github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 06:36:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Change names of HMAC feature to HASH

Browse Source
This commit is contained in:
Breno Silva 2012-10-30 18:14:55 -04:00
parent 0757a9f876
commit 5f98d8008e
2 changed files with 26 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
apache2/msc_crypt.c
View File

@ -625,7 +625,7 @@ int do_hash_method(modsec_rec *msr, char *link, int type) {
* \retval 0 No element was changed * \retval 0 No element was changed
* \retval -1 On fail * \retval -1 On fail
*/ */
int encrypt_response_body_links(modsec_rec *msr) { int hash_response_body_links(modsec_rec *msr) {
int lsize = 0, fsize = 0, lcount = 0, fcount = 0, i; int lsize = 0, fsize = 0, lcount = 0, fcount = 0, i;
int isize = 0, icount = 0, frsize = 0, frcount = 0; int isize = 0, icount = 0, frsize = 0, frcount = 0;
xmlXPathContextPtr xpathCtx = NULL; xmlXPathContextPtr xpathCtx = NULL;
@ -639,7 +639,7 @@ int encrypt_response_body_links(modsec_rec *msr) {
if (msr->crypto_html_tree == NULL) { if (msr->crypto_html_tree == NULL) {
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "encrypt_response_body_links: Cannot parse NULL html tree"); msr_log(msr, 4, "hash_response_body_links: Cannot parse NULL html tree");
return -1; return -1;
} }
@ -652,7 +652,7 @@ int encrypt_response_body_links(modsec_rec *msr) {
xpathCtx = xmlXPathNewContext(msr->crypto_html_tree); xpathCtx = xmlXPathNewContext(msr->crypto_html_tree);
if(xpathCtx == NULL) { if(xpathCtx == NULL) {
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "encrypt_response_body_links: Unable to create Xpath context."); msr_log(msr, 4, "hash_response_body_links: Unable to create Xpath context.");
goto ctx_error; goto ctx_error;
} }
@ -664,7 +664,7 @@ int encrypt_response_body_links(modsec_rec *msr) {
if(xpathObj == NULL) { if(xpathObj == NULL) {
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, msr_log(msr, 4,
"encrypt_response_body_links: Unable to evaluate xpath expression."); "hash_response_body_links: Unable to evaluate xpath expression.");
goto obj_error; goto obj_error;
} }
@ -728,7 +728,7 @@ int encrypt_response_body_links(modsec_rec *msr) {
if(xpathObj == NULL) { if(xpathObj == NULL) {
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, msr_log(msr, 4,
"encrypt_response_body_links: Unable to evaluate xpath expression."); "hash_response_body_links: Unable to evaluate xpath expression.");
goto obj_error; goto obj_error;
} }
@ -804,7 +804,7 @@ int encrypt_response_body_links(modsec_rec *msr) {
if(xpathObj == NULL) { if(xpathObj == NULL) {
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, msr_log(msr, 4,
"encrypt_response_body_links: Unable to evaluate xpath expression."); "hash_response_body_links: Unable to evaluate xpath expression.");
goto obj_error; goto obj_error;
} }
@ -869,7 +869,7 @@ int encrypt_response_body_links(modsec_rec *msr) {
if(xpathObj == NULL) { if(xpathObj == NULL) {
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, msr_log(msr, 4,
"encrypt_response_body_links: Unable to evaluate xpath expression."); "hash_response_body_links: Unable to evaluate xpath expression.");
goto obj_error; goto obj_error;
} }
@ -933,10 +933,10 @@ int encrypt_response_body_links(modsec_rec *msr) {
xmlXPathFreeContext(xpathCtx); xmlXPathFreeContext(xpathCtx);
if (msr->txcfg->debuglog_level >= 4) { if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "encrypt_response_body_links: Processed [%d] iframe src, [%d] encrypted.",isize, icount); msr_log(msr, 4, "hash_response_body_links: Processed [%d] iframe src, [%d] hashed.",isize, icount);
msr_log(msr, 4, "encrypt_response_body_links: Processed [%d] frame src, [%d] encrypted.",frsize, frcount); msr_log(msr, 4, "hash_response_body_links: Processed [%d] frame src, [%d] hashed.",frsize, frcount);
msr_log(msr, 4, "encrypt_response_body_links: Processed [%d] form actions, [%d] encrypted.",fsize, fcount); msr_log(msr, 4, "hash_response_body_links: Processed [%d] form actions, [%d] hashed.",fsize, fcount);
msr_log(msr, 4, "encrypt_response_body_links: Processed [%d] links, [%d] encrypted.",lsize, lcount); msr_log(msr, 4, "hash_response_body_links: Processed [%d] links, [%d] hashed.",lsize, lcount);
} }
if(msr->of_stream_changed == 0) { if(msr->of_stream_changed == 0) {
@ -965,12 +965,12 @@ ctx_error:
* \brief Inject the new response body * \brief Inject the new response body
* *
* \param msr ModSecurity transaction resource * \param msr ModSecurity transaction resource
* \param elts Number of encrypted elements * \param elts Number of hashed elements
* *
* \retval 1 On success * \retval 1 On success
* \retval -1 On fail * \retval -1 On fail
*/ */
int inject_encrypted_response_body(modsec_rec *msr, int elts) { int inject_hashed_response_body(modsec_rec *msr, int elts) {
xmlOutputBufferPtr output_buf = NULL; xmlOutputBufferPtr output_buf = NULL;
xmlCharEncodingHandlerPtr handler = NULL; xmlCharEncodingHandlerPtr handler = NULL;
char *p = NULL; char *p = NULL;
@ -984,7 +984,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) {
if (msr->crypto_html_tree == NULL) { if (msr->crypto_html_tree == NULL) {
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Cannot parse NULL html tree"); msr_log(msr, 4, "inject_hashed_response_body: Cannot parse NULL html tree");
return -1; return -1;
} }
@ -1011,7 +1011,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) {
} }
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Detected encoding type [%s].", encoding); msr_log(msr, 4, "inject_hashed_response_body: Detected encoding type [%s].", encoding);
if (handler == NULL) if (handler == NULL)
handler = xmlFindCharEncodingHandler("UTF-8"); handler = xmlFindCharEncodingHandler("UTF-8");
@ -1032,12 +1032,12 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) {
apr_table_set(msr->r->err_headers_out,"Content-Type",new_ct); apr_table_set(msr->r->err_headers_out,"Content-Type",new_ct);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Using content-type [%s].", handler->name); msr_log(msr, 4, "inject_hashed_response_body: Using content-type [%s].", handler->name);
output_buf = xmlAllocOutputBuffer(handler); output_buf = xmlAllocOutputBuffer(handler);
if (output_buf == NULL) { if (output_buf == NULL) {
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Unable to allocate memory buffer."); msr_log(msr, 4, "inject_hashed_response_body: Unable to allocate memory buffer.");
xmlFreeDoc(msr->crypto_html_tree); xmlFreeDoc(msr->crypto_html_tree);
return -1; return -1;
} }
@ -1073,7 +1073,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) {
memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf)); msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf));
} else { } else {
@ -1102,7 +1102,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) {
memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf)); msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf));
} }
@ -1135,7 +1135,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) {
memcpy(msr->stream_output_data, output_buf->buffer->content, msr->stream_output_length); memcpy(msr->stream_output_data, output_buf->buffer->content, msr->stream_output_length);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", output_buf->buffer->use); msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", output_buf->buffer->use);
} else { } else {
@ -1164,7 +1164,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) {
memcpy(msr->stream_output_data, output_buf->conv->content, msr->stream_output_length); memcpy(msr->stream_output_data, output_buf->conv->content, msr->stream_output_length);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", output_buf->conv->use); msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", output_buf->conv->use);
} }
@ -1176,13 +1176,13 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) {
apr_table_unset(msr->r->headers_out,"Content-Length"); apr_table_unset(msr->r->headers_out,"Content-Length");
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Setting new content value %s", content_value); msr_log(msr, 4, "inject_hashed_response_body: Setting new content value %s", content_value);
apr_table_set(msr->r->headers_out, "Content-Length", content_value); apr_table_set(msr->r->headers_out, "Content-Length", content_value);
xmlFreeDoc(msr->crypto_html_tree); xmlFreeDoc(msr->crypto_html_tree);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_encrypted_response_body: Stream buffer [%"APR_SIZE_T_FMT"]. Done",msr->stream_output_length); msr_log(msr, 4, "inject_hashed_response_body: Stream buffer [%"APR_SIZE_T_FMT"]. Done",msr->stream_output_length);
return 1; return 1;
} }

