github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Warming up to the remote collections support

Browse Source 
Huge refactoring to have the code in shape to later support the
remote collections with different backends.
This commit is contained in:
Felipe Zimmerle
2016-05-03 13:49:16 -03:00
parent ff165a4035
commit 5643d2fa28
50 changed files with 125 additions and 688 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
headers/modsecurity/modsecurity.h
View File

@@ -93,7 +93,7 @@ typedef struct ModSecurity_t modsecurity;
#include "modsecurity/transaction.h"
#include "modsecurity/debug_log.h"
#include "modsecurity/rules.h"
#include "modsecurity/transaction/global_variables.h"
#include "modsecurity/collection/global_collection.h"
/**
* TAG_NUM:
@@ -223,8 +223,8 @@ class ModSecurity {
NUMBER_OF_PHASES,
};
transaction::GlobalVariables m_global_collection;
transaction::GlobalVariables m_ip_collection;
collection::GlobalCollection m_global_collection;
collection::GlobalCollection m_ip_collection;
private:
std::string m_connector;
LogCb m_logCb;

9
headers/modsecurity/transaction.h
View File

@@ -40,9 +40,9 @@ typedef struct Rules_t Rules;
#endif
#include "modsecurity/intervention.h"
#include "modsecurity/transaction/collections.h"
#include "modsecurity/transaction/variable.h"
#include "modsecurity/transaction/variables.h"
#include "modsecurity/collection/collections.h"
#include "modsecurity/collection/variable.h"
#include "modsecurity/collection/collection.h"
#define LOGFY_ADD(a, b) \
yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \
@@ -70,7 +70,6 @@ namespace modsecurity {
class ModSecurity;
class Transaction;
class Rules;
class Collections;
class RuleMessage;
namespace actions {
class Action;
@@ -316,7 +315,7 @@ class Transaction {
/**
* Holds all the collections related to that transaction.
*/
transaction::Collections m_collections;
collection::Collections m_collections;
/**
* Holds the whatever matched in the operation utilization.

57
headers/modsecurity/transaction/collection.h
View File

@@ -1,57 +0,0 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifndef HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_
#define HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_
#ifndef __cplusplus
typedef struct Collection_t Collection;
#endif
#ifdef __cplusplus
#include <string>
namespace modsecurity {
class Collection : public transaction::Variables {
public:
Collection(std::string name, std::string key)
: m_name(name),
m_persisted(false),
m_timeout(0),
m_updateCounter(0),
m_updateRate(0),
m_key(key) { }
std::string m_name;
clock_t m_createTime;
bool m_persisted; /* IS_NEW from the old documentation */
std::string m_key;
clock_t m_lastUpdateTime;
double m_timeout;
double m_updateCounter;
double m_updateRate;
};
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_

103
headers/modsecurity/transaction/collections.h
View File

@@ -1,103 +0,0 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <ctime>
#include <iostream>
#include <unordered_map>
#include <fstream>
#include <vector>
#include <iomanip>
#include <set>
#include <cstdio>
#include <string>
#include <list>
#endif
#include "modsecurity/transaction/global_variables.h"
#include "modsecurity/transaction/variables.h"
#include "modsecurity/transaction/variable.h"
#include "modsecurity/transaction/collection.h"
#ifndef HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_
#define HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_
#ifndef __cplusplus
typedef struct Variable_t Variable;
#endif
#ifdef __cplusplus
namespace modsecurity {
namespace transaction {
class Collections :
public std::unordered_map<std::string, Collection *> {
public:
Collections(GlobalVariables *global, GlobalVariables *ip);
~Collections();
void init(const std::string& name, const std::string& key);
void store(std::string key, std::string value);
void storeOrUpdateFirst(const std::string& collectionName,
const std::string& variableName,
const std::string& targetValue);
bool storeOrUpdateFirst(const std::string &key, const std::string &value);
bool updateFirst(const std::string &key, const std::string &value);
void del(const std::string& key);
std::string* resolveFirst(const std::string& var);
std::string* resolveFirst(const std::string& collectionName,
const std::string& var);
void resolveSingleMatch(const std::string& var,
std::vector<const transaction::Variable *> *l);
void resolveSingleMatch(const std::string& var,
const std::string& collection,
std::vector<const transaction::Variable *> *l);
void resolveMultiMatches(const std::string& var,
std::vector<const transaction::Variable *> *l);
void resolveMultiMatches(const std::string& var,
const std::string& collection,
std::vector<const transaction::Variable *> *l);
void resolveRegularExpression(const std::string& var,
std::vector<const transaction::Variable *> *l);
void resolveRegularExpression(const std::string& var,
const std::string& collection,
std::vector<const transaction::Variable *> *l);
/**
* This is a special collection to host the transaction variables.
*
* It exists independent of initialization and it is only valid during a transaction.
*
* Notice that it is not the TX collection.
*/
transaction::Variables m_transient;
std::string m_global_collection_key;
std::string m_ip_collection_key;
transaction::GlobalVariables *m_global_collection;
transaction::GlobalVariables *m_ip_collection;
};
} // namespace transaction
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_

