Improvements, bug fixes and cleanup from Tom Donavan

This commit is contained in:
brenosilva 2011-04-02 23:10:16 +00:00
parent f0d6a06a95
commit 6031e7fdae
11 changed files with 274 additions and 200 deletions

View File

@ -1,181 +1,191 @@
============================================================
Build notes for Windows from Tom Donovan
============================================================
These are the raw build notes from Tom Donovan for building
ModSecurity 2.5.12 with Apache httpd 2.2.14 on Windows. Some
day these should be incorporated into the official docs, but
there has not yet been time, so they are included here in
their raw format for now.
============================================================
=====================================================================
MOD_SECURITY 2.6 Command-line Build notes for Windows 4/2/2011
=====================================================================
I build Apache 2.2.14 from source in C:\work\httpd-2.2.14
I have a VC9 build of Apache 2.2.14 installed in C:\Apache2214
PREREQUISITES:
My PATH includes VC9 and CMAKE 2.6
Microsoft Visual Studio C++ tested with Visual Studio 2008 (aka VC9)
BEFORE BUILDING - if OpenSSL and Zlib support is desired in LIBXML2 and CURL
CMake build system from: http://www.cmake.org/ tested with CMake v2.8.0
REM #### set an env variable to my Apache build directory
SET HTTPD_BUILD=C:\work\httpd-2.2.14
Apache 2.2.x from: http://httpd.apache.org/ tested with Apache 2.2.17
Apache must be built from source using the same Visual Studio compiler as mod_security.
REM #### ensure that CURL and LIBXML2 can find the OpenSSL and Zlib includes and libraries that Apache was built with
SET INCLUDE=%INCLUDE%;%HTTPD_BUILD%\srclib\openssl\inc32;%HTTPD_BUILD%\srclib\zlib
SET LIB=%LIB%;%HTTPD_BUILD%\srclib\openssl\out32dll;%HTTPD_BUILD%\srclib\zlib
PCRE Perl Compatible Regular Expression library from: http://www.pcre.org/ tested with PCRE v8.12
REM #### ensure that CURL doesn't use the static zlib library: zlib.lib. Force it to use zdll.lib instead, which points to zlib1.dll
IF EXIST %HTTPD_BUILD%\srclib\zlib\zlib.lib DEL %HTTPD_BUILD%\srclib\zlib\zlib.lib
LibXML2 from: http://xmlsoft.org/ tested with LibXML2 v2.7.7
Note that LibXML2 v2.7.8 does not build correctly for Windows
BUILD PCRE-7.9
Lua Scripting Language from: http://www.lua.org/ tested with Lua v5.1.4
Downloaded pcre-7.9.tar.gz from ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
untar'd into C:\work\ creating C:\work\pcre-7.9
cURL multiprotocol file transfer library from: http://curl.haxx.se/ tested with cURL v7.21.4
CD C:\work\pcre-7.9
BEFORE BUILDING
The directory where you build software from source ( C:\work in this exmaple)
must contain the Apache source you used to build the Apache web serverand the mod_security source
Apache source is in C:\work\httpd-2.2.17 in this example.
Apache has been installed to C:\Apache2217 in this example.
Mod_security source is in C:\work\mod_security in this example.
Download and untar the prerequite library sources:
Download pcre-8.12.tar.gz from ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
untar it into C:\work\ creating C:\work\pcre-8.12
Download libxml2-2.7.7.tar.gz from ftp://xmlsoft.org/libxml2/
untar it into C:\work\ creating C:\work\libxml2-2.7.7
Download lua-5.1.4.tar.gz from http://www.lua.org/ftp/
untar it into C:\work\ creating C:\work\lua-5.1.4
Download curl-7.21.4.tar.gz from http://curl.haxx.se/download.html
untar it into C:\work\ creating C:\work\curl-7.21.4
Setup your build environment:
The PATH environment variable must include the Visual Studio variables as set by vsvars32.bat
The PATH environment variable must also include the CMAKE bin\ directory
Set an environment variable to the Apache source code directory:
SET HTTPD_BUILD=C:\work\httpd-2.2.17
If OpenSSL and Zlib support were included when you built Apache 2.2, and you want them available to LIBXML2 and CURL
Ensure that cURL and libXML2 can find the OpenSSL and Zlib includes and libraries that Apache was built with.
