From abf59f4b84992195e9ba58c378d8ab4441f73b6b Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Wed, 23 Sep 2020 13:48:15 -0300 Subject: [PATCH] Refactoring on Action - having RuleWithAction and RuleWithActionsProperties --- src/Makefile.am | 1 + src/actions/action_with_run_time_string.h | 4 +- src/actions/audit_log.h | 2 +- src/actions/block.h | 2 +- src/actions/capture.h | 2 +- src/actions/log.h | 2 +- src/actions/multi_match.h | 2 +- src/actions/no_audit_log.h | 2 +- src/actions/no_log.h | 2 +- src/actions/set_var.h | 2 +- src/actions/tag.h | 2 +- src/operators/detect_sqli.cc | 2 +- src/operators/detect_xss.cc | 2 +- src/operators/pm.cc | 2 +- src/operators/rbl.cc | 2 +- src/operators/rx.cc | 2 +- src/operators/rx_global.cc | 2 +- src/operators/verify_cc.cc | 2 +- src/operators/verify_cpf.cc | 2 +- src/operators/verify_ssn.cc | 2 +- src/operators/verify_svnr.cc | 2 +- src/parser/driver.cc | 39 +- src/parser/seclang-parser.cc | 1577 ++++++++--------- src/parser/seclang-parser.yy | 47 +- src/rule_message.cc | 2 +- src/rule_script.h | 2 +- src/rule_unconditional.h | 2 +- src/rule_with_actions.cc | 459 +++-- src/rule_with_actions.h | 664 +++---- src/rule_with_actions_properties.cc | 150 ++ src/rule_with_actions_properties.h | 213 +++ src/rule_with_operator.cc | 7 +- src/rule_with_operator.h | 2 +- src/rules_set.cc | 4 +- src/run_time_string.h | 14 +- src/transaction.cc | 7 +- src/transformation_result.h | 68 + src/variables/rule.h | 4 +- src/variables/rule_variable.h | 2 +- src/variables/variable_with_runtime_string.h | 2 +- .../regression/config-secdefaultaction.json | 8 +- test/test-cases/regression/issue-1528.json | 5 +- test/test-cases/regression/issue-1844.json | 4 +- 43 files changed, 1794 insertions(+), 1531 deletions(-) create mode 100644 src/rule_with_actions_properties.cc create mode 100644 src/rule_with_actions_properties.h create mode 100644 src/transformation_result.h diff --git a/src/Makefile.am b/src/Makefile.am index 899d9998..b04e095d 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -288,6 +288,7 @@ libmodsecurity_la_SOURCES = \ rules.cc \ rule_unconditional.cc \ rule_with_actions.cc \ + rule_with_actions_properties.cc \ rule_with_operator.cc \ rule_message.cc \ rule_script.cc \ diff --git a/src/actions/action_with_run_time_string.h b/src/actions/action_with_run_time_string.h index 76e12d3e..2d1b577d 100644 --- a/src/actions/action_with_run_time_string.h +++ b/src/actions/action_with_run_time_string.h @@ -43,14 +43,14 @@ class ActionWithRunTimeString : public virtual Action { return *this; } - virtual void populate(RuleWithActions *rule) { + virtual void populate(const RuleWithActions *rule) { if (m_string) { m_string->populate(rule); } } std::string getEvaluatedRunTimeString(const Transaction *transaction) const noexcept { - return (m_string == nullptr)?"":m_string->evaluate(transaction); + return (!m_string)?"":m_string->evaluate(transaction); } bool hasRunTimeString() const noexcept { diff --git a/src/actions/audit_log.h b/src/actions/audit_log.h index d1851537..0f34bab5 100644 --- a/src/actions/audit_log.h +++ b/src/actions/audit_log.h @@ -36,7 +36,7 @@ class AuditLog : public ActionTypeRuleMetaData, { } void configure(RuleWithActions *rule) override { - rule->setHasAuditLogAction(true); + rule->setAuditLog(true); } }; diff --git a/src/actions/block.h b/src/actions/block.h index 8800ea05..e50d8372 100644 --- a/src/actions/block.h +++ b/src/actions/block.h @@ -37,7 +37,7 @@ class Block : public ActionTypeRuleMetaData, { } void configure(RuleWithActions *rule) override { - rule->setHasBlockAction(true); + rule->setBlock(true); } }; diff --git a/src/actions/capture.h b/src/actions/capture.h index 041635a5..28bb02fb 100644 --- a/src/actions/capture.h +++ b/src/actions/capture.h @@ -33,7 +33,7 @@ class Capture : public ActionTypeRuleMetaData { : Action("capture") { } void configure(RuleWithActions *rule) override { - rule->setHasCaptureAction(true); + rule->setHasCapture(true); } }; diff --git a/src/actions/log.h b/src/actions/log.h index caa968da..b69edca7 100644 --- a/src/actions/log.h +++ b/src/actions/log.h @@ -37,7 +37,7 @@ class Log : public ActionTypeRuleMetaData, { } void configure(RuleWithActions *rule) override { - rule->setHasLogAction(true); + rule->setLog(true); } }; diff --git a/src/actions/multi_match.h b/src/actions/multi_match.h index f8a72694..74f14313 100644 --- a/src/actions/multi_match.h +++ b/src/actions/multi_match.h @@ -34,7 +34,7 @@ class MultiMatch : public ActionTypeRuleMetaData { void configure(RuleWithActions *rule) override { - rule->setHasMultimatchAction(true); + rule->setMultiMatch(true); } }; diff --git a/src/actions/no_audit_log.h b/src/actions/no_audit_log.h index 8b0252bb..604d65c8 100644 --- a/src/actions/no_audit_log.h +++ b/src/actions/no_audit_log.h @@ -36,7 +36,7 @@ class NoAuditLog : public ActionTypeRuleMetaData, { } void configure(RuleWithActions *rule) override { - rule->setHasNoAuditLogAction(true); + rule->setNoAuditLog(true); } }; diff --git a/src/actions/no_log.h b/src/actions/no_log.h index 126458d9..6d74068a 100644 --- a/src/actions/no_log.h +++ b/src/actions/no_log.h @@ -36,7 +36,7 @@ class NoLog : public ActionTypeRuleMetaData, { } void configure(RuleWithActions *rule) override { - rule->setHasNoLogAction(true); + rule->setNoLog(true); } }; diff --git a/src/actions/set_var.h b/src/actions/set_var.h index f8b24a42..bb0d1daa 100644 --- a/src/actions/set_var.h +++ b/src/actions/set_var.h @@ -87,7 +87,7 @@ class SetVar : public ActionWithRunTimeString, public ActionWithExecution { bool execute(Transaction *transaction) const noexcept override; - void populate(RuleWithActions *rule) override { + void populate(const RuleWithActions *rule) override { ActionWithRunTimeString::populate(rule); variables::RuleVariable *rulev = dynamic_cast( diff --git a/src/actions/tag.h b/src/actions/tag.h index e11605ac..100fd9c6 100644 --- a/src/actions/tag.h +++ b/src/actions/tag.h @@ -47,7 +47,7 @@ class Tag : public ActionWithRunTimeString, bool execute(Transaction *transaction) const noexcept override; - inline std::string getTagName(Transaction *transaction) const { + inline std::string getTagName(const Transaction *transaction) const { return getEvaluatedRunTimeString(transaction); } diff --git a/src/operators/detect_sqli.cc b/src/operators/detect_sqli.cc index 5cd83be9..c99861e5 100644 --- a/src/operators/detect_sqli.cc +++ b/src/operators/detect_sqli.cc @@ -45,7 +45,7 @@ bool DetectSQLi::evaluate(Transaction *transaction, ms_dbg_a(transaction, 4, "detected SQLi using libinjection with " \ "fingerprint '" + std::string(fingerprint) + "' at: '" + input.to_string() + "'"); - if (rule && rule->hasCaptureAction()) { + if (rule && rule->hasCapture()) { transaction->m_collections.m_tx_collection->storeOrUpdateFirst( "0", std::string(fingerprint)); ms_dbg_a(transaction, 7, "Added DetectSQLi match TX.0: " + \ diff --git a/src/operators/detect_xss.cc b/src/operators/detect_xss.cc index e62734b9..eb44f5d1 100644 --- a/src/operators/detect_xss.cc +++ b/src/operators/detect_xss.cc @@ -37,7 +37,7 @@ bool DetectXSS::evaluate(Transaction *transaction, if (transaction) { if (is_xss) { ms_dbg_a(transaction, 5, "detected XSS using libinjection."); - if (rule && rule->hasCaptureAction()) { + if (rule && rule->hasCapture()) { transaction->m_collections.m_tx_collection->storeOrUpdateFirst( "0", std::string(input)); ms_dbg_a(transaction, 7, "Added DetectXSS match TX.0: " + \ diff --git a/src/operators/pm.cc b/src/operators/pm.cc index d93e191b..09887834 100644 --- a/src/operators/pm.cc +++ b/src/operators/pm.cc @@ -105,7 +105,7 @@ bool Pm::evaluate(Transaction *transaction, logOffset(ruleMessage, rc - match_.size() + 1, match_.size()); transaction->m_matched.push_back(match_); - if (rule && rule->hasCaptureAction()) { + if (rule && rule->hasCapture()) { transaction->m_collections.m_tx_collection->storeOrUpdateFirst("0", match_); ms_dbg_a(transaction, 7, "Added pm match TX.0: " + \ diff --git a/src/operators/rbl.cc b/src/operators/rbl.cc index 80f7277d..c756051b 100644 --- a/src/operators/rbl.cc +++ b/src/operators/rbl.cc @@ -229,7 +229,7 @@ bool Rbl::evaluate(Transaction *transaction, furtherInfo(sin, str.c_str(), transaction, m_provider); freeaddrinfo(info); - if (rule && transaction && rule->hasCaptureAction()) { + if (rule && transaction && rule->hasCapture()) { transaction->m_collections.m_tx_collection->storeOrUpdateFirst( "0", std::string(str)); ms_dbg_a(transaction, 7, "Added RXL match TX.0: " + \ diff --git a/src/operators/rx.cc b/src/operators/rx.cc index 24fd1c77..5b79d23f 100644 --- a/src/operators/rx.cc +++ b/src/operators/rx.cc @@ -58,7 +58,7 @@ bool Rx::evaluate(Transaction *transaction, std::vector captures; // FIXME: searchOneMatch should accept string_view. re->searchOneMatch(input.c_str(), captures); - if (rule && rule->hasCaptureAction() && transaction) { + if (rule && rule->hasCapture() && transaction) { for (const Utils::SMatchCapture& capture : captures) { const std::string capture_substring(input.substr(capture.m_offset,capture.m_length)); transaction->m_collections.m_tx_collection->storeOrUpdateFirst( diff --git a/src/operators/rx_global.cc b/src/operators/rx_global.cc index a4dec062..a9a6babb 100644 --- a/src/operators/rx_global.cc +++ b/src/operators/rx_global.cc @@ -54,7 +54,7 @@ bool RxGlobal::evaluate(Transaction *transaction, const RuleWithActions *rule, std::vector captures; re->searchGlobal(input.c_str(), captures); - if (rule && rule->hasCaptureAction() && transaction) { + if (rule && rule->hasCapture() && transaction) { for (const Utils::SMatchCapture& capture : captures) { const std::string capture_substring(input.substr(capture.m_offset,capture.m_length)); transaction->m_collections.m_tx_collection->storeOrUpdateFirst( diff --git a/src/operators/verify_cc.cc b/src/operators/verify_cc.cc index b7a0e789..3acab213 100644 --- a/src/operators/verify_cc.cc +++ b/src/operators/verify_cc.cc @@ -145,7 +145,7 @@ bool VerifyCC::evaluate(Transaction *transaction, int is_cc = luhnVerify(match.c_str(), match.size()); if (is_cc) { if (transaction) { - if (rule && rule->hasCaptureAction()) { + if (rule && rule->hasCapture()) { transaction->m_collections.m_tx_collection->storeOrUpdateFirst( "0", std::string(match)); ms_dbg_a(transaction, 7, "Added VerifyCC match TX.0: " + \ diff --git a/src/operators/verify_cpf.cc b/src/operators/verify_cpf.cc index 45310f3b..fe2e51e6 100644 --- a/src/operators/verify_cpf.cc +++ b/src/operators/verify_cpf.cc @@ -128,7 +128,7 @@ bool VerifyCPF::evaluate(Transaction *transaction, is_cpf = verify(m.str().c_str(), m.str().size()); if (is_cpf) { logOffset(ruleMessage, m.offset(), m.str().size()); - if (rule && transaction && rule->hasCaptureAction()) { + if (rule && transaction && rule->hasCapture()) { transaction->m_collections.m_tx_collection->storeOrUpdateFirst( "0", m.str()); ms_dbg_a(transaction, 7, "Added VerifyCPF match TX.0: " + \ diff --git a/src/operators/verify_ssn.cc b/src/operators/verify_ssn.cc index 16c8ec7b..79e35cfa 100644 --- a/src/operators/verify_ssn.cc +++ b/src/operators/verify_ssn.cc @@ -130,7 +130,7 @@ bool VerifySSN::evaluate(Transaction *transaction, is_ssn = verify(j.str().c_str(), j.str().size()); if (is_ssn) { logOffset(ruleMessage, j.offset(), j.str().size()); - if (rule && transaction && rule->hasCaptureAction()) { + if (rule && transaction && rule->hasCapture()) { transaction->m_collections.m_tx_collection->storeOrUpdateFirst( "0", j.str()); ms_dbg_a(transaction, 7, "Added VerifySSN match TX.0: " + \ diff --git a/src/operators/verify_svnr.cc b/src/operators/verify_svnr.cc index 2673afd6..908500cf 100644 --- a/src/operators/verify_svnr.cc +++ b/src/operators/verify_svnr.cc @@ -97,7 +97,7 @@ bool VerifySVNR::evaluate(Transaction *t, is_svnr = verify(j.str().c_str(), j.str().size()); if (is_svnr) { logOffset(ruleMessage, j.offset(), j.str().size()); - if (rule && t && rule->hasCaptureAction()) { + if (rule && t && rule->hasCapture()) { t->m_collections.m_tx_collection->storeOrUpdateFirst( "0", j.str()); ms_dbg_a(t, 7, "Added VerifySVNR match TX.0: " + \ diff --git a/src/parser/driver.cc b/src/parser/driver.cc index 15f6615f..acb7d6b8 100644 --- a/src/parser/driver.cc +++ b/src/parser/driver.cc @@ -109,59 +109,62 @@ int Driver::addSecRule(std::unique_ptr r) { ); firstRule->setLogDataAction(nullptr); } - if (firstRule->hasSeverityAction()) { + if (firstRule->hasSeverity()) { firstRule->getChainedParent()->setSeverity( firstRule->getSeverity() ); } - if (firstRule->hasRevisionAction()) { + if (firstRule->hasRevision()) { firstRule->getChainedParent()->setRevision( firstRule->getRevision() ); } - if (firstRule->hasVersionAction()) { + if (firstRule->hasVersion()) { firstRule->getChainedParent()->setVersion( firstRule->getVersion() ); } - if (firstRule->hasAccuracyAction()) { + if (firstRule->hasAccuracy()) { firstRule->getChainedParent()->setAccuracy( firstRule->getAccuracy() ); } - if (firstRule->hasMaturityAction()) { + if (firstRule->hasMaturity()) { firstRule->getChainedParent()->setMaturity( firstRule->getMaturity() ); } - if (firstRule->hasTagAction()) { + if (firstRule->hasTags()) { firstRule->getChainedParent()->setTags( - firstRule->getTagsAction() + firstRule->getTags() ); - firstRule->cleanTags(); + firstRule->clearTags(); } + /* disruptive can only be set on the first rule if (firstRule->hasDisruptiveAction()) { firstRule->getChainedParent()->setDisruptiveAction( firstRule->getDisruptiveAction() ); firstRule->setDisruptiveAction(nullptr); } - firstRule->getChainedParent()->setHasBlockAction( - firstRule->hasBlockAction() + */ + + firstRule->getChainedParent()->setBlock( + firstRule->hasBlock() ); - firstRule->getChainedParent()->setHasLogAction( - firstRule->hasLogAction() + firstRule->getChainedParent()->setLog( + firstRule->hasLog() ); - firstRule->getChainedParent()->setHasLogAction( - firstRule->hasNoLogAction() + firstRule->getChainedParent()->setNoLog( + firstRule->hasNoLog() ); - firstRule->getChainedParent()->setHasAuditLogAction( - firstRule->hasAuditLogAction() + firstRule->getChainedParent()->setAuditLog( + firstRule->hasAuditLog() ); - firstRule->getChainedParent()->setHasNoAuditLogAction( - firstRule->hasNoAuditLogAction() + firstRule->getChainedParent()->setNoAuditLog( + firstRule->hasNoAuditLog() ); firstRule = firstRule->getChainedParent(); } diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc index 5a9bbe5e..ae62f7cd 100644 --- a/src/parser/seclang-parser.cc +++ b/src/parser/seclang-parser.cc @@ -2281,7 +2281,7 @@ namespace yy { case 75: // expression: "DIRECTIVE" variables op actions #line 1077 "seclang-parser.yy" { - std::vector *a = new std::vector(); + std::vector> *a = new std::vector>(); std::vector > *t = new std::vector >(); for (auto &i : *yystack_[0].value.as < std::unique_ptr > > > ().get()) { if (dynamic_cast(i.get())) { @@ -2289,7 +2289,7 @@ namespace yy { std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { - a->push_back(i.release()); + a->push_back(std::move(i)); } } variables::Variables *v = new variables::Variables(); @@ -2306,7 +2306,7 @@ namespace yy { /* file name */ std::unique_ptr(new std::string(*yystack_[3].location.end.filename)), /* line number */ yystack_[3].location.end.line )); - + // TODO: filename should be a shared_ptr. if (driver.addSecRule(std::move(rule)) == false) { YYERROR; } @@ -2340,7 +2340,7 @@ namespace yy { case 77: // expression: "CONFIG_DIR_SEC_ACTION" actions #line 1128 "seclang-parser.yy" { - std::vector *a = new std::vector(); + std::vector> *a = new std::vector>(); std::vector > *t = new std::vector >(); for (auto &i : *yystack_[0].value.as < std::unique_ptr > > > ().get()) { if (dynamic_cast(i.get())) { @@ -2348,7 +2348,7 @@ namespace yy { std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { - a->push_back(i.release()); + a->push_back(std::move(i)); } } std::unique_ptr rule(new RuleUnconditional( @@ -2366,7 +2366,7 @@ namespace yy { #line 1149 "seclang-parser.yy" { std::string err; - std::vector *a = new std::vector(); + std::vector> *a = new std::vector>(); std::vector > *t = new std::vector >(); for (auto &i : *yystack_[0].value.as < std::unique_ptr > > > ().get()) { if (dynamic_cast(i.get())) { @@ -2374,7 +2374,7 @@ namespace yy { std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { - a->push_back(i.release()); + a->push_back(std::move(i)); } } std::unique_ptr r(new RuleScript( @@ -2400,25 +2400,25 @@ namespace yy { #line 1179 "seclang-parser.yy" { bool hasDisruptive = false; - std::vector *actions = new std::vector(); + std::vector> *actions = new std::vector>(); for (auto &i : *yystack_[0].value.as < std::unique_ptr > > > ().get()) { - actions->push_back(i.release()); + actions->push_back(std::move(i)); } - std::vector checkedActions; + std::vector> checkedActions; int definedPhase = -1; int secRuleDefinedPhase = -1; - for (actions::Action *a : *actions) { - actions::Phase *phase = dynamic_cast(a); - if (dynamic_cast(a) != NULL - && dynamic_cast(a) == NULL) { + for (auto &a : *actions) { + actions::Phase *phase = dynamic_cast(a.get()); + if (dynamic_cast(a.get()) != NULL + && dynamic_cast(a.get()) == NULL) { hasDisruptive = true; } if (phase != NULL) { definedPhase = phase->getPhase(); secRuleDefinedPhase = phase->getSecRulePhase(); delete phase; - } else if (dynamic_cast(a) - && !dynamic_cast(a)) { + } else if (dynamic_cast(a.get()) + && !dynamic_cast(a.get())) { checkedActions.push_back(a); } else { driver.error(yystack_[2].location, "The action '" + *a->getName() + "' is not suitable to be part of the SecDefaultActions"); @@ -2428,12 +2428,10 @@ namespace yy { if (definedPhase == -1) { definedPhase = modsecurity::Phases::RequestHeadersPhase; } - if (hasDisruptive == false) { driver.error(yystack_[2].location, "SecDefaultAction must specify a disruptive action."); YYERROR; } - if (!driver.m_rulesSetPhases[definedPhase]->m_defaultActions.empty()) { std::stringstream ss; ss << "SecDefaultActions can only be placed once per phase and configuration context. Phase "; @@ -2442,91 +2440,88 @@ namespace yy { driver.error(yystack_[2].location, ss.str()); YYERROR; } - - for (actions::Action *a : checkedActions) { - if (dynamic_cast(a)) { + for (auto &a : checkedActions) { + if (dynamic_cast(a.get())) { driver.m_rulesSetPhases[definedPhase]->m_defaultTransformations.push_back( - std::shared_ptr( - dynamic_cast(a))); + std::dynamic_pointer_cast(a)); } else { - driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(std::unique_ptr(a)); + driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(a); } } - - delete actions; + //delete actions; } -#line 2459 "seclang-parser.cc" +#line 2454 "seclang-parser.cc" break; case 80: // expression: "CONFIG_DIR_SEC_MARKER" -#line 1237 "seclang-parser.yy" +#line 1232 "seclang-parser.yy" { driver.addSecMarker(modsecurity::utils::string::removeBracketsIfNeeded(yystack_[0].value.as < std::string > ()), /* file name */ std::unique_ptr(new std::string(*yystack_[0].location.end.filename)), /* line number */ yystack_[0].location.end.line ); } -#line 2470 "seclang-parser.cc" +#line 2465 "seclang-parser.cc" break; case 81: // expression: "CONFIG_DIR_RULE_ENG" "CONFIG_VALUE_OFF" -#line 1244 "seclang-parser.yy" +#line 1239 "seclang-parser.yy" { driver.m_secRuleEngine = modsecurity::RulesSet::DisabledRuleEngine; } -#line 2478 "seclang-parser.cc" +#line 2473 "seclang-parser.cc" break; case 82: // expression: "CONFIG_DIR_RULE_ENG" "CONFIG_VALUE_ON" -#line 1248 "seclang-parser.yy" +#line 1243 "seclang-parser.yy" { driver.m_secRuleEngine = modsecurity::RulesSet::EnabledRuleEngine; } -#line 2486 "seclang-parser.cc" +#line 2481 "seclang-parser.cc" break; case 83: // expression: "CONFIG_DIR_RULE_ENG" "CONFIG_VALUE_DETC" -#line 1252 "seclang-parser.yy" +#line 1247 "seclang-parser.yy" { driver.m_secRuleEngine = modsecurity::RulesSet::DetectionOnlyRuleEngine; } -#line 2494 "seclang-parser.cc" +#line 2489 "seclang-parser.cc" break; case 84: // expression: "CONFIG_DIR_REQ_BODY" "CONFIG_VALUE_ON" -#line 1256 "seclang-parser.yy" +#line 1251 "seclang-parser.yy" { driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean; } -#line 2502 "seclang-parser.cc" +#line 2497 "seclang-parser.cc" break; case 85: // expression: "CONFIG_DIR_REQ_BODY" "CONFIG_VALUE_OFF" -#line 1260 "seclang-parser.yy" +#line 1255 "seclang-parser.yy" { driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::FalseConfigBoolean; } -#line 2510 "seclang-parser.cc" +#line 2505 "seclang-parser.cc" break; case 86: // expression: "CONFIG_DIR_RES_BODY" "CONFIG_VALUE_ON" -#line 1264 "seclang-parser.yy" +#line 1259 "seclang-parser.yy" { driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean; } -#line 2518 "seclang-parser.cc" +#line 2513 "seclang-parser.cc" break; case 87: // expression: "CONFIG_DIR_RES_BODY" "CONFIG_VALUE_OFF" -#line 1268 "seclang-parser.yy" +#line 1263 "seclang-parser.yy" { driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::FalseConfigBoolean; } -#line 2526 "seclang-parser.cc" +#line 2521 "seclang-parser.cc" break; case 88: // expression: "CONFIG_SEC_ARGUMENT_SEPARATOR" -#line 1272 "seclang-parser.yy" +#line 1267 "seclang-parser.yy" { if (yystack_[0].value.as < std::string > ().length() != 1) { driver.error(yystack_[1].location, "Argument separator should be set to a single character."); @@ -2535,259 +2530,259 @@ namespace yy { driver.m_secArgumentSeparator.m_value = yystack_[0].value.as < std::string > (); driver.m_secArgumentSeparator.m_set = true; } -#line 2539 "seclang-parser.cc" +#line 2534 "seclang-parser.cc" break; case 89: // expression: "CONFIG_COMPONENT_SIG" -#line 1281 "seclang-parser.yy" +#line 1276 "seclang-parser.yy" { driver.m_components.push_back(yystack_[0].value.as < std::string > ()); } -#line 2547 "seclang-parser.cc" +#line 2542 "seclang-parser.cc" break; case 90: // expression: "CONFIG_CONN_ENGINE" "CONFIG_VALUE_ON" -#line 1285 "seclang-parser.yy" +#line 1280 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecConnEngine is not yet supported."); YYERROR; } -#line 2556 "seclang-parser.cc" +#line 2551 "seclang-parser.cc" break; case 91: // expression: "CONFIG_CONN_ENGINE" "CONFIG_VALUE_OFF" -#line 1290 "seclang-parser.yy" +#line 1285 "seclang-parser.yy" { } -#line 2563 "seclang-parser.cc" +#line 2558 "seclang-parser.cc" break; case 92: // expression: "CONFIG_SEC_WEB_APP_ID" -#line 1293 "seclang-parser.yy" +#line 1288 "seclang-parser.yy" { driver.m_secWebAppId.m_value = yystack_[0].value.as < std::string > (); driver.m_secWebAppId.m_set = true; } -#line 2572 "seclang-parser.cc" +#line 2567 "seclang-parser.cc" break; case 93: // expression: "CONFIG_SEC_SERVER_SIG" -#line 1298 "seclang-parser.yy" +#line 1293 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecServerSignature is not supported."); YYERROR; } -#line 2581 "seclang-parser.cc" +#line 2576 "seclang-parser.cc" break; case 94: // expression: "CONFIG_SEC_CACHE_TRANSFORMATIONS" -#line 1303 "seclang-parser.yy" +#line 1298 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecCacheTransformations is not supported."); YYERROR; } -#line 2590 "seclang-parser.cc" +#line 2585 "seclang-parser.cc" break; case 95: // expression: "CONFIG_SEC_DISABLE_BACKEND_COMPRESS" "CONFIG_VALUE_ON" -#line 1308 "seclang-parser.yy" +#line 1303 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecDisableBackendCompression is not supported."); YYERROR; } -#line 2599 "seclang-parser.cc" +#line 2594 "seclang-parser.cc" break; case 96: // expression: "CONFIG_SEC_DISABLE_BACKEND_COMPRESS" "CONFIG_VALUE_OFF" -#line 1313 "seclang-parser.yy" +#line 1308 "seclang-parser.yy" { } -#line 2606 "seclang-parser.cc" +#line 2601 "seclang-parser.cc" break; case 97: // expression: "CONFIG_CONTENT_INJECTION" "CONFIG_VALUE_ON" -#line 1316 "seclang-parser.yy" +#line 1311 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecContentInjection is not yet supported."); YYERROR; } -#line 2615 "seclang-parser.cc" +#line 2610 "seclang-parser.cc" break; case 98: // expression: "CONFIG_CONTENT_INJECTION" "CONFIG_VALUE_OFF" -#line 1321 "seclang-parser.yy" +#line 1316 "seclang-parser.yy" { } -#line 2622 "seclang-parser.cc" +#line 2617 "seclang-parser.cc" break; case 99: // expression: "CONFIG_SEC_CHROOT_DIR" -#line 1324 "seclang-parser.yy" +#line 1319 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecChrootDir is not supported."); YYERROR; } -#line 2631 "seclang-parser.cc" +#line 2626 "seclang-parser.cc" break; case 100: // expression: "CONFIG_SEC_HASH_ENGINE" "CONFIG_VALUE_ON" -#line 1329 "seclang-parser.yy" +#line 1324 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecHashEngine is not yet supported."); YYERROR; } -#line 2640 "seclang-parser.cc" +#line 2635 "seclang-parser.cc" break; case 101: // expression: "CONFIG_SEC_HASH_ENGINE" "CONFIG_VALUE_OFF" -#line 1334 "seclang-parser.yy" +#line 1329 "seclang-parser.yy" { } -#line 2647 "seclang-parser.cc" +#line 2642 "seclang-parser.cc" break; case 102: // expression: "CONFIG_SEC_HASH_KEY" -#line 1337 "seclang-parser.yy" +#line 1332 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecHashKey is not yet supported."); YYERROR; } -#line 2656 "seclang-parser.cc" +#line 2651 "seclang-parser.cc" break; case 103: // expression: "CONFIG_SEC_HASH_PARAM" -#line 1342 "seclang-parser.yy" +#line 1337 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecHashParam is not yet supported."); YYERROR; } -#line 2665 "seclang-parser.cc" +#line 2660 "seclang-parser.cc" break; case 104: // expression: "CONFIG_SEC_HASH_METHOD_RX" -#line 1347 "seclang-parser.yy" +#line 1342 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecHashMethodRx is not yet supported."); YYERROR; } -#line 2674 "seclang-parser.cc" +#line 2669 "seclang-parser.cc" break; case 105: // expression: "CONFIG_SEC_HASH_METHOD_PM" -#line 1352 "seclang-parser.yy" +#line 1347 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecHashMethodPm is not yet supported."); YYERROR; } -#line 2683 "seclang-parser.cc" +#line 2678 "seclang-parser.cc" break; case 106: // expression: "CONFIG_DIR_GSB_DB" -#line 1357 "seclang-parser.yy" +#line 1352 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecGsbLookupDb is not supported."); YYERROR; } -#line 2692 "seclang-parser.cc" +#line 2687 "seclang-parser.cc" break; case 107: // expression: "CONFIG_SEC_GUARDIAN_LOG" -#line 1362 "seclang-parser.yy" +#line 1357 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecGuardianLog is not supported."); YYERROR; } -#line 2701 "seclang-parser.cc" +#line 2696 "seclang-parser.cc" break; case 108: // expression: "CONFIG_SEC_INTERCEPT_ON_ERROR" "CONFIG_VALUE_ON" -#line 1367 "seclang-parser.yy" +#line 1362 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecInterceptOnError is not yet supported."); YYERROR; } -#line 2710 "seclang-parser.cc" +#line 2705 "seclang-parser.cc" break; case 109: // expression: "CONFIG_SEC_INTERCEPT_ON_ERROR" "CONFIG_VALUE_OFF" -#line 1372 "seclang-parser.yy" +#line 1367 "seclang-parser.yy" { } -#line 2717 "seclang-parser.cc" +#line 2712 "seclang-parser.cc" break; case 110: // expression: "CONFIG_SEC_CONN_R_STATE_LIMIT" -#line 1375 "seclang-parser.yy" +#line 1370 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecConnReadStateLimit is not yet supported."); YYERROR; } -#line 2726 "seclang-parser.cc" +#line 2721 "seclang-parser.cc" break; case 111: // expression: "CONFIG_SEC_CONN_W_STATE_LIMIT" -#line 1380 "seclang-parser.yy" +#line 1375 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecConnWriteStateLimit is not yet supported."); YYERROR; } -#line 2735 "seclang-parser.cc" +#line 2730 "seclang-parser.cc" break; case 112: // expression: "CONFIG_SEC_SENSOR_ID" -#line 1385 "seclang-parser.yy" +#line 1380 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecSensorId is not yet supported."); YYERROR; } -#line 2744 "seclang-parser.cc" +#line 2739 "seclang-parser.cc" break; case 113: // expression: "CONFIG_SEC_RULE_INHERITANCE" "CONFIG_VALUE_ON" -#line 1390 "seclang-parser.yy" +#line 1385 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecRuleInheritance is not yet supported."); YYERROR; } -#line 2753 "seclang-parser.cc" +#line 2748 "seclang-parser.cc" break; case 114: // expression: "CONFIG_SEC_RULE_INHERITANCE" "CONFIG_VALUE_OFF" -#line 1395 "seclang-parser.yy" +#line 1390 "seclang-parser.yy" { } -#line 2760 "seclang-parser.cc" +#line 2755 "seclang-parser.cc" break; case 115: // expression: "CONFIG_SEC_RULE_PERF_TIME" -#line 1398 "seclang-parser.yy" +#line 1393 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecRulePerfTime is not yet supported."); YYERROR; } -#line 2769 "seclang-parser.cc" +#line 2764 "seclang-parser.cc" break; case 116: // expression: "CONFIG_SEC_STREAM_IN_BODY_INSPECTION" -#line 1403 "seclang-parser.yy" +#line 1398 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecStreamInBodyInspection is not supported."); YYERROR; } -#line 2778 "seclang-parser.cc" +#line 2773 "seclang-parser.cc" break; case 117: // expression: "CONFIG_SEC_STREAM_OUT_BODY_INSPECTION" -#line 1408 "seclang-parser.yy" +#line 1403 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecStreamOutBodyInspection is not supported."); YYERROR; } -#line 2787 "seclang-parser.cc" +#line 2782 "seclang-parser.cc" break; case 118: // expression: "CONFIG_SEC_RULE_REMOVE_BY_ID" -#line 1413 "seclang-parser.yy" +#line 1408 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.load(yystack_[0].value.as < std::string > (), &error) == false) { @@ -2800,11 +2795,11 @@ namespace yy { YYERROR; } } -#line 2804 "seclang-parser.cc" +#line 2799 "seclang-parser.cc" break; case 119: // expression: "CONFIG_SEC_RULE_REMOVE_BY_TAG" -#line 1426 "seclang-parser.yy" +#line 1421 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.loadRemoveRuleByTag(yystack_[0].value.as < std::string > (), &error) == false) { @@ -2817,11 +2812,11 @@ namespace yy { YYERROR; } } -#line 2821 "seclang-parser.cc" +#line 2816 "seclang-parser.cc" break; case 120: // expression: "CONFIG_SEC_RULE_REMOVE_BY_MSG" -#line 1439 "seclang-parser.yy" +#line 1434 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.loadRemoveRuleByMsg(yystack_[0].value.as < std::string > (), &error) == false) { @@ -2834,11 +2829,11 @@ namespace yy { YYERROR; } } -#line 2838 "seclang-parser.cc" +#line 2833 "seclang-parser.cc" break; case 121: // expression: "CONFIG_SEC_RULE_UPDATE_TARGET_BY_TAG" variables_pre_process -#line 1452 "seclang-parser.yy" +#line 1447 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.loadUpdateTargetByTag(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr > > > ()), &error) == false) { @@ -2851,11 +2846,11 @@ namespace yy { YYERROR; } } -#line 2855 "seclang-parser.cc" +#line 2850 "seclang-parser.cc" break; case 122: // expression: "CONFIG_SEC_RULE_UPDATE_TARGET_BY_MSG" variables_pre_process -#line 1465 "seclang-parser.yy" +#line 1460 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.loadUpdateTargetByMsg(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr > > > ()), &error) == false) { @@ -2868,11 +2863,11 @@ namespace yy { YYERROR; } } -#line 2872 "seclang-parser.cc" +#line 2867 "seclang-parser.cc" break; case 123: // expression: "CONFIG_SEC_RULE_UPDATE_TARGET_BY_ID" variables_pre_process -#line 1478 "seclang-parser.yy" +#line 1473 "seclang-parser.yy" { std::string error; std::istringstream iss(yystack_[1].value.as < std::string > ()); @@ -2898,11 +2893,11 @@ namespace yy { YYERROR; } } -#line 2902 "seclang-parser.cc" +#line 2897 "seclang-parser.cc" break; case 124: // expression: "CONFIG_SEC_RULE_UPDATE_ACTION_BY_ID" actions -#line 1504 "seclang-parser.yy" +#line 1499 "seclang-parser.yy" { std::string error; std::istringstream iss(yystack_[1].value.as < std::string > ()); @@ -2929,11 +2924,11 @@ namespace yy { YYERROR; } } -#line 2933 "seclang-parser.cc" +#line 2928 "seclang-parser.cc" break; case 125: // expression: "CONFIG_DIR_DEBUG_LVL" -#line 1532 "seclang-parser.yy" +#line 1527 "seclang-parser.yy" { if (driver.m_debugLog != NULL) { driver.m_debugLog->setDebugLogLevel(atoi(yystack_[0].value.as < std::string > ().c_str())); @@ -2945,11 +2940,11 @@ namespace yy { YYERROR; } } -#line 2949 "seclang-parser.cc" +#line 2944 "seclang-parser.cc" break; case 126: // expression: "CONFIG_DIR_DEBUG_LOG" -#line 1544 "seclang-parser.yy" +#line 1539 "seclang-parser.yy" { if (driver.m_debugLog != NULL) { std::string error; @@ -2968,11 +2963,11 @@ namespace yy { YYERROR; } } -#line 2972 "seclang-parser.cc" +#line 2967 "seclang-parser.cc" break; case 127: // expression: "CONFIG_DIR_GEO_DB" -#line 1564 "seclang-parser.yy" +#line 1559 "seclang-parser.yy" { #if defined(WITH_GEOIP) or defined(WITH_MAXMIND) std::string err; @@ -2999,38 +2994,38 @@ namespace yy { YYERROR; #endif // WITH_GEOIP } -#line 3003 "seclang-parser.cc" +#line 2998 "seclang-parser.cc" break; case 128: // expression: "CONFIG_DIR_ARGS_LIMIT" -#line 1591 "seclang-parser.yy" +#line 1586 "seclang-parser.yy" { driver.m_argumentsLimit.m_set = true; driver.m_argumentsLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str()); } -#line 3012 "seclang-parser.cc" +#line 3007 "seclang-parser.cc" break; case 129: // expression: "CONFIG_DIR_REQ_BODY_LIMIT" -#line 1597 "seclang-parser.yy" +#line 1592 "seclang-parser.yy" { driver.m_requestBodyLimit.m_set = true; driver.m_requestBodyLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str()); } -#line 3021 "seclang-parser.cc" +#line 3016 "seclang-parser.cc" break; case 130: // expression: "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT" -#line 1602 "seclang-parser.yy" +#line 1597 "seclang-parser.yy" { driver.m_requestBodyNoFilesLimit.m_set = true; driver.m_requestBodyNoFilesLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str()); } -#line 3030 "seclang-parser.cc" +#line 3025 "seclang-parser.cc" break; case 131: // expression: "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT" -#line 1607 "seclang-parser.yy" +#line 1602 "seclang-parser.yy" { std::stringstream ss; ss << "As of ModSecurity version 3.0, SecRequestBodyInMemoryLimit is no longer "; @@ -3039,68 +3034,68 @@ namespace yy { driver.error(yystack_[1].location, ss.str()); YYERROR; } -#line 3043 "seclang-parser.cc" +#line 3038 "seclang-parser.cc" break; case 132: // expression: "CONFIG_DIR_RES_BODY_LIMIT" -#line 1616 "seclang-parser.yy" +#line 1611 "seclang-parser.yy" { driver.m_responseBodyLimit.m_set = true; driver.m_responseBodyLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str()); } -#line 3052 "seclang-parser.cc" +#line 3047 "seclang-parser.cc" break; case 133: // expression: "CONFIG_DIR_REQ_BODY_LIMIT_ACTION" "CONFIG_VALUE_PROCESS_PARTIAL" -#line 1621 "seclang-parser.yy" +#line 1616 "seclang-parser.yy" { driver.m_requestBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::ProcessPartialBodyLimitAction; } -#line 3060 "seclang-parser.cc" +#line 3055 "seclang-parser.cc" break; case 134: // expression: "CONFIG_DIR_REQ_BODY_LIMIT_ACTION" "CONFIG_VALUE_REJECT" -#line 1625 "seclang-parser.yy" +#line 1620 "seclang-parser.yy" { driver.m_requestBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::RejectBodyLimitAction; } -#line 3068 "seclang-parser.cc" +#line 3063 "seclang-parser.cc" break; case 135: // expression: "CONFIG_DIR_RES_BODY_LIMIT_ACTION" "CONFIG_VALUE_PROCESS_PARTIAL" -#line 1629 "seclang-parser.yy" +#line 1624 "seclang-parser.yy" { driver.m_responseBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::ProcessPartialBodyLimitAction; } -#line 3076 "seclang-parser.cc" +#line 3071 "seclang-parser.cc" break; case 136: // expression: "CONFIG_DIR_RES_BODY_LIMIT_ACTION" "CONFIG_VALUE_REJECT" -#line 1633 "seclang-parser.yy" +#line 1628 "seclang-parser.yy" { driver.m_responseBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::RejectBodyLimitAction; } -#line 3084 "seclang-parser.cc" +#line 3079 "seclang-parser.cc" break; case 137: // expression: "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION" "CONFIG_VALUE_ABORT" -#line 1637 "seclang-parser.yy" +#line 1632 "seclang-parser.yy" { driver.m_remoteRulesActionOnFailed = RulesSet::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction; } -#line 3092 "seclang-parser.cc" +#line 3087 "seclang-parser.cc" break; case 138: // expression: "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION" "CONFIG_VALUE_WARN" -#line 1641 "seclang-parser.yy" +#line 1636 "seclang-parser.yy" { driver.m_remoteRulesActionOnFailed = RulesSet::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction; } -#line 3100 "seclang-parser.cc" +#line 3095 "seclang-parser.cc" break; case 141: // expression: "CONGIG_DIR_RESPONSE_BODY_MP" -#line 1655 "seclang-parser.yy" +#line 1650 "seclang-parser.yy" { std::istringstream buf(yystack_[0].value.as < std::string > ()); std::istream_iterator beg(buf), end; @@ -3112,37 +3107,37 @@ namespace yy { driver.m_responseBodyTypeToBeInspected.m_value.insert(*it); } } -#line 3116 "seclang-parser.cc" +#line 3111 "seclang-parser.cc" break; case 142: // expression: "CONGIG_DIR_RESPONSE_BODY_MP_CLEAR" -#line 1667 "seclang-parser.yy" +#line 1662 "seclang-parser.yy" { driver.m_responseBodyTypeToBeInspected.m_set = true; driver.m_responseBodyTypeToBeInspected.m_clear = true; driver.m_responseBodyTypeToBeInspected.m_value.clear(); } -#line 3126 "seclang-parser.cc" +#line 3121 "seclang-parser.cc" break; case 143: // expression: "CONFIG_XML_EXTERNAL_ENTITY" "CONFIG_VALUE_OFF" -#line 1673 "seclang-parser.yy" +#line 1668 "seclang-parser.yy" { driver.m_secXMLExternalEntity = modsecurity::RulesSetProperties::FalseConfigBoolean; } -#line 3134 "seclang-parser.cc" +#line 3129 "seclang-parser.cc" break; case 144: // expression: "CONFIG_XML_EXTERNAL_ENTITY" "CONFIG_VALUE_ON" -#line 1677 "seclang-parser.yy" +#line 1672 "seclang-parser.yy" { driver.m_secXMLExternalEntity = modsecurity::RulesSetProperties::TrueConfigBoolean; } -#line 3142 "seclang-parser.cc" +#line 3137 "seclang-parser.cc" break; case 145: // expression: "CONGIG_DIR_SEC_TMP_DIR" -#line 1681 "seclang-parser.yy" +#line 1676 "seclang-parser.yy" { /* Parser error disabled to avoid breaking default installations with modsecurity.conf-recommended std::stringstream ss; @@ -3153,31 +3148,31 @@ namespace yy { YYERROR; */ } -#line 3157 "seclang-parser.cc" +#line 3152 "seclang-parser.cc" break; case 148: // expression: "CONGIG_DIR_SEC_COOKIE_FORMAT" -#line 1702 "seclang-parser.yy" +#line 1697 "seclang-parser.yy" { if (atoi(yystack_[0].value.as < std::string > ().c_str()) == 1) { driver.error(yystack_[1].location, "SecCookieFormat 1 is not yet supported."); YYERROR; } } -#line 3168 "seclang-parser.cc" +#line 3163 "seclang-parser.cc" break; case 149: // expression: "CONFIG_SEC_COOKIEV0_SEPARATOR" -#line 1709 "seclang-parser.yy" +#line 1704 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecCookieV0Separator is not yet supported."); YYERROR; } -#line 3177 "seclang-parser.cc" +#line 3172 "seclang-parser.cc" break; case 151: // expression: "CONFIG_DIR_UNICODE_MAP_FILE" -#line 1719 "seclang-parser.yy" +#line 1714 "seclang-parser.yy" { std::string error; std::vector param; @@ -3231,31 +3226,31 @@ namespace yy { } } -#line 3235 "seclang-parser.cc" +#line 3230 "seclang-parser.cc" break; case 152: // expression: "CONFIG_SEC_COLLECTION_TIMEOUT" -#line 1773 "seclang-parser.yy" +#line 1768 "seclang-parser.yy" { /* Parser error disabled to avoid breaking default CRS installations with crs-setup.conf-recommended driver.error(@0, "SecCollectionTimeout is not yet supported."); YYERROR; */ } -#line 3246 "seclang-parser.cc" +#line 3241 "seclang-parser.cc" break; case 153: // expression: "CONFIG_SEC_HTTP_BLKEY" -#line 1780 "seclang-parser.yy" +#line 1775 "seclang-parser.yy" { driver.m_httpblKey.m_set = true; driver.m_httpblKey.m_value = yystack_[0].value.as < std::string > (); } -#line 3255 "seclang-parser.cc" +#line 3250 "seclang-parser.cc" break; case 154: // variables: variables_pre_process -#line 1788 "seclang-parser.yy" +#line 1783 "seclang-parser.yy" { std::unique_ptr > > originalList = std::move(yystack_[0].value.as < std::unique_ptr > > > ()); std::unique_ptr>> newList(new std::vector>()); @@ -3289,2362 +3284,2362 @@ namespace yy { } yylhs.value.as < std::unique_ptr > > > () = std::move(newNewList); } -#line 3293 "seclang-parser.cc" +#line 3288 "seclang-parser.cc" break; case 155: // variables_pre_process: variables_may_be_quoted -#line 1825 "seclang-parser.yy" +#line 1820 "seclang-parser.yy" { yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[0].value.as < std::unique_ptr > > > ()); } -#line 3301 "seclang-parser.cc" +#line 3296 "seclang-parser.cc" break; case 156: // variables_pre_process: "QUOTATION_MARK" variables_may_be_quoted "QUOTATION_MARK" -#line 1829 "seclang-parser.yy" +#line 1824 "seclang-parser.yy" { yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[1].value.as < std::unique_ptr > > > ()); } -#line 3309 "seclang-parser.cc" +#line 3304 "seclang-parser.cc" break; case 157: // variables_may_be_quoted: variables_may_be_quoted PIPE var -#line 1836 "seclang-parser.yy" +#line 1831 "seclang-parser.yy" { yystack_[2].value.as < std::unique_ptr > > > ()->push_back(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[2].value.as < std::unique_ptr > > > ()); } -#line 3318 "seclang-parser.cc" +#line 3313 "seclang-parser.cc" break; case 158: // variables_may_be_quoted: variables_may_be_quoted PIPE VAR_EXCLUSION var -#line 1841 "seclang-parser.yy" +#line 1836 "seclang-parser.yy" { std::unique_ptr c(new VariableModificatorExclusion(std::move(yystack_[0].value.as < std::unique_ptr > ()))); yystack_[3].value.as < std::unique_ptr > > > ()->push_back(std::move(c)); yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[3].value.as < std::unique_ptr > > > ()); } -#line 3328 "seclang-parser.cc" +#line 3323 "seclang-parser.cc" break; case 159: // variables_may_be_quoted: variables_may_be_quoted PIPE VAR_COUNT var -#line 1847 "seclang-parser.yy" +#line 1842 "seclang-parser.yy" { std::unique_ptr c(new VariableModificatorCount(std::move(yystack_[0].value.as < std::unique_ptr > ()))); yystack_[3].value.as < std::unique_ptr > > > ()->push_back(std::move(c)); yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[3].value.as < std::unique_ptr > > > ()); } -#line 3338 "seclang-parser.cc" +#line 3333 "seclang-parser.cc" break; case 160: // variables_may_be_quoted: var -#line 1853 "seclang-parser.yy" +#line 1848 "seclang-parser.yy" { std::unique_ptr>> b(new std::vector>()); b->push_back(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > > > () = std::move(b); } -#line 3348 "seclang-parser.cc" +#line 3343 "seclang-parser.cc" break; case 161: // variables_may_be_quoted: VAR_EXCLUSION var -#line 1859 "seclang-parser.yy" +#line 1854 "seclang-parser.yy" { std::unique_ptr>> b(new std::vector>()); std::unique_ptr c(new VariableModificatorExclusion(std::move(yystack_[0].value.as < std::unique_ptr > ()))); b->push_back(std::move(c)); yylhs.value.as < std::unique_ptr > > > () = std::move(b); } -#line 3359 "seclang-parser.cc" +#line 3354 "seclang-parser.cc" break; case 162: // variables_may_be_quoted: VAR_COUNT var -#line 1866 "seclang-parser.yy" +#line 1861 "seclang-parser.yy" { std::unique_ptr>> b(new std::vector>()); std::unique_ptr c(new VariableModificatorCount(std::move(yystack_[0].value.as < std::unique_ptr > ()))); b->push_back(std::move(c)); yylhs.value.as < std::unique_ptr > > > () = std::move(b); } -#line 3370 "seclang-parser.cc" +#line 3365 "seclang-parser.cc" break; case 163: // var: VARIABLE_ARGS "Dictionary element" -#line 1876 "seclang-parser.yy" +#line 1871 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Args_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3378 "seclang-parser.cc" +#line 3373 "seclang-parser.cc" break; case 164: // var: VARIABLE_ARGS "Dictionary element, selected by regexp" -#line 1880 "seclang-parser.yy" +#line 1875 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Args_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3386 "seclang-parser.cc" +#line 3381 "seclang-parser.cc" break; case 165: // var: VARIABLE_ARGS -#line 1884 "seclang-parser.yy" +#line 1879 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Args_NoDictElement()); } -#line 3394 "seclang-parser.cc" +#line 3389 "seclang-parser.cc" break; case 166: // var: VARIABLE_ARGS_POST "Dictionary element" -#line 1888 "seclang-parser.yy" +#line 1883 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPost_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3402 "seclang-parser.cc" +#line 3397 "seclang-parser.cc" break; case 167: // var: VARIABLE_ARGS_POST "Dictionary element, selected by regexp" -#line 1892 "seclang-parser.yy" +#line 1887 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPost_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3410 "seclang-parser.cc" +#line 3405 "seclang-parser.cc" break; case 168: // var: VARIABLE_ARGS_POST -#line 1896 "seclang-parser.yy" +#line 1891 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPost_NoDictElement()); } -#line 3418 "seclang-parser.cc" +#line 3413 "seclang-parser.cc" break; case 169: // var: VARIABLE_ARGS_GET "Dictionary element" -#line 1900 "seclang-parser.yy" +#line 1895 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGet_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3426 "seclang-parser.cc" +#line 3421 "seclang-parser.cc" break; case 170: // var: VARIABLE_ARGS_GET "Dictionary element, selected by regexp" -#line 1904 "seclang-parser.yy" +#line 1899 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGet_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3434 "seclang-parser.cc" +#line 3429 "seclang-parser.cc" break; case 171: // var: VARIABLE_ARGS_GET -#line 1908 "seclang-parser.yy" +#line 1903 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGet_NoDictElement()); } -#line 3442 "seclang-parser.cc" +#line 