diff --git a/README.md b/README.md index b79003c9..74850ae9 100644 --- a/README.md +++ b/README.md @@ -115,7 +115,7 @@ Below some are illustrated: ```c++ using ModSecurity::ModSecurity; using ModSecurity::Rules; -using ModSecurity::Assay; +using ModSecurity::Transaction; ModSecurity *modsec; ModSecurity::Rules *rules; @@ -126,10 +126,10 @@ rules = new Rules(); rules->loadFromUri(rules_file); -Assay *modsecAssay = new Assay(modsec, rules); +Transaction *modsecTransaction = new Transaction(modsec, rules); -modsecAssay->processConnection("127.0.0.1"); -if (modsecAssay->intervention()) { +modsecTransaction->processConnection("127.0.0.1"); +if (modsecTransaction->intervention()) { std::cout << "There is an intervention" << std::endl; } ``` @@ -138,7 +138,7 @@ if (modsecAssay->intervention()) { ```c #include "modsecurity/modsecurity.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" char main_rule_uri[] = "basic_rules.conf"; @@ -146,7 +146,7 @@ char main_rule_uri[] = "basic_rules.conf"; int main (int argc, char **argv) { ModSecurity *modsec = NULL; - Assay *assay = NULL; + Transaction *transaction = NULL; Rules *rules = NULL; modsec = msc_init(); @@ -154,14 +154,14 @@ int main (int argc, char **argv) rules = msc_create_rules_set(); msc_rules_add_file(rules, main_rule_uri); - assay = msc_new_assay(modsec, rules); + transaction = msc_new_transaction(modsec, rules); - msc_process_connection(assay, "127.0.0.1"); - msc_process_uri(assay, "http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3&test=args&test=test"); - msc_process_request_headers(assay); - msc_process_request_body(assay); - msc_process_response_headers(assay); - msc_process_response_body(assay); + msc_process_connection(transaction, "127.0.0.1"); + msc_process_uri(transaction, "http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3&test=args&test=test"); + msc_process_request_headers(transaction); + msc_process_request_body(transaction); + msc_process_response_headers(transaction); + msc_process_response_body(transaction); return 0; } diff --git a/examples/simple_example_using_c/test.c b/examples/simple_example_using_c/test.c index 9835dded..4393e876 100644 --- a/examples/simple_example_using_c/test.c +++ b/examples/simple_example_using_c/test.c @@ -13,11 +13,11 @@ * */ +#include #include "stdio.h" #include "stdlib.h" #include "modsecurity/modsecurity.h" -#include "modsecurity/assay.h" char main_rule_uri[] = "basic_rules.conf"; @@ -27,7 +27,7 @@ int main (int argc, char **argv) int ret = 1; const char *error = NULL; ModSecurity *modsec = NULL; - Assay *assay = NULL; + Transaction *transaction = NULL; Rules *rules = NULL; modsec = msc_init(); @@ -55,17 +55,17 @@ int main (int argc, char **argv) } msc_rules_dump(rules); - assay = msc_new_assay(modsec, rules, NULL); + transaction = msc_new_transaction(modsec, rules, NULL); - msc_process_connection(assay, "127.0.0.1", 12345, "127.0.0.1", 80); - msc_process_uri(assay, + msc_process_connection(transaction, "127.0.0.1", 12345, "127.0.0.1", 80); + msc_process_uri(transaction, "http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3", "GET", "1.1"); - msc_process_request_headers(assay); - msc_process_request_body(assay); - msc_process_response_headers(assay); - msc_process_response_body(assay); - msc_process_logging(assay, 200); + msc_process_request_headers(transaction); + msc_process_request_body(transaction); + msc_process_response_headers(transaction); + msc_process_response_body(transaction); + msc_process_logging(transaction, 200); end: msc_rules_cleanup(rules); msc_cleanup(modsec); diff --git a/headers/modsecurity/assay.h b/headers/modsecurity/assay.h deleted file mode 100644 index fafd78b8..00000000 --- a/headers/modsecurity/assay.h +++ /dev/null @@ -1,282 +0,0 @@ -/* - * ModSecurity, http://www.modsecurity.org/ - * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) - * - * You may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * If any of the files related to licensing are missing or if you have any - * other questions related to licensing please contact Trustwave Holdings, Inc. - * directly using the email address security@modsecurity.org. - * - */ - -#ifdef __cplusplus -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#endif - -#include -#include - -#ifndef HEADERS_MODSECURITY_ASSAY_H_ -#define HEADERS_MODSECURITY_ASSAY_H_ - -#ifndef __cplusplus -typedef struct ModSecurity_t ModSecurity; -typedef struct Assay_t Assay; -typedef struct Rules_t Rules; -#endif - -#include "modsecurity/intervention.h" -#include "modsecurity/transaction/variable.h" -#include "modsecurity/transaction/variables.h" -#include "modsecurity/transaction/collections.h" - -#define LOGFY_ADD(a, b) \ - yajl_gen_string(g, reinterpret_cast(a), strlen(a)); \ - if (b == NULL) { \ - yajl_gen_string(g, reinterpret_cast(""), \ - strlen("")); \ - } else { \ - yajl_gen_string(g, reinterpret_cast(b), \ - strlen(b)); \ - } - - -#define LOGFY_ADD_INT(a, b) \ - yajl_gen_string(g, reinterpret_cast(a), strlen(a)); \ - yajl_gen_number(g, reinterpret_cast(b), strlen(b)); - -#define LOGFY_ADD_NUM(a, b) \ - yajl_gen_string(g, reinterpret_cast(a), strlen(a)); \ - yajl_gen_integer(g, b); - -#ifdef __cplusplus - -namespace modsecurity { - -class ModSecurity; -class Assay; -class Rules; -class Collections; -namespace actions { -class Action; -} -namespace operators { -class Operator; -} - - -/** @ingroup ModSecurity_CPP_API */ -class Assay { - public: - Assay(ModSecurity *assay, Rules *rules, void *logCbData); - ~Assay(); - - /** TODO: Should be an structure that fits an IP address */ - int processConnection(const char *client, int cPort, - const char *server, int sPort); - int processURI(const char *uri, const char *protocol, - const char *http_version); - - /** - * Types of request body that ModSecurity may give a special treatment - * for the data. - */ - enum RequestBodyType { - /** - * - */ - UnknownFormat, - /** - * - */ - MultiPartRequestBody, - /** - * - */ - WWWFormUrlEncoded, - /** - * - */ - JSONRequestBody, - /** - * - */ - XMLRequestBody - }; - - int processRequestHeaders(); - int addRequestHeader(const std::string& key, const std::string& value); - int addRequestHeader(const unsigned char *key, const unsigned char *value); - int addRequestHeader(const unsigned char *key, size_t len_key, - const unsigned char *value, size_t len_value); - - int processRequestBody(); - int appendRequestBody(const unsigned char *body, size_t size); - int requestBodyFromFile(const char *path); - - int processResponseHeaders(); - int addResponseHeader(const std::string& key, const std::string& value); - int addResponseHeader(const unsigned char *key, const unsigned char *value); - int addResponseHeader(const unsigned char *key, size_t len_key, - const unsigned char *value, size_t len_value); - - int processResponseBody(); - int appendResponseBody(const unsigned char *body, size_t size); - - int processLogging(int status_code); - - bool intervention(ModSecurityIntervention *it); - - void cleanup(); - - const char *getResponseBody(); - int getResponseBodyLenth(); - - transaction::Collections m_collections; -#ifndef NO_LOGS - void debug(int, std::string); -#endif - void serverLog(const std::string& msg); - std::vector actions; - - bool save_in_auditlog; - bool do_not_save_in_auditlog; - - int httpCodeReturned; - - std::string to_json(int parts); - std::string toOldAuditLogFormat(int parts, const std::string &trailer); - std::string toOldAuditLogFormatIndex(const std::string &filename, - double size, const std::string &md5); - - std::string id; - time_t timeStamp; - clock_t start; - int highest_severity; - - Rules *m_rules; - - std::list rulesMessages; - std::list ruleTags; - - std::list< std::pair > auditLogModifier; - std::string m_marker; - - private: - std::ofstream myfile; - ModSecurity *m_ms; - - const char *m_clientIpAddress; - const char *m_serverIpAddress; - int m_clientPort; - int m_serverPort; - const char *m_uri; - std::string m_uri_decoded; - const char *m_protocol; - const char *m_httpVersion; - - std::string *m_namesArgs; - std::string *m_namesArgsPost; - std::string *m_namesArgsGet; - std::string *m_requestHeadersNames; - std::string *m_responseHeadersNames; - std::string *m_responseContentType; - double m_ARGScombinedSize; - /** TODO: Support to save double in the storage. */ - std::string *m_ARGScombinedSizeStr; - RequestBodyType m_requestBodyType; - - std::ostringstream m_requestBody; - std::ostringstream m_responseBody; - void *m_logCbData; -}; - - -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/** @ingroup ModSecurity_C_API */ -Assay *msc_new_assay(ModSecurity *ms, Rules *rules, void *logCbData); - -/** @ingroup ModSecurity_C_API */ -int msc_process_connection(Assay *assay, const char *client, int cPort, - const char *server, int sPort); - -/** @ingroup ModSecurity_C_API */ -int msc_process_request_headers(Assay *assay); - -/** @ingroup ModSecurity_C_API */ -int msc_add_request_header(Assay *assay, const unsigned char *key, - const unsigned char *value); - -/** @ingroup ModSecurity_C_API */ -int msc_add_n_request_header(Assay *assay, const unsigned char *key, - size_t len_key, const unsigned char *value, size_t len_value); - -/** @ingroup ModSecurity_C_API */ -int msc_process_request_body(Assay *assay); - -/** @ingroup ModSecurity_C_API */ -int msc_append_request_body(Assay *assay, - const unsigned char *body, size_t size); - -/** @ingroup ModSecurity_C_API */ -int msc_request_body_from_file(Assay *assay, const char *path); - -/** @ingroup ModSecurity_C_API */ -int msc_process_response_headers(Assay *assay); -/** @ingroup ModSecurity_C_API */ -int msc_add_response_header(Assay *assay, const unsigned char *key, - const unsigned char *value); -/** @ingroup ModSecurity_C_API */ -int msc_add_n_response_header(Assay *assay, const unsigned char *key, - size_t len_key, const unsigned char *value, size_t len_value); - -/** @ingroup ModSecurity_C_API */ -int msc_process_response_body(Assay *assay); -/** @ingroup ModSecurity_C_API */ -int msc_append_response_body(Assay *assay, - const unsigned char *body, size_t size); - -/** @ingroup ModSecurity_C_API */ -int msc_process_uri(Assay *assay, const char *uri, const char *protocol, - const char *http_version); - -/** @ingroup ModSecurity_C_API */ -const char *msc_get_response_body(Assay *assay); -/** @ingroup ModSecurity_C_API */ -int msc_get_response_body_length(Assay *assay); - -/** @ingroup ModSecurity_C_API */ -void msc_assay_cleanup(Assay *assay); - -/** @ingroup ModSecurity_C_API */ -int msc_intervention(Assay *assay, ModSecurityIntervention *it); - -/** @ingroup ModSecurity_C_API */ -int msc_process_logging(Assay *assay, int code); - -#ifdef __cplusplus -} -} // namespace modsecurity -#endif - - -#endif // HEADERS_MODSECURITY_ASSAY_H_ diff --git a/headers/modsecurity/modsecurity.h b/headers/modsecurity/modsecurity.h index 18612e52..12b42f5a 100644 --- a/headers/modsecurity/modsecurity.h +++ b/headers/modsecurity/modsecurity.h @@ -22,7 +22,7 @@ * * using ModSecurity::ModSecurity; * using ModSecurity::Rules; - * using ModSecurity::Assay; + * using ModSecurity::Transaction; * * ModSecurity *modsec; * ModSecurity::Rules *rules; @@ -31,10 +31,10 @@ * rules = new Rules(); * rules->loadFromUri(rules_file); * - * Assay *modsecAssay = new Assay(modsec, rules); - * modsecAssay->processConnection("127.0.0.1"); + * Transaction *modsecTransaction = new Transaction(modsec, rules); + * modsecTransaction->processConnection("127.0.0.1"); * - * if (modsecAssay->intervention()) { + * if (modsecTransaction->intervention()) { * std::cout << "There is an intervention" << std::endl; * } * @@ -90,7 +90,7 @@ typedef struct ModSecurity_t modsecurity; #include "modsecurity/intervention.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/debug_log.h" #include "modsecurity/rules.h" diff --git a/headers/modsecurity/rule.h b/headers/modsecurity/rule.h index 94646efb..91d396fa 100644 --- a/headers/modsecurity/rule.h +++ b/headers/modsecurity/rule.h @@ -19,8 +19,8 @@ #include #endif -#ifndef SRC_RULE_H_ -#define SRC_RULE_H_ +#ifndef HEADERS_MODSECURITY_RULE_H_ +#define HEADERS_MODSECURITY_RULE_H_ #include "modsecurity/modsecurity.h" @@ -29,7 +29,7 @@ namespace modsecurity { namespace Variables { - class Variable; +class Variable; } class Rule { @@ -42,8 +42,8 @@ class Rule { explicit Rule(std::string marker); ~Rule(); - bool evaluate(Assay *assay); - bool evaluateActions(Assay *assay); + bool evaluate(Transaction *transaction); + bool evaluateActions(Transaction *transaction); operators::Operator *op; std::vector actions_conf; @@ -86,6 +86,6 @@ class Rule { #endif -#endif // SRC_RULE_H_ +#endif // HEADERS_MODSECURITY_RULE_H_ diff --git a/headers/modsecurity/rules.h b/headers/modsecurity/rules.h index 29f54e08..e6cbe94f 100644 --- a/headers/modsecurity/rules.h +++ b/headers/modsecurity/rules.h @@ -29,7 +29,7 @@ #define HEADERS_MODSECURITY_RULES_H_ #include "modsecurity/modsecurity.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rules_properties.h" #ifdef __cplusplus @@ -79,7 +79,7 @@ class Rules : public RulesProperties { int merge(Parser::Driver *driver); int merge(Rules *rules); - int evaluate(int phase, Assay *assay); + int evaluate(int phase, Transaction *transaction); std::string getParserError(); void debug(int level, std::string message); diff --git a/headers/modsecurity/rules_properties.h b/headers/modsecurity/rules_properties.h index 06ce47e3..3b8cb703 100644 --- a/headers/modsecurity/rules_properties.h +++ b/headers/modsecurity/rules_properties.h @@ -19,6 +19,7 @@ #include #include #include +#include #endif @@ -26,7 +27,7 @@ #define HEADERS_MODSECURITY_RULES_PROPERTIES_H_ #include "modsecurity/modsecurity.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifdef __cplusplus @@ -93,12 +94,11 @@ class RulesProperties { std::vector rules[7]; std::vector * getRulesForPhase(int phase) { - if (phase > 7) - { + if (phase > 7) { return NULL; } return &rules[phase]; - }; + } // ModSecurity::Phases::NUMBER_OF_PHASES std::vector defaultActions[7]; diff --git a/src/Makefile.am b/src/Makefile.am index 630af92b..fe22c0c1 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -23,7 +23,7 @@ MAINTAINERCLEANFILES = \ pkginclude_HEADERS = \ - ../headers/modsecurity/assay.h \ + ../headers/modsecurity/transaction.h \ ../headers/modsecurity/debug_log.h \ ../headers/modsecurity/intervention.h \ ../headers/modsecurity/modsecurity.h \ @@ -176,7 +176,7 @@ libmodsecurity_la_SOURCES = \ parser/seclang-parser.yy \ parser/seclang-scanner.ll \ parser/driver.cc \ - assay.cc \ + transaction.cc \ audit_log.cc \ audit_log_writer.cc \ audit_log_writer_serial.cc \ diff --git a/src/actions/action.cc b/src/actions/action.cc index b51ea4ea..81911654 100644 --- a/src/actions/action.cc +++ b/src/actions/action.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "actions/block.h" @@ -42,12 +42,12 @@ namespace actions { std::string Action::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { return value; } -bool Action::evaluate(Rule *rule, Assay *assay) { +bool Action::evaluate(Rule *rule, Transaction *transaction) { return true; } diff --git a/src/actions/action.h b/src/actions/action.h index 24d93707..bb024775 100644 --- a/src/actions/action.h +++ b/src/actions/action.h @@ -24,7 +24,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; class Rule; namespace actions { @@ -87,8 +87,8 @@ class Action { std::string name; virtual std::string evaluate(std::string exp, - Assay *assay); - virtual bool evaluate(Rule *rule, Assay *assay); + Transaction *transaction); + virtual bool evaluate(Rule *rule, Transaction *transaction); virtual bool init(std::string *error) { return true; } virtual bool isDisruptive() { return false; } diff --git a/src/actions/audit_log.cc b/src/actions/audit_log.cc index 3a77e492..a03589e0 100644 --- a/src/actions/audit_log.cc +++ b/src/actions/audit_log.cc @@ -18,13 +18,13 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace actions { -bool AuditLog::evaluate(Rule *rule, Assay *assay) { - assay->save_in_auditlog = true; +bool AuditLog::evaluate(Rule *rule, Transaction *transaction) { + transaction->save_in_auditlog = true; return true; } diff --git a/src/actions/audit_log.h b/src/actions/audit_log.h index 418a0ce9..43c94227 100644 --- a/src/actions/audit_log.h +++ b/src/actions/audit_log.h @@ -21,10 +21,10 @@ #define SRC_ACTIONS_AUDIT_LOG_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -34,7 +34,7 @@ class AuditLog : public Action { explicit AuditLog(std::string action) : Action(action, RunTimeOnlyIfMatchKind) { } - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; }; } // namespace actions diff --git a/src/actions/block.cc b/src/actions/block.cc index 996fffe6..7c79a63d 100644 --- a/src/actions/block.cc +++ b/src/actions/block.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "modsecurity/intervention.h" @@ -32,13 +32,13 @@ Block::Block(std::string action) } -bool Block::evaluate(Rule *rule, Assay *assay) { +bool Block::evaluate(Rule *rule, Transaction *transaction) { #ifndef NO_LOGS - assay->debug(8, "Running action block"); + transaction->debug(8, "Running action block"); #endif for (Action *a : rule->actions_runtime_pos) { if (a->isDisruptive() == true) { - assay->actions.push_back(a); + transaction->actions.push_back(a); } } return true; diff --git a/src/actions/block.h b/src/actions/block.h index f207293c..b1cbbc51 100644 --- a/src/actions/block.h +++ b/src/actions/block.h @@ -21,10 +21,10 @@ #define SRC_ACTIONS_BLOCK_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -33,7 +33,7 @@ class Block : public Action { public: explicit Block(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; void fill_intervention(ModSecurityIntervention *i) override; bool isDisruptive() override { return true; } }; diff --git a/src/actions/capture.cc b/src/actions/capture.cc index 2706210d..5dcb97e2 100644 --- a/src/actions/capture.cc +++ b/src/actions/capture.cc @@ -19,7 +19,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "operators/operator.h" @@ -31,7 +31,7 @@ namespace modsecurity { namespace actions { -bool Capture::evaluate(Rule *rule, Assay *assay) { +bool Capture::evaluate(Rule *rule, Transaction *transaction) { operators::Operator *op = rule->op; std::list *match; @@ -61,7 +61,7 @@ bool Capture::evaluate(Rule *rule, Assay *assay) { int i = 0; while (match->empty() == false) { - assay->m_collections.storeOrUpdateFirst("TX", + transaction->m_collections.storeOrUpdateFirst("TX", std::to_string(i), match->back()); match->pop_back(); i++; diff --git a/src/actions/capture.h b/src/actions/capture.h index bc43ce27..d67194f5 100644 --- a/src/actions/capture.h +++ b/src/actions/capture.h @@ -31,7 +31,7 @@ class Capture : public Action { explicit Capture(std::string action) : Action(action, RunTimeOnlyIfMatchKind) { } - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; }; diff --git a/src/actions/chain.cc b/src/actions/chain.cc index 714b4fea..0f021160 100644 --- a/src/actions/chain.cc +++ b/src/actions/chain.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rule.h" namespace modsecurity { @@ -26,7 +26,7 @@ namespace actions { -bool Chain::evaluate(Rule *rule, Assay *assay) { +bool Chain::evaluate(Rule *rule, Transaction *transaction) { rule->chained = true; return true; } diff --git a/src/actions/chain.h b/src/actions/chain.h index ac8c6314..59da460e 100644 --- a/src/actions/chain.h +++ b/src/actions/chain.h @@ -21,10 +21,10 @@ #define SRC_ACTIONS_CHAIN_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; class Rule; namespace actions { @@ -35,7 +35,7 @@ class Chain : public Action { explicit Chain(std::string action) : Action(action, ConfigurationKind) { } - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; }; } // namespace actions diff --git a/src/actions/ctl_audit_log_parts.cc b/src/actions/ctl_audit_log_parts.cc index 3cd159f8..ce3c5b95 100644 --- a/src/actions/ctl_audit_log_parts.cc +++ b/src/actions/ctl_audit_log_parts.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace actions { @@ -35,8 +35,9 @@ CtlAuditLogParts::CtlAuditLogParts(std::string action) } } -bool CtlAuditLogParts::evaluate(Rule *rule, Assay *assay) { - assay->auditLogModifier.push_back(std::make_pair(mPartsAction, mParts)); +bool CtlAuditLogParts::evaluate(Rule *rule, Transaction *transaction) { + transaction->auditLogModifier.push_back( + std::make_pair(mPartsAction, mParts)); return true; } diff --git a/src/actions/ctl_audit_log_parts.h b/src/actions/ctl_audit_log_parts.h index cc133549..2736c95d 100644 --- a/src/actions/ctl_audit_log_parts.h +++ b/src/actions/ctl_audit_log_parts.h @@ -16,7 +16,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifndef SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_ #define SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_ @@ -29,7 +29,7 @@ class CtlAuditLogParts : public Action { public: explicit CtlAuditLogParts(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; int mPartsAction; std::string mParts; }; diff --git a/src/actions/deny.cc b/src/actions/deny.cc index adf1bf6d..e7c198e2 100644 --- a/src/actions/deny.cc +++ b/src/actions/deny.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace actions { @@ -30,11 +30,11 @@ Deny::Deny(std::string action) } -bool Deny::evaluate(Rule *rule, Assay *assay) { +bool Deny::evaluate(Rule *rule, Transaction *transaction) { #ifndef NO_LOGS - assay->debug(8, "Running action deny"); + transaction->debug(8, "Running action deny"); #endif - assay->actions.push_back(this); + transaction->actions.push_back(this); return true; } diff --git a/src/actions/deny.h b/src/actions/deny.h index 34fba671..0d19df6f 100644 --- a/src/actions/deny.h +++ b/src/actions/deny.h @@ -16,7 +16,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifndef SRC_ACTIONS_DENY_H_ #define SRC_ACTIONS_DENY_H_ @@ -29,7 +29,7 @@ class Deny : public Action { public: explicit Deny(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; void fill_intervention(ModSecurityIntervention *i) override; bool isDisruptive() override { return true; } }; diff --git a/src/actions/init_col.cc b/src/actions/init_col.cc index a62a12e9..ad35a52d 100644 --- a/src/actions/init_col.cc +++ b/src/actions/init_col.cc @@ -19,7 +19,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" @@ -50,9 +50,9 @@ bool InitCol::init(std::string *error) { } -bool InitCol::evaluate(Rule *rule, Assay *assay) { +bool InitCol::evaluate(Rule *rule, Transaction *transaction) { std::string collectionName; - collectionName = MacroExpansion::expand(m_collection_value, assay); + collectionName = MacroExpansion::expand(m_collection_value, transaction); return true; } diff --git a/src/actions/init_col.h b/src/actions/init_col.h index 7a0b03bb..4a0ed22a 100644 --- a/src/actions/init_col.h +++ b/src/actions/init_col.h @@ -20,10 +20,10 @@ #ifndef SRC_ACTIONS_INIT_COL_H_ #define SRC_ACTIONS_INIT_COL_H_ -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -31,7 +31,7 @@ class InitCol : public Action { public: explicit InitCol(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; bool init(std::string *error) override; private: std::string m_collection_key; diff --git a/src/actions/log.cc b/src/actions/log.cc index 232179e8..feb8ce87 100644 --- a/src/actions/log.cc +++ b/src/actions/log.cc @@ -18,15 +18,15 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace actions { -bool Log::evaluate(Rule *rule, Assay *assay) { - assay->save_in_auditlog = true; - /* FIXME: assay->serverLog("Something...."); */ - assay->debug(9, "Saving transaction to logs"); +bool Log::evaluate(Rule *rule, Transaction *transaction) { + transaction->save_in_auditlog = true; + /* FIXME: transaction->serverLog("Something...."); */ + transaction->debug(9, "Saving transaction to logs"); return true; } diff --git a/src/actions/log.h b/src/actions/log.h index fd7322e8..cc526030 100644 --- a/src/actions/log.h +++ b/src/actions/log.h @@ -20,10 +20,10 @@ #ifndef SRC_ACTIONS_LOG_H_ #define SRC_ACTIONS_LOG_H_ -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -32,7 +32,7 @@ class Log : public Action { explicit Log(std::string action) : Action(action, RunTimeOnlyIfMatchKind) { } - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; }; } // namespace actions diff --git a/src/actions/log_data.cc b/src/actions/log_data.cc index 311913ad..1f1f6e0c 100644 --- a/src/actions/log_data.cc +++ b/src/actions/log_data.cc @@ -19,7 +19,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" #include "src/macro_expansion.h" @@ -34,13 +34,13 @@ LogData::LogData(std::string action) } -bool LogData::evaluate(Rule *rule, Assay *assay) { - std::string msg = MacroExpansion::expand(m_data, assay); +bool LogData::evaluate(Rule *rule, Transaction *transaction) { + std::string msg = MacroExpansion::expand(m_data, transaction); #ifndef NO_LOGS - assay->debug(9, "Saving msg: " + msg); + transaction->debug(9, "Saving msg: " + msg); #endif - assay->rulesMessages.push_back(msg); - assay->serverLog(msg); + transaction->rulesMessages.push_back(msg); + transaction->serverLog(msg); return true; } diff --git a/src/actions/log_data.h b/src/actions/log_data.h index 960e57c7..1ba07fb6 100644 --- a/src/actions/log_data.h +++ b/src/actions/log_data.h @@ -20,10 +20,10 @@ #ifndef SRC_ACTIONS_LOG_DATA_H_ #define SRC_ACTIONS_LOG_DATA_H_ -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -31,7 +31,7 @@ class LogData : public Action { public: explicit LogData(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; private: std::string m_data; diff --git a/src/actions/msg.cc b/src/actions/msg.cc index 587d6ab3..635fbd11 100644 --- a/src/actions/msg.cc +++ b/src/actions/msg.cc @@ -19,7 +19,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" #include "src/macro_expansion.h" @@ -34,13 +34,13 @@ Msg::Msg(std::string action) } -bool Msg::evaluate(Rule *rule, Assay *assay) { - std::string msg = MacroExpansion::expand(m_msg, assay); +bool Msg::evaluate(Rule *rule, Transaction *transaction) { + std::string msg = MacroExpansion::expand(m_msg, transaction); #ifndef NO_LOGS - assay->debug(9, "Saving msg: " + msg); + transaction->debug(9, "Saving msg: " + msg); #endif - assay->rulesMessages.push_back(msg); - assay->serverLog(msg); + transaction->rulesMessages.push_back(msg); + transaction->serverLog(msg); return true; } diff --git a/src/actions/msg.h b/src/actions/msg.h index be77120b..8d0cc58c 100644 --- a/src/actions/msg.h +++ b/src/actions/msg.h @@ -20,10 +20,10 @@ #ifndef SRC_ACTIONS_MSG_H_ #define SRC_ACTIONS_MSG_H_ -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -31,7 +31,7 @@ class Msg : public Action { public: explicit Msg(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; private: std::string m_msg; diff --git a/src/actions/no_audit_log.cc b/src/actions/no_audit_log.cc index 478bddc6..f832ff38 100644 --- a/src/actions/no_audit_log.cc +++ b/src/actions/no_audit_log.cc @@ -18,13 +18,13 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace actions { -bool NoAuditLog::evaluate(Rule *rule, Assay *assay) { - assay->do_not_save_in_auditlog = true; +bool NoAuditLog::evaluate(Rule *rule, Transaction *transaction) { + transaction->do_not_save_in_auditlog = true; return true; } diff --git a/src/actions/no_audit_log.h b/src/actions/no_audit_log.h index 9d6bbb46..33741ce2 100644 --- a/src/actions/no_audit_log.h +++ b/src/actions/no_audit_log.h @@ -21,10 +21,10 @@ #define SRC_ACTIONS_NO_AUDIT_LOG_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -34,7 +34,7 @@ class NoAuditLog : public Action { explicit NoAuditLog(std::string action) : Action(action, RunTimeOnlyIfMatchKind) { } - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; }; } // namespace actions diff --git a/src/actions/pass.cc b/src/actions/pass.cc index 1a6e03c0..e7b0da5d 100644 --- a/src/actions/pass.cc +++ b/src/actions/pass.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rule.h" namespace modsecurity { @@ -31,8 +31,8 @@ Pass::Pass(std::string action) } -bool Pass::evaluate(Rule *rule, Assay *assay) { - assay->actions.clear(); +bool Pass::evaluate(Rule *rule, Transaction *transaction) { + transaction->actions.clear(); return true; } diff --git a/src/actions/pass.h b/src/actions/pass.h index fd2c6e6f..b2a5f392 100644 --- a/src/actions/pass.h +++ b/src/actions/pass.h @@ -16,7 +16,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifndef SRC_ACTIONS_PASS_H_ #define SRC_ACTIONS_PASS_H_ @@ -29,7 +29,7 @@ class Pass : public Action { public: explicit Pass(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; bool isDisruptive() override { return true; } }; diff --git a/src/actions/phase.cc b/src/actions/phase.cc index 9e35c63f..647661e8 100644 --- a/src/actions/phase.cc +++ b/src/actions/phase.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "src/utils.h" #include "modsecurity/modsecurity.h" @@ -77,7 +77,7 @@ bool Phase::init(std::string *error) { } -bool Phase::evaluate(Rule *rule, Assay *assay) { +bool Phase::evaluate(Rule *rule, Transaction *transaction) { rule->phase = this->phase; return true; } diff --git a/src/actions/phase.h b/src/actions/phase.h index e5865109..7b4d9e65 100644 --- a/src/actions/phase.h +++ b/src/actions/phase.h @@ -21,10 +21,10 @@ #define SRC_ACTIONS_PHASE_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; class Rule; namespace actions { @@ -35,7 +35,7 @@ class Phase : public Action { explicit Phase(std::string action); bool init(std::string *error) override; - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; int phase; int m_secRulesPhase; }; diff --git a/src/actions/redirect.cc b/src/actions/redirect.cc index f3a22344..e609c103 100644 --- a/src/actions/redirect.cc +++ b/src/actions/redirect.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/macro_expansion.h" namespace modsecurity { @@ -41,9 +41,9 @@ Redirect::Redirect(const std::string& action) } -bool Redirect::evaluate(Rule *rule, Assay *assay) { - m_urlExpanded = MacroExpansion::expand(m_url, assay); - assay->actions.push_back(this); +bool Redirect::evaluate(Rule *rule, Transaction *transaction) { + m_urlExpanded = MacroExpansion::expand(m_url, transaction); + transaction->actions.push_back(this); return true; } diff --git a/src/actions/redirect.h b/src/actions/redirect.h index d0e95e7c..ed30dbe4 100644 --- a/src/actions/redirect.h +++ b/src/actions/redirect.h @@ -21,10 +21,10 @@ #define SRC_ACTIONS_REDIRECT_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -33,7 +33,7 @@ class Redirect : public Action { explicit Redirect(const std::string &action); ~Redirect() override; - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; void fill_intervention(ModSecurityIntervention *i) override; bool isDisruptive() override { return true; } private: diff --git a/src/actions/rev.cc b/src/actions/rev.cc index 2ab36380..ebe32afe 100644 --- a/src/actions/rev.cc +++ b/src/actions/rev.cc @@ -19,7 +19,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" @@ -37,7 +37,7 @@ Rev::Rev(std::string action) } -bool Rev::evaluate(Rule *rule, Assay *assay) { +bool Rev::evaluate(Rule *rule, Transaction *transaction) { rule->rev = m_rev; return true; } diff --git a/src/actions/rev.h b/src/actions/rev.h index 422ddb4b..6a28af54 100644 --- a/src/actions/rev.h +++ b/src/actions/rev.h @@ -20,10 +20,10 @@ #ifndef SRC_ACTIONS_REV_H_ #define SRC_ACTIONS_REV_H_ -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -31,7 +31,7 @@ class Rev : public Action { public: explicit Rev(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; private: std::string m_rev; diff --git a/src/actions/rule_id.cc b/src/actions/rule_id.cc index 4c172837..9d47414e 100644 --- a/src/actions/rule_id.cc +++ b/src/actions/rule_id.