SET INCLUDE=%INCLUDE%;%HTTPD_BUILD%\srclib\openssl\inc32;%HTTPD_BUILD%\srclib\zlib
SET LIB=%LIB%;%HTTPD_BUILD%\srclib\openssl\out32dll;%HTTPD_BUILD%\srclib\zlib
Ensure that cURL and libXML2 don't use the static zlib library: zlib.lib.
Force cURL and libXML2 to use zdll.lib instead, requiring zlib1.dll at runtime:
IF EXIST %HTTPD_BUILD%\srclib\zlib\zlib.lib DEL %HTTPD_BUILD%\srclib\zlib\zlib.lib
BUILD PCRE-8.12
CD C:\work\pcre-8.12
CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True
NMAKE
BUILD LIBXML2-2.7.6
BUILD LIBXML2-2.7.7 (note: the more recent version: 2.7.8 does not build correctly on Windows)
Downloaded libxml2-2.7.6.tar.gz from ftp://xmlsoft.org/libxml2/
untar'd into C:\work\ creating C:\work\libxml2-2.7.6
CD C:\work\libxml2-2.7.6\win32
CD C:\work\libxml2-2.7.7\win32
CSCRIPT configure.js iconv=no vcmanifest=yes zlib=yes
NMAKE -f Makefile.msvc
BUILD LUA-5.1.4
Downloaded lua-5.1.4.tar.gz from http://www.lua.org/ftp/
untar'd into C:\work\ creating C:\work\lua-5.1.4
CD C:\work\lua-5.1.4\src
CL /Ox /arch:SSE2 /GF /GL /Gy /FD /EHsc /MD /Zi /TC /wd4005 /D "_MBCS" /D "LUA_CORE" /D "LUA_BUILD_AS_DLL" /D "_CRT_SECURE_NO_WARNINGS" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_WIN32" /D "_WINDLL" /c *.c
DEL lua.obj luac.obj
LINK /DLL /LTCG /DEBUG /OUT:lua5.1.dll *.obj
IF EXIST lua5.1.dll.manifest MT -manifest lua5.1.dll.manifest -outputresource:lua5.1.dll;2
BUILD CURL-7.20.0
Downloaded curl-7.20.0.tar.gz from http://curl.haxx.se/download.html
untar'd into C:\work\ creating C:\work\curl-7.20.0
CD C:\work\curl-7.20.0
*** Fixed Bug: https://sourceforge.net/tracker/?func=detail&aid=2951269&group_id=976&atid=100976 ***
Edited the file include\curl\curlbuild.h.cmake near line 160 - put double-quotes around all CURL_FORMAT* values.
e.g. change: ${CURL_FORMAT_CURL_OFF_T} to: "${CURL_FORMAT_CURL_OFF_T}"
/* curl_off_t formatting string directive without "%" conversion specifier. */
#cmakedefine CURL_FORMAT_CURL_OFF_T "${CURL_FORMAT_CURL_OFF_T}"
/* unsigned curl_off_t formatting string without "%" conversion specifier. */
#cmakedefine CURL_FORMAT_CURL_OFF_TU "${CURL_FORMAT_CURL_OFF_TU}"
/* curl_off_t formatting string directive with "%" conversion specifier. */
#cmakedefine CURL_FORMAT_OFF_T "${CURL_FORMAT_OFF_T}"
BUILD CURL-7.21.4
CD C:\work\curl-7.21.4
CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True -DCURL_ZLIB=True
NMAKE
BUILD MOD_SECURITY-2.5.12
BUILD MOD_SECURITY-2.6
Edited the top of C:\work\mod_security-2.5.12\apache2\Makefile.win and set my local paths
(note that pcre.lib is not in $(PCRE)\LibR as it is in the original Makefile.win )
CD C:\work\mod_security\apache2
NMAKE -f Makefile.win APACHE=C:\Apache2217 PCRE=C:\work\pcre-8.12 LIBXML2=C:\work\libxml2-2.7.7 LUA=C:\work\lua-5.1.4\src
# Path to Apache httpd installation
BASE = C:\Apache2214
INSTALL MOD_SECURITY AND RUN APACHE
# Paths to required libraries
LIBXML2 = C:\work\libxml2-2.7.6
LUA = C:\work\lua-5.1.4\src
PCRE = C:\work\pcre-7.9
Copy these five files to C:\Apache2217\bin:
C:\work\pcre-8.12\pcre.dll C:\Apache2217\bin\
C:\work\lua-5.1.4\src\lua5.1.dll C:\Apache2217\bin\
C:\work\libxml2-2.7.7\win32\bin.msvc\libxml2.dll C:\Apache2217\bin\
C:\work\curl-7.21.4\libcurl.dll C:\Apache2217\bin\
C:\work\mod_security\apache2\mlogc-src\mlogc.exe
# Linking libraries
LIBS = $(BASE)\lib\libhttpd.lib \
$(BASE)\lib\libapr-1.lib \
$(BASE)\lib\libaprutil-1.lib \
$(PCRE)\pcre.lib \
$(LIBXML2)\win32\bin.msvc\libxml2.lib \
$(LUA)\lua5.1.lib \
wsock32.lib
Copy this one file to C:\Apache2217\modules:
CD C:\work\mod_security-2.5.12\apache2
NMAKE -f Makefile.win
C:\work\mod_security\apache2\mod_security2.so
BUILD MOD_SECURITY-2.5.12 MLOGC program
You may also copy C:\work\curl-7.21.4\curl.exe to C:\Apache2217\bin, if you want to use the cURL command-line program.
Edited the top of C:\work\mod_security-2.5.12\apache2\mlogc-src\Makefile.win and set my local paths
Download the core rules from http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/
