github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-13 06:57:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Replace the 2.5.1-rc1 tag for release.

Browse Source
This commit is contained in:
brectanus
2008-03-07 20:37:45 +00:00
parent e14f8e05ca 024e854725
commit 988fa5f786
3 changed files with 24 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@@ -1,6 +1,9 @@
04 Mar 2008 - 2.5.1-rc1 07 Mar 2008 - 2.5.1-rc1
----------------------- -----------------------
* Fixed an issue where a match would not occur if transformation caching
was enabled.
* Using "severity" in a default action is now just a warning. * Using "severity" in a default action is now just a warning.
* Cleaned up the "make test" target to better locate headers/libraries. * Cleaned up the "make test" target to better locate headers/libraries.

4
apache2/re.c
View File

@@ -735,6 +735,8 @@ void msre_engine_destroy(msre_engine *engine) {
* transaction phase. * transaction phase.
*/ */
#if defined(PERFORMANCE_MEASUREMENT) #if defined(PERFORMANCE_MEASUREMENT)
static apr_status_t msre_ruleset_process_phase_(msre_ruleset *ruleset, modsec_rec *msr);
apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr) { apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr) {
apr_array_header_t *arr = NULL; apr_array_header_t *arr = NULL;
msre_rule **rules = NULL; msre_rule **rules = NULL;
@@ -1986,6 +1988,8 @@ static apr_status_t msre_rule_process_normal(msre_rule *rule, modsec_rec *msr) {
return -1; return -1;
} }
if (rc == RULE_MATCH) { if (rc == RULE_MATCH) {
match_count++;
/* Return straight away if the transaction /* Return straight away if the transaction
* was intercepted - no need to process the remaining * was intercepted - no need to process the remaining
* targets. * targets.

20
doc/modsecurity2-apache-reference.xml
View File

@@ -4,7 +4,7 @@
Manual</title> Manual</title>
<articleinfo> <articleinfo>
<releaseinfo>Version 2.5.1-rc1 (March 04, 2008)</releaseinfo> <releaseinfo>Version 2.5.1-rc1 (March 07, 2008)</releaseinfo>
<copyright> <copyright>
<year>2004-2008</year> <year>2004-2008</year>
@@ -4606,14 +4606,26 @@ SecRule ARGS "attack" <emphasis>multiMatch</emphasis></programlisting>
<para><emphasis>Action Group:</emphasis> Disruptive</para> <para><emphasis>Action Group:</emphasis> Disruptive</para>
<para>Example:</para> <para>Example1:</para>
<programlisting format="linespecific">SecRule REQUEST_HEADERS:User-Agent "Test" log,<emphasis>pass</emphasis></programlisting> <programlisting format="linespecific">SecRule REQUEST_HEADERS:User-Agent "Test" log,<emphasis>pass</emphasis></programlisting>
<para>When using <emphasis>pass</emphasis> with SecRule with multiple
targets, <emphasis>all</emphasis> targets will be processed and
<emphasis>all</emphasis> non-disruptive actions will trigger for
<emphasis>every</emphasis> match found. In the second example the
TX:test target would be incremented by 1 for each matching
argument.</para>
<para>Example2:</para>
<programlisting format="linespecific">SecRule ARGS "test" log,<emphasis>pass</emphasis>,setvar:TX.test=+1</programlisting>
<para><emphasis>Note</emphasis></para> <para><emphasis>Note</emphasis></para>
<para>Transaction will not be interrupted but it will be logged (unless <para>The transaction will not be interrupted but a log will be
logging has been suppressed).</para> generated for each matching target (unless logging has been
suppressed).</para>
</section> </section>
<section> <section>