From 81d0f84ad3f3ccbc5e41485f67afac8cbb371051 Mon Sep 17 00:00:00 2001 From: brectanus Date: Thu, 14 Jun 2007 16:05:45 +0000 Subject: [PATCH] Update copyright text to Breach Security, Inc. Merge in changes from branches/2.1.x --- CHANGES | 9 ++++-- README.TXT | 8 ++++-- apache2/apache2.h | 15 ++++++---- apache2/apache2_config.c | 6 ++-- apache2/apache2_io.c | 6 ++-- apache2/apache2_util.c | 9 +++--- apache2/mod_security2.c | 59 ++++++++++++++++++++++++---------------- apache2/modsecurity.c | 6 ++-- apache2/modsecurity.h | 6 ++-- apache2/msc_geo.c | 4 +-- apache2/msc_geo.h | 4 +-- apache2/msc_logging.c | 6 ++-- apache2/msc_logging.h | 6 ++-- apache2/msc_multipart.c | 6 ++-- apache2/msc_multipart.h | 6 ++-- apache2/msc_parsers.c | 6 ++-- apache2/msc_parsers.h | 6 ++-- apache2/msc_pcre.c | 6 ++-- apache2/msc_pcre.h | 6 ++-- apache2/msc_reqbody.c | 6 ++-- apache2/msc_util.c | 6 ++-- apache2/msc_util.h | 6 ++-- apache2/msc_xml.c | 6 ++-- apache2/msc_xml.h | 6 ++-- apache2/pdf_protect.c | 6 ++-- apache2/pdf_protect.h | 6 ++-- apache2/persist_dbm.c | 6 ++-- apache2/persist_dbm.h | 6 ++-- apache2/re.c | 20 ++++++++++---- apache2/re.h | 6 ++-- apache2/re_actions.c | 6 ++-- apache2/re_operators.c | 6 ++-- apache2/re_tfns.c | 6 ++-- apache2/re_variables.c | 6 ++-- rules/README | 2 +- 35 files changed, 134 insertions(+), 152 deletions(-) diff --git a/CHANGES b/CHANGES index 72942b08..fe56ffc6 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,7 @@ ?? ??? 2007 - 2.2.0-trunk ------------------------- - * Do not trigger "pause" action for subrequests. + * Do not trigger "pause" action for internal requests. * Added matching rule filename and line number to audit log. @@ -12,7 +12,9 @@ * Cache transformations per-request/phase so they are not repeated. - * Fixed problem with subrequests not being intercepted (only logged). + * Fixed issue with requests that use internal requests. These had the + potential to be intercepted incorrectly when other Apache httpd modules + that used internal requests were used with mod_security. * Added Solaris to the list of platforms not supporting the hidden visibility attribute. @@ -21,7 +23,8 @@ * Fixed decoding full-width unicode in t:urlDecodeUni. - * Only calculate debugging vars when we are debugging (more to come). + * Lessen some overhead of debugging messages and calculations + TODO: more to come * Removed strnlen() calls for non-GNU platforms. diff --git a/README.TXT b/README.TXT index 666c25a0..2c0ba1d8 100644 --- a/README.TXT +++ b/README.TXT @@ -1,6 +1,10 @@ +ModSecurity for Apache 2.x, http://www.modsecurity.org/ +Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) -ModSecurity for Apache (http://www.modsecurity.org) -Copyright (C) 2004-2006 Breach Security, Inc. (http://www.breach.com) +You should have received a copy of the licence along with this +program (stored in the file "LICENSE"). If the file is missing, +or if you have any other questions related to the licence, please +write to Breach Security, Inc. at support@breach.com. DOCUMENTATION diff --git a/apache2/apache2.h b/apache2/apache2.h index 6f8d68e6..ddd14320 100644 --- a/apache2/apache2.h +++ b/apache2/apache2.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id$ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _APACHE2_H_ @@ -65,7 +63,14 @@ char DSOLOCAL *get_env_var(request_rec *r, char *name); void DSOLOCAL internal_log(request_rec *r, directory_config *dcfg, modsec_rec *msr, int level, const char *text, va_list ap); -void DSOLOCAL msr_log(modsec_rec *msr, int level, const char *text, ...); + +/* msr_log is now a macro to avoid function call overhead. Nothing + * is done to avoid expansion of arguments, so do not call with + * arguments that cannot be duplicated (ie no level++, etc.) + */ +void DSOLOCAL _msr_log(modsec_rec *msr, int level, const char *text, ...); +#define msr_log(msr, lvl, ...) \ + do { if ((msr->txcfg != NULL) && (lvl <= msr->txcfg->debuglog_level)) _msr_log(msr, lvl, __VA_ARGS__); } while(0) char DSOLOCAL *format_error_log_message(apr_pool_t *mp, error_message *em); diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c index 16606402..526934c3 100644 --- a/apache2/apache2_config.c +++ b/apache2/apache2_config.