github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Actions refactoring: now there is a clear definiation on the action name

Browse Source
This commit is contained in:
Felipe Zimmerle
2016-05-17 14:36:59 -03:00
parent 1b88947d9b
commit 8c714af8e1
62 changed files with 431 additions and 359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/actions/accuracy.cc
View File

@@ -27,14 +27,16 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Accuracy::Accuracy(std::string action)
: Action(action, ConfigurationKind), bool Accuracy::init(std::string *error) {
m_accuracy_str(action) { try {
if (m_accuracy_str.at(0) == '\'') { m_accuracy = std::stoi(m_parser_payload);
m_accuracy_str.erase(0, 1); } catch (...) {
m_accuracy_str.pop_back(); error->assign("Accuracy: The input \"" + m_parser_payload + "\" is " \
"not a number.");
return false;
} }
m_accuracy = std::stoi(m_accuracy_str); return true;
} }
@@ -43,5 +45,6 @@ bool Accuracy::evaluate(Rule *rule, Transaction *transaction) {
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

6
src/actions/accuracy.h
View File

@@ -29,12 +29,14 @@ namespace actions {
class Accuracy : public Action { class Accuracy : public Action {
public: public:
explicit Accuracy(std::string action); explicit Accuracy(std::string action)
: Action(action, ConfigurationKind),
m_accuracy(0) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private: private:
std::string m_accuracy_str;
int m_accuracy; int m_accuracy;
}; };

2
src/actions/action.cc
View File

@@ -52,7 +52,7 @@ bool Action::evaluate(Rule *rule, Transaction *transaction) {
} }
void Action::fill_intervention(ModSecurityIntervention *i) { void Action::fillIntervention(ModSecurityIntervention *i) {
} }
Action *Action::instantiate(const std::string& name) { Action *Action::instantiate(const std::string& name) {

45
src/actions/action.h
View File

@@ -35,19 +35,41 @@ class Action {
public: public:
explicit Action(const std::string& _action) explicit Action(const std::string& _action)
: action_kind(2), : action_kind(2),
action(_action), m_name(""),
name(_action), m_parser_payload(""),
m_isNone(false), m_isNone(false),
temporaryAction(false) { temporaryAction(false) {
name.erase(0, 2); set_name_and_payload(_action);
} }
explicit Action(const std::string& _action, int kind) explicit Action(const std::string& _action, int kind)
: action_kind(kind), : action_kind(kind),
action(_action), m_name(""),
name(_action), m_parser_payload(""),
m_isNone(false), m_isNone(false),
temporaryAction(false) { temporaryAction(false) {
name.erase(0, 2); set_name_and_payload(_action);
}
void set_name_and_payload(const std::string& data) {
size_t pos = data.find(":");
std::string t = "t:";
if (data.compare(0, t.length(), t) == 0) {
pos = data.find(":", 2);
}
if (pos == std::string::npos) {
m_name = data;
return;
}
m_name = std::string(data, 0, pos);
m_parser_payload = std::string(data, pos + 1, data.length());
if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) {
m_parser_payload.erase(0, 1);
m_parser_payload.pop_back();
}
} }
virtual ~Action() { } virtual ~Action() { }
@@ -83,9 +105,6 @@ class Action {
RunTimeOnlyIfMatchKind, RunTimeOnlyIfMatchKind,
}; };
std::string action;
int action_kind;
std::string name;
virtual std::string evaluate(std::string exp, virtual std::string evaluate(std::string exp,
Transaction *transaction); Transaction *transaction);
@@ -94,14 +113,20 @@ class Action {
RuleMessage *ruleMessage) { RuleMessage *ruleMessage) {
return evaluate(rule, transaction); return evaluate(rule, transaction);
} }
virtual bool init(std::string *error) { return true; } virtual bool init(std::string *error) { return true; }
virtual bool isDisruptive() { return false; } virtual bool isDisruptive() { return false; }
virtual void fillIntervention(ModSecurityIntervention *intervention);
static Action *instantiate(const std::string& name); static Action *instantiate(const std::string& name);
virtual void fill_intervention(ModSecurityIntervention *intervention);
bool temporaryAction; bool temporaryAction;
std::string m_name;
std::string m_parser_payload;
bool m_isNone; bool m_isNone;
int action_kind;
}; };

2
src/actions/audit_log.cc
View File

@@ -23,10 +23,12 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
bool AuditLog::evaluate(Rule *rule, Transaction *transaction) { bool AuditLog::evaluate(Rule *rule, Transaction *transaction) {
transaction->m_toBeSavedInAuditlogs = true; transaction->m_toBeSavedInAuditlogs = true;
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

1
src/actions/audit_log.h
View File

@@ -37,6 +37,7 @@ class AuditLog : public Action {
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
}; };
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity
#endif #endif

10
src/actions/block.cc
View File

@@ -25,12 +25,6 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Block::Block(std::string action)
: Action(action) {
this->action = action;
this->action_kind = 2;
}
bool Block::evaluate(Rule *rule, Transaction *transaction) { bool Block::evaluate(Rule *rule, Transaction *transaction) {
#ifndef NO_LOGS #ifndef NO_LOGS
@@ -44,9 +38,11 @@ bool Block::evaluate(Rule *rule, Transaction *transaction) {
return true; return true;
} }
void Block::fill_intervention(ModSecurityIntervention *i) {
void Block::fillIntervention(ModSecurityIntervention *i) {
i->disruptive = true; i->disruptive = true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

5
src/actions/block.h
View File

@@ -31,13 +31,14 @@ namespace actions {
class Block : public Action { class Block : public Action {
public: public:
explicit Block(std::string action); explicit Block(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
void fill_intervention(ModSecurityIntervention *i) override; void fillIntervention(ModSecurityIntervention *i) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
}; };
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity
#endif #endif

2
src/actions/capture.cc
View File

@@ -31,6 +31,7 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
bool Capture::evaluate(Rule *rule, Transaction *transaction) { bool Capture::evaluate(Rule *rule, Transaction *transaction) {
if (transaction->m_matched.empty()) { if (transaction->m_matched.empty()) {
return false; return false;
@@ -46,5 +47,6 @@ bool Capture::evaluate(Rule *rule, Transaction *transaction) {
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

2
src/actions/chain.cc
View File

@@ -25,11 +25,11 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Chain::evaluate(Rule *rule, Transaction *transaction) { bool Chain::evaluate(Rule *rule, Transaction *transaction) {
rule->chained = true; rule->chained = true;
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

8
src/actions/ctl_audit_log_parts.cc
View File

@@ -23,11 +23,9 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
CtlAuditLogParts::CtlAuditLogParts(std::string action) bool CtlAuditLogParts::init(std::string *error) {
: Action(action, RunTimeOnlyIfMatchKind), std::string what(m_parser_payload, 14, 1);
mPartsAction(0) { mParts = std::string(m_parser_payload, 15, m_parser_payload.length()-15);
std::string what(action, 18, 1);
mParts = std::string(action, 19, action.length()-19);
if (what == "+") { if (what == "+") {
mPartsAction = 0; mPartsAction = 0;
} else { } else {

