mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-13 21:36:00 +03:00
Warming up to the remote collections support
Huge refactoring to have the code in shape to later support the remote collections with different backends.
This commit is contained in:
Felipe Zimmerle
parent
ff165a4035
commit
5643d2fa28
@ -93,7 +93,7 @@ typedef struct ModSecurity_t modsecurity;
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "modsecurity/debug_log.h"
|
||||
#include "modsecurity/rules.h"
|
||||
#include "modsecurity/transaction/global_variables.h"
|
||||
#include "modsecurity/collection/global_collection.h"
|
||||
|
||||
/**
|
||||
* TAG_NUM:
|
||||
@ -223,8 +223,8 @@ class ModSecurity {
|
||||
NUMBER_OF_PHASES,
|
||||
};
|
||||
|
||||
transaction::GlobalVariables m_global_collection;
|
||||
transaction::GlobalVariables m_ip_collection;
|
||||
collection::GlobalCollection m_global_collection;
|
||||
collection::GlobalCollection m_ip_collection;
|
||||
private:
|
||||
std::string m_connector;
|
||||
LogCb m_logCb;
|
||||
|
||||
@ -40,9 +40,9 @@ typedef struct Rules_t Rules;
|
||||
#endif
|
||||
|
||||
#include "modsecurity/intervention.h"
|
||||
#include "modsecurity/transaction/collections.h"
|
||||
#include "modsecurity/transaction/variable.h"
|
||||
#include "modsecurity/transaction/variables.h"
|
||||
#include "modsecurity/collection/collections.h"
|
||||
#include "modsecurity/collection/variable.h"
|
||||
#include "modsecurity/collection/collection.h"
|
||||
|
||||
#define LOGFY_ADD(a, b) \
|
||||
yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \
|
||||
@ -70,7 +70,6 @@ namespace modsecurity {
|
||||
class ModSecurity;
|
||||
class Transaction;
|
||||
class Rules;
|
||||
class Collections;
|
||||
class RuleMessage;
|
||||
namespace actions {
|
||||
class Action;
|
||||
@ -316,7 +315,7 @@ class Transaction {
|
||||
/**
|
||||
* Holds all the collections related to that transaction.
|
||||
*/
|
||||
transaction::Collections m_collections;
|
||||
collection::Collections m_collections;
|
||||
|
||||
/**
|
||||
* Holds the whatever matched in the operation utilization.
|
||||
|
||||
@ -1,57 +0,0 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#ifndef HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_
|
||||
#define HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_
|
||||
|
||||
|
||||
#ifndef __cplusplus
|
||||
typedef struct Collection_t Collection;
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
#include <string>
|
||||
|
||||
namespace modsecurity {
|
||||
|
||||
class Collection : public transaction::Variables {
|
||||
public:
|
||||
Collection(std::string name, std::string key)
|
||||
: m_name(name),
|
||||
m_persisted(false),
|
||||
m_timeout(0),
|
||||
m_updateCounter(0),
|
||||
m_updateRate(0),
|
||||
m_key(key) { }
|
||||
|
||||
std::string m_name;
|
||||
clock_t m_createTime;
|
||||
bool m_persisted; /* IS_NEW from the old documentation */
|
||||
std::string m_key;
|
||||
clock_t m_lastUpdateTime;
|
||||
double m_timeout;
|
||||
double m_updateCounter;
|
||||
double m_updateRate;
|
||||
};
|
||||
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_
|
||||
|
||||
|
||||
@ -1,103 +0,0 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
#include <ctime>
|
||||
#include <iostream>
|
||||
#include <unordered_map>
|
||||
#include <fstream>
|
||||
#include <vector>
|
||||
#include <iomanip>
|
||||
#include <set>
|
||||
#include <cstdio>
|
||||
#include <string>
|
||||
#include <list>
|
||||
#endif
|
||||
|
||||
#include "modsecurity/transaction/global_variables.h"
|
||||
#include "modsecurity/transaction/variables.h"
|
||||
#include "modsecurity/transaction/variable.h"
|
||||
#include "modsecurity/transaction/collection.h"
|
||||
|
||||
#ifndef HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_
|
||||
#define HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_
|
||||
|
||||
#ifndef __cplusplus
|
||||
typedef struct Variable_t Variable;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
namespace modsecurity {
|
||||
namespace transaction {
|
||||
|
||||
class Collections :
|
||||
public std::unordered_map<std::string, Collection *> {
|
||||
public:
|
||||
Collections(GlobalVariables *global, GlobalVariables *ip);
|
||||
~Collections();
|
||||
|
||||
void init(const std::string& name, const std::string& key);
|
||||
void store(std::string key, std::string value);
|
||||
void storeOrUpdateFirst(const std::string& collectionName,
|
||||
const std::string& variableName,
|
||||
const std::string& targetValue);
|
||||
bool storeOrUpdateFirst(const std::string &key, const std::string &value);
|
||||
bool updateFirst(const std::string &key, const std::string &value);
|
||||
void del(const std::string& key);
|
||||
std::string* resolveFirst(const std::string& var);
|
||||
std::string* resolveFirst(const std::string& collectionName,
|
||||
const std::string& var);
|
||||
|
||||
void resolveSingleMatch(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
void resolveSingleMatch(const std::string& var,
|
||||
const std::string& collection,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
void resolveMultiMatches(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
void resolveMultiMatches(const std::string& var,
|
||||
const std::string& collection,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
void resolveRegularExpression(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
void resolveRegularExpression(const std::string& var,
|
||||
const std::string& collection,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
|
||||
/**
|
||||
* This is a special collection to host the transaction variables.
