From 6f7fdd9493428d68403c8f599948d1a4c75262ea Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Sun, 28 Jan 2018 02:31:11 -0300 Subject: [PATCH] Using direct variable access instead m_collections --- headers/modsecurity/collection/collections.h | 60 +--- src/actions/log_data.cc | 3 +- src/actions/msg.cc | 2 +- src/actions/set_var.cc | 34 ++- src/actions/severity.cc | 4 +- src/collection/collections.cc | 302 +------------------ src/engine/lua.cc | 26 +- src/operators/pm.cc | 2 +- src/operators/rx.cc | 4 +- src/transaction.cc | 20 +- src/variables/global.h | 36 ++- src/variables/ip.h | 35 ++- src/variables/resource.h | 43 ++- src/variables/session.h | 41 ++- src/variables/tx.h | 32 +- src/variables/user.h | 40 ++- src/variables/variable.h | 10 +- 17 files changed, 247 insertions(+), 447 deletions(-) diff --git a/headers/modsecurity/collection/collections.h b/headers/modsecurity/collection/collections.h index 9ecafef7..f100c3e6 100644 --- a/headers/modsecurity/collection/collections.h +++ b/headers/modsecurity/collection/collections.h @@ -43,69 +43,12 @@ typedef struct Collections_t Collections; namespace modsecurity { namespace collection { -class Collections : - public std::unordered_map { +class Collections { public: Collections(Collection *global, Collection *ip, Collection *session, Collection *user, Collection *resource); ~Collections(); - void store(std::string key, std::string value); - void storeOrUpdateFirst(const std::string& collectionName, - const std::string& variableName, - const std::string& targetValue); - void storeOrUpdateFirst(const std::string& collectionName, - const std::string& variableName, - const std::string& appid, - const std::string& targetValue); - bool storeOrUpdateFirst(const std::string &key, const std::string &value); - bool updateFirst(const std::string &key, const std::string &value); - void del(const std::string& key); - std::unique_ptr resolveFirst(const std::string& var); - std::unique_ptr resolveFirst(const std::string& collectionName, - const std::string& var); - std::unique_ptr resolveFirst(const std::string& collectionName, - const std::string &appid, const std::string& var); - - void resolveSingleMatch(const std::string& var, - std::vector *l); - void resolveSingleMatch(const std::string& var, - const std::string& collection, - std::vector *l); - void resolveSingleMatch(const std::string& var, - const std::string& collection, - const std::string& appid, - std::vector *l); - - void resolveMultiMatches(const std::string& var, - std::vector *l); - void resolveMultiMatches(const std::string& var, - const std::string& collection, - std::vector *l); - void resolveMultiMatches(const std::string& var, - const std::string& collection, - const std::string& appid, - std::vector *l); - - void resolveRegularExpression(const std::string& var, - std::vector *l); - void resolveRegularExpression(const std::string& var, - const std::string& collection, - std::vector *l); - void resolveRegularExpression(const std::string& var, - const std::string& collection, - const std::string& appid, - std::vector *l); - - /** - * This is a special collection to host the transaction variables. - * - * It exists independent of initialization and it is only valid during a transaction. - * - * Notice that it is not the TX collection. - */ - Collection *m_transient; - std::string m_global_collection_key; std::string m_ip_collection_key; std::string m_session_collection_key; @@ -117,6 +60,7 @@ class Collections : Collection *m_session_collection; Collection *m_user_collection; Collection *m_resource_collection; + Collection *m_tx_collection; }; } // namespace collection diff --git a/src/actions/log_data.cc b/src/actions/log_data.cc index 0ab5ced9..7836cb2e 100644 --- a/src/actions/log_data.cc +++ b/src/actions/log_data.cc @@ -33,7 +33,8 @@ bool LogData::evaluate(Rule *rule, Transaction *transaction, std::shared_ptr rm) { rm->m_data = data(transaction); - transaction->m_collections.storeOrUpdateFirst("RULE:logdata", rm->m_data); + transaction->m_variableRule.set("logdata", rm->m_data, 0); + return true; } diff --git a/src/actions/msg.cc b/src/actions/msg.cc index 9ef2eb94..2f7b1593 100644 --- a/src/actions/msg.cc +++ b/src/actions/msg.cc @@ -54,7 +54,7 @@ bool Msg::evaluate(Rule *rule, Transaction *transaction, transaction->debug(9, "Saving msg: " + msg); #endif - transaction->m_collections.storeOrUpdateFirst("RULE:msg", msg); + transaction->m_variableRule.set("msg", msg, 0); return true; } diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc index ee256807..c7e0fc7c 100644 --- a/src/actions/set_var.cc +++ b/src/actions/set_var.cc @@ -79,8 +79,21 @@ bool SetVar::evaluate(Rule *rule, Transaction *t) { } else if (m_operation == setToOneOperation) { targetValue = std::string("1"); } else if (m_operation == unsetOperation) { - t->m_collections.del(m_variable->m_collectionName + ":" + - m_variableNameExpanded); + if (tx) { + tx->del(t, m_variableNameExpanded); + } else if (session) { + session->del(t, m_variableNameExpanded); + } else if (ip) { + ip->del(t, m_variableNameExpanded); + } else if (resource) { + resource->del(t, m_variableNameExpanded); + } else if (global) { + global->del(t, m_variableNameExpanded); + } else if (user) { + user->del(t, m_variableNameExpanded); + } else { + // ? + } goto end; } else { int pre = 0; @@ -118,9 +131,26 @@ bool SetVar::evaluate(Rule *rule, Transaction *t) { t->debug(8, "Saving variable: " + m_variable->m_collectionName \ + ":" + m_variableNameExpanded + " with value: " + targetValue); #endif + if (tx) { + tx->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue); + } else if (session) { + session->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue); + } else if (ip) { + ip->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue); + } else if (resource) { + resource->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue); + } else if (global) { + global->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue); + } else if (user) { + user->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue); + } else { + // ? + } +/* t->m_collections.storeOrUpdateFirst(m_variable->m_collectionName, m_variableNameExpanded, t->m_rules->m_secWebAppId.m_value, targetValue); + */ end: return true; } diff --git a/src/actions/severity.cc b/src/actions/severity.cc index 4192227b..60c50468 100644 --- a/src/actions/severity.cc +++ b/src/actions/severity.cc @@ -84,8 +84,8 @@ bool Severity::evaluate(Rule *rule, Transaction *transaction, transaction->m_highestSeverityAction = this->m_severity; } - transaction->m_collections.storeOrUpdateFirst("RULE:severity", - std::to_string(m_severity)); + transaction->m_variableRule.set("severity", std::to_string(m_severity), 0); + return true; } diff --git a/src/collection/collections.cc b/src/collection/collections.cc index 7dbbf207..109f44f2 100644 --- a/src/collection/collections.cc +++ b/src/collection/collections.cc @@ -44,309 +44,11 @@ Collections::Collections(Collection *global, m_ip_collection(ip), m_session_collection(session), m_user_collection(user), - m_transient(new backend::InMemoryPerProcess()) { - /* Create collection TX */ - this->emplace("TX", new backend::InMemoryPerProcess()); -} + m_tx_collection(new backend::InMemoryPerProcess()) { } -Collections::~Collections() { - for (const auto &thing : *this) { - delete thing.second; - } - delete m_transient; - this->clear(); -} +Collections::~Collections() { } -void Collections::storeOrUpdateFirst(const std::string& collectionName, - const std::string& variableName, - const std::string& targetValue) { - storeOrUpdateFirst(collectionName, variableName, "", targetValue); -} - -void Collections::storeOrUpdateFirst(const std::string& collectionName, - const std::string& variableName, const std::string& appid, - const std::string& targetValue) { - if (utils::string::tolower(collectionName) == "ip" - && !m_ip_collection_key.empty()) { - m_ip_collection->storeOrUpdateFirst(collectionName + ":" - + variableName, m_ip_collection_key, targetValue); - return; - } - - if (utils::string::tolower(collectionName) == "global" - && !m_global_collection_key.empty()) { - m_global_collection->storeOrUpdateFirst(collectionName + ":" - + variableName, m_global_collection_key, targetValue); - return; - } - - if (utils::string::tolower(collectionName) == "resource" - && !m_resource_collection_key.empty()) { - m_resource_collection->storeOrUpdateFirst(collectionName + ":" - + variableName, m_resource_collection_key, appid, targetValue); - return; - } - - if (utils::string::tolower(collectionName) == "session" - && !m_session_collection_key.empty()) { - m_session_collection->storeOrUpdateFirst(collectionName + ":" - + variableName, m_session_collection_key, appid, targetValue); - return; - } - - try { - Collection *collection; - collection = this->at(collectionName); - collection->storeOrUpdateFirst(collectionName + ":" - + variableName, targetValue); - } catch (...) { -#if 0 - debug(9, "don't know any collection named: " - + collectionName + ". it was created?"); -#endif - } -} - - -void Collections::store(std::string key, std::string value) { - m_transient->store(key, value); -} - - -bool Collections::storeOrUpdateFirst(const std::string &key, - const std::string &value) { - return m_transient->storeOrUpdateFirst(key, value); -} - - -bool Collections::updateFirst(const std::string &key, - const std::string &value) { - return m_transient->updateFirst(key, value); -} - - -void Collections::del(const std::string& key) { - return m_transient->del(key); -} - - -std::unique_ptr Collections::resolveFirst(const std::string& var) { - std::unique_ptr transientVar = m_transient->resolveFirst(var); - - if (transientVar != NULL) { - return transientVar; - } - - for (auto &a : *this) { - std::unique_ptr res = a.second->resolveFirst( - utils::string::toupper(a.first) + ":" + var); - - if (res != NULL) { - return res; - } - } - - return nullptr; -} - -std::unique_ptr Collections::resolveFirst( - const std::string& collectionName, const std::string& var) { - return resolveFirst(collectionName, "", var); -} - -std::unique_ptr Collections::resolveFirst( - const std::string& collectionName, const std::string &appid, - const std::string& var) { - if (utils::string::tolower(collectionName) == "ip" - && !m_ip_collection_key.empty()) { - return m_ip_collection->resolveFirst( - utils::string::toupper(collectionName) - + ":" + var, m_ip_collection_key); - } - - if (utils::string::tolower(collectionName) == "global" - && !m_global_collection_key.empty()) { - return m_global_collection->resolveFirst( - utils::string::toupper(collectionName) - + ":" + var, m_global_collection_key); - } - - if (utils::string::tolower(collectionName) == "resource" - && !m_resource_collection_key.empty()) { - return m_resource_collection->resolveFirst( - utils::string::toupper(collectionName) - + ":" + var, m_resource_collection_key, appid); - } - - if (utils::string::tolower(collectionName) == "session" - && !m_session_collection_key.empty()) { - return m_session_collection->resolveFirst( - utils::string::toupper(collectionName) - + ":" + var, m_session_collection_key, appid); - } - - for (auto &a : *this) { - if (utils::string::tolower(a.first) - == utils::string::tolower(collectionName)) { - std::unique_ptr res = a.second->resolveFirst( - utils::string::toupper(a.first) - + ":" + var); - if (res != NULL) { - return res; - } - } - } - - return NULL; -} - - -void Collections::resolveSingleMatch(const std::string& var, - std::vector *l) { - - m_transient->resolveSingleMatch(var, l); -} - -void Collections::resolveSingleMatch(const std::string& var, - const std::string& collection, - std::vector *l) { - resolveSingleMatch(var, collection, "", l); -} - -void Collections::resolveSingleMatch(const std::string& var, - const std::string& collection, const std::string& appid, - std::vector *l) { - - if (utils::string::tolower(collection) == "ip" - && !m_ip_collection_key.empty()) { - m_ip_collection->resolveSingleMatch(var, m_ip_collection_key, l); - return; - } - - if (utils::string::tolower(collection) == "global" - && !m_global_collection_key.empty()) { - m_global_collection->resolveSingleMatch(var, - m_global_collection_key, l); - return; - } - - if (utils::string::tolower(collection) == "resource" - && !m_resource_collection_key.empty()) { - m_resource_collection->resolveSingleMatch(var, - m_resource_collection_key, appid, l); - return; - } - - if (utils::string::tolower(collection) == "session" - && !m_session_collection_key.empty()) { - m_session_collection->resolveSingleMatch(var, - m_session_collection_key, appid, l); - return; - } - - try { - this->at(collection)->resolveSingleMatch(var, l); - } catch (...) { } -} - -void