and unzip them into C:\Apache2217\conf\modsecurity_crs
# Path to Apache httpd installation
BASE = C:\Apache2214
Add configuration directives to your Apache conf\httpd.conf:
# Paths to required libraries
PCRE = C:\work\pcre-7.9
CURL = C:\work\curl-7.20.0
# mod_security requires mod_unique_id
LoadModule unique_id_module modules/mod_unique_id.so
# Linking libraries
LIBS = $(BASE)\lib\libapr-1.lib \
$(BASE)\lib\libaprutil-1.lib \
$(PCRE)\pcre.lib \
$(CURL)\libcurl_imp.lib \
wsock32.lib
# mod_security
LoadModule security2_module modules/mod_security2.so
<IfModule security2_module>
SecRuleEngine On
SecDataDir logs
Include conf/modsecurity_crs/*.conf
Include conf/modsecurity_crs/base_rules/*.conf
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4\d[^4])"
SecAuditLogType Serial
SecAuditLogParts ABCDEFGHZ
SecAuditLog logs/modsecurity.log
</IfModule>
CD C:\work\mod_security-2.5.12\apache2\mlogc-src
NMAKE -f Makefile.win
==============================================================================================
OPTIONAL: BUILD AND CONFIGURE THE MOD_SECURITY-2.6 MLOGC piped-logging program
INSTALL AND RUN
Edit the top of C:\work\mod_security\apache2\mlogc-src\Makefile.win and set your local paths
Copied these five files to C:\Apache2214\bin:
C:\work\pcre-7.9\pcre.dll
C:\work\lua-5.1.4\src\lua5.1.dll
C:\work\libxml2-2.7.6\win32\bin.msvc\libxml2.dll
C:\work\curl-7.20.0\libcurl.dll
C:\work\mod_security-2.5.12\apache2\mlogc-src\mlogc.exe
# Path to Apache httpd installation
BASE = C:\Apache2217
Copied this one file to C:\Apache2214\modules:
# Paths to required libraries
PCRE = C:\work\pcre-8.12
CURL = C:\work\curl-7.21.4
C:\work\mod_security-2.5.12\apache2\mod_security2.so
# Linking libraries
LIBS = $(BASE)\lib\libapr-1.lib \
$(BASE)\lib\libaprutil-1.lib \
$(PCRE)\pcre.lib \
$(CURL)\libcurl_imp.lib \
wsock32.lib
You could also copy C:\work\curl-7.20.0\\curl.exe to C:\Apache2214\bin, if you want to use the cURL command-line.
Build the mlogc.exe program:
Downloaded the core rules from http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/
and unzipped them in C:\Apache2214\conf\modsecurity_crs
CD C:\work\mod_security_trunk\mlogc
NMAKE -f Makefile.win
Added this to my conf\httpd.conf:
Copy mlocg.exe to C:\Apache2217\bin\
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
<IfModule security2_module>
Include conf/modsecurity_crs/*.conf
Include conf/modsecurity_crs/base_rules/*.conf
SecDataDir logs
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4\d[^4])"
SecAuditLogType Concurrent
SecAuditLogParts ABCDEFGHZ
SecAuditLogStorageDir logs/data/
SecAuditLog "|bin/mlogc.exe"
</IfModule>
Create a new command file C:\Apache2217\bin\mlogc.bat with one line:
My conf\mlogc.conf has this:
CollectorRoot "C:/Apache2214/logs"
ConsoleURI "https://localhost:8888/rpc/auditLogReceiver"
SensorUsername "test"
SensorPassword "testtest"
LogStorageDir "data"
TransactionLog "mlogc-transaction.log"
QueuePath "mlogc-queue.log"
ErrorLog "mlogc-error.log"
LockFile "mlogc.lck"
KeepEntries 0
ErrorLogLevel 2
MaxConnections 10
MaxWorkerRequests 1000
TransactionDelay 50
StartupDelay 5000
CheckpointInterval 15
ServerErrorTimeout 60
C:\Apache2217\bin\mlogc.exe C:\Apache2217\conf\mlogc.conf
Create a new configuration file C:\Apache2217\conf\mlogc.conf to control the piped-logging program mlogc.exe.
Here is an example conf\mlogc.conf:
Mod_security appears to work OK with the "ModSecurity Community Console".
CollectorRoot "C:/Apache2217/logs"
ConsoleURI "https://localhost:8888/rpc/auditLogReceiver"
SensorUsername "test"
SensorPassword "testtest"
LogStorageDir "data"
TransactionLog "mlogc-transaction.log"
QueuePath "mlogc-queue.log"
ErrorLog "mlogc-error.log"
LockFile "mlogc.lck"
KeepEntries 0
ErrorLogLevel 2
MaxConnections 10
MaxWorkerRequests 1000
TransactionDelay 50
StartupDelay 5000
CheckpointInterval 15
ServerErrorTimeout 60
Change the SecAuditLog directive in conf\httpd.conf to pipe the log data to mlogc
instead of writing them to a file:
SecAuditLog |C:/Apache2217/bin/mlogc.bat