3437 "seclang-parser.cc" break; case 172: // var: VARIABLE_FILES_SIZES "Dictionary element" -#line 1912 "seclang-parser.yy" +#line 1907 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesSizes_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3450 "seclang-parser.cc" +#line 3445 "seclang-parser.cc" break; case 173: // var: VARIABLE_FILES_SIZES "Dictionary element, selected by regexp" -#line 1916 "seclang-parser.yy" +#line 1911 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesSizes_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3458 "seclang-parser.cc" +#line 3453 "seclang-parser.cc" break; case 174: // var: VARIABLE_FILES_SIZES -#line 1920 "seclang-parser.yy" +#line 1915 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesSizes_NoDictElement()); } -#line 3466 "seclang-parser.cc" +#line 3461 "seclang-parser.cc" break; case 175: // var: VARIABLE_FILES_NAMES "Dictionary element" -#line 1924 "seclang-parser.yy" +#line 1919 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3474 "seclang-parser.cc" +#line 3469 "seclang-parser.cc" break; case 176: // var: VARIABLE_FILES_NAMES "Dictionary element, selected by regexp" -#line 1928 "seclang-parser.yy" +#line 1923 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3482 "seclang-parser.cc" +#line 3477 "seclang-parser.cc" break; case 177: // var: VARIABLE_FILES_NAMES -#line 1932 "seclang-parser.yy" +#line 1927 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesNames_NoDictElement()); } -#line 3490 "seclang-parser.cc" +#line 3485 "seclang-parser.cc" break; case 178: // var: VARIABLE_FILES_TMP_CONTENT "Dictionary element" -#line 1936 "seclang-parser.yy" +#line 1931 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpContent_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3498 "seclang-parser.cc" +#line 3493 "seclang-parser.cc" break; case 179: // var: VARIABLE_FILES_TMP_CONTENT "Dictionary element, selected by regexp" -#line 1940 "seclang-parser.yy" +#line 1935 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpContent_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3506 "seclang-parser.cc" +#line 3501 "seclang-parser.cc" break; case 180: // var: VARIABLE_FILES_TMP_CONTENT -#line 1944 "seclang-parser.yy" +#line 1939 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpContent_NoDictElement()); } -#line 3514 "seclang-parser.cc" +#line 3509 "seclang-parser.cc" break; case 181: // var: VARIABLE_MULTIPART_FILENAME "Dictionary element" -#line 1948 "seclang-parser.yy" +#line 1943 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartFileName_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3522 "seclang-parser.cc" +#line 3517 "seclang-parser.cc" break; case 182: // var: VARIABLE_MULTIPART_FILENAME "Dictionary element, selected by regexp" -#line 1952 "seclang-parser.yy" +#line 1947 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartFileName_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3530 "seclang-parser.cc" +#line 3525 "seclang-parser.cc" break; case 183: // var: VARIABLE_MULTIPART_FILENAME -#line 1956 "seclang-parser.yy" +#line 1951 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartFileName_NoDictElement()); } -#line 3538 "seclang-parser.cc" +#line 3533 "seclang-parser.cc" break; case 184: // var: VARIABLE_MULTIPART_NAME "Dictionary element" -#line 1960 "seclang-parser.yy" +#line 1955 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartName_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3546 "seclang-parser.cc" +#line 3541 "seclang-parser.cc" break; case 185: // var: VARIABLE_MULTIPART_NAME "Dictionary element, selected by regexp" -#line 1964 "seclang-parser.yy" +#line 1959 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartName_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3554 "seclang-parser.cc" +#line 3549 "seclang-parser.cc" break; case 186: // var: VARIABLE_MULTIPART_NAME -#line 1968 "seclang-parser.yy" +#line 1963 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartName_NoDictElement()); } -#line 3562 "seclang-parser.cc" +#line 3557 "seclang-parser.cc" break; case 187: // var: VARIABLE_MATCHED_VARS_NAMES "Dictionary element" -#line 1972 "seclang-parser.yy" +#line 1967 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVarsNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3570 "seclang-parser.cc" +#line 3565 "seclang-parser.cc" break; case 188: // var: VARIABLE_MATCHED_VARS_NAMES "Dictionary element, selected by regexp" -#line 1976 "seclang-parser.yy" +#line 1971 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVarsNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3578 "seclang-parser.cc" +#line 3573 "seclang-parser.cc" break; case 189: // var: VARIABLE_MATCHED_VARS_NAMES -#line 1980 "seclang-parser.yy" +#line 1975 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVarsNames_NoDictElement()); } -#line 3586 "seclang-parser.cc" +#line 3581 "seclang-parser.cc" break; case 190: // var: VARIABLE_MATCHED_VARS "Dictionary element" -#line 1984 "seclang-parser.yy" +#line 1979 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVars_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3594 "seclang-parser.cc" +#line 3589 "seclang-parser.cc" break; case 191: // var: VARIABLE_MATCHED_VARS "Dictionary element, selected by regexp" -#line 1988 "seclang-parser.yy" +#line 1983 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVars_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3602 "seclang-parser.cc" +#line 3597 "seclang-parser.cc" break; case 192: // var: VARIABLE_MATCHED_VARS -#line 1992 "seclang-parser.yy" +#line 1987 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVars_NoDictElement()); } -#line 3610 "seclang-parser.cc" +#line 3605 "seclang-parser.cc" break; case 193: // var: VARIABLE_FILES "Dictionary element" -#line 1996 "seclang-parser.yy" +#line 1991 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Files_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3618 "seclang-parser.cc" +#line 3613 "seclang-parser.cc" break; case 194: // var: VARIABLE_FILES "Dictionary element, selected by regexp" -#line 2000 "seclang-parser.yy" +#line 1995 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Files_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3626 "seclang-parser.cc" +#line 3621 "seclang-parser.cc" break; case 195: // var: VARIABLE_FILES -#line 2004 "seclang-parser.yy" +#line 1999 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Files_NoDictElement()); } -#line 3634 "seclang-parser.cc" +#line 3629 "seclang-parser.cc" break; case 196: // var: VARIABLE_REQUEST_COOKIES "Dictionary element" -#line 2008 "seclang-parser.yy" +#line 2003 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookies_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3642 "seclang-parser.cc" +#line 3637 "seclang-parser.cc" break; case 197: // var: VARIABLE_REQUEST_COOKIES "Dictionary element, selected by regexp" -#line 2012 "seclang-parser.yy" +#line 2007 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookies_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3650 "seclang-parser.cc" +#line 3645 "seclang-parser.cc" break; case 198: // var: VARIABLE_REQUEST_COOKIES -#line 2016 "seclang-parser.yy" +#line 2011 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookies_NoDictElement()); } -#line 3658 "seclang-parser.cc" +#line 3653 "seclang-parser.cc" break; case 199: // var: VARIABLE_REQUEST_HEADERS "Dictionary element" -#line 2020 "seclang-parser.yy" +#line 2015 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeaders_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3666 "seclang-parser.cc" +#line 3661 "seclang-parser.cc" break; case 200: // var: VARIABLE_REQUEST_HEADERS "Dictionary element, selected by regexp" -#line 2024 "seclang-parser.yy" +#line 2019 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeaders_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3674 "seclang-parser.cc" +#line 3669 "seclang-parser.cc" break; case 201: // var: VARIABLE_REQUEST_HEADERS -#line 2028 "seclang-parser.yy" +#line 2023 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeaders_NoDictElement()); } -#line 3682 "seclang-parser.cc" +#line 3677 "seclang-parser.cc" break; case 202: // var: VARIABLE_RESPONSE_HEADERS "Dictionary element" -#line 2032 "seclang-parser.yy" +#line 2027 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeaders_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3690 "seclang-parser.cc" +#line 3685 "seclang-parser.cc" break; case 203: // var: VARIABLE_RESPONSE_HEADERS "Dictionary element, selected by regexp" -#line 2036 "seclang-parser.yy" +#line 2031 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeaders_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3698 "seclang-parser.cc" +#line 3693 "seclang-parser.cc" break; case 204: // var: VARIABLE_RESPONSE_HEADERS -#line 2040 "seclang-parser.yy" +#line 2035 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeaders_NoDictElement()); } -#line 3706 "seclang-parser.cc" +#line 3701 "seclang-parser.cc" break; case 205: // var: VARIABLE_GEO "Dictionary element" -#line 2044 "seclang-parser.yy" +#line 2039 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Geo_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3714 "seclang-parser.cc" +#line 3709 "seclang-parser.cc" break; case 206: // var: VARIABLE_GEO "Dictionary element, selected by regexp" -#line 2048 "seclang-parser.yy" +#line 2043 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Geo_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3722 "seclang-parser.cc" +#line 3717 "seclang-parser.cc" break; case 207: // var: VARIABLE_GEO -#line 2052 "seclang-parser.yy" +#line 2047 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Geo_NoDictElement()); } -#line 3730 "seclang-parser.cc" +#line 3725 "seclang-parser.cc" break; case 208: // var: VARIABLE_REQUEST_COOKIES_NAMES "Dictionary element" -#line 2056 "seclang-parser.yy" +#line 2051 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookiesNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3738 "seclang-parser.cc" +#line 3733 "seclang-parser.cc" break; case 209: // var: VARIABLE_REQUEST_COOKIES_NAMES "Dictionary element, selected by regexp" -#line 2060 "seclang-parser.yy" +#line 2055 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookiesNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3746 "seclang-parser.cc" +#line 3741 "seclang-parser.cc" break; case 210: // var: VARIABLE_REQUEST_COOKIES_NAMES -#line 2064 "seclang-parser.yy" +#line 2059 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookiesNames_NoDictElement()); } -#line 3754 "seclang-parser.cc" +#line 3749 "seclang-parser.cc" break; case 211: // var: VARIABLE_RULE "Dictionary element" -#line 2068 "seclang-parser.yy" +#line 2063 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Rule_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3762 "seclang-parser.cc" +#line 3757 "seclang-parser.cc" break; case 212: // var: VARIABLE_RULE "Dictionary element, selected by regexp" -#line 2072 "seclang-parser.yy" +#line 2067 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Rule_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3770 "seclang-parser.cc" +#line 3765 "seclang-parser.cc" break; case 213: // var: VARIABLE_RULE -#line 2076 "seclang-parser.yy" +#line 2071 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Rule_NoDictElement()); } -#line 3778 "seclang-parser.cc" +#line 3773 "seclang-parser.cc" break; case 214: // var: "RUN_TIME_VAR_ENV" "Dictionary element" -#line 2080 "seclang-parser.yy" +#line 2075 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Env("ENV:" + yystack_[0].value.as < std::string > ())); } -#line 3786 "seclang-parser.cc" +#line 3781 "seclang-parser.cc" break; case 215: // var: "RUN_TIME_VAR_ENV" "Dictionary element, selected by regexp" -#line 2084 "seclang-parser.yy" +#line 2079 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Env("ENV:" + yystack_[0].value.as < std::string > ())); } -#line 3794 "seclang-parser.cc" +#line 3789 "seclang-parser.cc" break; case 216: // var: "RUN_TIME_VAR_ENV" -#line 2088 "seclang-parser.yy" +#line 2083 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Env("ENV")); } -#line 3802 "seclang-parser.cc" +#line 3797 "seclang-parser.cc" break; case 217: // var: "RUN_TIME_VAR_XML" "Dictionary element" -#line 2092 "seclang-parser.yy" +#line 2087 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::XML_WithNSPath(yystack_[0].value.as < std::string > ())); } -#line 3810 "seclang-parser.cc" +#line 3805 "seclang-parser.cc" break; case 218: // var: "RUN_TIME_VAR_XML" "Dictionary element, selected by regexp" -#line 2096 "seclang-parser.yy" +#line 2091 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::XML_WithNSPath(yystack_[0].value.as < std::string > ())); } -#line 3818 "seclang-parser.cc" +#line 3813 "seclang-parser.cc" break; case 219: // var: "RUN_TIME_VAR_XML" -#line 2100 "seclang-parser.yy" +#line 2095 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::XML_WithoutNSPath()); } -#line 3826 "seclang-parser.cc" +#line 3821 "seclang-parser.cc" break; case 220: // var: "FILES_TMPNAMES" "Dictionary element" -#line 2104 "seclang-parser.yy" +#line 2099 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3834 "seclang-parser.cc" +#line 3829 "seclang-parser.cc" break; case 221: // var: "FILES_TMPNAMES" "Dictionary element, selected by regexp" -#line 2108 "seclang-parser.yy" +#line 2103 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3842 "seclang-parser.cc" +#line 3837 "seclang-parser.cc" break; case 222: // var: "FILES_TMPNAMES" -#line 2112 "seclang-parser.yy" +#line 2107 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpNames_NoDictElement()); } -#line 3850 "seclang-parser.cc" +#line 3845 "seclang-parser.cc" break; case 223: // var: "RESOURCE" run_time_string -#line 2116 "seclang-parser.yy" +#line 2111 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Resource_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3858 "seclang-parser.cc" +#line 3853 "seclang-parser.cc" break; case 224: // var: "RESOURCE" "Dictionary element" -#line 2120 "seclang-parser.yy" +#line 2115 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Resource_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3866 "seclang-parser.cc" +#line 3861 "seclang-parser.cc" break; case 225: // var: "RESOURCE" "Dictionary element, selected by regexp" -#line 2124 "seclang-parser.yy" +#line 2119 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Resource_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3874 "seclang-parser.cc" +#line 3869 "seclang-parser.cc" break; case 226: // var: "RESOURCE" -#line 2128 "seclang-parser.yy" +#line 2123 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Resource_NoDictElement()); } -#line 3882 "seclang-parser.cc" +#line 3877 "seclang-parser.cc" break; case 227: // var: "VARIABLE_IP" run_time_string -#line 2132 "seclang-parser.yy" +#line 2127 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Ip_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3890 "seclang-parser.cc" +#line 3885 "seclang-parser.cc" break; case 228: // var: "VARIABLE_IP" "Dictionary element" -#line 2136 "seclang-parser.yy" +#line 2131 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Ip_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3898 "seclang-parser.cc" +#line 3893 "seclang-parser.cc" break; case 229: // var: "VARIABLE_IP" "Dictionary element, selected by regexp" -#line 2140 "seclang-parser.yy" +#line 2135 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Ip_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3906 "seclang-parser.cc" +#line 3901 "seclang-parser.cc" break; case 230: // var: "VARIABLE_IP" -#line 2144 "seclang-parser.yy" +#line 2139 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Ip_NoDictElement()); } -#line 3914 "seclang-parser.cc" +#line 3909 "seclang-parser.cc" break; case 231: // var: "VARIABLE_GLOBAL" run_time_string -#line 2148 "seclang-parser.yy" +#line 2143 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Global_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3922 "seclang-parser.cc" +#line 3917 "seclang-parser.cc" break; case 232: // var: "VARIABLE_GLOBAL" "Dictionary element" -#line 2152 "seclang-parser.yy" +#line 2147 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Global_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3930 "seclang-parser.cc" +#line 3925 "seclang-parser.cc" break; case 233: // var: "VARIABLE_GLOBAL" "Dictionary element, selected by regexp" -#line 2156 "seclang-parser.yy" +#line 2151 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Global_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3938 "seclang-parser.cc" +#line 3933 "seclang-parser.cc" break; case 234: // var: "VARIABLE_GLOBAL" -#line 2160 "seclang-parser.yy" +#line 2155 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Global_NoDictElement()); } -#line 3946 "seclang-parser.cc" +#line 3941 "seclang-parser.cc" break; case 235: // var: "VARIABLE_USER" run_time_string -#line 2164 "seclang-parser.yy" +#line 2159 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::User_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3954 "seclang-parser.cc" +#line 3949 "seclang-parser.cc" break; case 236: // var: "VARIABLE_USER" "Dictionary element" -#line 2168 "seclang-parser.yy" +#line 2163 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::User_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3962 "seclang-parser.cc" +#line 3957 "seclang-parser.cc" break; case 237: // var: "VARIABLE_USER" "Dictionary element, selected by regexp" -#line 2172 "seclang-parser.yy" +#line 2167 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::User_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3970 "seclang-parser.cc" +#line 3965 "seclang-parser.cc" break; case 238: // var: "VARIABLE_USER" -#line 2176 "seclang-parser.yy" +#line 2171 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::User_NoDictElement()); } -#line 3978 "seclang-parser.cc" +#line 3973 "seclang-parser.cc" break; case 239: // var: "VARIABLE_TX" run_time_string -#line 2180 "seclang-parser.yy" +#line 2175 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Tx_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3986 "seclang-parser.cc" +#line 3981 "seclang-parser.cc" break; case 240: // var: "VARIABLE_TX" "Dictionary element" -#line 2184 "seclang-parser.yy" +#line 2179 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Tx_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3994 "seclang-parser.cc" +#line 3989 "seclang-parser.cc" break; case 241: // var: "VARIABLE_TX" "Dictionary element, selected by regexp" -#line 2188 "seclang-parser.yy" +#line 2183 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Tx_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4002 "seclang-parser.cc" +#line 3997 "seclang-parser.cc" break; case 242: // var: "VARIABLE_TX" -#line 2192 "seclang-parser.yy" +#line 2187 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Tx_NoDictElement()); } -#line 4010 "seclang-parser.cc" +#line 4005 "seclang-parser.cc" break; case 243: // var: "VARIABLE_SESSION" run_time_string -#line 2196 "seclang-parser.yy" +#line 2191 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Session_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 4018 "seclang-parser.cc" +#line 4013 "seclang-parser.cc" break; case 244: // var: "VARIABLE_SESSION" "Dictionary element" -#line 2200 "seclang-parser.yy" +#line 2195 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Session_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4026 "seclang-parser.cc" +#line 4021 "seclang-parser.cc" break; case 245: // var: "VARIABLE_SESSION" "Dictionary element, selected by regexp" -#line 2204 "seclang-parser.yy" +#line 2199 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Session_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4034 "seclang-parser.cc" +#line 4029 "seclang-parser.cc" break; case 246: // var: "VARIABLE_SESSION" -#line 2208 "seclang-parser.yy" +#line 2203 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Session_NoDictElement()); } -#line 4042 "seclang-parser.cc" +#line 4037 "seclang-parser.cc" break; case 247: // var: "Variable ARGS_NAMES" "Dictionary element" -#line 2212 "seclang-parser.yy" +#line 2207 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4050 "seclang-parser.cc" +#line 4045 "seclang-parser.cc" break; case 248: // var: "Variable ARGS_NAMES" "Dictionary element, selected by regexp" -#line 2216 "seclang-parser.yy" +#line 2211 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4058 "seclang-parser.cc" +#line 4053 "seclang-parser.cc" break; case 249: // var: "Variable ARGS_NAMES" -#line 2220 "seclang-parser.yy" +#line 2215 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsNames_NoDictElement()); } -#line 4066 "seclang-parser.cc" +#line 4061 "seclang-parser.cc" break; case 250: // var: VARIABLE_ARGS_GET_NAMES "Dictionary element" -#line 2224 "seclang-parser.yy" +#line 2219 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGetNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4074 "seclang-parser.cc" +#line 4069 "seclang-parser.cc" break; case 251: // var: VARIABLE_ARGS_GET_NAMES "Dictionary element, selected by regexp" -#line 2228 "seclang-parser.yy" +#line 2223 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGetNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4082 "seclang-parser.cc" +#line 4077 "seclang-parser.cc" break; case 252: // var: VARIABLE_ARGS_GET_NAMES -#line 2232 "seclang-parser.yy" +#line 2227 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGetNames_NoDictElement()); } -#line 4090 "seclang-parser.cc" +#line 4085 "seclang-parser.cc" break; case 253: // var: VARIABLE_ARGS_POST_NAMES "Dictionary element" -#line 2237 "seclang-parser.yy" +#line 2232 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPostNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4098 "seclang-parser.cc" +#line 4093 "seclang-parser.cc" break; case 254: // var: VARIABLE_ARGS_POST_NAMES "Dictionary element, selected by regexp" -#line 2241 "seclang-parser.yy" +#line 2236 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPostNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4106 "seclang-parser.cc" +#line 4101 "seclang-parser.cc" break; case 255: // var: VARIABLE_ARGS_POST_NAMES -#line 2245 "seclang-parser.yy" +#line 2240 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPostNames_NoDictElement()); } -#line 4114 "seclang-parser.cc" +#line 4109 "seclang-parser.cc" break; case 256: // var: VARIABLE_REQUEST_HEADERS_NAMES "Dictionary element" -#line 2250 "seclang-parser.yy" +#line 2245 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeadersNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4122 "seclang-parser.cc" +#line 4117 "seclang-parser.cc" break; case 257: // var: VARIABLE_REQUEST_HEADERS_NAMES "Dictionary element, selected