From 7b5d35c462f8814f6ffd1745f2b0cd34234f2292 Mon Sep 17 00:00:00 2001
From: brectanus <brectanus@9017d574-64ec-4062-9424-5e00b32a252b>
Date: Wed, 10 Sep 2008 19:45:13 +0000
Subject: [PATCH] Added ability to use ctl:requestBodyAccess=off in phase:1 to
 avoid limit check. Added regression tests for this as well.

---
 apache2/mod_security2.c                       |   5 +-
 .../regression/config/10-request-directives.t | 220 ++++++++++++++++++
 2 files changed, 224 insertions(+), 1 deletion(-)

diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c
index 85ac20b2..eacd63e0 100644
--- a/apache2/mod_security2.c
+++ b/apache2/mod_security2.c
@@ -577,7 +577,10 @@ static int hook_request_early(request_rec *r) {
         rc = perform_interception(msr);
     }
 
-    if ((msr->txcfg->is_enabled != MODSEC_DISABLED) && (rc == DECLINED)) {
+    if (    (msr->txcfg->is_enabled != MODSEC_DISABLED)
+         && (msr->txcfg->reqbody_access == 1)
+         && (rc == DECLINED))
+    {
         /* Check request body limit (non-chunked requests only). */
         if (msr->request_content_length > msr->txcfg->reqbody_limit) {
             msr_log(msr, 1, "Request body (Content-Length) is larger than the "
diff --git a/apache2/t/regression/config/10-request-directives.t b/apache2/t/regression/config/10-request-directives.t
index baa51f15..16094ca7 100644
--- a/apache2/t/regression/config/10-request-directives.t
+++ b/apache2/t/regression/config/10-request-directives.t
@@ -179,6 +179,226 @@
 		"a=1&b=2",
 	),
 },
+{
+	type => "config",
+	comment => "SecRequestBodyLimit (equal - chunked)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecRequestBodyLimit 276
+	),
+	match_log => {
+		-error => [ qr/Request body is larger than the configured limit/, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => normalize_raw_request_data(
+		qq(
+			POST /test.txt HTTP/1.1
+			Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
+			User-Agent: $ENV{USER_AGENT}
+			Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
+			Transfer-Encoding: chunked
+
+		),
+	)
+	.encode_chunked(
+		normalize_raw_request_data(
+			q(
+				-----------------------------69343412719991675451336310646
+				Content-Disposition: form-data; name="a"
+
+				1
+				-----------------------------69343412719991675451336310646
+				Content-Disposition: form-data; name="b"
+
+				2
+				-----------------------------69343412719991675451336310646--
+			)
+		),
+		1024
+	),
+},
+{
+	type => "config",
+	comment => "SecRequestBodyLimit (greater - chunked)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecRequestBodyLimit 256
+	),
+	match_log => {
+		error => [ qr/Request body .*is larger than the configured limit \(256\)\./, 1 ],
+	},
+	match_response => {
+		status => qr/^413$/,
+	},
+	request => normalize_raw_request_data(
+		qq(
+			POST /test.txt HTTP/1.1
+			Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
+			User-Agent: $ENV{USER_AGENT}
+			Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
+			Transfer-Encoding: chunked
+
+		),
+	)
+	.encode_chunked(
+		normalize_raw_request_data(
+			q(
+				-----------------------------69343412719991675451336310646
+				Content-Disposition: form-data; name="a"
+
+				1
+				-----------------------------69343412719991675451336310646
+				Content-Disposition: form-data; name="b"
+
+				2
+				-----------------------------69343412719991675451336310646--
+			)
+		),
+		1024
+	),
+},
+{
+	type => "config",
+	comment => "SecRequestBodyLimit (ctl:ruleEngine=off)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecRequestBodyLimit 5
+
+		SecAction "phase:1,pass,nolog,ctl:ruleEngine=off"
+		SecRule REQUEST_BODY "." "phase:2,deny"
+	),
+	match_log => {
+		-error => [ qr/Request body .*is larger than the configured limit/, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"a=1&b=2",
+	),
+},
+{
+	type => "config",
+	comment => "SecRequestBodyLimit (ctl:requestBodyAccess=off)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecRequestBodyLimit 5
+
+		SecAction "phase:1,pass,nolog,ctl:requestBodyAccess=off"
+		SecRule REQUEST_BODY "." "phase:2,deny"
+	),
+	match_log => {
+		-error => [ qr/Request body .*is larger than the configured limit/, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"a=1&b=2",
+	),
+},
+{
+	type => "config",
+	comment => "SecRequestBodyLimit (ctl:ruleEngine=off - chunked)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecRequestBodyLimit 256
+
+		SecAction "phase:1,pass,nolog,ctl:ruleEngine=off"
+		SecRule REQUEST_BODY "." "phase:2,deny"
+	),
+	match_log => {
+		-error => [ qr/Request body .*is larger than the configured limit/, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => normalize_raw_request_data(
+		qq(
+			POST /test.txt HTTP/1.1
+			Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
+			User-Agent: $ENV{USER_AGENT}
+			Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
+			Transfer-Encoding: chunked
+
+		),
+	)
+	.encode_chunked(
+		normalize_raw_request_data(
+			q(
+				-----------------------------69343412719991675451336310646
+				Content-Disposition: form-data; name="a"
+
+				1
+				-----------------------------69343412719991675451336310646
+				Content-Disposition: form-data; name="b"
+
+				2
+				-----------------------------69343412719991675451336310646--
+			)
+		),
+		1024
+	),
+},
+{
+	type => "config",
+	comment => "SecRequestBodyLimit (ctl:requestBodyAccess=off - chunked)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecRequestBodyLimit 256
+
+		SecAction "phase:1,pass,nolog,ctl:requestBodyAccess=off"
+		SecRule REQUEST_BODY "." "phase:2,deny"
+	),
+	match_log => {
+		-error => [ qr/Request body .*is larger than the configured limit \(256\)\./, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => normalize_raw_request_data(
+		qq(
+			POST /test.txt HTTP/1.1
+			Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
+			User-Agent: $ENV{USER_AGENT}
+			Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
+			Transfer-Encoding: chunked
+
+		),
+	)
+	.encode_chunked(
+		normalize_raw_request_data(
+			q(
+				-----------------------------69343412719991675451336310646
+				Content-Disposition: form-data; name="a"
+
+				1
+				-----------------------------69343412719991675451336310646
+				Content-Disposition: form-data; name="b"
+
+				2
+				-----------------------------69343412719991675451336310646--
+			)
+		),
+		1024
+	),
+},
 
 # SecRequestBodyInMemoryLimit
 {