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rule.h" namespace modsecurity { @@ -51,7 +51,7 @@ bool RuleId::init(std::string *error) { return true; } -bool RuleId::evaluate(Rule *rule, Assay *assay) { +bool RuleId::evaluate(Rule *rule, Transaction *transaction) { rule->rule_id = m_ruleId; return true; } diff --git a/src/actions/rule_id.h b/src/actions/rule_id.h index 8e84b3ae..d9e4c5e3 100644 --- a/src/actions/rule_id.h +++ b/src/actions/rule_id.h @@ -21,10 +21,10 @@ #define SRC_ACTIONS_RULE_ID_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; class Rule; namespace actions { @@ -37,7 +37,7 @@ class RuleId : public Action { m_ruleId(0) { } bool init(std::string *error) override; - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; private: double m_ruleId; diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc index 2533bde5..f5092348 100644 --- a/src/actions/set_var.cc +++ b/src/actions/set_var.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" #include "src/utils.h" @@ -99,11 +99,11 @@ void SetVar::dump() { std::cout << " Predicate: " << predicate << std::endl; } -bool SetVar::evaluate(Rule *rule, Assay *assay) { +bool SetVar::evaluate(Rule *rule, Transaction *transaction) { std::string targetValue; std::string variableNameExpanded = MacroExpansion::expand(variableName, - assay); - std::string resolvedPre = MacroExpansion::expand(predicate, assay); + transaction); + std::string resolvedPre = MacroExpansion::expand(predicate, transaction); if (operation == setOperation) { targetValue = resolvedPre; @@ -121,7 +121,7 @@ bool SetVar::evaluate(Rule *rule, Assay *assay) { try { std::string *resolvedValue = - assay->m_collections.resolveFirst(collectionName, + transaction->m_collections.resolveFirst(collectionName, variableNameExpanded); if (resolvedValue == NULL) { value = 0; @@ -143,10 +143,10 @@ bool SetVar::evaluate(Rule *rule, Assay *assay) { } #ifndef NO_LOGS - assay->debug(8, "Saving variable: " + collectionName + ":" + \ + transaction->debug(8, "Saving variable: " + collectionName + ":" + \ variableNameExpanded + " with value: " + targetValue); #endif - assay->m_collections.storeOrUpdateFirst(collectionName, + transaction->m_collections.storeOrUpdateFirst(collectionName, variableNameExpanded, targetValue); return true; diff --git a/src/actions/set_var.h b/src/actions/set_var.h index e9673021..ebbce707 100644 --- a/src/actions/set_var.h +++ b/src/actions/set_var.h @@ -21,7 +21,7 @@ #define SRC_ACTIONS_SET_VAR_H_ namespace modsecurity { -class Assay; +class Transaction; class Rule; namespace actions { @@ -31,7 +31,7 @@ class SetVar : public Action { public: explicit SetVar(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; void dump(); bool init(std::string *error) override; diff --git a/src/actions/severity.cc b/src/actions/severity.cc index 072e492b..9a00f2d7 100644 --- a/src/actions/severity.cc +++ b/src/actions/severity.cc @@ -19,7 +19,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" namespace modsecurity { @@ -50,15 +50,15 @@ Severity::Severity(std::string action) } -bool Severity::evaluate(Rule *rule, Assay *assay) { +bool Severity::evaluate(Rule *rule, Transaction *transaction) { #ifndef NO_LOGS - assay->debug(9, "This rule severity is: " + \ - std::to_string(this->m_severity) + " current assay is: " + \ - std::to_string(assay->highest_severity)); + transaction->debug(9, "This rule severity is: " + \ + std::to_string(this->m_severity) + " current transaction is: " + \ + std::to_string(transaction->highest_severity)); #endif - if (assay->highest_severity > this->m_severity) { - assay->highest_severity = this->m_severity; + if (transaction->highest_severity > this->m_severity) { + transaction->highest_severity = this->m_severity; } return true; } diff --git a/src/actions/severity.h b/src/actions/severity.h index 1c0b3082..27a8915f 100644 --- a/src/actions/severity.h +++ b/src/actions/severity.h @@ -21,10 +21,10 @@ #define SRC_ACTIONS_SEVERITY_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -33,7 +33,7 @@ class Severity : public Action { public: explicit Severity(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; private: int m_severity; diff --git a/src/actions/skip_after.cc b/src/actions/skip_after.cc index 9ed93d4e..67f1ea2d 100644 --- a/src/actions/skip_after.cc +++ b/src/actions/skip_after.cc @@ -19,7 +19,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" namespace modsecurity { @@ -31,11 +31,11 @@ SkipAfter::SkipAfter(std::string action) } -bool SkipAfter::evaluate(Rule *rule, Assay *assay) { +bool SkipAfter::evaluate(Rule *rule, Transaction *transaction) { #ifndef NO_LOGS - assay->debug(5, "Setting skipAfter for: " + m_marker); + transaction->debug(5, "Setting skipAfter for: " + m_marker); #endif - assay->m_marker = m_marker; + transaction->m_marker = m_marker; return true; } diff --git a/src/actions/skip_after.h b/src/actions/skip_after.h index 6f5cb609..3b7c1042 100644 --- a/src/actions/skip_after.h +++ b/src/actions/skip_after.h @@ -20,10 +20,10 @@ #ifndef SRC_ACTIONS_SKIP_AFTER_H_ #define SRC_ACTIONS_SKIP_AFTER_H_ -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -31,7 +31,7 @@ class SkipAfter : public Action { public: explicit SkipAfter(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; private: std::string m_marker; diff --git a/src/actions/status.cc b/src/actions/status.cc index 80142ae9..d5e71aa3 100644 --- a/src/actions/status.cc +++ b/src/actions/status.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace actions { @@ -33,8 +33,8 @@ Status::Status(std::string action) } -bool Status::evaluate(Rule *rule, Assay *assay) { - assay->actions.push_back(this); +bool Status::evaluate(Rule *rule, Transaction *transaction) { + transaction->actions.push_back(this); return true; } diff --git a/src/actions/status.h b/src/actions/status.h index 97724bec..fc444c20 100644 --- a/src/actions/status.h +++ b/src/actions/status.h @@ -21,17 +21,17 @@ #define SRC_ACTIONS_STATUS_H_ #ifdef __cplusplus -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { class Status : public Action { public: explicit Status(std::string actions); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; void fill_intervention(ModSecurityIntervention *i) override; int status; }; diff --git a/src/actions/tag.cc b/src/actions/tag.cc index 46ecfd80..a5397f37 100644 --- a/src/actions/tag.cc +++ b/src/actions/tag.cc @@ -19,7 +19,7 @@ #include #include "actions/action.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" #include "src/macro_expansion.h" @@ -34,12 +34,12 @@ Tag::Tag(std::string action) } -bool Tag::evaluate(Rule *rule, Assay *assay) { - std::string tag = MacroExpansion::expand(m_tag, assay); +bool Tag::evaluate(Rule *rule, Transaction *transaction) { + std::string tag = MacroExpansion::expand(m_tag, transaction); #ifndef NO_LOGS - assay->debug(9, "Rule tag: " + tag); + transaction->debug(9, "Rule tag: " + tag); #endif - assay->ruleTags.push_back(tag); + transaction->ruleTags.push_back(tag); return true; } diff --git a/src/actions/tag.h b/src/actions/tag.h index 45a7282e..e44d7db7 100644 --- a/src/actions/tag.h +++ b/src/actions/tag.h @@ -20,10 +20,10 @@ #ifndef SRC_ACTIONS_TAG_H_ #define SRC_ACTIONS_TAG_H_ -class Assay; +class Transaction; namespace modsecurity { -class Assay; +class Transaction; namespace actions { @@ -31,7 +31,7 @@ class Tag : public Action { public: explicit Tag(std::string action); - bool evaluate(Rule *rule, Assay *assay) override; + bool evaluate(Rule *rule, Transaction *transaction) override; private: std::string m_tag; diff --git a/src/actions/transformations/base64_decode.cc b/src/actions/transformations/base64_decode.cc index 25458f5f..a4c4e69a 100644 --- a/src/actions/transformations/base64_decode.cc +++ b/src/actions/transformations/base64_decode.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ Base64Decode::Base64Decode(std::string action) } std::string Base64Decode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation base64decode */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation 64 is not implemented yet."); + transaction->debug(4, "Transformation 64 is not implemented yet."); #endif } return value; diff --git a/src/actions/transformations/base64_decode.h b/src/actions/transformations/base64_decode.h index 4b3b03f1..564b9c84 100644 --- a/src/actions/transformations/base64_decode.h +++ b/src/actions/transformations/base64_decode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class Base64Decode : public Transformation { public: explicit Base64Decode(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/base64_decode_ext.cc b/src/actions/transformations/base64_decode_ext.cc index 4766cfe7..d19b40b3 100644 --- a/src/actions/transformations/base64_decode_ext.cc +++ b/src/actions/transformations/base64_decode_ext.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ Base64DecodeExt::Base64DecodeExt(std::string action) } std::string Base64DecodeExt::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation Base64DecodeExt */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation Base64DecodeExt is" \ + transaction->debug(4, "Transformation Base64DecodeExt is" \ " not implemented yet."); #endif } diff --git a/src/actions/transformations/base64_decode_ext.h b/src/actions/transformations/base64_decode_ext.h index cc042277..dd572d99 100644 --- a/src/actions/transformations/base64_decode_ext.h +++ b/src/actions/transformations/base64_decode_ext.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class Base64DecodeExt : public Transformation { public: explicit Base64DecodeExt(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/cmd_line.cc b/src/actions/transformations/cmd_line.cc index d4f6c2b4..bd7d139f 100644 --- a/src/actions/transformations/cmd_line.cc +++ b/src/actions/transformations/cmd_line.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ CmdLine::CmdLine(std::string action) } std::string CmdLine::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation CmdLine */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation CmdLine is not implemented yet."); + transaction->debug(4, "Transformation CmdLine is not implemented yet."); #endif } return value; diff --git a/src/actions/transformations/cmd_line.h b/src/actions/transformations/cmd_line.h index 7282ad72..95859f11 100644 --- a/src/actions/transformations/cmd_line.h +++ b/src/actions/transformations/cmd_line.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class CmdLine : public Transformation { public: explicit CmdLine(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/compress_whitespace.cc b/src/actions/transformations/compress_whitespace.cc index 40bbcd60..1291cc6e 100644 --- a/src/actions/transformations/compress_whitespace.cc +++ b/src/actions/transformations/compress_whitespace.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,7 +36,7 @@ CompressWhitespace::CompressWhitespace(std::string action) } std::string CompressWhitespace::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { std::string a; int inWhiteSpace = 0; diff --git a/src/actions/transformations/compress_whitespace.h b/src/actions/transformations/compress_whitespace.h index 18b55fd6..e297f761 100644 --- a/src/actions/transformations/compress_whitespace.h +++ b/src/actions/transformations/compress_whitespace.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class CompressWhitespace : public Transformation { public: explicit CompressWhitespace(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/css_decode.cc b/src/actions/transformations/css_decode.cc index 49744bdd..b5fb6f69 100644 --- a/src/actions/transformations/css_decode.cc +++ b/src/actions/transformations/css_decode.cc @@ -24,7 +24,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -35,7 +35,7 @@ namespace transformations { std::string CssDecode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { char *tmp = reinterpret_cast( malloc(sizeof(char) * value.size() + 1)); diff --git a/src/actions/transformations/css_decode.h b/src/actions/transformations/css_decode.h index 3a40a3a2..fa19fd77 100644 --- a/src/actions/transformations/css_decode.h +++ b/src/actions/transformations/css_decode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -34,7 +34,7 @@ class CssDecode : public Transformation { explicit CssDecode(std::string action) : Transformation(action) { } std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; diff --git a/src/actions/transformations/escape_seq_decode.cc b/src/actions/transformations/escape_seq_decode.cc index 082a4e5d..aed9729c 100644 --- a/src/actions/transformations/escape_seq_decode.cc +++ b/src/actions/transformations/escape_seq_decode.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -140,7 +140,7 @@ int EscapeSeqDecode::ansi_c_sequences_decode_inplace(unsigned char *input, std::string EscapeSeqDecode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { unsigned char *tmp = (unsigned char *) malloc(sizeof(char) * value.size() + 1); diff --git a/src/actions/transformations/escape_seq_decode.h b/src/actions/transformations/escape_seq_decode.h index d32a9f2e..137b2ebf 100644 --- a/src/actions/transformations/escape_seq_decode.h +++ b/src/actions/transformations/escape_seq_decode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class EscapeSeqDecode : public Transformation { public: explicit EscapeSeqDecode(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len); }; diff --git a/src/actions/transformations/hex_decode.cc b/src/actions/transformations/hex_decode.cc index e5157ddf..7565dd10 100644 --- a/src/actions/transformations/hex_decode.cc +++ b/src/actions/transformations/hex_decode.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -38,7 +38,7 @@ HexDecode::HexDecode(std::string action) std::string HexDecode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { int len = value.length(); std::string newString; diff --git a/src/actions/transformations/hex_decode.h b/src/actions/transformations/hex_decode.h index bd1e6e6d..1ec6e592 100644 --- a/src/actions/transformations/hex_decode.h +++ b/src/actions/transformations/hex_decode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class HexDecode : public Transformation { public: explicit HexDecode(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/hex_encode.cc b/src/actions/transformations/hex_encode.cc index fa422bd3..d9efa0ed 100644 --- a/src/actions/transformations/hex_encode.cc +++ b/src/actions/transformations/hex_encode.cc @@ -23,7 +23,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -37,7 +37,7 @@ HexEncode::HexEncode(std::string action) } std::string HexEncode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { std::stringstream result; for (std::size_t i=0; i < value.length(); i++) { diff --git a/src/actions/transformations/hex_encode.h b/src/actions/transformations/hex_encode.h index dfae413f..e07c0618 100644 --- a/src/actions/transformations/hex_encode.h +++ b/src/actions/transformations/hex_encode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class HexEncode : public Transformation { public: explicit HexEncode(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/html_entity_decode.cc b/src/actions/transformations/html_entity_decode.cc index 2cff99b5..f50df899 100644 --- a/src/actions/transformations/html_entity_decode.cc +++ b/src/actions/transformations/html_entity_decode.cc @@ -24,7 +24,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -35,7 +35,7 @@ namespace transformations { std::string HtmlEntityDecode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { if (HtmlEntityDecodeInstantCache::getInstance().count(value) > 0) { return HtmlEntityDecodeInstantCache::getInstance().at(value); diff --git a/src/actions/transformations/html_entity_decode.h b/src/actions/transformations/html_entity_decode.h index 731f406e..69ba776b 100644 --- a/src/actions/transformations/html_entity_decode.h +++ b/src/actions/transformations/html_entity_decode.h @@ -24,7 +24,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -55,7 +55,7 @@ class HtmlEntityDecode : public Transformation { : Transformation(action) { } std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; diff --git a/src/actions/transformations/js_decode.cc b/src/actions/transformations/js_decode.cc index 34046935..752d88ea 100644 --- a/src/actions/transformations/js_decode.cc +++ b/src/actions/transformations/js_decode.cc @@ -24,7 +24,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -35,7 +35,7 @@ namespace transformations { std::string JsDecode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { char *val = reinterpret_cast( malloc(sizeof(char) * value.size() + 1)); diff --git a/src/actions/transformations/js_decode.h b/src/actions/transformations/js_decode.h index 79093508..dc89b50c 100644 --- a/src/actions/transformations/js_decode.h +++ b/src/actions/transformations/js_decode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -34,7 +34,7 @@ class JsDecode : public Transformation { : Transformation(action) { } std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/length.cc b/src/actions/transformations/length.cc index e0d514e5..1c7a1e37 100644 --- a/src/actions/transformations/length.cc +++ b/src/actions/transformations/length.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,7 +36,7 @@ Length::Length(std::string action) } std::string Length::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { return std::to_string(value.size()); } diff --git a/src/actions/transformations/length.h b/src/actions/transformations/length.h index 834abcd5..dfe00002 100644 --- a/src/actions/transformations/length.h +++ b/src/actions/transformations/length.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class Length : public Transformation { public: explicit Length(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/lower_case.cc b/src/actions/transformations/lower_case.cc index cdd94a2d..223c8282 100644 --- a/src/actions/transformations/lower_case.cc +++ b/src/actions/transformations/lower_case.cc @@ -18,7 +18,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "actions/action.h" @@ -32,7 +32,7 @@ LowerCase::LowerCase(std::string a) } std::string LowerCase::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { std::locale loc; if (LowerCaseInstantCache::getInstance().count(value) > 0) { diff --git a/src/actions/transformations/lower_case.h b/src/actions/transformations/lower_case.h index 7d7eee99..932c99fa 100644 --- a/src/actions/transformations/lower_case.h +++ b/src/actions/transformations/lower_case.h @@ -25,7 +25,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -52,7 +52,7 @@ class LowerCase : public Transformation { public: explicit LowerCase(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/md5.cc b/src/actions/transformations/md5.cc index 21037079..5dd40460 100644 --- a/src/actions/transformations/md5.cc +++ b/src/actions/transformations/md5.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ Md5::Md5(std::string action) } std::string Md5::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation Md5 */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation Md5 is not implemented yet."); + transaction->debug(4, "Transformation Md5 is not implemented yet."); #endif } return value; diff --git a/src/actions/transformations/md5.h b/src/actions/transformations/md5.h index 324cfa8f..f08ca394 100644 --- a/src/actions/transformations/md5.h +++ b/src/actions/transformations/md5.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -33,7 +33,7 @@ class Md5 : public Transformation { explicit Md5(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/none.cc b/src/actions/transformations/none.cc index 54216aab..2e397493 100644 --- a/src/actions/transformations/none.cc +++ b/src/actions/transformations/none.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -32,7 +32,7 @@ namespace transformations { std::string None::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { return value; } diff --git a/src/actions/transformations/none.h b/src/actions/transformations/none.h index 66664037..36141fa9 100644 --- a/src/actions/transformations/none.h +++ b/src/actions/transformations/none.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -35,7 +35,7 @@ class None : public Transformation { { m_isNone = true; } std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/normalise_path.cc b/src/actions/transformations/normalise_path.cc index 48668042..42f8993c 100644 --- a/src/actions/transformations/normalise_path.cc +++ b/src/actions/transformations/normalise_path.cc @@ -24,7 +24,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -39,7 +39,7 @@ NormalisePath::NormalisePath(std::string action) } std::string NormalisePath::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { int changed = 0; char *tmp = reinterpret_cast( diff --git a/src/actions/transformations/normalise_path.h b/src/actions/transformations/normalise_path.h index d4af77f6..9d08e642 100644 --- a/src/actions/transformations/normalise_path.h +++ b/src/actions/transformations/normalise_path.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class NormalisePath : public Transformation { public: explicit NormalisePath(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/normalise_path_win.cc b/src/actions/transformations/normalise_path_win.cc index 85764cf2..ae78a519 100644 --- a/src/actions/transformations/normalise_path_win.cc +++ b/src/actions/transformations/normalise_path_win.cc @@ -24,7 +24,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -35,7 +35,7 @@ namespace transformations { std::string NormalisePathWin::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { int changed; char *tmp = reinterpret_cast( diff --git a/src/actions/transformations/normalise_path_win.h b/src/actions/transformations/normalise_path_win.h index 381c2149..425df7db 100644 --- a/src/actions/transformations/normalise_path_win.h +++ b/src/actions/transformations/normalise_path_win.h @@ -23,7 +23,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -34,7 +34,7 @@ class NormalisePathWin : public Transformation { : Transformation(action) { } std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/parity_even_7bit.cc b/src/actions/transformations/parity_even_7bit.cc index da4577fc..a004842e 100644 --- a/src/actions/transformations/parity_even_7bit.cc +++ b/src/actions/transformations/parity_even_7bit.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ ParityEven7bit::ParityEven7bit(std::string action) } std::string ParityEven7bit::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation ParityEven7bit */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation ParityEven7bit is not" \ + transaction->debug(4, "Transformation ParityEven7bit is not" \ " implemented yet."); #endif } diff --git a/src/actions/transformations/parity_even_7bit.h b/src/actions/transformations/parity_even_7bit.h index 1fcb4254..a80b8680 100644 --- a/src/actions/transformations/parity_even_7bit.h +++ b/src/actions/transformations/parity_even_7bit.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class ParityEven7bit : public Transformation { public: explicit ParityEven7bit(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/parity_odd_7bit.cc b/src/actions/transformations/parity_odd_7bit.cc index 71756f86..df198eca 100644 --- a/src/actions/transformations/parity_odd_7bit.cc +++ b/src/actions/transformations/parity_odd_7bit.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ ParityOdd7bit::ParityOdd7bit(std::string action) } std::string ParityOdd7bit::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation ParityOdd7bit */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation ParityOdd7bit is not " \ + transaction->debug(4, "Transformation ParityOdd7bit is not " \ "implemented yet."); #endif } diff --git a/src/actions/transformations/parity_odd_7bit.h b/src/actions/transformations/parity_odd_7bit.h index cd6bd2da..1ade4e6d 100644 --- a/src/actions/transformations/parity_odd_7bit.h +++ b/src/actions/transformations/parity_odd_7bit.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class ParityOdd7bit : public Transformation { public: explicit ParityOdd7bit(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/parity_zero_7bit.cc b/src/actions/transformations/parity_zero_7bit.cc index 0e5f8a18..0dbc1ba8 100644 --- a/src/actions/transformations/parity_zero_7bit.cc +++ b/src/actions/transformations/parity_zero_7bit.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ ParityZero7bit::ParityZero7bit(std::string action) } std::string ParityZero7bit::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation ParityZero7bit */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation ParityZero7bit is not" \ + transaction->debug(4, "Transformation ParityZero7bit is not" \ "implemented yet."); #endif } diff --git a/src/actions/transformations/parity_zero_7bit.h b/src/actions/transformations/parity_zero_7bit.h index 503ab364..7a769555 100644 --- a/src/actions/transformations/parity_zero_7bit.h +++ b/src/actions/transformations/parity_zero_7bit.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class ParityZero7bit : public Transformation { public: explicit ParityZero7bit(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/remove_comments.cc b/src/actions/transformations/remove_comments.cc index 52c2e908..f892ac2f 100644 --- a/src/actions/transformations/remove_comments.cc +++ b/src/actions/transformations/remove_comments.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ RemoveComments::RemoveComments(std::string action) } std::string RemoveComments::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation RemoveComments */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation RemoveComments is not " \ + transaction->debug(4, "Transformation RemoveComments is not " \ "implemented yet."); #endif } diff --git a/src/actions/transformations/remove_comments.h b/src/actions/transformations/remove_comments.h index 24f631f8..4a3f5acc 100644 --- a/src/actions/transformations/remove_comments.h +++ b/src/actions/transformations/remove_comments.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class RemoveComments : public Transformation { public: explicit RemoveComments(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/remove_comments_char.cc b/src/actions/transformations/remove_comments_char.cc index fa0da390..c2f6c146 100644 --- a/src/actions/transformations/remove_comments_char.cc +++ b/src/actions/transformations/remove_comments_char.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ RemoveCommentsChar::RemoveCommentsChar(std::string action) } std::string RemoveCommentsChar::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation RemoveCommentsChar */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation RemoveCommentsChar " \ + transaction->debug(4, "Transformation RemoveCommentsChar " \ "is not implemented yet."); #endif } diff --git a/src/actions/transformations/remove_comments_char.h b/src/actions/transformations/remove_comments_char.h index fff440c4..b0ee297d 100644 --- a/src/actions/transformations/remove_comments_char.h +++ b/src/actions/transformations/remove_comments_char.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class RemoveCommentsChar : public Transformation { public: explicit RemoveCommentsChar(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/remove_nulls.cc b/src/actions/transformations/remove_nulls.cc index 20dcc0ba..a19f496d 100644 --- a/src/actions/transformations/remove_nulls.cc +++ b/src/actions/transformations/remove_nulls.cc @@ -24,7 +24,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -34,7 +34,7 @@ namespace transformations { std::string RemoveNulls::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { int64_t i; i = 0; diff --git a/src/actions/transformations/remove_nulls.h b/src/actions/transformations/remove_nulls.h index 98de2595..8542102d 100644 --- a/src/actions/transformations/remove_nulls.h +++ b/src/actions/transformations/remove_nulls.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -34,7 +34,7 @@ class RemoveNulls : public Transformation { : Transformation(action) { } std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/remove_whitespace.cc b/src/actions/transformations/remove_whitespace.cc index 00b4e32c..4c3f267c 100644 --- a/src/actions/transformations/remove_whitespace.cc +++ b/src/actions/transformations/remove_whitespace.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,13 @@ RemoveWhitespace::RemoveWhitespace(std::string action) } std::string RemoveWhitespace::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation RemoveWhitespace */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation RemoveWhitespace is " \ + transaction->debug(4, "Transformation RemoveWhitespace is " \ "not implemented yet."); #endif } diff --git a/src/actions/transformations/remove_whitespace.h b/src/actions/transformations/remove_whitespace.h index fd6c5183..6d720c02 100644 --- a/src/actions/transformations/remove_whitespace.h +++ b/src/actions/transformations/remove_whitespace.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class RemoveWhitespace : public Transformation { public: explicit RemoveWhitespace(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/replace_comments.cc b/src/actions/transformations/replace_comments.cc index 42dd905f..680b0e4f 100644 --- a/src/actions/transformations/replace_comments.cc +++ b/src/actions/transformations/replace_comments.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -37,7 +37,7 @@ ReplaceComments::ReplaceComments(std::string action) } std::string ReplaceComments::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { uint64_t i, j, incomment; char *input = reinterpret_cast( diff --git a/src/actions/transformations/replace_comments.h b/src/actions/transformations/replace_comments.h index a027f320..baa6ed8c 100644 --- a/src/actions/transformations/replace_comments.h +++ b/src/actions/transformations/replace_comments.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class ReplaceComments : public Transformation { public: explicit ReplaceComments(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/replace_nulls.cc b/src/actions/transformations/replace_nulls.cc index 937a0e1e..a39b2120 100644 --- a/src/actions/transformations/replace_nulls.cc +++ b/src/actions/transformations/replace_nulls.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,7 +36,7 @@ ReplaceNulls::ReplaceNulls(std::string action) } std::string ReplaceNulls::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { int64_t i; i = 0; diff --git a/src/actions/transformations/replace_nulls.h b/src/actions/transformations/replace_nulls.h index 94adc979..ac9bb6fa 100644 --- a/src/actions/transformations/replace_nulls.h +++ b/src/actions/transformations/replace_nulls.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class ReplaceNulls : public Transformation { public: explicit ReplaceNulls(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/sha1.cc b/src/actions/transformations/sha1.cc index a0fb835d..8aec0b7d 100644 --- a/src/actions/transformations/sha1.cc +++ b/src/actions/transformations/sha1.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "utils/sha1.h" #include "src/utils.h" @@ -38,7 +38,7 @@ Sha1::Sha1(std::string action) } std::string Sha1::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { Utils::SHA1 sha1; sha1.update(&value); diff --git a/src/actions/transformations/sha1.h b/src/actions/transformations/sha1.h index 5119ecb1..fcd88469 100644 --- a/src/actions/transformations/sha1.h +++ b/src/actions/transformations/sha1.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class Sha1 : public Transformation { public: explicit Sha1(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/sql_hex_decode.cc b/src/actions/transformations/sql_hex_decode.cc index eefae0ce..ffdf1943 100644 --- a/src/actions/transformations/sql_hex_decode.cc +++ b/src/actions/transformations/sql_hex_decode.