by regexp" -#line 2254 "seclang-parser.yy" +#line 2249 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeadersNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4130 "seclang-parser.cc" +#line 4125 "seclang-parser.cc" break; case 258: // var: VARIABLE_REQUEST_HEADERS_NAMES -#line 2258 "seclang-parser.yy" +#line 2253 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeadersNames_NoDictElement()); } -#line 4138 "seclang-parser.cc" +#line 4133 "seclang-parser.cc" break; case 259: // var: VARIABLE_RESPONSE_CONTENT_TYPE -#line 2263 "seclang-parser.yy" +#line 2258 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseContentType()); } -#line 4146 "seclang-parser.cc" +#line 4141 "seclang-parser.cc" break; case 260: // var: VARIABLE_RESPONSE_HEADERS_NAMES "Dictionary element" -#line 2268 "seclang-parser.yy" +#line 2263 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeadersNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4154 "seclang-parser.cc" +#line 4149 "seclang-parser.cc" break; case 261: // var: VARIABLE_RESPONSE_HEADERS_NAMES "Dictionary element, selected by regexp" -#line 2272 "seclang-parser.yy" +#line 2267 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeadersNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4162 "seclang-parser.cc" +#line 4157 "seclang-parser.cc" break; case 262: // var: VARIABLE_RESPONSE_HEADERS_NAMES -#line 2276 "seclang-parser.yy" +#line 2271 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeadersNames_NoDictElement()); } -#line 4170 "seclang-parser.cc" +#line 4165 "seclang-parser.cc" break; case 263: // var: VARIABLE_ARGS_COMBINED_SIZE -#line 2280 "seclang-parser.yy" +#line 2275 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsCombinedSize()); } -#line 4178 "seclang-parser.cc" +#line 4173 "seclang-parser.cc" break; case 264: // var: "AUTH_TYPE" -#line 2284 "seclang-parser.yy" +#line 2279 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::AuthType()); } -#line 4186 "seclang-parser.cc" +#line 4181 "seclang-parser.cc" break; case 265: // var: "FILES_COMBINED_SIZE" -#line 2288 "seclang-parser.yy" +#line 2283 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesCombinedSize()); } -#line 4194 "seclang-parser.cc" +#line 4189 "seclang-parser.cc" break; case 266: // var: "FULL_REQUEST" -#line 2292 "seclang-parser.yy" +#line 2287 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FullRequest()); } -#line 4202 "seclang-parser.cc" +#line 4197 "seclang-parser.cc" break; case 267: // var: "FULL_REQUEST_LENGTH" -#line 2296 "seclang-parser.yy" +#line 2291 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FullRequestLength()); } -#line 4210 "seclang-parser.cc" +#line 4205 "seclang-parser.cc" break; case 268: // var: "INBOUND_DATA_ERROR" -#line 2300 "seclang-parser.yy" +#line 2295 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::InboundDataError()); } -#line 4218 "seclang-parser.cc" +#line 4213 "seclang-parser.cc" break; case 269: // var: "MATCHED_VAR" -#line 2304 "seclang-parser.yy" +#line 2299 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVar()); } -#line 4226 "seclang-parser.cc" +#line 4221 "seclang-parser.cc" break; case 270: // var: "MATCHED_VAR_NAME" -#line 2308 "seclang-parser.yy" +#line 2303 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVarName()); } -#line 4234 "seclang-parser.cc" +#line 4229 "seclang-parser.cc" break; case 271: // var: VARIABLE_MULTIPART_BOUNDARY_QUOTED -#line 2312 "seclang-parser.yy" +#line 2307 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartBoundaryQuoted()); } -#line 4242 "seclang-parser.cc" +#line 4237 "seclang-parser.cc" break; case 272: // var: VARIABLE_MULTIPART_BOUNDARY_WHITESPACE -#line 2316 "seclang-parser.yy" +#line 2311 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartBoundaryWhiteSpace()); } -#line 4250 "seclang-parser.cc" +#line 4245 "seclang-parser.cc" break; case 273: // var: "MULTIPART_CRLF_LF_LINES" -#line 2320 "seclang-parser.yy" +#line 2315 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartCrlfLFLines()); } -#line 4258 "seclang-parser.cc" +#line 4253 "seclang-parser.cc" break; case 274: // var: "MULTIPART_DATA_AFTER" -#line 2324 "seclang-parser.yy" +#line 2319 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartDateAfter()); } -#line 4266 "seclang-parser.cc" +#line 4261 "seclang-parser.cc" break; case 275: // var: VARIABLE_MULTIPART_DATA_BEFORE -#line 2328 "seclang-parser.yy" +#line 2323 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartDateBefore()); } -#line 4274 "seclang-parser.cc" +#line 4269 "seclang-parser.cc" break; case 276: // var: "MULTIPART_FILE_LIMIT_EXCEEDED" -#line 2332 "seclang-parser.yy" +#line 2327 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartFileLimitExceeded()); } -#line 4282 "seclang-parser.cc" +#line 4277 "seclang-parser.cc" break; case 277: // var: "MULTIPART_HEADER_FOLDING" -#line 2336 "seclang-parser.yy" +#line 2331 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartHeaderFolding()); } -#line 4290 "seclang-parser.cc" +#line 4285 "seclang-parser.cc" break; case 278: // var: "MULTIPART_INVALID_HEADER_FOLDING" -#line 2340 "seclang-parser.yy" +#line 2335 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartInvalidHeaderFolding()); } -#line 4298 "seclang-parser.cc" +#line 4293 "seclang-parser.cc" break; case 279: // var: VARIABLE_MULTIPART_INVALID_PART -#line 2344 "seclang-parser.yy" +#line 2339 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartInvalidPart()); } -#line 4306 "seclang-parser.cc" +#line 4301 "seclang-parser.cc" break; case 280: // var: "MULTIPART_INVALID_QUOTING" -#line 2348 "seclang-parser.yy" +#line 2343 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartInvalidQuoting()); } -#line 4314 "seclang-parser.cc" +#line 4309 "seclang-parser.cc" break; case 281: // var: VARIABLE_MULTIPART_LF_LINE -#line 2352 "seclang-parser.yy" +#line 2347 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartLFLine()); } -#line 4322 "seclang-parser.cc" +#line 4317 "seclang-parser.cc" break; case 282: // var: VARIABLE_MULTIPART_MISSING_SEMICOLON -#line 2356 "seclang-parser.yy" +#line 2351 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartMissingSemicolon()); } -#line 4330 "seclang-parser.cc" +#line 4325 "seclang-parser.cc" break; case 283: // var: VARIABLE_MULTIPART_SEMICOLON_MISSING -#line 2360 "seclang-parser.yy" +#line 2355 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartMissingSemicolon()); } -#line 4338 "seclang-parser.cc" +#line 4333 "seclang-parser.cc" break; case 284: // var: "MULTIPART_STRICT_ERROR" -#line 2364 "seclang-parser.yy" +#line 2359 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartStrictError()); } -#line 4346 "seclang-parser.cc" +#line 4341 "seclang-parser.cc" break; case 285: // var: "MULTIPART_UNMATCHED_BOUNDARY" -#line 2368 "seclang-parser.yy" +#line 2363 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartUnmatchedBoundary()); } -#line 4354 "seclang-parser.cc" +#line 4349 "seclang-parser.cc" break; case 286: // var: "OUTBOUND_DATA_ERROR" -#line 2372 "seclang-parser.yy" +#line 2367 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::OutboundDataError()); } -#line 4362 "seclang-parser.cc" +#line 4357 "seclang-parser.cc" break; case 287: // var: "PATH_INFO" -#line 2376 "seclang-parser.yy" +#line 2371 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::PathInfo()); } -#line 4370 "seclang-parser.cc" +#line 4365 "seclang-parser.cc" break; case 288: // var: "QUERY_STRING" -#line 2380 "seclang-parser.yy" +#line 2375 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::QueryString()); } -#line 4378 "seclang-parser.cc" +#line 4373 "seclang-parser.cc" break; case 289: // var: "REMOTE_ADDR" -#line 2384 "seclang-parser.yy" +#line 2379 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RemoteAddr()); } -#line 4386 "seclang-parser.cc" +#line 4381 "seclang-parser.cc" break; case 290: // var: "REMOTE_HOST" -#line 2388 "seclang-parser.yy" +#line 2383 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RemoteHost()); } -#line 4394 "seclang-parser.cc" +#line 4389 "seclang-parser.cc" break; case 291: // var: "REMOTE_PORT" -#line 2392 "seclang-parser.yy" +#line 2387 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RemotePort()); } -#line 4402 "seclang-parser.cc" +#line 4397 "seclang-parser.cc" break; case 292: // var: "REQBODY_ERROR" -#line 2396 "seclang-parser.yy" +#line 2391 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyError()); } -#line 4410 "seclang-parser.cc" +#line 4405 "seclang-parser.cc" break; case 293: // var: "REQBODY_ERROR_MSG" -#line 2400 "seclang-parser.yy" +#line 2395 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyErrorMsg()); } -#line 4418 "seclang-parser.cc" +#line 4413 "seclang-parser.cc" break; case 294: // var: "REQBODY_PROCESSOR" -#line 2404 "seclang-parser.yy" +#line 2399 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyProcessor()); } -#line 4426 "seclang-parser.cc" +#line 4421 "seclang-parser.cc" break; case 295: // var: "REQBODY_PROCESSOR_ERROR" -#line 2408 "seclang-parser.yy" +#line 2403 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyProcessorError()); } -#line 4434 "seclang-parser.cc" +#line 4429 "seclang-parser.cc" break; case 296: // var: "REQBODY_PROCESSOR_ERROR_MSG" -#line 2412 "seclang-parser.yy" +#line 2407 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyProcessorErrorMsg()); } -#line 4442 "seclang-parser.cc" +#line 4437 "seclang-parser.cc" break; case 297: // var: "REQUEST_BASENAME" -#line 2416 "seclang-parser.yy" +#line 2411 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestBasename()); } -#line 4450 "seclang-parser.cc" +#line 4445 "seclang-parser.cc" break; case 298: // var: "REQUEST_BODY" -#line 2420 "seclang-parser.yy" +#line 2415 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestBody()); } -#line 4458 "seclang-parser.cc" +#line 4453 "seclang-parser.cc" break; case 299: // var: "REQUEST_BODY_LENGTH" -#line 2424 "seclang-parser.yy" +#line 2419 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestBodyLength()); } -#line 4466 "seclang-parser.cc" +#line 4461 "seclang-parser.cc" break; case 300: // var: "REQUEST_FILENAME" -#line 2428 "seclang-parser.yy" +#line 2423 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestFilename()); } -#line 4474 "seclang-parser.cc" +#line 4469 "seclang-parser.cc" break; case 301: // var: "REQUEST_LINE" -#line 2432 "seclang-parser.yy" +#line 2427 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestLine()); } -#line 4482 "seclang-parser.cc" +#line 4477 "seclang-parser.cc" break; case 302: // var: "REQUEST_METHOD" -#line 2436 "seclang-parser.yy" +#line 2431 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestMethod()); } -#line 4490 "seclang-parser.cc" +#line 4485 "seclang-parser.cc" break; case 303: // var: "REQUEST_PROTOCOL" -#line 2440 "seclang-parser.yy" +#line 2435 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestProtocol()); } -#line 4498 "seclang-parser.cc" +#line 4493 "seclang-parser.cc" break; case 304: // var: "REQUEST_URI" -#line 2444 "seclang-parser.yy" +#line 2439 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestURI()); } -#line 4506 "seclang-parser.cc" +#line 4501 "seclang-parser.cc" break; case 305: // var: "REQUEST_URI_RAW" -#line 2448 "seclang-parser.yy" +#line 2443 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestURIRaw()); } -#line 4514 "seclang-parser.cc" +#line 4509 "seclang-parser.cc" break; case 306: // var: "RESPONSE_BODY" -#line 2452 "seclang-parser.yy" +#line 2447 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseBody()); } -#line 4522 "seclang-parser.cc" +#line 4517 "seclang-parser.cc" break; case 307: // var: "RESPONSE_CONTENT_LENGTH" -#line 2456 "seclang-parser.yy" +#line 2451 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseContentLength()); } -#line 4530 "seclang-parser.cc" +#line 4525 "seclang-parser.cc" break; case 308: // var: "RESPONSE_PROTOCOL" -#line 2460 "seclang-parser.yy" +#line 2455 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseProtocol()); } -#line 4538 "seclang-parser.cc" +#line 4533 "seclang-parser.cc" break; case 309: // var: "RESPONSE_STATUS" -#line 2464 "seclang-parser.yy" +#line 2459 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseStatus()); } -#line 4546 "seclang-parser.cc" +#line 4541 "seclang-parser.cc" break; case 310: // var: "SERVER_ADDR" -#line 2468 "seclang-parser.yy" +#line 2463 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ServerAddr()); } -#line 4554 "seclang-parser.cc" +#line 4549 "seclang-parser.cc" break; case 311: // var: "SERVER_NAME" -#line 2472 "seclang-parser.yy" +#line 2467 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ServerName()); } -#line 4562 "seclang-parser.cc" +#line 4557 "seclang-parser.cc" break; case 312: // var: "SERVER_PORT" -#line 2476 "seclang-parser.yy" +#line 2471 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ServerPort()); } -#line 4570 "seclang-parser.cc" +#line 4565 "seclang-parser.cc" break; case 313: // var: "SESSIONID" -#line 2480 "seclang-parser.yy" +#line 2475 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::SessionID()); } -#line 4578 "seclang-parser.cc" +#line 4573 "seclang-parser.cc" break; case 314: // var: "UNIQUE_ID" -#line 2484 "seclang-parser.yy" +#line 2479 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::UniqueID()); } -#line 4586 "seclang-parser.cc" +#line 4581 "seclang-parser.cc" break; case 315: // var: "URLENCODED_ERROR" -#line 2488 "seclang-parser.yy" +#line 2483 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::UrlEncodedError()); } -#line 4594 "seclang-parser.cc" +#line 4589 "seclang-parser.cc" break; case 316: // var: "USERID" -#line 2492 "seclang-parser.yy" +#line 2487 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::UserID()); } -#line 4602 "seclang-parser.cc" +#line 4597 "seclang-parser.cc" break; case 317: // var: "VARIABLE_STATUS" -#line 2496 "seclang-parser.yy" +#line 2491 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Status()); } -#line 4610 "seclang-parser.cc" +#line 4605 "seclang-parser.cc" break; case 318: // var: "VARIABLE_STATUS_LINE" -#line 2500 "seclang-parser.yy" +#line 2495 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Status()); } -#line 4618 "seclang-parser.cc" +#line 4613 "seclang-parser.cc" break; case 319: // var: "WEBAPPID" -#line 2504 "seclang-parser.yy" +#line 2499 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::WebAppId()); } -#line 4626 "seclang-parser.cc" +#line 4621 "seclang-parser.cc" break; case 320: // var: "RUN_TIME_VAR_DUR" -#line 2508 "seclang-parser.yy" +#line 2503 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new Duration(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4637 "seclang-parser.cc" +#line 4632 "seclang-parser.cc" break; case 321: // var: "RUN_TIME_VAR_BLD" -#line 2516 "seclang-parser.yy" +#line 2511 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new ModsecBuild(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4648 "seclang-parser.cc" +#line 4643 "seclang-parser.cc" break; case 322: // var: "RUN_TIME_VAR_HSV" -#line 2523 "seclang-parser.yy" +#line 2518 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new HighestSeverity(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4659 "seclang-parser.cc" +#line 4654 "seclang-parser.cc" break; case 323: // var: "RUN_TIME_VAR_REMOTE_USER" -#line 2530 "seclang-parser.yy" +#line 2525 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new RemoteUser(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4670 "seclang-parser.cc" +#line 4665 "seclang-parser.cc" break; case 324: // var: "RUN_TIME_VAR_TIME" -#line 2537 "seclang-parser.yy" +#line 2532 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new Time(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4681 "seclang-parser.cc" +#line 4676 "seclang-parser.cc" break; case 325: // var: "RUN_TIME_VAR_TIME_DAY" -#line 2544 "seclang-parser.yy" +#line 2539 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeDay(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4692 "seclang-parser.cc" +#line 4687 "seclang-parser.cc" break; case 326: // var: "RUN_TIME_VAR_TIME_EPOCH" -#line 2551 "seclang-parser.yy" +#line 2546 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeEpoch(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4703 "seclang-parser.cc" +#line 4698 "seclang-parser.cc" break; case 327: // var: "RUN_TIME_VAR_TIME_HOUR" -#line 2558 "seclang-parser.yy" +#line 2553 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeHour(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4714 "seclang-parser.cc" +#line 4709 "seclang-parser.cc" break; case 328: // var: "RUN_TIME_VAR_TIME_MIN" -#line 2565 "seclang-parser.yy" +#line 2560 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeMin(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4725 "seclang-parser.cc" +#line 4720 "seclang-parser.cc" break; case 329: // var: "RUN_TIME_VAR_TIME_MON" -#line 2572 "seclang-parser.yy" +#line 2567 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeMon(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4736 "seclang-parser.cc" +#line 4731 "seclang-parser.cc" break; case 330: // var: "RUN_TIME_VAR_TIME_SEC" -#line 2579 "seclang-parser.yy" +#line 2574 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeSec(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4747 "seclang-parser.cc" +#line 4742 "seclang-parser.cc" break; case 331: // var: "RUN_TIME_VAR_TIME_WDAY" -#line 2586 "seclang-parser.yy" +#line 2581 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeWDay(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4758 "seclang-parser.cc" +#line 4753 "seclang-parser.cc" break; case 332: // var: "RUN_TIME_VAR_TIME_YEAR" -#line 2593 "seclang-parser.yy" +#line 2588 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeYear(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4769 "seclang-parser.cc" +#line 4764 "seclang-parser.cc" break; case 333: // act: "Accuracy" -#line 2603 "seclang-parser.yy" +#line 2598 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Accuracy(yystack_[0].value.as < std::string > ())); } -#line 4777 "seclang-parser.cc" +#line 4772 "seclang-parser.cc" break; case 334: // act: "Allow" -#line 2607 "seclang-parser.yy" +#line 2602 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Allow(yystack_[0].value.as < std::string > ())); } -#line 4785 "seclang-parser.cc" +#line 4780 "seclang-parser.cc" break; case 335: // act: "Append" -#line 2611 "seclang-parser.yy" +#line 2606 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("Append", yystack_[1].location); } -#line 4793 "seclang-parser.cc" +#line 4788 "seclang-parser.cc" break; case 336: // act: "AuditLog" -#line 2615 "seclang-parser.yy" +#line 2610 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::AuditLog()); } -#line 4801 "seclang-parser.cc" +#line 4796 "seclang-parser.cc" break; case 337: // act: "Block" -#line 2619 "seclang-parser.yy" +#line 2614 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Block()); } -#line 4809 "seclang-parser.cc" +#line 4804 "seclang-parser.cc" break; case 338: // act: "Capture" -#line 2623 "seclang-parser.yy" +#line 2618 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Capture()); } -#line 4817 "seclang-parser.cc" +#line 4812 "seclang-parser.cc" break; case 339: // act: "Chain" -#line 2627 "seclang-parser.yy" +#line 2622 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Chain()); } -#line 4825 "seclang-parser.cc" +#line 4820 "seclang-parser.cc" break; case 340: // act: "ACTION_CTL_AUDIT_ENGINE" "CONFIG_VALUE_ON" +#line 2626 "seclang-parser.yy" + { + //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); + } +#line 4829 "seclang-parser.cc" + break; + + case 341: // act: "ACTION_CTL_AUDIT_ENGINE" "CONFIG_VALUE_OFF" #line 2631 "seclang-parser.yy" { //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0); ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); } -#line 4834 "seclang-parser.cc" +#line 4838 "seclang-parser.cc" break; - case 341: // act: "ACTION_CTL_AUDIT_ENGINE" "CONFIG_VALUE_OFF" + case 342: // act: "ACTION_CTL_AUDIT_ENGINE" "CONFIG_VALUE_RELEVANT_ONLY" #line 2636 "seclang-parser.yy" { //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0); ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); } -#line 4843 "seclang-parser.cc" - break; - - case 342: // act: "ACTION_CTL_AUDIT_ENGINE" "CONFIG_VALUE_RELEVANT_ONLY" -#line 2641 "seclang-parser.yy" - { - //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0); - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); - } -#line 4852 "seclang-parser.cc" +#line 4847 "seclang-parser.cc" break; case 343: // act: "ACTION_CTL_AUDIT_LOG_PARTS" -#line 2646 "seclang-parser.yy" +#line 2641 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::AuditLogParts(yystack_[0].value.as < std::string > ())); } -#line 4860 "seclang-parser.cc" +#line 4855 "seclang-parser.cc" break; case 344: // act: "ACTION_CTL_BDY_JSON" -#line 2650 "seclang-parser.yy" +#line 2645 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyProcessorJSON(yystack_[0].value.as < std::string > ())); } -#line 4868 "seclang-parser.cc" +#line 4863 "seclang-parser.cc" break; case 345: // act: "ACTION_CTL_BDY_XML" -#line 2654 "seclang-parser.yy" +#line 2649 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyProcessorXML(yystack_[0].value.as < std::string > ())); } -#line 4876 "seclang-parser.cc" +#line 4871 "seclang-parser.cc" break; case 346: // act: "ACTION_CTL_BDY_URLENCODED" -#line 2658 "seclang-parser.yy" +#line 2653 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyProcessorURLENCODED(yystack_[0].value.as < std::string > ())); } -#line 4884 "seclang-parser.cc" +#line 4879 "seclang-parser.cc" break; case 347: // act: "ACTION_CTL_FORCE_REQ_BODY_VAR" "CONFIG_VALUE_ON" +#line 2657 "seclang-parser.yy" + { + //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); + } +#line 4888 "seclang-parser.cc" + break; + + case 348: // act: "ACTION_CTL_FORCE_REQ_BODY_VAR" "CONFIG_VALUE_OFF" #line 2662 "seclang-parser.yy" { //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0); ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); } -#line 4893 "seclang-parser.cc" - break; - - case 348: // act: "ACTION_CTL_FORCE_REQ_BODY_VAR" "CONFIG_VALUE_OFF" -#line 2667 "seclang-parser.yy" - { - //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0); - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); - } -#line 4902 "seclang-parser.cc" +#line 4897 "seclang-parser.cc" break; case 349: // act: "ACTION_CTL_REQUEST_BODY_ACCESS" "CONFIG_VALUE_ON" -#line 2672 "seclang-parser.yy" +#line 2667 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as < std::string > () + "true")); } -#line 4910 "seclang-parser.cc" +#line 4905 "seclang-parser.cc" break; case 350: // act: "ACTION_CTL_REQUEST_BODY_ACCESS" "CONFIG_VALUE_OFF" -#line 2676 "seclang-parser.yy" +#line 2671 