|
||||
*
|
||||
* It exists independent of initialization and it is only valid during a transaction.
|
||||
*
|
||||
* Notice that it is not the TX collection.
|
||||
*/
|
||||
transaction::Variables m_transient;
|
||||
|
||||
std::string m_global_collection_key;
|
||||
std::string m_ip_collection_key;
|
||||
|
||||
transaction::GlobalVariables *m_global_collection;
|
||||
transaction::GlobalVariables *m_ip_collection;
|
||||
};
|
||||
|
||||
} // namespace transaction
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_
|
||||
|
||||
|
||||
@ -1,119 +0,0 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
#include <string>
|
||||
#include <iostream>
|
||||
#include <unordered_map>
|
||||
#include <list>
|
||||
#include <vector>
|
||||
#include <algorithm>
|
||||
#endif
|
||||
|
||||
|
||||
#include "modsecurity/transaction/variable.h"
|
||||
|
||||
#ifndef HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_
|
||||
#define HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_
|
||||
|
||||
#ifndef __cplusplus
|
||||
typedef struct Variable_t Variables;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
namespace modsecurity {
|
||||
namespace transaction {
|
||||
|
||||
|
||||
class CollectionKey {
|
||||
public:
|
||||
CollectionKey()
|
||||
: m_compartiment(""),
|
||||
m_name("") { };
|
||||
CollectionKey(std::string name)
|
||||
: m_compartiment(""),
|
||||
m_name(name) { };
|
||||
CollectionKey(std::string name, std::string compartiment)
|
||||
: m_compartiment(compartiment),
|
||||
m_name(name) { };
|
||||
|
||||
std::string m_name;
|
||||
std::string m_compartiment;
|
||||
};
|
||||
|
||||
|
||||
class collection_hash
|
||||
{
|
||||
public:
|
||||
size_t operator()(const CollectionKey *v) const
|
||||
{
|
||||
size_t h = 0;
|
||||
std::for_each(v->m_name.begin(), v->m_name.end(), [&](char c) {
|
||||
h += tolower(c);
|
||||
});
|
||||
std::for_each(v->m_compartiment.begin(), v->m_compartiment.end(), [&](char c) {
|
||||
h += tolower(c);
|
||||
});
|
||||
|
||||
return h;
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
class collection_equal
|
||||
{
|
||||
public:
|
||||
bool operator()(const CollectionKey *u, const CollectionKey *v) const
|
||||
{
|
||||
return u->m_name == v->m_name && u->m_compartiment == v->m_compartiment;
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
class GlobalVariables :
|
||||
public std::unordered_multimap<CollectionKey *, std::string,
|
||||
collection_hash, collection_equal> {
|
||||
public:
|
||||
GlobalVariables();
|
||||
~GlobalVariables();
|
||||
void store(std::string key, std::string compartment, std::string value);
|
||||
|
||||
bool storeOrUpdateFirst(const std::string &key, std::string compartment,
|
||||
const std::string &value);
|
||||
|
||||
bool updateFirst(const std::string &key, std::string compartment,
|
||||
const std::string &value);
|
||||
|
||||
void del(const std::string& key, std::string compartment);
|
||||
|
||||
std::string* resolveFirst(const std::string& var, std::string compartment);
|
||||
void resolveSingleMatch(const std::string& var, std::string compartment,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
void resolveMultiMatches(const std::string& var, std::string compartment,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
|
||||
void resolveRegularExpression(const std::string& var, std::string compartment,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
|
||||
|
||||
};
|
||||
|
||||
} // namespace transaction
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_
|
||||
@ -1,47 +0,0 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
#include <string>
|
||||
#endif
|
||||
|
||||
|
||||
#ifndef HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_
|
||||
#define HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_
|
||||
|
||||
|
||||
#ifndef __cplusplus
|
||||
typedef struct Variable_t Variable;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
namespace modsecurity {
|
||||
namespace transaction {
|
||||
|
||||
class Variable {
|
||||
public:
|
||||
Variable(const std::string& key, const std::string& value) :
|
||||
m_key(key),
|
||||
m_value(value) { }
|
||||
std::string m_key;
|
||||
std::string m_value;
|
||||
};
|
||||
|
||||
} // namespace transaction
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
#endif // HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_
|
||||
@ -1,101 +0,0 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
#include <string>
|
||||
#include <iostream>
|
||||
#include <unordered_map>
|
||||
#include <list>
|
||||
#include <vector>
|
||||
#include <algorithm>
|
||||
#endif
|
||||
|
||||
|
||||
#include "modsecurity/transaction/variable.h"
|
||||
|
||||
#ifndef HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_
|
||||
#define HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_
|
||||
|
||||
#ifndef __cplusplus
|
||||
typedef struct Variable_t Variables;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
namespace modsecurity {
|
||||
namespace transaction {
|
||||
|
||||
|
||||
/*
|
||||
* FIXME:
|
||||
*
|
||||
* This was an example grabbed from:
|
||||
* http://stackoverflow.com/questions/8627698/case-insensitive-stl-containers-e-g-stdunordered-set
|
||||
*
|
||||
* We have to have a better hash function, maybe based on the std::hash.