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,14 @@ SqlHexDecode::SqlHexDecode(std::string action) } std::string SqlHexDecode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation SqlHexDecode */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation SqlHexDecode is not implemented yet."); + transaction->debug(4, "Transformation SqlHexDecode " \ + "is not implemented yet."); #endif } return value; diff --git a/src/actions/transformations/sql_hex_decode.h b/src/actions/transformations/sql_hex_decode.h index a6ee2216..02240c75 100644 --- a/src/actions/transformations/sql_hex_decode.h +++ b/src/actions/transformations/sql_hex_decode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -33,7 +33,7 @@ class SqlHexDecode : public Transformation { explicit SqlHexDecode(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/transformation.cc b/src/actions/transformations/transformation.cc index 4a83e49b..c7449a9c 100644 --- a/src/actions/transformations/transformation.cc +++ b/src/actions/transformations/transformation.cc @@ -20,7 +20,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/action.h" #include "actions/transformations/base64_decode_ext.h" #include "actions/transformations/base64_decode.h" @@ -67,7 +67,7 @@ namespace transformations { std::string Transformation::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { return value; } diff --git a/src/actions/transformations/transformation.h b/src/actions/transformations/transformation.h index 66b4e256..37042c85 100644 --- a/src/actions/transformations/transformation.h +++ b/src/actions/transformations/transformation.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -39,7 +39,7 @@ class Transformation : public Action { static Transformation* instantiate(std::string); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/trim.cc b/src/actions/transformations/trim.cc index e8e758fd..817b5edd 100644 --- a/src/actions/transformations/trim.cc +++ b/src/actions/transformations/trim.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "actions/action.h" @@ -58,7 +58,7 @@ Trim::Trim(std::string action) std::string Trim::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { return *this->trim(&value); } diff --git a/src/actions/transformations/trim.h b/src/actions/transformations/trim.h index 100e0589..fb21981b 100644 --- a/src/actions/transformations/trim.h +++ b/src/actions/transformations/trim.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class Trim : public Transformation { public: explicit Trim(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; std::string *ltrim(std::string *s); std::string *rtrim(std::string *s); diff --git a/src/actions/transformations/trim_left.cc b/src/actions/transformations/trim_left.cc index dd3ab917..4922807d 100644 --- a/src/actions/transformations/trim_left.cc +++ b/src/actions/transformations/trim_left.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "actions/transformations/trim.h" #include "actions/action.h" @@ -39,7 +39,7 @@ TrimLeft::TrimLeft(std::string action) } std::string TrimLeft::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { return *ltrim(&value); } diff --git a/src/actions/transformations/trim_left.h b/src/actions/transformations/trim_left.h index e74c3591..973a7b64 100644 --- a/src/actions/transformations/trim_left.h +++ b/src/actions/transformations/trim_left.h @@ -24,7 +24,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -33,7 +33,7 @@ class TrimLeft : public Trim { public: explicit TrimLeft(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/trim_right.cc b/src/actions/transformations/trim_right.cc index e734b2c7..0a865455 100644 --- a/src/actions/transformations/trim_right.cc +++ b/src/actions/transformations/trim_right.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "actions/action.h" @@ -37,7 +37,7 @@ TrimRight::TrimRight(std::string action) } std::string TrimRight::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { return *this->rtrim(&value); } diff --git a/src/actions/transformations/trim_right.h b/src/actions/transformations/trim_right.h index 6a7e1e55..ac8ec649 100644 --- a/src/actions/transformations/trim_right.h +++ b/src/actions/transformations/trim_right.h @@ -24,7 +24,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -33,7 +33,7 @@ class TrimRight : public Trim { public: explicit TrimRight(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/url_decode.cc b/src/actions/transformations/url_decode.cc index d8f1fcdc..8efece4a 100644 --- a/src/actions/transformations/url_decode.cc +++ b/src/actions/transformations/url_decode.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -95,7 +95,7 @@ UrlDecode::UrlDecode(std::string action) } std::string UrlDecode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { unsigned char *val = NULL; int invalid_count; int changed; diff --git a/src/actions/transformations/url_decode.h b/src/actions/transformations/url_decode.h index 9be07bb8..5e72b79e 100644 --- a/src/actions/transformations/url_decode.h +++ b/src/actions/transformations/url_decode.h @@ -24,7 +24,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -52,7 +52,7 @@ class UrlDecode : public Transformation { public: explicit UrlDecode(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; int urldecode_nonstrict_inplace(unsigned char *input, uint64_t input_len, int *invalid_count, int *changed); diff --git a/src/actions/transformations/url_decode_uni.cc b/src/actions/transformations/url_decode_uni.cc index 9f7d3b69..63a83fbe 100644 --- a/src/actions/transformations/url_decode_uni.cc +++ b/src/actions/transformations/url_decode_uni.cc @@ -24,7 +24,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -35,10 +35,10 @@ namespace transformations { std::string UrlDecodeUni::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { int changed = 0; char *tmp = strdup(value.c_str()); - urldecode_uni_nonstrict_inplace_ex(assay, (unsigned char *)tmp, + urldecode_uni_nonstrict_inplace_ex(transaction, (unsigned char *)tmp, value.size(), &changed); std::string ret(""); ret.assign(tmp); diff --git a/src/actions/transformations/url_decode_uni.h b/src/actions/transformations/url_decode_uni.h index 8eca54e7..b8155d0c 100644 --- a/src/actions/transformations/url_decode_uni.h +++ b/src/actions/transformations/url_decode_uni.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -34,7 +34,7 @@ class UrlDecodeUni : public Transformation { : Transformation(action) { } std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/actions/transformations/url_encode.cc b/src/actions/transformations/url_encode.cc index b6f25e01..362204bc 100644 --- a/src/actions/transformations/url_encode.cc +++ b/src/actions/transformations/url_encode.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "src/utils.h" @@ -88,7 +88,7 @@ std::string UrlEncode::url_enc(const char *input, std::string UrlEncode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { int changed; std::string ret = url_enc(value.c_str(), value.size(), &changed); diff --git a/src/actions/transformations/url_encode.h b/src/actions/transformations/url_encode.h index 538fc42a..5d3e82b8 100644 --- a/src/actions/transformations/url_encode.h +++ b/src/actions/transformations/url_encode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class UrlEncode : public Transformation { public: explicit UrlEncode(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; std::string url_enc(const char *input, unsigned int input_len, int *changed); diff --git a/src/actions/transformations/utf8_to_unicode.cc b/src/actions/transformations/utf8_to_unicode.cc index ac4b0d94..669078bf 100644 --- a/src/actions/transformations/utf8_to_unicode.cc +++ b/src/actions/transformations/utf8_to_unicode.cc @@ -22,7 +22,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" @@ -36,13 +36,14 @@ Utf8Unicode::Utf8Unicode(std::string action) } std::string Utf8Unicode::evaluate(std::string value, - Assay *assay) { + Transaction *transaction) { /** * @todo Implement the transformation Utf8Unicode */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "Transformation Utf8Unicode is not implemented yet."); + transaction->debug(4, "Transformation Utf8Unicode is " \ + "not implemented yet."); #endif } return value; diff --git a/src/actions/transformations/utf8_to_unicode.h b/src/actions/transformations/utf8_to_unicode.h index e928faf6..c49bcb5b 100644 --- a/src/actions/transformations/utf8_to_unicode.h +++ b/src/actions/transformations/utf8_to_unicode.h @@ -23,7 +23,7 @@ #ifdef __cplusplus namespace modsecurity { -class Assay; +class Transaction; namespace actions { namespace transformations { @@ -32,7 +32,7 @@ class Utf8Unicode : public Transformation { public: explicit Utf8Unicode(std::string action); std::string evaluate(std::string exp, - Assay *assay) override; + Transaction *transaction) override; }; } // namespace transformations diff --git a/src/assay.cc b/src/assay.cc index 1bcee838..59323588 100644 --- a/src/assay.cc +++ b/src/assay.cc @@ -13,7 +13,7 @@ * */ -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifdef WITH_YAJL #include @@ -46,13 +46,13 @@ using modsecurity::RequestBodyProcessor::Multipart; namespace modsecurity { /** - * @name Assay + * @name Transaction * @brief Represents the inspection on an entire request. * - * An instance of the Assay class represents an entire request, on its + * An instance of the Transaction class represents an entire request, on its * different phases. * - * @note Remember to cleanup the assay when the transaction is complete. + * @note Remember to cleanup the transaction when the transaction is complete. * * @param ms ModSecurity core pointer. * @param rules Rules pointer. @@ -62,7 +62,7 @@ namespace modsecurity { * * using ModSecurity::ModSecurity; * using ModSecurity::Rules; - * using ModSecurity::Assay; + * using ModSecurity::Transaction; * * ModSecurity *modsec; * ModSecurity::Rules *rules; @@ -71,19 +71,19 @@ namespace modsecurity { * rules = new Rules(); * rules->loadFromUri(rules_file); * - * Assay *modsecAssay = new Assay(modsec, rules); - * modsecAssay->processConnection("127.0.0.1", 33333, "127.0.0.1", 8080); + * Transaction *modsecTransaction = new Transaction(modsec, rules); + * modsecTransaction->processConnection("127.0.0.1", 33333, "127.0.0.1", 8080); * - * if (modsecAssay->intervention()) { + * if (modsecTransaction->intervention()) { * std::cout << "There is an intervention" << std::endl; * } * - * ... + * ... * * @endcode * */ -Assay::Assay(ModSecurity *ms, Rules *rules, void *logCbData) +Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData) : m_clientIpAddress(""), m_serverIpAddress(""), m_clientPort(0), @@ -111,7 +111,7 @@ Assay::Assay(ModSecurity *ms, Rules *rules, void *logCbData) m_logCbData(logCbData), m_ms(ms) { id = std::to_string(this->timeStamp) + \ - std::to_string(generate_assay_unique_id()); + std::to_string(generate_transaction_unique_id()); m_rules->incrementReferenceCount(); m_collections.store("ARGS_COMBINED_SIZE", std::string("0")); @@ -139,7 +139,7 @@ Assay::Assay(ModSecurity *ms, Rules *rules, void *logCbData) } -Assay::~Assay() { +Transaction::~Transaction() { m_responseBody.str(std::string()); m_responseBody.clear(); @@ -166,7 +166,7 @@ Assay::~Assay() { * */ #ifndef NO_LOGS -void Assay::debug(int level, std::string message) { +void Transaction::debug(int level, std::string message) { if (m_rules == NULL) { return; } @@ -185,7 +185,7 @@ void Assay::debug(int level, std::string message) { * * @note Remember to check for a possible intervention. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity Transaction. * @param client Client's IP address in text format. * @param cPort Client's port * @param server Server's IP address in text format. @@ -196,8 +196,8 @@ void Assay::debug(int level, std::string message) { * @retval false Operation failed. * */ -int Assay::processConnection(const char *client, int cPort, const char *server, - int sPort) { +int Transaction::processConnection(const char *client, int cPort, + const char *server, int sPort) { this->m_clientIpAddress = client; this->m_serverIpAddress = server; this->m_clientPort = cPort; @@ -233,7 +233,7 @@ int Assay::processConnection(const char *client, int cPort, const char *server, * SecLanguage phase 1 and 2. * @note Remember to check for a possible intervention. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param uri Uri. * @param protocol Protocol (GET, POST, PUT). * @param http_version Http version (1.0, 1.2, 2.0). @@ -243,7 +243,7 @@ int Assay::processConnection(const char *client, int cPort, const char *server, * @retval false Operation failed. * */ -int Assay::processURI(const char *uri, const char *protocol, +int Transaction::processURI(const char *uri, const char *protocol, const char *http_version) { #ifndef NO_LOGS @@ -291,19 +291,19 @@ int Assay::processURI(const char *uri, const char *protocol, if (!m_uri_decoded.empty() && m_uri_decoded.at(0) != '/') { bool fullDomain = true; size_t scheme = m_uri_decoded.find(":")+1; - if (scheme==std::string::npos) { + if (scheme == std::string::npos) { fullDomain = false; } // Searching with a pos of -1 is undefined we also shortcut - if (scheme != std::string::npos and fullDomain == true) { + if (scheme != std::string::npos && fullDomain == true) { // Assuming we found a colon make sure its followed - size_t netloc = m_uri_decoded.find("//",scheme)+2; - if (netloc==std::string::npos or (netloc != scheme+2)) { + size_t netloc = m_uri_decoded.find("//", scheme) + 2; + if (netloc == std::string::npos || (netloc != scheme + 2)) { fullDomain = false; } - if (netloc != std::string::npos and fullDomain == true) { - size_t path = m_uri_decoded.find("/",netloc); - if (path != std::string::npos and fullDomain == true) { + if (netloc != std::string::npos && fullDomain == true) { + size_t path = m_uri_decoded.find("/", netloc); + if (path != std::string::npos && fullDomain == true) { parsedURI = m_uri_decoded.substr(path); } } @@ -392,7 +392,7 @@ int Assay::processURI(const char *uri, const char *protocol, * @retval false Operation failed. * */ -int Assay::processRequestHeaders() { +int Transaction::processRequestHeaders() { #ifndef NO_LOGS debug(4, "Starting phase REQUEST_HEADERS. (SecRules 1)"); #endif @@ -427,7 +427,7 @@ int Assay::processRequestHeaders() { * @retval false Operation failed. * */ -int Assay::addRequestHeader(const std::string& key, +int Transaction::addRequestHeader(const std::string& key, const std::string& value) { m_requestHeadersNames->assign(*m_requestHeadersNames + " " + key); @@ -495,7 +495,7 @@ int Assay::addRequestHeader(const std::string& key, * @retval false Operation failed. * */ -int Assay::addRequestHeader(const unsigned char *key, +int Transaction::addRequestHeader(const unsigned char *key, const unsigned char *value) { return this->addRequestHeader(key, strlen(reinterpret_cast(key)), @@ -511,7 +511,7 @@ int Assay::addRequestHeader(const unsigned char *key, * Do not expect a NULL terminated string, instead it expect the string and the * string size, for the value and key. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param key header name. * @param key_n header name size. * @param value header value. @@ -522,7 +522,7 @@ int Assay::addRequestHeader(const unsigned char *key, * @retval 0 Operation failed. * */ -int Assay::addRequestHeader(const unsigned char *key, size_t key_n, +int Transaction::addRequestHeader(const unsigned char *key, size_t key_n, const unsigned char *value, size_t value_n) { std::string keys; std::string values; @@ -551,7 +551,7 @@ int Assay::addRequestHeader(const unsigned char *key, size_t key_n, * @retval false Operation failed. * */ -int Assay::processRequestBody() { +int Transaction::processRequestBody() { #ifndef NO_LOGS debug(4, "Starting phase REQUEST_BODY. (SecRules 2)"); #endif @@ -763,7 +763,7 @@ int Assay::processRequestBody() { * @retval false Operation failed. * */ -int Assay::requestBodyFromFile(const char *path) { +int Transaction::requestBodyFromFile(const char *path) { std::ifstream request_body(path); std::string str; @@ -791,7 +791,7 @@ int Assay::requestBodyFromFile(const char *path) { return appendRequestBody(reinterpret_cast(buf), len); } -int Assay::appendRequestBody(const unsigned char *buf, size_t len) { +int Transaction::appendRequestBody(const unsigned char *buf, size_t len) { int current_size = this->m_requestBody.tellp(); #ifndef NO_LOGS @@ -849,7 +849,7 @@ int Assay::appendRequestBody(const unsigned char *buf, size_t len) { * @retval false Operation failed. * */ -int Assay::processResponseHeaders() { +int Transaction::processResponseHeaders() { #ifndef NO_LOGS debug(4, "Starting phase RESPONSE_HEADERS. (SecRules 3)"); #endif @@ -884,7 +884,7 @@ int Assay::processResponseHeaders() { * @retval false Operation failed. * */ -int Assay::addResponseHeader(const std::string& key, +int Transaction::addResponseHeader(const std::string& key, const std::string& value) { m_responseHeadersNames->assign(*m_responseHeadersNames + " " + key); @@ -915,7 +915,7 @@ int Assay::addResponseHeader(const std::string& key, * @retval false Operation failed. * */ -int Assay::addResponseHeader(const unsigned char *key, +int Transaction::addResponseHeader(const unsigned char *key, const unsigned char *value) { return this->addResponseHeader(key, strlen(reinterpret_cast(key)), @@ -941,7 +941,7 @@ int Assay::addResponseHeader(const unsigned char *key, * @retval false Operation failed. * */ -int Assay::addResponseHeader(const unsigned char *key, size_t key_n, +int Transaction::addResponseHeader(const unsigned char *key, size_t key_n, const unsigned char *value, size_t value_n) { std::string keys; std::string values; @@ -970,7 +970,7 @@ int Assay::addResponseHeader(const unsigned char *key, size_t key_n, * @retval false Operation failed. * */ -int Assay::processResponseBody() { +int Transaction::processResponseBody() { #ifndef NO_LOGS debug(4, "Starting phase RESPONSE_BODY. (SecRules 4)"); #endif @@ -1028,7 +1028,7 @@ int Assay::processResponseBody() { * @retval false Operation failed, process partial demanded. * */ -int Assay::appendResponseBody(const unsigned char *buf, size_t len) { +int Transaction::appendResponseBody(const unsigned char *buf, size_t len) { int current_size = this->m_responseBody.tellp(); std::set &bi = this->m_rules->m_responseBodyTypeToBeInspected; @@ -1097,7 +1097,7 @@ int Assay::appendResponseBody(const unsigned char *buf, size_t len) { * @retval NULL Nothing was updated. * */ -const char *Assay::getResponseBody() { +const char *Transaction::getResponseBody() { // int there_is_update = this->rules->loadResponseBodyFromJS(this); return this->m_responseBody.str().c_str(); } @@ -1117,7 +1117,7 @@ const char *Assay::getResponseBody() { * @retval >0 the size of the updated buffer. * */ -int Assay::getResponseBodyLenth() { +int Transaction::getResponseBodyLenth() { int size = 0; #if 0 int there_is_update = this->rules->loadResponseBodyFromJS(this); @@ -1134,7 +1134,7 @@ int Assay::getResponseBodyLenth() { /** * @name processLogging - * @brief Logging all information relative to this assay. + * @brief Logging all information relative to this transaction. * * At this point there is not need to hold the connection, the response can be * delivered prior to the execution of this method. @@ -1144,7 +1144,7 @@ int Assay::getResponseBodyLenth() { * @retval false Operation failed. * */ -int Assay::processLogging(int returned_code) { +int Transaction::processLogging(int returned_code) { #ifndef NO_LOGS debug(4, "Starting phase LOGGING. (SecRules 5)"); #endif @@ -1159,7 +1159,7 @@ int Assay::processLogging(int returned_code) { this->httpCodeReturned = returned_code; this->m_rules->evaluate(ModSecurity::LoggingPhase, this); - /* If relevant, save this assay information at the audit_logs */ + /* If relevant, save this transaction information at the audit_logs */ if (m_rules != NULL && m_rules->audit_log != NULL) { int parts = -1; #ifndef NO_LOGS @@ -1206,7 +1206,7 @@ int Assay::processLogging(int returned_code) { /** * @name cleanup - * @brief Removes all the resources allocated by a given Assay. + * @brief Removes all the resources allocated by a given Transaction. * * It is mandatory to call this function after every request being finished, * otherwise it may end up in a huge memory leak. @@ -1216,7 +1216,7 @@ int Assay::processLogging(int returned_code) { * @retval false Operation failed. * */ -void Assay::cleanup() { +void Transaction::cleanup() { delete this; } @@ -1232,7 +1232,7 @@ void Assay::cleanup() { * @retval false Nothing to be done. * */ -bool Assay::intervention(ModSecurityIntervention *it) { +bool Transaction::intervention(ModSecurityIntervention *it) { it->status = 200; it->url = NULL; it->disruptive = false; @@ -1251,7 +1251,7 @@ bool Assay::intervention(ModSecurityIntervention *it) { } -std::string Assay::toOldAuditLogFormatIndex(const std::string &filename, +std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename, double size, const std::string &md5) { std::stringstream ss; struct tm timeinfo; @@ -1300,7 +1300,8 @@ std::string Assay::toOldAuditLogFormatIndex(const std::string &filename, } -std::string Assay::toOldAuditLogFormat(int parts, const std::string &trailer) { +std::string Transaction::toOldAuditLogFormat(int parts, + const std::string &trailer) { std::stringstream audit_log; struct tm timeinfo; char tstr[300]; @@ -1389,7 +1390,7 @@ std::string Assay::toOldAuditLogFormat(int parts, const std::string &trailer) { } -std::string Assay::to_json(int parts) { +std::string Transaction::to_json(int parts) { #ifdef WITH_YAJL const unsigned char *buf; size_t len; @@ -1543,33 +1544,33 @@ std::string Assay::to_json(int parts) { } -void Assay::serverLog(const std::string& msg) { +void Transaction::serverLog(const std::string& msg) { m_ms->serverLog(m_logCbData, msg); } /** - * @name msc_new_assay - * @brief Create a new assay for a given configuration and ModSecurity core. + * @name msc_new_transaction + * @brief Create a new transaction for a given configuration and ModSecurity core. * - * The assay is the unit that will be used the inspect every request. It holds + * The transaction is the unit that will be used the inspect every request. It holds * all the information for a given request. * - * @note Remember to cleanup the assay when the transaction is complete. + * @note Remember to cleanup the transaction when the transaction is complete. * * @param ms ModSecurity core pointer. * @param rules Rules pointer. * - * @return Pointer to Assay structure - * @retval >0 Assay structure was initialized correctly - * @retval NULL Assay cannot be initialized, either by problems with the rules, + * @return Pointer to Transaction structure + * @retval >0 Transaction structure was initialized correctly + * @retval NULL Transaction cannot be initialized, either by problems with the rules, * problems with the ModSecurity core or missing memory to - * allocate the resources needed by the assay. + * allocate the resources needed by the transaction. * */ -extern "C" Assay *msc_new_assay(ModSecurity *ms, +extern "C" Transaction *msc_new_transaction(ModSecurity *ms, Rules *rules, void *logCbData) { - return new Assay(ms, rules, logCbData); + return new Transaction(ms, rules, logCbData); } @@ -1583,7 +1584,7 @@ extern "C" Assay *msc_new_assay(ModSecurity *ms, * * @note Remember to check for a possible intervention. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param client Client's IP address in text format. * @param cPort Client's port * @param server Server's IP address in text format. @@ -1594,9 +1595,9 @@ extern "C" Assay *msc_new_assay(ModSecurity *ms, * @retval 0 Operation failed. * */ -extern "C" int msc_process_connection(Assay *assay, const char *client, - int cPort, const char *server, int sPort) { - return assay->processConnection(client, cPort, server, sPort); +extern "C" int msc_process_connection(Transaction *transaction, + const char *client, int cPort, const char *server, int sPort) { + return transaction->processConnection(client, cPort, server, sPort); } @@ -1613,7 +1614,7 @@ extern "C" int msc_process_connection(Assay *assay, const char *client, * SecLanguage phase 1 and 2. * @note Remember to check for a possible intervention. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param uri Uri. * @param protocol Protocol (GET, POST, PUT). * @param http_version Http version (1.0, 1.2, 2.0). @@ -1623,9 +1624,9 @@ extern "C" int msc_process_connection(Assay *assay, const char *client, * @retval 0 Operation failed. * */ -extern "C" int msc_process_uri(Assay *assay, const char *uri, +extern "C" int msc_process_uri(Transaction *transaction, const char *uri, const char *protocol, const char *http_version) { - return assay->processURI(uri, protocol, http_version); + return transaction->processURI(uri, protocol, http_version); } @@ -1638,15 +1639,15 @@ extern "C" int msc_process_uri(Assay *assay, const char *uri, * * @note Remember to check for a possible intervention. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @returns If the operation was successful or not. * @retval 1 Operation was successful. * @retval 0 Operation failed. * */ -extern "C" int msc_process_request_headers(Assay *assay) { - return assay->processRequestHeaders(); +extern "C" int msc_process_request_headers(Transaction *transaction) { + return transaction->processRequestHeaders(); } @@ -1662,15 +1663,15 @@ extern "C" int msc_process_request_headers(Assay *assay) { * of this function. * @note Remember to check for a possible intervention. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @returns If the operation was successful or not. * @retval 1 Operation was successful. * @retval 0 Operation failed. * */ -extern "C" int msc_process_request_body(Assay *assay) { - return assay->processRequestBody(); +extern "C" int msc_process_request_body(Transaction *transaction) { + return transaction->processRequestBody(); } @@ -1693,22 +1694,22 @@ extern "C" int msc_process_request_body(Assay *assay) { * inspection size which may be reached, and the decision on what to do * in this case is upon the rules. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @returns If the operation was successful or not. * @retval 1 Operation was successful. * @retval 0 Operation failed. * */ -extern "C" int msc_append_request_body(Assay *assay, +extern "C" int msc_append_request_body(Transaction *transaction, const unsigned char *buf, size_t len) { - return assay->appendRequestBody(buf, len); + return transaction->appendRequestBody(buf, len); } -extern "C" int msc_request_body_from_file(Assay *assay, +extern "C" int msc_request_body_from_file(Transaction *transaction, const char *path) { - return assay->requestBodyFromFile(path); + return transaction->requestBodyFromFile(path); } @@ -1721,15 +1722,15 @@ extern "C" int msc_request_body_from_file(Assay *assay, * * @note Remember to check for a possible intervention. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @returns If the operation was successful or not. * @retval 1 Operation was successful. * @retval 0 Operation failed. * */ -extern "C" int msc_process_response_headers(Assay *assay) { - return assay->processResponseHeaders(); +extern "C" int msc_process_response_headers(Transaction *transaction) { + return transaction->processResponseHeaders(); } @@ -1745,15 +1746,15 @@ extern "C" int msc_process_response_headers(Assay *assay) { * of this function. * @note Remember to check for a possible intervention. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @returns If the operation was successful or not. * @retval 1 Operation was successful. * @retval 0 Operation failed. * */ -extern "C" int msc_process_response_body(Assay *assay) { - return assay->processResponseBody(); +extern "C" int msc_process_response_body(Transaction *transaction) { + return transaction->processResponseBody(); } @@ -1770,16 +1771,16 @@ extern "C" int msc_process_response_body(Assay *assay) { * length header filled, at least not with the old values. Otherwise * unexpected behavior may happens. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @returns If the operation was successful or not. * @retval 1 Operation was successful. * @retval 0 Operation failed. * */ -extern "C" int msc_append_response_body(Assay *assay, +extern "C" int msc_append_response_body(Transaction *transaction, const unsigned char *buf, size_t len) { - return assay->appendResponseBody(buf, len); + return transaction->appendResponseBody(buf, len); } @@ -1792,7 +1793,7 @@ extern "C" int msc_append_response_body(Assay *assay, * @note This function expects a NULL terminated string, for both: key and * value. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param key header name. * @param value header value. * @@ -1801,9 +1802,10 @@ extern "C" int msc_append_response_body(Assay *assay, * @retval 0 Operation failed. * */ -extern "C" int msc_add_request_header(Assay *assay, const unsigned char *key, +extern "C" int msc_add_request_header(Transaction *transaction, + const unsigned char *key, const unsigned char *value) { - return assay->addRequestHeader(key, value); + return transaction->addRequestHeader(key, value); } @@ -1814,7 +1816,7 @@ extern "C" int msc_add_request_header(Assay *assay, const unsigned char *key, * Same as msc_add_request_header, do not expect a NULL terminated string, * instead it expect the string and the string size, for the value and key. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param key header name. * @param key_len header name size. * @param value header value. @@ -1825,9 +1827,10 @@ extern "C" int msc_add_request_header(Assay *assay, const unsigned char *key, * @retval 0 Operation failed. * */ -extern "C" int msc_add_n_request_header(Assay *assay, const unsigned char *key, +extern "C" int msc_add_n_request_header(Transaction *transaction, + const unsigned char *key, size_t key_len, const unsigned char *value, size_t value_len) { - return assay->addRequestHeader(key, key_len, value, value_len); + return transaction->addRequestHeader(key, key_len, value, value_len); } @@ -1841,7 +1844,7 @@ extern "C" int msc_add_n_request_header(Assay *assay, const unsigned char *key, * @note This function expects a NULL terminated string, for both: key and * value. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param key header name. * @param value header value. * @@ -1850,9 +1853,10 @@ extern "C" int msc_add_n_request_header(Assay *assay, const unsigned char *key, * @retval 0 Operation failed. * */ -extern "C" int msc_add_response_header(Assay *assay, const unsigned char *key, +extern "C" int msc_add_response_header(Transaction *transaction, + const unsigned char *key, const unsigned char *value) { - return assay->addResponseHeader(key, value); + return transaction->addResponseHeader(key, value); } @@ -1863,7 +1867,7 @@ extern "C" int msc_add_response_header(Assay *assay, const unsigned char *key, * Same as msc_add_response_header, do not expect a NULL terminated string, * instead it expect the string and the string size, for the value and key. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param key header name. * @param key_len header name size. * @param value header value. @@ -1874,29 +1878,29 @@ extern "C" int msc_add_response_header(Assay *assay, const unsigned char *key, * @retval 0 Operation failed. * */ -extern "C" int msc_add_n_response_header(Assay *assay, +extern "C" int msc_add_n_response_header(Transaction *transaction, const unsigned char *key, size_t key_len, const unsigned char *value, size_t value_len) { - return assay->addResponseHeader(key, key_len, value, value_len); + return transaction->addResponseHeader(key, key_len, value, value_len); } /** - * @name msc_assay_cleanup - * @brief Removes all the resources allocated by a given Assay. + * @name msc_transaction_cleanup + * @brief Removes all the resources allocated by a given Transaction. * * It is mandatory to call this function after every request being finished, * otherwise it may end up in a huge memory leak. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @returns If the operation was successful or not. * @retval 1 Operation was successful. * @retval 0 Operation failed. * */ -extern "C" void msc_assay_cleanup(Assay *assay) { - assay->cleanup(); +extern "C" void msc_transaction_cleanup(Transaction *transaction) { + transaction->cleanup(); } @@ -1906,15 +1910,16 @@ extern "C" void msc_assay_cleanup(Assay *assay) { * * Intervention can generate a log event and/or perform a disruptive action. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @return Pointer to ModSecurityIntervention structure * @retval >0 A intervention should be made. * @retval NULL Nothing to be done. * */ -extern "C" int msc_intervention(Assay *assay, ModSecurityIntervention *it) { - return assay->intervention(it); +extern "C" int msc_intervention(Transaction *transaction, + ModSecurityIntervention *it) { + return transaction->intervention(it); } @@ -1926,15 +1931,15 @@ extern "C" int msc_intervention(Assay *assay, ModSecurityIntervention *it) { * contents of the response body, otherwise there is no need to call this * function. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @return It returns a buffer (const char *) * @retval >0 body was update and available. * @retval NULL Nothing was updated. * */ -extern "C" const char *msc_get_response_body(Assay *assay) { - return assay->getResponseBody(); +extern "C" const char *msc_get_response_body(Transaction *transaction) { + return transaction->getResponseBody(); } @@ -1946,25 +1951,25 @@ extern "C" const char *msc_get_response_body(Assay *assay) { * however, that most likely there isn't an update. Thus, this function will * return 0. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * * @return Size of the update response body. * @retval ==0 there is no update. * @retval >0 the size of the updated buffer. * */ -extern "C" int msc_get_response_body_length(Assay *assay) { - return assay->getResponseBodyLenth(); +extern "C" int msc_get_response_body_length(Transaction *transaction) { + return transaction->getResponseBodyLenth(); } /** * @name msc_process_logging - * @brief Logging all information relative to this assay. + * @brief Logging all information relative to this transaction. * * At this point there is not need to hold the connection, the response can be * delivered prior to the execution of this function. * - * @param assay ModSecurity assay. + * @param transaction ModSecurity transaction. * @param code HTTP code returned to the user. * * @returns If the operation was successful or not. @@ -1972,8 +1977,8 @@ extern "C" int msc_get_response_body_length(Assay *assay) { * @retval 0 Operation failed. * */ -extern "C" int msc_process_logging(Assay *assay, int code) { - return assay->processLogging(code); +extern "C" int msc_process_logging(Transaction *transaction, int code) { + return transaction->processLogging(code); } } // namespace modsecurity diff --git a/src/audit_log.cc b/src/audit_log.cc index 7dec81ff..152d6abd 100644 --- a/src/audit_log.cc +++ b/src/audit_log.cc @@ -219,14 +219,14 @@ bool AuditLog::isRelevant(int status) { } -bool AuditLog::saveIfRelevant(Assay *assay) { - return saveIfRelevant(assay, -1); +bool AuditLog::saveIfRelevant(Transaction *transaction) { + return saveIfRelevant(transaction, -1); } -bool AuditLog::saveIfRelevant(Assay *assay, int parts) { - if (this->isRelevant(assay->httpCodeReturned) == false && - assay->save_in_auditlog == false) { +bool AuditLog::saveIfRelevant(Transaction *transaction, int parts) { + if (this->isRelevant(transaction->httpCodeReturned) == false && + transaction->save_in_auditlog == false) { return false; } @@ -235,14 +235,14 @@ bool AuditLog::saveIfRelevant(Assay *assay, int parts) { * we won't save it. * */ - if (assay->do_not_save_in_auditlog == true) { + if (transaction->do_not_save_in_auditlog == true) { return false; } if (parts == -1) { parts = m_parts; } - m_writer->write(assay, parts); + m_writer->write(transaction, parts); return true; } diff --git a/src/audit_log.h b/src/audit_log.h index 629014cc..787d6ab7 100644 --- a/src/audit_log.h +++ b/src/audit_log.h @@ -22,7 +22,7 @@ #ifndef SRC_AUDIT_LOG_H_ #define SRC_AUDIT_LOG_H_ -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/audit_log_writer.h" #ifdef __cplusplus @@ -153,8 +153,8 @@ class AuditLog { bool init(); bool close(); - bool saveIfRelevant(Assay *assay); - bool saveIfRelevant(Assay *assay, int parts); + bool saveIfRelevant(Transaction *transaction); + bool saveIfRelevant(Transaction *transaction, int parts); bool isRelevant(int status); int addParts(int parts, const std::string& new_parts); diff --git a/src/audit_log_writer.cc b/src/audit_log_writer.cc index bc7966f4..3d2e77d2 100644 --- a/src/audit_log_writer.cc +++ b/src/audit_log_writer.cc @@ -33,8 +33,8 @@ std::string AuditLogWriter::file_name(const std::string& unique_id) { * Temporary print the log into the std::cout to debug purposes. * */ -bool AuditLogWriter::write(Assay *assay, int parts) { - std::cout << assay->to_json(0) << std::endl; +bool AuditLogWriter::write(Transaction *transaction, int parts) { + std::cout << transaction->to_json(0) << std::endl; return true; } diff --git a/src/audit_log_writer.h b/src/audit_log_writer.h index 895244e2..fa07fe69 100644 --- a/src/audit_log_writer.h +++ b/src/audit_log_writer.h @@ -20,7 +20,7 @@ #include #endif -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifdef __cplusplus @@ -41,7 +41,7 @@ class AuditLogWriter { virtual void refCountDecreaseAndCheck() = 0; virtual bool init() { return true; } - virtual bool write(Assay *assay, int parts); + virtual bool write(Transaction *transaction, int parts); std::string file_name(const std::string& unique_id); diff --git a/src/audit_log_writer_parallel.cc b/src/audit_log_writer_parallel.cc index 8c9433bc..23964587 100644 --- a/src/audit_log_writer_parallel.cc +++ b/src/audit_log_writer_parallel.cc @@ -25,7 +25,7 @@ #include #include "src/audit_log.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" #include "utils/md5.h" @@ -89,26 +89,26 @@ bool AuditLogWriterParallel::init() { } -bool AuditLogWriterParallel::write(Assay *assay, int parts) { +bool AuditLogWriterParallel::write(Transaction *transaction, int parts) { FILE *fp; int fd; - std::string log = assay->to_json(parts); - std::string fileName = logFilePath(&assay->timeStamp, + std::string log = transaction->to_json(parts); + std::string fileName = logFilePath(&transaction->timeStamp, YearMonthDayDirectory | YearMonthDayAndTimeDirectory | YearMonthDayAndTimeFileName); std::string logPath = m_audit->m_storage_dir; - fileName = logPath + fileName + "-" + assay->id; + fileName = logPath + fileName + "-" + transaction->id; if (logPath.empty()) { return false; } createDir((logPath + - logFilePath(&assay->timeStamp, YearMonthDayDirectory)).c_str(), + logFilePath(&transaction->timeStamp, YearMonthDayDirectory)).c_str(), m_audit->directoryPermission); createDir((logPath + - logFilePath(&assay->timeStamp, YearMonthDayDirectory + logFilePath(&transaction->timeStamp, YearMonthDayDirectory | YearMonthDayAndTimeDirectory)).c_str(), m_audit->directoryPermission); @@ -121,15 +121,15 @@ bool AuditLogWriterParallel::write(Assay *assay, int parts) { fclose(fp); if (log1.is_open() && log2.is_open()) { - log2 << assay->toOldAuditLogFormatIndex(fileName, log.length(), + log2 << transaction->toOldAuditLogFormatIndex(fileName, log.length(), md5(log)); } if (log1.is_open() && !log2.is_open()) { - log1 << assay->toOldAuditLogFormatIndex(fileName, log.length(), + log1 << transaction->toOldAuditLogFormatIndex(fileName, log.length(), md5(log)); } if (!log1.is_open() && log2.is_open()) { - log2 << assay->toOldAuditLogFormatIndex(fileName, log.length(), + log2 << transaction->toOldAuditLogFormatIndex(fileName, log.length(), md5(log)); } diff --git a/src/audit_log_writer_parallel.h b/src/audit_log_writer_parallel.h index 1d40f95f..b3d47adc 100644 --- a/src/audit_log_writer_parallel.h +++ b/src/audit_log_writer_parallel.h @@ -19,7 +19,7 @@ #define SRC_AUDIT_LOG_WRITER_PARALLEL_H_ #include "src/audit_log_writer.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifdef __cplusplus @@ -33,7 +33,7 @@ class AuditLogWriterParallel : public AuditLogWriter { ~AuditLogWriterParallel() override; bool init() override; - bool write(Assay *assay, int parts) override; + bool write(Transaction *transaction, int parts) override; void refCountIncrease() override { m_refereceCount++; @@ -50,8 +50,9 @@ class AuditLogWriterParallel : public AuditLogWriter { /** * * Audit log file is saved into a directory structure. This directory - * structure is based on the timestamp of the assay creation, at the exact - * moment that ModSecurity be aware of a particular request/transaction. + * structure is based on the timestamp of the transaction creation, at + * the exact moment that ModSecurity be aware of a particular + * request/transaction. * The expect fromat is: * * [...]/YearMonthDay/YearMonthDayAndTime/YearMonthDayAndTime-RequestId diff --git a/src/audit_log_writer_serial.cc b/src/audit_log_writer_serial.cc index a5eb23ca..b761a340 100644 --- a/src/audit_log_writer_serial.cc +++ b/src/audit_log_writer_serial.cc @@ -47,14 +47,14 @@ bool AuditLogWriterSerial::init() { } -bool AuditLogWriterSerial::write(Assay *assay, int parts) { +bool AuditLogWriterSerial::write(Transaction *transaction, int parts) { std::string boundary; generateBoundary(&boundary); // serialLoggingMutex.lock(); - m_log << assay->toOldAuditLogFormat(parts, "-" + boundary + "--"); + m_log << transaction->toOldAuditLogFormat(parts, "-" + boundary + "--"); m_log.flush(); // serialLoggingMutex.unlock(); diff --git a/src/audit_log_writer_serial.h b/src/audit_log_writer_serial.h index 4823c928..dd30a456 100644 --- a/src/audit_log_writer_serial.h +++ b/src/audit_log_writer_serial.h @@ -23,7 +23,7 @@ #define SRC_AUDIT_LOG_WRITER_SERIAL_H_ #include "src/audit_log_writer.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifdef __cplusplus @@ -58,7 +58,7 @@ class AuditLogWriterSerial : public AuditLogWriter { } bool init() override;; - bool write(Assay *assay, int parts) override; + bool write(Transaction *transaction, int parts) override; private: std::ofstream m_log; diff --git a/src/macro_expansion.cc b/src/macro_expansion.cc index f74cb7b9..dd79b2ee 100644 --- a/src/macro_expansion.cc +++ b/src/macro_expansion.cc @@ -14,7 +14,7 @@ */ #include "src/macro_expansion.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { @@ -22,8 +22,8 @@ MacroExpansion::MacroExpansion() { } std::string MacroExpansion::expandKeepOriginal(const std::string& input, - Assay *assay) { - std::string a = MacroExpansion::expand(input, assay); + Transaction *transaction) { + std::string a = MacroExpansion::expand(input, transaction); if (a != input) { return "\"" + a + "\" (Was: " + input + ")"; @@ -33,7 +33,8 @@ std::string MacroExpansion::expandKeepOriginal(const std::string& input, } -std::string MacroExpansion::expand(const std::string& input, Assay *assay) { +std::string MacroExpansion::expand(const std::string& input, + Transaction *transaction) { std::string res; size_t pos = input.find("%{"); @@ -53,12 +54,12 @@ std::string MacroExpansion::expand(const std::string& input, Assay *assay) { std::string *variableValue; size_t collection = variable.find("."); if (collection == std::string::npos) { - variableValue = assay->m_collections.resolveFirst(variable); + variableValue = transaction->m_collections.resolveFirst(variable); } else { std::string col = std::string(variable, 0, collection); std::string var = std::string(variable, collection + 1, variable.length() - (collection + 1)); - variableValue = assay->m_collections.resolveFirst(col, var); + variableValue = transaction->m_collections.resolveFirst(col, var); } res.erase(start, end - start + 2); diff --git a/src/macro_expansion.h b/src/macro_expansion.h index 11e80a71..3895a39d 100644 --- a/src/macro_expansion.h +++ b/src/macro_expansion.h @@ -19,7 +19,7 @@ #include #include "modsecurity/modsecurity.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifndef SRC_MACRO_EXPANSION_H_ #define SRC_MACRO_EXPANSION_H_ @@ -31,9 +31,10 @@ class MacroExpansion { public: MacroExpansion(); - static std::string expand(const std::string& input, Assay *assay); + static std::string expand(const std::string& input, + Transaction *transaction); static std::string expandKeepOriginal(const std::string& input, - Assay *assay); + Transaction *transaction); }; diff --git a/src/operators/begins_with.cc b/src/operators/begins_with.cc index 2988e9bb..2fdc0c52 100644 --- a/src/operators/begins_with.cc +++ b/src/operators/begins_with.cc @@ -24,10 +24,10 @@ namespace modsecurity { namespace operators { -bool BeginsWith::evaluate(Assay *assay, const std::string &str) { +bool BeginsWith::evaluate(Transaction *transaction, const std::string &str) { bool ret = false; - std::string p = MacroExpansion::expand(param, assay); + std::string p = MacroExpansion::expand(param, transaction); if (str.size() < p.size()) { ret = false; diff --git a/src/operators/begins_with.h b/src/operators/begins_with.h index c4b48503..2fdea97c 100644 --- a/src/operators/begins_with.h +++ b/src/operators/begins_with.h @@ -30,7 +30,7 @@ class BeginsWith : public Operator { BeginsWith(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/contains.cc b/src/operators/contains.cc index 742fd9c8..47695d8e 100644 --- a/src/operators/contains.cc +++ b/src/operators/contains.cc @@ -22,8 +22,8 @@ namespace modsecurity { namespace operators { -bool Contains::evaluate(Assay *assay, const std::string &input) { - std::string p = MacroExpansion::expand(param, assay); +bool Contains::evaluate(Transaction *transaction, const std::string &input) { + std::string p = MacroExpansion::expand(param, transaction); bool contains = input.find(p) != std::string::npos; if (contains) { diff --git a/src/operators/contains.h b/src/operators/contains.h index 6de0ce78..6acc8d7b 100644 --- a/src/operators/contains.h +++ b/src/operators/contains.h @@ -19,7 +19,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "operators/operator.h" #ifdef __cplusplus @@ -31,7 +31,7 @@ class Contains : public Operator { /** @ingroup ModSecurity_Operator */ Contains(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &exp) override; + bool evaluate(Transaction *transaction, const std::string &exp) override; std::list matched; }; diff --git a/src/operators/contains_word.cc b/src/operators/contains_word.cc index bdeb4021..258750bb 100644 --- a/src/operators/contains_word.cc +++ b/src/operators/contains_word.cc @@ -36,9 +36,9 @@ bool ContainsWord::acceptableChar(const std::string& a, size_t pos) { return true; } -bool ContainsWord::evaluate(Assay *assay, +bool ContainsWord::evaluate(Transaction *transaction, const std::string& input) { - std::string paramTarget = MacroExpansion::expand(param, assay); + std::string paramTarget = MacroExpansion::expand(param, transaction); if (paramTarget.empty()) { return true; diff --git a/src/operators/contains_word.h b/src/operators/contains_word.h index b576a326..d2d63eb2 100644 --- a/src/operators/contains_word.h +++ b/src/operators/contains_word.h @@ -30,7 +30,7 @@ class ContainsWord : public Operator { ContainsWord(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &str); + bool evaluate(Transaction *transaction, const std::string &str); bool acceptableChar(const std::string& a, size_t pos); }; diff --git a/src/operators/detect_sqli.cc b/src/operators/detect_sqli.cc index c34fa54a..115aee2b 100644 --- a/src/operators/detect_sqli.cc +++ b/src/operators/detect_sqli.cc @@ -25,7 +25,7 @@ namespace modsecurity { namespace operators { -bool DetectSQLi::evaluate(Assay *assay, const std::string &input) { +bool DetectSQLi::evaluate(Transaction *transaction, const std::string &input) { char fingerprint[8]; int issqli; @@ -33,18 +33,18 @@ bool DetectSQLi::evaluate(Assay *assay, const std::string &input) { if (issqli) { matched.push_back(fingerprint); - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(4, "detected SQLi using libinjection with " \ + transaction->debug(4, "detected SQLi using libinjection with " \ "fingerprint '" + std::string(fingerprint) + "' at: '" + input + "'"); #endif } } else { - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(9, "detected SQLi: not able to find an inject on '" + - input + "'"); + transaction->debug(9, "detected SQLi: not able to find an " \ + "inject on '" + input + "'"); #endif } } diff --git a/src/operators/detect_sqli.h b/src/operators/detect_sqli.h index 7a64556f..91c93aaf 100644 --- a/src/operators/detect_sqli.h +++ b/src/operators/detect_sqli.h @@ -30,7 +30,7 @@ class DetectSQLi : public Operator { DetectSQLi(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input); + bool evaluate(Transaction *transaction, const std::string &input); std::list matched; }; diff --git a/src/operators/detect_xss.cc b/src/operators/detect_xss.cc index 07b38291..a3ade454 100644 --- a/src/operators/detect_xss.cc +++ b/src/operators/detect_xss.cc @@ -25,17 +25,17 @@ namespace modsecurity { namespace operators { -bool DetectXSS::evaluate(Assay *assay, const std::string &input) { +bool DetectXSS::evaluate(Transaction *transaction, const std::string &input) { int is_xss; is_xss = libinjection_xss(input.c_str(), input.length()); - if (assay) { + if (transaction) { #ifndef NO_LOGS if (is_xss) { - assay->debug(5, "detected XSS using libinjection."); + transaction->debug(5, "detected XSS using libinjection."); } else { - assay->debug(9, "libinjection was not able to " \ + transaction->debug(9, "libinjection was not able to " \ "find any XSS in: " + input); } #endif diff --git a/src/operators/detect_xss.h b/src/operators/detect_xss.h index 8e9084dc..5d27c20c 100644 --- a/src/operators/detect_xss.h +++ b/src/operators/detect_xss.h @@ -29,7 +29,7 @@ class DetectXSS : public Operator { DetectXSS(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input); + bool evaluate(Transaction *transaction, const std::string &input); }; } // namespace operators diff --git a/src/operators/ends_with.cc b/src/operators/ends_with.cc index 97f40d07..68749c6f 100644 --- a/src/operators/ends_with.cc +++ b/src/operators/ends_with.cc @@ -24,9 +24,9 @@ namespace modsecurity { namespace operators { -bool EndsWith::evaluate(Assay *assay, const std::string &input) { +bool EndsWith::evaluate(Transaction *transaction, const std::string &input) { bool ret = false; - std::string p = MacroExpansion::expand(param, assay); + std::string p = MacroExpansion::expand(param, transaction); if (input.length() >= p.length()) { ret = (0 == input.compare(input.length() - p.length(), diff --git a/src/operators/ends_with.h b/src/operators/ends_with.h index 2a834aeb..e48db8e9 100644 --- a/src/operators/ends_with.h +++ b/src/operators/ends_with.h @@ -30,7 +30,7 @@ class EndsWith : public Operator { EndsWith(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; diff --git a/src/operators/eq.cc b/src/operators/eq.cc index 88d4c2a7..7571e524 100644 --- a/src/operators/eq.cc +++ b/src/operators/eq.cc @@ -24,11 +24,11 @@ namespace modsecurity { namespace operators { -bool Eq::evaluate(Assay *assay, const std::string &input) { +bool Eq::evaluate(Transaction *transaction, const std::string &input) { int p = 0; int i = 0; bool eq = false; - std::string pt = MacroExpansion::expand(param, assay); + std::string pt = MacroExpansion::expand(param, transaction); try { p = std::stoi(pt); diff --git a/src/operators/eq.h b/src/operators/eq.h index 83eb8e89..76f86695 100644 --- a/src/operators/eq.h +++ b/src/operators/eq.h @@ -30,7 +30,7 @@ class Eq : public Operator { Eq(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; }; } // namespace operators diff --git a/src/operators/fuzzy_hash.cc b/src/operators/fuzzy_hash.cc index dd295842..89040d6e 100644 --- a/src/operators/fuzzy_hash.cc +++ b/src/operators/fuzzy_hash.cc @@ -23,7 +23,7 @@ namespace modsecurity { namespace operators { -bool FuzzyHash::evaluate(Assay *assay, const std::string &str) { +bool FuzzyHash::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator FuzzyHash. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#fuzzyhash diff --git a/src/operators/fuzzy_hash.h b/src/operators/fuzzy_hash.h index cc21212a..a3f464cc 100644 --- a/src/operators/fuzzy_hash.h +++ b/src/operators/fuzzy_hash.h @@ -28,7 +28,7 @@ class FuzzyHash : public Operator { public: /** @ingroup ModSecurity_Operator */ FuzzyHash(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &std) override; + bool evaluate(Transaction *transaction, const std::string &std) override; }; } // namespace operators diff --git a/src/operators/ge.cc b/src/operators/ge.cc index b3e96707..cc6bbd60 100644 --- a/src/operators/ge.cc +++ b/src/operators/ge.cc @@ -23,9 +23,9 @@ namespace modsecurity { namespace operators { -bool Ge::evaluate(Assay *assay, const std::string &input) { - std::string p = MacroExpansion::expand(param, assay); - std::string i = MacroExpansion::expand(input, assay); +bool Ge::evaluate(Transaction *transaction, const std::string &input) { + std::string p = MacroExpansion::expand(param, transaction); + std::string i = MacroExpansion::expand(input, transaction); bool ge = atoll(i.c_str()) >= atoll(p.c_str()); diff --git a/src/operators/ge.h b/src/operators/ge.h index 5120a05e..122b1af9 100644 --- a/src/operators/ge.h +++ b/src/operators/ge.h @@ -30,7 +30,7 @@ class Ge : public Operator { Ge(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; }; } // namespace operators diff --git a/src/operators/geo_lookup.cc b/src/operators/geo_lookup.cc index e86cce40..1281bfb3 100644 --- a/src/operators/geo_lookup.cc +++ b/src/operators/geo_lookup.cc @@ -30,7 +30,7 @@ namespace modsecurity { namespace operators { -bool GeoLookup::evaluate(Assay *assay, const std::string &exp) { +bool GeoLookup::evaluate(Transaction *trans, const std::string &exp) { using std::placeholders::_1; using std::placeholders::_2; bool ret = true; @@ -38,51 +38,51 @@ bool GeoLookup::evaluate(Assay *assay, const std::string &exp) { #ifdef WITH_GEOIP GeoIPRecord *gir; - if (assay) { + if (trans) { ret = Utils::GeoLookup::getInstance().lookup(exp, &gir, - std::bind(&GeoLookup::debug, this, assay, _1, _2)); + std::bind(&GeoLookup::debug, this, trans, _1, _2)); } else { ret = Utils::GeoLookup::getInstance().lookup(exp, &gir, nullptr); } if (ret && gir) { if (gir->country_code) { - assay->m_collections.store("GEO:COUNTRY_CODE", gir->country_code); + trans->m_collections.store("GEO:COUNTRY_CODE", gir->country_code); } if (gir->country_code3) { - assay->m_collections.store("GEO:COUNTRY_CODE3", gir->country_code3); + trans->m_collections.store("GEO:COUNTRY_CODE3", gir->country_code3); } if (gir->country_name) { - assay->m_collections.store("GEO:COUNTRY_NAME", gir->country_name); + trans->m_collections.store("GEO:COUNTRY_NAME", gir->country_name); } if (gir->continent_code) { - assay->m_collections.store("GEO:COUNTRY_CONTINENT", + trans->m_collections.store("GEO:COUNTRY_CONTINENT", gir->continent_code); } if (gir->country_code && gir->region) { - assay->m_collections.store("GEO:REGION", + trans->m_collections.store("GEO:REGION", GeoIP_region_name_by_code(gir->country_code, gir->region)); } if (gir->city) { - assay->m_collections.store("GEO:CITY", gir->city); + trans->m_collections.store("GEO:CITY", gir->city); } if (gir->postal_code) { - assay->m_collections.store("GEO:POSTAL_CODE", gir->postal_code); + trans->m_collections.store("GEO:POSTAL_CODE", gir->postal_code); } if (gir->latitude) { - assay->m_collections.store("GEO:LATITUDE", + trans->m_collections.store("GEO:LATITUDE", std::to_string(gir->latitude)); } if (gir->longitude) { - assay->m_collections.store("GEO:LONGITUDE", + trans->m_collections.store("GEO:LONGITUDE", std::to_string(gir->longitude)); } if (gir->metro_code) { - assay->m_collections.store("GEO:DMA_CODE", + trans->m_collections.store("GEO:DMA_CODE", std::to_string(gir->metro_code)); } if (gir->area_code) { - assay->m_collections.store("GEO:AREA_CODE", + trans->m_collections.store("GEO:AREA_CODE", std::to_string(gir->area_code)); } diff --git a/src/operators/geo_lookup.h b/src/operators/geo_lookup.h index 6361be64..18737470 100644 --- a/src/operators/geo_lookup.h +++ b/src/operators/geo_lookup.h @@ -28,7 +28,7 @@ class GeoLookup : public Operator { public: /** @ingroup ModSecurity_Operator */ GeoLookup(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &exp) override; + bool evaluate(Transaction *transaction, const std::string &exp) override; }; } // namespace operators diff --git a/src/operators/gsblookup.cc b/src/operators/gsblookup.cc index 862b71a0..eeda5cbc 100644 --- a/src/operators/gsblookup.cc +++ b/src/operators/gsblookup.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { -bool GsbLookup::evaluate(Assay *assay, const std::string &str) { +bool GsbLookup::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator GeoLookup. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#gsblookup diff --git a/src/operators/gsblookup.h b/src/operators/gsblookup.h index 4e58fd15..934e10bc 100644 --- a/src/operators/gsblookup.h +++ b/src/operators/gsblookup.h @@ -28,7 +28,7 @@ class GsbLookup : public Operator { public: /** @ingroup ModSecurity_Operator */ GsbLookup(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str); + bool evaluate(Transaction *transaction, const std::string &str); }; } // namespace operators diff --git a/src/operators/gt.cc b/src/operators/gt.cc index 775eaeab..b5a81855 100644 --- a/src/operators/gt.cc +++ b/src/operators/gt.cc @@ -23,8 +23,8 @@ namespace modsecurity { namespace operators { -bool Gt::evaluate(Assay *assay, const std::string &input) { - std::string p = MacroExpansion::expand(param, assay); +bool Gt::evaluate(Transaction *transaction, const std::string &input) { + std::string p = MacroExpansion::expand(param, transaction); bool gt = atoll(input.c_str()) > atoll(p.c_str()); diff --git a/src/operators/gt.h b/src/operators/gt.h index 514dab06..00d290cb 100644 --- a/src/operators/gt.h +++ b/src/operators/gt.h @@ -30,7 +30,7 @@ class Gt : public Operator { Gt(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; }; } // namespace operators diff --git a/src/operators/inspect_file.cc b/src/operators/inspect_file.cc index d8cdc502..6bdd7599 100644 --- a/src/operators/inspect_file.cc +++ b/src/operators/inspect_file.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { -bool InspectFile::evaluate(Assay *assay, const std::string &str) { +bool InspectFile::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator InspectFile. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#inspectfile diff --git a/src/operators/inspect_file.h b/src/operators/inspect_file.h index a7af84bc..4a8345ef 100644 --- a/src/operators/inspect_file.h +++ b/src/operators/inspect_file.h @@ -28,7 +28,7 @@ class InspectFile : public Operator { public: /** @ingroup ModSecurity_Operator */ InspectFile(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/ip_match.cc b/src/operators/ip_match.cc index a5e7703b..75fd2ed4 100644 --- a/src/operators/ip_match.cc +++ b/src/operators/ip_match.cc @@ -37,7 +37,7 @@ bool IpMatch::init(const std::string &file, const char **error) { } -bool IpMatch::evaluate(Assay *assay, const std::string &input) { +bool IpMatch::evaluate(Transaction *transaction, const std::string &input) { return m_tree.contains(input); } diff --git a/src/operators/ip_match.h b/src/operators/ip_match.h index 3d228c9f..3f03ef40 100644 --- a/src/operators/ip_match.h +++ b/src/operators/ip_match.h @@ -31,7 +31,7 @@ class IpMatch : public Operator { IpMatch(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; bool init(const std::string &file, const char **error) override; diff --git a/src/operators/le.cc b/src/operators/le.cc index 99159c02..c84bef55 100644 --- a/src/operators/le.cc +++ b/src/operators/le.cc @@ -23,8 +23,8 @@ namespace modsecurity { namespace operators { -bool Le::evaluate(Assay *assay, const std::string &input) { - std::string p = MacroExpansion::expand(param, assay); +bool Le::evaluate(Transaction *transaction, const std::string &input) { + std::string p = MacroExpansion::expand(param, transaction); bool le = atoll(input.c_str()) <= atoll(p.c_str()); diff --git a/src/operators/le.h b/src/operators/le.h index 2937dbbd..aaf3da76 100644 --- a/src/operators/le.h +++ b/src/operators/le.h @@ -30,7 +30,7 @@ class Le : public Operator { Le(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; }; diff --git a/src/operators/lt.cc b/src/operators/lt.cc index 729232e6..eeda36fa 100644 --- a/src/operators/lt.cc +++ b/src/operators/lt.cc @@ -23,8 +23,8 @@ namespace modsecurity { namespace operators { -bool Lt::evaluate(Assay *assay, const std::string &input) { - std::string p = MacroExpansion::expand(param, assay); +bool Lt::evaluate(Transaction *transaction, const std::string &input) { + std::string p = MacroExpansion::expand(param, transaction); bool lt = atoll(input.c_str()) < atoll(p.c_str()); diff --git a/src/operators/lt.h b/src/operators/lt.h index 6c7cf020..8c8529cd 100644 --- a/src/operators/lt.h +++ b/src/operators/lt.h @@ -30,7 +30,7 @@ class Lt : public Operator { Lt(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; }; } // namespace operators diff --git a/src/operators/no_match.cc b/src/operators/no_match.cc index 59848768..f229eaa8 100644 --- a/src/operators/no_match.cc +++ b/src/operators/no_match.cc @@ -20,7 +20,7 @@ namespace modsecurity { namespace operators { -bool NoMatch::evaluate(Assay *assay, const std::string &str) { +bool NoMatch::evaluate(Transaction *transaction, const std::string &str) { return false; } diff --git a/src/operators/no_match.h b/src/operators/no_match.h index c8201587..30c1b350 100644 --- a/src/operators/no_match.h +++ b/src/operators/no_match.h @@ -15,7 +15,7 @@ #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "operators/operator.h" @@ -32,7 +32,7 @@ class NoMatch : public Operator { NoMatch(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/operator.cc b/src/operators/operator.cc index 74467073..9dee2d16 100644 --- a/src/operators/operator.cc +++ b/src/operators/operator.cc @@ -19,7 +19,7 @@ #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "operators/begins_with.h" #include "operators/contains.h" @@ -66,18 +66,18 @@ namespace modsecurity { namespace operators { -bool Operator::debug(Assay *assay, int x, std::string a) { +bool Operator::debug(Transaction *transaction, int x, std::string a) { #ifndef NO_LOGS - assay->debug(x, a); + transaction->debug(x, a); #endif return true; } -bool Operator::evaluate(Assay *assay, const std::string& a) { +bool Operator::evaluate(Transaction *transaction, const std::string& a) { #ifndef NO_LOGS - if (assay) { - assay->debug(2, "Operator: " + this->op + \ + if (transaction) { + transaction->debug(2, "Operator: " + this->op + \ " is not implemented or malfunctioning."); } else { std::cerr << "Operator: " + this->op + \ diff --git a/src/operators/operator.h b/src/operators/operator.h index e9143113..07492015 100644 --- a/src/operators/operator.h +++ b/src/operators/operator.h @@ -20,7 +20,7 @@ #ifndef SRC_OPERATORS_OPERATOR_H__ #define SRC_OPERATORS_OPERATOR_H__ -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifdef __cplusplus namespace modsecurity { @@ -44,10 +44,10 @@ class Operator { return true; } - virtual bool evaluate(Assay *assay, const std::string &str); + virtual bool evaluate(Transaction *transaction, const std::string &str); static Operator *instantiate(std::string op); protected: - bool debug(Assay *assay, int x, std::string a); + bool debug(Transaction *transaction, int x, std::string a); }; } // namespace operators diff --git a/src/operators/pm.cc b/src/operators/pm.cc index 0897d47b..b149705e 100644 --- a/src/operators/pm.cc +++ b/src/operators/pm.cc @@ -69,7 +69,7 @@ void Pm::replaceAll(std::string str, const std::string& from, } } -bool Pm::evaluate(Assay *assay, const std::string &input) { +bool Pm::evaluate(Transaction *transaction, const std::string &input) { int rc = 0; ACMPT pt; pt.parser = m_p; diff --git a/src/operators/pm.h b/src/operators/pm.h index 043510ec..57037ace 100644 --- a/src/operators/pm.h +++ b/src/operators/pm.h @@ -37,7 +37,7 @@ class Pm : public Operator { ~Pm(); void replaceAll(std::string str, const std::string& from, const std::string& to); - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; bool init(const std::string &file, const char **error) override; void postOrderTraversal(acmp_btree_node_t *node); diff --git a/src/operators/rbl.cc b/src/operators/rbl.cc index edb2cdbb..eadff5f9 100644 --- a/src/operators/rbl.cc +++ b/src/operators/rbl.