View File

@ -1,51 +1,51 @@
###########################################################################
### You Will need to modify the following variables for your system
###########################################################################
###########################################################################
# Path to Apache httpd installation
BASE = C:\Apache2
# Paths to required libraries
LIBXML2 = C:\work\libxml2-2.6.31
LUA = C:\work\lua-5.1.3
PCRE = C:\work\httpd-2.2.8\srclib\pcre
#
# Usage: NMAKE -f Makefile.win APACHE={httpd installion dir} PCRE={pcre dir} LIBXML2={LibXML2 dir} [ LUA={Lua dir} ]
#
!IF "$(APACHE)" == "" || "$(PCRE)" == "" || "$(LIBXML2)" == ""
!ERROR NMAKE arguments: APACHE=dir PCRE=dir LIBXML2=dir are required to build mod_security2 for Windows
!ENDIF
# Linking libraries
LIBS = $(BASE)\lib\libhttpd.lib \
$(BASE)\lib\libapr-1.lib \
$(BASE)\lib\libaprutil-1.lib \
$(PCRE)\LibR\pcre.lib \
LIBS = $(APACHE)\lib\libhttpd.lib \
$(APACHE)\lib\libapr-1.lib \
$(APACHE)\lib\libaprutil-1.lib \
$(PCRE)\pcre.lib \
$(LIBXML2)\win32\bin.msvc\libxml2.lib \
$(LUA)\lua5.1.lib \
wsock32.lib
Ws2_32.lib
###########################################################################
###########################################################################
CC = cL
CC = CL
MT = mt
DEFS = /nologo /O2 /LD /W3 /wd4244 -DWIN32 -DWINNT -Dinline=APR_INLINE
DEFS = /nologo /O2 /LD /W3 /wd4244 /wd4018 -DWIN32 -DWINNT -Dinline=APR_INLINE
DLL = mod_security2.so
INCLUDES = -I. \
INCLUDES = -I. -I.. \
-I$(PCRE)\include -I$(PCRE) \
-I$(LIBXML2)\include \
-I$(LUA)\include -I$(LUA) \
-I$(BASE)\include
-I$(APACHE)\include
# Lua is optional
!IF "$(LUA)" != ""
LIBS = $(LIBS) $(LUA)\lua5.1.lib
DEFS=$(DEFS) -DWITH_LUA
INCLUDES = $(INCLUDES) -I$(LUA)\include -I$(LUA) \
!ENDIF
CFLAGS= -MD $(INCLUDES) $(DEFS)
LDFLAGS =
LDFLAGS =
OBJS = mod_security2.obj apache2_config.obj apache2_io.obj apache2_util.obj \
re.obj re_operators.obj re_actions.obj re_tfns.obj re_variables.obj \
msc_logging.obj msc_xml.obj msc_multipart.obj modsecurity.obj \
msc_parsers.obj msc_util.obj msc_pcre.obj persist_dbm.obj \
msc_reqbody.obj pdf_protect.obj msc_geo.obj msc_gsb.obj acmp.obj msc_lua.obj \
msc_reqbody.obj msc_geo.obj msc_gsb.obj acmp.obj msc_lua.obj \
msc_release.obj
all: $(DLL)
@ -53,21 +53,20 @@ all: $(DLL)
dll: $(DLL)
mod_security2_config.h: mod_security2_config.hw
@echo off
type mod_security2_config.hw > mod_security2_config.h
@type mod_security2_config.hw > mod_security2_config.h
.c.obj:
$(CC) $(CFLAGS) -c $< -Fo$@
$(CC) $(CFLAGS) -c $< -Fo$@
.cpp.obj:
$(CC) $(CFLAGS) -c $< -Fo$@
$(CC) $(CFLAGS) -c $< -Fo$@
$(DLL): mod_security2_config.h $(OBJS)
$(CC) $(CFLAGS) $(LDFLAGS) -LD $(OBJS) -Fe$(DLL) $(LIBS) /link
IF EXIST $(DLL).manifest $(MT) -manifest $(DLL).manifest -outputresource:$(DLL);2
$(CC) $(CFLAGS) $(LDFLAGS) -LD $(OBJS) -Fe$(DLL) $(LIBS) /link
IF EXIST $(DLL).manifest $(MT) -manifest $(DLL).manifest -outputresource:$(DLL);2
install: $(DLL)
copy $(DLL) $(BASE)\modules
copy /Y $(DLL) $(APACHE)\modules
clean:
del $(OBJS) $(DLL) *.dll *.lib *.pdb *.idb *.ilk *.exp *.res *.rc *.bin mod_security2_config.h *.manifest
del $(OBJS) $(DLL) *.dll *.lib *.pdb *.idb *.ilk *.exp *.res *.rc *.bin mod_security2_config.h *.manifest