8
src/actions/ctl_audit_log_parts.h
View File

@@ -27,9 +27,15 @@ namespace actions {
class CtlAuditLogParts : public Action { class CtlAuditLogParts : public Action {
public: public:
explicit CtlAuditLogParts(std::string action); explicit CtlAuditLogParts(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
mPartsAction(0),
mParts("") { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
protected:
int mPartsAction; int mPartsAction;
std::string mParts; std::string mParts;
}; };

10
src/actions/deny.cc
View File

@@ -23,12 +23,6 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Deny::Deny(std::string action)
: Action(action) {
this->action = action;
this->action_kind = 2;
}
bool Deny::evaluate(Rule *rule, Transaction *transaction) { bool Deny::evaluate(Rule *rule, Transaction *transaction) {
#ifndef NO_LOGS #ifndef NO_LOGS
@@ -38,7 +32,8 @@ bool Deny::evaluate(Rule *rule, Transaction *transaction) {
return true; return true;
} }
void Deny::fill_intervention(ModSecurityIntervention *i) {
void Deny::fillIntervention(ModSecurityIntervention *i) {
if (i->status == 200) { if (i->status == 200) {
i->status = 403; i->status = 403;
} }
@@ -46,5 +41,6 @@ void Deny::fill_intervention(ModSecurityIntervention *i) {
i->disruptive = true; i->disruptive = true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

4
src/actions/deny.h
View File

@@ -27,10 +27,10 @@ namespace actions {
class Deny : public Action { class Deny : public Action {
public: public:
explicit Deny(std::string action); explicit Deny(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
void fill_intervention(ModSecurityIntervention *i) override; void fillIntervention(ModSecurityIntervention *i) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
}; };

13
src/actions/init_col.cc
View File

@@ -27,24 +27,19 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
InitCol::InitCol(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) {
}
bool InitCol::init(std::string *error) { bool InitCol::init(std::string *error) {
int posEquals = action.find("="); int posEquals = m_parser_payload.find("=");
int posInit = strlen("initcol:");
if (action.size() < 8) { if (m_parser_payload.size() < 8) {
return false; return false;
} }
if (posEquals == std::string::npos) { if (posEquals == std::string::npos) {
return false; return false;
} }
m_collection_key = std::string(action, posInit, posEquals - posInit); m_collection_key = std::string(m_parser_payload, 0, posEquals);
m_collection_value = std::string(action, posEquals + 1); m_collection_value = std::string(m_parser_payload, posEquals + 1);
if (m_collection_key != "ip" && m_collection_key != "global") { if (m_collection_key != "ip" && m_collection_key != "global") {
return false; return false;

2
src/actions/init_col.h
View File

@@ -29,7 +29,7 @@ namespace actions {
class InitCol : public Action { class InitCol : public Action {
public: public:
explicit InitCol(std::string action); explicit InitCol(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;

2
src/actions/log.cc
View File

@@ -23,6 +23,7 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
bool Log::evaluate(Rule *rule, Transaction *transaction) { bool Log::evaluate(Rule *rule, Transaction *transaction) {
transaction->m_toBeSavedInAuditlogs = true; transaction->m_toBeSavedInAuditlogs = true;
/* FIXME: transaction->serverLog("Something...."); */ /* FIXME: transaction->serverLog("Something...."); */
@@ -30,5 +31,6 @@ bool Log::evaluate(Rule *rule, Transaction *transaction) {
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

9
src/actions/log_data.cc
View File

@@ -27,16 +27,9 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
LogData::LogData(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
m_data(action) {
m_data.erase(0, 1);
m_data.pop_back();
}
bool LogData::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { bool LogData::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
std::string data = MacroExpansion::expand(m_data, transaction); std::string data = MacroExpansion::expand(m_parser_payload, transaction);
rm->m_data = data; rm->m_data = data;

6
src/actions/log_data.h
View File

@@ -29,13 +29,11 @@ namespace actions {
class LogData : public Action { class LogData : public Action {
public: public:
explicit LogData(std::string action); explicit LogData(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *rm) override; RuleMessage *rm) override;
private:
std::string m_data;
}; };

17
src/actions/maturity.cc
View File

@@ -27,14 +27,16 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Maturity::Maturity(std::string action)
: Action(action, ConfigurationKind), bool Maturity::init(std::string *error) {
m_maturity_str(action) { try {
if (m_maturity_str.at(0) == '\'') { m_maturity = std::stoi(m_parser_payload);
m_maturity_str.erase(0, 1); } catch (...) {
m_maturity_str.pop_back(); error->assign("Maturity: The input \"" + m_parser_payload + "\" is " \
"not a number.");
return false;
} }
m_maturity = std::stoi(m_maturity_str); return true;
} }
@@ -43,5 +45,6 @@ bool Maturity::evaluate(Rule *rule, Transaction *transaction) {
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

6
src/actions/maturity.h
View File

@@ -29,12 +29,14 @@ namespace actions {
class Maturity : public Action { class Maturity : public Action {
public: public:
explicit Maturity(std::string action); explicit Maturity(std::string action)
: Action(action, ConfigurationKind),
m_maturity(0) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private: private:
std::string m_maturity_str;
int m_maturity; int m_maturity;
}; };

9
src/actions/msg.cc
View File

@@ -45,16 +45,9 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Msg::Msg(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
m_msg(action) {
m_msg.erase(0, 1);
m_msg.pop_back();
}
bool Msg::evaluate(Rule *rule, Transaction *transaction) { bool Msg::evaluate(Rule *rule, Transaction *transaction) {
std::string msg = MacroExpansion::expand(m_msg, transaction); std::string msg = MacroExpansion::expand(m_parser_payload, transaction);
#ifndef NO_LOGS #ifndef NO_LOGS
transaction->debug(9, "Saving msg: " + msg); transaction->debug(9, "Saving msg: " + msg);

6
src/actions/msg.h
View File

@@ -29,12 +29,10 @@ namespace actions {
class Msg : public Action { class Msg : public Action {
public: public:
explicit Msg(std::string action); explicit Msg(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
private:
std::string m_msg;
}; };

2
src/actions/no_audit_log.cc
View File

@@ -23,10 +23,12 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
bool NoAuditLog::evaluate(Rule *rule, Transaction *transaction) { bool NoAuditLog::evaluate(Rule *rule, Transaction *transaction) {
transaction->m_toNotBeSavedInAuditLogs = true; transaction->m_toNotBeSavedInAuditLogs = true;
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

6
src/actions/pass.cc
View File

@@ -24,12 +24,6 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Pass::Pass(std::string action)
: Action(action) {
this->action = action;
this->action_kind = 2;
}
bool Pass::evaluate(Rule *rule, Transaction *transaction) { bool Pass::evaluate(Rule *rule, Transaction *transaction) {
transaction->m_actions.clear(); transaction->m_actions.clear();

2
src/actions/pass.h
View File

@@ -27,7 +27,7 @@ namespace actions {
class Pass : public Action { class Pass : public Action {
public: public:
explicit Pass(std::string action); explicit Pass(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }