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { -bool Rbl::evaluate(Assay *assay, const std::string &str) { +bool Rbl::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator Rbl. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#rbl diff --git a/src/operators/rbl.h b/src/operators/rbl.h index 807d466d..70d77486 100644 --- a/src/operators/rbl.h +++ b/src/operators/rbl.h @@ -29,7 +29,7 @@ class Rbl : public Operator { public: /** @ingroup ModSecurity_Operator */ Rbl(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/rsub.cc b/src/operators/rsub.cc index 3442479e..afc020ef 100644 --- a/src/operators/rsub.cc +++ b/src/operators/rsub.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { -bool Rsub::evaluate(Assay *assay, const std::string &str) { +bool Rsub::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator Rsub. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#rsub diff --git a/src/operators/rsub.h b/src/operators/rsub.h index 0f7dd198..7fb0c025 100644 --- a/src/operators/rsub.h +++ b/src/operators/rsub.h @@ -28,7 +28,7 @@ class Rsub : public Operator { public: /** @ingroup ModSecurity_Operator */ Rsub(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators } // namespace modsecurity diff --git a/src/operators/rx.cc b/src/operators/rx.cc index 697c238d..2ffd4c45 100644 --- a/src/operators/rx.cc +++ b/src/operators/rx.cc @@ -26,7 +26,7 @@ namespace operators { -bool Rx::evaluate(Assay *assay, const std::string& input) { +bool Rx::evaluate(Transaction *transaction, const std::string& input) { SMatch match; if (regex_search(input, &match, *m_re) && match.size() >= 1) { diff --git a/src/operators/rx.h b/src/operators/rx.h index b68ce91f..0812b817 100644 --- a/src/operators/rx.h +++ b/src/operators/rx.h @@ -40,7 +40,7 @@ class Rx : public Operator { m_re = new Regex(param); } - bool evaluate(Assay *assay, const std::string &input); + bool evaluate(Transaction *transaction, const std::string &input); std::list matched; private: diff --git a/src/operators/str_eq.cc b/src/operators/str_eq.cc index c59233ad..13258e7e 100644 --- a/src/operators/str_eq.cc +++ b/src/operators/str_eq.cc @@ -21,8 +21,8 @@ namespace modsecurity { namespace operators { -bool StrEq::evaluate(Assay *assay, const std::string &str) { - std::string p = MacroExpansion::expand(param, assay); +bool StrEq::evaluate(Transaction *transaction, const std::string &str) { + std::string p = MacroExpansion::expand(param, transaction); bool eq = !p.compare(str); if (negation) { diff --git a/src/operators/str_eq.h b/src/operators/str_eq.h index cc7aa9eb..0483b44e 100644 --- a/src/operators/str_eq.h +++ b/src/operators/str_eq.h @@ -15,7 +15,7 @@ #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "operators/operator.h" @@ -33,7 +33,7 @@ class StrEq : public Operator { StrEq(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/str_match.cc b/src/operators/str_match.cc index 798df43e..824e85fd 100644 --- a/src/operators/str_match.cc +++ b/src/operators/str_match.cc @@ -24,8 +24,8 @@ namespace modsecurity { namespace operators { -bool StrMatch::evaluate(Assay *assay, const std::string &input) { - std::string p = MacroExpansion::expand(param, assay); +bool StrMatch::evaluate(Transaction *transaction, const std::string &input) { + std::string p = MacroExpansion::expand(param, transaction); bool ret = input.find(p) != std::string::npos; if (negation) { diff --git a/src/operators/str_match.h b/src/operators/str_match.h index a6b1cc49..5d4af578 100644 --- a/src/operators/str_match.h +++ b/src/operators/str_match.h @@ -30,7 +30,7 @@ class StrMatch : public Operator { StrMatch(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; }; } // namespace operators diff --git a/src/operators/validate_byte_range.cc b/src/operators/validate_byte_range.cc index 00bb8540..cffd4ee3 100644 --- a/src/operators/validate_byte_range.cc +++ b/src/operators/validate_byte_range.cc @@ -106,7 +106,8 @@ bool ValidateByteRange::init(const std::string &file, } -bool ValidateByteRange::evaluate(Assay *assay, const std::string &input) { +bool ValidateByteRange::evaluate(Transaction *transaction, + const std::string &input) { bool ret = true; size_t count = 0; diff --git a/src/operators/validate_byte_range.h b/src/operators/validate_byte_range.h index 5f696bbe..9649c4af 100644 --- a/src/operators/validate_byte_range.h +++ b/src/operators/validate_byte_range.h @@ -36,7 +36,7 @@ class ValidateByteRange : public Operator { ~ValidateByteRange() override { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; bool getRange(const std::string &rangeRepresentation, const char **error); bool init(const std::string& file, const char **error) override; private: diff --git a/src/operators/validate_dtd.cc b/src/operators/validate_dtd.cc index 4d9da64b..7dc040c6 100644 --- a/src/operators/validate_dtd.cc +++ b/src/operators/validate_dtd.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { -bool ValidateDTD::evaluate(Assay *assay, const std::string &str) { +bool ValidateDTD::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator ValidateDTD. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#validateDTD diff --git a/src/operators/validate_dtd.h b/src/operators/validate_dtd.h index 51abdf96..c5339d56 100644 --- a/src/operators/validate_dtd.h +++ b/src/operators/validate_dtd.h @@ -28,7 +28,7 @@ class ValidateDTD : public Operator { public: /** @ingroup ModSecurity_Operator */ ValidateDTD(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/validate_hash.cc b/src/operators/validate_hash.cc index 3e4b5cf1..50675823 100644 --- a/src/operators/validate_hash.cc +++ b/src/operators/validate_hash.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { -bool ValidateHash::evaluate(Assay *assay, const std::string &str) { +bool ValidateHash::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator ValidateHash. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#validateHash diff --git a/src/operators/validate_hash.h b/src/operators/validate_hash.h index a99ca55b..ba8d5136 100644 --- a/src/operators/validate_hash.h +++ b/src/operators/validate_hash.h @@ -28,7 +28,7 @@ class ValidateHash : public Operator { public: /** @ingroup ModSecurity_Operator */ ValidateHash(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/validate_schema.cc b/src/operators/validate_schema.cc index 2ee61246..eab4bd0d 100644 --- a/src/operators/validate_schema.cc +++ b/src/operators/validate_schema.cc @@ -22,7 +22,8 @@ namespace modsecurity { namespace operators { -bool ValidateSchema::evaluate(Assay *assay, const std::string &str) { +bool ValidateSchema::evaluate(Transaction *transaction, + const std::string &str) { /** * @todo Implement the operator ValidateSchema. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#validateSchema @@ -31,7 +32,8 @@ bool ValidateSchema::evaluate(Assay *assay, const std::string &str) { } -ValidateSchema::ValidateSchema(std::string op, std::string param, bool negation) +ValidateSchema::ValidateSchema(std::string op, std::string param, + bool negation) : Operator() { this->op = op; this->param = param; diff --git a/src/operators/validate_schema.h b/src/operators/validate_schema.h index ccd7f318..4c2eafce 100644 --- a/src/operators/validate_schema.h +++ b/src/operators/validate_schema.h @@ -28,7 +28,7 @@ class ValidateSchema : public Operator { public: /** @ingroup ModSecurity_Operator */ ValidateSchema(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/validate_url_encoding.cc b/src/operators/validate_url_encoding.cc index 636d647b..f38991e7 100644 --- a/src/operators/validate_url_encoding.cc +++ b/src/operators/validate_url_encoding.cc @@ -65,7 +65,8 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input, } -bool ValidateUrlEncoding::evaluate(Assay *assay, const std::string &input) { +bool ValidateUrlEncoding::evaluate(Transaction *transaction, + const std::string &input) { bool res = false; if (input.empty() == true) { @@ -76,37 +77,38 @@ bool ValidateUrlEncoding::evaluate(Assay *assay, const std::string &input) { switch (rc) { case 1 : /* Encoding is valid */ - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(7, "Valid URL Encoding at '" +input + "'"); + transaction->debug(7, "Valid URL Encoding at '" +input + "'"); #endif } res = false; break; case -2 : - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(7, "Invalid URL Encoding: Non-hexadecimal " + transaction->debug(7, "Invalid URL Encoding: Non-hexadecimal " "digits used at '" + input + "'"); #endif } res = true; /* Invalid match. */ break; case -3 : - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(7, "Invalid URL Encoding: Not enough characters " - "at the end of input at '" + input + "'"); + transaction->debug(7, "Invalid URL Encoding: Not enough " \ + "characters at the end of input at '" + input + "'"); #endif } res = true; /* Invalid match. */ break; case -1 : default : - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(7, "Invalid URL Encoding: Internal Error (rc = " + - std::to_string(rc) + ") at '" + input + "'"); + transaction->debug(7, "Invalid URL Encoding: Internal " \ + "Error (rc = " + std::to_string(rc) + ") at '" + + input + "'"); #endif } res = true; diff --git a/src/operators/validate_url_encoding.h b/src/operators/validate_url_encoding.h index da176ea6..3a1dfbeb 100644 --- a/src/operators/validate_url_encoding.h +++ b/src/operators/validate_url_encoding.h @@ -30,7 +30,7 @@ class ValidateUrlEncoding : public Operator { ValidateUrlEncoding(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; int validate_url_encoding(const char *input, uint64_t input_length); }; diff --git a/src/operators/validate_utf8_encoding.cc b/src/operators/validate_utf8_encoding.cc index d981b7d6..fdc5db94 100644 --- a/src/operators/validate_utf8_encoding.cc +++ b/src/operators/validate_utf8_encoding.cc @@ -113,7 +113,8 @@ int ValidateUtf8Encoding::detect_utf8_character( return unicode_len; } -bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) { +bool ValidateUtf8Encoding::evaluate(Transaction *transaction, + const std::string &str) { unsigned int i, bytes_left; const char *str_c = str.c_str(); @@ -124,9 +125,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) { switch (rc) { case UNICODE_ERROR_CHARACTERS_MISSING : - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(8, "Invalid UTF-8 encoding: " + transaction->debug(8, "Invalid UTF-8 encoding: " "not enough bytes in character " "at " + str + ". [offset \"" + std::to_string(i) + "\"]"); @@ -135,9 +136,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) { return true; break; case UNICODE_ERROR_INVALID_ENCODING : - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(8, "Invalid UTF-8 encoding: " + transaction->debug(8, "Invalid UTF-8 encoding: " "invalid byte value in character " "at " + str + ". [offset \"" + std::to_string(i) + "\"]"); @@ -146,9 +147,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) { return true; break; case UNICODE_ERROR_OVERLONG_CHARACTER : - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(8, "Invalid UTF-8 encoding: " + transaction->debug(8, "Invalid UTF-8 encoding: " "overlong character detected " "at " + str + ". [offset \"" + std::to_string(i) + "\"]"); @@ -157,9 +158,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) { return true; break; case UNICODE_ERROR_RESTRICTED_CHARACTER : - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(8, "Invalid UTF-8 encoding: " + transaction->debug(8, "Invalid UTF-8 encoding: " "use of restricted character " "at " + str + ". [offset \"" + std::to_string(i) + "\"]"); @@ -168,9 +169,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) { return true; break; case UNICODE_ERROR_DECODING_ERROR : - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(8, "Error validating UTF-8 decoding " + transaction->debug(8, "Error validating UTF-8 decoding " "at " + str + ". [offset \"" + std::to_string(i) + "\"]"); #endif @@ -180,9 +181,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) { } if (rc <= 0) { - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(8, "Internal error during UTF-8 validation " + transaction->debug(8, "Internal error during UTF-8 validation " "at " + str + ". [offset \"" + std::to_string(i) + "\"]"); #endif diff --git a/src/operators/validate_utf8_encoding.h b/src/operators/validate_utf8_encoding.h index a1024d24..069328a4 100644 --- a/src/operators/validate_utf8_encoding.h +++ b/src/operators/validate_utf8_encoding.h @@ -37,7 +37,7 @@ class ValidateUtf8Encoding : public Operator { ValidateUtf8Encoding(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; int detect_utf8_character(const unsigned char *p_read, unsigned int length); diff --git a/src/operators/verify_cc.cc b/src/operators/verify_cc.cc index eba1b4de..fbeab04f 100644 --- a/src/operators/verify_cc.cc +++ b/src/operators/verify_cc.cc @@ -86,7 +86,7 @@ bool VerifyCC::init(const std::string ¶m2, const char **error) { } -bool VerifyCC::evaluate(Assay *assay, const std::string &i) { +bool VerifyCC::evaluate(Transaction *transaction, const std::string &i) { int offset = 0; bool is_cc = false; int target_length = i.length(); @@ -110,9 +110,9 @@ bool VerifyCC::evaluate(Assay *assay, const std::string &i) { match = std::string(i, ovector[0], ovector[1] - ovector[0]); is_cc = luhnVerify(match.c_str(), match.size()); if (is_cc) { - if (assay) { + if (transaction) { #ifndef NO_LOGS - assay->debug(9, "CC# match \"" + param + + transaction->debug(9, "CC# match \"" + param + "\" at " + i + ". [offset " + std::to_string(offset) + "]"); #endif diff --git a/src/operators/verify_cc.h b/src/operators/verify_cc.h index c7d39a89..d4f714b1 100644 --- a/src/operators/verify_cc.h +++ b/src/operators/verify_cc.h @@ -33,7 +33,7 @@ class VerifyCC : public Operator { m_pce(NULL) { } int luhnVerify(const char *ccnumber, int len); - bool evaluate(Assay *assay, const std::string &input) override; + bool evaluate(Transaction *transaction, const std::string &input) override; bool init(const std::string ¶m, const char **error) override; private: pcre *m_pc; diff --git a/src/operators/verify_cpf.cc b/src/operators/verify_cpf.cc index 88092f5b..7c1415f0 100644 --- a/src/operators/verify_cpf.cc +++ b/src/operators/verify_cpf.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { -bool VerifyCPF::evaluate(Assay *assay, const std::string &str) { +bool VerifyCPF::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator VerifyCPF. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#verifyCPF diff --git a/src/operators/verify_cpf.h b/src/operators/verify_cpf.h index 96d2c86d..bd869433 100644 --- a/src/operators/verify_cpf.h +++ b/src/operators/verify_cpf.h @@ -28,7 +28,7 @@ class VerifyCPF : public Operator { public: /** @ingroup ModSecurity_Operator */ VerifyCPF(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/verify_ssn.cc b/src/operators/verify_ssn.cc index 099b0459..38a17f0d 100644 --- a/src/operators/verify_ssn.cc +++ b/src/operators/verify_ssn.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { -bool VerifySSN::evaluate(Assay *assay, const std::string &str) { +bool VerifySSN::evaluate(Transaction *transaction, const std::string &str) { /** * @todo Implement the operator VerifySSN. * Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#verifySSN diff --git a/src/operators/verify_ssn.h b/src/operators/verify_ssn.h index 16eeb4d2..f0977702 100644 --- a/src/operators/verify_ssn.h +++ b/src/operators/verify_ssn.h @@ -29,7 +29,7 @@ class VerifySSN : public Operator { public: /** @ingroup ModSecurity_Operator */ VerifySSN(std::string o, std::string p, bool i); - bool evaluate(Assay *assay, const std::string &str) override; + bool evaluate(Transaction *transaction, const std::string &str) override; }; } // namespace operators diff --git a/src/operators/within.cc b/src/operators/within.cc index 7f642f65..89c0ace1 100644 --- a/src/operators/within.cc +++ b/src/operators/within.cc @@ -24,9 +24,9 @@ namespace modsecurity { namespace operators { -bool Within::evaluate(Assay *assay, const std::string &str) { +bool Within::evaluate(Transaction *transaction, const std::string &str) { bool res = false; - std::string paramTarget = MacroExpansion::expand(param, assay); + std::string paramTarget = MacroExpansion::expand(param, transaction); if (str.empty()) { return true; diff --git a/src/operators/within.h b/src/operators/within.h index c8b65975..7933a9a4 100644 --- a/src/operators/within.h +++ b/src/operators/within.h @@ -30,7 +30,7 @@ class Within : public Operator { Within(std::string op, std::string param, bool negation) : Operator(op, param, negation) { } - bool evaluate(Assay *assay, const std::string &str); + bool evaluate(Transaction *transaction, const std::string &str); }; } // namespace operators diff --git a/src/request_body_processor/multipart.cc b/src/request_body_processor/multipart.cc index 8b7244df..227abf9f 100644 --- a/src/request_body_processor/multipart.cc +++ b/src/request_body_processor/multipart.cc @@ -24,7 +24,7 @@ namespace modsecurity { namespace RequestBodyProcessor { -Multipart::Multipart(std:: string header, Assay *assay) +Multipart::Multipart(std:: string header, Transaction *transaction) : crlf(false), containsDataAfter(false), containsDataBefore(false), @@ -33,7 +33,7 @@ Multipart::Multipart(std:: string header, Assay *assay) invalidQuote(false), boundaryStartsWithWhiteSpace(false), boundaryIsQuoted(false), - m_assay(assay), + m_transaction(transaction), m_header(header) { } diff --git a/src/request_body_processor/multipart.h b/src/request_body_processor/multipart.h index fbb3a207..e34aaf55 100644 --- a/src/request_body_processor/multipart.h +++ b/src/request_body_processor/multipart.h @@ -20,14 +20,14 @@ #ifndef SRC_REQUEST_BODY_PROCESSOR_MULTIPART_H_ #define SRC_REQUEST_BODY_PROCESSOR_MULTIPART_H_ -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace RequestBodyProcessor { class Multipart { public: - Multipart(std::string header, Assay *assay); + Multipart(std::string header, Transaction *transaction); bool init(); bool boundaryContainsOnlyValidCharacters(); @@ -47,14 +47,14 @@ class Multipart { bool invalidQuote; #ifndef NO_LOGS void debug(int a, std::string str) { - m_assay->debug(a, str); + m_transaction->debug(a, str); } #endif private: std::string m_boundary; std::string m_header; - Assay *m_assay; + Transaction *m_transaction; }; } // namespace RequestBodyProcessor diff --git a/src/rule.cc b/src/rule.cc index 0f22aa97..dd3e392c 100644 --- a/src/rule.cc +++ b/src/rule.cc @@ -137,16 +137,13 @@ Rule::Rule(Operator *_op, std::vector Rule::getActionNames() { std::vector a; - for (auto &z : this->actions_runtime_pos) - { + for (auto &z : this->actions_runtime_pos) { a.push_back(z->action); } - for (auto &z : this->actions_runtime_pre) - { + for (auto &z : this->actions_runtime_pre) { a.push_back(z->action); } - for (auto &z : this->actions_conf) - { + for (auto &z : this->actions_conf) { a.push_back(z->action); } @@ -154,7 +151,7 @@ std::vector Rule::getActionNames() { } -bool Rule::evaluateActions(Assay *assay) { +bool Rule::evaluateActions(Transaction *trasn) { int none = 0; bool containsDisruptive = false; // int transformations = 0; @@ -165,15 +162,15 @@ bool Rule::evaluateActions(Assay *assay) { } #ifndef NO_LOGS - assay->debug(4, "Running unconditional rule."); + trasn->debug(4, "Running unconditional rule."); #endif if (none == 0) { /* - for (Action *a : assay->m_rules->defaultActions[this->phase]) { + for (Action *a : trasn->m_rules->defaultActions[this->phase]) { if (a->action_kind == actions::Action::RunTimeBeforeMatchAttemptKind) { - value = a->evaluate(value, assay); - assay->debug(9, "(SecDefaultAction) T (" + \ + value = a->evaluate(value, trasn); + trasn->debug(9, "(SecDefaultAction) T (" + \ std::to_string(transformations) + ") " + \ a->name + ": \"" + value +"\""); transformations++; @@ -185,8 +182,8 @@ bool Rule::evaluateActions(Assay *assay) { for (Action *a : this->actions_runtime_pre) { /* if (none == 0) { - value = a->evaluate(value, assay); - assay->debug(9, " T (" + \ + value = a->evaluate(value, trasn); + trasn->debug(9, " T (" + \ std::to_string(transformations) + ") " + \ a->name + ": \"" + value +"\""); transformations++; @@ -200,36 +197,37 @@ bool Rule::evaluateActions(Assay *assay) { for (Action *a : this->actions_runtime_pos) { if (a->isDisruptive() == false) { #ifndef NO_LOGS - assay->debug(4, "Running (_non_ disruptive) action: " + a->action); + trasn->debug(4, "Running (_non_ disruptive) action: " + + a->action); #endif - a->evaluate(this, assay); + a->evaluate(this, trasn); } else { containsDisruptive = true; } } - for (Action *a : assay->m_rules->defaultActions[this->phase]) { + for (Action *a : trasn->m_rules->defaultActions[this->phase]) { if (a->action_kind == actions::Action::RunTimeOnlyIfMatchKind) { if (a->isDisruptive()) { if (containsDisruptive) { #ifndef NO_LOGS - assay->debug(4, "(SecDefaultAction) " \ + trasn->debug(4, "(SecDefaultAction) " \ "_ignoring_ action: " + a->action + \ " (rule contains a disruptive action)"); #endif } else { - if (assay->m_rules->secRuleEngine + if (trasn->m_rules->secRuleEngine == Rules::EnabledRuleEngine) { #ifndef NO_LOGS - assay->debug(4, "(SecDefaultAction) " \ + trasn->debug(4, "(SecDefaultAction) " \ "Running action: " + a->action + \ " (rule _does not_ contains a " \ "disruptive action)"); #endif - a->evaluate(this, assay); + a->evaluate(this, trasn); } else { #ifndef NO_LOGS - assay->debug(4, "(SecDefaultAction) " \ + trasn->debug(4, "(SecDefaultAction) " \ "_Not_ running action: " + a->action + \ ". Rule _does not_ contains a " \ "disruptive action, but SecRuleEngine is not On."); @@ -238,9 +236,9 @@ bool Rule::evaluateActions(Assay *assay) { } } else { #ifndef NO_LOGS - assay->debug(4, "(SecDefaultAction) Running action: " + \ + trasn->debug(4, "(SecDefaultAction) Running action: " + \ a->action); - a->evaluate(this, assay); + a->evaluate(this, trasn); #endif } } @@ -248,14 +246,15 @@ bool Rule::evaluateActions(Assay *assay) { for (Action *a : this->actions_runtime_pos) { if (a->isDisruptive() - && assay->m_rules->secRuleEngine == Rules::EnabledRuleEngine) { + && trasn->m_rules->secRuleEngine + == Rules::EnabledRuleEngine) { #ifndef NO_LOGS - assay->debug(4, "Running (disruptive) action: " + a->action); + trasn->debug(4, "Running (disruptive) action: " + a->action); #endif - a->evaluate(this, assay); + a->evaluate(this, trasn); } else if (a->isDisruptive()) { #ifndef NO_LOGS - assay->debug(4, "Not running disruptive action: " + \ + trasn->debug(4, "Not running disruptive action: " + \ a->action + ". SecRuleEngine is not On"); #endif } @@ -265,7 +264,7 @@ bool Rule::evaluateActions(Assay *assay) { } -bool Rule::evaluate(Assay *assay) { +bool Rule::evaluate(Transaction *trasn) { bool ret = false; std::vector *variables = this->variables; @@ -273,11 +272,11 @@ bool Rule::evaluate(Assay *assay) { return true; } if (m_unconditional == true) { - return evaluateActions(assay); + return evaluateActions(trasn); } #ifndef NO_LOGS - std::string eparam = MacroExpansion::expand(this->op->param, assay); + std::string eparam = MacroExpansion::expand(this->op->param, trasn); if (this->op->param != eparam) { eparam = "\"" + eparam + "\" Was: \"" + this->op->param + "\""; @@ -285,7 +284,7 @@ bool Rule::evaluate(Assay *assay) { eparam = "\"" + eparam + "\""; } - assay->debug(4, "(Rule: " + std::to_string(rule_id) \ + trasn->debug(4, "(Rule: " + std::to_string(rule_id) \ + ") Executing operator \"" + this->op->op \ + "\" with param " \ + eparam \ @@ -300,7 +299,7 @@ bool Rule::evaluate(Assay *assay) { Variable *variable = variables->at(i); if (variable->m_isExclusion) { std::vector z; - variable->evaluateInternal(assay, &z); + variable->evaluateInternal(trasn, &z); for (auto &y : z) { exclusions.push_back(y->m_key); } @@ -316,14 +315,14 @@ bool Rule::evaluate(Assay *assay) { } std::vector e; - variable->evaluateInternal(assay, &e); + variable->evaluateInternal(trasn, &e); for (auto &v : e) { if (std::find(exclusions.begin(), exclusions.end(), v->m_key) != exclusions.end()) { #ifndef NO_LOGS - assay->debug(9, "Variable: " + v->m_key + " is part of the" + - " exclusion list, skipping..."); + trasn->debug(9, "Variable: " + v->m_key + + " is part of the exclusion list, skipping..."); #endif continue; } @@ -339,12 +338,13 @@ bool Rule::evaluate(Assay *assay) { // Notice that first we make sure that won't be a t:none // on the target rule. if (none == 0) { - for (Action *a : assay->m_rules->defaultActions[this->phase]) { + for (Action *a : + trasn->m_rules->defaultActions[this->phase]) { if (a->action_kind == actions::Action::RunTimeBeforeMatchAttemptKind) { - value = a->evaluate(value, assay); + value = a->evaluate(value, trasn); #ifndef NO_LOGS - assay->debug(9, "(SecDefaultAction) T (" + \ + trasn->debug(9, "(SecDefaultAction) T (" + \ std::to_string(transformations) + ") " + \ a->name + ": \"" + value +"\""); #endif @@ -355,9 +355,9 @@ bool Rule::evaluate(Assay *assay) { for (Action *a : this->actions_runtime_pre) { if (none == 0) { - value = a->evaluate(value, assay); + value = a->evaluate(value, trasn); #ifndef NO_LOGS - assay->debug(9, " T (" + \ + trasn->debug(9, " T (" + \ std::to_string(transformations) + ") " + \ a->name + ": \"" + value +"\""); #endif @@ -369,18 +369,18 @@ bool Rule::evaluate(Assay *assay) { } #ifndef NO_LOGS - assay->debug(9, "Target value: \"" + limitTo(80, + trasn->debug(9, "Target value: \"" + limitTo(80, toHexIfNeeded(value)) + "\" (Variable: " + v->m_key + ")"); #endif - ret = this->op->evaluate(assay, value); + ret = this->op->evaluate(trasn, value); #ifndef NO_LOGS clock_t end = clock(); double elapsed_secs = static_cast(end - begin) \ / CLOCKS_PER_SEC; - assay->debug(4, "Operator completed in " + \ + trasn->debug(4, "Operator completed in " + \ std::to_string(elapsed_secs) + " seconds"); #endif @@ -388,17 +388,17 @@ bool Rule::evaluate(Assay *assay) { bool containsDisruptive = false; bool chainResult = false; #ifndef NO_LOGS - assay->debug(4, "Rule returned 1."); + trasn->debug(4, "Rule returned 1."); #endif for (Action *a : this->actions_runtime_pos) { if (a->isDisruptive() == false) { #ifndef NO_LOGS - assay->debug(4, "Running (_non_ disruptive) action: " \ - + a->action); + trasn->debug(4, "Running (_non_ disruptive) " \ + "action: " + a->action); #endif - a->evaluate(this, assay); + a->evaluate(this, trasn); } else { containsDisruptive = true; } @@ -406,59 +406,59 @@ bool Rule::evaluate(Assay *assay) { if (this->chained && this->chainedRule == NULL) { #ifndef NO_LOGS - assay->debug(4, "Rule is marked as chained but there " \ + trasn->debug(4, "Rule is marked as chained but there " \ "isn't a subsequent rule."); #endif } if (this->chained && this->chainedRule != NULL) { #ifndef NO_LOGS - assay->debug(4, "Executing chained rule."); + trasn->debug(4, "Executing chained rule."); #endif - if (assay->m_collections.storeOrUpdateFirst("MATCHED_VAR", + if (trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR", value) == false) { - assay->m_collections.store("MATCHED_VAR", value); + trasn->m_collections.store("MATCHED_VAR", value); } - if (assay->m_collections.storeOrUpdateFirst( + if (trasn->m_collections.storeOrUpdateFirst( "MATCHED_VAR_NAME", v->m_key) == false) { - assay->m_collections.store("MATCHED_VAR_NAME", + trasn->m_collections.store("MATCHED_VAR_NAME", v->m_key); } - assay->m_collections.store("MATCHED_VARS:" + trasn->m_collections.store("MATCHED_VARS:" + v->m_key, value); - assay->m_collections.store("MATCHED_VARS_NAMES:" + trasn->m_collections.store("MATCHED_VARS_NAMES:" + v->m_key, v->m_key); - chainResult = this->chainedRule->evaluate(assay); - assay->m_collections.storeOrUpdateFirst("MATCHED_VAR", ""); - assay->m_collections.del("MATCHED_VARS:" + v->m_key); - assay->m_collections.del("MATCHED_VARS_NAMES:" + v->m_key); - assay->m_collections.del("MATCHED_VARS_NAME"); + chainResult = this->chainedRule->evaluate(trasn); + trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR", ""); + trasn->m_collections.del("MATCHED_VARS:" + v->m_key); + trasn->m_collections.del("MATCHED_VARS_NAMES:" + v->m_key); + trasn->m_collections.del("MATCHED_VARS_NAME"); } if ((this->chained && chainResult == true) || !this->chained) { for (Action *a : - assay->m_rules->defaultActions[this->phase]) { + trasn->m_rules->defaultActions[this->phase]) { if (a->action_kind == actions::Action::RunTimeOnlyIfMatchKind) { if (a->isDisruptive()) { if (containsDisruptive) { #ifndef NO_LOGS - assay->debug(4, "(SecDefaultAction) " \ - "_ignoring_ action: " + a->action \ - + " (rule contains " \ - + "a disruptive action)"); + trasn->debug(4, + "(SecDefaultAction) _ignoring_ " \ + "action: " + a->action + \ + " (rule contains a disruptive action)"); #endif } else { - if (assay->m_rules->secRuleEngine + if (trasn->m_rules->secRuleEngine == Rules::EnabledRuleEngine) { #ifndef NO_LOGS - assay->debug(4, "(SecDefaultAction) " \ + trasn->debug(4, "(SecDefaultAction) " \ "Running action: " + a->action + \ " (rule _does not_ contains a " \ "disruptive action)"); #endif - a->evaluate(this, assay); + a->evaluate(this, trasn); } else { #ifndef NO_LOGS - assay->debug(4, "(SecDefaultAction) " \ + trasn->debug(4, "(SecDefaultAction) " \ "_Not_ running action: " \ + a->action + ". Rule _does not_" \ + " contains a disruptive action,"\ @@ -468,27 +468,27 @@ bool Rule::evaluate(Assay *assay) { } } else { #ifndef NO_LOGS - assay->debug(4, "(SecDefaultAction) Running " \ + trasn->debug(4, "(SecDefaultAction) Running " \ "action: " + a->action + "!!" \ + std::to_string(a->isDisruptive())); #endif - a->evaluate(this, assay); + a->evaluate(this, trasn); } } } for (Action *a : this->actions_runtime_pos) { if (a->isDisruptive() - && assay->m_rules->secRuleEngine + && trasn->m_rules->secRuleEngine == Rules::EnabledRuleEngine) { #ifndef NO_LOGS - assay->debug(4, "Running (disruptive) action: " + \ - a->action); + trasn->debug(4, "Running (disruptive) " \ + "action: " + a->action); #endif - a->evaluate(this, assay); + a->evaluate(this, trasn); } else if (a->isDisruptive()) { #ifndef NO_LOGS - assay->debug(4, + trasn->debug(4, "Not running disruptive action: " + \ a->action + ". SecRuleEngine is not On"); #endif @@ -498,7 +498,7 @@ bool Rule::evaluate(Assay *assay) { } else { #ifndef NO_LOGS - assay->debug(4, "Rule returned 0."); + trasn->debug(4, "Rule returned 0."); #endif } } diff --git a/src/rules.cc b/src/rules.cc index d8ed622d..5bd75aea 100644 --- a/src/rules.cc +++ b/src/rules.cc @@ -22,7 +22,7 @@ #include #include "modsecurity/modsecurity.h" -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" #include "parser/driver.h" #include "utils/https_client.h" @@ -35,7 +35,7 @@ namespace modsecurity { /** * @name incrementReferenceCount - * @brief Increment the number of assays using this class + * @brief Increment the number of transactions using this class * @ingroup ModSecCore * * At certain point it is expected to have two differnt @@ -45,7 +45,7 @@ namespace modsecurity { * for the old connections and the new rules are available * for the newest connections. * - * @return Number of the current assays using this rules + * @return Number of the current transactions using this rules * */ void Rules::incrementReferenceCount(void) { @@ -54,10 +54,10 @@ void Rules::incrementReferenceCount(void) { /** * @name decrementReferenceCount - * @brief Decrement the number of assays using this class + * @brief Decrement the number of transactions using this class * @ingroup ModSecCore * - * @return Number of the current assays using this rules + * @return Number of the current transactions using this rules * */ void Rules::decrementReferenceCount(void) { @@ -160,7 +160,7 @@ std::string Rules::getParserError() { } -int Rules::evaluate(int phase, Assay *assay) { +int Rules::evaluate(int phase, Transaction *transaction) { if (phase > ModSecurity::Phases::NUMBER_OF_PHASES) { return 0; } @@ -172,17 +172,17 @@ int Rules::evaluate(int phase, Assay *assay) { for (int i = 0; i < rules.size(); i++) { Rule *rule = rules[i]; - if (assay->m_marker.empty()) { - rule->evaluate(assay); + if (transaction->m_marker.empty()) { + rule->evaluate(transaction); } else { debug(9, "Skipped rule id '" + std::to_string(rule->rule_id) \ - + "' due to a SecMarker: " + assay->m_marker); + + "' due to a SecMarker: " + transaction->m_marker); m_secmarker_skipped++; debug(9, "Rule: " + rule->m_marker); - if (rule->m_secmarker && rule->m_marker == assay->m_marker) { + if (rule->m_secmarker && rule->m_marker == transaction->m_marker) { debug(4, "Out of a SecMarker after skip " \ + std::to_string(m_secmarker_skipped) + " rules."); - assay->m_marker.clear(); + transaction->m_marker.clear(); m_secmarker_skipped = 0; } } @@ -222,9 +222,8 @@ int Rules::merge(Driver *from) { this->responseBodyLimitAction = from->responseBodyLimitAction; for (std::set::iterator - it=from->m_responseBodyTypeToBeInspected.begin(); - it!