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: apache2_config.c,v 1.8 2006/12/28 10:39:13 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c index c1656773..72d05141 100644 --- a/apache2/apache2_io.c +++ b/apache2/apache2_io.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: apache2_io.c,v 1.6 2007/01/23 16:08:15 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "modsecurity.h" diff --git a/apache2/apache2_util.c b/apache2/apache2_util.c index 817ddc03..afa994b4 100644 --- a/apache2/apache2_util.c +++ b/apache2/apache2_util.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: apache2_util.c,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "modsecurity.h" @@ -247,7 +245,7 @@ void internal_log(request_rec *r, directory_config *dcfg, modsec_rec *msr, * Logs one message at the given level to the debug log (and to the * Apache error log if the message is important enough. */ -void msr_log(modsec_rec *msr, int level, const char *text, ...) { +void _msr_log(modsec_rec *msr, int level, const char *text, ...) { va_list ap; va_start(ap, text); @@ -255,6 +253,7 @@ void msr_log(modsec_rec *msr, int level, const char *text, ...) { va_end(ap); } + /** * Converts an Apache error log message into one line of text. */ diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c index 638a1d62..21ee6a8c 100644 --- a/apache2/mod_security2.c +++ b/apache2/mod_security2.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: mod_security2.c,v 1.11 2006/12/15 15:06:04 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include @@ -55,15 +53,30 @@ int perform_interception(modsec_rec *msr) { msre_actionset *actionset = NULL; const char *message = NULL; const char *phase_text = ""; - const char *subreq_text = (msr->r->main == NULL) ? "" : "Subrequest. "; + const char *intreq_text = ""; + int is_initial_req = ap_is_initial_req(msr->r); int status = DECLINED; int log_level = 1; + /* Check for an initial request */ + + if (is_initial_req == 0) { + if (msr->r->main != NULL) { + intreq_text = "Sub-Request: "; + } + else if (msr->r->prev != NULL) { + intreq_text = "Internal Redirect: "; + } + else { + intreq_text = "Internal Request: "; + } + } + + /* Sanity checks first. */ if (msr->was_intercepted == 0) { msr_log(msr, 1, "Internal Error: Asked to intercept request but was_intercepted is zero"); - msr->was_intercepted = 0; return DECLINED; } @@ -79,13 +92,13 @@ int perform_interception(modsec_rec *msr) { phase_text = apr_psprintf(msr->mp, " (phase %i)", msr->phase); /* By default we log at level 1 but we switch to 4 - * if a nolog action was used or this is a subrequest + * if a nolog action was used or this is not the initial request * to hide the message. */ - log_level = ((actionset->log != 1) || (msr->r->main != NULL)) ? 4 : 1; + log_level = ((actionset->log != 1) || (is_initial_req == 0)) ? 4 : 1; - /* Pause the request first (if configured to do so and the main request). */ - if (actionset->intercept_pause && (msr->r->main == NULL)) { + /* Pause the request first (if configured and the initial request). */ + if (actionset->intercept_pause && (is_initial_req == 1)) { msr_log(msr, (log_level > 3 ? log_level : log_level + 1), "Pausing transaction for " "%i msec.", actionset->intercept_pause); /* apr_sleep accepts microseconds */ @@ -98,13 +111,13 @@ int perform_interception(modsec_rec *msr) { if (actionset->intercept_status != 0) { status = actionset->intercept_status; message = apr_psprintf(msr->mp, "%sAccess denied with code %i%s.", - subreq_text, status, phase_text); + intreq_text, status, phase_text); } else { log_level = 1; status = HTTP_INTERNAL_SERVER_ERROR; message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s " "(Internal Error: Invalid status code requested %i).", - subreq_text, phase_text, actionset->intercept_status); + intreq_text, phase_text, actionset->intercept_status); } break; @@ -115,15 +128,15 @@ int perform_interception(modsec_rec *msr) { status = HTTP_INTERNAL_SERVER_ERROR; message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s " "(Configuration Error: Proxy action to %s requested but mod_proxy not found).", - subreq_text, phase_text, + intreq_text, phase_text, log_escape_nq(msr->mp, actionset->intercept_uri)); } else { msr->r->filename = apr_psprintf(msr->mp, "proxy:%s", actionset->intercept_uri); msr->r->proxyreq = PROXYREQ_REVERSE; msr->r->handler = "proxy-server"; status = OK; - message = apr_psprintf(msr->mp, "%sAccess denied using proxy to %s%s.", - subreq_text, phase_text, + message = apr_psprintf(msr->mp, "%sAccess denied using proxy to%s %s.", + intreq_text, phase_text, log_escape_nq(msr->mp, actionset->intercept_uri)); } } else { @@ -131,7 +144,7 @@ int perform_interception(modsec_rec *msr) { status = HTTP_INTERNAL_SERVER_ERROR; message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s " "(Configuration Error: Proxy action requested but it does not work in output phases).", - subreq_text, phase_text); + intreq_text, phase_text); } break; @@ -149,21 +162,21 @@ int perform_interception(modsec_rec *msr) { if (apr_socket_close(csd) == APR_SUCCESS) { status = HTTP_FORBIDDEN; message = apr_psprintf(msr->mp, "%sAccess denied with connection close%s.", - subreq_text, phase_text); + intreq_text, phase_text); } else { log_level = 1; status = HTTP_INTERNAL_SERVER_ERROR; message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s " "(Error: Connection drop requested but failed to close the " " socket).", - subreq_text, phase_text); + intreq_text, phase_text); } } else { log_level = 1; status = HTTP_INTERNAL_SERVER_ERROR; message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s " "(Error: Connection drop requested but socket not found.", - subreq_text, phase_text); + intreq_text, phase_text); } } #else @@ -171,7 +184,7 @@ int perform_interception(modsec_rec *msr) { status = HTTP_INTERNAL_SERVER_ERROR; message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s " "(Error: Connection drop not implemented on this platform).", - subreq_text, phase_text); + intreq_text, phase_text); #endif break; @@ -186,14 +199,14 @@ int perform_interception(modsec_rec *msr) { } message = apr_psprintf(msr->mp, "%sAccess denied with redirection to %s using " "status %i%s.", - subreq_text, + intreq_text, log_escape_nq(msr->mp, actionset->intercept_uri), status, phase_text); break; case ACTION_ALLOW : status = DECLINED; - message = apr_psprintf(msr->mp, "%sAccess allowed%s.", subreq_text, phase_text); + message = apr_psprintf(msr->mp, "%sAccess allowed%s.", intreq_text, phase_text); msr->was_intercepted = 0; break; @@ -202,7 +215,7 @@ int perform_interception(modsec_rec *msr) { status = HTTP_INTERNAL_SERVER_ERROR; message = apr_psprintf(msr->mp, "%sAccess denied with code 500%s " "(Internal Error: invalid interception action %i).", - subreq_text, phase_text, actionset->intercept_action); + intreq_text, phase_text, actionset->intercept_action); break; } diff --git a/apache2/modsecurity.c b/apache2/modsecurity.c index 2fd65234..8eab51f8 100644 --- a/apache2/modsecurity.c +++ b/apache2/modsecurity.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: modsecurity.c,v 1.7 2006/12/28 10:39:13 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h index 6a34ca5b..ce18f20f 100644 --- a/apache2/modsecurity.h +++ b/apache2/modsecurity.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: modsecurity.h,v 1.27 2007/02/05 12:44:40 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _MODSECURITY_H_ diff --git a/apache2/msc_geo.c b/apache2/msc_geo.c index 0cf74998..4f0df69c 100644 --- a/apache2/msc_geo.c +++ b/apache2/msc_geo.c @@ -1,11 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "msc_geo.h" diff --git a/apache2/msc_geo.h b/apache2/msc_geo.h index 418cd0b3..4c962ffa 100644 --- a/apache2/msc_geo.h +++ b/apache2/msc_geo.h @@ -1,11 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _MSC_GEO_H_ diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c index abe5a2a6..9935ef57 100644 --- a/apache2/msc_logging.c +++ b/apache2/msc_logging.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_logging.c,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "msc_logging.h" diff --git a/apache2/msc_logging.h b/apache2/msc_logging.h index 26ddeb0a..6cfaa181 100644 --- a/apache2/msc_logging.h +++ b/apache2/msc_logging.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_logging.h,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _MSC_LOGGING_H_ diff --git a/apache2/msc_multipart.c b/apache2/msc_multipart.c index a540ce46..f953bd90 100644 --- a/apache2/msc_multipart.c +++ b/apache2/msc_multipart.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_multipart.c,v 1.2 2006/10/16 04:41:51 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include diff --git a/apache2/msc_multipart.h b/apache2/msc_multipart.h index 81bf65d6..cfcc35dc 100644 --- a/apache2/msc_multipart.h +++ b/apache2/msc_multipart.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_multipart.h,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _MSC_MULTIPART_H_ diff --git a/apache2/msc_parsers.c b/apache2/msc_parsers.c index b3720554..69be93e4 100644 --- a/apache2/msc_parsers.c +++ b/apache2/msc_parsers.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_parsers.c,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "msc_parsers.h" diff --git a/apache2/msc_parsers.h b/apache2/msc_parsers.h index ff7c0b8d..d4370c02 100644 --- a/apache2/msc_parsers.h +++ b/apache2/msc_parsers.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_parsers.h,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _MSC_PARSERS_H_ diff --git a/apache2/msc_pcre.c b/apache2/msc_pcre.c index 11fd9e72..c4f99117 100644 --- a/apache2/msc_pcre.c +++ b/apache2/msc_pcre.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_pcre.c,v 1.2 2006/12/28 10:39:13 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "msc_pcre.h" diff --git a/apache2/msc_pcre.h b/apache2/msc_pcre.h index d9af38b5..6067de43 100644 --- a/apache2/msc_pcre.h +++ b/apache2/msc_pcre.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_pcre.h,v 1.3 2006/12/28 10:39:13 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _MSC_PCRE_H_ diff --git a/apache2/msc_reqbody.c b/apache2/msc_reqbody.c index f0f40530..f1586019 100644 --- a/apache2/msc_reqbody.c +++ b/apache2/msc_reqbody.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_reqbody.c,v 1.2 2006/12/04 21:54:10 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "modsecurity.h" diff --git a/apache2/msc_util.c b/apache2/msc_util.c index acc33e94..e4ac75a0 100644 --- a/apache2/msc_util.c +++ b/apache2/msc_util.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_util.c,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "msc_util.h" diff --git a/apache2/msc_util.h b/apache2/msc_util.h index f1ee8169..9a5548ae 100644 --- a/apache2/msc_util.h +++ b/apache2/msc_util.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_util.h,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _UTIL_H_ diff --git a/apache2/msc_xml.c b/apache2/msc_xml.c index a8f7025d..df1e62d5 100644 --- a/apache2/msc_xml.c +++ b/apache2/msc_xml.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_xml.c,v 1.2 2006/12/04 20:04:09 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifdef WITH_LIBXML2 diff --git a/apache2/msc_xml.h b/apache2/msc_xml.h index cea27cef..f8da4adb 100644 --- a/apache2/msc_xml.h +++ b/apache2/msc_xml.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: msc_xml.h,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _MSC_XML_H_ diff --git a/apache2/pdf_protect.c b/apache2/pdf_protect.c index 87e2df2b..15c2caaf 100644 --- a/apache2/pdf_protect.c +++ b/apache2/pdf_protect.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id$ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "modsecurity.h" diff --git a/apache2/pdf_protect.h b/apache2/pdf_protect.h index 086bc77f..8936eb55 100644 --- a/apache2/pdf_protect.h +++ b/apache2/pdf_protect.