github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 05:06:07 +03:00
Code Issues Packages Projects Releases Wiki Activity

Reverted SecCookiev0Separator

Browse Source
This commit is contained in:
brenosilva 2012-10-03 17:33:37 +00:00
parent 4c7ab59746
commit 724060a29f
6 changed files with 6 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
apache2/apache2_config.c
View File

@ -64,7 +64,6 @@ void *create_directory_config(apr_pool_t *mp, char *path)
dcfg->cookie_format = NOT_SET; dcfg->cookie_format = NOT_SET;
dcfg->argument_separator = NOT_SET; dcfg->argument_separator = NOT_SET;
dcfg->cookiev0_separator = NOT_SET_P;
dcfg->rule_inheritance = NOT_SET; dcfg->rule_inheritance = NOT_SET;
dcfg->rule_exceptions = apr_array_make(mp, 16, sizeof(rule_exception *)); dcfg->rule_exceptions = apr_array_make(mp, 16, sizeof(rule_exception *));
@ -367,8 +366,6 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child)
? parent->cookie_format : child->cookie_format); ? parent->cookie_format : child->cookie_format);
merged->argument_separator = (child->argument_separator == NOT_SET merged->argument_separator = (child->argument_separator == NOT_SET
? parent->argument_separator : child->argument_separator); ? parent->argument_separator : child->argument_separator);
merged->cookiev0_separator = (child->cookiev0_separator == NOT_SET_P
? parent->cookiev0_separator : child->cookiev0_separator);
/* rule inheritance */ /* rule inheritance */
@ -630,7 +627,6 @@ void init_directory_config(directory_config *dcfg)
if (dcfg->cookie_format == NOT_SET) dcfg->cookie_format = 0; if (dcfg->cookie_format == NOT_SET) dcfg->cookie_format = 0;
if (dcfg->argument_separator == NOT_SET) dcfg->argument_separator = '&'; if (dcfg->argument_separator == NOT_SET) dcfg->argument_separator = '&';
if (dcfg->cookiev0_separator == NOT_SET_P) dcfg->cookiev0_separator = ";";
if (dcfg->rule_inheritance == NOT_SET) dcfg->rule_inheritance = 1; if (dcfg->rule_inheritance == NOT_SET) dcfg->rule_inheritance = 1;
@ -1102,21 +1098,6 @@ static const char *cmd_argument_separator(cmd_parms *cmd, void *_dcfg,
return NULL; return NULL;
} }
static const char *cmd_cookiev0_separator(cmd_parms *cmd, void *_dcfg,
const char *p1)
{
directory_config *dcfg = (directory_config *)_dcfg;
if (strlen(p1) != 1) {
return apr_psprintf(cmd->pool, "ModSecurity: Invalid cookie v0 separator: %s", p1);
}
dcfg->cookiev0_separator = p1;
return NULL;
}
static const char *cmd_audit_engine(cmd_parms *cmd, void *_dcfg, const char *p1) static const char *cmd_audit_engine(cmd_parms *cmd, void *_dcfg, const char *p1)
{ {
directory_config *dcfg = _dcfg; directory_config *dcfg = _dcfg;
@ -2932,14 +2913,6 @@ const command_rec module_directives[] = {
"version of the Cookie specification to use for parsing. Possible values are 0 and 1." "version of the Cookie specification to use for parsing. Possible values are 0 and 1."
), ),
AP_INIT_TAKE1 (
"SecCookieV0Separator",
cmd_cookiev0_separator,
NULL,
CMD_SCOPE_ANY,
"character that will be used as separator when parsing cookie v0 content."
),
AP_INIT_TAKE1 ( AP_INIT_TAKE1 (
"SecDataDir", "SecDataDir",
cmd_data_dir, cmd_data_dir,

2
apache2/modsecurity.c
View File

@ -401,7 +401,7 @@ apr_status_t modsecurity_tx_init(modsec_rec *msr) {
for (i = 0; i < arr->nelts; i++) { for (i = 0; i < arr->nelts; i++) {
if (strcasecmp(te[i].key, "Cookie") == 0) { if (strcasecmp(te[i].key, "Cookie") == 0) {
if (msr->txcfg->cookie_format == COOKIES_V0) { if (msr->txcfg->cookie_format == COOKIES_V0) {
parse_cookies_v0(msr, te[i].val, msr->request_cookies, msr->txcfg->cookiev0_separator); parse_cookies_v0(msr, te[i].val, msr->request_cookies);
} else { } else {
parse_cookies_v1(msr, te[i].val, msr->request_cookies); parse_cookies_v1(msr, te[i].val, msr->request_cookies);
} }

1
apache2/modsecurity.h
View File

@ -467,7 +467,6 @@ struct directory_config {
int cookie_format; int cookie_format;
int argument_separator; int argument_separator;
const char *cookiev0_separator;
int rule_inheritance; int rule_inheritance;
apr_array_header_t *rule_exceptions; apr_array_header_t *rule_exceptions;

6
apache2/msc_parsers.c
View File

@ -19,7 +19,7 @@
* *
*/ */
int parse_cookies_v0(modsec_rec *msr, char *_cookie_header, int parse_cookies_v0(modsec_rec *msr, char *_cookie_header,
apr_table_t *cookies, const char *delim) apr_table_t *cookies)
{ {
char *attr_name = NULL, *attr_value = NULL; char *attr_name = NULL, *attr_value = NULL;
char *cookie_header; char *cookie_header;
@ -35,7 +35,7 @@ int parse_cookies_v0(modsec_rec *msr, char *_cookie_header,
cookie_header = strdup(_cookie_header); cookie_header = strdup(_cookie_header);
if (cookie_header == NULL) return -1; if (cookie_header == NULL) return -1;
p = apr_strtok(cookie_header, delim, &saveptr); p = apr_strtok(cookie_header, ";", &saveptr);
while(p != NULL) { while(p != NULL) {
attr_name = NULL; attr_name = NULL;
@ -74,7 +74,7 @@ int parse_cookies_v0(modsec_rec *msr, char *_cookie_header,
cookie_count++; cookie_count++;
} }
p = apr_strtok(NULL, delim, &saveptr); p = apr_strtok(NULL, ";", &saveptr);
} }
free(cookie_header); free(cookie_header);

3
apache2/msc_parsers.h
View File

@ -17,8 +17,7 @@
#include "modsecurity.h" #include "modsecurity.h"
int DSOLOCAL parse_cookies_v0(modsec_rec *msr, char *_cookie_header, apr_table_t *cookies, int DSOLOCAL parse_cookies_v0(modsec_rec *msr, char *_cookie_header, apr_table_t *cookies);
const char *delim);
int DSOLOCAL parse_cookies_v1(modsec_rec *msr, char *_cookie_header, apr_table_t *cookies); int DSOLOCAL parse_cookies_v1(modsec_rec *msr, char *_cookie_header, apr_table_t *cookies);

2
apache2/re.c
View File

@ -2664,7 +2664,7 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
/* Keep track of the highest severity matched so far */ /* Keep track of the highest severity matched so far */
if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity) if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity)
&& !rule->actionset->is_chained) { && !rule->actionset->is_chained) {
msr->highest_severity = acting_actionset->severity; msr->highest_severity = acting_actionset->severity;
} }