github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added TX_SEVERITY variable. See #60.

Browse Source
This commit is contained in:
brectanus 2007-08-08 22:11:02 +00:00
parent d2fd881c00
commit 648037fdb5
5 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -1,6 +1,9 @@
?? ??? 2007 - 2.5.0-trunk ?? ??? 2007 - 2.5.0-trunk
------------------------- -------------------------
* Added TX_SEVERITY that keeps track of the highest severity
for any matched rules so far.
* Added ARGS_GET, ARGS_POST, ARGS_GET_NAMES, ARGS_POST_NAMES variables to * Added ARGS_GET, ARGS_POST, ARGS_GET_NAMES, ARGS_POST_NAMES variables to
allow seperation of GET and POST arguments. allow seperation of GET and POST arguments.

3
apache2/modsecurity.c
View File

@ -295,9 +295,12 @@ apr_status_t modsecurity_tx_init(modsec_rec *msr) {
msr->collections_dirty = apr_table_make(msr->mp, 8); msr->collections_dirty = apr_table_make(msr->mp, 8);
if (msr->collections_dirty == NULL) return -1; if (msr->collections_dirty == NULL) return -1;
/* Other */
msr->tcache = apr_hash_make(msr->mp); msr->tcache = apr_hash_make(msr->mp);
if (msr->tcache == NULL) return -1; if (msr->tcache == NULL) return -1;
msr->tx_severity = 7; /* lowest */
return 1; return 1;
} }

1
apache2/modsecurity.h
View File

@ -320,6 +320,7 @@ struct modsec_rec {
apr_time_t time_checkpoint_3; apr_time_t time_checkpoint_3;
const char *matched_var; const char *matched_var;
int tx_severity;
/* upload */ /* upload */
int upload_extract_files; int upload_extract_files;

6
apache2/re.c
View File

@ -1253,6 +1253,12 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
msr->matched_var = apr_pstrdup(msr->mp, var->name); msr->matched_var = apr_pstrdup(msr->mp, var->name);
/* Keep track of the highest severity matched so far */
if (acting_actionset->severity < msr->tx_severity) {
msr->tx_severity = acting_actionset->severity;
}
/* Perform non-disruptive actions. */ /* Perform non-disruptive actions. */
msre_perform_nondisruptive_actions(msr, rule, rule->actionset, mptmp); msre_perform_nondisruptive_actions(msr, rule, rule->actionset, mptmp);

19
apache2/re_variables.c
View File

@ -734,6 +734,14 @@ static int var_tx_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
return count; return count;
} }
/* TX_SEVERITY */
static int var_tx_severity_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
return var_simple_generate(var, vartab, mptmp, apr_psprintf(mptmp, "%i", msr->tx_severity));
}
/* GEO */ /* GEO */
static int var_geo_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, static int var_geo_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
@ -2139,6 +2147,17 @@ void msre_engine_register_default_variables(msre_engine *engine) {
PHASE_REQUEST_HEADERS PHASE_REQUEST_HEADERS
); );
/* TX_SEVERITY */
msre_engine_variable_register(engine,
"TX_SEVERITY",
VAR_SIMPLE,
0, 0,
NULL,
var_tx_severity_generate,
VAR_DONT_CACHE,
PHASE_REQUEST_HEADERS
);
/* GEO */ /* GEO */
msre_engine_variable_register(engine, msre_engine_variable_register(engine,
"GEO", "GEO",