Collections::resolveMultiMatches(const std::string& var, - std::vector *l) { - - m_transient->resolveMultiMatches(var, l); -} - -void Collections::resolveMultiMatches(const std::string& var, - const std::string& collection, - std::vector *l) { - return resolveMultiMatches(var, collection, "", l); -} - -void Collections::resolveMultiMatches(const std::string& var, - const std::string& collection, const std::string &appid, - std::vector *l) { - if (utils::string::tolower(collection) == "ip" - && !m_ip_collection_key.empty()) { - m_ip_collection->resolveMultiMatches(var, m_ip_collection_key, l); - return; - } - - if (utils::string::tolower(collection) == "global" - && !m_global_collection_key.empty()) { - m_global_collection->resolveMultiMatches(var, - m_global_collection_key, l); - return; - } - - if (utils::string::tolower(collection) == "resource" - && !m_resource_collection_key.empty()) { - m_resource_collection->resolveMultiMatches(var, - m_resource_collection_key, appid, l); - return; - } - - if (utils::string::tolower(collection) == "session" - && !m_session_collection_key.empty()) { - m_session_collection->resolveMultiMatches(var, - m_session_collection_key, appid, l); - return; - } - - try { - this->at(collection)->resolveMultiMatches(var, l); - } catch (...) { } -} - -void Collections::resolveRegularExpression(const std::string& var, - std::vector *l) { - m_transient->resolveRegularExpression(var, l); -} - -void Collections::resolveRegularExpression(const std::string& var, - const std::string& collection, - std::vector *l) { - return resolveRegularExpression(var, collection, "", l); -} - -void Collections::resolveRegularExpression(const std::string& var, - const std::string& collection, const std::string &appid, - std::vector *l) { - if (utils::string::tolower(collection) == "ip" - && !m_ip_collection_key.empty()) { - m_ip_collection->resolveRegularExpression( - utils::string::toupper(collection) - + ":" + var, m_ip_collection_key, l); - return; - } - - if (utils::string::tolower(collection) == "global" - && !m_global_collection_key.empty()) { - m_global_collection->resolveRegularExpression( - utils::string::toupper(collection) - + ":" + var, m_global_collection_key, l); - return; - } - - if (utils::string::tolower(collection) == "resource" - && !m_resource_collection_key.empty()) { - m_resource_collection->resolveRegularExpression( - utils::string::toupper(collection) - + ":" + var, m_resource_collection_key, appid, l); - return; - } - - if (utils::string::tolower(collection) == "session" - && !m_session_collection_key.empty()) { - m_session_collection->resolveRegularExpression( - utils::string::toupper(collection) - + ":" + var, m_session_collection_key, appid, l); - return; - } - - try { - this->at(collection)->resolveRegularExpression(var, l); - } catch (...) { } -} } // namespace collection } // namespace modsecurity diff --git a/src/engine/lua.cc b/src/engine/lua.cc index b0318bfe..f789540a 100644 --- a/src/engine/lua.cc +++ b/src/engine/lua.cc @@ -363,8 +363,30 @@ int Lua::setvar(lua_State *L) { return -1; } - t->m_collections.storeOrUpdateFirst(collection, - variableName, var_value); + if (collection == "TX") { + t->m_collections.m_tx_collection->storeOrUpdateFirst( + "TX:" + variableName, "", var_value); + } + else if (collection == "IP") { + t->m_collections.m_ip_collection->storeOrUpdateFirst( + "IP:" + variableName, t->m_collections.m_ip_collection_key, + var_value); + } + else if (collection == "GLOBAL") { + t->m_collections.m_global_collection->storeOrUpdateFirst( + "GLOBAL:" + variableName, t->m_collections.m_global_collection_key, + var_value); + } + else if (collection == "RESOURCE") { + t->m_collections.m_resource_collection->storeOrUpdateFirst( + "RESOURCE:" + variableName, + t->m_collections.m_resource_collection_key, var_value); + } + else if (collection == "SESSION") { + t->m_collections.m_session_collection->storeOrUpdateFirst( + "SESSION:" + variableName, t->m_collections.m_session_collection_key, + var_value); + } return 0; } diff --git a/src/operators/pm.cc b/src/operators/pm.cc index 6167e199..b0f6460f 100644 --- a/src/operators/pm.cc +++ b/src/operators/pm.cc @@ -105,7 +105,7 @@ bool Pm::evaluate(Transaction *transaction, Rule *rule, } if (capture && transaction && rc) { - transaction->m_collections.storeOrUpdateFirst("TX", "0", + transaction->m_collections.m_tx_collection->storeOrUpdateFirst("TX:0", std::string(match)); #ifndef NO_LOGS transaction->debug(7, "Added pm match TX.0: " + \ diff --git a/src/operators/rx.cc b/src/operators/rx.cc index dcaa0a90..99a49996 100644 --- a/src/operators/rx.cc +++ b/src/operators/rx.cc @@ -58,8 +58,8 @@ bool Rx::evaluate(Transaction *transaction, Rule *rule, int i = 0; matches.reverse(); for (const SMatch& a : matches) { - transaction->m_collections.storeOrUpdateFirst("TX", - std::to_string(i), a.match); + transaction->m_collections.m_tx_collection->storeOrUpdateFirst( + "TX:" + std::to_string(i), a.match); #ifndef NO_LOGS transaction->debug(7, "Added regex subexpression TX." + std::to_string(i) + ": " + a.match); diff --git a/src/transaction.cc b/src/transaction.cc index 4ea5e615..05ef1775 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -51,6 +51,7 @@ #include "modsecurity/rule_message.h" #include "modsecurity/rules_properties.h" #include "src/actions/disruptive/allow.h" +#include "src/variables/remote_user.h" @@ -1367,14 +1368,19 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename, << " "; ss << utils::string::dash_if_empty(this->m_clientIpAddress.c_str()) << " "; /** TODO: Check variable */ + Variables::RemoteUser *r = new Variables::RemoteUser("REMOTE_USER"); + std::vector l; + r->evaluate(this, NULL, &l); + delete r; + ss << utils::string::dash_if_empty( - m_collections.resolveFirst("REMOTE_USER").get()); + m_variableRemoteUser.c_str()); ss << " "; /** TODO: Check variable */ - ss << utils::string::dash_if_empty( - this->m_collections.resolveFirst("LOCAL_USER").get()); - ss << " "; - ss << tstr << " "; + //ss << utils::string::dash_if_empty( + // this->m_collections.resolveFirst("LOCAL_USER").get()); + //ss << " "; + //ss << tstr << " "; ss << "\""; ss << utils::string::dash_if_empty(m_variableRequestMethod.evaluate()); @@ -1387,7 +1393,7 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename, ss << this->m_responseBody.tellp() << " "; /** TODO: Check variable */ ss << utils::string::dash_if_empty( - this->m_collections.resolveFirst("REFERER").get()) << " "; + m_variableRequestHeaders.resolveFirst("REFERER").get()) << " "; ss << "\""; ss << utils::string::dash_if_empty( m_variableRequestHeaders.resolveFirst("User-Agent").get()); @@ -1395,7 +1401,7 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename, ss << this->m_id << " "; /** TODO: Check variable */ ss << utils::string::dash_if_empty( - this->m_collections.resolveFirst("REFERER").get()) << " "; + m_variableRequestHeaders.resolveFirst("REFERER").get()) << " "; ss << filename << " "; ss << "0" << " "; diff --git a/src/variables/global.h b/src/variables/global.h index 67437660..2a3f97ff 100644 --- a/src/variables/global.h +++ b/src/variables/global.h @@ -37,11 +37,11 @@ class Global_DictElement : public Variable { : Variable("GLOBAL"), m_dictElement("GLOBAL:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_dictElement, - "GLOBAL", l); + t->m_collections.m_global_collection->resolveMultiMatches( + m_dictElement, t->m_collections.m_global_collection_key, l); } std::string m_dictElement; @@ -53,10 +53,11 @@ class Global_NoDictElement : public Variable { Global_NoDictElement() : Variable("GLOBAL") { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_name, "GLOBAL", l); + t->m_collections.m_global_collection->resolveMultiMatches(m_name, + t->m_collections.m_global_collection_key, l); } }; @@ -68,11 +69,11 @@ class Global_DictElementRegexp : public Variable { m_r(dictElement), m_dictElement("GLOBAL:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveRegularExpression(m_dictElement, - "GLOBAL", l); + t->m_collections.m_global_collection->resolveRegularExpression( + m_dictElement, t->m_collections.m_global_collection_key, l); } Utils::Regex m_r; @@ -86,11 +87,24 @@ class Global_DynamicElement : public Variable { : Variable("GLOBAL:dynamic"), m_string(std::move(dictElement)) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - std::string string = m_string->evaluate(transaction); - transaction->m_collections.resolveMultiMatches("GLOBAL:" + string, "GLOBAL", l); + std::string