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as < std::string > () + "false")); } -#line 4918 "seclang-parser.cc" +#line 4913 "seclang-parser.cc" break; case 351: // act: "ACTION_CTL_RULE_ENGINE" "CONFIG_VALUE_ON" -#line 2680 "seclang-parser.yy" +#line 2675 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleEngine("ctl:RuleEngine=on")); } -#line 4926 "seclang-parser.cc" +#line 4921 "seclang-parser.cc" break; case 352: // act: "ACTION_CTL_RULE_ENGINE" "CONFIG_VALUE_OFF" -#line 2684 "seclang-parser.yy" +#line 2679 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleEngine("ctl:RuleEngine=off")); } -#line 4934 "seclang-parser.cc" +#line 4929 "seclang-parser.cc" break; case 353: // act: "ACTION_CTL_RULE_ENGINE" "CONFIG_VALUE_DETC" -#line 2688 "seclang-parser.yy" +#line 2683 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleEngine("ctl:RuleEngine=detectiononly")); } -#line 4942 "seclang-parser.cc" +#line 4937 "seclang-parser.cc" break; case 354: // act: "ACTION_CTL_RULE_REMOVE_BY_ID" -#line 2692 "seclang-parser.yy" +#line 2687 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleRemoveById(yystack_[0].value.as < std::string > ())); } -#line 4950 "seclang-parser.cc" +#line 4945 "seclang-parser.cc" break; case 355: // act: "ACTION_CTL_RULE_REMOVE_BY_TAG" -#line 2696 "seclang-parser.yy" +#line 2691 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleRemoveByTag(yystack_[0].value.as < std::string > ())); } -#line 4958 "seclang-parser.cc" +#line 4953 "seclang-parser.cc" break; case 356: // act: "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID" -#line 2700 "seclang-parser.yy" +#line 2695 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleRemoveTargetById(yystack_[0].value.as < std::string > ())); } -#line 4966 "seclang-parser.cc" +#line 4961 "seclang-parser.cc" break; case 357: // act: "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG" -#line 2704 "seclang-parser.yy" +#line 2699 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleRemoveTargetByTag(yystack_[0].value.as < std::string > ())); } -#line 4974 "seclang-parser.cc" +#line 4969 "seclang-parser.cc" break; case 358: // act: "Deny" -#line 2708 "seclang-parser.yy" +#line 2703 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Deny()); } -#line 4982 "seclang-parser.cc" +#line 4977 "seclang-parser.cc" break; case 359: // act: "DeprecateVar" -#line 2712 "seclang-parser.yy" +#line 2707 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("DeprecateVar", yystack_[1].location); } -#line 4990 "seclang-parser.cc" +#line 4985 "seclang-parser.cc" break; case 360: // act: "Drop" -#line 2716 "seclang-parser.yy" +#line 2711 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Drop()); } -#line 4998 "seclang-parser.cc" +#line 4993 "seclang-parser.cc" break; case 361: // act: "Exec" -#line 2720 "seclang-parser.yy" +#line 2715 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Exec(yystack_[0].value.as < std::string > ())); } -#line 5006 "seclang-parser.cc" +#line 5001 "seclang-parser.cc" break; case 362: // act: "ExpireVar" -#line 2724 "seclang-parser.yy" +#line 2719 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ExpireVar(yystack_[0].value.as < std::string > ())); } -#line 5014 "seclang-parser.cc" +#line 5009 "seclang-parser.cc" break; case 363: // act: "Id" -#line 2728 "seclang-parser.yy" +#line 2723 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::RuleId(yystack_[0].value.as < std::string > ())); } -#line 5022 "seclang-parser.cc" +#line 5017 "seclang-parser.cc" break; case 364: // act: "InitCol" run_time_string -#line 2732 "seclang-parser.yy" +#line 2727 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::InitCol(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5030 "seclang-parser.cc" +#line 5025 "seclang-parser.cc" break; case 365: // act: "LogData" run_time_string -#line 2736 "seclang-parser.yy" +#line 2731 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::LogData(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5038 "seclang-parser.cc" +#line 5033 "seclang-parser.cc" break; case 366: // act: "Log" -#line 2740 "seclang-parser.yy" +#line 2735 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Log()); } -#line 5046 "seclang-parser.cc" +#line 5041 "seclang-parser.cc" break; case 367: // act: "Maturity" -#line 2744 "seclang-parser.yy" +#line 2739 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Maturity(yystack_[0].value.as < std::string > ())); } -#line 5054 "seclang-parser.cc" +#line 5049 "seclang-parser.cc" break; case 368: // act: "Msg" run_time_string -#line 2748 "seclang-parser.yy" +#line 2743 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Msg(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5062 "seclang-parser.cc" +#line 5057 "seclang-parser.cc" break; case 369: // act: "MultiMatch" -#line 2752 "seclang-parser.yy" +#line 2747 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::MultiMatch()); } -#line 5070 "seclang-parser.cc" +#line 5065 "seclang-parser.cc" break; case 370: // act: "NoAuditLog" -#line 2756 "seclang-parser.yy" +#line 2751 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::NoAuditLog()); } -#line 5078 "seclang-parser.cc" +#line 5073 "seclang-parser.cc" break; case 371: // act: "NoLog" -#line 2760 "seclang-parser.yy" +#line 2755 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::NoLog()); } -#line 5086 "seclang-parser.cc" +#line 5081 "seclang-parser.cc" break; case 372: // act: "Pass" -#line 2764 "seclang-parser.yy" +#line 2759 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Pass()); } -#line 5094 "seclang-parser.cc" +#line 5089 "seclang-parser.cc" break; case 373: // act: "Pause" -#line 2768 "seclang-parser.yy" +#line 2763 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("Pause", yystack_[1].location); } -#line 5102 "seclang-parser.cc" +#line 5097 "seclang-parser.cc" break; case 374: // act: "Phase" -#line 2772 "seclang-parser.yy" +#line 2767 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Phase(yystack_[0].value.as < std::string > ())); } -#line 5110 "seclang-parser.cc" +#line 5105 "seclang-parser.cc" break; case 375: // act: "Prepend" -#line 2776 "seclang-parser.yy" +#line 2771 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("Prepend", yystack_[1].location); } -#line 5118 "seclang-parser.cc" +#line 5113 "seclang-parser.cc" break; case 376: // act: "Proxy" -#line 2780 "seclang-parser.yy" +#line 2775 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("Proxy", yystack_[1].location); } -#line 5126 "seclang-parser.cc" +#line 5121 "seclang-parser.cc" break; case 377: // act: "Redirect" run_time_string -#line 2784 "seclang-parser.yy" +#line 2779 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Redirect(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5134 "seclang-parser.cc" +#line 5129 "seclang-parser.cc" break; case 378: // act: "Rev" -#line 2788 "seclang-parser.yy" +#line 2783 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Rev(yystack_[0].value.as < std::string > ())); } -#line 5142 "seclang-parser.cc" +#line 5137 "seclang-parser.cc" break; case 379: // act: "SanitiseArg" -#line 2792 "seclang-parser.yy" +#line 2787 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseArg", yystack_[1].location); } -#line 5150 "seclang-parser.cc" +#line 5145 "seclang-parser.cc" break; case 380: // act: "SanitiseMatched" -#line 2796 "seclang-parser.yy" +#line 2791 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseMatched", yystack_[1].location); } -#line 5158 "seclang-parser.cc" +#line 5153 "seclang-parser.cc" break; case 381: // act: "SanitiseMatchedBytes" -#line 2800 "seclang-parser.yy" +#line 2795 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseMatchedBytes", yystack_[1].location); } -#line 5166 "seclang-parser.cc" +#line 5161 "seclang-parser.cc" break; case 382: // act: "SanitiseRequestHeader" -#line 2804 "seclang-parser.yy" +#line 2799 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseRequestHeader", yystack_[1].location); } -#line 5174 "seclang-parser.cc" +#line 5169 "seclang-parser.cc" break; case 383: // act: "SanitiseResponseHeader" -#line 2808 "seclang-parser.yy" +#line 2803 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseResponseHeader", yystack_[1].location); } -#line 5182 "seclang-parser.cc" +#line 5177 "seclang-parser.cc" break; case 384: // act: "SetEnv" run_time_string -#line 2812 "seclang-parser.yy" +#line 2807 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetENV(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5190 "seclang-parser.cc" +#line 5185 "seclang-parser.cc" break; case 385: // act: "SetRsc" run_time_string -#line 2816 "seclang-parser.yy" +#line 2811 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetRSC(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5198 "seclang-parser.cc" +#line 5193 "seclang-parser.cc" break; case 386: // act: "SetSid" run_time_string -#line 2820 "seclang-parser.yy" +#line 2815 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetSID(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5206 "seclang-parser.cc" +#line 5201 "seclang-parser.cc" break; case 387: // act: "SetUID" run_time_string -#line 2824 "seclang-parser.yy" +#line 2819 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetUID(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5214 "seclang-parser.cc" +#line 5209 "seclang-parser.cc" break; case 388: // act: "SetVar" setvar_action -#line 2828 "seclang-parser.yy" +#line 2823 "seclang-parser.yy" { yylhs.value.as < std::unique_ptr > () = std::move(yystack_[0].value.as < std::unique_ptr > ()); } -#line 5222 "seclang-parser.cc" +#line 5217 "seclang-parser.cc" break; case 389: // act: "Severity" -#line 2832 "seclang-parser.yy" +#line 2827 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Severity(yystack_[0].value.as < std::string > ())); } -#line 5230 "seclang-parser.cc" +#line 5225 "seclang-parser.cc" break; case 390: // act: "Skip" -#line 2836 "seclang-parser.yy" +#line 2831 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Skip(yystack_[0].value.as < std::string > ())); } -#line 5238 "seclang-parser.cc" +#line 5233 "seclang-parser.cc" break; case 391: // act: "SkipAfter" -#line 2840 "seclang-parser.yy" +#line 2835 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SkipAfter(yystack_[0].value.as < std::string > ())); } -#line 5246 "seclang-parser.cc" +#line 5241 "seclang-parser.cc" break; case 392: // act: "Status" -#line 2844 "seclang-parser.yy" +#line 2839 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::data::Status(yystack_[0].value.as < std::string > ())); } -#line 5254 "seclang-parser.cc" +#line 5249 "seclang-parser.cc" break; case 393: // act: "Tag" run_time_string -#line 2848 "seclang-parser.yy" +#line 2843 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Tag(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5262 "seclang-parser.cc" +#line 5257 "seclang-parser.cc" break; case 394: // act: "Ver" -#line 2852 "seclang-parser.yy" +#line 2847 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Ver(yystack_[0].value.as < std::string > ())); } -#line 5270 "seclang-parser.cc" +#line 5265 "seclang-parser.cc" break; case 395: // act: "xmlns" -#line 2856 "seclang-parser.yy" +#line 2851 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::XmlNS(yystack_[0].value.as < std::string > ())); } -#line 5278 "seclang-parser.cc" +#line 5273 "seclang-parser.cc" break; case 396: // act: "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT" -#line 2860 "seclang-parser.yy" +#line 2855 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityZero7bit()); } -#line 5286 "seclang-parser.cc" +#line 5281 "seclang-parser.cc" break; case 397: // act: "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT" -#line 2864 "seclang-parser.yy" +#line 2859 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityOdd7bit()); } -#line 5294 "seclang-parser.cc" +#line 5289 "seclang-parser.cc" break; case 398: // act: "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT" -#line 2868 "seclang-parser.yy" +#line 2863 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityEven7bit()); } -#line 5302 "seclang-parser.cc" +#line 5297 "seclang-parser.cc" break; case 399: // act: "ACTION_TRANSFORMATION_SQL_HEX_DECODE" -#line 2872 "seclang-parser.yy" +#line 2867 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::SqlHexDecode()); } -#line 5310 "seclang-parser.cc" +#line 5305 "seclang-parser.cc" break; case 400: // act: "ACTION_TRANSFORMATION_BASE_64_ENCODE" -#line 2876 "seclang-parser.yy" +#line 2871 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64Encode()); } -#line 5318 "seclang-parser.cc" +#line 5313 "seclang-parser.cc" break; case 401: // act: "ACTION_TRANSFORMATION_BASE_64_DECODE" -#line 2880 "seclang-parser.yy" +#line 2875 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64Decode()); } -#line 5326 "seclang-parser.cc" +#line 5321 "seclang-parser.cc" break; case 402: // act: "ACTION_TRANSFORMATION_BASE_64_DECODE_EXT" -#line 2884 "seclang-parser.yy" +#line 2879 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64DecodeExt()); } -#line 5334 "seclang-parser.cc" +#line 5329 "seclang-parser.cc" break; case 403: // act: "ACTION_TRANSFORMATION_CMD_LINE" -#line 2888 "seclang-parser.yy" +#line 2883 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CmdLine()); } -#line 5342 "seclang-parser.cc" +#line 5337 "seclang-parser.cc" break; case 404: // act: "ACTION_TRANSFORMATION_SHA1" -#line 2892 "seclang-parser.yy" +#line 2887 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Sha1()); } -#line 5350 "seclang-parser.cc" +#line 5345 "seclang-parser.cc" break; case 405: // act: "ACTION_TRANSFORMATION_MD5" -#line 2896 "seclang-parser.yy" +#line 2891 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Md5()); } -#line 5358 "seclang-parser.cc" +#line 5353 "seclang-parser.cc" break; case 406: // act: "ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE" -#line 2900 "seclang-parser.yy" +#line 2895 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::EscapeSeqDecode()); } -#line 5366 "seclang-parser.cc" +#line 5361 "seclang-parser.cc" break; case 407: // act: "ACTION_TRANSFORMATION_HEX_ENCODE" -#line 2904 "seclang-parser.yy" +#line 2899 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HexEncode()); } -#line 5374 "seclang-parser.cc" +#line 5369 "seclang-parser.cc" break; case 408: // act: "ACTION_TRANSFORMATION_HEX_DECODE" -#line 2908 "seclang-parser.yy" +#line 2903 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HexDecode()); } -#line 5382 "seclang-parser.cc" +#line 5377 "seclang-parser.cc" break; case 409: // act: "ACTION_TRANSFORMATION_LOWERCASE" -#line 2912 "seclang-parser.yy" +#line 2907 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::LowerCase()); } -#line 5390 "seclang-parser.cc" +#line 5385 "seclang-parser.cc" break; case 410: // act: "ACTION_TRANSFORMATION_UPPERCASE" -#line 2916 "seclang-parser.yy" +#line 2911 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UpperCase()); } -#line 5398 "seclang-parser.cc" +#line 5393 "seclang-parser.cc" break; case 411: // act: "ACTION_TRANSFORMATION_URL_DECODE_UNI" -#line 2920 "seclang-parser.yy" +#line 2915 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlDecodeUni()); } -#line 5406 "seclang-parser.cc" +#line 5401 "seclang-parser.cc" break; case 412: // act: "ACTION_TRANSFORMATION_URL_DECODE" -#line 2924 "seclang-parser.yy" +#line 2919 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlDecode()); } -#line 5414 "seclang-parser.cc" +#line 5409 "seclang-parser.cc" break; case 413: // act: "ACTION_TRANSFORMATION_URL_ENCODE" -#line 2928 "seclang-parser.yy" +#line 2923 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlEncode()); } -#line 5422 "seclang-parser.cc" +#line 5417 "seclang-parser.cc" break; case 414: // act: "ACTION_TRANSFORMATION_NONE" -#line 2932 "seclang-parser.yy" +#line 2927 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::None()); } -#line 5430 "seclang-parser.cc" +#line 5425 "seclang-parser.cc" break; case 415: // act: "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE" -#line 2936 "seclang-parser.yy" +#line 2931 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CompressWhitespace()); } -#line 5438 "seclang-parser.cc" +#line 5433 "seclang-parser.cc" break; case 416: // act: "ACTION_TRANSFORMATION_REMOVE_WHITESPACE" -#line 2940 "seclang-parser.yy" +#line 2935 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveWhitespace()); } -#line 5446 "seclang-parser.cc" +#line 5441 "seclang-parser.cc" break; case 417: // act: "ACTION_TRANSFORMATION_REPLACE_NULLS" -#line 2944 "seclang-parser.yy" +#line 2939 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ReplaceNulls()); } -#line 5454 "seclang-parser.cc" +#line 5449 "seclang-parser.cc" break; case 418: // act: "ACTION_TRANSFORMATION_REMOVE_NULLS" -#line 2948 "seclang-parser.yy" +#line 2943 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveNulls()); } -#line 5462 "seclang-parser.cc" +#line 5457 "seclang-parser.cc" break; case 419: // act: "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE" -#line 2952 "seclang-parser.yy" +#line 2947 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HtmlEntityDecode()); } -#line 5470 "seclang-parser.cc" +#line 5465 "seclang-parser.cc" break; case 420: // act: "ACTION_TRANSFORMATION_JS_DECODE" -#line 2956 "seclang-parser.yy" +#line 2951 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::JsDecode()); } -#line 5478 "seclang-parser.cc" +#line 5473 "seclang-parser.cc" break; case 421: // act: "ACTION_TRANSFORMATION_CSS_DECODE" -#line 2960 "seclang-parser.yy" +#line 2955 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CssDecode()); } -#line 5486 "seclang-parser.cc" +#line 5481 "seclang-parser.cc" break; case 422: // act: "ACTION_TRANSFORMATION_TRIM" -#line 2964 "seclang-parser.yy" +#line 2959 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Trim()); } -#line 5494 "seclang-parser.cc" +#line 5489 "seclang-parser.cc" break; case 423: // act: "ACTION_TRANSFORMATION_TRIM_LEFT" -#line 2968 "seclang-parser.yy" +#line 2963 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::TrimLeft()); } -#line 5502 "seclang-parser.cc" +#line 5497 "seclang-parser.cc" break; case 424: // act: "ACTION_TRANSFORMATION_TRIM_RIGHT" -#line 2972 "seclang-parser.yy" +#line 2967 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::TrimRight()); } -#line 5510 "seclang-parser.cc" +#line 5505 "seclang-parser.cc" break; case 425: // act: "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN" -#line 2976 "seclang-parser.yy" +#line 2971 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::NormalisePathWin()); } -#line 5518 "seclang-parser.cc" +#line 5513 "seclang-parser.cc" break; case 426: // act: "ACTION_TRANSFORMATION_NORMALISE_PATH" -#line 2980 "seclang-parser.yy" +#line 2975 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::NormalisePath()); } -#line 5526 "seclang-parser.cc" +#line 5521 "seclang-parser.cc" break; case 427: // act: "ACTION_TRANSFORMATION_LENGTH" -#line 2984 "seclang-parser.yy" +#line 2979 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Length()); } -#line 5534 "seclang-parser.cc" +#line 5529 "seclang-parser.cc" break; case 428: // act: "ACTION_TRANSFORMATION_UTF8_TO_UNICODE" -#line 2988 "seclang-parser.yy" +#line 2983 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Utf8ToUnicode()); } -#line 5542 "seclang-parser.cc" +#line 5537 "seclang-parser.cc" break; case 429: // act: "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR" -#line 2992 "seclang-parser.yy" +#line 2987 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveCommentsChar()); } -#line 5550 "seclang-parser.cc" +#line 5545 "seclang-parser.cc" break; case 430: // act: "ACTION_TRANSFORMATION_REMOVE_COMMENTS" -#line 2996 "seclang-parser.yy" +#line 2991 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveComments()); } -#line 5558 "seclang-parser.cc" +#line 5553 "seclang-parser.cc" break; case 431: // act: "ACTION_TRANSFORMATION_REPLACE_COMMENTS" -#line 3000 "seclang-parser.yy" +#line 2995 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ReplaceComments()); } -#line 5566 "seclang-parser.cc" +#line 5561 "seclang-parser.cc" break; case 432: // setvar_action: "NOT" var -#line 3007 "seclang-parser.yy" +#line 3002 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::unsetOperation, std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5574 "seclang-parser.cc" +#line 5569 "seclang-parser.cc" break; case 433: // setvar_action: var -#line 3011 "seclang-parser.yy" +#line 3006 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::setToOneOperation, std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5582 "seclang-parser.cc" +#line 5577 "seclang-parser.cc" break; case 434: // setvar_action: var SETVAR_OPERATION_EQUALS run_time_string -#line 3015 "seclang-parser.yy" +#line 3010 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::setOperation, std::move(yystack_[2].value.as < std::unique_ptr > ()), std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5590 "seclang-parser.cc" +#line 5585 "seclang-parser.cc" break; case 435: // setvar_action: var SETVAR_OPERATION_EQUALS_PLUS run_time_string -#line 3019 "seclang-parser.yy" +#line 3014 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, std::move(yystack_[2].value.as < std::unique_ptr > ()), std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5598 "seclang-parser.cc" +#line 5593 "seclang-parser.cc" break; case 436: // setvar_action: var SETVAR_OPERATION_EQUALS_MINUS run_time_string -#line 3023 "seclang-parser.yy" +#line 3018 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, std::move(yystack_[2].value.as < std::unique_ptr > ()), std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5606 "seclang-parser.cc" +#line 5601 "seclang-parser.cc" break; case 437: // run_time_string: run_time_string "FREE_TEXT_QUOTE_MACRO_EXPANSION" -#line 3030 "seclang-parser.yy" +#line 3025 "seclang-parser.yy" { yystack_[1].value.as < std::unique_ptr > ()->append(yystack_[0].value.as < std::string > ()); yylhs.value.as < std::unique_ptr > () = std::move(yystack_[1].value.as < std::unique_ptr > ()); } -#line 5615 "seclang-parser.cc" +#line 5610 "seclang-parser.cc" break; case 438: // run_time_string: run_time_string var -#line 3035 "seclang-parser.yy" +#line 3030 "seclang-parser.yy" { yystack_[1].value.as < std::unique_ptr > ()->append(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > () = std::move(yystack_[1].value.as < std::unique_ptr > ()); } -#line 5624 "seclang-parser.cc" +#line 5619 "seclang-parser.cc" break; case 439: // run_time_string: "FREE_TEXT_QUOTE_MACRO_EXPANSION" -#line 3040 "seclang-parser.yy" +#line 3035 "seclang-parser.yy" { std::unique_ptr r(new RunTimeString()); r->append(yystack_[0].value.as < std::string > ()); yylhs.value.as < std::unique_ptr > () = std::move(r); } -#line 5634 "seclang-parser.cc" +#line 5629 "seclang-parser.cc" break; case 440: // run_time_string: var -#line 3046 "seclang-parser.yy" +#line 3041 "seclang-parser.yy" { std::unique_ptr r(new RunTimeString()); r->append(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > () = std::move(r); } -#line 5644 "seclang-parser.cc" +#line 5639 "seclang-parser.cc" break; -#line 5648 "seclang-parser.cc" +#line 5643 "seclang-parser.cc" default: break; @@ -7145,43 +7140,43 @@ namespace yy { 967, 971, 975, 980, 985, 989, 993, 997, 1001, 1005, 1009, 1013, 1017, 1021, 1025, 1029, 1033, 1037, 1041, 1045, 1049, 1053, 1057, 1061, 1075, 1076, 1108, 1127, 1148, 1178, - 1236, 1243, 1247, 1251, 1255, 1259, 1263, 1267, 1271, 1280, - 1284, 1289, 1292, 1297, 1302, 1307, 1312, 1315, 1320, 1323, - 1328, 1333, 1336, 1341, 1346, 1351, 1356, 1361, 1366, 1371, - 1374, 1379, 1384, 1389, 1394, 1397, 1402, 1407, 1412, 1425, - 1438, 1451, 1464, 1477, 1503, 1531, 1543, 1563, 1590, 1596, - 1601, 1606, 1615, 1620, 1624, 1628, 1632, 1636, 1640, 1644, - 1649, 1654, 1666, 1672, 1676, 1680, 1691, 1700, 1701, 1708, - 1713, 1718, 1772, 1779, 1787, 1824, 1828, 1835, 1840, 1846, - 1852, 1858, 1865, 1875, 1879, 1883, 1887, 1891, 1895, 1899, - 1903, 1907, 1911, 1915, 1919, 1923, 1927, 1931, 1935, 1939, - 1943, 1947, 1951, 1955, 1959, 1963, 1967, 1971, 1975, 1979, - 1983, 1987, 1991, 1995, 1999, 2003, 2007, 2011, 2015, 2019, - 2023, 2027, 2031, 2035, 2039, 2043, 2047, 2051, 2055, 2059, - 2063, 2067, 2071, 2075, 2079, 2083, 2087, 2091, 2095, 2099, - 2103, 2107, 2111, 2115, 2119, 2123, 2127, 2131, 2135, 2139, - 2143, 2147, 2151, 2155, 2159, 2163, 2167, 2171, 2175, 2179, - 2183, 2187, 2191, 2195, 2199, 2203, 2207, 2211, 2215, 2219, - 2223, 2227, 2231, 2236, 2240, 2244, 2249, 2253, 2257, 2262, - 2267, 2271, 2275, 2279, 2283, 2287, 2291, 2295, 2299, 2303, - 2307, 2311, 2315, 2319, 2323, 2327, 2331, 2335, 2339, 2343, - 2347, 2351, 2355, 2359, 2363, 2367, 2371, 2375, 2379, 2383, - 2387, 2391, 2395, 2399, 2403, 2407, 2411, 2415, 2419, 2423, - 2427, 2431, 2435, 2439, 2443, 2447, 2451, 2455, 2459, 2463, - 2467, 2471, 2475, 2479, 2483, 2487, 2491, 2495, 2499, 2503, - 2507, 2515, 2522, 2529, 2536, 2543, 2550, 2557, 2564, 2571, - 2578, 2585, 2592, 2602, 2606, 2610, 2614, 2618, 2622, 2626, - 2630, 2635, 2640, 2645, 2649, 2653, 2657, 2661, 2666, 2671, - 2675, 2679, 2683, 2687, 2691, 2695, 2699, 2703, 2707, 2711, - 2715, 2719, 2723, 2727, 2731, 2735, 2739, 2743, 2747, 2751, - 2755, 2759, 2763, 2767, 2771, 2775, 2779, 2783, 2787, 2791, - 2795, 2799, 2803, 2807, 2811, 2815, 2819, 2823, 2827, 2831, - 2835, 2839, 2843, 2847, 2851, 2855, 2859, 2863, 2867, 2871, - 2875, 2879, 2883, 2887, 2891, 2895, 2899, 2903, 2907, 2911, - 2915, 2919, 2923, 2927, 2931, 2935, 2939, 2943, 2947, 2951, - 2955, 2959, 2963, 2967, 2971, 2975, 2979, 2983, 2987, 2991, - 2995, 2999, 3006, 3010, 3014, 3018, 3022, 3029, 3034, 3039, - 3045 + 1231, 1238, 1242, 1246, 1250, 1254, 1258, 1262, 1266, 1275, + 1279, 1284, 1287, 1292, 1297, 1302, 1307, 1310, 1315, 1318, + 1323, 1328, 1331, 1336, 1341, 1346, 1351, 1356, 1361, 1366, + 1369, 1374, 1379, 1384, 1389, 1392, 1397, 1402, 1407, 1420, + 1433, 1446, 1459, 1472, 1498, 1526, 1538, 1558, 1585, 1591, + 1596, 1601, 1610, 1615, 1619, 1623, 1627, 1631, 1635, 1639, + 1644, 1649, 1661, 1667, 1671, 1675, 1686, 1695, 1696, 1703, + 1708, 1713, 1767, 1774, 1782, 1819, 1823, 1830, 1835, 1841, + 1847, 1853, 1860, 1870, 1874, 1878, 1882, 1886, 1890, 1894, + 1898, 1902, 1906, 1910, 1914, 1918, 1922, 1926, 1930, 1934, + 1938, 1942, 1946, 1950, 1954, 1958, 1962, 1966, 1970, 1974, + 1978, 1982, 1986, 1990, 1994, 1998, 2002, 2006, 2010, 2014, + 2018, 2022, 2026, 2030, 2034, 2038, 2042, 2046, 2050, 2054, + 2058, 2062, 2066, 2070, 2074, 2078, 2082, 2086, 2090, 2094, + 2098, 2102, 2106, 2110, 2114, 2118, 2122, 2126, 2130, 2134, + 2138, 2142, 2146, 2150, 2154, 2158, 2162, 2166, 2170, 2174, + 2178, 2182, 2186, 2190, 2194, 2198, 2202, 2206, 2210, 2214, + 2218, 2222, 2226, 2231, 2235, 2239, 2244, 2248, 2252, 2257, + 2262, 2266, 2270, 2274, 2278, 2282, 2286, 2290, 2294, 2298, + 2302, 2306, 2310, 2314, 2318, 2322, 2326, 2330, 2334, 2338, + 2342, 2346, 2350, 2354, 2358, 2362, 2366, 2370, 2374, 2378, + 2382, 2386, 2390, 2394, 2398, 2402, 2406, 2410, 2414, 2418, + 2422, 2426, 2430, 2434, 2438, 2442, 2446, 2450, 2454, 2458, + 2462, 2466, 2470, 2474, 2478, 2482, 2486, 2490, 2494, 2498, + 2502, 2510, 2517, 2524, 2531, 2538, 2545, 2552, 2559, 2566, + 2573, 2580, 2587, 2597, 2601, 2605, 2609, 2613, 2617, 2621, + 2625, 2630, 2635, 2640, 2644, 2648, 2652, 2656, 2661, 2666, + 2670, 2674, 2678, 2682, 2686, 2690, 2694, 2698, 2702, 2706, + 2710, 2714, 2718, 2722, 2726, 2730, 2734, 2738, 2742, 2746, + 2750, 2754, 2758, 2762, 2766, 2770, 2774, 2778, 2782, 2786, + 2790, 2794, 2798, 2802, 2806, 2810, 2814, 2818, 2822, 2826, + 2830, 2834, 2838, 2842, 2846, 2850, 2854, 2858, 2862, 2866, + 2870, 2874, 2878, 2882, 2886, 2890, 2894, 2898, 2902, 2906, + 2910, 2914, 2918, 2922, 2926, 2930, 2934, 2938, 2942, 2946, + 2950, 2954, 2958, 2962, 2966, 2970, 2974, 2978, 2982, 2986, + 2990, 2994, 3001, 3005, 3009, 3013, 3017, 3024, 3029, 3034, + 3040 }; void @@ -7213,9 +7208,9 @@ namespace yy { } // yy -#line 7217 "seclang-parser.cc" +#line 7212 "seclang-parser.cc" -#line 3052 "seclang-parser.yy" +#line 3047 "seclang-parser.yy" void yy::seclang_parser::error (const location_type& l, const std::string& m) { diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy index 5189ac30..d55ee099 100644 --- a/src/parser/seclang-parser.yy +++ b/src/parser/seclang-parser.yy @@ -1075,7 +1075,7 @@ expression: audit_log | DIRECTIVE variables op actions { - std::vector *a = new std::vector(); + std::vector> *a = new std::vector>(); std::vector > *t = new std::vector >(); for (auto &i : *$4.get()) { if (dynamic_cast(i.get())) { @@ -1083,7 +1083,7 @@ expression: std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { - a->push_back(i.release()); + a->push_back(std::move(i)); } } variables::Variables *v = new variables::Variables(); @@ -1100,7 +1100,7 @@ expression: /* file name */ std::unique_ptr(new std::string(*@1.end.filename)), /* line number */ @1.end.line )); - + // TODO: filename should be a shared_ptr. if (driver.addSecRule(std::move(rule)) == false) { YYERROR; } @@ -1126,7 +1126,7 @@ expression: } | CONFIG_DIR_SEC_ACTION actions { - std::vector *a = new std::vector(); + std::vector> *a = new std::vector>(); std::vector > *t = new std::vector >(); for (auto &i : *$2.get()) { if (dynamic_cast(i.get())) { @@ -1134,7 +1134,7 @@ expression: std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { - a->push_back(i.release()); + a->push_back(std::move(i)); } } std::unique_ptr rule(new RuleUnconditional( @@ -1148,7 +1148,7 @@ expression: | DIRECTIVE_SECRULESCRIPT actions { std::string err; - std::vector *a = new std::vector(); + std::vector> *a = new std::vector>(); std::vector > *t = new std::vector >(); for (auto &i : *$2.get()) { if (dynamic_cast(i.get())) { @@ -1156,7 +1156,7 @@ expression: std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { - a->push_back(i.release()); + a->push_back(std::move(i)); } } std::unique_ptr r(new RuleScript( @@ -1178,25 +1178,25 @@ expression: | CONFIG_DIR_SEC_DEFAULT_ACTION actions { bool hasDisruptive = false; - std::vector *actions = new std::vector(); + std::vector> *actions = new std::vector>(); for (auto &i : *$2.get()) { - actions->push_back(i.release()); + actions->push_back(std::move(i)); } - std::vector checkedActions; + std::vector> checkedActions; int definedPhase = -1; int secRuleDefinedPhase = -1; - for (actions::Action *a : *actions) { - actions::Phase *phase = dynamic_cast(a); - if (dynamic_cast(a) != NULL - && dynamic_cast(a) == NULL) { + for (auto &a : *actions) { + actions::Phase *phase = dynamic_cast(a.get()); + if (dynamic_cast(a.get()) != NULL + && dynamic_cast(a.get()) == NULL) { hasDisruptive = true; } if (phase != NULL) { definedPhase = phase->getPhase(); secRuleDefinedPhase = phase->getSecRulePhase(); delete phase; - } else if (dynamic_cast(a) - && !dynamic_cast(a)) { + } else if (dynamic_cast(a.get()) + && !dynamic_cast(a.get())) { checkedActions.push_back(a); } else { driver.error(@0, "The action '" + *a->getName() + "' is not suitable to be part of the SecDefaultActions"); @@ -1206,12 +1206,10 @@ expression: if (definedPhase == -1) { definedPhase = modsecurity::Phases::RequestHeadersPhase; } - if (hasDisruptive == false) { driver.error(@0, "SecDefaultAction must specify a disruptive action."); YYERROR; } - if (!driver.m_rulesSetPhases[definedPhase]->m_defaultActions.empty()) { std::stringstream ss; ss << "SecDefaultActions can only be placed once per phase and configuration context. Phase "; @@ -1220,18 +1218,15 @@ expression: driver.error(@0, ss.str()); YYERROR; } - - for (actions::Action *a : checkedActions) { - if (dynamic_cast(a)) { + for (auto &a : checkedActions) { + if (dynamic_cast(a.get())) { driver.m_rulesSetPhases[definedPhase]->m_defaultTransformations.push_back( - std::shared_ptr( - dynamic_cast(a))); + std::dynamic_pointer_cast(a)); } else { - driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(std::unique_ptr(a)); + driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(a); } } - - delete actions; + //delete actions; } | CONFIG_DIR_SEC_MARKER { diff --git a/src/rule_message.cc b/src/rule_message.cc index 4046a581..b8d1e190 100644 --- a/src/rule_message.cc +++ b/src/rule_message.cc @@ -218,7 +218,7 @@ std::string RuleMessage::getUri() const { bool RuleMessage::isDisruptive() const { if (m_rule) { - return m_rule->hasDisruptiveAction(); + return m_rule->isDisruptive(); } return 0; } diff --git a/src/rule_script.h b/src/rule_script.h index 7569c5bf..321486b0 100644 --- a/src/rule_script.h +++ b/src/rule_script.h @@ -47,7 +47,7 @@ using actions::Action; class RuleScript : public RuleWithActions { public: RuleScript(const std::string &name, - std::vector *actions, + Actions *actions, Transformations *t, std::unique_ptr fileName, int lineNumber) diff --git a/src/rule_unconditional.h b/src/rule_unconditional.h index 6aa08ff6..c44f55eb 100644 --- a/src/rule_unconditional.h +++ b/src/rule_unconditional.h @@ -40,7 +40,7 @@ namespace modsecurity { class RuleUnconditional : public RuleWithActions { public: RuleUnconditional( - std::vector *actions, + Actions *actions, Transformations *transformations, std::unique_ptr fileName, int lineNumber) diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc index 29489b54..91b928b9 100644 --- a/src/rule_with_actions.cc +++ b/src/rule_with_actions.cc @@ -54,142 +54,223 @@ #include "src/actions/rule_id.h" #include "src/actions/ver.h" #include "src/actions/action_type_rule_metadata.h" - +#include "src/actions/action_allowed_in_sec_default_action.h" namespace modsecurity { + RuleWithActions::RuleWithActions( Actions *actions, Transformations *transformations, std::unique_ptr fileName, int lineNumber) : Rule(std::move(fileName), lineNumber), + RuleWithActionsProperties(transformations), m_ruleId(0), m_chainedRuleChild(nullptr), m_chainedRuleParent(nullptr), - m_disruptiveAction(nullptr), - m_logData(nullptr), - m_msg(nullptr), - m_actionsRuntimePos(), - m_actionsSetVar(), - m_actionsTag(), m_XmlNSs(), - m_defaultActionDisruptiveAction(nullptr), - m_defaultActionLogData(nullptr), - m_defaultActionMsg(nullptr), - m_defaultActionActionsRuntimePos(), - m_defaultActionActionsSetVar(), - m_defaultActionActionsTag(), - m_transformations(transformations != nullptr ? *transformations : Transformations()), - m_defaultTransformations(), - m_severity(SEVERITY_NOT_SET), - m_revision(""), - m_version(""), m_accuracy(ACCURACY_NOT_SET), m_maturity(MATURITY_NOT_SET), - m_containsCaptureAction(false), - m_containsLogAction(false), - m_containsNoLogAction(false), - m_containsAuditLogAction(false), - m_containsNoAuditLogAction(false), - m_containsMultiMatchAction(false), - m_containsStaticBlockAction(false), - m_defaultSeverity(SEVERITY_NOT_SET), - m_defaultRevision(""), - m_defaultVersion(""), - m_defaultAccuracy(ACCURACY_NOT_SET), - m_defaultMaturity(MATURITY_NOT_SET), - m_defaultContainsCaptureAction(false), - m_defaultContainsLogAction(false), - m_defaultContainsNoLogAction(false), - m_defaultContainsAuditLogAction(false), - m_defaultContainsNoAuditLogAction(false), - m_defaultContainsMultiMatchAction(false), - m_defaultContainsStaticBlockAction(false), - m_isChained(false) { - + m_severity(SEVERITY_NOT_SET), + m_containsCapture(false), + m_isChained(false), + m_revision(""), + m_version(""), + m_actionMsg(nullptr), + m_actionLogData(nullptr), + m_defaultActions() +{ + // FIXME: split confs on parser. + std::vector> confs; + std::vector> newActions; if (actions) { - for (actions::Action *a : *actions) { - addAction(a); + for (auto &a : *actions) { + if (std::dynamic_pointer_cast(a)) { + confs.push_back(std::dynamic_pointer_cast(a)); + continue; + } else if (std::dynamic_pointer_cast(a)) { + setDisruptiveAction(std::dynamic_pointer_cast(a)); + continue; + } + newActions.push_back(a); + } + } + + + /** + * + * Those are actions that only fit the propose to update something in + * the rule: META-DATA; e.g. RuleID. + * + * The merge action takes care of those properties. Once configured the + * action can be forgotten. + * + */ + for (auto &c : confs) { + c->configure(this); + } + + for (auto &a : newActions) { + if (std::dynamic_pointer_cast(a)) { + addSetVar(std::dynamic_pointer_cast(a)); + continue; + } + if (std::dynamic_pointer_cast(a)) { + addTag(std::dynamic_pointer_cast(a)); + continue; + } + if (std::dynamic_pointer_cast(a)) { + m_XmlNSs.push_back(std::dynamic_pointer_cast(a)); + continue; + } + if (std::dynamic_pointer_cast(a)) { + m_actionLogData = std::dynamic_pointer_cast(a); + continue; + } + if (std::dynamic_pointer_cast(a)) { + m_actionMsg = std::dynamic_pointer_cast(a); + continue; + } + + addGenericMatchAction(std::dynamic_pointer_cast(a)); + } + populate(this); +} + + +RuleWithActions::RuleWithActions(const RuleWithActions &r) + : Rule(r), + RuleWithActionsProperties(r), + m_ruleId(r.m_ruleId), + m_chainedRuleChild(r.m_chainedRuleChild), + m_chainedRuleParent(r.m_chainedRuleParent), + m_XmlNSs(/*r.m_XmlNSs*/), + m_accuracy(r.m_accuracy), + m_maturity(r.m_maturity), + m_severity(r.m_severity), + m_containsCapture(r.m_containsCapture), + m_isChained(r.m_isChained), + m_revision(r.m_revision), + m_version(r.m_version), + m_actionMsg(nullptr /*r.m_actionMsg*/), + m_actionLogData(nullptr /* r.m_actionLogData */), + m_defaultActions(r.m_defaultActions) { + copyActionsWithRunTimeStrings(r); + m_defaultActions.populate(this); + populate(this); +} + + +RuleWithActions &RuleWithActions::operator=(const RuleWithActions& r) { + Rule::operator = (r); + RuleWithActionsProperties::operator = (r); + m_ruleId = r.m_ruleId; + m_chainedRuleChild = r.m_chainedRuleChild; + m_chainedRuleParent = r.m_chainedRuleParent; + /*m_XmlNSs = r.m_XmlNSs;*/ + m_accuracy = r.m_accuracy; + m_maturity = r.m_maturity; + m_severity = r.m_severity; + m_containsCapture = r.m_containsCapture; + m_isChained = r.m_isChained; + m_revision = r.m_revision; + m_version = r.m_version; + /*m_actionMsg = r.m_actionMsg;*/ + /*m_actionLogData = r.m_actionLogData;*/ + m_defaultActions = r.m_defaultActions; + copyActionsWithRunTimeStrings(r); + m_defaultActions.populate(this); + populate(this); + return *this; +} + + +void inline RuleWithActions::copyActionsWithRunTimeStrings(const RuleWithActions &r) { + if (r.m_actionLogData) { + actions::ActionWithRunTimeString *arts = dynamic_cast(r.m_actionLogData.get()); + if (!arts) { + /* Humpf? */ + m_actionLogData = r.m_actionLogData; + } else { + std::shared_ptr z(dynamic_cast(arts->clone())); + actions::ActionWithRunTimeString *aa = dynamic_cast(z.get()); + aa->populate(nullptr); + m_actionLogData = z; + } + } + if (r.m_actionMsg) { + actions::ActionWithRunTimeString *arts = dynamic_cast(r.m_actionMsg.get()); + if (!arts) { + /* Humpf? */ + m_actionMsg = r.m_actionMsg; + } else { + std::shared_ptr z(dynamic_cast(arts->clone())); + actions::ActionWithRunTimeString *aa = dynamic_cast(z.get()); + aa->populate(nullptr); + m_actionMsg = z; + } + } + for (auto &i : r.m_XmlNSs) { + actions::ActionWithRunTimeString *arts = dynamic_cast(i.get()); + if (!arts) { + /* Humpf? */ + m_XmlNSs.push_back(i); + } else { + std::shared_ptr z(dynamic_cast(arts->clone())); + actions::ActionWithRunTimeString *aa = dynamic_cast(z.get()); + aa->populate(nullptr); + m_XmlNSs.push_back(z); } } } -void RuleWithActions::addDefaultAction(std::shared_ptr a) { + +void RuleWithActions::addDefaultAction(std::shared_ptr a) { + actions::ActionAllowedAsSecDefaultAction *d = dynamic_cast(a.get()); + if (d == nullptr) { + throw std::runtime_error("Action is being used as DefaultAction but not allowed."); + } + + /** + * + * ActionWithRunTimeString needs to be aware of the Rule that it + * belongs to. It is necessary to resolve some variables + * (e.g. Rule); Clone and associate are mandatory. + * + */ actions::ActionWithRunTimeString *arts = dynamic_cast(a.get()); if (arts != nullptr) { a = std::unique_ptr(arts->clone()); arts = dynamic_cast(a.get()); arts->populate(this); } - - if (dynamic_cast(a.get())) { - ActionTypeRuleMetaData *conf = dynamic_cast(a.get()); - conf->configure(this); + if (std::dynamic_pointer_cast(a)) { + m_defaultActions.addSetVar(std::dynamic_pointer_cast(a)); return; } - - if (dynamic_cast(a.get())) { - m_defaultActionLogData.reset(dynamic_cast(a.get())); - } else if (dynamic_cast(a.get())) { - m_defaultActionMsg.reset(dynamic_cast(a.get())); - } else if (dynamic_cast(a.get())) { - actions::SetVar *var = dynamic_cast(a.get()); - m_actionsSetVar.push_back(std::unique_ptr(var)); - } else if (dynamic_cast(a.get())) { - m_defaultActionActionsTag.push_back(std::dynamic_pointer_cast(a)); - } else if (dynamic_cast(a.get())) { - m_defaultActionActionsRuntimePos.push_back(std::dynamic_pointer_cast(a)); - m_defaultContainsStaticBlockAction = true; - } else if (std::dynamic_pointer_cast(a) != NULL) { - m_defaultActionDisruptiveAction = std::dynamic_pointer_cast(a); - } else { - m_defaultActionActionsRuntimePos.push_back(std::dynamic_pointer_cast(a)); - } -} - -void RuleWithActions::addAction(actions::Action *a) { - actions::ActionWithRunTimeString *arts = dynamic_cast(a); - if (arts != nullptr) { - a = arts->clone(); - arts = dynamic_cast(a); - arts->populate(this); - } - - if (dynamic_cast(a)) { - ActionTypeRuleMetaData *conf = dynamic_cast(a); - conf->configure(this); - delete a; + if (std::dynamic_pointer_cast(a)) { + m_defaultActions.addTag(std::dynamic_pointer_cast(a)); return; } - - if (dynamic_cast(a)) { - m_logData = std::unique_ptr(dynamic_cast(a)); - } else if (dynamic_cast(a)) { - m_msg = std::unique_ptr(dynamic_cast(a)); - } else if (dynamic_cast(a)) { - actions::SetVar *var = dynamic_cast(a); - m_actionsSetVar.push_back(std::unique_ptr(var)); - } else if (dynamic_cast(a)) { - m_actionsTag.push_back(std::unique_ptr(dynamic_cast(a))); - } else if (dynamic_cast(a)) { - m_actionsRuntimePos.push_back(std::unique_ptr(dynamic_cast(a))); - m_containsStaticBlockAction = true; - } else if (dynamic_cast(a)) { - m_XmlNSs.push_back(std::unique_ptr(dynamic_cast(a))); - } else if (dynamic_cast(a) != NULL) { - m_disruptiveAction = std::unique_ptr(dynamic_cast(a)); - } else { - m_actionsRuntimePos.push_back(std::unique_ptr(dynamic_cast(a))); + if (std::dynamic_pointer_cast(a)) { + m_defaultActions.setBlock(true); + return; } + if (std::dynamic_pointer_cast(a)) { + m_defaultActions.setDisruptiveAction(std::dynamic_pointer_cast(a)); + return; + } + std::shared_ptr bp = std::dynamic_pointer_cast(a); + if (!bp) { + return; + } + m_defaultActions.addGenericMatchAction(bp); } -RuleWithActions::~RuleWithActions() { } - - bool RuleWithActions::evaluate(Transaction *transaction) const { /* Matched vars needs to be clear at every new rule execution */ transaction->m_matched.clear(); @@ -199,97 +280,80 @@ bool RuleWithActions::evaluate(Transaction *transaction) const { void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *trans) const { - - for (actions::SetVar *a : getSetVarsActionsPtr()) { - ms_dbg_a(trans, 4, "Running [independent] (non-disruptive) " \ - "action: " + *a->getName()); - - a->execute(trans); - } + /* setVar */ + auto f = [](Transaction *t, const std::shared_ptr &var) { + ms_dbg_a(t, 4, "Running [independent] (non-disruptive) action: " + *var->getName()); + var->execute(t); + }; + for (auto &a : m_defaultActions.getSetVars()) { f(trans, a); } + for (auto &a : getSetVars()) { f(trans, a); } } void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) const { bool disruptiveAlreadyExecuted = false; - for (actions::Tag *a : getTagsActionPtr()) { - ms_dbg_a(trans, 4, "Running (non-disruptive) action: " \ - + a->getTagName(trans)); - a->execute(trans); - } + /* tags */ + auto f = [](Transaction *t, const std::shared_ptr &tag) { + ms_dbg_a(t, 4, "Running (non-disruptive) action: " + tag->getTagName(t)); + tag->execute(t); + }; + for (auto &a : m_defaultActions.getTags()) { f(trans, a); } + for (auto &a : getTags()) { f(trans, a); } + /** - * * FIXME: SecRuleUpdateActionBy should be runtime - * */ auto range = trans->m_rules->m_exceptions.m_action_pos_update_target_by_id.equal_range(m_ruleId); for (auto it = range.first; it != range.second; ++it) { ActionWithExecution *a = dynamic_cast(it->second.get()); if (dynamic_cast(a)) { trans->messageGetLast()->setRule(this); - } - executeAction(trans, a, false); - if (dynamic_cast(a)) { disruptiveAlreadyExecuted = true; } + ms_dbg_a(trans, 9, "Running action placed by updateTargetById: " + *a->getName()); + a->execute(trans); } - if (m_logData) { - m_logData->execute(trans); - } else if (m_defaultActionLogData) { - m_defaultActionLogData->execute(trans); + /* generic actions */ + auto fg = [](Transaction *t, const std::shared_ptr &a) { + ms_dbg_a(t, 9, "Running action: " + *a->getName()); + a->execute(t); + }; + for (auto &a : m_defaultActions.getGenericMatchActions()) { fg(trans, a); } + for (auto &a : getGenericMatchActions()) { fg(trans, a); } + + if (m_actionLogData) { + m_actionLogData->execute(trans); } - if (m_msg) { - m_msg->execute(trans); - } else if (m_defaultActionMsg) { - m_defaultActionMsg->execute(trans); + if (m_actionMsg) { + m_actionMsg->execute(trans); } - for (auto &a : getMatchActionsPtr()) { - if (!dynamic_cast(a) - && !