Adds support to USER collection, setuid action and USERID variable

More details on: #1026, #1024, #1048
2025-09-29 19:24:29 +03:00 · 2016-05-06 17:31:12 -03:00
parent ff9aa5c7cf
commit 758ecb5d6d
10 changed files with 115 additions and 11 deletions
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -25,6 +25,7 @@ class Driver;
 #include "actions/ctl_audit_log_parts.h"
 #include "actions/init_col.h"
 #include "actions/set_sid.h"
+#include "actions/set_uid.h"
 #include "actions/set_var.h"
 #include "actions/severity.h"
 #include "actions/skip_after.h"
@@ -68,6 +69,7 @@ using modsecurity::actions::Action;
 using modsecurity::actions::CtlAuditLogParts;
 using modsecurity::actions::InitCol;
 using modsecurity::actions::SetSID;
+using modsecurity::actions::SetUID;
 using modsecurity::actions::SetVar;
 using modsecurity::actions::Severity;
 using modsecurity::actions::Tag;
@@ -933,12 +935,8 @@ act:
      }
    | ACTION_SETUID
      {
-        /*
-
-        TODO: setUID is not implemented yet.
-
        std::string error;
-        SetEnv *setUID = new SetUID($1);
+        SetUID *setUID = new SetUID($1);

        if (setUID->init(&error) == false) {
            driver.parserError << error;
@@ -946,8 +944,6 @@ act:
        }

        $$ = setUID;
-        */
-        $$ = Action::instantiate($1);
      }
    | ACTION_SETVAR
      {
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@@ -116,7 +116,7 @@ OPERATOR_GEOIP  (?i:@geoLookup)
 TRANSFORMATION  t:(?i:(cmdLine|sha1|hexEncode|lowercase|urlDecodeUni|urlDecode|none|compressWhitespace|removeWhitespace|replaceNulls|removeNulls|htmlEntityDecode|jsDecode|cssDecode|trim|normalizePathWin|normalisePathWin|normalisePath|length|utf8toUnicode|urldecode|removeCommentsChar|removeComments|replaceComments))


-VARIABLE (?i:(RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|MULTIPART_STRICT_ERROR|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|REQBODY_PROCESSOR|SESSIONID))
+VARIABLE (?i:(RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|MULTIPART_STRICT_ERROR|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|REQBODY_PROCESSOR|USERID|SESSIONID))
 VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|XML|REQUEST_COOKIES_NAMES))

 VARIABLE_TX (?i:TX)