string = m_string->evaluate(t); + t->m_collections.m_global_collection->resolveMultiMatches( + "GLOBAL:" + string, t->m_collections.m_global_collection_key, l); + + } + + void del(Transaction *t, std::string k) { + t->m_collections.m_global_collection->del(k, + t->m_collections.m_global_collection_key); + } + + void storeOrUpdateFirst(Transaction *t, std::string var, + std::string value) { + t->m_collections.m_global_collection->storeOrUpdateFirst( + "GLOBAL:" + var, t->m_collections.m_global_collection_key, value); } std::unique_ptr m_string; diff --git a/src/variables/ip.h b/src/variables/ip.h index 212cfa14..ebc308e8 100644 --- a/src/variables/ip.h +++ b/src/variables/ip.h @@ -37,10 +37,12 @@ class Ip_DictElement : public Variable { : Variable("IP:" + dictElement), m_dictElement("IP:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_dictElement, "IP", l); + t->m_collections.m_ip_collection->resolveMultiMatches(m_dictElement, + t->m_collections.m_ip_collection_key, l); + } std::string m_dictElement; @@ -52,10 +54,11 @@ class Ip_NoDictElement : public Variable { Ip_NoDictElement() : Variable("IP") { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_name, "IP", l); + t->m_collections.m_ip_collection->resolveMultiMatches(m_name, + t->m_collections.m_ip_collection_key, l); } }; @@ -67,11 +70,11 @@ class Ip_DictElementRegexp : public Variable { m_r(dictElement), m_dictElement("IP:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveRegularExpression(m_dictElement, - "IP", l); + t->m_collections.m_ip_collection->resolveRegularExpression(m_dictElement, + t->m_collections.m_ip_collection_key, l); } Utils::Regex m_r; @@ -85,11 +88,23 @@ class Ip_DynamicElement : public Variable { : Variable("IP:dynamic"), m_string(std::move(dictElement)) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - std::string string = m_string->evaluate(transaction); - transaction->m_collections.resolveMultiMatches("IP:" + string, "IP", l); + std::string string = m_string->evaluate(t); + t->m_collections.m_ip_collection->resolveMultiMatches("IP:" + string, + t->m_collections.m_ip_collection_key, l); + } + + void del(Transaction *t, std::string k) { + t->m_collections.m_ip_collection->del(k, + t->m_collections.m_ip_collection_key); + } + + void storeOrUpdateFirst(Transaction *t, std::string var, + std::string value) { + t->m_collections.m_ip_collection->storeOrUpdateFirst( + "IP:" + var, t->m_collections.m_ip_collection_key, value); } std::unique_ptr m_string; diff --git a/src/variables/resource.h b/src/variables/resource.h index 955f2f2a..09870e9f 100644 --- a/src/variables/resource.h +++ b/src/variables/resource.h @@ -37,11 +37,12 @@ class Resource_DictElement : public Variable { : Variable("RESOURCE:" + dictElement), m_dictElement("RESOURCE:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_dictElement, - "RESOURCE", transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_resource_collection->resolveMultiMatches(m_dictElement, + t->m_collections.m_resource_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } std::string m_dictElement; @@ -53,11 +54,12 @@ class Resource_NoDictElement : public Variable { Resource_NoDictElement() : Variable("RESOURCE") { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_name, "RESOURCE", - transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_resource_collection->resolveMultiMatches(m_name, + t->m_collections.m_resource_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } }; @@ -69,11 +71,12 @@ class Resource_DictElementRegexp : public Variable { m_r(dictElement), m_dictElement("RESOURCE:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveRegularExpression(m_dictElement, - "RESOURCE", transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_resource_collection->resolveRegularExpression( + m_dictElement, t->m_collections.m_resource_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } Utils::Regex m_r; @@ -87,11 +90,27 @@ class Resource_DynamicElement : public Variable { : Variable("RESOURCE:dynamic"), m_string(std::move(dictElement)) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - std::string string = m_string->evaluate(transaction); - transaction->m_collections.resolveMultiMatches("RESOURCE:" + string, "RESOURCE", l); + std::string