|
||||
*
|
||||
*/
|
||||
struct MyEqual {
|
||||
bool operator()(const std::string& Left, const std::string& Right) const {
|
||||
return Left.size() == Right.size()
|
||||
&& std::equal(Left.begin(), Left.end(), Right.begin(),
|
||||
[](char a, char b) {
|
||||
return tolower(a) == tolower(b);
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
struct MyHash{
|
||||
size_t operator()(const std::string& Keyval) const {
|
||||
// You might need a better hash function than this
|
||||
size_t h = 0;
|
||||
std::for_each(Keyval.begin(), Keyval.end(), [&](char c) {
|
||||
h += tolower(c);
|
||||
});
|
||||
return h;
|
||||
}
|
||||
};
|
||||
|
||||
class Variables :
|
||||
public std::unordered_multimap<std::string, std::string,
|
||||
/*std::hash<std::string>*/MyHash, MyEqual> {
|
||||
public:
|
||||
Variables();
|
||||
~Variables();
|
||||
void store(std::string key, std::string value);
|
||||
|
||||
bool storeOrUpdateFirst(const std::string &key,
|
||||
const std::string &value);
|
||||
|
||||
bool updateFirst(const std::string &key, const std::string &value);
|
||||
|
||||
void del(const std::string& key);
|
||||
|
||||
std::string* resolveFirst(const std::string& var);
|
||||
|
||||
void resolveSingleMatch(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
void resolveMultiMatches(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
void resolveRegularExpression(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
};
|
||||
|
||||
} // namespace transaction
|
||||
} // namespace modsecurity
|
||||
#endif
|
||||
|
||||
|
||||
#endif // HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_
|
||||
@ -32,11 +32,10 @@ pkginclude_HEADERS = \
|
||||
|
||||
|
||||
libmodsecurity_includesub_HEADERS = \
|
||||
../headers/modsecurity/transaction/collection.h \
|
||||
../headers/modsecurity/transaction/collections.h \
|
||||
../headers/modsecurity/transaction/variable.h \
|
||||
../headers/modsecurity/transaction/variables.h
|
||||
../headers/modsecurity/transaction/global_variables.h
|
||||
../headers/modsecurity/collection/collection.h \
|
||||
../headers/modsecurity/collection/collections.h \
|
||||
../headers/modsecurity/collection/global_collection.h \
|
||||
../headers/modsecurity/collection/variable.h
|
||||
|
||||
|
||||
|
||||
@ -176,6 +175,9 @@ UTILS = \
|
||||
|
||||
|
||||
libmodsecurity_la_SOURCES = \
|
||||
collection/collection.cc \
|
||||
collection/collections.cc \
|
||||
collection/global_collections.cc \
|
||||
parser/seclang-parser.yy \
|
||||
parser/seclang-scanner.ll \
|
||||
parser/driver.cc \
|
||||
@ -188,9 +190,6 @@ libmodsecurity_la_SOURCES = \
|
||||
modsecurity.cc \
|
||||
rules.cc \
|
||||
utils.cc \
|
||||
collections.cc \
|
||||
variables.cc \
|
||||
global_variables.cc \
|
||||
debug_log.cc \
|
||||
debug_log_writer.cc \
|
||||
debug_log_writer_agent.cc \
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
*/
|
||||
|
||||
|
||||
#include "modsecurity/transaction/variables.h"
|
||||
#include "modsecurity/collection/collection.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
#include <string>
|
||||
@ -23,27 +23,27 @@
|
||||
#include <list>
|
||||
#endif
|
||||
|
||||
#include "modsecurity/transaction/variable.h"
|
||||
#include "modsecurity/collection/variable.h"
|
||||
#include "src/utils.h"
|
||||
|
||||
namespace modsecurity {
|
||||
namespace transaction {
|
||||
namespace collection {
|
||||
|
||||
|
||||
Variables::Variables() {
|
||||
Collection::Collection() {
|
||||
this->reserve(1000);
|
||||
}
|
||||
|
||||
Variables::~Variables() {
|
||||
Collection::~Collection() {
|
||||
this->clear();
|
||||
}
|
||||
|
||||
void Variables::store(std::string key, std::string value) {
|
||||
void Collection::store(std::string key, std::string value) {
|
||||
this->emplace(key, value);
|
||||
}
|
||||
|
||||
|
||||
bool Variables::storeOrUpdateFirst(const std::string &key,
|
||||
bool Collection::storeOrUpdateFirst(const std::string &key,
|
||||
const std::string &value) {
|
||||
if (updateFirst(key, value) == false) {
|
||||
store(key, value);
|
||||
@ -52,7 +52,7 @@ bool Variables::storeOrUpdateFirst(const std::string &key,
|
||||
}
|
||||
|
||||
|
||||
bool Variables::updateFirst(const std::string &key, const std::string &value) {
|
||||
bool Collection::updateFirst(const std::string &key, const std::string &value) {
|
||||
auto range = this->equal_range(key);
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
@ -63,30 +63,30 @@ bool Variables::updateFirst(const std::string &key, const std::string &value) {
|
||||
}
|
||||
|
||||
|
||||
void Variables::del(const std::string& key) {
|
||||
void Collection::del(const std::string& key) {
|
||||
this->erase(key);
|
||||
}
|
||||
|
||||
|
||||
void Variables::resolveSingleMatch(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
void Collection::resolveSingleMatch(const std::string& var,
|
||||
std::vector<const Variable *> *l) {
|
||||
auto range = this->equal_range(var);
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
l->push_back(new transaction::Variable(var, it->second));
|
||||