=from->m_responseBodyTypeToBeInspected.end(); ++it) - { + it = from->m_responseBodyTypeToBeInspected.begin(); + it != from->m_responseBodyTypeToBeInspected.end(); ++it) { m_responseBodyTypeToBeInspected.insert(*it); } diff --git a/src/transaction.cc b/src/transaction.cc new file mode 100644 index 00000000..59323588 --- /dev/null +++ b/src/transaction.cc @@ -0,0 +1,1985 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include "modsecurity/transaction.h" + +#ifdef WITH_YAJL +#include +#include +#endif +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "modsecurity/modsecurity.h" +#include "modsecurity/intervention.h" +#include "actions/action.h" +#include "actions/deny.h" +#include "src/utils.h" +#include "src/audit_log.h" +#include "src/unique_id.h" +#include "request_body_processor/multipart.h" + +using modsecurity::actions::Action; +using modsecurity::RequestBodyProcessor::Multipart; + +namespace modsecurity { + +/** + * @name Transaction + * @brief Represents the inspection on an entire request. + * + * An instance of the Transaction class represents an entire request, on its + * different phases. + * + * @note Remember to cleanup the transaction when the transaction is complete. + * + * @param ms ModSecurity core pointer. + * @param rules Rules pointer. + * + * Example Usage: + * @code + * + * using ModSecurity::ModSecurity; + * using ModSecurity::Rules; + * using ModSecurity::Transaction; + * + * ModSecurity *modsec; + * ModSecurity::Rules *rules; + * + * modsec = new ModSecurity(); + * rules = new Rules(); + * rules->loadFromUri(rules_file); + * + * Transaction *modsecTransaction = new Transaction(modsec, rules); + * modsecTransaction->processConnection("127.0.0.1", 33333, "127.0.0.1", 8080); + * + * if (modsecTransaction->intervention()) { + * std::cout << "There is an intervention" << std::endl; + * } + * + * ... + * + * @endcode + * + */ +Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData) + : m_clientIpAddress(""), + m_serverIpAddress(""), + m_clientPort(0), + m_serverPort(0), + m_uri(""), + m_protocol(""), + m_httpVersion(""), + m_rules(rules), + save_in_auditlog(false), + do_not_save_in_auditlog(false), + timeStamp(std::time(NULL)), + httpCodeReturned(200), + highest_severity(255), + m_ARGScombinedSize(0), + m_ARGScombinedSizeStr(NULL), + m_namesArgs(NULL), + m_namesArgsPost(NULL), + m_namesArgsGet(NULL), + m_requestBodyType(UnknownFormat), + m_requestHeadersNames(NULL), + m_responseHeadersNames(NULL), + m_responseContentType(NULL), + m_marker(""), + start(cpu_seconds()), + m_logCbData(logCbData), + m_ms(ms) { + id = std::to_string(this->timeStamp) + \ + std::to_string(generate_transaction_unique_id()); + m_rules->incrementReferenceCount(); + + m_collections.store("ARGS_COMBINED_SIZE", std::string("0")); + m_ARGScombinedSizeStr = m_collections.resolveFirst("ARGS_COMBINED_SIZE"); + m_collections.store("ARGS_NAMES", std::string("")); + this->m_namesArgs = m_collections.resolveFirst("ARGS_NAMES"); + m_collections.store("ARGS_POST_NAMES", std::string("")); + this->m_namesArgsPost = m_collections.resolveFirst("ARGS_POST_NAMES"); + m_collections.store("ARGS_GET_NAMES", std::string("")); + this->m_namesArgsGet = m_collections.resolveFirst("ARGS_GET_NAMES"); + m_collections.store("REQUEST_HEADERS_NAMES", std::string("")); + this->m_requestHeadersNames = m_collections.resolveFirst( + "REQUEST_HEADERS_NAMES"); + m_collections.store("RESPONSE_HEADERS_NAMES", std::string("")); + this->m_responseHeadersNames = m_collections.resolveFirst( + "RESPONSE_HEADERS_NAMES"); + m_collections.store("RESPONSE_CONTENT_TYPE", std::string("")); + this->m_responseContentType = m_collections.resolveFirst( + "RESPONSE_CONTENT_TYPE"); + + +#ifndef NO_LOGS + this->debug(4, "Initialising transaction"); +#endif +} + + +Transaction::~Transaction() { + m_responseBody.str(std::string()); + m_responseBody.clear(); + + m_requestBody.str(std::string()); + m_requestBody.clear(); + + for (auto &a : m_collections) { + delete a.second; + } + + m_rules->decrementReferenceCount(); +} + + +/** + * @name debug + * @brief Prints a message on the debug logs. + * + * Debug logs are important during the rules creation phase, this method can be + * used to print message on this debug log. + * + * @param level Debug level, current supported from 0 to 9. + * @param message Message to be logged. + * + */ +#ifndef NO_LOGS +void Transaction::debug(int level, std::string message) { + if (m_rules == NULL) { + return; + } + + m_rules->debug(level, message); +} +#endif + +/** + * @name processConnection + * @brief Perform the analysis on the connection. + * + * This method should be called at very beginning of a request process, it is + * expected to be executed prior to the virtual host resolution, when the + * connection arrives on the server. + * + * @note Remember to check for a possible intervention. + * + * @param transaction ModSecurity Transaction. + * @param client Client's IP address in text format. + * @param cPort Client's port + * @param server Server's IP address in text format. + * @param sPort Server's port + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::processConnection(const char *client, int cPort, + const char *server, int sPort) { + this->m_clientIpAddress = client; + this->m_serverIpAddress = server; + this->m_clientPort = cPort; + this->m_serverPort = sPort; +#ifndef NO_LOGS + debug(4, "Transaction context created."); + debug(4, "Starting phase CONNECTION. (SecRules 0)"); +#endif + + this->m_collections.store("REMOTE_HOST", m_clientIpAddress); + this->m_collections.store("UNIQUE_ID", id); + this->m_collections.store("REMOTE_ADDR", m_clientIpAddress); + this->m_collections.store("SERVER_ADDR", m_serverIpAddress); + this->m_collections.store("SERVER_PORT", + std::to_string(this->m_serverPort)); + this->m_collections.store("REMOTE_PORT", + std::to_string(this->m_clientPort)); + this->m_rules->evaluate(ModSecurity::ConnectionPhase, this); + return true; +} + + +/** + * @name processURI + * @brief Perform the analysis on the URI and all the query string variables. + * + * This method should be called at very beginning of a request process, it is + * expected to be executed prior to the virtual host resolution, when the + * connection arrives on the server. + * + * @note There is no direct connection between this function and any phase of + * the SecLanguage's phases. It is something that may occur between the + * SecLanguage phase 1 and 2. + * @note Remember to check for a possible intervention. + * + * @param transaction ModSecurity transaction. + * @param uri Uri. + * @param protocol Protocol (GET, POST, PUT). + * @param http_version Http version (1.0, 1.2, 2.0). + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::processURI(const char *uri, const char *protocol, + const char *http_version) { + +#ifndef NO_LOGS + debug(4, "Starting phase URI. (SecRules 0 + 1/2)"); +#endif + + m_protocol = protocol; + m_httpVersion = http_version; + m_uri = uri; + std::string uri_s(uri); + m_uri_decoded = uri_decode(uri); + + size_t pos = m_uri_decoded.find("?"); + size_t pos_raw = uri_s.find("?"); + + m_collections.store("REQUEST_LINE", std::string(protocol) + " " + + std::string(uri) + " HTTP/" + std::string(http_version)); + + if (pos_raw != std::string::npos) { + m_collections.store("QUERY_STRING", std::string(uri_s, pos_raw + 1, + uri_s.length() - (pos_raw + 1))); + } + + std::string path_info; + if (pos == std::string::npos) { + path_info = std::string(m_uri_decoded, 0); + } else { + path_info = std::string(m_uri_decoded, 0, pos); + } + m_collections.store("PATH_INFO", path_info); + m_collections.store("REQUEST_FILENAME", path_info); + + size_t offset = path_info.find_last_of("/\\"); + if (offset != std::string::npos) { + std::string basename = std::string(path_info, offset, + path_info.length() - offset); + m_collections.store("REQUEST_BASENAME", basename); + } + m_collections.store("REQUEST_METHOD", protocol); + m_collections.store("REQUEST_PROTOCOL", + "HTTP/" + std::string(http_version)); + + std::string parsedURI = uri; + // The more popular case is without domain + if (!m_uri_decoded.empty() && m_uri_decoded.at(0) != '/') { + bool fullDomain = true; + size_t scheme = m_uri_decoded.find(":")+1; + if (scheme == std::string::npos) { + fullDomain = false; + } + // Searching with a pos of -1 is undefined we also shortcut + if (scheme != std::string::npos && fullDomain == true) { + // Assuming we found a colon make sure its followed + size_t netloc = m_uri_decoded.find("//", scheme) + 2; + if (netloc == std::string::npos || (netloc != scheme + 2)) { + fullDomain = false; + } + if (netloc != std::string::npos && fullDomain == true) { + size_t path = m_uri_decoded.find("/", netloc); + if (path != std::string::npos && fullDomain == true) { + parsedURI = m_uri_decoded.substr(path); + } + } + } + } + + m_collections.store("REQUEST_URI", parsedURI); + m_collections.store("REQUEST_URI_RAW", uri); + + if (pos != std::string::npos && (m_uri_decoded.length() - pos) > 2) { + /** + * FIXME: + * + * This is configurable by secrules, we should respect whatever + * the secrules said about it. + * + */ + char sep1 = '&'; + std::string sets(m_uri_decoded, pos + 1, m_uri_decoded.length() - + (pos + 1)); + std::vector key_value_sets = split(sets, sep1); + + for (std::string t : key_value_sets) { + /** + * FIXME: + * + * Mimic modsecurity when there are multiple keys with the same name. + * + */ + char sep2 = '='; + + std::vector key_value = split(t, sep2); + if (key_value.size() <= 1) { + /** TODO: Verify what ModSecurity 2.9.0 does when there is a + * key without an argument + */ + continue; + } + std::string key = key_value[0]; + std::string value = key_value[1]; + int i = key_value.size() - 1; + while (i > 2) { + value = value + sep2 + key_value[i]; + i--; + } + + m_collections.store("ARGS:" + key, value); + m_collections.store("ARGS_GET:" + key, value); + + if (m_namesArgs->empty()) { + m_namesArgs->assign(key); + } else { + m_namesArgs->assign(*m_namesArgs + " " + key); + } + if (m_namesArgsGet->empty()) { + m_namesArgsGet->assign(key); + } else { + m_namesArgsGet->assign(*m_namesArgsGet + " " + key); + } + + this->m_ARGScombinedSize = this->m_ARGScombinedSize + \ + key.length() + value.length(); + this->m_ARGScombinedSizeStr->assign( + std::to_string(this->m_ARGScombinedSize)); +#ifndef NO_LOGS + debug(4, "Adding request argument (QUERY_STRING): name \"" + \ + key + "\", value \"" + value + "\""); +#endif + } + } + return true; +} + + +/** + * @name processRequestHeaders + * @brief Perform the analysis on the request readers. + * + * This method perform the analysis on the request headers, notice however + * that the headers should be added prior to the execution of this function. + * + * @note Remember to check for a possible intervention. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::processRequestHeaders() { +#ifndef NO_LOGS + debug(4, "Starting phase REQUEST_HEADERS. (SecRules 1)"); +#endif + + if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) { +#ifndef NO_LOGS + debug(4, "Rule engine disabled, returning..."); +#endif + return true; + } + + this->m_rules->evaluate(ModSecurity::RequestHeadersPhase, this); + + return true; +} + + +/** + * @name addRequestHeader + * @brief Adds a request header + * + * With this method it is possible to feed ModSecurity with a request header. + * + * @note This function expects a NULL terminated string, for both: key and + * value. + * + * @param key header name. + * @param value header value. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::addRequestHeader(const std::string& key, + const std::string& value) { + m_requestHeadersNames->assign(*m_requestHeadersNames + " " + key); + + this->m_collections.store("REQUEST_HEADERS:" + key, value); + + std::string keyl = tolower(key); + if (keyl == "authorization") { + std::vector type = split(value, ' '); + this->m_collections.store("AUTH_TYPE", type[0]); + } + + if (keyl == "cookie") { + std::vector cookies = split(value, ';'); + while (cookies.empty() == false) { + std::vector s = split(cookies.back(), '='); + if (s.size() > 1) { + if (s[0].at(0) == ' ') { + s[0].erase(0, 1); + } + this->m_collections.store("REQUEST_COOKIES:" + + s[0], s[1]); + this->m_collections.store("REQUEST_COOKIES_NAMES:" + + s[0], s[0]); + } + cookies.pop_back(); + } + } + /** + * Simple check to decide the request body content. This is not the right + * place, the "body processor" should be able to tell what he is capable + * to deal with. + * + */ + + if (keyl == "content-type") { + std::string multipart("multipart/form-data"); + std::string l = tolower(value); + + if (l.compare(0, multipart.length(), multipart) == 0) { + this->m_requestBodyType = MultiPartRequestBody; + } + + if (l == "application/x-www-form-urlencoded") { + this->m_requestBodyType = WWWFormUrlEncoded; + } + } + return 1; +} + + +/** + * @name addRequestHeader + * @brief Adds a request header + * + * With this method it is possible to feed ModSecurity with a request header. + * + * @note This function expects a NULL terminated string, for both: key and + * value. + * + * @param key header name. + * @param value header value. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::addRequestHeader(const unsigned char *key, + const unsigned char *value) { + return this->addRequestHeader(key, + strlen(reinterpret_cast(key)), + value, + strlen(reinterpret_cast(value))); +} + + +/** + * @name addRequestHeader + * @brief Adds a request header + * + * Do not expect a NULL terminated string, instead it expect the string and the + * string size, for the value and key. + * + * @param transaction ModSecurity transaction. + * @param key header name. + * @param key_n header name size. + * @param value header value. + * @param value_n header value size. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +int Transaction::addRequestHeader(const unsigned char *key, size_t key_n, + const unsigned char *value, size_t value_n) { + std::string keys; + std::string values; + + keys.assign(reinterpret_cast(key), key_n); + values.assign(reinterpret_cast(value), value_n); + + return this->addRequestHeader(keys, values); +} + + +/** + * @name processRequestBody + * @brief Perform the request body (if any) + * + * This method perform the analysis on the request body. It is optional to + * call that function. If this API consumer already know that there isn't a + * body for inspect it is recommended to skip this step. + * + * @note It is necessary to "append" the request body prior to the execution + * of this function. + * @note Remember to check for a possible intervention. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::processRequestBody() { +#ifndef NO_LOGS + debug(4, "Starting phase REQUEST_BODY. (SecRules 2)"); +#endif + + if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) { +#ifndef NO_LOGS + debug(4, "Rule engine disabled, returning..."); +#endif + return true; + } + + if (m_collections.resolveFirst("INBOUND_DATA_ERROR") == NULL) { + m_collections.store("INBOUND_DATA_ERROR", "0"); + } + + /* + * Process the request body even if there is nothing to be done. + * + * if (m_requestBody.tellp() <= 0) { + * return true; + * } + * + */ + + if (m_requestBodyType == MultiPartRequestBody) { + std::string *a = m_collections.resolveFirst( + "REQUEST_HEADERS:Content-Type"); + if (a != NULL) { + Multipart m(*a, this); + + if (m.init() == true) { + m.process(m_requestBody.str()); + for (auto &a : m.variables) { + m_collections.store(a.first, a.second); + } + if (m.crlf && m.lf) { + m_collections.store("MULTIPART_CRLF_LF_LINES", "1"); + } else { + m_collections.store("MULTIPART_CRLF_LF_LINES", "0"); + } + if (m.boundaryStartsWithWhiteSpace) { +#ifndef NO_LOGS + debug(9, "Multipart: Boundary starts with white space, " \ + "setting MULTIPART_STRICT_ERROR to 1"); +#endif + m_collections.storeOrUpdateFirst( + "MULTIPART_STRICT_ERROR", "1"); + } + if (m.boundaryIsQuoted) { +#ifndef NO_LOGS + + debug(9, "Multipart: Boundary is quoted, " \ + "setting MULTIPART_STRICT_ERROR to 1"); +#endif + m_collections.storeOrUpdateFirst( + "MULTIPART_STRICT_ERROR", "1"); + } + if (m.containsDataAfter) { +#ifndef NO_LOGS + debug(9, "Multipart: There is data after the boundary, " \ + "setting MULTIPART_STRICT_ERROR to 1"); +#endif + m_collections.storeOrUpdateFirst( + "MULTIPART_STRICT_ERROR", "1"); + m_collections.store("MULTIPART_UNMATCHED_BOUNDARY", "1"); + } else { + m_collections.store("MULTIPART_UNMATCHED_BOUNDARY", "0"); + } + if (m.containsDataBefore) { +#ifndef NO_LOGS + debug(9, "Multipart: There is data before the boundary, " \ + "setting MULTIPART_STRICT_ERROR to 1"); +#endif + m_collections.storeOrUpdateFirst( + "MULTIPART_STRICT_ERROR", "1"); + } + if (m.lf) { +#ifndef NO_LOGS + debug(9, "Multipart: Lines are LF-terminated, " \ + "setting MULTIPART_STRICT_ERROR to 1"); +#endif + m_collections.storeOrUpdateFirst( + "MULTIPART_STRICT_ERROR", "1"); + } + if (m.missingSemicolon) { +#ifndef NO_LOGS + debug(9, "Multipart: Boundary missing semicolon, " \ + "setting MULTIPART_STRICT_ERROR to 1"); +#endif + m_collections.storeOrUpdateFirst( + "MULTIPART_STRICT_ERROR", "1"); + } + if (m.invalidQuote) { +#ifndef NO_LOGS + debug(9, "Multipart: Invalid quote, " \ + "setting MULTIPART_STRICT_ERROR to 1"); +#endif + m_collections.storeOrUpdateFirst( + "MULTIPART_STRICT_ERROR", "1"); + } + } + } + } + + if (m_requestBodyType == WWWFormUrlEncoded) { + std::string content = uri_decode(m_requestBody.str()); + if (content.empty() == false) { + content.pop_back(); + } + + /** + * FIXME: + * + * This is configurable by secrules, we should respect whatever + * the secrules said about it. + * + */ + char sep1 = '&'; + + std::vector key_value = split(content.c_str(), sep1); + + for (std::string t : key_value) { + /** + * FIXME: + * + * Mimic modsecurity when there are multiple keys with the same name. + * + */ + char sep2 = '='; + + std::vector key_value = split(t, sep2); + m_collections.store("ARGS:" + key_value[0], key_value[1]); + m_collections.store("ARGS_POST:" + key_value[0], key_value[1]); + + if (m_namesArgs->empty()) { + m_namesArgs->assign(key_value[0]); + } else { + m_namesArgs->assign(*m_namesArgs + " " + key_value[0]); + } + if (m_namesArgsPost->empty()) { + m_namesArgsPost->assign(key_value[0]); + } else { + m_namesArgsPost->assign(*m_namesArgsPost + " " + key_value[0]); + } + + this->m_ARGScombinedSize = this->m_ARGScombinedSize + \ + key_value[0].length() + key_value[1].length(); + this->m_ARGScombinedSizeStr->assign( + std::to_string(this->m_ARGScombinedSize)); + } + } + + /** + * FIXME: This variable should be calculated on demand, it is + * computationally intensive. + */ + std::string fullRequest; + std::vector l; + m_collections.resolveMultiMatches("REQUEST_HEADERS", &l); + for (auto &a : l) { + fullRequest = fullRequest + \ + std::string(a->m_key, 16, a->m_key.length() - 16) + ": " \ + + a->m_value + "\n"; + } + + while (l.empty() == false) { + delete l.back(); + l.pop_back(); + } + + fullRequest = fullRequest + "\n\n"; + fullRequest = fullRequest + m_requestBody.str(); + m_collections.store("FULL_REQUEST", fullRequest); + m_collections.store("FULL_REQUEST_LENGTH", + std::to_string(fullRequest.size())); + + if (m_requestBody.tellp() > 0) { + m_collections.store("REQUEST_BODY", m_requestBody.str()); + m_collections.store("REQUEST_BODY_LENGTH", + std::to_string(m_requestBody.str().size())); + } + + this->m_rules->evaluate(ModSecurity::RequestBodyPhase, this); + return true; +} + + +/** + * @name appendRequestBody + * @brief Adds request body to be inspected. + * + * With this method it is possible to feed ModSecurity with data for + * inspection regarding the request body. There are two possibilities here: + * + * 1 - Adds the buffer in a row; + * 2 - Adds it in chunks; + * + * A third option should be developed which is share your application buffer. + * In any case, remember that the utilization of this function may reduce your + * server throughput, as this buffer creations is computationally expensive. + * + * @note While feeding ModSecurity remember to keep checking if there is an + * intervention, Sec Language has the capability to set the maximum + * inspection size which may be reached, and the decision on what to do + * in this case is upon the rules. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::requestBodyFromFile(const char *path) { + std::ifstream request_body(path); + std::string str; + + if (request_body.is_open() == false) { +#ifndef NO_LOGS + debug(3, "Failed to open request body at: " + std::string(path)); +#endif + return false; + } + + request_body.seekg(0, std::ios::end); + str.reserve(request_body.tellg()); + request_body.seekg(0, std::ios::beg); + str.assign((std::istreambuf_iterator(request_body)), + std::istreambuf_iterator()); + + const char *buf = str.c_str(); + int len = request_body.tellg(); + +#ifndef NO_LOGS + debug(9, "Adding request body: " + std::to_string(len) + " bytes. " \ + "Limit set to: " + std::to_string(this->m_rules->requestBodyLimit)); +#endif + + return appendRequestBody(reinterpret_cast(buf), len); +} + +int Transaction::appendRequestBody(const unsigned char *buf, size_t len) { + int current_size = this->m_requestBody.tellp(); + +#ifndef NO_LOGS + debug(9, "Appending request body: " + std::to_string(len) + " bytes. " \ + "Limit set to: " + std::to_string(this->m_rules->requestBodyLimit)); +#endif + + if (this->m_rules->requestBodyLimit > 0 + && this->m_rules->requestBodyLimit < len + current_size) { + m_collections.store("INBOUND_DATA_ERROR", "1"); +#ifndef NO_LOGS + debug(5, "Request body is bigger than the maximum expected."); +#endif + if (this->m_rules->requestBodyLimitAction == + Rules::BodyLimitAction::ProcessPartialBodyLimitAction) { + size_t spaceLeft = this->m_rules->requestBodyLimit - current_size; + this->m_requestBody.write(reinterpret_cast(buf), + spaceLeft); +#ifndef NO_LOGS + debug(5, "Request body limit is marked to process partial"); +#endif + return false; + } else { + if (this->m_rules->requestBodyLimitAction == + Rules::BodyLimitAction::RejectBodyLimitAction) { +#ifndef NO_LOGS + debug(5, "Request body limit is marked to reject the " \ + "request"); +#endif + Action *a = new actions::Deny("deny"); + a->temporaryAction = true; + actions.push_back(a); + } + return true; + } + } + + this->m_requestBody.write(reinterpret_cast(buf), len); + + return true; +} + + +/** + * @name processResponseHeaders + * @brief Perform the analysis on the response readers. + * + * This method perform the analysis on the response headers, notice however + * that the headers should be added prior to the execution of this function. + * + * @note Remember to check for a possible intervention. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::processResponseHeaders() { +#ifndef NO_LOGS + debug(4, "Starting phase RESPONSE_HEADERS. (SecRules 3)"); +#endif + + if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) { +#ifndef NO_LOGS + debug(4, "Rule engine disabled, returning..."); +#endif + return true; + } + + this->m_rules->evaluate(ModSecurity::ResponseHeadersPhase, this); + return true; +} + + +/** + * @name addResponseHeader + * @brief Adds a response header + * + * With this method it is possible to feed ModSecurity with a response + * header. + * + * @note This method expects a NULL terminated string, for both: key and + * value. + * + * @param key header name. + * @param value header value. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::addResponseHeader(const std::string& key, + const std::string& value) { + m_responseHeadersNames->assign(*m_responseHeadersNames + " " + key); + + this->m_collections.store("RESPONSE_HEADERS:" + key, value); + + if (tolower(key) == "content-type") { + this->m_responseContentType->assign(value); + } + return 1; +} + + +/** + * @name addResponseHeader + * @brief Adds a response header + * + * With this method it is possible to feed ModSecurity with a response + * header. + * + * @note This method expects a NULL terminated string, for both: key and + * value. + * + * @param key header name. + * @param value header value. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::addResponseHeader(const unsigned char *key, + const unsigned char *value) { + return this->addResponseHeader(key, + strlen(reinterpret_cast(key)), + value, + strlen(reinterpret_cast(value))); +} + + +/** + * @name msc_add_n_response_header + * @brief Adds a response header + * + * Do not expect a NULL terminated string, instead it expect the string and the + * string size, for the value and key. + * + * @param key header name. + * @param key_n header name size. + * @param value header value. + * @param value_n header value size. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::addResponseHeader(const unsigned char *key, size_t key_n, + const unsigned char *value, size_t value_n) { + std::string keys; + std::string values; + + keys.assign(reinterpret_cast(key), key_n); + values.assign(reinterpret_cast(value), value_n); + + return this->addResponseHeader(keys, values); +} + + +/** + * @name processResponseBody + * @brief Perform the request body (if any) + * + * This method perform the analysis on the request body. It is optional to + * call that method. If this API consumer already know that there isn't a + * body for inspect it is recommended to skip this step. + * + * @note It is necessary to "append" the request body prior to the execution + * of this method. + * @note Remember to check for a possible intervention. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::processResponseBody() { +#ifndef NO_LOGS + debug(4, "Starting phase RESPONSE_BODY. (SecRules 4)"); +#endif + + if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) { +#ifndef NO_LOGS + debug(4, "Rule engine disabled, returning..."); +#endif + return true; + } + + std::set &bi = this->m_rules->m_responseBodyTypeToBeInspected; + auto t = bi.find(*m_responseContentType); + if (t == bi.end() && bi.empty() == false) { +#ifndef NO_LOGS + debug(5, "Response Content-Type is " + *m_responseContentType + \ + ". It is not marked to be inspected."); + std::string validContetTypes(""); + for (std::set::iterator i = bi.begin(); + i != bi.end(); i++) { + validContetTypes.append(*i + " "); + } + debug(8, "Content-Type(s) marked to be inspected: " + validContetTypes); +#endif + return true; + } + if (m_collections.resolveFirst("OUTBOUND_DATA_ERROR") == NULL) { + m_collections.store("OUTBOUND_DATA_ERROR", "0"); + } + + m_collections.store("RESPONSE_BODY", m_responseBody.str()); + m_collections.store("RESPONSE_CONTENT_LENGTH", + std::to_string(m_responseBody.str().size())); + + this->m_rules->evaluate(ModSecurity::ResponseBodyPhase, this); + return true; +} + + +/** + * @name appendResponseBody + * @brief Adds reponse body to be inspected. + * + * With this method it is possible to feed ModSecurity with data for + * inspection regarding the response body. ModSecurity can also update the + * contents of the response body, this is not quite ready yet on this version + * of the API. + * + * @note If the content is updated, the client cannot receive the content + * length header filled, at least not with the old values. Otherwise + * unexpected behavior may happens. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed, process partial demanded. + * + */ +int Transaction::appendResponseBody(const unsigned char *buf, size_t len) { + int current_size = this->m_responseBody.tellp(); + + std::set &bi = this->m_rules->m_responseBodyTypeToBeInspected; + auto t = bi.find(*m_responseContentType); + if (t == bi.end() && bi.empty() == false) { +#ifndef NO_LOGS + debug(4, "Not appending response body. " \ + "Response Content-Type is " + *m_responseContentType + \ + ". It is not marked to be inspected."); +#endif + return true; + } + +#ifndef NO_LOGS + debug(9, "Appending response body: " + std::to_string(len + current_size) + + " bytes. Limit set to: " + + std::to_string(this->m_rules->responseBodyLimit)); +#endif + + if (this->m_rules->responseBodyLimit > 0 + && this->m_rules->responseBodyLimit < len + current_size) { + m_collections.store("OUTBOUND_DATA_ERROR", "1"); +#ifndef NO_LOGS + debug(5, "Response body is bigger than the maximum expected."); +#endif + if (this->m_rules->responseBodyLimitAction == + Rules::BodyLimitAction::ProcessPartialBodyLimitAction) { + size_t spaceLeft = this->m_rules->responseBodyLimit - current_size; + this->m_responseBody.write(reinterpret_cast(buf), + spaceLeft); +#ifndef NO_LOGS + debug(5, "Response body limit is marked to process partial"); +#endif + return false; + } else { + if (this->m_rules->responseBodyLimitAction == + Rules::BodyLimitAction::RejectBodyLimitAction) { +#ifndef NO_LOGS + debug(5, "Response body limit is marked to reject the " \ + "request"); +#endif + Action *a = new actions::Deny("deny"); + a->temporaryAction = true; + actions.push_back(a); + } + return true; + } + } + + this->m_responseBody.write(reinterpret_cast(buf), len); + + return true; +} + + +/** + * @name getResponseBody + * @brief Retrieve a buffer with the updated response body. + * + * This method is needed to be called whenever ModSecurity update the + * contents of the response body, otherwise there is no need to call this + * method. + * + * @return It returns a buffer (const char *) + * @retval >0 body was update and available. + * @retval NULL Nothing was updated. + * + */ +const char *Transaction::getResponseBody() { + // int there_is_update = this->rules->loadResponseBodyFromJS(this); + return this->m_responseBody.str().c_str(); +} + + +/** + * @name getResponseBodyLenth + * @brief Retrieve the length of the updated response body. + * + * This method returns the size of the update response body buffer, notice + * however, that most likely there isn't an update. Thus, this method will + * return 0. + * + * + * @return Size of the update response body. + * @retval ==0 there is no update. + * @retval >0 the size of the updated buffer. + * + */ +int Transaction::getResponseBodyLenth() { + int size = 0; +#if 0 + int there_is_update = this->rules->loadResponseBodyFromJS(this); + if (there_is_update == -1) { + return -1; + } +#endif + this->m_responseBody.seekp(0, std::ios::end); + size = this->m_responseBody.tellp(); + + return size; +} + + +/** + * @name processLogging + * @brief Logging all information relative to this transaction. + * + * At this point there is not need to hold the connection, the response can be + * delivered prior to the execution of this method. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +int Transaction::processLogging(int returned_code) { +#ifndef NO_LOGS + debug(4, "Starting phase LOGGING. (SecRules 5)"); +#endif + + if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) { +#ifndef NO_LOGS + debug(4, "Rule engine disabled, returning..."); +#endif + return true; + } + + this->httpCodeReturned = returned_code; + this->m_rules->evaluate(ModSecurity::LoggingPhase, this); + + /* If relevant, save this transaction information at the audit_logs */ + if (m_rules != NULL && m_rules->audit_log != NULL) { + int parts = -1; +#ifndef NO_LOGS + debug(8, "Checking if this request is suitable to be " \ + "saved as an audit log."); +#endif + + if (this->auditLogModifier.size() > 0) { +#ifndef NO_LOGS + debug(4, "There was an audit log modifier for this transaction."); +#endif + std::list>::iterator it; + parts = this->m_rules->audit_log->m_parts; + for (it = auditLogModifier.begin(); + it != auditLogModifier.end(); ++it) { + std::pair p = *it; + if (p.first == 0) { // Add + parts = this->m_rules->audit_log->addParts(parts, + p.second); + } else { // Remove + parts = this->m_rules->audit_log->removeParts(parts, + p.second); + } + } + } +#ifndef NO_LOGS + if (save_in_auditlog) { + debug(8, "This request was marked to be " \ + "saved via auditlog action."); + } +#endif + + bool saved = this->m_rules->audit_log->saveIfRelevant(this, parts); + if (saved) { +#ifndef NO_LOGS + debug(8, "Request was relevant to be saved."); +#endif + } + } + + return true; +} + + +/** + * @name cleanup + * @brief Removes all the resources allocated by a given Transaction. + * + * It is mandatory to call this function after every request being finished, + * otherwise it may end up in a huge memory leak. + * + * @returns If the operation was successful or not. + * @retval true Operation was successful. + * @retval false Operation failed. + * + */ +void Transaction::cleanup() { + delete this; +} + + +/** + * @name intervention + * @brief Check if ModSecurity has anything to ask to the server. + * + * Intervention can generate a log event and/or perform a disruptive action. + * + * @param Pointer ModSecurityIntervention structure + * @retval true A intervention should be made. + * @retval false Nothing to be done. + * + */ +bool Transaction::intervention(ModSecurityIntervention *it) { + it->status = 200; + it->url = NULL; + it->disruptive = false; + if (actions.size() > 0) { + for (Action *a : actions) { + if (a->action_kind == Action::Kind::RunTimeOnlyIfMatchKind) { + a->fill_intervention(it); + } + if (a->temporaryAction) { + delete a; + } + } + actions.clear(); + } + return it->disruptive; +} + + +std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename, + double size, const std::string &md5) { + std::stringstream ss; + struct tm timeinfo; + char tstr[300]; + + memset(tstr, '\0', 300); + localtime_r(&this->timeStamp, &timeinfo); + + strftime(tstr, 299, "[%d/%b/%Y:%H:%M:%S %z]", &timeinfo); + + ss << dash_if_empty( + *this->m_collections.resolveFirst("REQUEST_HEADERS:Host")) << " "; + ss << dash_if_empty(this->m_clientIpAddress) << " "; + /** TODO: Check variable */ + ss << dash_if_empty(*this->m_collections.resolveFirst("REMOTE_USER")); + ss << " "; + /** TODO: Check variable */ + ss << dash_if_empty(*this->m_collections.resolveFirst("LOCAL_USER")); + ss << " "; + ss << tstr << " "; + + ss << "\""; + ss << this->m_protocol << " "; + ss << this->m_uri << " "; + ss << "HTTP/" << m_httpVersion; + ss << "\" "; + + ss << this->httpCodeReturned << " "; + ss << this->m_responseBody.tellp(); + /** TODO: Check variable */ + ss << dash_if_empty(*this->m_collections.resolveFirst("REFERER")) << " "; + ss << "\""; + ss << dash_if_empty( + *this->m_collections.resolveFirst("REQUEST_HEADERS:User-Agent")); + ss << "\" "; + ss << this->id << " "; + /** TODO: Check variable */ + ss << dash_if_empty(*this->m_collections.resolveFirst("REFERER")) << " "; + + ss << filename << " "; + ss << "0" << " "; + ss << std::to_string(size) << " "; + ss << "md5:" << md5 << std::endl; + + return ss.str(); +} + + +std::string Transaction::toOldAuditLogFormat(int parts, + const std::string &trailer) { + std::stringstream audit_log; + struct tm timeinfo; + char tstr[300]; + + memset(tstr, '\0', 300); + localtime_r(&this->timeStamp, &timeinfo); + + audit_log << "--" << trailer << "-" << "A--" << std::endl; + strftime(tstr, 299, "[%d/%b/%Y:%H:%M:%S %z]", &timeinfo); + audit_log << tstr; + audit_log << " " << this->id.c_str(); + audit_log << " " << this->m_clientIpAddress; + audit_log << " " << this->m_clientPort; + audit_log << " " << this->m_serverIpAddress; + audit_log << " " << this->m_serverPort; + audit_log << std::endl; + + if (parts & AuditLog::BAuditLogPart) { + audit_log << "--" << trailer << "-" << "B--" << std::endl; + audit_log << this->m_protocol << " " << this->m_uri << " " << "HTTP/"; + audit_log << this->m_httpVersion << std::endl; + + for (auto h : m_collections.m_transient) { + std::string filter = "REQUEST_HEADERS:"; + std::string a = h.first; + std::string b = h.second; + + if (a.compare(0, filter.length(), filter) == 0) { + if (a.length() > filter.length()) { + audit_log << a.c_str() + filter.length() << ": "; + audit_log << b.c_str() << std::endl; + } + } + } + } + if (parts & AuditLog::CAuditLogPart) { + audit_log << "--" << trailer << "-" << "C--" << std::endl; + /** TODO: write audit_log C part. */ + } + if (parts & AuditLog::DAuditLogPart) { + audit_log << "--" << trailer << "-" << "D--" << std::endl; + /** TODO: write audit_log D part. */ + } + if (parts & AuditLog::EAuditLogPart) { + audit_log << "--" << trailer << "-" << "E--" << std::endl; + /** TODO: write audit_log E part. */ + } + if (parts & AuditLog::FAuditLogPart) { + audit_log << "--" << trailer << "-" << "F--" << std::endl; + for (auto h : m_collections.m_transient) { + std::string filter = "RESPONSE_HEADERS:"; + std::string a = h.first; + std::string b = h.second; + + if (a.compare(0, filter.length(), filter) == 0) { + if (a.length() > filter.length()) { + audit_log << a.c_str() + filter.length() << ": "; + audit_log << b.c_str() << std::endl; + } + } + } + } + if (parts & AuditLog::GAuditLogPart) { + audit_log << "--" << trailer << "-" << "G--" << std::endl; + /** TODO: write audit_log G part. */ + } + if (parts & AuditLog::HAuditLogPart) { + audit_log << "--" << trailer << "-" << "H--" << std::endl; + /** TODO: write audit_log H part. */ + } + if (parts & AuditLog::IAuditLogPart) { + audit_log << "--" << trailer << "-" << "I--" << std::endl; + /** TODO: write audit_log I part. */ + } + if (parts & AuditLog::JAuditLogPart) { + audit_log << "--" << trailer << "-" << "J--" << std::endl; + /** TODO: write audit_log J part. */ + } + if (parts & AuditLog::KAuditLogPart) { + audit_log << "--" << trailer << "-" << "K--" << std::endl; + /** TODO: write audit_log K part. */ + } + audit_log << "--" << trailer << "-" << "Z--" << std::endl << std::endl; + + return audit_log.str(); +} + + +std::string Transaction::to_json(int parts) { +#ifdef WITH_YAJL + const unsigned char *buf; + size_t len; + yajl_gen g = NULL; + std::string ts = ascTime(&timeStamp).c_str(); + std::string uniqueId = UniqueId::uniqueId(); + + parts = 0; + g = yajl_gen_alloc(NULL); + if (g == NULL) { + return ""; + } + yajl_gen_config(g, yajl_gen_beautify, 1); + + /* main */ + yajl_gen_map_open(g); + + /* trasaction */ + yajl_gen_string(g, reinterpret_cast("transaction"), + strlen("transaction")); + + yajl_gen_map_open(g); + /* Part: A (header mandatory) */ + LOGFY_ADD("client_ip", this->m_clientIpAddress); + LOGFY_ADD("time_stamp", ts.c_str()); + LOGFY_ADD("server_id", uniqueId.c_str()); + LOGFY_ADD_NUM("client_port", m_clientPort); + LOGFY_ADD("host_ip", m_serverIpAddress); + LOGFY_ADD_NUM("host_port", m_serverPort); + LOGFY_ADD("id", this->id.c_str()); + + /* request */ + yajl_gen_string(g, reinterpret_cast("request"), + strlen("request")); + yajl_gen_map_open(g); + + LOGFY_ADD("protocol", m_protocol); + LOGFY_ADD_INT("http_version", m_httpVersion); + LOGFY_ADD("uri", this->m_uri); + + if (parts & AuditLog::CAuditLogPart) { + LOGFY_ADD("body", this->m_requestBody.str().c_str()); + } + + /* request headers */ + if (parts & AuditLog::BAuditLogPart) { + yajl_gen_string(g, reinterpret_cast("headers"), + strlen("headers")); + yajl_gen_map_open(g); + + for (auto h : m_collections.m_transient) { + std::string filter = "REQUEST_HEADERS:"; + std::string a = h.first; + std::string b = h.second; + + if (a.compare(0, filter.length(), filter) == 0) { + if (a.length() > filter.length()) { + LOGFY_ADD(a.c_str() + filter.length(), b.c_str()); + } + } + } + + /* end: request headers */ + yajl_gen_map_close(g); + } + + /* end: request */ + yajl_gen_map_close(g); + + /* response */ + yajl_gen_string(g, reinterpret_cast("response"), + strlen("response")); + yajl_gen_map_open(g); + + if (parts & AuditLog::GAuditLogPart) { + LOGFY_ADD("body", this->m_responseBody.str().c_str()); + } + LOGFY_ADD_NUM("http_code", httpCodeReturned); + + /* response headers */ + if (parts & AuditLog::FAuditLogPart) { + yajl_gen_string(g, reinterpret_cast("headers"), + strlen("headers")); + yajl_gen_map_open(g); + + for (auto h : m_collections.m_transient) { + std::string filter = "RESPONSE_HEADERS:"; + std::string a = h.first; + std::string b = h.second; + + if (a.compare(0, filter.length(), filter) == 0) { + if (a.length() > filter.length()) { + LOGFY_ADD(a.c_str() + filter.length(), b.c_str()); + } + } + } + /* end: response headers */ + yajl_gen_map_close(g); + } + /* end: response */ + yajl_gen_map_close(g); + + /* producer */ + if (parts & AuditLog::HAuditLogPart) { + yajl_gen_string(g, reinterpret_cast("producer"), + strlen("producer")); + yajl_gen_map_open(g); + + /* producer > libmodsecurity */ + LOGFY_ADD("modsecurity", modsecurity::whoAmI().c_str()); + + /* producer > connector */ + LOGFY_ADD("connector", m_ms->getConnectorInformation().c_str()); + + /* producer > engine state */ + LOGFY_ADD("secrules_engine", + Rules::ruleEngineStateString(m_rules->secRuleEngine)); + + /* producer > components */ + yajl_gen_string(g, + reinterpret_cast("components"), + strlen("components")); + + yajl_gen_array_open(g); + for (auto a : m_rules->components) { + yajl_gen_string(g, + reinterpret_cast + (a.c_str()), a.length()); + } + yajl_gen_array_close(g); + + /* end: producer */ + yajl_gen_map_close(g); + } + /* end: transaction */ + yajl_gen_map_close(g); + + /* end: main */ + yajl_gen_map_close(g); + + yajl_gen_get_buf(g, &buf, &len); + + std::string log(reinterpret_cast(buf), len); + + yajl_gen_free(g); + + return log; +#else + return std::string(""); +#endif +} + + +void Transaction::serverLog(const std::string& msg) { + m_ms->serverLog(m_logCbData, msg); +} + + +/** + * @name msc_new_transaction + * @brief Create a new transaction for a given configuration and ModSecurity core. + * + * The transaction is the unit that will be used the inspect every request. It holds + * all the information for a given request. + * + * @note Remember to cleanup the transaction when the transaction is complete. + * + * @param ms ModSecurity core pointer. + * @param rules Rules pointer. + * + * @return Pointer to Transaction structure + * @retval >0 Transaction structure was initialized correctly + * @retval NULL Transaction cannot be initialized, either by problems with the rules, + * problems with the ModSecurity core or missing memory to + * allocate the resources needed by the transaction. + * + */ +extern "C" Transaction *msc_new_transaction(ModSecurity *ms, + Rules *rules, void *logCbData) { + return new Transaction(ms, rules, logCbData); +} + + +/** + * @name msc_process_connection + * @brief Perform the analysis on the connection. + * + * This function should be called at very beginning of a request process, it is + * expected to be executed prior to the virtual host resolution, when the + * connection arrives on the server. + * + * @note Remember to check for a possible intervention. + * + * @param transaction ModSecurity transaction. + * @param client Client's IP address in text format. + * @param cPort Client's port + * @param server Server's IP address in text format. + * @param sPort Server's port + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_process_connection(Transaction *transaction, + const char *client, int cPort, const char *server, int sPort) { + return transaction->processConnection(client, cPort, server, sPort); +} + + +/** + * @name msc_process_uri + * @brief Perform the analysis on the URI and all the query string variables. + * + * This function should be called at very beginning of a request process, it is + * expected to be executed prior to the virtual host resolution, when the + * connection arrives on the server. + * + * @note There is no direct connection between this function and any phase of + * the SecLanguage's phases. It is something that may occur between the + * SecLanguage phase 1 and 2. + * @note Remember to check for a possible intervention. + * + * @param transaction ModSecurity transaction. + * @param uri Uri. + * @param protocol Protocol (GET, POST, PUT). + * @param http_version Http version (1.0, 1.2, 2.0). + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_process_uri(Transaction *transaction, const char *uri, + const char *protocol, const char *http_version) { + return transaction->processURI(uri, protocol, http_version); +} + + +/** + * @name msc_process_request_headers + * @brief Perform the analysis on the request readers. + * + * This function perform the analysis on the request headers, notice however + * that the headers should be added prior to the execution of this function. + * + * @note Remember to check for a possible intervention. + * + * @param transaction ModSecurity transaction. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_process_request_headers(Transaction *transaction) { + return transaction->processRequestHeaders(); +} + + +/** + * @name msc_process_request_body + * @brief Perform the request body (if any) + * + * This function perform the analysis on the request body. It is optional to + * call that function. If this API consumer already know that there isn't a + * body for inspect it is recommended to skip this step. + * + * @note It is necessary to "append" the request body prior to the execution + * of this function. + * @note Remember to check for a possible intervention. + * + * @param transaction ModSecurity transaction. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_process_request_body(Transaction *transaction) { + return transaction->processRequestBody(); +} + + +/** + * @name msc_append_request_body + * @brief Adds request body to be inspected. + * + * With this function it is possible to feed ModSecurity with data for + * inspection regarding the request body. There are two possibilities here: + * + * 1 - Adds the buffer in a row; + * 2 - Adds it in chunks; + * + * A third option should be developed which is share your application buffer. + * In any case, remember that the utilization of this function may reduce your + * server throughput, as this buffer creations is computationally expensive. + * + * @note While feeding ModSecurity remember to keep checking if there is an + * intervention, Sec Language has the capability to set the maximum + * inspection size which may be reached, and the decision on what to do + * in this case is upon the rules. + * + * @param transaction ModSecurity transaction. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_append_request_body(Transaction *transaction, + const unsigned char *buf, size_t len) { + return transaction->appendRequestBody(buf, len); +} + + +extern "C" int msc_request_body_from_file(Transaction *transaction, + const char *path) { + return transaction->requestBodyFromFile(path); +} + + +/** + * @name msc_process_response_headers + * @brief Perform the analysis on the response readers. + * + * This function perform the analysis on the response headers, notice however + * that the headers should be added prior to the execution of this function. + * + * @note Remember to check for a possible intervention. + * + * @param transaction ModSecurity transaction. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_process_response_headers(Transaction *transaction) { + return transaction->processResponseHeaders(); +} + + +/** + * @name msc_process_response_body + * @brief Perform the request body (if any) + * + * This function perform the analysis on the request body. It is optional to + * call that function. If this API consumer already know that there isn't a + * body for inspect it is recommended to skip this step. + * + * @note It is necessary to "append" the request body prior to the execution + * of this function. + * @note Remember to check for a possible intervention. + * + * @param transaction ModSecurity transaction. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_process_response_body(Transaction *transaction) { + return transaction->processResponseBody(); +} + + +/** + * @name msc_append_response_body + * @brief Adds reponse body to be inspected. + * + * With this function it is possible to feed ModSecurity with data for + * inspection regarding the response body. ModSecurity can also update the + * contents of the response body, this is not quite ready yet on this version + * of the API. + * + * @note If the content is updated, the client cannot receive the content + * length header filled, at least not with the old values. Otherwise + * unexpected behavior may happens. + * + * @param transaction ModSecurity transaction. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_append_response_body(Transaction *transaction, + const unsigned char *buf, size_t len) { + return transaction->appendResponseBody(buf, len); +} + + +/** + * @name msc_add_request_header + * @brief Adds a request header + * + * With this function it is possible to feed ModSecurity with a request header. + * + * @note This function expects a NULL terminated string, for both: key and + * value. + * + * @param transaction ModSecurity transaction. + * @param key header name. + * @param value header value. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_add_request_header(Transaction *transaction, + const unsigned char *key, + const unsigned char *value) { + return transaction->addRequestHeader(key, value); +} + + +/** + * @name msc_add_n_request_header + * @brief Adds a request header + * + * Same as msc_add_request_header, do not expect a NULL terminated string, + * instead it expect the string and the string size, for the value and key. + * + * @param transaction ModSecurity transaction. + * @param key header name. + * @param key_len header name size. + * @param value header value. + * @param val_len header value size. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_add_n_request_header(Transaction *transaction, + const unsigned char *key, + size_t key_len, const unsigned char *value, size_t value_len) { + return transaction->addRequestHeader(key, key_len, value, value_len); +} + + +/** + * @name msc_add_response_header + * @brief Adds a response header + * + * With this function it is possible to feed ModSecurity with a response + * header. + * + * @note This function expects a NULL terminated string, for both: key and + * value. + * + * @param transaction ModSecurity transaction. + * @param key header name. + * @param value header value. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_add_response_header(Transaction *transaction, + const unsigned char *key, + const unsigned char *value) { + return transaction->addResponseHeader(key, value); +} + + +/** + * @name msc_add_n_response_header + * @brief Adds a response header + * + * Same as msc_add_response_header, do not expect a NULL terminated string, + * instead it expect the string and the string size, for the value and key. + * + * @param transaction ModSecurity transaction. + * @param key header name. + * @param key_len header name size. + * @param value header value. + * @param val_len header value size. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_add_n_response_header(Transaction *transaction, + const unsigned char *key, size_t key_len, const unsigned char *value, + size_t value_len) { + return transaction->addResponseHeader(key, key_len, value, value_len); +} + + +/** + * @name msc_transaction_cleanup + * @brief Removes all the resources allocated by a given Transaction. + * + * It is mandatory to call this function after every request being finished, + * otherwise it may end up in a huge memory leak. + * + * @param transaction ModSecurity transaction. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" void msc_transaction_cleanup(Transaction *transaction) { + transaction->cleanup(); +} + + +/** + * @name msc_intervention + * @brief Check if ModSecurity has anything to ask to the server. + * + * Intervention can generate a log event and/or perform a disruptive action. + * + * @param transaction ModSecurity transaction. + * + * @return Pointer to ModSecurityIntervention structure + * @retval >0 A intervention should be made. + * @retval NULL Nothing to be done. + * + */ +extern "C" int msc_intervention(Transaction *transaction, + ModSecurityIntervention *it) { + return transaction->intervention(it); +} + + +/** + * @name msc_get_response_body + * @brief Retrieve a buffer with the updated response body. + * + * This function is needed to be called whenever ModSecurity update the + * contents of the response body, otherwise there is no need to call this + * function. + * + * @param transaction ModSecurity transaction. + * + * @return It returns a buffer (const char *) + * @retval >0 body was update and available. + * @retval NULL Nothing was updated. + * + */ +extern "C" const char *msc_get_response_body(Transaction *transaction) { + return transaction->getResponseBody(); +} + + +/** + * @name msc_get_response_body_length + * @brief Retrieve the length of the updated response body. + * + * This function returns the size of the update response body buffer, notice + * however, that most likely there isn't an update. Thus, this function will + * return 0. + * + * @param transaction ModSecurity transaction. + * + * @return Size of the update response body. + * @retval ==0 there is no update. + * @retval >0 the size of the updated buffer. + * + */ +extern "C" int msc_get_response_body_length(Transaction *transaction) { + return transaction->getResponseBodyLenth(); +} + +/** + * @name msc_process_logging + * @brief Logging all information relative to this transaction. + * + * At this point there is not need to hold the connection, the response can be + * delivered prior to the execution of this function. + * + * @param transaction ModSecurity transaction. + * @param code HTTP code returned to the user. + * + * @returns If the operation was successful or not. + * @retval 1 Operation was successful. + * @retval 0 Operation failed. + * + */ +extern "C" int msc_process_logging(Transaction *transaction, int code) { + return transaction->processLogging(code); +} + +} // namespace modsecurity + diff --git a/src/utils.cc b/src/utils.cc index 20842ade..ac84300b 100644 --- a/src/utils.cc +++ b/src/utils.cc @@ -103,7 +103,7 @@ std::string dash_if_empty(const std::string& str) { } -double generate_assay_unique_id() { +double generate_transaction_unique_id() { return random_number(0, 100); } @@ -873,8 +873,8 @@ std::string string_to_hex(const std::string& input) { * * IMP1 Assumes NUL-terminated */ -int urldecode_uni_nonstrict_inplace_ex(Assay *assay, unsigned char *input, - int64_t input_len, int *changed) { +int urldecode_uni_nonstrict_inplace_ex(Transaction *transaction, + unsigned char *input, int64_t input_len, int *changed) { unsigned char *d = input; int64_t i, count, fact, j, xv; int Code, hmap = -1; @@ -899,9 +899,9 @@ int urldecode_uni_nonstrict_inplace_ex(Assay *assay, unsigned char *input, Code = 0; fact = 1; - if (assay - && assay->m_rules->unicode_map_table != NULL - && assay->m_rules->unicode_codepage > 0) { + if (transaction + && transaction->m_rules->unicode_map_table != NULL + && transaction->m_rules->unicode_codepage > 0) { for (j = 5; j >= 2; j--) { if (isxdigit((input[i+j]))) { if (input[i+j] >= 97) { @@ -917,7 +917,8 @@ int urldecode_uni_nonstrict_inplace_ex(Assay *assay, unsigned char *input, } if (Code >= 0 && Code <= 65535) { - hmap = assay->m_rules->unicode_map_table[Code]; + Rules *r = transaction->m_rules; + hmap = r->unicode_map_table[Code]; } } diff --git a/src/utils.h b/src/utils.h index 036087e6..3178cd63 100644 --- a/src/utils.h +++ b/src/utils.h @@ -32,7 +32,7 @@ namespace modsecurity { std::vector split(std::string str, char delimiter); double random_number(const double from, const double to); - double generate_assay_unique_id(); + double generate_transaction_unique_id(); std::string ascTime(time_t *t); void createDir(std::string dir, int mode); std::string dash_if_empty(const std::string& str); @@ -50,8 +50,8 @@ namespace modsecurity { int normalize_path_inplace(unsigned char *input, int input_len, int win, int *changed); std::string string_to_hex(const std::string& input); - int urldecode_uni_nonstrict_inplace_ex(Assay *assay, unsigned char *input, - int64_t input_len, int *changed); + int urldecode_uni_nonstrict_inplace_ex(Transaction *transaction, + unsigned char *input, int64_t input_len, int *changed); std::string phase_name(int x); std::string limitTo(int amount, const std::string &str); std::string toHexIfNeeded(const std::string &str); diff --git a/src/utils/geo_lookup.h b/src/utils/geo_lookup.h index 46a3232f..460878d3 100644 --- a/src/utils/geo_lookup.h +++ b/src/utils/geo_lookup.h @@ -25,7 +25,7 @@ #ifndef SRC_UTILS_GEO_LOOKUP_H_ #define SRC_UTILS_GEO_LOOKUP_H_ -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Utils { diff --git a/src/utils/https_client.h b/src/utils/https_client.h index 94019716..3e0c5aca 100644 --- a/src/utils/https_client.h +++ b/src/utils/https_client.h @@ -25,7 +25,7 @@ #ifndef SRC_UTILS_HTTPS_CLIENT_H_ #define SRC_UTILS_HTTPS_CLIENT_H_ -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Utils { diff --git a/src/utils/ip_tree.h b/src/utils/ip_tree.h index f910155d..d3150bc0 100644 --- a/src/utils/ip_tree.h +++ b/src/utils/ip_tree.h @@ -21,7 +21,7 @@ #ifndef SRC_UTILS_IP_TREE_H_ #define SRC_UTILS_IP_TREE_H_ -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "utils/msc_tree.h" namespace modsecurity { diff --git a/src/variables/duration.cc b/src/variables/duration.cc index 42a021b7..9abb768d 100644 --- a/src/variables/duration.cc +++ b/src/variables/duration.cc @@ -21,17 +21,17 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" namespace modsecurity { namespace Variables { -void Duration::evaluateInternal(Assay *assay, +void Duration::evaluateInternal(Transaction *transaction, std::vector *l) { std::string res; - double e = cpu_seconds() - assay->start; + double e = cpu_seconds() - transaction->start; res = std::to_string(e); diff --git a/src/variables/duration.h b/src/variables/duration.h index e9931982..5c4ddff1 100644 --- a/src/variables/duration.h +++ b/src/variables/duration.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class Duration : public Variable { @@ -33,7 +33,7 @@ class Duration : public Variable { explicit Duration(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/env.cc b/src/variables/env.cc index 5ded21dd..b46df01f 100644 --- a/src/variables/env.cc +++ b/src/variables/env.cc @@ -25,7 +25,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" extern char **environ; @@ -33,7 +33,7 @@ extern char **environ; namespace modsecurity { namespace Variables { -void Env::evaluateInternal(Assay *assay, +void Env::evaluateInternal(Transaction *transaction, std::vector *l) { std::map envs; for (char **current = environ; *current; current++) { diff --git a/src/variables/env.h b/src/variables/env.h index 61a5e3ec..c6b1a9bd 100644 --- a/src/variables/env.h +++ b/src/variables/env.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class Env : public Variable { @@ -33,7 +33,7 @@ class Env : public Variable { explicit Env(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/highest_severity.cc b/src/variables/highest_severity.cc index 30299e6d..9c43a2b8 100644 --- a/src/variables/highest_severity.cc +++ b/src/variables/highest_severity.cc @@ -21,15 +21,15 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void HighestSeverity::evaluateInternal(Assay *assay, +void HighestSeverity::evaluateInternal(Transaction *transaction, std::vector *l) { l->push_back(new transaction::Variable("HIGHEST_SEVERITY", - std::to_string(assay->highest_severity))); + std::to_string(transaction->highest_severity))); } diff --git a/src/variables/highest_severity.h b/src/variables/highest_severity.h index 5b86f764..61c7961e 100644 --- a/src/variables/highest_severity.h +++ b/src/variables/highest_severity.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class HighestSeverity : public Variable { @@ -33,7 +33,7 @@ class HighestSeverity : public Variable { explicit HighestSeverity(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/modsec_build.cc b/src/variables/modsec_build.cc index 8feb09b8..7e8af3f9 100644 --- a/src/variables/modsec_build.cc +++ b/src/variables/modsec_build.cc @@ -21,13 +21,13 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "modsecurity/modsecurity.h" namespace modsecurity { namespace Variables { -void ModsecBuild::evaluateInternal(Assay *assay, +void ModsecBuild::evaluateInternal(Transaction *transaction, std::vector *l) { std::ostringstream ss; ss << std::setw(2) << std::setfill('0') << MODSECURITY_MAJOR; diff --git a/src/variables/modsec_build.h b/src/variables/modsec_build.h index 6a5d7f56..09292690 100644 --- a/src/variables/modsec_build.h +++ b/src/variables/modsec_build.