string = m_string->evaluate(t); + t->m_collections.m_resource_collection->resolveMultiMatches( + "RESOURCE:" + string, + t->m_collections.m_resource_collection_key, + t->m_rules->m_secWebAppId.m_value, l); + } + + void del(Transaction *t, std::string k) { + t->m_collections.m_resource_collection->del(k, + t->m_collections.m_resource_collection_key); + } + + void storeOrUpdateFirst(Transaction *t, std::string var, + std::string value) { + t->m_collections.m_resource_collection->storeOrUpdateFirst( + "RESOURCE:" + var, + t->m_collections.m_resource_collection_key, + t->m_rules->m_secWebAppId.m_value, value); } std::unique_ptr m_string; diff --git a/src/variables/session.h b/src/variables/session.h index 01bbfa1e..e967cd1d 100644 --- a/src/variables/session.h +++ b/src/variables/session.h @@ -37,11 +37,12 @@ class Session_DictElement : public Variable { : Variable("SESSION"), m_dictElement("SESSION:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_dictElement, - "SESSION", transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_session_collection->resolveMultiMatches( + m_dictElement, t->m_collections.m_session_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } std::string m_dictElement; @@ -53,11 +54,12 @@ class Session_NoDictElement : public Variable { Session_NoDictElement() : Variable("SESSION") { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_name, "SESSION", - transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_session_collection->resolveMultiMatches(m_name, + t->m_collections.m_session_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } }; @@ -69,11 +71,12 @@ class Session_DictElementRegexp : public Variable { m_r(dictElement), m_dictElement("SESSION:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveRegularExpression(m_dictElement, - "SESSION", transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_session_collection->resolveRegularExpression(m_dictElement, + t->m_collections.m_session_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } Utils::Regex m_r; @@ -87,11 +90,25 @@ class Session_DynamicElement : public Variable { : Variable("SESSION:dynamic"), m_string(std::move(dictElement)) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - std::string string = m_string->evaluate(transaction); - transaction->m_collections.resolveMultiMatches("SESSION:" + string, "SESSION", l); + std::string string = m_string->evaluate(t); + t->m_collections.m_session_collection->resolveMultiMatches( + "SESSION:" + string, + t->m_collections.m_session_collection_key, l); + } + + void del(Transaction *t, std::string k) { + t->m_collections.m_session_collection->del(k, + t->m_collections.m_session_collection_key); + } + + void storeOrUpdateFirst(Transaction *t, std::string var, + std::string value) { + t->m_collections.m_session_collection->storeOrUpdateFirst( + "SESSION:" + var, t->m_collections.m_session_collection_key, + value); } std::unique_ptr m_string; diff --git a/src/variables/tx.h b/src/variables/tx.h index 2b1d9680..00e3087a 100644 --- a/src/variables/tx.h +++ b/src/variables/tx.h @@ -37,10 +37,11 @@ class Tx_DictElement : public Variable { : Variable("TX:" + dictElement), m_dictElement("TX:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_dictElement, "TX", l); + t->m_collections.m_tx_collection->resolveMultiMatches( + m_dictElement, l); } std::string m_dictElement; @@ -52,10 +53,10 @@ class Tx_NoDictElement : public Variable { Tx_NoDictElement() : Variable("TX") { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_name, "TX", l); + t->m_collections.m_tx_collection->resolveMultiMatches(m_name, l); } }; @@ -67,11 +68,11 @@ class Tx_DictElementRegexp : public Variable { m_r(dictElement), m_dictElement("TX:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveRegularExpression(m_dictElement, - "TX", l); + t->m_collections.m_tx_collection->resolveRegularExpression( + m_dictElement, l); } Utils::Regex m_r; @@ -85,11 +86,22 @@ class Tx_DynamicElement : public Variable { : Variable("TX:dynamic"), m_string(std::move(dictElement)) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - std::string string = m_string->evaluate(transaction); - transaction->m_collections.resolveMultiMatches("TX:" + string, "TX", l); + std::string