46
src/actions/phase.cc
View File

@@ -26,51 +26,39 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Phase::Phase(std::string action) bool Phase::init(std::string *error) {
: Action(action), std::string a = tolower(m_parser_payload);
m_secRulesPhase(0),
phase(0) {
this->action_kind = ConfigurationKind;
std::string a = action;
a.erase(0, 6);
if (a.at(0) == '\'') {
a.erase(0, 1);
a.pop_back();
}
try { try {
this->phase = std::stoi(a); m_phase = std::stoi(m_parser_payload);
} catch (...) { } catch (...) {
this->phase = 0; m_phase = 0;
if (tolower(a) == "request") { if (a == "request") {
this->phase = ModSecurity::Phases::RequestHeadersPhase; m_phase = ModSecurity::Phases::RequestHeadersPhase;
m_secRulesPhase = 2; m_secRulesPhase = 2;
} }
if (tolower(a) == "response") { if (a == "response") {
this->phase = ModSecurity::Phases::ResponseBodyPhase; m_phase = ModSecurity::Phases::ResponseBodyPhase;
m_secRulesPhase = 4; m_secRulesPhase = 4;
} }
if (tolower(a) == "logging") { if (a == "logging") {
this->phase = ModSecurity::Phases::LoggingPhase; m_phase = ModSecurity::Phases::LoggingPhase;
m_secRulesPhase = 5; m_secRulesPhase = 5;
} }
} }
if (this->phase == 0) { if (m_phase == 0) {
/* Phase 0 is something new, we want to use as ConnectionPhase */ /* Phase 0 is something new, we want to use as ConnectionPhase */
this->phase = ModSecurity::Phases::ConnectionPhase; m_phase = ModSecurity::Phases::ConnectionPhase;
m_secRulesPhase = 1; m_secRulesPhase = 1;
} else { } else {
/* Otherwise we want to shift the rule to the correct phase */ /* Otherwise we want to shift the rule to the correct phase */
m_secRulesPhase = phase; m_secRulesPhase = m_phase;
this->phase = phase + 1; m_phase = m_phase + 1;
} }
}
if (m_phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
bool Phase::init(std::string *error) { error->assign("Unknown phase: " + std::to_string(m_phase));
if (phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
error->assign("Unknown phase: " + std::to_string(phase));
return false; return false;
} }
return true; return true;
@@ -78,7 +66,7 @@ bool Phase::init(std::string *error) {
bool Phase::evaluate(Rule *rule, Transaction *transaction) { bool Phase::evaluate(Rule *rule, Transaction *transaction) {
rule->phase = this->phase; rule->phase = m_phase;
return true; return true;
} }

7
src/actions/phase.h
View File

@@ -32,11 +32,14 @@ namespace actions {
class Phase : public Action { class Phase : public Action {
public: public:
explicit Phase(std::string action); explicit Phase(std::string action) : Action(action, ConfigurationKind),
m_secRulesPhase(0),
m_phase(0) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
int phase;
int m_phase;
int m_secRulesPhase; int m_secRulesPhase;
}; };

19
src/actions/redirect.cc
View File

@@ -24,20 +24,11 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Redirect::~Redirect() {
}
Redirect::Redirect(const std::string& action) bool Redirect::init(std::string *error) {
: Action(action, RunTimeOnlyIfMatchKind), m_url = m_parser_payload;
m_url(action) {
// m_url = m_url.erase(0, 9);
if (m_url.at(0) == '\'') {
m_url.erase(0, 1);
if (m_url.size() > 0) {
m_url.pop_back();
}
}
m_status = 302; m_status = 302;
return true;
} }
@@ -47,7 +38,8 @@ bool Redirect::evaluate(Rule *rule, Transaction *transaction) {
return true; return true;
} }
void Redirect::fill_intervention(ModSecurityIntervention *i) {
void Redirect::fillIntervention(ModSecurityIntervention *i) {
/* if it was changed before, lets keep it. */ /* if it was changed before, lets keep it. */
if (i->status == 200) { if (i->status == 200) {
i->status = m_status; i->status = m_status;
@@ -57,5 +49,6 @@ void Redirect::fill_intervention(ModSecurityIntervention *i) {
i->disruptive = true; i->disruptive = true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

8
src/actions/redirect.h
View File

@@ -30,12 +30,14 @@ namespace actions {
class Redirect : public Action { class Redirect : public Action {
public: public:
explicit Redirect(const std::string &action); explicit Redirect(const std::string &action)
~Redirect() override; : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
void fill_intervention(ModSecurityIntervention *i) override; bool init(std::string *error) override;
void fillIntervention(ModSecurityIntervention *i) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
private: private:
int m_status; int m_status;
std::string m_urlExpanded; std::string m_urlExpanded;

12
src/actions/rev.cc
View File

@@ -27,13 +27,10 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Rev::Rev(std::string action)
: Action(action, ConfigurationKind), bool Rev::init(std::string *error) {
m_rev(action) { m_rev = m_parser_payload;
if (m_rev.at(0) == '\'') { return true;
m_rev.erase(0, 1);
m_rev.pop_back();
}
} }
@@ -42,5 +39,6 @@ bool Rev::evaluate(Rule *rule, Transaction *transaction) {
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

3
src/actions/rev.h
View File

@@ -29,9 +29,10 @@ namespace actions {
class Rev : public Action { class Rev : public Action {
public: public:
explicit Rev(std::string action); explicit Rev(std::string action) : Action(action, ConfigurationKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private: private:
std::string m_rev; std::string m_rev;

10
src/actions/rule_id.cc
View File

@@ -24,15 +24,11 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
bool RuleId::init(std::string *error) { bool RuleId::init(std::string *error) {
std::string a = action; std::string a = m_parser_payload;
try { try {
a.erase(0, 3);
if (a.at(0) == '\'') {
a.erase(0, 1);
a.pop_back();
}
m_ruleId = std::stod(a); m_ruleId = std::stod(a);
} catch (...) { } catch (...) {
m_ruleId = 0; m_ruleId = 0;
@@ -51,10 +47,12 @@ bool RuleId::init(std::string *error) {
return true; return true;
} }
bool RuleId::evaluate(Rule *rule, Transaction *transaction) { bool RuleId::evaluate(Rule *rule, Transaction *transaction) {
rule->rule_id = m_ruleId; rule->rule_id = m_ruleId;
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

4
src/actions/set_sid.cc
View File

@@ -28,9 +28,11 @@ namespace actions {
bool SetSID::init(std::string *error) { bool SetSID::init(std::string *error) {
m_collection_key = std::string(action, 0, action.length()); m_collection_key = std::string(m_parser_payload, 0,
m_parser_payload.length());
if (m_collection_key.empty()) { if (m_collection_key.empty()) {
error->assign("Missing collection key");
return false; return false;
} }

1
src/actions/set_sid.h
View File

@@ -34,6 +34,7 @@ class SetSID : public Action {
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:
std::string m_collection_key; std::string m_collection_key;
}; };