View File

@ -205,10 +205,6 @@ static int db_open(directory_config *dcfg, char **error_msg)
apr_pool_t *mp = dcfg->mp;
geo_db *geo = dcfg->geo;
apr_status_t rc;
apr_size_t nbytes;
apr_off_t offset;
unsigned char buf[3];
int i, j;
#ifdef DEBUG_CONF
fprintf(stderr, "GEO: Initializing geo DB \"%s\".\n", geo->dbfn);
@ -280,9 +276,6 @@ int geo_lookup(modsec_rec *msr, geo_rec *georec, const char *target, char **erro
int level;
double dtmp;
int itmp;
const unsigned char * p;
unsigned int x;
int j;
*error_msg = NULL;

View File

@ -1120,13 +1120,13 @@ void sec_audit_logger(modsec_rec *msr) {
/* AUDITLOG_PART_UPLOADS */
if ((strchr(msr->txcfg->auditlog_parts, AUDITLOG_PART_UPLOADS) != NULL) && (msr->mpd != NULL)) {
text = apr_psprintf(msr->mp, "\n--%s-%c--\n", msr->new_auditlog_boundary, AUDITLOG_PART_UPLOADS);
sec_auditlog_write(msr, text, strlen(text));
multipart_part **parts = NULL;
unsigned int total_size = 0;
int cfiles = 0;
text = apr_psprintf(msr->mp, "\n--%s-%c--\n", msr->new_auditlog_boundary, AUDITLOG_PART_UPLOADS);
sec_auditlog_write(msr, text, strlen(text));
parts = (multipart_part **)msr->mpd->parts->elts;
for(cfiles = 0; cfiles < msr->mpd->parts->nelts; cfiles++) {
if (parts[cfiles]->type == MULTIPART_FILE) {

View File

@ -38,6 +38,7 @@
#define AUDITLOG_PART_ENDMARKER 'Z'
#include "modsecurity.h"
#include "apr_pools.h"
int DSOLOCAL is_valid_parts_specification(char *p);
@ -47,4 +48,6 @@ char DSOLOCAL *construct_log_vcombinedus_limited(modsec_rec *msr, int _limit, in
void DSOLOCAL sec_audit_logger(modsec_rec *msr);
void DSOLOCAL version(apr_pool_t *mp);
#endif

View File

@ -42,6 +42,8 @@ char DSOLOCAL *lua_compile(msc_script **script, const char *filename, apr_pool_t
int DSOLOCAL lua_execute(msc_script *script, char *param, modsec_rec *msr, msre_rule *rule, char **error_msg);
apr_status_t DSOLOCAL msre_action_setvar_execute(modsec_rec *r, apr_pool_t *, msre_rule *, char *, char *);
#endif
#endif /* WITH_LUA */

