github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Makes lua optional

Browse Source
This commit is contained in:
Felipe Zimmerle 2017-11-06 00:00:38 -03:00
parent e52bd7d635
commit 7fa5ca9ba0
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
6 changed files with 55 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
build/lua.m4
View File

@ -63,8 +63,14 @@ if test -z "${LUA_CFLAGS}"; then
fi fi
else else
if test -z "${LUA_MANDATORY}" || test "x${LUA_MANDATORY}" == "xno"; then if test -z "${LUA_MANDATORY}" || test "x${LUA_MANDATORY}" == "xno"; then
LUA_FOUND=2 LUA_FOUND=1
AC_MSG_NOTICE([LUA is disabled by default.]) AC_MSG_NOTICE([using LUA v${LUA_VERSION}])
LUA_CFLAGS="-DWITH_LUA ${LUA_CFLAGS}"
LUA_DISPLAY="${LUA_LDADD} ${LUA_LDFLAGS}, ${LUA_CFLAGS}"
AC_SUBST(LUA_LDFLAGS)
AC_SUBST(LUA_LDADD)
AC_SUBST(LUA_CFLAGS)
AC_SUBST(LUA_DISPLAY)
else else
LUA_FOUND=1 LUA_FOUND=1
AC_MSG_NOTICE([using LUA v${LUA_VERSION}]) AC_MSG_NOTICE([using LUA v${LUA_VERSION}])

22
src/engine/lua.cc
View File

@ -41,6 +41,7 @@ namespace engine {
bool Lua::isCompatible(std::string script, Lua *l, std::string *error) { bool Lua::isCompatible(std::string script, Lua *l, std::string *error) {
#ifdef WITH_LUA
std::string lua(".lua"); std::string lua(".lua");
std::string err; std::string err;
@ -57,10 +58,15 @@ bool Lua::isCompatible(std::string script, Lua *l, std::string *error) {
} }
return true; return true;
#else
error->assign("Lua support was not enabled.");
return false;
#endif
} }
bool Lua::load(std::string script, std::string *err) { bool Lua::load(std::string script, std::string *err) {
#ifdef WITH_LUA
lua_State *L = NULL; lua_State *L = NULL;
L = luaL_newstate(); L = luaL_newstate();
luaL_openlibs(L); luaL_openlibs(L);
@ -93,9 +99,13 @@ bool Lua::load(std::string script, std::string *err) {
lua_close(L); lua_close(L);
return true; return true;
#else
err->assign("Lua support was not enabled.");
return false;
#endif
} }
#ifdef WITH_LUA
int Lua::blob_keeper(lua_State *L, const void *p, size_t sz, void *ud) { int Lua::blob_keeper(lua_State *L, const void *p, size_t sz, void *ud) {
LuaScriptBlob *lsb = static_cast<LuaScriptBlob *>(ud); LuaScriptBlob *lsb = static_cast<LuaScriptBlob *>(ud);
lsb->write(p, sz); lsb->write(p, sz);
@ -108,9 +118,10 @@ const char *Lua::blob_reader(lua_State *L, void *ud, size_t *size) {
const char *data = lsb->read(size); const char *data = lsb->read(size);
return data; return data;
} }
#endif
int Lua::run(Transaction *t) { int Lua::run(Transaction *t) {
#ifdef WITH_LUA
std::string luaRet; std::string luaRet;
lua_State *L = luaL_newstate(); lua_State *L = luaL_newstate();
luaL_openlibs(L); luaL_openlibs(L);
@ -188,9 +199,14 @@ int Lua::run(Transaction *t) {
} }
return true; return true;
#else
t->debug(9, "Lua support was not enabled.");
return false;
#endif
} }
#ifdef WITH_LUA
int Lua::log(lua_State *L) { int Lua::log(lua_State *L) {
Transaction *t = NULL; Transaction *t = NULL;
const char *text; const char *text;
@ -371,7 +387,7 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t, int idx, std
return newVar; return newVar;
} }
#endif
} // namespace engines } // namespace engines
} // namespace modsecurity } // namespace modsecurity