4
src/actions/set_uid.cc
View File

@@ -28,9 +28,11 @@ namespace actions {
bool SetUID::init(std::string *error) { bool SetUID::init(std::string *error) {
m_collection_key = std::string(action, 0, action.length()); m_collection_key = std::string(m_parser_payload, 0,
m_parser_payload.length());
if (m_collection_key.empty()) { if (m_collection_key.empty()) {
error->assign("Missing collection key");
return false; return false;
} }

1
src/actions/set_uid.h
View File

@@ -34,6 +34,7 @@ class SetUID : public Action {
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:
std::string m_collection_key; std::string m_collection_key;
}; };

85
src/actions/set_var.cc
View File

@@ -26,65 +26,60 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
SetVar::SetVar(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) {
}
bool SetVar::init(std::string *error) { bool SetVar::init(std::string *error) {
size_t pos; size_t pos;
if (action.at(0) == '\'' && action.size() > 3) {
action.erase(0, 1);
action.pop_back();
}
// Resolv operation // Resolv operation
operation = setToOne; m_operation = setToOne;
pos = action.find("="); pos = m_parser_payload.find("=");
if (pos != std::string::npos) { if (pos != std::string::npos) {
operation = setOperation; m_operation = setOperation;
} }
pos = action.find("=+"); pos = m_parser_payload.find("=+");
if (pos != std::string::npos) { if (pos != std::string::npos) {
operation = sumAndSetOperation; m_operation = sumAndSetOperation;
} }
pos = action.find("=-"); pos = m_parser_payload.find("=-");
if (pos != std::string::npos) { if (pos != std::string::npos) {
operation = substractAndSetOperation; m_operation = substractAndSetOperation;
} }
// Collection name // Collection name
pos = action.find("."); pos = m_parser_payload.find(".");
if (pos != std::string::npos) { if (pos != std::string::npos) {
collectionName = std::string(action, 0, pos); m_collectionName = std::string(m_parser_payload, 0, pos);
collectionName = toupper(collectionName); m_collectionName = toupper(m_collectionName);
} else { } else {
error->assign("Missing the collection and/or variable name"); error->assign("Missing the collection and/or variable name");
return false; return false;
} }
// Variable name // Variable name
if (operation == setToOne) { if (m_operation == setToOne) {
variableName = std::string(action, pos + 1, action.length() m_variableName = std::string(m_parser_payload, pos + 1,
m_parser_payload.length()
- (pos + 1)); - (pos + 1));
} else { } else {
size_t pos2 = action.find("="); size_t pos2 = m_parser_payload.find("=");
variableName = std::string(action, pos + 1, pos2 - (pos + 1)); m_variableName = std::string(m_parser_payload, pos + 1,
if (pos2 + 2 > action.length()) { pos2 - (pos + 1));
if (pos2 + 2 > m_parser_payload.length()) {
error->assign("Something wrong with the input format"); error->assign("Something wrong with the input format");
return false; return false;
} }
if (operation == setOperation) { if (m_operation == setOperation) {
predicate = std::string(action, pos2 + 1, action.length() - (pos2)); m_predicate = std::string(m_parser_payload, pos2 + 1,
m_parser_payload.length() - (pos2));
} else { } else {
predicate = std::string(action, pos2 + 2, action.length() m_predicate = std::string(m_parser_payload, pos2 + 2,
m_parser_payload.length()
- (pos2 + 1)); - (pos2 + 1));
} }
} }
if (collectionName.empty() || variableName.empty()) { if (m_collectionName.empty() || m_variableName.empty()) {
error->assign("Something wrong with the input format"); error->assign("Something wrong with the input format");
return false; return false;
} }
@@ -92,22 +87,17 @@ bool SetVar::init(std::string *error) {
return true; return true;
} }
void SetVar::dump() {
std::cout << " Operation: " << std::to_string(operation) << std::endl;
std::cout << "Collection: " << collectionName << std::endl;
std::cout << " Variable: " << variableName << std::endl;
std::cout << " Predicate: " << predicate << std::endl;
}
bool SetVar::evaluate(Rule *rule, Transaction *transaction) { bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {
std::string targetValue; std::string targetValue;
std::string variableNameExpanded = MacroExpansion::expand(variableName, std::string m_variableNameExpanded = MacroExpansion::expand(m_variableName,
transaction); transm_parser_payload);
std::string resolvedPre = MacroExpansion::expand(predicate, transaction); std::string resolvedPre = MacroExpansion::expand(m_predicate,
transm_parser_payload);
if (operation == setOperation) { if (m_operation == setOperation) {
targetValue = resolvedPre; targetValue = resolvedPre;
} else if (operation == setToOne) { } else if (m_operation == setToOne) {
targetValue = std::string("1"); targetValue = std::string("1");
} else { } else {
int pre = 0; int pre = 0;
@@ -121,8 +111,9 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) {
try { try {
std::string *resolvedValue = std::string *resolvedValue =
transaction->m_collections.resolveFirst(collectionName, transm_parser_payload->m_collections.resolveFirst(
variableNameExpanded); m_collectionName,
m_variableNameExpanded);
if (resolvedValue == NULL) { if (resolvedValue == NULL) {
value = 0; value = 0;
} else { } else {
@@ -132,7 +123,7 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) {
value = 0; value = 0;
} }
switch (operation) { switch (m_operation) {
case sumAndSetOperation: case sumAndSetOperation:
targetValue = std::to_string(value + pre); targetValue = std::to_string(value + pre);
break; break;
@@ -143,11 +134,11 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) {
} }
#ifndef NO_LOGS #ifndef NO_LOGS
transaction->debug(8, "Saving variable: " + collectionName + ":" + \ transm_parser_payload->debug(8, "Saving variable: " + m_collectionName \
variableNameExpanded + " with value: " + targetValue); + ":" + m_variableNameExpanded + " with value: " + targetValue);
#endif #endif
transaction->m_collections.storeOrUpdateFirst(collectionName, transm_parser_payload->m_collections.storeOrUpdateFirst(m_collectionName,
variableNameExpanded, targetValue); m_variableNameExpanded, targetValue);
return true; return true;
} }

13
src/actions/set_var.h
View File

@@ -29,16 +29,11 @@ namespace actions {
class SetVar : public Action { class SetVar : public Action {
public: public:
explicit SetVar(std::string action); explicit SetVar(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
void dump();
bool init(std::string *error) override; bool init(std::string *error) override;
std::string collectionName;
std::string variableName;
std::string predicate;
enum SetVarOperation { enum SetVarOperation {
/* Set variable to something */ /* Set variable to something */
setOperation, setOperation,
@@ -50,7 +45,11 @@ class SetVar : public Action {
setToOne setToOne
}; };
SetVarOperation operation; private:
SetVarOperation m_operation;
std::string m_collectionName;
std::string m_variableName;
std::string m_predicate;
}; };
} // namespace actions } // namespace actions

