEOIP
+ OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr > (), new operators::GeoLookup());
+#else
+ std::stringstream ss;
+ ss << "This version of ModSecurity was not compiled with GeoIP support.";
+ driver.error(yystack_[1].location, ss.str());
+ YYERROR;
+#endif // WITH_GEOIP
+ }
+#line 1751 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 70:
+#line 833 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::vector *a = new std::vector();
+ for (auto &i : *yystack_[0].value.as< std::unique_ptr > > > ().get()) {
+ a->push_back(i.release());
+ }
+ std::vector *v = new std::vector();
+ for (auto &i : *yystack_[2].value.as< std::unique_ptr > > > ().get()) {
+ v->push_back(i.release());
+ }
+
+ Operator *op = yystack_[1].value.as< std::unique_ptr > ().release();
+ Rule *rule = new Rule(
+ /* op */ op,
+ /* variables */ v,
+ /* actions */ a,
+ /* file name */ driver.ref.back(),
+ /* line number */ yystack_[4].location.end.line
+ );
+ if (driver.addSecRule(rule) == false) {
+ delete rule;
+ YYERROR;
+ }
+ }
+#line 1779 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 71:
+#line 857 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::vector *v = new std::vector();
+ for (auto &i : *yystack_[1].value.as< std::unique_ptr > > > ().get()) {
+ v->push_back(i.release());
+ }
+
+ Rule *rule = new Rule(
+ /* op */ yystack_[0].value.as< std::unique_ptr > ().release(),
+ /* variables */ v,
+ /* actions */ NULL,
+ /* file name */ driver.ref.back(),
+ /* line number */ yystack_[3].location.end.line
+ );
+ if (driver.addSecRule(rule) == false) {
+ delete rule;
+ YYERROR;
+ }
+ }
+#line 1802 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 72:
+#line 876 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::vector *a = new std::vector();
+ for (auto &i : *yystack_[0].value.as< std::unique_ptr > > > ().get()) {
+ a->push_back(i.release());
+ }
+ Rule *rule = new Rule(
+ /* op */ NULL,
+ /* variables */ NULL,
+ /* actions */ a,
+ /* file name */ driver.ref.back(),
+ /* line number */ yystack_[2].location.end.line
+ );
+ driver.addSecAction(rule);
+ }
+#line 1821 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 73:
+#line 891 "seclang-parser.yy" // lalr1.cc:859
+ {
+ /*
+
+ TODO: implement the SecRuleScript directive
+
+ */
+ }
+#line 1833 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 74:
+#line 899 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::vector *actions = new std::vector();
+ for (auto &i : *yystack_[0].value.as< std::unique_ptr > > > ().get()) {
+ actions->push_back(i.release());
+ }
+ std::vector checkedActions;
+ int definedPhase = -1;
+ int secRuleDefinedPhase = -1;
+ for (actions::Action *a : *actions) {
+ actions::Phase *phase = dynamic_cast(a);
+ if (phase != NULL) {
+ definedPhase = phase->m_phase;
+ secRuleDefinedPhase = phase->m_secRulesPhase;
+ delete phase;
+ } else if (a->action_kind == actions::Action::RunTimeOnlyIfMatchKind ||
+ a->action_kind == actions::Action::RunTimeBeforeMatchAttemptKind) {
+ actions::transformations::None *none = dynamic_cast(a);
+ if (none != NULL) {
+ driver.error(yystack_[2].location, "The transformation none is not suitable to be part of the SecDefaultActions");
+ YYERROR;
+ }
+ checkedActions.push_back(a);
+ } else {
+ driver.error(yystack_[2].location, "The action '" + a->m_name + "' is not suitable to be part of the SecDefaultActions");
+ YYERROR;
+ }
+ }
+ if (definedPhase == -1) {
+ definedPhase = modsecurity::Phases::RequestHeadersPhase;
+ }
+
+ if (!driver.m_defaultActions[definedPhase].empty()) {
+ std::stringstream ss;
+ ss << "SecDefaultActions can only be placed once per phase and configuration context. Phase ";
+ ss << secRuleDefinedPhase;
+ ss << " was informed already.";
+ driver.error(yystack_[2].location, ss.str());
+ YYERROR;
+ }
+
+ for (actions::Action *a : checkedActions) {
+ driver.m_defaultActions[definedPhase].push_back(a);
+ }
+
+ delete actions;
+ }
+#line 1884 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 75:
+#line 946 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.addSecMarker(modsecurity::utils::string::removeBracketsIfNeeded(yystack_[0].value.as< std::string > ()));
+ }
+#line 1892 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 76:
+#line 950 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secRuleEngine = modsecurity::Rules::DisabledRuleEngine;
+ }
+#line 1900 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 77:
+#line 954 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secRuleEngine = modsecurity::Rules::EnabledRuleEngine;
+ }
+#line 1908 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 78:
+#line 958 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secRuleEngine = modsecurity::Rules::DetectionOnlyRuleEngine;
+ }
+#line 1916 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 79:
+#line 962 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secRequestBodyAccess = modsecurity::RulesProperties::TrueConfigBoolean;
+ }
+#line 1924 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 80:
+#line 966 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secRequestBodyAccess = modsecurity::RulesProperties::FalseConfigBoolean;
+ }
+#line 1932 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 81:
+#line 970 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secResponseBodyAccess = modsecurity::RulesProperties::TrueConfigBoolean;
+ }
+#line 1940 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 82:
+#line 974 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secResponseBodyAccess = modsecurity::RulesProperties::FalseConfigBoolean;
+ }
+#line 1948 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 83:
+#line 978 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_components.push_back(yystack_[0].value.as< std::string > ());
+ }
+#line 1956 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 84:
+#line 982 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string error;
+ if (driver.m_exceptions.load(yystack_[0].value.as< std::string > (), &error) == false) {
+ std::stringstream ss;
+ ss << "SecRuleRemoveById: failed to load:";
+ ss << yystack_[0].value.as< std::string > ();
+ ss << ". ";
+ ss << error;
+ driver.error(yystack_[1].location, ss.str());
+ YYERROR;
+ }
+ }
+#line 1973 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 85:
+#line 996 "seclang-parser.yy" // lalr1.cc:859
+ {
+ if (driver.m_debugLog != NULL) {
+ driver.m_debugLog->setDebugLogLevel(atoi(yystack_[0].value.as< std::string > ().c_str()));
+ } else {
+ std::stringstream ss;
+ ss << "Internal error, there is no DebugLog ";
+ ss << "object associated with the driver class";
+ driver.error(yystack_[1].location, ss.str());
+ YYERROR;
+ }
+ }
+#line 1989 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 86:
+#line 1008 "seclang-parser.yy" // lalr1.cc:859
+ {
+ if (driver.m_debugLog != NULL) {
+ std::string error;
+ driver.m_debugLog->setDebugLogFile(yystack_[0].value.as< std::string > (), &error);
+ if (error.size() > 0) {
+ std::stringstream ss;
+ ss << "Failed to start DebugLog: " << error;
+ driver.error(yystack_[1].location, ss.str());
+ YYERROR;
+ }
+ } else {
+ std::stringstream ss;
+ ss << "Internal error, there is no DebugLog ";
+ ss << "object associated with the driver class";
+ driver.error(yystack_[1].location, ss.str());
+ YYERROR;
+ }
+ }
+#line 2012 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 87:
+#line 1028 "seclang-parser.yy" // lalr1.cc:859
+ {
+#ifdef WITH_GEOIP
+ std::string file = modsecurity::utils::find_resource(yystack_[0].value.as< std::string > (),
+ driver.ref.back());
+ if (GeoLookup::getInstance().setDataBase(file) == false) {
+ std::stringstream ss;
+ ss << "Failed to load the GeoDB from: ";
+ ss << file;
+ driver.error(yystack_[1].location, ss.str());
+ YYERROR;
+ }
+#else
+ std::stringstream ss;
+ ss << "This version of ModSecurity was not compiled with GeoIP support.";
+ driver.error(yystack_[1].location, ss.str());
+ YYERROR;
+#endif // WITH_GEOIP
+ }
+#line 2035 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 88:
+#line 1048 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_requestBodyLimit.m_set = true;
+ driver.m_requestBodyLimit.m_value = atoi(yystack_[0].value.as< std::string > ().c_str());
+ }
+#line 2044 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 89:
+#line 1053 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_requestBodyNoFilesLimit.m_set = true;
+ driver.m_requestBodyNoFilesLimit.m_value = atoi(yystack_[0].value.as< std::string > ().c_str());
+ }
+#line 2053 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 90:
+#line 1058 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_requestBodyInMemoryLimit.m_set = true;
+ driver.m_requestBodyInMemoryLimit.m_value = atoi(yystack_[0].value.as< std::string > ().c_str());
+ }
+#line 2062 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 91:
+#line 1063 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_responseBodyLimit.m_set = true;
+ driver.m_responseBodyLimit.m_value = atoi(yystack_[0].value.as< std::string > ().c_str());
+ }
+#line 2071 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 92:
+#line 1068 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_requestBodyLimitAction = modsecurity::Rules::BodyLimitAction::ProcessPartialBodyLimitAction;
+ }
+#line 2079 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 93:
+#line 1072 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_requestBodyLimitAction = modsecurity::Rules::BodyLimitAction::RejectBodyLimitAction;
+ }
+#line 2087 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 94:
+#line 1076 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_responseBodyLimitAction = modsecurity::Rules::BodyLimitAction::ProcessPartialBodyLimitAction;
+ }
+#line 2095 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 95:
+#line 1080 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_responseBodyLimitAction = modsecurity::Rules::BodyLimitAction::RejectBodyLimitAction;
+ }
+#line 2103 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 96:
+#line 1084 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_remoteRulesActionOnFailed = Rules::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction;
+ }
+#line 2111 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 97:
+#line 1088 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_remoteRulesActionOnFailed = Rules::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction;
+ }
+#line 2119 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 100:
+#line 1094 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::istringstream buf(yystack_[0].value.as< std::string > ());
+ std::istream_iterator beg(buf), end;
+ std::set tokens(beg, end);
+ for (std::set::iterator it=tokens.begin();
+ it!=tokens.end(); ++it)
+ {
+ driver.m_responseBodyTypeToBeInspected.insert(*it);
+ }
+ }
+#line 2134 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 101:
+#line 1105 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secXMLExternalEntity = modsecurity::RulesProperties::FalseConfigBoolean;
+ }
+#line 2142 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 102:
+#line 1109 "seclang-parser.yy" // lalr1.cc:859
+ {
+ driver.m_secXMLExternalEntity = modsecurity::RulesProperties::TrueConfigBoolean;
+ }
+#line 2150 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 109:
+#line 1119 "seclang-parser.yy" // lalr1.cc:859
+ {
+ }
+#line 2157 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 110:
+#line 1125 "seclang-parser.yy" // lalr1.cc:859
+ {
+ yystack_[2].value.as< std::unique_ptr > > > ()->push_back(std::move(yystack_[0].value.as< std::unique_ptr > ()));
+ yylhs.value.as< std::unique_ptr > > > () = std::move(yystack_[2].value.as< std::unique_ptr > > > ());
+ }
+#line 2166 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 111:
+#line 1130 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::unique_ptr>> b(new std::vector>());
+ b->push_back(std::move(yystack_[0].value.as< std::unique_ptr > ()));
+ yylhs.value.as< std::unique_ptr > > > () = std::move(b);
+ }
+#line 2176 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 112:
+#line 1139 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new Variable(name, Variable::VariableKind::DirectVariable));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2197 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 113:
+#line 1156 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new Variable(name, Variable::VariableKind::DirectVariable));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2218 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 114:
+#line 1173 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new Variable(name, Variable::VariableKind::CollectionVarible)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new Variable(name, Variable::VariableKind::CollectionVarible)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new Variable(name, Variable::VariableKind::CollectionVarible));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2239 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 115:
+#line 1190 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new Tx(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new Tx(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new Tx(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2260 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 116:
+#line 1207 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new Duration(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new Duration(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new Duration(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2281 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 117:
+#line 1224 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new Env(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new Env(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new Env(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2302 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 118:
+#line 1241 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new ModsecBuild(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new ModsecBuild(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new ModsecBuild(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2323 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 119:
+#line 1258 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new HighestSeverity(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new HighestSeverity(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new HighestSeverity(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2344 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 120:
+#line 1275 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new RemoteUser(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new RemoteUser(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new RemoteUser(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2365 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 121:
+#line 1292 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new Time(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new Time(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new Time(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2386 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 122:
+#line 1309 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new TimeDay(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new TimeDay(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new TimeDay(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2407 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 123:
+#line 1326 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new TimeEpoch(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new TimeEpoch(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new TimeEpoch(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2428 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 124:
+#line 1343 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new TimeHour(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new TimeHour(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new TimeHour(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2449 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 125:
+#line 1360 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new TimeMin(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new TimeMin(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new TimeMin(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2470 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 126:
+#line 1377 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new TimeMon(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new TimeMon(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new TimeMon(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2491 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 127:
+#line 1394 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new TimeSec(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new TimeSec(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new TimeSec(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2512 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 128:
+#line 1411 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new TimeWDay(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new TimeWDay(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new TimeWDay(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2533 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 129:
+#line 1428 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new TimeYear(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new TimeYear(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new TimeYear(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2554 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 130:
+#line 1445 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new XML(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new XML(name)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new XML(name));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2575 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 131:
+#line 1462 "seclang-parser.yy" // lalr1.cc:859
+ {
+ std::string name(yystack_[0].value.as< std::string > ());
+ char z = name.at(0);
+ if (z == '&') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else if (z == '!') {
+ name.erase(0, 1);
+ std::unique_ptr c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ } else {
+ std::unique_ptr c(new Variable(name, Variable::VariableKind::DirectVariable));
+ yylhs.value.as< std::unique_ptr > () = std::move(c);
+ }
+ }
+#line 2596 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 132:
+#line 1482 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Accuracy(yystack_[0].value.as< std::string > ()));
+ }
+#line 2604 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 133:
+#line 1486 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::disruptive::Allow(yystack_[0].value.as< std::string > ()));
+ }
+#line 2612 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 134:
+#line 1490 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_NOT_SUPPORTED("Append", yystack_[1].location);
+ }
+#line 2620 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 135:
+#line 1494 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::AuditLog(yystack_[0].value.as< std::string > ()));
+ }
+#line 2628 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 136:
+#line 1498 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::disruptive::Block(yystack_[0].value.as< std::string > ()));
+ }
+#line 2636 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 137:
+#line 1502 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Capture(yystack_[0].value.as< std::string > ()));
+ }
+#line 2644 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 138:
+#line 1506 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Chain(yystack_[0].value.as< std::string > ()));
+ }
+#line 2652 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 139:
+#line 1510 "seclang-parser.yy" // lalr1.cc:859
+ {
+ //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+ }
+#line 2661 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 140:
+#line 1515 "seclang-parser.yy" // lalr1.cc:859
+ {
+ //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+ }
+#line 2670 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 141:
+#line 1520 "seclang-parser.yy" // lalr1.cc:859
+ {
+ //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+ }
+#line 2679 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 142:
+#line 1525 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::ctl::AuditLogParts(yystack_[0].value.as< std::string > ()));
+ }
+#line 2687 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 143:
+#line 1529 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::ctl::RequestBodyProcessorJSON(yystack_[0].value.as< std::string > ()));
+ }
+#line 2695 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 144:
+#line 1533 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::ctl::RequestBodyProcessorXML(yystack_[0].value.as< std::string > ()));
+ }
+#line 2703 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 145:
+#line 1537 "seclang-parser.yy" // lalr1.cc:859
+ {
+ //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+ }
+#line 2712 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 146:
+#line 1542 "seclang-parser.yy" // lalr1.cc:859
+ {
+ //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+ }
+#line 2721 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 147:
+#line 1547 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as< std::string > () + "true"));
+ }
+#line 2729 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 148:
+#line 1551 "seclang-parser.yy" // lalr1.cc:859
+ {
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as< std::string > () + "false"));
+ }
+#line 2737 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 149:
+#line 1555 "seclang-parser.yy" // lalr1.cc:859
+ {
+ //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+ }
+#line 2746 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 150:
+#line 1560 "seclang-parser.yy" // lalr1.cc:859
+ {
+ //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+ }
+#line 2755 "seclang-parser.cc" // lalr1.cc:859
+ break;
+
+ case 151:
+#line 1565 "seclang-parser.yy" // lalr1.cc:859
+ {
+ //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
+ ACTION_CONTAINER(yylhs.value.as< std::unique_ptr