github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

MODSEC-362

Browse Source
This commit is contained in:
Breno Silva 2013-04-22 13:36:13 -04:00
parent 08471afafe
commit 6cd3a14db1
3 changed files with 61 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
apache2/apache2_config.c
View File

@ -159,6 +159,9 @@ void *create_directory_config(apr_pool_t *mp, char *path)
/* xml external entity */
dcfg->xml_external_entity = NOT_SET;
/* remote addr define */
dcfg->remote_define = NOT_SET_P;
return dcfg;
}
@ -598,6 +601,10 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child)
merged->xml_external_entity = (child->xml_external_entity == NOT_SET
? parent->xml_external_entity : child->xml_external_entity);
/* remote add define */
merged->remote_define = (child->remote_define == NOT_SET_P
? parent->remote_define : child->remote_define);
return merged;
}
@ -721,6 +728,9 @@ void init_directory_config(directory_config *dcfg)
/* xml external entity */
if (dcfg->xml_external_entity == NOT_SET) dcfg->xml_external_entity = 0;
/* remote addr define */
if (dcfg->remote_define == NOT_SET_P) dcfg->remote_define = "default";
}
/**
@ -2286,6 +2296,15 @@ static const char *cmd_web_app_id(cmd_parms *cmd, void *_dcfg, const char *p1)
return NULL;
}
static const char *cmd_remote_addr_define(cmd_parms *cmd, void *_dcfg, const char *p1)
{
directory_config *dcfg = (directory_config *)_dcfg;
dcfg->remote_define = p1;
return NULL;
}
static const char *cmd_sensor_id(cmd_parms *cmd, void *_dcfg, const char *p1)
{
directory_config *dcfg = (directory_config *)_dcfg;
@ -3475,6 +3494,14 @@ const command_rec module_directives[] = {
"id"
),
AP_INIT_TAKE1 (
"SecRemoteAddrDefine",
cmd_remote_addr_define,
NULL,
CMD_SCOPE_MAIN,
"Define a request header field to define remote addr"
),
AP_INIT_TAKE1 (
"SecSensorId",
cmd_sensor_id,

5
apache2/modsecurity.h
View File

@ -579,7 +579,7 @@ struct directory_config {
/* Hash */
apr_array_header_t *hash_method;
const char *crypto_key;
const char *crypto_key;
int crypto_key_len;
const char *crypto_param_name;
int hash_is_enabled;
@ -598,6 +598,9 @@ struct directory_config {
/* xml */
int xml_external_entity;
/* remote addr */
const char *remote_define;
};
struct error_message_t {

32
apache2/re_variables.c
View File

@ -700,13 +700,41 @@ static int var_useragent_ip_generate(modsec_rec *msr, msre_var *var, msre_rule *
static int var_remote_addr_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
char *remote = NULL;
char *parse_remote = NULL;
char *saved = NULL;
char *str = NULL;
if(strcasecmp(msr->txcfg->remote_define, "default") == 0) {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Set variable \"%s\" to \"%s\".", var->name, msr->remote_addr);
}
return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
} else {
remote = (char *)apr_table_get(msr->r->headers_in, msr->txcfg->remote_define);
if(remote == NULL) {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Request header \"%s\" not present setting variable \"%s\" to \"%s\".", msr->txcfg->remote_define,
var->name, msr->remote_addr);
}
return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
} else {
parse_remote = apr_pstrdup(msr->mp, remote);
str = apr_strtok(parse_remote, ",", &saved);
msr->remote_addr = apr_pstrdup(msr->mp, str);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Request header \"%s\" is present setting variable \"%s\" to \"%s\".", msr->txcfg->remote_define,
var->name, msr->remote_addr);
}
return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
}
}
}
/* REMOTE_HOST */
static int var_remote_host_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
apr_table_t *vartab, apr_pool_t *mptmp)
{
const char *value1 = ap_get_remote_host(msr->r->connection, msr->r->per_dir_config,
REMOTE_NAME, NULL);