57
src/actions/severity.cc
View File

@@ -26,28 +26,44 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Severity::Severity(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { bool Severity::init(std::string *error) {
std::string a = action; std::string a = tolower(m_parser_payload);
if (tolower(a) == "emergency") { if (a == "emergency") {
this->m_severity = 0; m_severity = 0;
} else if (tolower(a) == "alert") { return true;
this->m_severity = 1; } else if (a == "alert") {
} else if (tolower(a) == "critical") { m_severity = 1;
this->m_severity = 2; return true;
} else if (tolower(a) == "error") { } else if (a == "critical") {
this->m_severity = 3; m_severity = 2;
} else if (tolower(a) == "warning") { return true;
this->m_severity = 4; } else if (a == "error") {
} else if (tolower(a) == "notice") { m_severity = 3;
this->m_severity = 5; return true;
} else if (tolower(a) == "info") { } else if (a == "warning") {
this->m_severity = 6; m_severity = 4;
} else if (tolower(a) == "debug") { return true;
this->m_severity = 7; } else if (a == "notice") {
m_severity = 5;
return true;
} else if (a == "info") {
m_severity = 6;
return true;
} else if (a == "debug") {
m_severity = 7;
return true;
} else { } else {
this->m_severity = std::stod(a); try {
m_severity = std::stoi(a);
return true;
} catch (...) {
error->assign("Severity: The input \"" + a + "\" is " \
"not a number.");
} }
}
return false;
} }
@@ -67,5 +83,6 @@ bool Severity::evaluate(Rule *rule, Transaction *transaction,
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

7
src/actions/severity.h
View File

@@ -21,7 +21,6 @@
#define SRC_ACTIONS_SEVERITY_H_ #define SRC_ACTIONS_SEVERITY_H_
#ifdef __cplusplus #ifdef __cplusplus
class Transaction;
namespace modsecurity { namespace modsecurity {
class Transaction; class Transaction;
@@ -31,15 +30,19 @@ namespace actions {
class Severity : public Action { class Severity : public Action {
public: public:
explicit Severity(std::string action); explicit Severity(std::string action)
: Action(action),
m_severity(0) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *rm) override; RuleMessage *rm) override;
bool init(std::string *error);
private: private:
int m_severity; int m_severity;
}; };
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity
#endif #endif

10
src/actions/skip_after.cc
View File

@@ -25,19 +25,15 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
SkipAfter::SkipAfter(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
m_marker(action) {
}
bool SkipAfter::evaluate(Rule *rule, Transaction *transaction) { bool SkipAfter::evaluate(Rule *rule, Transaction *transaction) {
#ifndef NO_LOGS #ifndef NO_LOGS
transaction->debug(5, "Setting skipAfter for: " + m_marker); transaction->debug(5, "Setting skipAfter for: " + m_parser_payload);
#endif #endif
transaction->m_marker = m_marker; transaction->m_marker = m_parser_payload;
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

6
src/actions/skip_after.h
View File

@@ -29,12 +29,10 @@ namespace actions {
class SkipAfter : public Action { class SkipAfter : public Action {
public: public:
explicit SkipAfter(std::string action); explicit SkipAfter(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
private:
std::string m_marker;
}; };

22
src/actions/status.cc
View File

@@ -23,13 +23,16 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Status::Status(std::string action)
: Action(action) { bool Status::init(std::string *error) {
std::string a = action; try {
a.erase(0, 7); m_status = std::stoi(m_parser_payload);
this->action = action; } catch (...) {
this->action_kind = 2; error->assign("Not a valid number: " + m_parser_payload);
this->status = stoi(a); return false;
}
return true;
} }
@@ -39,10 +42,11 @@ bool Status::evaluate(Rule *rule, Transaction *transaction) {
} }
void Status::fill_intervention(ModSecurityIntervention *i) { void Status::fillIntervention(ModSecurityIntervention *i) {
i->status = this->status; i->status = m_status;
i->log = "Status"; i->log = "Status";
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

9
src/actions/status.h
View File

@@ -29,11 +29,14 @@ namespace actions {
class Status : public Action { class Status : public Action {
public: public:
explicit Status(std::string actions); explicit Status(std::string action) : Action(action, 2) { }
bool init(std::string *error);
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;
void fill_intervention(ModSecurityIntervention *i) override; void fillIntervention(ModSecurityIntervention *i) override;
int status;
protected:
int m_status;
}; };
} // namespace actions } // namespace actions

10
src/actions/tag.cc
View File

@@ -49,16 +49,9 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Tag::Tag(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
m_tag(action) {
m_tag.erase(0, 1);
m_tag.pop_back();
}
bool Tag::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { bool Tag::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
std::string tag = MacroExpansion::expand(m_tag, transaction); std::string tag = MacroExpansion::expand(m_parser_payload, transaction);
#ifndef NO_LOGS #ifndef NO_LOGS
transaction->debug(9, "Rule tag: " + tag); transaction->debug(9, "Rule tag: " + tag);
@@ -69,5 +62,6 @@ bool Tag::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

6
src/actions/tag.h
View File

@@ -29,13 +29,11 @@ namespace actions {
class Tag : public Action { class Tag : public Action {
public: public:
explicit Tag(std::string action); explicit Tag(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *rm) override; RuleMessage *rm) override;
private:
std::string m_tag;
}; };

12
src/actions/ver.cc
View File

@@ -27,20 +27,12 @@
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
Ver::Ver(std::string action)
: Action(action, ConfigurationKind),
m_ver(action) {
if (m_ver.at(0) == '\'') {
m_ver.erase(0, 1);
m_ver.pop_back();
}
}
bool Ver::evaluate(Rule *rule, Transaction *transaction) { bool Ver::evaluate(Rule *rule, Transaction *transaction) {
rule->m_ver = m_ver; rule->m_ver = m_parser_payload;
return true; return true;
} }
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

2
src/actions/ver.h
View File

@@ -29,7 +29,7 @@ namespace actions {
class Ver : public Action { class Ver : public Action {
public: public:
explicit Ver(std::string action); explicit Ver(std::string action) : Action(action, ConfigurationKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction) override;

8
src/actions/xmlns.cc
View File

@@ -30,15 +30,15 @@ bool XmlNS::init(std::string *error) {
size_t pos; size_t pos;
std::string http = "http://"; std::string http = "http://";
pos = action.find("="); pos = m_parser_payload.find("=");
if (pos == std::string::npos) { if (pos == std::string::npos) {
error->assign("XMLS: Bad format, missing equals sign."); error->assign("XMLS: Bad format, missing equals sign.");
return false; return false;
} }
m_name = std::string(action, 0, pos); m_name = std::string(m_parser_payload, 0, pos);
m_value = std::string(action, pos+1, action.size()); m_value = std::string(m_parser_payload, pos+1, m_parser_payload.size());
if (m_value.empty() or m_name.empty()) { if (m_value.empty() || m_name.empty()) {
error->assign("XMLS: XMLNS is invalid. Expecting a " \ error->assign("XMLS: XMLNS is invalid. Expecting a " \
"name=value format."); "name=value format.");
return false; return false;