11
apache2/msc_crypt.h
View File

@ -27,11 +27,6 @@
#define INT32_MAX (2147483647) #define INT32_MAX (2147483647)
#endif #endif
#define N16BITS_MASK 65536L
#define N16BITS_MAX 0xFFFF
#define N15BITS_MASK 0x7FFF
#define N31BITS_MASK 0x7FFFFFFF
char DSOLOCAL *hmac(modsec_rec *msr, const char *key, int key_len, char DSOLOCAL *hmac(modsec_rec *msr, const char *key, int key_len,
unsigned char *msg, int msglen); unsigned char *msg, int msglen);
char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link, char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link,
@ -39,9 +34,9 @@ char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link,
char DSOLOCAL *getkey(apr_pool_t *mp); char DSOLOCAL *getkey(apr_pool_t *mp);
int DSOLOCAL init_response_body_html_parser(modsec_rec *msr); int DSOLOCAL init_response_body_html_parser(modsec_rec *msr);
int DSOLOCAL encrypt_response_body_links(modsec_rec *msr); int DSOLOCAL hash_response_body_links(modsec_rec *msr);
int DSOLOCAL inject_encrypted_response_body(modsec_rec *msr, int elts); int DSOLOCAL inject_hashed_response_body(modsec_rec *msr, int elts);
int DSOLOCAL do_encryption_method(modsec_rec *msr, char *link, int type); int DSOLOCAL do_hash_method(modsec_rec *msr, char *link, int type);
int DSOLOCAL modify_response_header(modsec_rec *msr); int DSOLOCAL modify_response_header(modsec_rec *msr);
char DSOLOCAL *normalize_path(modsec_rec *msr, char *input); char DSOLOCAL *normalize_path(modsec_rec *msr, char *input);
#endif #endif