View File

@ -69,6 +69,37 @@ static const short b64_reverse_t[256] = {
-2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2
};
#if defined(WIN32) || defined(WINNT)
/* Windows does not have inet_aton */
int inet_aton(const char *cp, struct in_addr *inp) {
inp->s_addr = inet_addr(cp);
return (inp->s_addr == 0);
}
/* Windows versions before Vista do not have inet_pton */
#if !defined(NTDDI_VERSION) || NTDDI_VERSION < NTDDI_VISTA
int inet_pton(int family, const char *cp, struct in6_addr *addr) {
struct addrinfo hints;
PADDRINFOA ppResult;
ZeroMemory( &hints, sizeof(hints) );
hints.ai_flags = AI_NUMERICHOST;
hints.ai_family = AF_INET6;
if (getaddrinfo(cp, NULL, &hints, &ppResult) == 0) {
while (ppResult) {
if (ppResult->ai_family == AF_INET6) {
memcpy(addr, ppResult->ai_addr, ppResult->ai_addrlen);
return 1;
}
ppResult = ppResult->ai_next;
}
}
return -1;
}
#endif /* NTDDI_VERSION */
#endif /* WIN32 || WINNT */
/* \brief Remove escape char
*
* \param mptmp Pointer to the pool
@ -78,7 +109,7 @@ static const short b64_reverse_t[256] = {
* \retval string On Success
*/
char *remove_escape(apr_pool_t *mptmp, const char *input, int input_len) {
char *parm = apr_palloc(mptmp, input_len);;
char *parm = apr_palloc(mptmp, input_len);
char *ret = parm;
int len = input_len;
@ -204,7 +235,6 @@ int convert_to_int(const char c)
int set_match_to_tx(modsec_rec *msr, int capture, const char *match, int tx_n) {
if (capture) {
int i;
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
if (s == NULL) return -1;

View File

@ -120,4 +120,13 @@ char DSOLOCAL *construct_single_var(modsec_rec *msr, char *name);
char DSOLOCAL *format_all_performance_variables(modsec_rec *msr, apr_pool_t *mp);
#if defined(WIN32) || defined(WINNT)
int DSOLOCAL inet_pton(int family, const char *cp, struct in6_addr *addr);
#if !defined(NTDDI_VERSION) || NTDDI_VERSION < NTDDI_VISTA
int DSLOCAL inet_aton(const char *cp, struct in_addr *inp);
#endif /* NTDDI_VERSION */
#endif /* WIN32 || WINNT */
#endif

View File

@ -1993,9 +1993,11 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
parm = strchr(msr->matched_var->name,':');
if(parm) {
msc_string *mvar = NULL;
parm++;
msc_string *mvar = apr_palloc(msr->mp, sizeof(msc_string));
mvar = apr_palloc(msr->mp, sizeof(msc_string));
mvar->name = apr_pstrdup(msr->mp, parm);
mvar->name_len = strlen(mvar->name);
mvar->value = apr_pmemdup(msr->mp, var->value, var->value_len);

View File

@ -584,6 +584,10 @@ static apr_status_t msre_action_tag_execute(modsec_rec *msr, apr_pool_t *mptmp,
msre_rule *rule, msre_action *action)
{
msc_string *var = NULL;
msre_action *action = NULL;
const apr_array_header_t *tarr = NULL;
const apr_table_entry_t *telts = NULL;
int act;
var = apr_pcalloc(mptmp, sizeof(msc_string));
if (var == NULL) return -1;
@ -591,9 +595,19 @@ static apr_status_t msre_action_tag_execute(modsec_rec *msr, apr_pool_t *mptmp,
var->value_len = strlen(var->value);
expand_macros(msr, var, rule, mptmp);
action->param = apr_pstrmemdup(msr->mp, var->value, var->value_len);
tarr = apr_table_elts(rule->actionset->actions);
telts = (const apr_table_entry_t*)tarr->elts;
return 1;
for (act = 0; act < tarr->nelts; act++) {
action = (msre_action *)telts[act].val;
if((action != NULL) && (action->metadata != NULL) && (strcmp("tag", action->metadata->name) == 0)) {
action->param = apr_pstrmemdup(msr->mp, var->value, var->value_len);
return 1;
}
}
return 0;
}
/* proxy */
@ -604,7 +618,7 @@ static char *msre_action_proxy_validate(msre_engine *engine, msre_action *action
}
static apr_status_t msre_action_proxy_init(msre_engine *engine, msre_actionset *actionset,
msre_action *action)
msre_action *action)
{
actionset->intercept_action = ACTION_PROXY;
actionset->intercept_uri = action->param;
@ -613,7 +627,7 @@ static apr_status_t msre_action_proxy_init(msre_engine *engine, msre_actionset *
}
static apr_status_t msre_action_proxy_execute(modsec_rec *msr, apr_pool_t *mptmp,
msre_rule *rule, msre_action *action)
msre_rule *rule, msre_action *action)
{
msc_string *var = NULL;
@ -631,7 +645,7 @@ static apr_status_t msre_action_proxy_execute(modsec_rec *msr, apr_pool_t *mptmp
/* pass */
static apr_status_t msre_action_pass_init(msre_engine *engine, msre_actionset *actionset,
msre_action *action)
msre_action *action)
{
actionset->intercept_action = ACTION_NONE;
actionset->intercept_action_rec = action;
@ -646,7 +660,7 @@ static char *msre_action_skip_validate(msre_engine *engine, msre_action *action)
}
static apr_status_t msre_action_skip_init(msre_engine *engine, msre_actionset *actionset,
msre_action *action)
msre_action *action)
{
actionset->skip_count = atoi(action->param);
if (actionset->skip_count <= 0) actionset->skip_count = 1;
@ -661,7 +675,7 @@ static char *msre_action_skipAfter_validate(msre_engine *engine, msre_action *ac
}
static apr_status_t msre_action_skipAfter_init(msre_engine *engine, msre_actionset *actionset,
msre_action *action)
msre_action *action)
{
actionset->skip_after = action->param;
return 1;
@ -1149,9 +1163,7 @@ static apr_status_t msre_action_sanitizeMatched_execute(modsec_rec *msr, apr_poo
const char *sargname = NULL;
const apr_array_header_t *tarr;
const apr_table_entry_t *telts;
const apr_array_header_t *tarr_pattern;
const apr_table_entry_t *telts_pattern;
int i, type = 0, k;
int i, type = 0;
msc_string *mvar = msr->matched_var;
if (mvar->name_len == 0) return 0;
@ -2626,10 +2638,9 @@ void msre_engine_register_default_actions(msre_engine *engine) {
);
/* tag */
/* ENH: This should be ACTION_METADATA??? */
msre_engine_action_register(engine,
"tag",
ACTION_NON_DISRUPTIVE,
ACTION_METADATA,
1, 1,
NO_PLUS_MINUS,
ACTION_CARDINALITY_MANY,