79
src/parser/seclang-parser.yy
View File

@@ -481,7 +481,7 @@ expression:
for (Action *a : *actions) { for (Action *a : *actions) {
Phase *phase = dynamic_cast<Phase *>(a); Phase *phase = dynamic_cast<Phase *>(a);
if (phase != NULL) { if (phase != NULL) {
definedPhase = phase->phase; definedPhase = phase->m_phase;
secRuleDefinedPhase = phase->m_secRulesPhase; secRuleDefinedPhase = phase->m_secRulesPhase;
delete phase; delete phase;
} else if (a->action_kind == Action::RunTimeOnlyIfMatchKind || } else if (a->action_kind == Action::RunTimeOnlyIfMatchKind ||
@@ -493,7 +493,7 @@ expression:
} }
checkedActions.push_back(a); checkedActions.push_back(a);
} else { } else {
driver.error(@0, "The action '" + a->action + "' is not suitable to be part of the SecDefaultActions"); driver.error(@0, "The action '" + a->m_name + "' is not suitable to be part of the SecDefaultActions");
YYERROR; YYERROR;
} }
} }
@@ -863,11 +863,21 @@ act:
} }
| TRANSFORMATION | TRANSFORMATION
{ {
std::string error;
$$ = Transformation::instantiate($1); $$ = Transformation::instantiate($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_ACCURACY | ACTION_ACCURACY
{ {
std::string error;
$$ = new Accuracy($1); $$ = new Accuracy($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_EXEC | ACTION_EXEC
{ {
@@ -907,15 +917,30 @@ act:
} }
| ACTION_REDIRECT | ACTION_REDIRECT
{ {
std::string error;
$$ = new Redirect($1); $$ = new Redirect($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_SEVERITY | ACTION_SEVERITY
{ {
std::string error;
$$ = new Severity($1); $$ = new Severity($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_EXPIREVAR | ACTION_EXPIREVAR
{ {
std::string error;
$$ = Action::instantiate($1); $$ = Action::instantiate($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_SETENV | ACTION_SETENV
{ {
@@ -973,6 +998,7 @@ act:
} }
| ACTION_SKIP | ACTION_SKIP
{ {
std::string error;
/* /*
TODO: skip is not implemented yet. TODO: skip is not implemented yet.
@@ -980,38 +1006,82 @@ act:
$$ = new modsecurity::actions::SkipAfter($1); $$ = new modsecurity::actions::SkipAfter($1);
*/ */
$$ = Action::instantiate($1); $$ = Action::instantiate($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_SKIP_AFTER | ACTION_SKIP_AFTER
{ {
std::string error;
$$ = new modsecurity::actions::SkipAfter($1); $$ = new modsecurity::actions::SkipAfter($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_AUDIT_LOG | ACTION_AUDIT_LOG
{ {
std::string error;
$$ = new modsecurity::actions::AuditLog($1); $$ = new modsecurity::actions::AuditLog($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| LOG_DATA | LOG_DATA
{ {
std::string error;
$$ = new LogData($1); $$ = new LogData($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_MSG | ACTION_MSG
{ {
std::string error;
$$ = new Msg($1); $$ = new Msg($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_TAG | ACTION_TAG
{ {
std::string error;
$$ = new Tag($1); $$ = new Tag($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_REV | ACTION_REV
{ {
std::string error;
$$ = new Rev($1); $$ = new Rev($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_VER | ACTION_VER
{ {
std::string error;
$$ = new Ver($1); $$ = new Ver($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_MATURITY | ACTION_MATURITY
{ {
std::string error;
$$ = new Maturity($1); $$ = new Maturity($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_XMLNS | ACTION_XMLNS
{ {
@@ -1034,7 +1104,12 @@ act:
} }
| ACTION_CTL_AUDIT_LOG_PARTS | ACTION_CTL_AUDIT_LOG_PARTS
{ {
std::string error;
$$ = new CtlAuditLogParts($1); $$ = new CtlAuditLogParts($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
} }
| ACTION_CTL_FORCE_REQ_BODY_VAR CONFIG_VALUE_ON | ACTION_CTL_FORCE_REQ_BODY_VAR CONFIG_VALUE_ON
{ {

72
src/parser/seclang-scanner.ll
View File

@@ -320,89 +320,89 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
{ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); } {ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }
{ACTION_PHASE} { return yy::seclang_parser::make_ACTION_PHASE(yytext, *driver.loc.back()); } {ACTION_PHASE} { return yy::seclang_parser::make_ACTION_PHASE(yytext, *driver.loc.back()); }
{ACTION_SKIP}:{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_ACTION_SKIP(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_SKIP}:{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_ACTION_SKIP(yytext, *driver.loc.back()); }
{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_SKIP_AFTER(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_SKIP_AFTER(yytext, *driver.loc.back()); }
{ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); } {ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return yy::seclang_parser::make_ACTION_SEVERITY(yytext + 9, *driver.loc.back()); } {ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return yy::seclang_parser::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return yy::seclang_parser::make_ACTION_SEVERITY(std::string(yytext, 10, yyleng - 11), *driver.loc.back()); } {ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return yy::seclang_parser::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
{ACTION_EXEC}:'{VAR_FREE_TEXT_QUOTE}' { {ACTION_EXEC}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_EXEC(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_EXEC(yytext, *driver.loc.back());
} }
{ACTION_EXEC}:{VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_EXEC}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_EXEC(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_EXEC(yytext, *driver.loc.back());
} }
{ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { {ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back());
} }
{ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}' { {ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back());
} }
{ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back());
} }
{ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back());
} }
{ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { {ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETENV(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back());
} }
{ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}' { {ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETENV(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back());
} }
{ACTION_SETENV}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_SETENV}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETENV(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back());
} }
{ACTION_SETENV}:{VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_SETENV}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETENV(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back());
} }
{ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETSID(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETSID(yytext, *driver.loc.back());
} }
{ACTION_SETSID}:'{VAR_FREE_TEXT_QUOTE}' { {ACTION_SETSID}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETSID(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETSID(yytext, *driver.loc.back());
} }
{ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETUID(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETUID(yytext, *driver.loc.back());
} }
{ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' { {ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETUID(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETUID(yytext, *driver.loc.back());
} }
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { {ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back());
} }
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}' { {ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back());
} }
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back());
} }
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back());
} }
{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_XMLNS(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_XMLNS(yytext, *driver.loc.back()); }
{LOG_DATA}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_LOG_DATA(strchr(yytext, ':') + 1, *driver.loc.back()); } {LOG_DATA}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_LOG_DATA(yytext, *driver.loc.back()); }
{ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MSG(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MSG(yytext, *driver.loc.back()); }
{ACTION_ALLOW}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ALLOW(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_ALLOW}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ALLOW(yytext, *driver.loc.back()); }
{ACTION_ALLOW}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_ALLOW(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_ALLOW}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_ALLOW(yytext, *driver.loc.back()); }
{ACTION_ALLOW} { return yy::seclang_parser::make_ACTION_ALLOW("", *driver.loc.back()); } {ACTION_ALLOW} { return yy::seclang_parser::make_ACTION_ALLOW("", *driver.loc.back()); }
{ACTION_REDIRECT}:{FREE_TEXT} { return yy::seclang_parser::make_ACTION_REDIRECT(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_REDIRECT}:{FREE_TEXT} { return yy::seclang_parser::make_ACTION_REDIRECT(yytext, *driver.loc.back()); }
{ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_TAG(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_TAG(yytext, *driver.loc.back()); }
{ACTION_REV}:'{FREE_TEXT_QUOTE_COMMA}' { return yy::seclang_parser::make_ACTION_REV(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_REV}:'{FREE_TEXT_QUOTE_COMMA}' { return yy::seclang_parser::make_ACTION_REV(yytext, *driver.loc.back()); }
{ACTION_REV}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_REV(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_REV}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_REV(yytext, *driver.loc.back()); }
{ACTION_VER}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_VER(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_VER}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_VER(yytext, *driver.loc.back()); }
{ACTION_MATURITY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MATURITY(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_MATURITY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MATURITY(yytext, *driver.loc.back()); }
{ACTION_MATURITY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_MATURITY(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_MATURITY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_MATURITY(yytext, *driver.loc.back()); }
{ACTION_ACCURACY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ACCURACY(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_ACCURACY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
{ACTION_ACCURACY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_ACCURACY(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_ACCURACY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
{ACTION_CTL_BDY_XML} { return yy::seclang_parser::make_ACTION_CTL_BDY_XML(yytext, *driver.loc.back()); } {ACTION_CTL_BDY_XML} { return yy::seclang_parser::make_ACTION_CTL_BDY_XML(yytext, *driver.loc.back()); }
{ACTION_CTL_BDY_JSON} { return yy::seclang_parser::make_ACTION_CTL_BDY_JSON(yytext, *driver.loc.back()); } {ACTION_CTL_BDY_JSON} { return yy::seclang_parser::make_ACTION_CTL_BDY_JSON(yytext, *driver.loc.back()); }
{ACTION_INITCOL}:{COL_NAME}={COL_FREE_TEXT_SPACE_COMMA} { return yy::seclang_parser::make_ACTION_INITCOL(yytext, *driver.loc.back()); } {ACTION_INITCOL}:{COL_NAME}={COL_FREE_TEXT_SPACE_COMMA} { return yy::seclang_parser::make_ACTION_INITCOL(yytext, *driver.loc.back()); }