l->push_back(new Variable(var, it->second));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void Variables::resolveMultiMatches(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
void Collection::resolveMultiMatches(const std::string& var,
|
||||
std::vector<const Variable *> *l) {
|
||||
size_t keySize = var.size();
|
||||
l->reserve(15);
|
||||
|
||||
auto range = this->equal_range(var);
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
l->insert(l->begin(), new transaction::Variable(var, it->second));
|
||||
l->insert(l->begin(), new Variable(var, it->second));
|
||||
}
|
||||
|
||||
for (const auto& x : *this) {
|
||||
@ -99,18 +99,18 @@ void Variables::resolveMultiMatches(const std::string& var,
|
||||
if (x.first.compare(0, keySize, var) != 0) {
|
||||
continue;
|
||||
}
|
||||
l->insert(l->begin(), new transaction::Variable(x.first, x.second));
|
||||
l->insert(l->begin(), new Variable(x.first, x.second));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void Variables::resolveRegularExpression(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
void Collection::resolveRegularExpression(const std::string& var,
|
||||
std::vector<const Variable *> *l) {
|
||||
/* Not ready */
|
||||
}
|
||||
|
||||
|
||||
std::string* Variables::resolveFirst(const std::string& var) {
|
||||
std::string* Collection::resolveFirst(const std::string& var) {
|
||||
auto range = equal_range(var);
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
@ -121,5 +121,5 @@ std::string* Variables::resolveFirst(const std::string& var) {
|
||||
}
|
||||
|
||||
|
||||
} // namespace transaction
|
||||
} // namespace collection
|
||||
} // namespace modsecurity
|
||||
@ -14,7 +14,7 @@
|
||||
*/
|
||||
|
||||
|
||||
#include "modsecurity/transaction/collections.h"
|
||||
#include "modsecurity/collection/collections.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
#include <string>
|
||||
@ -24,21 +24,22 @@
|
||||
#include <vector>
|
||||
#endif
|
||||
|
||||
#include "modsecurity/transaction/variable.h"
|
||||
#include "modsecurity/collection/variable.h"
|
||||
#include "modsecurity/collection/collection.h"
|
||||
#include "src/utils.h"
|
||||
|
||||
namespace modsecurity {
|
||||
namespace transaction {
|
||||
namespace collection {
|
||||
|
||||
|
||||
Collections::Collections(transaction::GlobalVariables *global,
|
||||
transaction::GlobalVariables *ip)
|
||||
Collections::Collections(GlobalCollection *global,
|
||||
GlobalCollection *ip)
|
||||
: m_global_collection_key(""),
|
||||
m_ip_collection_key(""),
|
||||
m_global_collection(global),
|
||||
m_ip_collection(ip) {
|
||||
/* Create collection TX */
|
||||
this->emplace("TX", new Collection("TX", ""));
|
||||
this->emplace("TX", new Collection());
|
||||
}
|
||||
|
||||
|
||||
@ -49,12 +50,6 @@ Collections::~Collections() {
|
||||
this->clear();
|
||||
}
|
||||
|
||||
|
||||
void Collections::init(const std::string& name, const std::string& key) {
|
||||
this->emplace(name, new Collection(name, key));
|
||||
}
|
||||
|
||||
|
||||
void Collections::storeOrUpdateFirst(const std::string& collectionName,
|
||||
const std::string& variableName,
|
||||
const std::string& targetValue) {
|
||||
@ -73,7 +68,7 @@ void Collections::storeOrUpdateFirst(const std::string& collectionName,
|
||||
}
|
||||
|
||||
try {
|
||||
transaction::Variables *collection;
|
||||
Collection *collection;
|
||||
collection = this->at(collectionName);
|
||||
collection->storeOrUpdateFirst(collectionName + ":"
|
||||
+ variableName, targetValue);
|
||||
@ -128,7 +123,6 @@ std::string* Collections::resolveFirst(const std::string& var) {
|
||||
|
||||
std::string* Collections::resolveFirst(const std::string& collectionName,
|
||||
const std::string& var) {
|
||||
|
||||
if (tolower(collectionName) == "ip"
|
||||
&& !m_ip_collection_key.empty()) {
|
||||
return m_ip_collection->resolveFirst(toupper(collectionName)
|
||||
@ -143,7 +137,7 @@ std::string* Collections::resolveFirst(const std::string& collectionName,
|
||||
|
||||
for (auto &a : *this) {
|
||||
if (tolower(a.first) == tolower(collectionName)) {
|
||||
transaction::Variables *t = a.second;
|
||||
Collection *t = a.second;
|
||||
auto range = t->equal_range(toupper(collectionName)
|
||||
+ ":" + var);
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
@ -157,7 +151,7 @@ std::string* Collections::resolveFirst(const std::string& collectionName,
|
||||
|
||||
|
||||
void Collections::resolveSingleMatch(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const Variable *> *l) {
|
||||
|
||||
m_transient.resolveSingleMatch(var, l);
|
||||
}
|
||||
@ -165,7 +159,7 @@ void Collections::resolveSingleMatch(const std::string& var,
|
||||
|
||||
void Collections::resolveSingleMatch(const std::string& var,
|
||||
const std::string& collection,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const Variable *> *l) {
|
||||
|
||||
if (tolower(collection) == "ip"
|
||||
&& !m_ip_collection_key.empty()) {
|
||||
@ -175,7 +169,8 @@ void Collections::resolveSingleMatch(const std::string& var,
|
||||
|
||||
if (tolower(collection) == "global"
|
||||