View File

@ -18,13 +18,10 @@
#include "apr_lib.h"
#include "apr_strmatch.h"
#include "acmp.h"
#if defined(WIN32) || defined(WINNT)
#include "pcre.h"
#else
#if !defined(WIN32) && !defined(WINNT)
#include <regex.h>
#endif
#define PARSE_REGEX_IP "([0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+)(?:(\\/[0-9]+))?|([0-9a-f]+\\:[0-9a-f]+\\:[0-9a-f]+\\:[0-9a-f]+\\:[0-9a-f]+\\:[0-9a-f]+\\:[0-9a-f]+\\:[0-9a-f]+)(?:(\\/[0-9]+))?"
#define MAX_SUBSTRINGS 30
@ -79,7 +76,6 @@ static int msre_op_nomatch_execute(modsec_rec *msr, msre_rule *rule,
/* ipmatch */
#if !defined(WIN32) || !defined(WINNT)
/*
* \brief Init function to ipmatch operator
*
@ -91,7 +87,7 @@ static int msre_op_nomatch_execute(modsec_rec *msr, msre_rule *rule,
*/
static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
const char *errptr = NULL;
int erroffset;
int erroffset = 0;
char *data = NULL;
const char *str = NULL;
char *saved = NULL;
@ -207,6 +203,8 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
while (maskbits >= 8) {
#ifdef LINUX
mask6.sin6_addr.__in6_u.__u6_addr8[j++] = 0xff;
#elif defined(WIN32) || defined(WINNT)
mask6.sin6_addr.s6_addr[j++] = 0xff;
#elif SOLARIS2
mask6.sin6_addr._S6_un._S6_u8[j++] = 0xff;
#else
@ -219,6 +217,9 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
#ifdef LINUX
mask6.sin6_addr.__in6_u.__u6_addr8[j] >>= 1;
mask6.sin6_addr.__in6_u.__u6_addr8[j] |= 0x80;
#elif defined(WIN32) || defined(WINNT)
mask6.sin6_addr.s6_addr[j] >>= 1;
mask6.sin6_addr.s6_addr[j] |= 0x80;
#elif SOLARIS2
mask6.sin6_addr._S6_un._S6_u8[j] >>= 1;
mask6.sin6_addr._S6_un._S6_u8[j] |= 0x80;
@ -233,6 +234,8 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
while (j < 16) {
#ifdef LINUX
mask6.sin6_addr.__in6_u.__u6_addr8[j++] = 0;
#elif defined(WIN32) || defined(WINNT)
mask6.sin6_addr.s6_addr[j++] = 0;
#elif SOLARIS2
mask6.sin6_addr._S6_un._S6_u8[j++] = 0;
#else
@ -243,6 +246,9 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
for (j = 0; j < 4; j++) {
#ifdef LINUX
sa.sin6_addr.__in6_u.__u6_addr32[j] &= mask6.sin6_addr.__in6_u.__u6_addr32[j];
#elif defined(WIN32) || defined(WINNT)
sa.sin6_addr.s6_words[j*2] &= mask6.sin6_addr.s6_words[j*2] ;
sa.sin6_addr.s6_words[j*2+1] &= mask6.sin6_addr.s6_words[j*2+1] ;
#elif SOLARIS2
sa.sin6_addr._S6_un.u6__S6_u32[j] &= mask6.sin6_addr._S6_un._S6_u32[j];
#else
@ -286,6 +292,8 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
while (maskbits >= 8) {
#ifdef LINUX
mask6.sin6_addr.__in6_u.__u6_addr8[j++] = 0xff;
#elif defined(WIN32) || defined(WINNT)
mask6.sin6_addr.s6_addr[j++] = 0xff;
#elif SOLARIS2
mask6.sin6_addr._S6_un._S6_u8[j++] = 0xff;
#else
@ -297,6 +305,9 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
#ifdef LINUX
mask6.sin6_addr.__in6_u.__u6_addr8[j] >>= 1;
mask6.sin6_addr.__in6_u.__u6_addr8[j] |= 0x80;
#elif defined(WIN32) || defined(WINNT)
mask6.sin6_addr.s6_addr[j] >>= 1;
mask6.sin6_addr.s6_addr[j] |= 0x80;