41
src/rule.cc
View File

@@ -116,7 +116,7 @@ Rule::Rule(Operator *_op,
} else if (a->action_kind == Action::RunTimeOnlyIfMatchKind) { } else if (a->action_kind == Action::RunTimeOnlyIfMatchKind) {
actions_runtime_pos.push_back(a); actions_runtime_pos.push_back(a);
} else { } else {
std::cout << "General failure, action: " << a->name; std::cout << "General failure, action: " << a->m_name;
std::cout << " has an unknown type." << std::endl; std::cout << " has an unknown type." << std::endl;
delete a; delete a;
} }
@@ -141,13 +141,13 @@ Rule::Rule(Operator *_op,
std::vector<std::string> Rule::getActionNames() { std::vector<std::string> Rule::getActionNames() {
std::vector<std::string> a; std::vector<std::string> a;
for (auto &z : this->actions_runtime_pos) { for (auto &z : this->actions_runtime_pos) {
a.push_back(z->action); a.push_back(z->m_name);
} }
for (auto &z : this->actions_runtime_pre) { for (auto &z : this->actions_runtime_pre) {
a.push_back(z->action); a.push_back(z->m_name);
} }
for (auto &z : this->actions_conf) { for (auto &z : this->actions_conf) {
a.push_back(z->action); a.push_back(z->m_name);
} }
return a; return a;
@@ -201,7 +201,7 @@ bool Rule::evaluateActions(Transaction *trasn) {
if (a->isDisruptive() == false) { if (a->isDisruptive() == false) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "Running (_non_ disruptive) action: " + trasn->debug(4, "Running (_non_ disruptive) action: " +
a->action); a->m_name);
#endif #endif
a->evaluate(this, trasn); a->evaluate(this, trasn);
} else { } else {
@@ -215,7 +215,7 @@ bool Rule::evaluateActions(Transaction *trasn) {
if (containsDisruptive) { if (containsDisruptive) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "(SecDefaultAction) " \ trasn->debug(4, "(SecDefaultAction) " \
"_ignoring_ action: " + a->action + \ "_ignoring_ action: " + a->m_name + \
" (rule contains a disruptive action)"); " (rule contains a disruptive action)");
#endif #endif
} else { } else {
@@ -223,7 +223,7 @@ bool Rule::evaluateActions(Transaction *trasn) {
== Rules::EnabledRuleEngine) { == Rules::EnabledRuleEngine) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "(SecDefaultAction) " \ trasn->debug(4, "(SecDefaultAction) " \
"Running action: " + a->action + \ "Running action: " + a->m_name + \
" (rule _does not_ contains a " \ " (rule _does not_ contains a " \
"disruptive action)"); "disruptive action)");
#endif #endif
@@ -231,7 +231,7 @@ bool Rule::evaluateActions(Transaction *trasn) {
} else { } else {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "(SecDefaultAction) " \ trasn->debug(4, "(SecDefaultAction) " \
"_Not_ running action: " + a->action + \ "_Not_ running action: " + a->m_name + \
". Rule _does not_ contains a " \ ". Rule _does not_ contains a " \
"disruptive action, but SecRuleEngine is not On."); "disruptive action, but SecRuleEngine is not On.");
#endif #endif
@@ -240,7 +240,7 @@ bool Rule::evaluateActions(Transaction *trasn) {
} else { } else {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "(SecDefaultAction) Running action: " + \ trasn->debug(4, "(SecDefaultAction) Running action: " + \
a->action); a->m_name);
a->evaluate(this, trasn); a->evaluate(this, trasn);
#endif #endif
} }
@@ -252,13 +252,13 @@ bool Rule::evaluateActions(Transaction *trasn) {
&& trasn->m_rules->secRuleEngine && trasn->m_rules->secRuleEngine
== Rules::EnabledRuleEngine) { == Rules::EnabledRuleEngine) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "Running (disruptive) action: " + a->action); trasn->debug(4, "Running (disruptive) action: " + a->m_name);
#endif #endif
a->evaluate(this, trasn); a->evaluate(this, trasn);
} else if (a->isDisruptive()) { } else if (a->isDisruptive()) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "Not running disruptive action: " + \ trasn->debug(4, "Not running disruptive action: " + \
a->action + ". SecRuleEngine is not On"); a->m_name + ". SecRuleEngine is not On");
#endif #endif
} }
} }
@@ -353,7 +353,7 @@ bool Rule::evaluate(Transaction *trasn) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(9, "(SecDefaultAction) T (" + \ trasn->debug(9, "(SecDefaultAction) T (" + \
std::to_string(transformations) + ") " + \ std::to_string(transformations) + ") " + \
a->name + ": \"" + value +"\""); a->m_name + ": \"" + value +"\"");
#endif #endif
transformations++; transformations++;
} }
@@ -366,7 +366,7 @@ bool Rule::evaluate(Transaction *trasn) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(9, " T (" + \ trasn->debug(9, " T (" + \
std::to_string(transformations) + ") " + \ std::to_string(transformations) + ") " + \
a->name + ": \"" + value +"\""); a->m_name + ": \"" + value +"\"");
#endif #endif
transformations++; transformations++;
} }
@@ -439,7 +439,7 @@ bool Rule::evaluate(Transaction *trasn) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, trasn->debug(4,
"(SecDefaultAction) _ignoring_ " \ "(SecDefaultAction) _ignoring_ " \
"action: " + a->action + \ "action: " + a->m_name + \
" (rule contains a disruptive action)"); " (rule contains a disruptive action)");
#endif #endif
} else { } else {
@@ -447,7 +447,7 @@ bool Rule::evaluate(Transaction *trasn) {
== Rules::EnabledRuleEngine) { == Rules::EnabledRuleEngine) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "(SecDefaultAction) " \ trasn->debug(4, "(SecDefaultAction) " \
"Running action: " + a->action + \ "Running action: " + a->m_name + \
" (rule _does not_ contains a " \ " (rule _does not_ contains a " \
"disruptive action)"); "disruptive action)");
#endif #endif
@@ -456,7 +456,7 @@ bool Rule::evaluate(Transaction *trasn) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "(SecDefaultAction) " \ trasn->debug(4, "(SecDefaultAction) " \
"_Not_ running action: " \ "_Not_ running action: " \
+ a->action + ". Rule _does not_" \ + a->m_name + ". Rule _does not_" \
+ " contains a disruptive action,"\ + " contains a disruptive action,"\
+ " but SecRuleEngine is not On."); + " but SecRuleEngine is not On.");
#endif #endif
@@ -465,7 +465,7 @@ bool Rule::evaluate(Transaction *trasn) {
} else { } else {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "(SecDefaultAction) Running " \ trasn->debug(4, "(SecDefaultAction) Running " \
"action: " + a->action + "!!" \ "action: " + a->m_name + "!!" \
+ std::to_string(a->isDisruptive())); + std::to_string(a->isDisruptive()));
#endif #endif
a->evaluate(this, trasn); a->evaluate(this, trasn);
@@ -479,19 +479,20 @@ bool Rule::evaluate(Transaction *trasn) {
== Rules::EnabledRuleEngine) { == Rules::EnabledRuleEngine) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "Running (disruptive) " \ trasn->debug(4, "Running (disruptive) " \
"action: " + a->action); "action: " + a->m_name);
#endif #endif
a->evaluate(this, trasn); a->evaluate(this, trasn);
} else if (a->isDisruptive()) { } else if (a->isDisruptive()) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, trasn->debug(4,
"Not running disruptive action: " + \ "Not running disruptive action: " + \
a->action + ". SecRuleEngine is not On"); a->m_name + ". SecRuleEngine " + \
"is not On");
#endif #endif
} else if (!a->isDisruptive()) { } else if (!a->isDisruptive()) {
#ifndef NO_LOGS #ifndef NO_LOGS
trasn->debug(4, "Running (_non_ disruptive) " \ trasn->debug(4, "Running (_non_ disruptive) " \
"action: " + a->action); "action: " + a->m_name);
#endif #endif
a->evaluate(this, trasn, ruleMessage); a->evaluate(this, trasn, ruleMessage);
} }