119
headers/modsecurity/transaction/global_variables.h
View File

@@ -1,119 +0,0 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <string>
#include <iostream>
#include <unordered_map>
#include <list>
#include <vector>
#include <algorithm>
#endif
#include "modsecurity/transaction/variable.h"
#ifndef HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_
#define HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_
#ifndef __cplusplus
typedef struct Variable_t Variables;
#endif
#ifdef __cplusplus
namespace modsecurity {
namespace transaction {
class CollectionKey {
public:
CollectionKey()
: m_compartiment(""),
m_name("") { };
CollectionKey(std::string name)
: m_compartiment(""),
m_name(name) { };
CollectionKey(std::string name, std::string compartiment)
: m_compartiment(compartiment),
m_name(name) { };
std::string m_name;
std::string m_compartiment;
};
class collection_hash
{
public:
size_t operator()(const CollectionKey *v) const
{
size_t h = 0;
std::for_each(v->m_name.begin(), v->m_name.end(), [&](char c) {
h += tolower(c);
});
std::for_each(v->m_compartiment.begin(), v->m_compartiment.end(), [&](char c) {
h += tolower(c);
});
return h;
};
};
class collection_equal
{
public:
bool operator()(const CollectionKey *u, const CollectionKey *v) const
{
return u->m_name == v->m_name && u->m_compartiment == v->m_compartiment;
};
};
class GlobalVariables :
public std::unordered_multimap<CollectionKey *, std::string,
collection_hash, collection_equal> {
public:
GlobalVariables();
~GlobalVariables();
void store(std::string key, std::string compartment, std::string value);
bool storeOrUpdateFirst(const std::string &key, std::string compartment,
const std::string &value);
bool updateFirst(const std::string &key, std::string compartment,
const std::string &value);
void del(const std::string& key, std::string compartment);
std::string* resolveFirst(const std::string& var, std::string compartment);
void resolveSingleMatch(const std::string& var, std::string compartment,
std::vector<const transaction::Variable *> *l);
void resolveMultiMatches(const std::string& var, std::string compartment,
std::vector<const transaction::Variable *> *l);
void resolveRegularExpression(const std::string& var, std::string compartment,
std::vector<const transaction::Variable *> *l);
};
} // namespace transaction
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_

47
headers/modsecurity/transaction/variable.h
View File

@@ -1,47 +0,0 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <string>
#endif
#ifndef HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_
#define HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_
#ifndef __cplusplus
typedef struct Variable_t Variable;
#endif
#ifdef __cplusplus
namespace modsecurity {
namespace transaction {
class Variable {
public:
Variable(const std::string& key, const std::string& value) :
m_key(key),
m_value(value) { }
std::string m_key;
std::string m_value;
};
} // namespace transaction
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_

101
headers/modsecurity/transaction/variables.h
View File

@@ -1,101 +0,0 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <string>
#include <iostream>
#include <unordered_map>
#include <list>
#include <vector>
#include <algorithm>
#endif
#include "modsecurity/transaction/variable.h"
#ifndef HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_
#define HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_
#ifndef __cplusplus
typedef struct Variable_t Variables;
#endif
#ifdef __cplusplus
namespace modsecurity {
namespace transaction {
/*
* FIXME:
*
* This was an example grabbed from:
* http://stackoverflow.com/questions/8627698/case-insensitive-stl-containers-e-g-stdunordered-set
*
* We have to have a better hash function, maybe based on the std::hash.
*
*/
struct MyEqual {
bool operator()(const std::string& Left, const std::string& Right) const {
return Left.size() == Right.size()
&& std::equal(Left.begin(), Left.end(), Right.begin(),
[](char a, char b) {
return tolower(a) == tolower(b);
});
}
};
struct MyHash{
size_t operator()(const std::string& Keyval) const {
// You might need a better hash function than this
size_t h = 0;
std::for_each(Keyval.begin(), Keyval.end(), [&](char c) {
h += tolower(c);
});
return h;
}
};
class Variables :
public std::unordered_multimap<std::string, std::string,
/*std::hash<std::string>*/MyHash, MyEqual> {
public:
Variables();
~Variables();
void store(std::string key, std::string value);
bool storeOrUpdateFirst(const std::string &key,
const std::string &value);
bool updateFirst(const std::string &key, const std::string &value);
void del(const std::string& key);
std::string* resolveFirst(const std::string& var);
void resolveSingleMatch(const std::string& var,
std::vector<const transaction::Variable *> *l);
void resolveMultiMatches(const std::string& var,
std::vector<const transaction::Variable *> *l);
void resolveRegularExpression(const std::string& var,
std::vector<const transaction::Variable *> *l);
};
} // namespace transaction
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_