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class ModsecBuild : public Variable { @@ -33,7 +33,7 @@ class ModsecBuild : public Variable { explicit ModsecBuild(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time.cc b/src/variables/time.cc index 7eb8f867..24ec05bb 100644 --- a/src/variables/time.cc +++ b/src/variables/time.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void Time::evaluateInternal(Assay *assay, +void Time::evaluateInternal(Transaction *transaction, std::vector *l) { char tstr[200]; diff --git a/src/variables/time.h b/src/variables/time.h index 643b0c9a..98c071d4 100644 --- a/src/variables/time.h +++ b/src/variables/time.h @@ -26,7 +26,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class Time : public Variable { @@ -34,7 +34,7 @@ class Time : public Variable { explicit Time(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time_day.cc b/src/variables/time_day.cc index 94271e89..f7714f57 100644 --- a/src/variables/time_day.cc +++ b/src/variables/time_day.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void TimeDay::evaluateInternal(Assay *assay, +void TimeDay::evaluateInternal(Transaction *transaction, std::vector *l) { char tstr[200]; struct tm timeinfo; diff --git a/src/variables/time_day.h b/src/variables/time_day.h index 1cf251c7..ea801214 100644 --- a/src/variables/time_day.h +++ b/src/variables/time_day.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class TimeDay : public Variable { @@ -33,7 +33,7 @@ class TimeDay : public Variable { explicit TimeDay(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time_epoch.cc b/src/variables/time_epoch.cc index a2ef3f43..41b0bbba 100644 --- a/src/variables/time_epoch.cc +++ b/src/variables/time_epoch.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void TimeEpoch::evaluateInternal(Assay *assay, +void TimeEpoch::evaluateInternal(Transaction *transaction, std::vector *l) { l->push_back(new transaction::Variable("TIME_EPOCH", std::to_string(std::time(nullptr)))); diff --git a/src/variables/time_epoch.h b/src/variables/time_epoch.h index a55f28ab..63f285ec 100644 --- a/src/variables/time_epoch.h +++ b/src/variables/time_epoch.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class TimeEpoch : public Variable { @@ -33,7 +33,7 @@ class TimeEpoch : public Variable { explicit TimeEpoch(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time_hour.cc b/src/variables/time_hour.cc index 726bce21..34fb560c 100644 --- a/src/variables/time_hour.cc +++ b/src/variables/time_hour.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void TimeHour::evaluateInternal(Assay *assay, +void TimeHour::evaluateInternal(Transaction *transaction, std::vector *l) { char tstr[200]; struct tm timeinfo; diff --git a/src/variables/time_hour.h b/src/variables/time_hour.h index 51777b26..6887ea25 100644 --- a/src/variables/time_hour.h +++ b/src/variables/time_hour.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class TimeHour : public Variable { @@ -33,7 +33,7 @@ class TimeHour : public Variable { explicit TimeHour(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time_min.cc b/src/variables/time_min.cc index 07b101cb..0e884152 100644 --- a/src/variables/time_min.cc +++ b/src/variables/time_min.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void TimeMin::evaluateInternal(Assay *assay, +void TimeMin::evaluateInternal(Transaction *transaction, std::vector *l) { char tstr[200]; struct tm timeinfo; diff --git a/src/variables/time_min.h b/src/variables/time_min.h index 66323379..4eb51640 100644 --- a/src/variables/time_min.h +++ b/src/variables/time_min.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class TimeMin : public Variable { @@ -33,7 +33,7 @@ class TimeMin : public Variable { explicit TimeMin(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time_mon.cc b/src/variables/time_mon.cc index 48e9cdf0..74583848 100644 --- a/src/variables/time_mon.cc +++ b/src/variables/time_mon.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void TimeMon::evaluateInternal(Assay *assay, +void TimeMon::evaluateInternal(Transaction *transaction, std::vector *l) { char tstr[200]; struct tm timeinfo; diff --git a/src/variables/time_mon.h b/src/variables/time_mon.h index 629820da..8b0d3503 100644 --- a/src/variables/time_mon.h +++ b/src/variables/time_mon.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class TimeMon : public Variable { @@ -33,7 +33,7 @@ class TimeMon : public Variable { explicit TimeMon(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time_sec.cc b/src/variables/time_sec.cc index 0f5ef30d..c96c168d 100644 --- a/src/variables/time_sec.cc +++ b/src/variables/time_sec.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void TimeSec::evaluateInternal(Assay *assay, +void TimeSec::evaluateInternal(Transaction *transaction, std::vector *l) { char tstr[200]; struct tm timeinfo; diff --git a/src/variables/time_sec.h b/src/variables/time_sec.h index f720c2d5..edb69f7a 100644 --- a/src/variables/time_sec.h +++ b/src/variables/time_sec.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class TimeSec : public Variable { @@ -33,7 +33,7 @@ class TimeSec : public Variable { explicit TimeSec(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time_wday.cc b/src/variables/time_wday.cc index 571de119..bcaad485 100644 --- a/src/variables/time_wday.cc +++ b/src/variables/time_wday.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void TimeWDay::evaluateInternal(Assay *assay, +void TimeWDay::evaluateInternal(Transaction *transaction, std::vector *l) { char tstr[200]; struct tm timeinfo; diff --git a/src/variables/time_wday.h b/src/variables/time_wday.h index 5eacbb72..fe675cb5 100644 --- a/src/variables/time_wday.h +++ b/src/variables/time_wday.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class TimeWDay : public Variable { @@ -33,7 +33,7 @@ class TimeWDay : public Variable { explicit TimeWDay(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/time_year.cc b/src/variables/time_year.cc index ea9a78e8..83313266 100644 --- a/src/variables/time_year.cc +++ b/src/variables/time_year.cc @@ -28,12 +28,12 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void TimeYear::evaluateInternal(Assay *assay, +void TimeYear::evaluateInternal(Transaction *transaction, std::vector *l) { char tstr[200]; struct tm timeinfo; diff --git a/src/variables/time_year.h b/src/variables/time_year.h index 3d420118..21940ccf 100644 --- a/src/variables/time_year.h +++ b/src/variables/time_year.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class TimeYear : public Variable { @@ -33,7 +33,7 @@ class TimeYear : public Variable { explicit TimeYear(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/tx.cc b/src/variables/tx.cc index 926bb596..a7d3ccbf 100644 --- a/src/variables/tx.cc +++ b/src/variables/tx.cc @@ -28,20 +28,20 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" namespace modsecurity { namespace Variables { -void Tx::evaluateInternal(Assay *assay, +void Tx::evaluateInternal(Transaction *transaction, std::vector *l) { if (m_type == SingleMatch) { - assay->m_collections.resolveSingleMatch(m_name, "TX", l); + transaction->m_collections.resolveSingleMatch(m_name, "TX", l); } else if (m_type == MultipleMatches) { - assay->m_collections.resolveMultiMatches(m_name, "TX", l); + transaction->m_collections.resolveMultiMatches(m_name, "TX", l); } else if (m_type == RegularExpression) { - assay->m_collections.resolveRegularExpression(m_name, "TX", l); + transaction->m_collections.resolveRegularExpression(m_name, "TX", l); } } diff --git a/src/variables/tx.h b/src/variables/tx.h index 8119e44a..7128c9e9 100644 --- a/src/variables/tx.h +++ b/src/variables/tx.h @@ -26,7 +26,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class Tx : public Variable { @@ -34,7 +34,7 @@ class Tx : public Variable { explicit Tx(std::string _name) : Variable(_name) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; }; diff --git a/src/variables/variable.cc b/src/variables/variable.cc index c67040f5..9bcda3bf 100644 --- a/src/variables/variable.cc +++ b/src/variables/variable.cc @@ -20,7 +20,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "variations/exclusion.h" using modsecurity::Variables::Variations::Exclusion; @@ -72,44 +72,44 @@ Variable::Variable(std::string name, VariableKind kind) std::vector * - Variable::evaluate(Assay *assay) { + Variable::evaluate(Transaction *transaction) { std::vector *l = NULL; l = new std::vector(); - evaluate(assay, l); + evaluate(transaction, l); return l; } -void Variable::evaluateInternal(Assay *assay, +void Variable::evaluateInternal(Transaction *transaction, std::vector *l) { if (m_collectionName.empty() == false) { if (m_kind == CollectionVarible && m_type == MultipleMatches) { - assay->m_collections.resolveMultiMatches(m_name, + transaction->m_collections.resolveMultiMatches(m_name, m_collectionName, l); } else if (m_kind == CollectionVarible && m_type == RegularExpression) { - assay->m_collections.resolveRegularExpression(m_name, + transaction->m_collections.resolveRegularExpression(m_name, m_collectionName, l); } else { - assay->m_collections.resolveSingleMatch(m_name, + transaction->m_collections.resolveSingleMatch(m_name, m_collectionName, l); } } else { if (m_kind == CollectionVarible && m_type == MultipleMatches) { - assay->m_collections.resolveMultiMatches(m_name, l); + transaction->m_collections.resolveMultiMatches(m_name, l); } else if (m_kind == CollectionVarible && m_type == RegularExpression) { - assay->m_collections.resolveRegularExpression(m_name, l); + transaction->m_collections.resolveRegularExpression(m_name, l); } else { - assay->m_collections.resolveSingleMatch(m_name, l); + transaction->m_collections.resolveSingleMatch(m_name, l); } } } -void Variable::evaluate(Assay *assay, +void Variable::evaluate(Transaction *transaction, std::vector *l) { - evaluateInternal(assay, l); + evaluateInternal(transaction, l); } diff --git a/src/variables/variable.h b/src/variables/variable.h index 44c116d0..74c94c6d 100644 --- a/src/variables/variable.h +++ b/src/variables/variable.h @@ -17,14 +17,14 @@ #include #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #ifndef SRC_VARIABLES_VARIABLE_H_ #define SRC_VARIABLES_VARIABLE_H_ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { class Variable { @@ -66,10 +66,13 @@ class Variable { static std::string to_s(std::vector *variables); - virtual std::vector *evaluate(Assay *assay); - virtual void evaluate(Assay *assay, + virtual std::vector + *evaluate(Transaction *transaction); + + virtual void evaluate(Transaction *transaction, std::vector *l); - virtual void evaluateInternal(Assay *assay, + + virtual void evaluateInternal(Transaction *transaction, std::vector *l); diff --git a/src/variables/variations/count.cc b/src/variables/variations/count.cc index abc7d08f..526ea918 100644 --- a/src/variables/variations/count.cc +++ b/src/variables/variations/count.cc @@ -21,19 +21,19 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" namespace modsecurity { namespace Variables { namespace Variations { -void Count::evaluateInternal(Assay *assay, +void Count::evaluateInternal(Transaction *transaction, std::vector *l) { std::vector *reslIn; int count = 0; - reslIn = var->evaluate(assay); + reslIn = var->evaluate(transaction); for (auto &a : *reslIn) { count++; diff --git a/src/variables/variations/count.h b/src/variables/variations/count.h index 2d138c5b..285066fc 100644 --- a/src/variables/variations/count.h +++ b/src/variables/variations/count.h @@ -25,7 +25,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { namespace Variations { @@ -35,7 +35,7 @@ class Count : public Variable { : Variable("count(" + v->m_name + ")"), var(v) { } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; Variable *var; diff --git a/src/variables/variations/exclusion.cc b/src/variables/variations/exclusion.cc index 243e535c..474db22a 100644 --- a/src/variables/variations/exclusion.cc +++ b/src/variables/variations/exclusion.cc @@ -21,7 +21,7 @@ #include #include -#include "modsecurity/assay.h" +#include "modsecurity/transaction.h" #include "src/utils.h" namespace modsecurity { @@ -29,9 +29,9 @@ namespace Variables { namespace Variations { -void Exclusion::evaluateInternal(Assay *assay, +void Exclusion::evaluateInternal(Transaction *transaction, std::vector *l) { - assay->m_collections.resolveMultiMatches(m_name, l); + transaction->m_collections.resolveMultiMatches(m_name, l); } diff --git a/src/variables/variations/exclusion.h b/src/variables/variations/exclusion.h index 36b85fee..688277b1 100644 --- a/src/variables/variations/exclusion.h +++ b/src/variables/variations/exclusion.h @@ -26,7 +26,7 @@ namespace modsecurity { -class Assay; +class Transaction; namespace Variables { namespace Variations { @@ -37,7 +37,7 @@ class Exclusion : public Variable { var(v) { m_isExclusion = true; } - void evaluateInternal(Assay *assay, + void evaluateInternal(Transaction *transaction, std::vector *l) override; Variable *var; diff --git a/test/benchmark/benchmark.cc b/test/benchmark/benchmark.cc index 0466f1dd..7c46074f 100644 --- a/test/benchmark/benchmark.cc +++ b/test/benchmark/benchmark.cc @@ -22,7 +22,7 @@ #include "modsecurity/modsecurity.h" #include "modsecurity/rules.h" -using modsecurity::Assay; +using modsecurity::Transaction; char request_header[] = "" \ "GET /tutorials/other/top-20-mysql-best-practices/ HTTP/1.1\n\r" \ @@ -88,83 +88,83 @@ int main(int argc, char *argv[]) { for (i = 0; i < NUM_REQUESTS; i++) { std::cout << "Proceeding with request " << i << std::endl; - Assay *modsecAssay = new Assay(modsec, rules, NULL); - modsecAssay->processConnection(ip, 12345, "127.0.0.1", 80); + Transaction *modsecTransaction = new Transaction(modsec, rules, NULL); + modsecTransaction->processConnection(ip, 12345, "127.0.0.1", 80); - if (modsecAssay->intervention(&it)) { + if (modsecTransaction->intervention(&it)) { std::cout << "There is an intervention" << std::endl; continue; } - modsecAssay->processURI(request_uri, "GET", "1.1"); - if (modsecAssay->intervention(&it)) { + modsecTransaction->processURI(request_uri, "GET", "1.1"); + if (modsecTransaction->intervention(&it)) { std::cout << "There is an intervention" << std::endl; continue; } - modsecAssay->addRequestHeader("Host", + modsecTransaction->addRequestHeader("Host", "net.tutsplus.com"); - modsecAssay->addRequestHeader("User-Agent", + modsecTransaction->addRequestHeader("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) " \ "Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)\n\r"); - modsecAssay->addRequestHeader("Accept", + modsecTransaction->addRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;" \ "q=0.9,*/*;q=0.8"); - modsecAssay->addRequestHeader("Accept-Language", + modsecTransaction->addRequestHeader("Accept-Language", "en-us,en;q=0.5"); - modsecAssay->addRequestHeader("Accept-Encoding", + modsecTransaction->addRequestHeader("Accept-Encoding", "gzip,deflate"); - modsecAssay->addRequestHeader("Accept-Charset", + modsecTransaction->addRequestHeader("Accept-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.7"); - modsecAssay->addRequestHeader("Keep-Alive", + modsecTransaction->addRequestHeader("Keep-Alive", "300"); - modsecAssay->addRequestHeader("Connection", + modsecTransaction->addRequestHeader("Connection", "keep-alive"); - modsecAssay->addRequestHeader("Cookie", + modsecTransaction->addRequestHeader("Cookie", "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120"); - modsecAssay->addRequestHeader("Pragma", + modsecTransaction->addRequestHeader("Pragma", "no-cache"); - modsecAssay->addRequestHeader("Cache-Control", + modsecTransaction->addRequestHeader("Cache-Control", "no-cache"); - modsecAssay->processRequestHeaders(); + modsecTransaction->processRequestHeaders(); - if (modsecAssay->intervention(&it)) { + if (modsecTransaction->intervention(&it)) { std::cout << "There is an intervention" << std::endl; continue; } - modsecAssay->processRequestBody(); + modsecTransaction->processRequestBody(); - if (modsecAssay->intervention(&it)) { + if (modsecTransaction->intervention(&it)) { std::cout << "There is an intervention" << std::endl; continue; } - modsecAssay->addResponseHeader("HTTP/1.1", + modsecTransaction->addResponseHeader("HTTP/1.1", "200 OK"); - modsecAssay->addResponseHeader("Content-Type", + modsecTransaction->addResponseHeader("Content-Type", "text/xml; charset=utf-8"); - modsecAssay->addResponseHeader("Content-Length", + modsecTransaction->addResponseHeader("Content-Length", "200"); - modsecAssay->processResponseHeaders(); + modsecTransaction->processResponseHeaders(); - if (modsecAssay->intervention(&it)) { + if (modsecTransaction->intervention(&it)) { std::cout << "There is an intervention" << std::endl; continue; } - modsecAssay->appendResponseBody(response_body, + modsecTransaction->appendResponseBody(response_body, strlen((const char*)response_body)); - modsecAssay->processResponseBody(); + modsecTransaction->processResponseBody(); - if (modsecAssay->intervention(&it)) { + if (modsecTransaction->intervention(&it)) { std::cout << "There is an intervention" << std::endl; continue; } - delete modsecAssay; + delete modsecTransaction; } delete modsec; diff --git a/test/fuzzer/afl_fuzzer.cc b/test/fuzzer/afl_fuzzer.cc index 9c913fa6..01d904d3 100644 --- a/test/fuzzer/afl_fuzzer.cc +++ b/test/fuzzer/afl_fuzzer.cc @@ -134,7 +134,7 @@ int main(int argc, char** argv) { ModSecurity *ms = new ModSecurity(); Rules *rules = new Rules(); - Assay *assay = new Assay(ms, rules, NULL); + Transaction *transaction = new Transaction(ms, rules, NULL); /** @@ -189,43 +189,43 @@ Utf8Unicode *utf8unicode = new Utf8Unicode("Utf8Unicode"); utf8unicode->evaluate * */ #if 1 -BeginsWith *beginswith = new BeginsWith("@BeginsWith", z, false); beginswith->evaluate(assay, s); delete beginswith; -Contains *contains = new Contains("@Contains", z, false); contains->evaluate(assay, s); delete contains; -ContainsWord *containsword = new ContainsWord("@ContainsWord", z, false); containsword->evaluate(assay, s); delete containsword; -DetectSQLi *detectsqli = new DetectSQLi("@DetectSQLi", z, false); detectsqli->evaluate(assay, s); delete detectsqli; -DetectXSS *detectxss = new DetectXSS("@DetectXSS", z, false); detectxss->evaluate(assay, s); delete detectxss; -EndsWith *endswith = new EndsWith("@EndsWith", z, false); endswith->evaluate(assay, s); delete endswith; -Eq *eq = new Eq("@Eq", z, false); eq->evaluate(assay, s); delete eq; -FuzzyHash *fuzzyhash = new FuzzyHash("@FuzzyHash", z, false); fuzzyhash->evaluate(assay, s); delete fuzzyhash; -Ge *ge = new Ge("@Ge", z, false); ge->evaluate(assay, s); delete ge; -GeoLookup *geolookup = new GeoLookup("@GeoLookup", z, false); geolookup->evaluate(assay, s); delete geolookup; -GsbLookup *gsblookup = new GsbLookup("@GsbLookup", z, false); gsblookup->evaluate(assay, s); delete gsblookup; -Gt *gt = new Gt("@Gt", z, false); gt->evaluate(assay, s); delete gt; -InspectFile *inspectfile = new InspectFile("@InspectFile", z, false); inspectfile->evaluate(assay, s); delete inspectfile; -IpMatchF *ipmatchf = new IpMatchF("@IpMatchF", z, false); ipmatchf->evaluate(assay, s); delete ipmatchf; -IpMatchFromFile *ipmatchfromfile = new IpMatchFromFile("@IpMatchFromFile", z, false); ipmatchfromfile->evaluate(assay, s); delete ipmatchfromfile; -IpMatch *ipmatch = new IpMatch("@IpMatch", z, false); ipmatch->evaluate(assay, s); delete ipmatch; -Le *le = new Le("@Le", z, false); le->evaluate(assay, s); delete le; -Lt *lt = new Lt("@Lt", z, false); lt->evaluate(assay, s); delete lt; -NoMatch *nomatch = new NoMatch("@NoMatch", z, false); nomatch->evaluate(assay, s); delete nomatch; -PmF *pmf = new PmF("@PmF", z, false); pmf->evaluate(assay, s); delete pmf; -PmFromFile *pmfromfile = new PmFromFile("@PmFromFile", z, false); pmfromfile->evaluate(assay, s); delete pmfromfile; -Pm *pm = new Pm("@Pm", z, false); pm->evaluate(assay, s); delete pm; -Rbl *rbl = new Rbl("@Rbl", z, false); rbl->evaluate(assay, s); delete rbl; -Rsub *rsub = new Rsub("@Rsub", z, false); rsub->evaluate(assay, s); delete rsub; -Rx *rx = new Rx("@Rx", z, false); rx->evaluate(assay, s); delete rx; -StrEq *streq = new StrEq("@StrEq", z, false); streq->evaluate(assay, s); delete streq; -StrMatch *strmatch = new StrMatch("@StrMatch", z, false); strmatch->evaluate(assay, s); delete strmatch; -ValidateByteRange *validatebyterange = new ValidateByteRange("@ValidateByteRange", z, false); validatebyterange->evaluate(assay, s); delete validatebyterange; -ValidateDTD *validatedtd = new ValidateDTD("@ValidateDTD", z, false); validatedtd->evaluate(assay, s); delete validatedtd; -ValidateHash *validatehash = new ValidateHash("@ValidateHash", z, false); validatehash->evaluate(assay, s); delete validatehash; -ValidateSchema *validateschema = new ValidateSchema("@ValidateSchema", z, false); validateschema->evaluate(assay, s); delete validateschema; -ValidateUrlEncoding *validateurlencoding = new ValidateUrlEncoding("@ValidateUrlEncoding", z, false); validateurlencoding->evaluate(assay, s); delete validateurlencoding; -ValidateUtf8Encoding *validateutf8encoding = new ValidateUtf8Encoding("@ValidateUtf8Encoding", z, false); validateutf8encoding->evaluate(assay, s); delete validateutf8encoding; -VerifyCC *verifycc = new VerifyCC("@VerifyCC", z, false); verifycc->evaluate(assay, s); delete verifycc; -VerifyCPF *verifycpf = new VerifyCPF("@VerifyCPF", z, false); verifycpf->evaluate(assay, s); delete verifycpf; -VerifySSN *verifyssn = new VerifySSN("@VerifySSN", z, false); verifyssn->evaluate(assay, s); delete verifyssn; -Within *within = new Within("@Within", z, false); within->evaluate(assay, s); delete within; +BeginsWith *beginswith = new BeginsWith("@BeginsWith", z, false); beginswith->evaluate(transaction, s); delete beginswith; +Contains *contains = new Contains("@Contains", z, false); contains->evaluate(transaction, s); delete contains; +ContainsWord *containsword = new ContainsWord("@ContainsWord", z, false); containsword->evaluate(transaction, s); delete containsword; +DetectSQLi *detectsqli = new DetectSQLi("@DetectSQLi", z, false); detectsqli->evaluate(transaction, s); delete detectsqli; +DetectXSS *detectxss = new DetectXSS("@DetectXSS", z, false); detectxss->evaluate(transaction, s); delete detectxss; +EndsWith *endswith = new EndsWith("@EndsWith", z, false); endswith->evaluate(transaction, s); delete endswith; +Eq *eq = new Eq("@Eq", z, false); eq->evaluate(transaction, s); delete eq; +FuzzyHash *fuzzyhash = new FuzzyHash("@FuzzyHash", z, false); fuzzyhash->evaluate(transaction, s); delete fuzzyhash; +Ge *ge = new Ge("@Ge", z, false); ge->evaluate(transaction, s); delete ge; +GeoLookup *geolookup = new GeoLookup("@GeoLookup", z, false); geolookup->evaluate(transaction, s); delete geolookup; +GsbLookup *gsblookup = new GsbLookup("@GsbLookup", z, false); gsblookup->evaluate(transaction, s); delete gsblookup; +Gt *gt = new Gt("@Gt", z, false); gt->evaluate(transaction, s); delete gt; +InspectFile *inspectfile = new InspectFile("@InspectFile", z, false); inspectfile->evaluate(transaction, s); delete inspectfile; +IpMatchF *ipmatchf = new IpMatchF("@IpMatchF", z, false); ipmatchf->evaluate(transaction, s); delete ipmatchf; +IpMatchFromFile *ipmatchfromfile = new IpMatchFromFile("@IpMatchFromFile", z, false); ipmatchfromfile->evaluate(transaction, s); delete ipmatchfromfile; +IpMatch *ipmatch = new IpMatch("@IpMatch", z, false); ipmatch->evaluate(transaction, s); delete ipmatch; +Le *le = new Le("@Le", z, false); le->evaluate(transaction, s); delete le; +Lt *lt = new Lt("@Lt", z, false); lt->evaluate(transaction, s); delete lt; +NoMatch *nomatch = new NoMatch("@NoMatch", z, false); nomatch->evaluate(transaction, s); delete nomatch; +PmF *pmf = new PmF("@PmF", z, false); pmf->evaluate(transaction, s); delete pmf; +PmFromFile *pmfromfile = new PmFromFile("@PmFromFile", z, false); pmfromfile->evaluate(transaction, s); delete pmfromfile; +Pm *pm = new Pm("@Pm", z, false); pm->evaluate(transaction, s); delete pm; +Rbl *rbl = new Rbl("@Rbl", z, false); rbl->evaluate(transaction, s); delete rbl; +Rsub *rsub = new Rsub("@Rsub", z, false); rsub->evaluate(transaction, s); delete rsub; +Rx *rx = new Rx("@Rx", z, false); rx->evaluate(transaction, s); delete rx; +StrEq *streq = new StrEq("@StrEq", z, false); streq->evaluate(transaction, s); delete streq; +StrMatch *strmatch = new StrMatch("@StrMatch", z, false); strmatch->evaluate(transaction, s); delete strmatch; +ValidateByteRange *validatebyterange = new ValidateByteRange("@ValidateByteRange", z, false); validatebyterange->evaluate(transaction, s); delete validatebyterange; +ValidateDTD *validatedtd = new ValidateDTD("@ValidateDTD", z, false); validatedtd->evaluate(transaction, s); delete validatedtd; +ValidateHash *validatehash = new ValidateHash("@ValidateHash", z, false); validatehash->evaluate(transaction, s); delete validatehash; +ValidateSchema *validateschema = new ValidateSchema("@ValidateSchema", z, false); validateschema->evaluate(transaction, s); delete validateschema; +ValidateUrlEncoding *validateurlencoding = new ValidateUrlEncoding("@ValidateUrlEncoding", z, false); validateurlencoding->evaluate(transaction, s); delete validateurlencoding; +ValidateUtf8Encoding *validateutf8encoding = new ValidateUtf8Encoding("@ValidateUtf8Encoding", z, false); validateutf8encoding->evaluate(transaction, s); delete validateutf8encoding; +VerifyCC *verifycc = new VerifyCC("@VerifyCC", z, false); verifycc->evaluate(transaction, s); delete verifycc; +VerifyCPF *verifycpf = new VerifyCPF("@VerifyCPF", z, false); verifycpf->evaluate(transaction, s); delete verifycpf; +VerifySSN *verifyssn = new VerifySSN("@VerifySSN", z, false); verifyssn->evaluate(transaction, s); delete verifyssn; +Within *within = new Within("@Within", z, false); within->evaluate(transaction, s); delete within; #endif @@ -234,26 +234,26 @@ Within *within = new Within("@Within", z, false); within->evaluate(assay, s); de * */ #if 0 - assay->processConnection(s.c_str(), 123, s.c_str(), 123); - assay->processURI(s.c_str(), z.c_str(), z.c_str()); - assay->addRequestHeader(s, z); - assay->addRequestHeader(s, s); - assay->addRequestHeader(z, z); - assay->addRequestHeader(z, s); - assay->processRequestHeaders(); - assay->appendRequestBody((const unsigned char *)s.c_str(), s.length()); - assay->processRequestBody(); - assay->addResponseHeader(s, z); - assay->addResponseHeader(s, s); - assay->addResponseHeader(z, z); - assay->addResponseHeader(z, s); - assay->processResponseHeaders(); - assay->appendResponseBody((const unsigned char *)s.c_str(), s.length()); - assay->processResponseBody(); + transaction->processConnection(s.c_str(), 123, s.c_str(), 123); + transaction->processURI(s.c_str(), z.c_str(), z.c_str()); + transaction->addRequestHeader(s, z); + transaction->addRequestHeader(s, s); + transaction->addRequestHeader(z, z); + transaction->addRequestHeader(z, s); + transaction->processRequestHeaders(); + transaction->appendRequestBody((const unsigned char *)s.c_str(), s.length()); + transaction->processRequestBody(); + transaction->addResponseHeader(s, z); + transaction->addResponseHeader(s, s); + transaction->addResponseHeader(z, z); + transaction->addResponseHeader(z, s); + transaction->processResponseHeaders(); + transaction->appendResponseBody((const unsigned char *)s.c_str(), s.length()); + transaction->processResponseBody(); #endif - delete assay; + delete transaction; delete rules; delete ms; diff --git a/test/optimization/optimization.cc b/test/optimization/optimization.cc index aa877acf..2a77c4c8 100644 --- a/test/optimization/optimization.cc +++ b/test/optimization/optimization.cc @@ -25,8 +25,8 @@ #include "src/utils.h" #include "parser/driver.h" #include "utils/https_client.h" -#include "modsecurity/assay.h" #include "modsecurity/rules_properties.h" +#include "modsecurity/transaction.h" void print_help() { std::cout << "Use ./optimization /path/to/files.something" << std::endl; diff --git a/test/regression/regression.cc b/test/regression/regression.cc index 4ecfbbc1..77d4e728 100644 --- a/test/regression/regression.cc +++ b/test/regression/regression.cc @@ -52,7 +52,7 @@ void print_help() { void actions(ModSecurityTestResults *r, - modsecurity::Assay *a) { + modsecurity::Transaction *a) { modsecurity::ModSecurityIntervention it; memset(&it, '\0', sizeof(modsecurity::ModSecurityIntervention)); it.status = 200; @@ -83,7 +83,7 @@ void perform_unit_test(std::vector *tests, CustomDebugLog *debug_log = new CustomDebugLog(); modsecurity::ModSecurity *modsec = NULL; modsecurity::Rules *modsec_rules = NULL; - modsecurity::Assay *modsec_assay = NULL; + modsecurity::Transaction *modsec_transaction = NULL; ModSecurityTestResults r; std::stringstream serverLog; RegressionTestResult *testRes = new RegressionTestResult(); @@ -131,7 +131,10 @@ void perform_unit_test(std::vector *tests, if (modsec_rules->load(t->rules.c_str(), filename) < 0) { /* Parser error */ if (t->parser_error.empty() == true) { - /* Not expecting any error, thus return the error to the user. */ + /* + * Not expecting any error, thus return the error to + * the user. + */ std::cout << KRED << "failed!" << RESET << std::endl; testRes->reason << KRED << "parse failed." << RESET \ << std::endl; @@ -182,69 +185,69 @@ void perform_unit_test(std::vector *tests, } } - modsec_assay = new modsecurity::Assay(modsec, modsec_rules, + modsec_transaction = new modsecurity::Transaction(modsec, modsec_rules, &serverLog); - modsec_assay->processConnection(t->clientIp.c_str(), + modsec_transaction->processConnection(t->clientIp.c_str(), t->clientPort, t->serverIp.c_str(), t->serverPort); - actions(&r, modsec_assay); + actions(&r, modsec_transaction); if (r.status != 200) { goto end; } - modsec_assay->processURI(t->uri.c_str(), t->method.c_str(), + modsec_transaction->processURI(t->uri.c_str(), t->method.c_str(), t->httpVersion.c_str()); - actions(&r, modsec_assay); + actions(&r, modsec_transaction); if (r.status != 200) { goto end; } for (std::pair headers : t->request_headers) { - modsec_assay->addRequestHeader(headers.first.c_str(), + modsec_transaction->addRequestHeader(headers.first.c_str(), headers.second.c_str()); } - modsec_assay->processRequestHeaders(); - actions(&r, modsec_assay); + modsec_transaction->processRequestHeaders(); + actions(&r, modsec_transaction); if (r.status != 200) { goto end; } - modsec_assay->appendRequestBody( + modsec_transaction->appendRequestBody( (unsigned char *)t->request_body.c_str(), t->request_body.size()); - modsec_assay->processRequestBody(); - actions(&r, modsec_assay); + modsec_transaction->processRequestBody(); + actions(&r, modsec_transaction); if (r.status != 200) { goto end; } for (std::pair headers : t->response_headers) { - modsec_assay->addResponseHeader(headers.first.c_str(), + modsec_transaction->addResponseHeader(headers.first.c_str(), headers.second.c_str()); } - modsec_assay->processResponseHeaders(); - actions(&r, modsec_assay); + modsec_transaction->processResponseHeaders(); + actions(&r, modsec_transaction); if (r.status != 200) { goto end; } - modsec_assay->appendResponseBody( + modsec_transaction->appendResponseBody( (unsigned char *)t->response_body.c_str(), t->response_body.size()); - modsec_assay->processResponseBody(); - actions(&r, modsec_assay); + modsec_transaction->processResponseBody(); + actions(&r, modsec_transaction); if (r.status != 200) { goto end; } end: - modsec_assay->processLogging(r.status); + modsec_transaction->processLogging(r.status); CustomDebugLog *d = reinterpret_cast (modsec_rules->m_debugLog); @@ -281,7 +284,7 @@ after_debug_log: r.log_raw_debug_log = d->log_messages(); } - delete modsec_assay; + delete modsec_transaction; delete modsec_rules; delete modsec; /* delete debug_log; */