&& !m_global_collection_key.empty()) {
|
||||
m_global_collection->resolveSingleMatch(var, m_global_collection_key, l);
|
||||
m_global_collection->resolveSingleMatch(var,
|
||||
m_global_collection_key, l);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -185,7 +180,7 @@ void Collections::resolveSingleMatch(const std::string& var,
|
||||
}
|
||||
|
||||
void Collections::resolveMultiMatches(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const Variable *> *l) {
|
||||
|
||||
m_transient.resolveMultiMatches(var, l);
|
||||
}
|
||||
@ -193,7 +188,7 @@ void Collections::resolveMultiMatches(const std::string& var,
|
||||
|
||||
void Collections::resolveMultiMatches(const std::string& var,
|
||||
const std::string& collection,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const Variable *> *l) {
|
||||
if (tolower(collection) == "ip"
|
||||
&& !m_ip_collection_key.empty()) {
|
||||
m_ip_collection->resolveMultiMatches(var, m_ip_collection_key, l);
|
||||
@ -202,7 +197,8 @@ void Collections::resolveMultiMatches(const std::string& var,
|
||||
|
||||
if (tolower(collection) == "global"
|
||||
&& !m_global_collection_key.empty()) {
|
||||
m_global_collection->resolveMultiMatches(var, m_global_collection_key, l);
|
||||
m_global_collection->resolveMultiMatches(var,
|
||||
m_global_collection_key, l);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -212,14 +208,14 @@ void Collections::resolveMultiMatches(const std::string& var,
|
||||
}
|
||||
|
||||
void Collections::resolveRegularExpression(const std::string& var,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const Variable *> *l) {
|
||||
m_transient.resolveRegularExpression(var, l);
|
||||
}
|
||||
|
||||
|
||||
void Collections::resolveRegularExpression(const std::string& var,
|
||||
const std::string& collection,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const Variable *> *l) {
|
||||
if (tolower(collection) == "ip"
|
||||
&& !m_ip_collection_key.empty()) {
|
||||
m_ip_collection->resolveRegularExpression(toupper(collection)
|
||||
@ -239,5 +235,5 @@ void Collections::resolveRegularExpression(const std::string& var,
|
||||
} catch (...) { }
|
||||
}
|
||||
|
||||
} // namespace transaction
|
||||
} // namespace collection
|
||||
} // namespace modsecurity
|
||||
@ -1,126 +0,0 @@
|
||||
/*
|
||||
* ModSecurity, http://www.modsecurity.org/
|
||||
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
||||
*
|
||||
* You may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* If any of the files related to licensing are missing or if you have any
|
||||
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
||||
* directly using the email address security@modsecurity.org.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include "modsecurity/transaction/global_variables.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
#include <string>
|
||||
#include <iostream>
|
||||
#include <unordered_map>
|
||||
#include <list>
|
||||
#endif
|
||||
|
||||
#include "modsecurity/transaction/variable.h"
|
||||
#include "src/utils.h"
|
||||
|
||||
namespace modsecurity {
|
||||
namespace transaction {
|
||||
|
||||
|
||||
GlobalVariables::GlobalVariables() {
|
||||
this->reserve(1000);
|
||||
}
|
||||
|
||||
GlobalVariables::~GlobalVariables() {
|
||||
this->clear();
|
||||
}
|
||||
|
||||
void GlobalVariables::store(std::string key, std::string compartment, std::string value) {
|
||||
this->emplace(new CollectionKey(key, compartment), value);
|
||||
}
|
||||
|
||||
|
||||
bool GlobalVariables::storeOrUpdateFirst(const std::string &key,
|
||||
std::string compartment, const std::string &value) {
|
||||
if (updateFirst(key, compartment, value) == false) {
|
||||
store(key, compartment, value);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
bool GlobalVariables::updateFirst(const std::string &key, std::string compartment, const std::string &value) {
|
||||
auto range = this->equal_range(new CollectionKey(key, compartment));
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
it->second = value;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
void GlobalVariables::del(const std::string& key, std::string compartment) {
|
||||
this->erase(new CollectionKey(key, compartment));
|
||||
}
|
||||
|
||||
|
||||
|
||||
void GlobalVariables::resolveSingleMatch(const std::string& var,
|
||||
std::string compartment, std::vector<const transaction::Variable *> *l) {
|
||||
auto range = this->equal_range(new CollectionKey(var, compartment));
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
l->push_back(new transaction::Variable(var, it->second));
|
||||
}
|
||||
}
|
||||
|
||||
void GlobalVariables::resolveMultiMatches(const std::string& var,
|
||||
std::string compartment, std::vector<const transaction::Variable *> *l) {
|
||||
size_t keySize = var.size();
|
||||
l->reserve(15);
|
||||
|
||||
auto range = this->equal_range(new CollectionKey(var, compartment));
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
l->insert(l->begin(), new transaction::Variable(var, it->second));
|
||||
}
|
||||
|
||||
for (const auto& x : *this) {
|
||||
if (x.first->m_name.size() <= keySize + 1) {
|
||||
continue;
|
||||
}
|
||||
if (x.first->m_name.at(keySize) != ':') {
|
||||
continue;
|
||||
}
|
||||
if (x.first->m_name.compare(0, keySize, var) != 0) {
|
||||
continue;
|
||||
}
|
||||
l->insert(l->begin(), new transaction::Variable(x.first->m_name, x.second));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void GlobalVariables::resolveRegularExpression(const std::string& var,
|
||||
std::string compartment, std::vector<const transaction::Variable *> *l) {
|
||||
/* Not ready */
|
||||
}
|
||||
|
||||
|
||||
std::string* GlobalVariables::resolveFirst(const std::string& var,
|
||||
std::string compartment) {
|
||||
auto range = equal_range(new CollectionKey(var, compartment));
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
return &it->second;
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
} // namespace transaction
|
||||
} // namespace modsecurity
|
||||
@ -20,6 +20,7 @@
|
||||
#include <string>
|
||||
|
||||
#include "request_body_processor/multipart_blob.h"
|
||||
#include "modsecurity/collection/collections.h"
|
||||
|
||||
namespace modsecurity {
|
||||
namespace RequestBodyProcessor {
|
||||
@ -200,12 +201,14 @@ void Multipart::checkForCrlfLf(const std::string &data) {
|
||||
}
|
||||
|
||||
bool Multipart::process(std::string data) {
|
||||
collection::Collections *col;
|
||||
std::list<std::string> blobs;
|
||||
size_t start = data.find(m_boundary);
|
||||
size_t endl = 1;
|
||||
size_t lastValidBoundary = 0;
|
||||
size_t firstValidBoundary = start;
|
||||
double files_size = 0;
|
||||
col = &m_transaction->m_collections;
|
||||
|
||||
if (start != 0) {
|
||||
#ifndef NO_LOGS
|
||||
@ -267,14 +270,14 @@ bool Multipart::process(std::string data) {
|
||||
filename = "no-file-name-" + std::to_string(i);
|
||||
}
|
||||
|
||||
variables.emplace("FILES:" + name, filename);
|
||||
variables.emplace("FILES_NAMES:" + name, name);
|
||||
variables.emplace("FILES_SIZES:" + name,
|
||||
col->storeOrUpdateFirst("FILES:" + name, filename);
|
||||
col->storeOrUpdateFirst("FILES_NAMES:" + name, name);
|
||||
col->storeOrUpdateFirst("FILES_SIZES:" + name,
|
||||
std::to_string(m.content.size()));
|
||||
#ifndef NO_LOGS
|
||||
debug(5, "Multipart: Saving FILES_TMP_CONTENT:" + name + " variable.");
|
||||
#endif
|
||||
variables.emplace("FILES_TMP_CONTENT:" + name, m.content);
|
||||
col->storeOrUpdateFirst("FILES_TMP_CONTENT:" + name, m.content);
|
||||
files_size = files_size + m.content.size();
|
||||
if (m.invalidQuote) {
|
||||
#ifndef NO_LOGS
|
||||
@ -284,12 +287,12 @@ bool Multipart::process(std::string data) {
|
||||
}
|
||||
}
|
||||
if (filename.empty() == false) {
|
||||
variables.emplace("MULTIPART_FILENAME", filename);
|
||||
col->storeOrUpdateFirst("MULTIPART_FILENAME", filename);
|
||||
}
|
||||
if (name.empty() == false) {
|
||||
variables.emplace("MULTIPART_NAME", name);
|
||||
col->storeOrUpdateFirst("MULTIPART_NAME", name);
|
||||
}
|
||||
variables.emplace("FILES_COMBINED_SIZE", std::to_string(files_size));
|
||||
col->storeOrUpdateFirst("FILES_COMBINED_SIZE", std::to_string(files_size));
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -35,8 +35,6 @@ class Multipart {
|
||||
bool process(std::string data);
|
||||
void checkForCrlfLf(const std::string &blob);
|
||||
|
||||
transaction::Variables variables;
|
||||
|
||||
bool crlf;
|
||||
bool containsDataAfter;
|
||||
bool containsDataBefore;
|
||||
|
||||
@ -305,7 +305,7 @@ bool Rule::evaluate(Transaction *trasn) {
|
||||
for (int i = 0; i < variables->size(); i++) {
|
||||
Variable *variable = variables->at(i);
|
||||
if (variable->m_isExclusion) {
|
||||
std::vector<const transaction::Variable *> z;
|
||||
std::vector<const collection::Variable *> z;
|
||||
variable->evaluateInternal(trasn, &z);
|
||||
for (auto &y : z) {
|
||||
exclusions.push_back(y->m_key);
|
||||
@ -321,7 +321,7 @@ bool Rule::evaluate(Transaction *trasn) {
|
||||
continue;
|
||||
}
|
||||
|
||||
std::vector<const transaction::Variable *> e;
|
||||
std::vector<const collection::Variable *> e;
|
||||
variable->evaluateInternal(trasn, &e);
|
||||
|
||||
for (auto &v : e) {
|
||||
|
||||
@ -112,9 +112,7 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
|
||||
m_creationTimeStamp(cpu_seconds()),
|
||||
m_logCbData(logCbData),
|
||||
m_ms(ms),
|
||||
m_collections(&ms->m_global_collection, &ms->m_ip_collection)
|
||||
{
|
||||
|
||||
m_collections(&ms->m_global_collection, &ms->m_ip_collection) {
|
||||
m_id = std::to_string(this->m_timeStamp) + \
|
||||
std::to_string(generate_transaction_unique_id());
|
||||
m_rules->incrementReferenceCount();
|
||||
@ -590,9 +588,6 @@ int Transaction::processRequestBody() {
|
||||
|
||||
if (m.init() == true) {
|
||||
m.process(m_requestBody.str());
|
||||
for (auto &a : m.variables) {
|
||||
m_collections.store(a.first, a.second);
|
||||
}
|
||||
if (m.crlf && m.lf) {
|
||||
m_collections.store("MULTIPART_CRLF_LF_LINES", "1");
|
||||
} else {
|
||||
@ -734,7 +729,7 @@ int Transaction::processRequestBody() {
|
||||
* computationally intensive.