11
src/engine/lua.h
View File

@ -14,8 +14,8 @@
*/ */
#ifdef WITH_LUA #ifdef WITH_LUA
#endif
#include <lua.hpp> #include <lua.hpp>
#endif
#include <iostream> #include <iostream>
#include <cstdint> #include <cstdint>
@ -29,6 +29,7 @@ namespace modsecurity {
class Transaction; class Transaction;
namespace engine { namespace engine {
#ifdef WITH_LUA
class LuaScriptBlob { class LuaScriptBlob {
public: public:
LuaScriptBlob() : LuaScriptBlob() :
@ -61,7 +62,7 @@ class LuaScriptBlob {
unsigned char *m_data; unsigned char *m_data;
size_t m_len; size_t m_len;
}; };
#endif
class Lua { class Lua {
public: public:
@ -71,6 +72,7 @@ class Lua {
int run(Transaction *t); int run(Transaction *t);
static bool isCompatible(std::string script, Lua *l, std::string *error); static bool isCompatible(std::string script, Lua *l, std::string *error);
#ifdef WITH_LUA
static int blob_keeper(lua_State *L, const void *p, size_t sz, void *ud); static int blob_keeper(lua_State *L, const void *p, size_t sz, void *ud);
static const char *blob_reader(lua_State *L, void *us, size_t *size); static const char *blob_reader(lua_State *L, void *us, size_t *size);
@ -82,10 +84,11 @@ class Lua {
std::string var); std::string var);
LuaScriptBlob m_blob; LuaScriptBlob m_blob;
#endif
std::string m_scriptName; std::string m_scriptName;
}; };
#ifdef WITH_LUA
static const struct luaL_Reg mscLuaLib[] = { static const struct luaL_Reg mscLuaLib[] = {
{ "log", Lua::log }, { "log", Lua::log },
{ "getvar", Lua::getvar }, { "getvar", Lua::getvar },
@ -93,7 +96,7 @@ static const struct luaL_Reg mscLuaLib[] = {
{ "setvar", Lua::setvar }, { "setvar", Lua::setvar },
{ NULL, NULL } { NULL, NULL }
}; };
#endif
} // namespace engines } // namespace engines
} // namespace modsecurity } // namespace modsecurity

3
test/regression/regression.cc
View File

@ -435,6 +435,9 @@ int main(int argc, char **argv) {
#ifdef WITH_SSDEEP #ifdef WITH_SSDEEP
resources.push_back("ssdeep"); resources.push_back("ssdeep");
#endif #endif
#ifdef WITH_LUA
resources.push_back("lua");
#endif
#ifdef NO_LOGS #ifdef NO_LOGS
std::cout << "Test utility cannot work without logging support." \ std::cout << "Test utility cannot work without logging support." \

3
test/test-cases/regression/action-exec.json
View File

@ -3,6 +3,7 @@
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"version_max":0, "version_max":0,
"resource":"lua",
"title":"Testing action :: exec (1/3)", "title":"Testing action :: exec (1/3)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
@ -51,6 +52,7 @@
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"version_max":0, "version_max":0,
"resource":"lua",
"title":"Testing action :: exec (2/2)", "title":"Testing action :: exec (2/2)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
@ -98,6 +100,7 @@
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"version_max":0, "version_max":0,
"resource":"lua",
"title":"Testing action :: exec (3/3)", "title":"Testing action :: exec (3/3)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",

23
test/test-cases/regression/operator-inpectFile.json
View File

@ -78,7 +78,7 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Operator :: @inspectFile (2/3)", "title":"Testing Operator :: @inspectFile (3/3)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -116,7 +116,8 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Operator :: @inspectFile - lua (1/1)", "resource":"lua",
"title":"Testing Operator :: @inspectFile - lua (1/7)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -154,7 +155,8 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Operator :: @inspectFile - lua (2/2)", "resource":"lua",
"title":"Testing Operator :: @inspectFile - lua (2/7)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -192,7 +194,8 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Operator :: @inspectFile - lua (3/3)", "resource":"lua",
"title":"Testing Operator :: @inspectFile - lua (3/7)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -231,7 +234,8 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Operator :: @inspectFile - lua (4/4)", "resource":"lua",
"title":"Testing Operator :: @inspectFile - lua (4/7)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -270,7 +274,8 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Operator :: @inspectFile - lua (5/5)", "resource":"lua",
"title":"Testing Operator :: @inspectFile - lua (5/7)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -309,7 +314,8 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Operator :: @inspectFile - lua (6/?)", "resource":"lua",
"title":"Testing Operator :: @inspectFile - lua (6/7)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -348,7 +354,8 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Operator :: @inspectFile - lua (7/?)", "resource":"lua",
"title":"Testing Operator :: @inspectFile - lua (7/7)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123