2
src/transaction.cc
View File

@@ -1268,7 +1268,7 @@ bool Transaction::intervention(ModSecurityIntervention *it) {
if (m_actions.size() > 0) { if (m_actions.size() > 0) {
for (Action *a : m_actions) { for (Action *a : m_actions) {
if (a->action_kind == Action::Kind::RunTimeOnlyIfMatchKind) { if (a->action_kind == Action::Kind::RunTimeOnlyIfMatchKind) {
a->fill_intervention(it); a->fillIntervention(it);
} }
if (a->temporaryAction) { if (a->temporaryAction) {
delete a; delete a;

4
test/test-cases/regression/action-id.json
View File

@@ -128,7 +128,7 @@
] ]
}, },
"expected":{ "expected":{
"debug_log": " trim: \"value2\"" "debug_log": " t:trim: \"value2\""
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",
@@ -174,7 +174,7 @@
] ]
}, },
"expected":{ "expected":{
"debug_log": " trim: \"value2\"" "debug_log": " t:trim: \"value2\""
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",

12
test/test-cases/regression/actions.json
View File

@@ -49,7 +49,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 403 "http_code": 403
}, },
@@ -110,7 +110,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 302, "http_code": 302,
"redirect_url": "http://www.google.com" "redirect_url": "http://www.google.com"
@@ -172,7 +172,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 500, "http_code": 500,
"redirect_url": "http://www.google.com" "redirect_url": "http://www.google.com"
@@ -234,7 +234,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 500 "http_code": 500
}, },
@@ -295,7 +295,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 500 "http_code": 500
}, },
@@ -356,7 +356,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 500 "http_code": 500
}, },

6
test/test-cases/regression/auditlog.json
View File

@@ -40,7 +40,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 403 "http_code": 403
}, },
@@ -99,7 +99,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 403 "http_code": 403
}, },
@@ -159,7 +159,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) trim: \"test", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "", "error_log": "",
"http_code": 403 "http_code": 403
}, },

2
test/test-cases/regression/config-response_type.json
View File

@@ -31,7 +31,7 @@
] ]
}, },
"expected":{ "expected":{
"debug_log":"T \\(0\\) trim: \"no need.\"" "debug_log":"T \\(0\\) t:trim: \"no need.\""
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",

2
test/test-cases/regression/config-secdefaultaction.json
View File

@@ -205,7 +205,7 @@
"version_max":0, "version_max":0,
"title":"Testing action :: SecDefaultAction: action not suitable", "title":"Testing action :: SecDefaultAction: action not suitable",
"expected":{ "expected":{
"parser_error":"The action 'id:1' is not suitable to be part of the SecDefaultActions" "parser_error":"The action 'id' is not suitable to be part of the SecDefaultActions"
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",

2
test/test-cases/regression/transformations.json
View File

@@ -49,7 +49,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": " trim: \"test\"", "debug_log": " t:trim: \"test\"",
"error_log": "" "error_log": ""
}, },
"rules": [ "rules": [

2
test/test-cases/regression/variable-FILES.json
View File

@@ -51,7 +51,7 @@
] ]
}, },
"expected":{ "expected":{
"debug_log":"T \\(1\\) trim: \"small_text_file" "debug_log":"T \\(1\\) t:trim: \"small_text_file"
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",

2
test/test-cases/regression/variable-FILES_NAMES.json
View File

@@ -51,7 +51,7 @@
] ]
}, },
"expected":{ "expected":{
"debug_log":"T \\(1\\) trim: \"filedata" "debug_log":"T \\(1\\) t:trim: \"filedata"
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",