|
||||
*/
|
||||
std::string fullRequest;
|
||||
std::vector<const transaction::Variable *> l;
|
||||
std::vector<const collection::Variable *> l;
|
||||
m_collections.resolveMultiMatches("REQUEST_HEADERS", &l);
|
||||
for (auto &a : l) {
|
||||
fullRequest = fullRequest + \
|
||||
|
||||
@ -28,14 +28,14 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void Duration::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
std::string res;
|
||||
|
||||
double e = cpu_seconds() - transaction->m_creationTimeStamp;
|
||||
|
||||
res = std::to_string(e);
|
||||
|
||||
l->push_back(new transaction::Variable("DURATION", std::string(res)));
|
||||
l->push_back(new collection::Variable("DURATION", std::string(res)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class Duration : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void Env::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
std::map<std::string, std::string> envs;
|
||||
for (char **current = environ; *current; current++) {
|
||||
std::string env = std::string(*current);
|
||||
@ -47,7 +47,7 @@ void Env::evaluateInternal(Transaction *transaction,
|
||||
|
||||
envs.insert(std::pair<std::string, std::string>("ENV:" + key, value));
|
||||
if ("env:" + key == m_name) {
|
||||
l->push_back(new transaction::Variable(m_name, value));
|
||||
l->push_back(new collection::Variable(m_name, value));
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -57,7 +57,7 @@ void Env::evaluateInternal(Transaction *transaction,
|
||||
&& (x.first != m_name)) {
|
||||
continue;
|
||||
}
|
||||
l->push_back(new transaction::Variable(x.first, x.second));
|
||||
l->push_back(new collection::Variable(x.first, x.second));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class Env : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -27,8 +27,8 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void HighestSeverity::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
l->push_back(new transaction::Variable("HIGHEST_SEVERITY",
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
l->push_back(new collection::Variable("HIGHEST_SEVERITY",
|
||||
std::to_string(transaction->m_highestSeverityAction)));
|
||||
}
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class HighestSeverity : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -28,14 +28,14 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void ModsecBuild::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
std::ostringstream ss;
|
||||
ss << std::setw(2) << std::setfill('0') << MODSECURITY_MAJOR;
|
||||
ss << std::setw(2) << std::setfill('0') << MODSECURITY_MINOR;
|
||||
ss << std::setw(2) << std::setfill('0') << MODSECURITY_PATCHLEVEL;
|
||||
ss << std::setw(2) << std::setfill('0') << MODSECURITY_TAG_NUM;
|
||||
|
||||
l->push_back(new transaction::Variable("MODSEC_BUILD", ss.str()));
|
||||
l->push_back(new collection::Variable("MODSEC_BUILD", ss.str()));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class ModsecBuild : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void Time::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
@ -46,7 +46,7 @@ void Time::evaluateInternal(Transaction *transaction,
|
||||
localtime_r(&timer, &timeinfo);
|
||||
strftime(tstr, 200, "%H:%M:%S", &timeinfo);
|
||||
|
||||
l->push_back(new transaction::Variable("TIME", std::string(tstr)));
|
||||
l->push_back(new collection::Variable("TIME", std::string(tstr)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -35,7 +35,7 @@ class Time : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void TimeDay::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
@ -45,7 +45,7 @@ void TimeDay::evaluateInternal(Transaction *transaction,
|
||||
localtime_r(&timer, &timeinfo);
|
||||
strftime(tstr, 200, "%d", &timeinfo);
|
||||
|
||||
l->push_back(new transaction::Variable("TIME_DAY", std::string(tstr)));
|
||||
l->push_back(new collection::Variable("TIME_DAY", std::string(tstr)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class TimeDay : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -34,8 +34,8 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void TimeEpoch::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
l->push_back(new transaction::Variable("TIME_EPOCH",
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
l->push_back(new collection::Variable("TIME_EPOCH",
|
||||
std::to_string(std::time(nullptr))));
|
||||
}
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class TimeEpoch : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void TimeHour::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
@ -45,7 +45,7 @@ void TimeHour::evaluateInternal(Transaction *transaction,
|
||||
localtime_r(&timer, &timeinfo);
|
||||
strftime(tstr, 200, "%H", &timeinfo);
|
||||
|
||||
l->push_back(new transaction::Variable("TIME_HOUR", std::string(tstr)));
|
||||
l->push_back(new collection::Variable("TIME_HOUR", std::string(tstr)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class TimeHour : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void TimeMin::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
@ -45,7 +45,7 @@ void TimeMin::evaluateInternal(Transaction *transaction,
|
||||
localtime_r(&timer, &timeinfo);
|
||||
strftime(tstr, 200, "%M", &timeinfo);
|
||||
|
||||
l->push_back(new transaction::Variable("TIME_MIN", std::string(tstr)));
|
||||
l->push_back(new collection::Variable("TIME_MIN", std::string(tstr)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class TimeMin : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void TimeMon::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
@ -47,7 +47,7 @@ void TimeMon::evaluateInternal(Transaction *transaction,
|
||||
int a = atoi(tstr);
|
||||
a--;
|
||||
|