#elif SOLARIS2
mask6.sin6_addr._S6_un._S6_u8[j] >>= 1;
mask6.sin6_addr._S6_un._S6_u8[j] |= 0x80;
@ -311,6 +322,8 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
while (j < 16) {
#ifdef LINUX
mask6.sin6_addr.__in6_u.__u6_addr8[j++] = 0;
#elif defined(WIN32) || defined(WINNT)
mask6.sin6_addr.s6_addr[j++] = 0;
#elif SOLARIS2
mask6.sin6_addr._S6_un._S6_u8[j++] = 0;
#else
@ -322,6 +335,9 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
for (j = 0; j < 4; j++) {
#ifdef LINUX
sa.sin6_addr.__in6_u.__u6_addr32[j] &= mask6.sin6_addr.__in6_u.__u6_addr32[j];
#elif defined(WIN32) || defined(WINNT)
sa.sin6_addr.s6_words[j*2] &= mask6.sin6_addr.s6_words[j*2] ;
sa.sin6_addr.s6_words[j*2+1] &= mask6.sin6_addr.s6_words[j*2+1] ;
#elif SOLARIS2
sa.sin6_addr._S6_un._S6_u32[j] &= mask6.sin6_addr._S6_un._S6_u32[j];
#else
@ -421,7 +437,7 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
*/
static int msre_op_ipmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) {
const char *errptr = NULL;
int erroffset;
int erroffset=0;
struct in_addr addr;
struct sockaddr_in6 sa;
unsigned long ipaddr;
@ -472,6 +488,9 @@ static int msre_op_ipmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *v
#ifdef LINUX
if (((sa.sin6_addr.__in6_u.__u6_addr8[i] ^ ipdata->netaddr->sin6_addr.__in6_u.__u6_addr8[i]) &
ipdata->netaddr->sin6_addr.__in6_u.__u6_addr8[i]) == 0)
#elif defined(WIN32) || defined(WINNT)
if (((sa.sin6_addr.s6_addr[i] ^ ipdata->netaddr->sin6_addr.s6_addr[i]) &
ipdata->netaddr->sin6_addr.s6_addr[i]) == 0)
#elif SOLARIS2
if (((sa.sin6_addr._S6_un._S6_u8[i] ^ ipdata->netaddr->sin6_addr._S6_un._S6_u8[i]) &
ipdata->netaddr->sin6_addr._S6_un._S6_u8[i]) == 0)
@ -488,12 +507,11 @@ static int msre_op_ipmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *v
return 0;
}
#endif /* WIN32 | WINNT */
/* rsub */
static char *param_remove_escape(msre_rule *rule, char *str, int len) {
char *parm = apr_palloc(rule->ruleset->mp, len);;
char *parm = apr_palloc(rule->ruleset->mp, len);
char *ret = parm;
for(;*str!='\0';str++) {
@ -525,7 +543,7 @@ static char *param_remove_escape(msre_rule *rule, char *str, int len) {
*/
static int msre_op_rsub_param_init(msre_rule *rule, char **error_msg) {
const char *errptr = NULL;
int erroffset;
int erroffset = 0;
ap_regex_t *regex;
const char *pattern = NULL;
const char *line = NULL;
@ -1387,7 +1405,6 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
const char *match = NULL;
unsigned int match_length;
unsigned int canon_length;
unsigned int base_length;
int rv, i, ret;
char *data = NULL;
unsigned int size = var->value_len;
@ -3728,14 +3745,12 @@ void msre_engine_register_default_operators(msre_engine *engine) {
msre_op_nomatch_execute
);
#if !defined(WIN32) || !defined(WINNT)
/* ipmatch */
msre_engine_op_register(engine,
"ipmatch",
msre_op_ipmatch_param_init,
msre_op_ipmatch_execute
);
#endif /* WIN32 | WINNT */
/* rsub */
msre_engine_op_register(engine,