From 9bd37ccb6391247c79218bbc09b4a5fe2820f8ec Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Mon, 28 Nov 2016 10:07:19 -0300 Subject: [PATCH] Refactoring: Rule class --- headers/modsecurity/rule_message.h | 18 ++---------------- src/actions/log_data.cc | 1 + src/rule.cc | 5 +++-- .../regression/action-disruptive.json | 2 +- test/test-cases/regression/secaction.json | 2 +- test/test-cases/regression/secruleengine.json | 4 ++-- test/test-cases/regression/variable-FILES.json | 2 +- .../regression/variable-FILES_NAMES.json | 2 +- test/test-cases/regression/variable-RULE.json | 4 ++-- 9 files changed, 14 insertions(+), 26 deletions(-) diff --git a/headers/modsecurity/rule_message.h b/headers/modsecurity/rule_message.h index 62e2b986..7a96306e 100644 --- a/headers/modsecurity/rule_message.h +++ b/headers/modsecurity/rule_message.h @@ -49,22 +49,6 @@ class RuleMessage { m_match(std::string("")) { } - RuleMessage(Rule *rule, std::string message) : - m_ruleFile(rule->m_fileName), - m_ruleLine(rule->m_lineNumber), - m_ruleId(rule->rule_id), - m_rev(rule->m_rev), - m_accuracy(rule->m_accuracy), - m_message(message), - m_data(std::string("")), - m_severity(0), - m_ver(rule->m_ver), - m_maturity(rule->m_maturity), - m_rule(rule), - m_saveMessage(false), - m_match(std::string("")) - { } - std::string errorLog(Transaction *trans); @@ -81,6 +65,8 @@ class RuleMessage { int m_accuracy; std::list m_tags; + std::vector m_tmp_actions; + std::list m_server_logs; Rule *m_rule; bool m_saveMessage; diff --git a/src/actions/log_data.cc b/src/actions/log_data.cc index 09ccbcad..19e2fe49 100644 --- a/src/actions/log_data.cc +++ b/src/actions/log_data.cc @@ -32,6 +32,7 @@ namespace actions { bool LogData::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { rm->m_data = data(transaction); + transaction->m_collections.storeOrUpdateFirst("RULE:logdata", rm->m_data); return true; } diff --git a/src/rule.cc b/src/rule.cc index 05ae45be..6bdf5d1c 100644 --- a/src/rule.cc +++ b/src/rule.cc @@ -586,8 +586,9 @@ bool Rule::evaluate(Transaction *trasn) { &containsDisruptive, &ruleMessage); std::string msg2save = ruleMessage.errorLog(trasn); if (ruleMessage.m_message.empty() == false) { - trasn->debug(4, "Scheduled to be saved on the server " + - "log: " + msg2save + ""); + trasn->debug(4, + "Scheduled to be saved on the server log: " \ + + msg2save + ""); ruleMessage.m_server_logs.push_back(msg2save); } globalRet = true; diff --git a/test/test-cases/regression/action-disruptive.json b/test/test-cases/regression/action-disruptive.json index 66e9fafc..543ac4f8 100644 --- a/test/test-cases/regression/action-disruptive.json +++ b/test/test-cases/regression/action-disruptive.json @@ -5,7 +5,7 @@ "title":"Testing Disruptive actions (1/n)", "expected":{ "debug_log": " Running action: deny", - "http_code":404 + "http_code":403 }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/secaction.json b/test/test-cases/regression/secaction.json index a742542b..7c468e88 100644 --- a/test/test-cases/regression/secaction.json +++ b/test/test-cases/regression/secaction.json @@ -49,7 +49,7 @@ }, "expected": { "audit_log": "", - "debug_log": "Running unconditional rule.", + "debug_log": "Executing unconditional rule", "error_log": "" }, "rules": [ diff --git a/test/test-cases/regression/secruleengine.json b/test/test-cases/regression/secruleengine.json index 07250f0d..ca4439b3 100644 --- a/test/test-cases/regression/secruleengine.json +++ b/test/test-cases/regression/secruleengine.json @@ -5,7 +5,7 @@ "title":"Testing Disruptive actions (1/n)", "expected":{ "debug_log": " Running action: deny", - "http_code":404 + "http_code":403 }, "rules":[ "SecRuleEngine On", @@ -34,7 +34,7 @@ "version_min":300000, "title":"Testing Disruptive actions (3/n)", "expected":{ - "debug_log": "Not running disruptive action: block. SecRuleEngine is not On", + "debug_log": "_Not_ running action: deny. Rule _does not_contains a disruptive action, but SecRuleEngine is not On.", "http_code":200 }, "rules":[ diff --git a/test/test-cases/regression/variable-FILES.json b/test/test-cases/regression/variable-FILES.json index 6fcd6917..e426ab7b 100644 --- a/test/test-cases/regression/variable-FILES.json +++ b/test/test-cases/regression/variable-FILES.json @@ -51,7 +51,7 @@ ] }, "expected":{ - "debug_log":"T \\(1\\) t:trim: \"small_text_file" + "debug_log":"T \\(0\\) t:trim: \"small_text_file" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/variable-FILES_NAMES.json b/test/test-cases/regression/variable-FILES_NAMES.json index 5726c658..a77c001e 100644 --- a/test/test-cases/regression/variable-FILES_NAMES.json +++ b/test/test-cases/regression/variable-FILES_NAMES.json @@ -51,7 +51,7 @@ ] }, "expected":{ - "debug_log":"T \\(1\\) t:trim: \"filedata" + "debug_log":"T \\(0\\) t:trim: \"filedata" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/variable-RULE.json b/test/test-cases/regression/variable-RULE.json index fbc351c3..d79f2e87 100644 --- a/test/test-cases/regression/variable-RULE.json +++ b/test/test-cases/regression/variable-RULE.json @@ -256,7 +256,7 @@ ] }, "expected":{ - "debug_log":" Target value: \"message123\" \\(Variable: RULE:msg\\)" + "debug_log":" Target value: \"message123\" \\(Variable: rule:msg\\)" }, "rules":[ "SecRuleEngine On", @@ -304,7 +304,7 @@ }, "rules":[ "SecRuleEngine On", - "SecRule rule:msg \"@contains message\" \"id:1,setvar:'ip.block_reason=%{RULE.msg}%',msg:'message123',phase:3,pass,t:trim\"" + "SecRule rule:msg \"@contains message\" \"id:1,msg:'message123',setvar:'ip.block_reason=%{RULE.msg}%',phase:3,pass,t:trim\"" ] } ]