||||
l->push_back(new transaction::Variable("TIME_MON", std::to_string(a)));
|
||||
l->push_back(new collection::Variable("TIME_MON", std::to_string(a)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class TimeMon : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void TimeSec::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
@ -45,7 +45,7 @@ void TimeSec::evaluateInternal(Transaction *transaction,
|
||||
localtime_r(&timer, &timeinfo);
|
||||
strftime(tstr, 200, "%S", &timeinfo);
|
||||
|
||||
l->push_back(new transaction::Variable("TIME_SEC", std::string(tstr)));
|
||||
l->push_back(new collection::Variable("TIME_SEC", std::string(tstr)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class TimeSec : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void TimeWDay::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
@ -47,7 +47,7 @@ void TimeWDay::evaluateInternal(Transaction *transaction,
|
||||
int a = atoi(tstr);
|
||||
a--;
|
||||
|
||||
l->push_back(new transaction::Variable("TIME_WDAY", std::to_string(a)));
|
||||
l->push_back(new collection::Variable("TIME_WDAY", std::to_string(a)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class TimeWDay : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -34,7 +34,7 @@ namespace modsecurity {
|
||||
namespace Variables {
|
||||
|
||||
void TimeYear::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
@ -45,7 +45,7 @@ void TimeYear::evaluateInternal(Transaction *transaction,
|
||||
localtime_r(&timer, &timeinfo);
|
||||
strftime(tstr, 200, "%Y", &timeinfo);
|
||||
|
||||
l->push_back(new transaction::Variable("TIME_YEAR", std::string(tstr)));
|
||||
l->push_back(new collection::Variable("TIME_YEAR", std::string(tstr)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class TimeYear : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -35,7 +35,7 @@ namespace Variables {
|
||||
|
||||
|
||||
void Tx::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
if (m_type == SingleMatch) {
|
||||
transaction->m_collections.resolveSingleMatch(m_name, "TX", l);
|
||||
} else if (m_type == MultipleMatches) {
|
||||
|
||||
@ -35,7 +35,7 @@ class Tx : public Variable {
|
||||
: Variable(_name) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
};
|
||||
|
||||
} // namespace Variables
|
||||
|
||||
@ -71,17 +71,17 @@ Variable::Variable(std::string name, VariableKind kind)
|
||||
}
|
||||
|
||||
|
||||
std::vector<const transaction::Variable *> *
|
||||
std::vector<const collection::Variable *> *
|
||||
Variable::evaluate(Transaction *transaction) {
|
||||
std::vector<const transaction::Variable *> *l = NULL;
|
||||
l = new std::vector<const transaction::Variable *>();
|
||||
std::vector<const collection::Variable *> *l = NULL;
|
||||
l = new std::vector<const collection::Variable *>();
|
||||
evaluate(transaction, l);
|
||||
|
||||
return l;
|
||||
}
|
||||
|
||||
void Variable::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
if (m_collectionName.empty() == false) {
|
||||
if (m_kind == CollectionVarible && m_type == MultipleMatches) {
|
||||
transaction->m_collections.resolveMultiMatches(m_name,
|
||||
@ -108,7 +108,7 @@ void Variable::evaluateInternal(Transaction *transaction,
|
||||
|
||||
|
||||
void Variable::evaluate(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
evaluateInternal(transaction, l);
|
||||
}
|
||||
|
||||
|
||||
@ -66,14 +66,14 @@ class Variable {
|
||||
|
||||
static std::string to_s(std::vector<Variable *> *variables);
|
||||
|
||||
virtual std::vector<const transaction::Variable *>
|
||||
virtual std::vector<const collection::Variable *>
|
||||
*evaluate(Transaction *transaction);
|
||||
|
||||
virtual void evaluate(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
std::vector<const collection::Variable *> *l);
|
||||
|
||||
virtual void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l);
|
||||
std::vector<const collection::Variable *> *l);
|
||||
|
||||
|
||||
std::string m_name;
|
||||
|
||||
@ -29,8 +29,8 @@ namespace Variables {
|
||||
namespace Variations {
|
||||
|
||||
void Count::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const transaction::Variable *> *reslIn;
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *reslIn;
|
||||
int count = 0;
|
||||
|
||||
reslIn = var->evaluate(transaction);
|
||||
@ -47,7 +47,7 @@ void Count::evaluateInternal(Transaction *transaction,
|
||||
|
||||
std::string res = std::to_string(count);
|
||||
|
||||
l->push_back(new transaction::Variable(std::string(var->m_name),
|
||||
l->push_back(new collection::Variable(std::string(var->m_name),
|
||||
std::string(res)));
|
||||
}
|
||||
|
||||
|
||||
@ -36,7 +36,7 @@ class Count : public Variable {
|
||||
var(v) { }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
|
||||
Variable *var;
|
||||
};
|
||||
|
||||
@ -30,7 +30,7 @@ namespace Variations {
|
||||
|
||||
|
||||
void Exclusion::evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) {
|
||||
std::vector<const collection::Variable *> *l) {
|
||||
transaction->m_collections.resolveMultiMatches(m_name, l);
|
||||
}
|
||||
|
||||
|
||||
@ -38,7 +38,7 @@ class Exclusion : public Variable {
|
||||
{ m_isExclusion = true; }
|
||||
|
||||
void evaluateInternal(Transaction *transaction,
|
||||
std::vector<const transaction::Variable *> *l) override;
|
||||
std::vector<const collection::Variable *> *l) override;
|
||||
|
||||
Variable *var;
|
||||
};
|
||||
|
||||
@ -51,7 +51,7 @@
|
||||
]
|
||||
},
|
||||
"expected":{
|
||||
"debug_log":"Target value: \"32\" \\(Variable: FILES_SIZES:filedata\\)"
|
||||
"debug_log":"Target value: \"38\" \\(Variable: FILES_SIZES:filedata\\)"
|
||||
},
|
||||
"rules":[
|
||||
"SecRuleEngine On",
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user