github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Opens auditlog files and directories with the correct mode

Browse Source 
Respecting the directives: SecAuditLogStorageDir and SecAuditLogFileMode
This commit is contained in:
Felipe Zimmerle 2015-07-10 18:38:12 -03:00
parent c9620ac50f
commit 5e33a1a3c4
7 changed files with 36 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/audit_log.cc
View File

@ -35,13 +35,13 @@ namespace ModSecurity {
bool AuditLog::setStorageDirMode(int permission) { bool AuditLog::setStorageDirMode(int permission) {
this->m_storage_permission = permission; this->directoryPermission = permission;
return true; return true;
} }
bool AuditLog::setFileMode(int permission) { bool AuditLog::setFileMode(int permission) {
this->m_file_permissions = permission; this->filePermission = permission;
return true; return true;
} }

9
src/audit_log.h
View File

@ -41,7 +41,9 @@ class AuditLog {
| HAuditLogPart | ZAuditLogPart), | HAuditLogPart | ZAuditLogPart),
m_type(ParallelAuditLogType), m_type(ParallelAuditLogType),
m_writer(NULL), m_writer(NULL),
m_relevant("") m_relevant(""),
filePermission(0600),
directoryPermission(0600)
{ } { }
enum AuditLogType { enum AuditLogType {
@ -166,11 +168,12 @@ class AuditLog {
std::string m_path2; std::string m_path2;
std::string m_storage_dir; std::string m_storage_dir;
int filePermission;
int directoryPermission;
private: private:
AuditLogStatus m_status; AuditLogStatus m_status;
int m_file_permissions;
int m_storage_permission;
int m_parts; int m_parts;
AuditLogType m_type; AuditLogType m_type;

5
src/audit_log_writer.h
View File

@ -18,9 +18,6 @@
#ifdef __cplusplus #ifdef __cplusplus
#include <string> #include <string>
#include <iostream>
#include <sstream>
#include <fstream>
#endif #endif
#include "modsecurity/assay.h" #include "modsecurity/assay.h"
@ -32,7 +29,7 @@ namespace ModSecurity {
class AuditLog; class AuditLog;
/** @ingroup ModSecurity_CPP_API */ /** @ingroup ModSecurity_CPP_API */
class AuditLogWriter : public std::ofstream { class AuditLogWriter {
public: public:
explicit AuditLogWriter(AuditLog *audit) explicit AuditLogWriter(AuditLog *audit)
: m_audit(audit) { } : m_audit(audit) { }

28
src/audit_log_writer_parallel.cc
View File

@ -18,6 +18,9 @@
#include <time.h> #include <time.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <fstream> #include <fstream>
@ -72,24 +75,35 @@ bool AuditLogWriterParallel::close() {
bool AuditLogWriterParallel::write(Assay *assay) { bool AuditLogWriterParallel::write(Assay *assay) {
FILE *fp;
int fd;
std::string log = assay->to_json(0); std::string log = assay->to_json(0);
std::string fileName = logFilePath(&assay->timeStamp, std::string fileName = logFilePath(&assay->timeStamp,
YearMonthDayDirectory | YearMonthDayAndTimeDirectory YearMonthDayDirectory | YearMonthDayAndTimeDirectory
| YearMonthDayAndTimeFileName); | YearMonthDayAndTimeFileName);
fileName = fileName + "-" + assay->id;
std::string logPath = m_audit->m_storage_dir; std::string logPath = m_audit->m_storage_dir;
fileName = logPath + fileName + "-" + assay->id;
if (logPath.empty()) {
return false;
}
createDir((logPath + createDir((logPath +
logFilePath(&assay->timeStamp, YearMonthDayDirectory)).c_str()); logFilePath(&assay->timeStamp, YearMonthDayDirectory)).c_str(),
m_audit->directoryPermission);
createDir((logPath + createDir((logPath +
logFilePath(&assay->timeStamp, YearMonthDayDirectory logFilePath(&assay->timeStamp, YearMonthDayDirectory
| YearMonthDayAndTimeDirectory)).c_str()); | YearMonthDayAndTimeDirectory)).c_str(),
m_audit->directoryPermission);
std::ofstream f; fd = open(fileName.c_str(), O_CREAT | O_WRONLY, m_audit->filePermission);
f.open(logPath + fileName, std::fstream::out | std::fstream::app); if (fd < 0) {
f << log; return false;
f.close(); }
fp = fdopen(fd, "w");
fwrite(log.c_str(), log.length(), 1, fp);
fclose(fp);
return true; return true;
} }

4
src/utils.cc
View File

@ -69,11 +69,11 @@ std::string ascTime(time_t *t) {
} }
void createDir(std::string dir) { void createDir(std::string dir, int mode) {
#if defined _MSC_VER #if defined _MSC_VER
_mkdir(dir.data()); _mkdir(dir.data());
#elif defined __GNUC__ #elif defined __GNUC__
mkdir(dir.data(), 0777); mkdir(dir.data(), mode);
#endif #endif
} }

2
src/utils.h
View File

@ -27,7 +27,7 @@ namespace ModSecurity {
double random_number(const double from, const double to); double random_number(const double from, const double to);
double generate_assay_unique_id(); double generate_assay_unique_id();
std::string ascTime(time_t *t); std::string ascTime(time_t *t);
void createDir(std::string dir); void createDir(std::string dir, int mode);
} // namespace ModSecurity } // namespace ModSecurity
#define SRC_UTILS_H_ #define SRC_UTILS_H_

4
test/test-cases/regression/auditlog.json
View File

@ -51,7 +51,9 @@
"SecRule ARGS \"@contains test\" \"t:trim,block,auditlog\"", "SecRule ARGS \"@contains test\" \"t:trim,block,auditlog\"",
"SecAuditEngine RelevantOnly", "SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ", "SecAuditLogParts ABCFHZ",
"SecAuditLogStorageDir /tmp", "SecAuditLogStorageDir /tmp/test",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0600",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\"" "SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
] ]
} }