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2007 Thinking Stone (http://www.thinkingstone.com) - * - * $Id$ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ diff --git a/apache2/persist_dbm.c b/apache2/persist_dbm.c index cb616c97..f5c31cef 100644 --- a/apache2/persist_dbm.c +++ b/apache2/persist_dbm.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: persist_dbm.c,v 1.3 2006/12/21 19:57:41 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "persist_dbm.h" diff --git a/apache2/persist_dbm.h b/apache2/persist_dbm.h index fe006a43..6a5af98f 100644 --- a/apache2/persist_dbm.h +++ b/apache2/persist_dbm.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: persist_dbm.h,v 1.1.1.1 2006/10/14 09:30:43 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _PERSIST_DBM_H_ diff --git a/apache2/re.c b/apache2/re.c index 36700ff5..20dfadb1 100644 --- a/apache2/re.c +++ b/apache2/re.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: re.c,v 1.15 2006/12/29 10:44:25 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include @@ -1438,7 +1436,19 @@ apr_status_t msre_rule_process(msre_rule *rule, modsec_rec *msr) { rc = execute_operator(var, rule, msr, acting_actionset, mptmp); - return (rc < 0) ? : rc; + if (rc < 0) { + return -1; + } + if (rc == RULE_MATCH) { + /* Return straight away if the transaction + * was intercepted - no need to process the remaining + * targets. + */ + if (msr->was_intercepted) { + return RULE_MATCH; + } + } + continue; /* next target */ } } diff --git a/apache2/re.h b/apache2/re.h index d011ea57..09111279 100644 --- a/apache2/re.h +++ b/apache2/re.h @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: re.h,v 1.7 2006/12/29 10:31:38 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #ifndef _MSC_RE_H_ diff --git a/apache2/re_actions.c b/apache2/re_actions.c index ede2fc7d..fd0453a2 100644 --- a/apache2/re_actions.c +++ b/apache2/re_actions.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: re_actions.c,v 1.9 2007/02/02 18:16:41 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "re.h" diff --git a/apache2/re_operators.c b/apache2/re_operators.c index 257fa491..5b7c50e6 100644 --- a/apache2/re_operators.c +++ b/apache2/re_operators.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: re_operators.c,v 1.7 2007/01/23 16:08:15 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "re.h" diff --git a/apache2/re_tfns.c b/apache2/re_tfns.c index 967e38ee..97a4664b 100644 --- a/apache2/re_tfns.c +++ b/apache2/re_tfns.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: re_tfns.c,v 1.3 2006/12/04 12:00:24 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include diff --git a/apache2/re_variables.c b/apache2/re_variables.c index faefac89..58409b29 100644 --- a/apache2/re_variables.c +++ b/apache2/re_variables.c @@ -1,13 +1,11 @@ /* * ModSecurity for Apache 2.x, http://www.modsecurity.org/ - * Copyright (c) 2004-2006 Thinking Stone (http://www.thinkingstone.com) - * - * $Id: re_variables.c,v 1.7 2007/01/23 16:08:15 ivanr Exp $ + * Copyright (c) 2004-2007 Breach Security, Inc. (http://www.breach.com/) * * You should have received a copy of the licence along with this * program (stored in the file "LICENSE"). If the file is missing, * or if you have any other questions related to the licence, please - * write to Thinking Stone at contact@thinkingstone.com. + * write to Breach Security, Inc. at support@breach.com. * */ #include "http_core.h" diff --git a/rules/README b/rules/README index fb6d6597..a11680e6 100644 --- a/rules/README +++ b/rules/README @@ -95,7 +95,7 @@ malicious activity. 4. Trojan Protection - Detecting access to Trojans horses. -5. Errors Hiding – Disguising error messages sent by the server +5. Errors Hiding - Disguising error messages sent by the server In addition the rule set also hints at the power of ModSecurity beyond providing security by reporting access from the major search engines to your