(disruptiveAlreadyExecuted - && dynamic_cast(a))) { - executeAction(trans, a, false); + /* disruptive actions */ + if (disruptiveAlreadyExecuted) { + return; + } + auto fd = [](Transaction *t, const std::shared_ptr &a) { + if (t->getRuleEngineState() == RulesSet::EnabledRuleEngine) { + ms_dbg_a(t, 4, "Running (disruptive) action: " + *a->getName() + "."); + const ActionWithExecution *ae = dynamic_cast(a.get()); + ae->execute(t); + return; } + + ms_dbg_a(t, 4, "Not running disruptive action: " \ + + *a->getName() + ". SecRuleEngine is not On."); + }; + if (hasDisruptiveAction()) { + trans->messageGetLast()->setRule(this); + fd(trans, getDisruptiveAction()); + } else if ((hasBlock() || m_defaultActions.hasBlock()) && m_defaultActions.hasDisruptiveAction()) { + trans->messageGetLast()->setRule(this); + fd(trans, m_defaultActions.getDisruptiveAction()); } - if (!disruptiveAlreadyExecuted && m_disruptiveAction != nullptr) { - executeAction(trans, - m_disruptiveAction.get(), false); - } else if (!disruptiveAlreadyExecuted && hasBlockAction() - && m_defaultActionDisruptiveAction != nullptr) { - executeAction(trans, - m_defaultActionDisruptiveAction.get(), false); - } -} - - -void RuleWithActions::executeAction(Transaction *trans, - ActionWithExecution *a, bool defaultContext) { - ms_dbg_a(trans, 9, "Running action: " + *a->getName()); - a->execute(trans); -} - - -void RuleWithActions::executeAction(Transaction *trans, - ActionDisruptive *a, bool defaultContext) const { - if (defaultContext && !hasBlockAction()) { - ms_dbg_a(trans, 4, "Ignoring action: " + *a->getName() + \ - " (rule does not cotains block)"); - return; - } - - if (trans->getRuleEngineState() == RulesSet::EnabledRuleEngine) { - ms_dbg_a(trans, 4, "Running (disruptive) action: " + \ - *a->getName() + "."); - ActionWithExecution *ae = dynamic_cast(a); - ae->execute(trans); - return; - } - - ms_dbg_a(trans, 4, "Not running disruptive action: " \ - + *a->getName() + ". SecRuleEngine is not On."); } @@ -303,26 +367,17 @@ void RuleWithActions::executeTransformations( ssin.assign(in.c_str(), in.size()); results.push_back(TransformationResult(&ssin)); - - std::string path(""); - std::shared_ptr value = - std::shared_ptr(new std::string(in)); - - for (Transformation *action : getTransformationPtr()) { - if (dynamic_cast(action)) { + //FIXME: none should be pre-computed. + for (auto &action : m_defaultActions.getTransformations()) { + if (dynamic_cast(action.get())) { none++; } } - - for (Transformation *t : getTransformationPtr()) { - if (none == 0) { - executeTransformation(trans, &results, t); - } - if (dynamic_cast(t)) { - none--; + for (auto &action : getTransformations()) { + if (dynamic_cast(action.get())) { + none++; } } - // FIXME: It can't be something different from transformation. Sort this // on rules compile time. auto range = trans->m_rules->m_exceptions.m_action_transformation_update_target_by_id.equal_range(m_ruleId); @@ -333,6 +388,24 @@ void RuleWithActions::executeTransformations( } } + for (auto &t : m_defaultActions.getTransformations()) { + if (none == 0) { + executeTransformation(trans, &results, t.get()); + } + if (dynamic_cast(t.get())) { + none--; + } + } + + for (auto &t : getTransformations()) { + if (none == 0) { + executeTransformation(trans, &results, t.get()); + } + if (dynamic_cast(t.get())) { + none--; + } + } + for (auto it = range.first; it != range.second; ++it) { Transformation *t = it->second.get(); if (none == 0) { @@ -381,9 +454,14 @@ void RuleWithActions::executeTransformation( } -bool RuleWithActions::containsTag(const std::string& name, Transaction *t) const { - for (auto &tag : getTagsAction()) { - if (tag != NULL && tag->getTagName(t) == name) { +bool RuleWithActions::containsTag(const std::string& name, const Transaction *t) const noexcept { + for (auto &tag : m_defaultActions.getTags()) { + if (tag != nullptr && tag->getTagName(t) == name) { + return true; + } + } + for (auto &tag : getTags()) { + if (tag != nullptr && tag->getTagName(t) == name) { return true; } } @@ -391,13 +469,18 @@ bool RuleWithActions::containsTag(const std::string& name, Transaction *t) const } -bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) const { - return m_msg && m_msg->getEvaluatedRunTimeString(t) == name; +bool RuleWithActions::containsMsg(const std::string& name, const Transaction *t) const noexcept { + return m_actionMsg && m_actionMsg->getEvaluatedRunTimeString(t) == name; } -std::string RuleWithActions::getLogData(const Transaction *t) const { return m_logData->getEvaluatedRunTimeString(t); } -std::string RuleWithActions::getMessage(const Transaction *t) const { return m_msg->getEvaluatedRunTimeString(t); } +std::string RuleWithActions::getLogData(const Transaction *t) const noexcept { + return m_actionLogData->getEvaluatedRunTimeString(t); +} +std::string RuleWithActions::getMessage(const Transaction *t) const noexcept { + return m_actionMsg->getEvaluatedRunTimeString(t); +} + } // namespace modsecurity diff --git a/src/rule_with_actions.h b/src/rule_with_actions.h index cc184349..865170bc 100644 --- a/src/rule_with_actions.h +++ b/src/rule_with_actions.h @@ -25,19 +25,32 @@ #ifndef SRC_RULE_WITH_ACTIONS_H_ #define SRC_RULE_WITH_ACTIONS_H_ -#include "modsecurity/transaction.h" -#include "modsecurity/modsecurity.h" -#include "modsecurity/variable_value.h" -#include "modsecurity/rule.h" #include "modsecurity/actions/action.h" +#include "modsecurity/modsecurity.h" +#include "modsecurity/rule.h" +#include "modsecurity/rule_message.h" +#include "modsecurity/rules_set.h" +#include "modsecurity/transaction.h" +#include "modsecurity/variable_value.h" +#include "src/actions/action_allowed_in_sec_default_action.h" #include "src/actions/action_type_rule_metadata.h" #include "src/actions/action_with_execution.h" +#include "src/actions/action_with_run_time_string.h" #include "src/actions/disruptive/disruptive_action.h" - +#include "src/actions/transformations/transformation.h" +#include "src/actions/xmlns.h" +#include "src/rule_with_actions.h" +#include "src/rule_with_actions_properties.h" +#include "src/utils/string.h" +#include "src/transformation_result.h" #ifdef __cplusplus + namespace modsecurity { + using XmlNSs = std::vector >; + using XmlNSsPtr = std::vector; + namespace actions { class Action; @@ -45,200 +58,42 @@ class Severity; class LogData; class Msg; class Rev; -class SetVar; -class Tag; class XmlNS; namespace transformations { class Transformation; } } -using Transformation = actions::transformations::Transformation; -using Transformations = std::vector >; -using TransformationsPtr = std::vector; -using Actions = std::vector; -using ActionWithExecution = actions::ActionWithExecution; -using ActionTypeRuleMetaData = actions::ActionTypeRuleMetaData; -using ActionDisruptive = actions::disruptive::ActionDisruptive; - -using MatchActions = std::vector >; -using MatchActionsPtr = std::vector; - -using Tags = std::vector >; -using TagsPtr = std::vector; - -using SetVars = std::vector >; -using SetVarsPtr = std::vector; - -using XmlNSs = std::vector >; -using XmlNSsPtr = std::vector; - - -class TransformationResult { +class RuleWithActions : public Rule, public RuleWithActionsProperties { public: - explicit TransformationResult( - ModSecString &after, - const std::string *transformation = nullptr) - : m_after(after), - m_transformation(transformation) { }; - explicit TransformationResult( - ModSecString *after) - : m_after(*after), - m_transformation(nullptr) { }; + using Action = actions::Action; + using Actions = std::vector>; + using ActionTypeRuleMetaData = actions::ActionTypeRuleMetaData; - TransformationResult(const TransformationResult &t2) - : m_after(t2.m_after), - m_transformation(t2.m_transformation) { }; - - - ModSecString *getAfter() { - return &m_after; - } - - - const std::string *getTransformationName() const { - return m_transformation; - } - - - private: - ModSecString m_after; - const std::string *m_transformation; -}; - -using TransformationsResults = std::list; - - -class RuleWithActions : public Rule { - public: - int SEVERITY_NOT_SET = 10; - int ACCURACY_NOT_SET = 10; - int MATURITY_NOT_SET = 10; + const unsigned int SEVERITY_NOT_SET = 10; + const unsigned int ACCURACY_NOT_SET = 10; + const unsigned int MATURITY_NOT_SET = 10; RuleWithActions( Actions *a, Transformations *t, std::unique_ptr fileName, int lineNumber); - ~RuleWithActions(); - - RuleWithActions(const RuleWithActions &r) - : Rule(r), - m_ruleId(r.m_ruleId), - m_chainedRuleChild(r.m_chainedRuleChild), - m_chainedRuleParent(r.m_chainedRuleParent), - m_disruptiveAction(r.m_disruptiveAction), - m_logData(r.m_logData), - m_msg(r.m_msg), - m_actionsRuntimePos(r.m_actionsRuntimePos), - m_actionsSetVar(r.m_actionsSetVar), - m_actionsTag(r.m_actionsTag), - m_XmlNSs(r.m_XmlNSs), - m_defaultActionDisruptiveAction(r.m_defaultActionDisruptiveAction), - m_defaultActionLogData(r.m_defaultActionLogData), - m_defaultActionMsg(r.m_defaultActionMsg), - m_defaultActionActionsRuntimePos(r.m_defaultActionActionsRuntimePos), - m_defaultActionActionsSetVar(r.m_defaultActionActionsSetVar), - m_defaultActionActionsTag(r.m_defaultActionActionsTag), - m_transformations(r.m_transformations), - m_defaultTransformations(r.m_defaultTransformations), - m_severity(r.m_severity), - m_revision(r.m_revision), - m_version(r.m_version), - m_accuracy(r.m_accuracy), - m_maturity(r.m_maturity), - m_containsCaptureAction(r.m_containsCaptureAction), - m_containsLogAction(r.m_containsLogAction), - m_containsNoLogAction(r.m_containsNoLogAction), - m_containsAuditLogAction(r.m_containsAuditLogAction), - m_containsNoAuditLogAction(r.m_containsNoAuditLogAction), - m_containsMultiMatchAction(r.m_containsMultiMatchAction), - m_containsStaticBlockAction(r.m_containsStaticBlockAction), - m_defaultSeverity(r.m_defaultSeverity), - m_defaultRevision(r.m_defaultRevision), - m_defaultVersion(r.m_defaultVersion), - m_defaultAccuracy(r.m_defaultAccuracy), - m_defaultMaturity(r.m_defaultMaturity), - m_defaultContainsCaptureAction(r.m_defaultContainsCaptureAction), - m_defaultContainsLogAction(r.m_defaultContainsLogAction), - m_defaultContainsNoLogAction(r.m_defaultContainsNoLogAction), - m_defaultContainsAuditLogAction(r.m_defaultContainsAuditLogAction), - m_defaultContainsNoAuditLogAction(r.m_defaultContainsNoAuditLogAction), - m_defaultContainsMultiMatchAction(r.m_defaultContainsMultiMatchAction), - m_defaultContainsStaticBlockAction(r.m_defaultContainsStaticBlockAction), - m_isChained(r.m_isChained) { - // TODO: Verify if it is necessary to process any other copy. - }; - - RuleWithActions &operator=(const RuleWithActions& r) { - Rule::operator = (r); - m_ruleId = r.m_ruleId; - m_chainedRuleChild = r.m_chainedRuleChild; - m_chainedRuleParent = r.m_chainedRuleParent; - m_disruptiveAction = r.m_disruptiveAction; - m_logData = r.m_logData; - m_msg = r.m_msg; - m_actionsRuntimePos = r.m_actionsRuntimePos; - m_actionsSetVar = r.m_actionsSetVar; - m_actionsTag = r.m_actionsTag; - m_XmlNSs = r.m_XmlNSs; - m_defaultActionDisruptiveAction = r.m_defaultActionDisruptiveAction; - m_defaultActionLogData = r.m_defaultActionLogData; - m_defaultActionMsg = r.m_defaultActionMsg; - m_defaultActionActionsRuntimePos = r.m_defaultActionActionsRuntimePos; - m_defaultActionActionsSetVar = r.m_defaultActionActionsSetVar; - m_defaultActionActionsTag = r.m_defaultActionActionsTag; - m_transformations = r.m_transformations; - m_defaultTransformations = r.m_defaultTransformations; - m_severity = r.m_severity; - m_revision = r.m_revision; - m_version = r.m_version; - m_accuracy = r.m_accuracy; - m_maturity = r.m_maturity; - m_containsCaptureAction = r.m_containsCaptureAction; - m_containsLogAction = r.m_containsLogAction; - m_containsNoLogAction = r.m_containsNoLogAction; - m_containsAuditLogAction = r.m_containsAuditLogAction; - m_containsNoAuditLogAction = r.m_containsNoAuditLogAction; - m_containsMultiMatchAction = r.m_containsMultiMatchAction; - m_containsStaticBlockAction = r.m_containsStaticBlockAction; - m_defaultSeverity = r.m_defaultSeverity; - m_defaultRevision = r.m_defaultRevision; - m_defaultVersion = r.m_defaultVersion; - m_defaultAccuracy = r.m_defaultAccuracy; - m_defaultMaturity = r.m_defaultMaturity; - m_defaultContainsCaptureAction = r.m_defaultContainsCaptureAction; - m_defaultContainsLogAction = r.m_defaultContainsLogAction; - m_defaultContainsNoLogAction = r.m_defaultContainsNoLogAction; - m_defaultContainsAuditLogAction = r.m_defaultContainsAuditLogAction; - m_defaultContainsNoAuditLogAction = r.m_defaultContainsNoAuditLogAction; - m_defaultContainsMultiMatchAction = r.m_defaultContainsMultiMatchAction; - m_defaultContainsStaticBlockAction = r.m_defaultContainsStaticBlockAction; - m_isChained = r.m_isChained; - return *this; - // TODO: Verify if it is necessary to process any other copy. - } + RuleWithActions(const RuleWithActions &r); + RuleWithActions &operator=(const RuleWithActions& r); virtual bool evaluate(Transaction *transaction) const override; - void executeActionsIndependentOfChainedRuleResult( - Transaction *trasn) const; + Transaction *trasaction) const; void executeActionsAfterFullMatch( - Transaction *trasn) const; - - static void executeAction(Transaction *trans, - ActionWithExecution *a, - bool context); - - void executeAction(Transaction *trans, - ActionDisruptive *a, - bool context) const; + Transaction *transaction) const; + // FIXME: Pass a callback for the transformation execution. static void executeTransformation( Transaction *transaction, TransformationsResults *ret, @@ -255,253 +110,187 @@ class RuleWithActions : public Rule { const std::string &value, TransformationsResults &results) const; - void addAction(actions::Action *a); - void addTransformation(std::shared_ptr t) { - m_transformations.push_back(t); - } - void addDefaultAction(std::shared_ptr); - void addDefaultTransformation(std::shared_ptr t) { - m_defaultTransformations.push_back(t); - } - - - std::vector getActionsByName(const std::string& name, - Transaction *t); - bool containsTag(const std::string& name, Transaction *t) const; - bool containsMsg(const std::string& name, Transaction *t) const; + /* */ + bool containsTag(const std::string& name, const Transaction *t) const noexcept; + bool containsMsg(const std::string& name, const Transaction *t) const noexcept; + /* default Actions */ void clearDefaultActions() { - m_defaultSeverity = SEVERITY_NOT_SET; - m_defaultRevision = ""; - m_defaultVersion = ""; - m_defaultAccuracy = ACCURACY_NOT_SET; - m_defaultMaturity = MATURITY_NOT_SET; - m_defaultContainsCaptureAction = false; - m_defaultContainsLogAction = false; - m_defaultContainsNoLogAction = false; - m_defaultContainsMultiMatchAction = false; - m_defaultContainsStaticBlockAction = false; - m_defaultActionLogData = nullptr; - m_defaultActionMsg = nullptr; - m_defaultActionActionsSetVar.clear(); - m_defaultActionActionsTag.clear(); - m_defaultActionActionsRuntimePos.clear(); - m_defaultActionDisruptiveAction = nullptr; - m_defaultActionActionsRuntimePos.clear(); - m_defaultTransformations.clear(); + m_defaultActions.clear(); + } + void addDefaultAction(std::shared_ptr a); + void addDefaulTransformation(std::shared_ptr t) { + m_defaultActions.addTransformation(t); } - Transformations getTransformation() const { - Transformations dst; - for (auto &a : m_defaultTransformations) { - dst.push_back(a); - } - for (auto &a : m_transformations) { - dst.push_back(a); - } - return dst; + + /* rule id */ + // FIXME: not ever rule has an id. e.g. chained rule. */ + inline const RuleId getId() const noexcept { return m_ruleId; } + void setId(int id) noexcept { + m_ruleId = id; } - TransformationsPtr getTransformationPtr() const { - TransformationsPtr dst; - for (auto &a : m_defaultTransformations) { - dst.push_back(a.get()); - } - for (auto &a : m_transformations) { - dst.push_back(a.get()); - } - return dst; + + /* capture */ + inline void setHasCapture(bool b) noexcept { + m_containsCapture = b; + } + inline bool hasCapture() const noexcept { + return m_containsCapture; } - SetVars getSetVarsActions() const { - SetVars dst; - for (auto &a : m_defaultActionActionsSetVar) { - dst.push_back(a); - } - for (auto &a : m_actionsSetVar) { - dst.push_back(a); - } - return dst; + + /* accuracy */ + inline const int getAccuracy() const noexcept { + return m_accuracy; + } + inline void setAccuracy(unsigned int accuracy) noexcept { + m_accuracy = accuracy; + } + inline bool hasAccuracy() const noexcept { + return m_accuracy != ACCURACY_NOT_SET; } - SetVarsPtr getSetVarsActionsPtr() const { - SetVarsPtr dst; - for (auto &a : m_defaultActionActionsSetVar) { - dst.push_back(a.get()); - } - for (auto &a : m_actionsSetVar) { - dst.push_back(a.get()); - } - return dst; + + /* severity */ + inline int getSeverity() const noexcept { + return m_severity; + } + inline void setSeverity(unsigned int severity) noexcept { + m_severity = severity; + } + inline bool hasSeverity() const noexcept { + return m_severity != SEVERITY_NOT_SET; } - MatchActionsPtr getMatchActionsPtr() const { - MatchActionsPtr dst; - for (auto &a : m_defaultActionActionsRuntimePos) { - dst.push_back(a.get()); - } - for (auto &a : m_actionsRuntimePos) { - dst.push_back(a.get()); - } - return dst; + + /* revision */ + inline const std::string getRevision() const noexcept { + return m_revision; + }; + inline void setRevision(const std::string &revision) noexcept { + m_revision.assign(revision); + } + inline bool hasRevision() const noexcept { + return m_revision != ""; } - MatchActions getMatchActions() const { - MatchActions dst; - for (auto &a : m_defaultActionActionsRuntimePos) { - dst.push_back(a); - } - for (auto &a : m_actionsRuntimePos) { - dst.push_back(a); - } - return dst; + + /* version */ + inline const std::string getVersion() const noexcept { + return m_version; + }; + inline void setVersion(const std::string &version) noexcept { + m_version.assign(version); + } + inline bool hasVersion() const noexcept { + return m_version != ""; } + + /* maturity */ + inline const int getMaturity() const noexcept { + return m_maturity; + } + inline void setMaturity(unsigned int maturity) noexcept { + m_maturity = maturity; + } + inline bool hasMaturity() const noexcept { + return m_maturity != MATURITY_NOT_SET; + } + + + /* logData */ + inline std::shared_ptr getLogDataAction() const noexcept { + return m_actionLogData; + } + std::string getLogData(const Transaction *t) const noexcept; + inline void setLogDataAction(const std::shared_ptr &data) noexcept { + m_actionLogData = data; + } + inline bool hasLogDataAction() const noexcept { + return m_actionLogData != nullptr; + } + + + /* message */ + inline std::shared_ptr getMessageAction() const noexcept { + return m_actionMsg; + } + std::string getMessage(const Transaction *t) const noexcept; + inline void setMessageAction(const std::shared_ptr &msg) noexcept { + m_actionMsg = msg; + } + inline bool hasMessageAction() const noexcept { + return m_actionMsg != nullptr; + } + + + /* multimatch */ + inline bool processMultiMatch() const noexcept { + return hasMultiMatch() || m_defaultActions.hasMultiMatch(); + } + + + /* isDisruptive */ + inline bool isDisruptive() const { + return hasDisruptiveAction() || ((m_defaultActions.hasBlock() || hasBlock()) && m_defaultActions.hasBlock()); + } + + + /* logging */ + inline bool isItToBeLogged() const noexcept { + if (hasNoLog()) { + return false; + } + if (m_defaultActions.hasNoLog() && !hasNoLog()) { + return false; + } + if (!hasDisruptiveAction() && !(hasBlock() || m_defaultActions.hasBlock())) { + return false; + } + if (!m_defaultActions.hasDisruptiveAction() && !hasDisruptiveAction()) { + return false; + } + return true; + } + + inline bool isItToBeAuditLogged() const noexcept { + if (hasAuditLog()) { + return true; + } + if (m_defaultActions.hasAuditLog() && !hasNoAuditLog()) { + return true; + } + if (isItToBeLogged()) { + return true; + } + return false; + } + + + /* chained rule */ + /* FIXME: The chained rule needs to have its own class. */ + void setChainedNext(std::unique_ptr r) { + m_chainedRuleChild = std::move(r); + } + inline RuleWithActions *getChainedNext() const { + return m_chainedRuleChild.get(); + } + void setChainedParent(RuleWithActions *r) { + m_chainedRuleParent = r; + } + inline RuleWithActions *getChainedParent() { + return m_chainedRuleParent; + } inline bool hasChainAction() const { return m_isChained == true; } inline void setHasChainAction(bool b) { m_isChained = b; } inline bool hasChainedParent() const { return m_chainedRuleParent != nullptr; } inline bool hasChainedChild() const { return m_chainedRuleChild.get() != nullptr; } - inline void setHasCaptureAction(bool b) { m_containsCaptureAction = b; } - inline bool hasCaptureAction() const { return m_containsCaptureAction || m_defaultContainsCaptureAction; } - inline bool hasDisruptiveAction() const { return m_disruptiveAction != nullptr || m_defaultActionDisruptiveAction != nullptr; } - inline void setDisruptiveAction(const std::shared_ptr &a) { m_disruptiveAction = a; } - inline std::shared_ptr getDisruptiveAction() const { return m_disruptiveAction; } - - inline bool hasBlockAction() const { return m_containsStaticBlockAction || m_defaultContainsStaticBlockAction; } - inline void setHasBlockAction(bool b) { m_containsStaticBlockAction = b; } - - inline void setHasMultimatchAction(bool b) { m_containsMultiMatchAction = b; } - inline bool hasMultimatchAction() const { return m_containsMultiMatchAction || m_defaultContainsMultiMatchAction; } - - inline bool hasAuditLogAction() const { return m_containsAuditLogAction == true; } - inline void setHasAuditLogAction(bool b) { m_containsAuditLogAction = b; } - inline bool hasNoAuditLogAction() const { return m_containsNoAuditLogAction == true; } - inline void setHasNoAuditLogAction(bool b) { m_containsNoAuditLogAction = b; } - - inline bool hasLogAction() const { return m_containsLogAction == true; } - inline void setHasLogAction(bool b) { m_containsLogAction = b; } - inline bool hasNoLogAction() const { return m_containsNoLogAction == true; } - inline void setHasNoLogAction(bool b) { m_containsNoLogAction = b; } - - - inline bool isItToBeLogged() const noexcept { - if (m_containsNoLogAction) { - return false; - } - - if (m_defaultContainsNoLogAction && !m_containsLogAction) { - return false; - } - - return true; - } - - - inline bool isItToBeAuditLogged() const noexcept { - if (!isItToBeLogged() && !m_containsAuditLogAction - && !m_defaultContainsAuditLogAction) { - return false; - } - - if (m_containsNoAuditLogAction) { - return false; - } - - if (m_defaultContainsNoLogAction && !m_containsAuditLogAction) { - return false; - } - - return true; - } - - - inline bool hasLogDataAction() const { return m_logData != nullptr || m_defaultActionLogData != nullptr; } - inline std::shared_ptr getLogDataAction() const { return m_logData; } - std::string getLogData(const Transaction *t) const; - inline void setLogDataAction(const std::shared_ptr &data) { m_logData = data; } - - inline bool hasMessageAction() const { return m_msg != nullptr || m_defaultActionMsg != nullptr; } - inline std::shared_ptr getMessageAction() const { return m_msg; } - inline void setMessageAction(const std::shared_ptr &msg) { m_msg = msg; } - std::string getMessage(const Transaction *t) const; - - - inline bool hasSeverityAction() const { return m_severity != SEVERITY_NOT_SET || m_defaultSeverity != SEVERITY_NOT_SET; } - inline int getSeverity() const { return (m_severity != SEVERITY_NOT_SET)?m_severity:m_defaultSeverity; } - inline void setDefaultActionSeverity(unsigned int severity) { m_defaultSeverity = severity; } - inline void setSeverity(unsigned int severity) { m_severity = severity; } - - inline bool hasRevisionAction() const { return m_revision != ""; } - inline const std::string getRevision() const { return m_revision; }; - inline void setRevision(const std::string &revision) { m_revision.assign(revision); } - - inline bool hasVersionAction() const { return m_version != ""; } - inline const std::string getVersion() const { return m_version; }; - inline void setVersion(const std::string &version) { m_version.assign(version); } - - inline bool hasAccuracyAction() const { return m_accuracy != ACCURACY_NOT_SET || m_defaultAccuracy != ACCURACY_NOT_SET; } - inline const int getAccuracy() const { return m_accuracy; } - inline void setAccuracy(unsigned int accuracy) { m_accuracy = accuracy; } - - inline bool hasMaturityAction() const { return m_maturity != MATURITY_NOT_SET || m_defaultMaturity != MATURITY_NOT_SET; } - inline const int getMaturity() const { return m_maturity; } - inline void setDefaultActionMaturity(unsigned int maturity) { m_defaultMaturity = maturity; } - inline void setMaturity(unsigned int maturity) { m_maturity = maturity; } - - inline bool hasTagAction() const { return m_actionsTag.size() > 0; } - inline void setTags(Tags tags) { - for (auto tag : tags) { - m_actionsTag.push_back(tag); - } - } - inline void cleanTags() { - m_actionsTag.clear(); - } - Tags getTagsAction() const { - Tags dst; - for (auto &a : m_defaultActionActionsTag) { - dst.push_back(a); - } - for (auto &a : m_actionsTag) { - dst.push_back(a); - } - return dst; - } - - TagsPtr getTagsActionPtr() const { - TagsPtr dst; - for (auto &a : m_defaultActionActionsTag) { - dst.push_back(a.get()); - } - for (auto &a : m_actionsTag) { - dst.push_back(a.get()); - } - return dst; - } - - inline RuleId getId() const { return m_ruleId; } - void setId(int id) { - m_ruleId = id; - } - - void setChainedNext(std::unique_ptr r) { - m_chainedRuleChild = std::move(r); - } - - inline RuleWithActions *getChainedNext() const { - return m_chainedRuleChild.get(); - } - - void setChainedParent(RuleWithActions *r) { - m_chainedRuleParent = r; - } - - inline RuleWithActions *getChainedParent() { - return m_chainedRuleParent; - } XmlNSs getXmlNSs() const { XmlNSs dst; @@ -530,37 +319,24 @@ class RuleWithActions : public Rule { } private: + void inline copyActionsWithRunTimeStrings(const RuleWithActions &o); + RuleId m_ruleId; std::shared_ptr m_chainedRuleChild; RuleWithActions *m_chainedRuleParent; - /* actions */ - std::shared_ptr m_disruptiveAction; - std::shared_ptr m_logData; - std::shared_ptr m_msg; - MatchActions m_actionsRuntimePos; - SetVars m_actionsSetVar; - Tags m_actionsTag; + /* xmlns */ XmlNSs m_XmlNSs; - /* actions || SecDefaultAction */ - std::shared_ptr m_defaultActionDisruptiveAction; - std::shared_ptr m_defaultActionLogData; - std::shared_ptr m_defaultActionMsg; - - MatchActions m_defaultActionActionsRuntimePos; - SetVars m_defaultActionActionsSetVar; - Tags m_defaultActionActionsTag; - - /* actions > transformations */ - Transformations m_transformations; - - /* actions > transformations || SecDefaultAction */ - Transformations m_defaultTransformations; - - - /* || */ + /** + * 1-9 where 9 is very strong and 1 has many false positives + */ + unsigned int m_accuracy:4; + /** + * 1-9 where 9 is extensively tested and 1 is a brand new experimental rule + */ + unsigned int m_maturity:4; /** * 0 - EMERGENCY: is generated from correlation of anomaly * scoring data where there is an inbound @@ -581,44 +357,16 @@ class RuleWithActions : public Rule { * 6 - INFO * 7 - DEBUG **/ - unsigned int m_severity:3; - + unsigned int m_severity:4; + bool m_containsCapture:1; + bool m_isChained:1; std::string m_revision; std::string m_version; + std::shared_ptr m_actionMsg; + std::shared_ptr m_actionLogData; - /** - * 1-9 where 9 is very strong and 1 has many false positives - */ - unsigned int m_accuracy:3; - /** - * 1-9 where 9 is extensively tested and 1 is a brand new experimental rule - */ - unsigned int m_maturity:3; - - - bool m_containsCaptureAction:1; - bool m_containsLogAction:1; - bool m_containsNoLogAction:1; - bool m_containsAuditLogAction:1; - bool m_containsNoAuditLogAction:1; - bool m_containsMultiMatchAction:1; - bool m_containsStaticBlockAction:1; - - /* || SecDefaultAction */ - unsigned int m_defaultSeverity:3; - std::string m_defaultRevision; - std::string m_defaultVersion; - unsigned int m_defaultAccuracy:3; - unsigned int m_defaultMaturity:3; - bool m_defaultContainsCaptureAction:1; - bool m_defaultContainsLogAction:1; - bool m_defaultContainsNoLogAction:1; - bool m_defaultContainsAuditLogAction:1; - bool m_defaultContainsNoAuditLogAction:1; - bool m_defaultContainsMultiMatchAction:1; - bool m_defaultContainsStaticBlockAction:1; - - bool m_isChained:1; + /* SecDefaultAction */ + RuleWithActionsProperties m_defaultActions; }; } // namespace modsecurity diff --git a/src/rule_with_actions_properties.cc b/src/rule_with_actions_properties.cc new file mode 100644 index 00000000..a7b3a466 --- /dev/null +++ b/src/rule_with_actions_properties.cc @@ -0,0 +1,150 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include "modsecurity/rule.h" + +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "src/actions/set_var.h" +#include "src/actions/tag.h" +#include "src/actions/transformations/transformation.h" + + +namespace modsecurity { + + +RuleWithActionsProperties::RuleWithActionsProperties(Transformations *transformations) : + m_hasAuditLog(false), + m_hasBlock(false), + m_hasLog(false), + m_hasMultiMatch(false), + m_hasNoAuditLog(false), + m_hasNoLog(false), + m_executeIfMatchActions(), + m_setVars(), + m_disruptiveAction(nullptr), + m_tags(), + m_transformations(transformations != nullptr ? *transformations : Transformations()) +{ } + + + +RuleWithActionsProperties::RuleWithActionsProperties(const RuleWithActionsProperties &o) : + m_hasAuditLog(o.m_hasAuditLog), + m_hasBlock(o.m_hasBlock), + m_hasLog(o.m_hasLog), + m_hasMultiMatch(o.m_hasMultiMatch), + m_hasNoAuditLog(o.m_hasNoAuditLog), + m_hasNoLog(o.m_hasNoAuditLog), + m_executeIfMatchActions(), + m_setVars(), + m_disruptiveAction(o.m_disruptiveAction), + m_tags(), + m_transformations(o.m_transformations) +{ + copyActionsWithRunTimeStrings(o); +} + + +RuleWithActionsProperties &RuleWithActionsProperties::operator=(const RuleWithActionsProperties &o) { + m_hasAuditLog = o.m_hasAuditLog; + m_hasBlock = o.m_hasBlock; + m_hasLog = o.m_hasLog; + m_hasMultiMatch = o.m_hasMultiMatch; + m_hasNoAuditLog = o.m_hasNoAuditLog; + m_hasNoLog = o.m_hasNoAuditLog; + m_disruptiveAction = o.m_disruptiveAction; + m_transformations = o.m_transformations; + copyActionsWithRunTimeStrings(o); + + return *this; +} + + +void inline RuleWithActionsProperties::copyActionsWithRunTimeStrings(const RuleWithActionsProperties &o) { + for (auto &i : o.m_executeIfMatchActions) { + actions::ActionWithRunTimeString *arts = dynamic_cast(i.get()); + if (!arts) { + m_executeIfMatchActions.push_back(i); + continue; + } + std::shared_ptr z(dynamic_cast(arts->clone())); + actions::ActionWithRunTimeString *aa = dynamic_cast(z.get()); + aa->populate(nullptr); + m_executeIfMatchActions.push_back(z); + } + for (auto &i : o.m_setVars) { + actions::ActionWithRunTimeString *arts = dynamic_cast(i.get()); + if (!arts) { + m_setVars.push_back(i); + continue; + } + std::shared_ptr z(dynamic_cast(arts->clone())); + actions::ActionWithRunTimeString *aa = dynamic_cast(z.get()); + aa->populate(nullptr); + m_setVars.push_back(z); + } + for (auto &i : o.m_tags) { + actions::ActionWithRunTimeString *arts = dynamic_cast(i.get()); + if (!arts) { + m_tags.push_back(i); + continue; + } + std::shared_ptr z(dynamic_cast(arts->clone())); + actions::Tag *aa = dynamic_cast(z.get()); + aa->populate(nullptr); + m_tags.push_back(z); + } +} + + +void RuleWithActionsProperties::populate(const RuleWithActions *r) const { + /** + * + * ActionWithRunTimeString needs to be aware of the Rule that it + * belongs to. It is necessary to resolve some variables + * (e.g. Rule); Clone and associate are mandatory. + * + */ + for (auto &i : m_executeIfMatchActions) { + actions::ActionWithRunTimeString *arts = dynamic_cast(i.get()); + if (arts != nullptr) { + arts->populate(r); + } + } + for (auto &i : m_setVars) { + actions::ActionWithRunTimeString *arts = dynamic_cast(i.get()); + if (arts != nullptr) { + arts->populate(r); + } + } + for (auto &i : m_tags) { + actions::ActionWithRunTimeString *arts = dynamic_cast(i.get()); + if (arts != nullptr) { + arts->populate(r); + } + } +} + + +} // namespace modsecurity diff --git a/src/rule_with_actions_properties.h b/src/rule_with_actions_properties.h new file mode 100644 index 00000000..32a86ed8 --- /dev/null +++ b/src/rule_with_actions_properties.h @@ -0,0 +1,213 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + + +#ifndef SRC_RULE_WITH_ACTIONS_PROPERTIES_H_ +#define SRC_RULE_WITH_ACTIONS_PROPERTIES_H_ + + +#include "modsecurity/modsecurity.h" +#include "src/actions/action_with_execution.h" +#include "src/actions/disruptive/disruptive_action.h" + +namespace modsecurity { + +namespace actions { +class SetVar; +class Tag; +namespace transformations { +class Transformation; +} +} + + +class RuleWithActionsProperties { + /** + * Properties that can be part of the SecDefaultActions. + * + */ + public: + using ActionWithExecution = actions::ActionWithExecution; + using ActionDisruptive = actions::disruptive::ActionDisruptive; + using MatchActions = std::vector>; + using SetVar = actions::SetVar; + using SetVars = std::vector>; + using Tag = actions::Tag; + using Tags = std::vector>; + using Transformation = actions::transformations::Transformation; + using Transformations = std::vector>; + + explicit RuleWithActionsProperties(Transformations *transformations = nullptr); + ~RuleWithActionsProperties() { + /* all the allocated resources are shared pointers. */ + } + + RuleWithActionsProperties(const RuleWithActionsProperties &o); + RuleWithActionsProperties &operator=(const RuleWithActionsProperties &o); + RuleWithActionsProperties(RuleWithActionsProperties &&o) = delete; + + + void clear() { + m_hasLog = false; + m_hasNoLog = false; + m_hasBlock = false; + m_setVars.clear(); + m_tags.clear(); + m_disruptiveAction = nullptr; + m_executeIfMatchActions.clear(); + m_transformations.clear(); + }; + + void populate(const RuleWithActions *r) const; + + + /* auditLog */ + bool hasAuditLog() const noexcept { + return m_hasAuditLog; + } + void setAuditLog(bool b) { + m_hasAuditLog = b; + } + + + /* log */ + bool hasLog() const noexcept { + return m_hasLog; + } + void setLog(bool b) { + m_hasLog = b; + } + + + /* MultiMatch */ + bool hasMultiMatch() const noexcept { + return m_hasMultiMatch; + } + void setMultiMatch(bool b) { + m_hasMultiMatch = b; + } + + + /* noAuditLog */ + bool hasNoAuditLog() const noexcept { + return m_hasNoAuditLog; + } + void setNoAuditLog(bool b) { + m_hasNoAuditLog = b; + } + + + /* noLog */ + bool hasNoLog() const noexcept { + return m_hasNoLog; + } + void setNoLog(bool b) { + m_hasNoLog = b; + } + + + /* block */ + bool hasBlock() const noexcept { + return m_hasBlock; + } + void setBlock(bool b) { + m_hasBlock = b; + } + + + /* transformations */ + const Transformations &getTransformations() const noexcept { + return m_transformations; + } + void addTransformation(std::shared_ptr t) { + m_transformations.push_back(t); + } + + + /* tags */ + const Tags &getTags() const noexcept { + return m_tags; + } + void setTags(Tags tags) noexcept { + m_tags.insert(m_tags.end(), tags.begin(), tags.end()); + } + void addTag(std::shared_ptr t) { + m_tags.push_back(t); + } + bool hasTags() const noexcept { + return !m_tags.empty(); + } + void clearTags() noexcept { + m_tags.clear(); + } + + + /* vars */ + const SetVars &getSetVars() const noexcept { + return m_setVars; + } + void addSetVar(std::shared_ptr t) { + m_setVars.push_back(t); + } + + + /* other match actions */ + const MatchActions &getGenericMatchActions() const noexcept { + return m_executeIfMatchActions; + } + void addGenericMatchAction(std::shared_ptr a) { + m_executeIfMatchActions.push_back(a); + } + + + /* disruptive action */ + const std::shared_ptr &getDisruptiveAction() const noexcept { + return m_disruptiveAction; + } + inline void setDisruptiveAction(std::shared_ptr d) noexcept { + m_disruptiveAction = d; + } + inline bool hasDisruptiveAction() const noexcept { + return m_disruptiveAction != nullptr; + } + + + private: + void inline copyActionsWithRunTimeStrings(const RuleWithActionsProperties &o); + + /** + * FIXME: log, noLog, AuditLog and noAuditLog are save to compute whenver log + * is necessary or not. This can be pre-computed while the actions are + * encountered amoung the rule action list. + * + */ + bool m_hasAuditLog:1; + bool m_hasBlock:1; + bool m_hasLog:1; + bool m_hasMultiMatch:1; + bool m_hasNoAuditLog:1; + bool m_hasNoLog:1; + + MatchActions m_executeIfMatchActions; + SetVars m_setVars; + std::shared_ptr m_disruptiveAction; + Tags m_tags; + Transformations m_transformations; +}; + +} // namespace modsecurity + + +#endif // SRC_RULE_WITH_ACTIONS_PROPERTIES_H_ \ No newline at end of file diff --git a/src/rule_with_operator.cc b/src/rule_with_operator.cc index a1150e68..9a097779 100644 --- a/src/rule_with_operator.cc +++ b/src/rule_with_operator.cc @@ -56,7 +56,7 @@ using actions::transformations::None; RuleWithOperator::RuleWithOperator(Operator *op, variables::Variables *_variables, - std::vector *actions, + Actions *actions, Transformations *transformations, std::unique_ptr fileName, int lineNumber) @@ -217,7 +217,6 @@ bool RuleWithOperator::evaluate(Transaction *trans) const { bool globalRet = false; variables::Variables *variables = m_variables.get(); bool recursiveGlobalRet; - bool containsBlock = hasBlockAction(); std::string eparam; variables::Variables vars; vars.reserve(4); @@ -303,7 +302,7 @@ bool RuleWithOperator::evaluate(Transaction *trans) const { executeTransformations(trans, value, transformationsResults); auto iter = transformationsResults.begin(); - if (!hasMultimatchAction()) { + if (!processMultiMatch()) { iter = transformationsResults.end(); std::advance(iter, -1); } @@ -381,7 +380,7 @@ end_exec: /* last rule in the chain. */ trans->logMatchLastRuleOnTheChain(this); - if (hasSeverityAction()) { + if (hasSeverity()) { ms_dbg_a(trans, 9, "This rule severity is: " + \ std::to_string(getSeverity()) + " current transaction is: " + \ std::to_string(trans->m_highestSeverityAction)); diff --git a/src/rule_with_operator.h b/src/rule_with_operator.h index 29cfd4ce..02d46549 100644 --- a/src/rule_with_operator.h +++ b/src/rule_with_operator.h @@ -43,7 +43,7 @@ class RuleWithOperator : public RuleWithActions { public: RuleWithOperator(operators::Operator *op, variables::Variables *variables, - std::vector *actions, + Actions *actions, Transformations *transformations, std::unique_ptr fileName, int lineNumber); diff --git a/src/rules_set.cc b/src/rules_set.cc index 8ec964ce..ac976ca3 100644 --- a/src/rules_set.cc +++ b/src/rules_set.cc @@ -62,11 +62,11 @@ namespace modsecurity { RuleWithActions *nr = dynamic_cast(m_rules[i].get()); nr->clearDefaultActions(); - for (auto a : m_defaultActions) { + for (auto &a : m_defaultActions) { nr->addDefaultAction(a); } for (auto a : m_defaultTransformations) { - nr->addDefaultTransformation(a); + nr->addDefaulTransformation(a); } diff --git a/src/run_time_string.h b/src/run_time_string.h index f6426179..551f5980 100644 --- a/src/run_time_string.h +++ b/src/run_time_string.h @@ -75,7 +75,7 @@ class RunTimeString { } - void populate(RuleWithActions *rule) noexcept { + void populate(const RuleWithActions *rule) noexcept { for (auto &a : m_elements) { a->populate(rule); } @@ -108,7 +108,6 @@ class RunTimeString { rv = dynamic_cast(nrv); rv->populate(nullptr); m_variable = std::unique_ptr(nrv); - /* m_variable = nullptr; */ } else { m_variable = other.m_variable; } @@ -119,7 +118,9 @@ class RunTimeString { void appendValueTo(const Transaction *transaction, std::string &v) const noexcept { if (m_variable && transaction) { VariableValues l; + m_variable->evaluate(transaction, &l); + if (!l.empty()) { v.append(l[0]->getValue()); } @@ -130,19 +131,20 @@ class RunTimeString { } - void populate(RuleWithActions *rule) noexcept { + void populate(const RuleWithActions *rule) noexcept { if (!m_variable) { return; } RuleVariable *vrule = dynamic_cast(m_variable.get()); - if (vrule != nullptr) { - vrule->populate(rule); + if (!vrule) { + return; } + vrule->populate(rule); } private: - std::string m_string; + const std::string m_string; /* * * FIXME: In the current state m_variable should be a unique_ptr. There diff --git a/src/transaction.cc b/src/transaction.cc index 91e1c244..d43e26de 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -72,14 +72,11 @@ void TransactionRuleMessageManagement::logMatchLastRuleOnTheChain(const RuleWith rm->setRule(rule); - if (rule->hasDisruptiveAction() && rule->isItToBeLogged() && - (m_transaction->getRuleEngineState() == RulesSet::DetectionOnlyRuleEngine)) { + if (rule->isItToBeLogged() && + (m_transaction->getRuleEngineState() == RulesSet::EnabledRuleEngine)) { /* error */ // The error goes over the disruptive massage. We don't need it here. //m_transaction->serverLog(rm); - } else if (rule->hasBlockAction() && rule->isItToBeLogged()) { - /* Log as warning. */ - m_transaction->serverLog(rm); } else if (rule->isItToBeLogged()) { /* Log as warning. */ m_transaction->serverLog(rm); diff --git a/src/transformation_result.h b/src/transformation_result.h new file mode 100644 index 00000000..a7c2bc01 --- /dev/null +++ b/src/transformation_result.h @@ -0,0 +1,68 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include "modsecurity/modsecurity.h" +#include "modsecurity/rule.h" +#include "modsecurity/rule_message.h" +#include "modsecurity/rules_set.h" + +#ifndef SRC_TRANSFORMATION_RESULT_H_ +#define SRC_TRANSFORMATION_RESULT_H_ + + +namespace modsecurity { + + +class TransformationResult { + public: + explicit TransformationResult( + ModSecString &after, + const std::string *transformation = nullptr) + : m_after(after), + m_transformation(transformation) { }; + + explicit TransformationResult( + ModSecString *after) + : m_after(*after), + m_transformation(nullptr) { }; + + TransformationResult(const TransformationResult &t2) + : m_after(t2.m_after), + m_transformation(t2.m_transformation) { }; + + + ModSecString *getAfter() { + return &m_after; + } + + + const std::string *getTransformationName() const { + return m_transformation; + } + + + private: + ModSecString m_after; + const std::string *m_transformation; +}; + +using TransformationsResults = std::list; + +} // namespace modsecurity + + + +#endif // SRC_TRANSFORMATION_RESULT_H_ + diff --git a/src/variables/rule.h b/src/variables/rule.h index 32acdfaa..3caf737e 100644 --- a/src/variables/rule.h +++ b/src/variables/rule.h @@ -71,7 +71,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement { const RuleWithActions *rule, VariableValues *l) { - if (rule->hasRevisionAction()) { + if (rule->hasRevision()) { auto var = std::make_shared(&m_rule, &m_rule_rev, std::unique_ptr(new std::string(rule->getRevision()))); VariableOrigin origin; origin.m_offset = 0; @@ -87,7 +87,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement { const RuleWithActions *rule, VariableValues *l) { - if (rule->hasSeverityAction()) { + if (rule->hasSeverity()) { auto var = std::make_shared(&m_rule, &m_rule_severity, std::unique_ptr(new std::string(std::to_string(rule->getSeverity())))); VariableOrigin origin; origin.m_offset = 0; diff --git a/src/variables/rule_variable.h b/src/variables/rule_variable.h index 47714f16..b0a9384c 100644 --- a/src/variables/rule_variable.h +++ b/src/variables/rule_variable.h @@ -20,11 +20,11 @@ #ifndef SRC_VARIABLES_RULE_VARIABLE_H_ #define SRC_VARIABLES_RULE_VARIABLE_H_ -#include "src/rule_with_actions.h" namespace modsecurity { +class RuleWithActions; class Transaction; namespace variables { diff --git a/src/variables/variable_with_runtime_string.h b/src/variables/variable_with_runtime_string.h index 0e248cc8..cb4b2634 100644 --- a/src/variables/variable_with_runtime_string.h +++ b/src/variables/variable_with_runtime_string.h @@ -40,7 +40,7 @@ class VariableWithRunTimeString : public Variable { return *this; } - virtual void populate(RuleWithActions *rule) { + virtual void populate(const RuleWithActions *rule) { if (m_string) { m_string->populate(rule); } diff --git a/test/test-cases/regression/config-secdefaultaction.json b/test/test-cases/regression/config-secdefaultaction.json index caa4426f..2bf6bbda 100644 --- a/test/test-cases/regression/config-secdefaultaction.json +++ b/test/test-cases/regression/config-secdefaultaction.json @@ -277,7 +277,13 @@ }, "rules":[ "SecRuleEngine On", - "SecAuditEngine On", + "SecAuditEngine RelevantOnly", + "SecAuditLogParts ABCFHZ", + "SecAuditLog /tmp/test/modsec_audit_auditlog_1.log", + "SecAuditLogDirMode 0766", + "SecAuditLogFileMode 0666", + "SecAuditLogType Serial", + "SecAuditLogRelevantStatus \"^(?:3|4(?!04))\"", "SecDefaultAction \"phase:2,log,auditlog,status:302,redirect:'http://www.google.com'\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"phase:2,id:1,block\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none,block\"" diff --git a/test/test-cases/regression/issue-1528.json b/test/test-cases/regression/issue-1528.json index 74f2c3db..74f578ee 100644 --- a/test/test-cases/regression/issue-1528.json +++ b/test/test-cases/regression/issue-1528.json @@ -27,12 +27,13 @@ }, "expected": { "debug_log": "Rule returned 1", - "error_log": "Matched \"Operator `Rx' with parameter `\\^attack\\$'" + "error_log": "Matched \"Operator `Rx' with parameter `\\^attack\\$'", + "http_code": 403 }, "rules": [ "SecRuleEngine On", "SecAction \"id:1, setvar:tx.bad_value=attack\"", - "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,log\"" + "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,log,deny\"" ] } ] diff --git a/test/test-cases/regression/issue-1844.json b/test/test-cases/regression/issue-1844.json index df1a4ec6..1d394218 100644 --- a/test/test-cases/regression/issue-1844.json +++ b/test/test-cases/regression/issue-1844.json @@ -85,10 +85,12 @@ ] }, "expected":{ - "error_log":"line \"55\"" + "error_log":"line \"55\"", + "http_code": 403 }, "rules":[ "SecRuleEngine On", + "SecDefaultAction \"phase:2,deny\"", "SecRule WEBAPPID \"@contains test2\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ]