Adds new method for rule merge

IMPORTANT: SecDefaultAction specified on a child configuration will overwrite the ones specified on the parent; Previously it was concatenating.
2025-11-17 01:51:52 +03:00 · 2020-04-14 11:33:17 -03:00
parent cb0d298ded
commit 766b373c3b
115 changed files with 2136 additions and 1517 deletions
--- a/headers/modsecurity/transaction.h
+++ b/headers/modsecurity/transaction.h
@@ -102,6 +102,7 @@ class ModSecurity;
 class Transaction;
 class RulesSet;
 class RuleMessage;
+class RuleWithActions;
 namespace actions {
 class Action;
 namespace disruptive {
@@ -317,8 +318,56 @@ class TransactionSecMarkerManagement {
    std::shared_ptr<std::string> m_marker;
 };

+class TransactionRuleMessageManagement {
+ public:
+    explicit TransactionRuleMessageManagement(Transaction *t)
+        : m_transaction(t),
+        m_noAuditLog(false) { 
+            messageNew();
+        };
+
+    RuleMessage *messageGetLast();
+    void messageNew();
+
+    void logMatchLastRuleOnTheChain(RuleWithActions *rule);
+
+    void messageSetNoAuditLog(bool a) {
+        m_noAuditLog = a;
+    }
+
+    bool messageSaveAuditLog() const {
+        return m_noAuditLog;
+    }
+
+    std::list<RuleMessage *> messageGetAll() {
+        std::list<RuleMessage *> messages;
+        for (RuleMessage *a : m_rulesMessages) {
+            messages.push_back(a);
+        }
+
+        return messages;
+    }
+
+    void messageClear() {
+        m_rulesMessages.clear();
+    }
+
+ private:
+    /**
+     * This variable holds all the messages asked to be save by the utilization
+     * of the actions: `log_data' and `msg'. These should be included on the
+     * auditlogs.
+     */
+    std::list<RuleMessage *> m_rulesMessages;
+
+    Transaction *m_transaction;
+    bool m_noAuditLog;
+};
+
+
 /** @ingroup ModSecurity_CPP_API */
-class Transaction : public TransactionAnchoredVariables, public TransactionSecMarkerManagement {
+class Transaction : public TransactionAnchoredVariables, public TransactionSecMarkerManagement, \
+    public TransactionRuleMessageManagement {
 public:
    Transaction(ModSecurity *transaction, RulesSet *rules, void *logCbData);
    Transaction(ModSecurity *transaction, RulesSet *rules, char *id,
@@ -398,7 +447,7 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
 #ifndef NO_LOGS
    void debug(int, std::string) const;
 #endif
-    void serverLog(std::shared_ptr<RuleMessage> rm);
+    void serverLog(RuleMessage *rm);

    int getRuleEngineState() const;

@@ -527,13 +576,6 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
     */
    std::list< std::pair<int, std::string> > m_auditLogModifier;

-    /**
-     * This variable holds all the messages asked to be save by the utilization
-     * of the actions: `log_data' and `msg'. These should be included on the
-     * auditlogs.
-     */
-    std::list<modsecurity::RuleMessage> m_rulesMessages;
-
    /**
     * Holds the request body, in case of any.
     */