string = m_string->evaluate(t); + t->m_collections.m_tx_collection->resolveMultiMatches( + "TX:" + string, l); + } + + void del(Transaction *t, std::string k) { + t->m_collections.m_tx_collection->del(k); + } + + void storeOrUpdateFirst(Transaction *t, std::string var, + std::string value) { + t->m_collections.m_tx_collection->storeOrUpdateFirst( + "TX:" + var, value); } std::unique_ptr m_string; diff --git a/src/variables/user.h b/src/variables/user.h index 346366fd..81c396d1 100644 --- a/src/variables/user.h +++ b/src/variables/user.h @@ -37,11 +37,12 @@ class User_DictElement : public Variable { : Variable("USER"), m_dictElement("USER:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_dictElement, - "USER", transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_user_collection->resolveMultiMatches( + m_dictElement, t->m_collections.m_user_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } std::string m_dictElement; @@ -53,11 +54,12 @@ class User_NoDictElement : public Variable { User_NoDictElement() : Variable("USER") { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveMultiMatches(m_name, "USER", - transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_user_collection->resolveMultiMatches(m_name, + t->m_collections.m_user_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } }; @@ -69,11 +71,12 @@ class User_DictElementRegexp : public Variable { m_r(dictElement), m_dictElement("USER:" + dictElement) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - transaction->m_collections.resolveRegularExpression(m_dictElement, - "USER", transaction->m_rules->m_secWebAppId.m_value, l); + t->m_collections.m_user_collection->resolveRegularExpression( + m_dictElement, t->m_collections.m_user_collection_key, + t->m_rules->m_secWebAppId.m_value, l); } Utils::Regex m_r; @@ -87,11 +90,24 @@ class User_DynamicElement : public Variable { : Variable("USER:dynamic"), m_string(std::move(dictElement)) { } - void evaluate(Transaction *transaction, + void evaluate(Transaction *t, Rule *rule, std::vector *l) override { - std::string string = m_string->evaluate(transaction); - transaction->m_collections.resolveMultiMatches("USER:" + string, "USER", l); + std::string string = m_string->evaluate(t); + t->m_collections.m_user_collection->resolveMultiMatches( + "USER:" + string, t->m_collections.m_user_collection_key, l); + } + + void del(Transaction *t, std::string k) { + t->m_collections.m_user_collection->del(k, + t->m_collections.m_user_collection_key); + } + + void storeOrUpdateFirst(Transaction *t, std::string var, + std::string value) { + t->m_collections.m_user_collection->storeOrUpdateFirst( + "USER:" + var, t->m_collections.m_user_collection_key, + value); } std::unique_ptr m_string; diff --git a/src/variables/variable.h b/src/variables/variable.h index fc7df710..210a6089 100644 --- a/src/variables/variable.h +++ b/src/variables/variable.h @@ -18,6 +18,7 @@ #include #include #include +#include #include "modsecurity/transaction.h" #include "modsecurity/rule.h" @@ -32,6 +33,7 @@ namespace modsecurity { class Transaction; namespace Variables { + class Variable { public: /** @@ -191,7 +193,7 @@ class Variable { } else if (comp(variable, "USERID")) { t->m_variableUserID.evaluate(l); } else { - t->m_collections.resolveMultiMatches(variable, l); + throw std::invalid_argument("Variable not found."); } } else { std::string col = std::string(variable, 0, collection); @@ -244,7 +246,7 @@ class Variable { } else if (comp(col, "FILES_TMPNAMES")) { t->m_variableFilesTmpNames.resolve(var, l); } else { - t->m_collections.resolveMultiMatches(col, var, l); + throw std::invalid_argument("Variable not found."); } } } @@ -356,7 +358,7 @@ class Variable { } else if (comp(variable, "USERID")) { vv = t->m_variableUserID.resolveFirst(); } else { - vv = t->m_collections.resolveFirst(variable); + throw std::invalid_argument("Variable not found."); } } else { std::string col = std::string(variable, 0, collection); @@ -409,7 +411,7 @@ class Variable { } else if (comp(col, "FILES_TMPNAMES")) { vv = t->m_variableFilesTmpNames.resolveFirst(var); } else { - vv = t->m_collections.resolveFirst(col, var); + throw std::invalid_argument("Variable not found."); } } return std::string(*vv.get());