github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Uses unique_ptr on REMOTE_USER

Browse Source
This commit is contained in:
Felipe Zimmerle 2020-09-18 11:34:31 -03:00 committed by Felipe Zimmerle
parent 820396f784
commit 7afcd3046d
4 changed files with 41 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
headers/modsecurity/transaction.h
View File

@ -626,8 +626,6 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
int m_secRuleEngine; int m_secRuleEngine;
std::string m_variableRemoteUser;
std::vector<std::shared_ptr<RequestBodyProcessor::MultipartPartTmpFile>> m_multipartPartTmpFiles; std::vector<std::shared_ptr<RequestBodyProcessor::MultipartPartTmpFile>> m_multipartPartTmpFiles;
private: private:

10
src/transaction.cc
View File

@ -186,7 +186,6 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData)
m_json(NULL), m_json(NULL),
#endif #endif
m_secRuleEngine(RulesSetProperties::PropertyNotSetRuleEngine), m_secRuleEngine(RulesSetProperties::PropertyNotSetRuleEngine),
m_variableRemoteUser(""),
m_logCbData(logCbData), m_logCbData(logCbData),
TransactionAnchoredVariables(this), TransactionAnchoredVariables(this),
TransactionRuleMessageManagement(this) { TransactionRuleMessageManagement(this) {
@ -252,7 +251,6 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCb
m_json(NULL), m_json(NULL),
#endif #endif
m_secRuleEngine(RulesSetProperties::PropertyNotSetRuleEngine), m_secRuleEngine(RulesSetProperties::PropertyNotSetRuleEngine),
m_variableRemoteUser(""),
m_logCbData(logCbData), m_logCbData(logCbData),
TransactionAnchoredVariables(this), TransactionAnchoredVariables(this),
TransactionRuleMessageManagement(this) { TransactionRuleMessageManagement(this) {
@ -1466,14 +1464,8 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
m_variableRequestHeaders.resolveFirst("Host").get()) m_variableRequestHeaders.resolveFirst("Host").get())
<< " "; << " ";
ss << utils::string::dash_if_empty(this->m_clientIpAddress->c_str()) << " "; ss << utils::string::dash_if_empty(this->m_clientIpAddress->c_str()) << " ";
/** TODO: Check variable */
variables::RemoteUser *r = new variables::RemoteUser("REMOTE_USER");
VariableValues l;
r->evaluate(this, &l);
delete r;
ss << utils::string::dash_if_empty( ss << utils::string::dash_if_empty(variables::RemoteUser::parserRemoteUser(this).first.c_str());
m_variableRemoteUser.c_str());
ss << " "; ss << " ";
/** TODO: Check variable */ /** TODO: Check variable */
//ss << utils::string::dash_if_empty( //ss << utils::string::dash_if_empty(

37
src/variables/remote_user.cc
View File

@ -30,44 +30,21 @@
#include <memory> #include <memory>
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils/base64.h"
namespace modsecurity { namespace modsecurity {
namespace variables { namespace variables {
void RemoteUser::evaluate(Transaction *transaction, void RemoteUser::evaluate(Transaction *transaction,
VariableValues *l) { VariableValues *l) {
size_t pos; auto userName = parserRemoteUser(transaction);
std::string base64; auto var = std::make_shared<VariableValue>(
std::string header; std::unique_ptr<std::string>(new std::string(userName.first)),
&m_retName);
var->addOrigin(userName.second);
VariableValues l2;
transaction->m_variableRequestHeaders.resolve("authorization", &l2);
if (l2.size() < 1) {
return;
}
header = std::string(l2.at(0)->getValue());
if (header.compare(0, 6, "Basic ") == 0) {
base64 = std::string(header, 6, header.length());
}
base64 = Utils::Base64::decode(base64);
pos = base64.find(":");
if (pos == std::string::npos) {
return;
}
transaction->m_variableRemoteUser.assign(std::string(base64, 0, pos));
auto var = std::make_shared<VariableValue>(&m_retName, &transaction->m_variableRemoteUser);
for (auto &i : l2[0]->getOrigin()) {
var->addOrigin(i);
}
l->push_back(std::move(var)); l->push_back(std::move(var));
} }

33
src/variables/remote_user.h
View File

@ -23,6 +23,7 @@
#define SRC_VARIABLES_REMOTE_USER_H_ #define SRC_VARIABLES_REMOTE_USER_H_
#include "src/variables/variable.h" #include "src/variables/variable.h"
#include "src/utils/base64.h"
namespace modsecurity { namespace modsecurity {
@ -38,6 +39,38 @@ class RemoteUser : public Variable {
void evaluate(Transaction *transaction, void evaluate(Transaction *transaction,
VariableValues *l) override; VariableValues *l) override;
static std::pair<std::string, VariableOrigin> parserRemoteUser(Transaction *transaction) {
size_t pos;
std::string base64;
std::string header;
VariableValues l2;
transaction->m_variableRequestHeaders.resolve("authorization", &l2);
if (l2.size() < 1) {
goto err;
}
header = std::string(l2.at(0)->getValue());
if (header.compare(0, 6, "Basic ") == 0) {
base64 = std::string(header, 6, header.length());
}
base64 = Utils::Base64::decode(base64);
pos = base64.find(":");
if (pos == std::string::npos) {
goto err;
}
return std::make_pair(std::string(base64, 0, pos), l2[0]->getOrigin()[0]);
err:
return std::make_pair(std::string(""), VariableOrigin());
}
std::string m_retName; std::string m_retName;
}; };