Adds support to USER collection, setuid action and USERID variable

More details on: #1026, #1024, #1048
2025-08-13 21:36:00 +03:00 · 2016-05-06 17:31:12 -03:00 · 2016-05-06 17:31:12 -03:00 · 758ecb5d6d
commit 758ecb5d6d
parent ff9aa5c7cf
10 changed files with 115 additions and 11 deletions
--- a/headers/modsecurity/collection/collections.h
+++ b/headers/modsecurity/collection/collections.h
@ -45,7 +45,8 @@ namespace collection {
 class Collections :
    public std::unordered_map<std::string, Collection *> {
 public:
-    Collections(Collection *global, Collection *ip, Collection *session);
+    Collections(Collection *global, Collection *ip, Collection *session,
+        Collection *user);
    ~Collections();

    void store(std::string key, std::string value);
@ -87,10 +88,12 @@ class Collections :
    std::string m_global_collection_key;
    std::string m_ip_collection_key;
    std::string m_session_collection_key;
+    std::string m_user_collection_key;

    Collection *m_global_collection;
    Collection *m_ip_collection;
    Collection *m_session_collection;
+    Collection *m_user_collection;
 };

 }  // namespace collection
--- a/headers/modsecurity/modsecurity.h
+++ b/headers/modsecurity/modsecurity.h
@ -225,6 +225,7 @@ class ModSecurity {
    collection::Collection *m_global_collection;
    collection::Collection *m_ip_collection;
    collection::Collection *m_session_collection;
+    collection::Collection *m_user_collection;

 private:
    std::string m_connector;
--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -80,6 +80,7 @@ ACTIONS = \
 	actions/rule_id.cc \
 	actions/severity.cc \
 	actions/set_sid.cc \
+	actions/set_uid.cc \
 	actions/set_var.cc \
 	actions/status.cc \
 	actions/skip_after.cc \
--- a/src/actions/set_uid.cc
+++ b/src/actions/set_uid.cc
@ -0,0 +1,56 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/set_uid.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/transaction.h"
+#include "modsecurity/rule.h"
+#include "src/macro_expansion.h"
+#include "src/utils.h"
+
+namespace modsecurity {
+namespace actions {
+
+
+bool SetUID::init(std::string *error) {
+    m_collection_key = std::string(action, 0, action.length());
+
+    if (m_collection_key.empty()) {
+        return false;
+    }
+
+    return true;
+}
+
+
+bool SetUID::evaluate(Rule *rule, Transaction *t) {
+    std::string colNameExpanded = MacroExpansion::expand(m_collection_key, t);
+
+#ifndef NO_LOGS
+    t->debug(8, "User collection initiated with value: \'"
+        + colNameExpanded + "\'.");
+#endif
+
+    t->m_collections.m_user_collection_key = colNameExpanded;
+    t->m_collections.storeOrUpdateFirst("USERID", colNameExpanded);
+
+    return true;
+}
+
+}  // namespace actions
+}  // namespace modsecurity
--- a/src/actions/set_uid.h
+++ b/src/actions/set_uid.h
@ -0,0 +1,45 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_SET_UID_H_
+#define SRC_ACTIONS_SET_UID_H_
+
+class Transaction;
+
+namespace modsecurity {
+class Transaction;
+namespace actions {
+
+
+class SetUID : public Action {
+ public:
+    explicit SetUID(std::string _action)
+        : Action(_action) { }
+
+    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool init(std::string *error) override;
+ private:
+    std::string m_collection_key;
+};
+
+
+}  // namespace actions
+}  // namespace modsecurity
+
+#endif  // SRC_ACTIONS_SET_UID_H_
--- a/src/collection/collections.cc
+++ b/src/collection/collections.cc
@ -34,12 +34,13 @@ namespace collection {


 Collections::Collections(Collection *global,
-    Collection *ip, Collection *session)
+    Collection *ip, Collection *session, Collection *user)
    : m_global_collection_key(""),
    m_ip_collection_key(""),
    m_global_collection(global),
    m_ip_collection(ip),
    m_session_collection(session),
+    m_user_collection(user),
    m_transient(new backend::InMemoryPerProcess()) {
    /* Create collection TX */
    this->emplace("TX", new backend::InMemoryPerProcess());
--- a/src/modsecurity.cc
+++ b/src/modsecurity.cc
@ -49,6 +49,7 @@ ModSecurity::ModSecurity()
    m_global_collection(new collection::backend::InMemoryPerProcess()),
    m_ip_collection(new collection::backend::InMemoryPerProcess()),
    m_session_collection(new collection::backend::InMemoryPerProcess()),
+    m_user_collection(new collection::backend::InMemoryPerProcess()),
    m_logCb(NULL) {
    UniqueId::uniqueId();
    srand(time(NULL));
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@ -25,6 +25,7 @@ class Driver;
 #include "actions/ctl_audit_log_parts.h"
 #include "actions/init_col.h"
 #include "actions/set_sid.h"
+#include "actions/set_uid.h"
 #include "actions/set_var.h"
 #include "actions/severity.h"
 #include "actions/skip_after.h"
@ -68,6 +69,7 @@ using modsecurity::actions::Action;
 using modsecurity::actions::CtlAuditLogParts;
 using modsecurity::actions::InitCol;
 using modsecurity::actions::SetSID;
+using modsecurity::actions::SetUID;
 using modsecurity::actions::SetVar;
 using modsecurity::actions::Severity;
 using modsecurity::actions::Tag;
@ -933,12 +935,8 @@ act:
      }
    | ACTION_SETUID
      {
-        /*
-
-        TODO: setUID is not implemented yet.
-
        std::string error;
-        SetEnv *setUID = new SetUID($1);
+        SetUID *setUID = new SetUID($1);

        if (setUID->init(&error) == false) {
            driver.parserError << error;
@ -946,8 +944,6 @@ act:
        }

        $$ = setUID;
-        */
-        $$ = Action::instantiate($1);
      }
    | ACTION_SETVAR
      {
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@ -116,7 +116,7 @@ OPERATOR_GEOIP  (?i:@geoLookup)
 TRANSFORMATION  t:(?i:(cmdLine|sha1|hexEncode|lowercase|urlDecodeUni|urlDecode|none|compressWhitespace|removeWhitespace|replaceNulls|removeNulls|htmlEntityDecode|jsDecode|cssDecode|trim|normalizePathWin|normalisePathWin|normalisePath|length|utf8toUnicode|urldecode|removeCommentsChar|removeComments|replaceComments))


-VARIABLE (?i:(RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|MULTIPART_STRICT_ERROR|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|REQBODY_PROCESSOR|SESSIONID))
+VARIABLE (?i:(RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|MULTIPART_STRICT_ERROR|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|REQBODY_PROCESSOR|USERID|SESSIONID))
 VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|XML|REQUEST_COOKIES_NAMES))

 VARIABLE_TX (?i:TX)
--- a/src/transaction.cc
+++ b/src/transaction.cc
@ -113,7 +113,7 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
    m_logCbData(logCbData),
    m_ms(ms),
    m_collections(ms->m_global_collection, ms->m_ip_collection,
-        ms->m_session_collection) {
+        ms->m_session_collection, ms->m_user_collection) {
    m_id = std::to_string(this->m_timeStamp) + \
        std::to_string(generate_transaction_unique_id());
    m_rules->incrementReferenceCount();