mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
refactoring: Moves Phases enum to outside ModSecurity class
This commit is contained in:
Felipe Zimmerle
@@ -33,33 +33,33 @@ bool Phase::init(std::string *error) {
|
||||
try {
|
||||
m_phase = std::stoi(m_parser_payload);
|
||||
if (m_phase == 0) {
|
||||
m_phase = ModSecurity::Phases::ConnectionPhase;
|
||||
m_phase = modsecurity::Phases::ConnectionPhase;
|
||||
m_secRulesPhase = 0;
|
||||
} else if (m_phase == 1) {
|
||||
m_phase = ModSecurity::Phases::RequestHeadersPhase;
|
||||
m_phase = modsecurity::Phases::RequestHeadersPhase;
|
||||
m_secRulesPhase = 1;
|
||||
} else if (m_phase == 2) {
|
||||
m_phase = ModSecurity::Phases::RequestBodyPhase;
|
||||
m_phase = modsecurity::Phases::RequestBodyPhase;
|
||||
m_secRulesPhase = 2;
|
||||
} else if (m_phase == 3) {
|
||||
m_phase = ModSecurity::Phases::ResponseHeadersPhase;
|
||||
m_phase = modsecurity::Phases::ResponseHeadersPhase;
|
||||
m_secRulesPhase = 3;
|
||||
} else if (m_phase == 4) {
|
||||
m_phase = ModSecurity::Phases::ResponseBodyPhase;
|
||||
m_phase = modsecurity::Phases::ResponseBodyPhase;
|
||||
m_secRulesPhase = 4;
|
||||
} else if (m_phase == 5) {
|
||||
m_phase = ModSecurity::Phases::LoggingPhase;
|
||||
m_phase = modsecurity::Phases::LoggingPhase;
|
||||
m_secRulesPhase = 5;
|
||||
}
|
||||
} catch (...) {
|
||||
if (a == "request") {
|
||||
m_phase = ModSecurity::Phases::RequestBodyPhase;
|
||||
m_phase = modsecurity::Phases::RequestBodyPhase;
|
||||
m_secRulesPhase = 2;
|
||||
} else if (a == "response") {
|
||||
m_phase = ModSecurity::Phases::ResponseBodyPhase;
|
||||
m_phase = modsecurity::Phases::ResponseBodyPhase;
|
||||
m_secRulesPhase = 4;
|
||||
} else if (a == "logging") {
|
||||
m_phase = ModSecurity::Phases::LoggingPhase;
|
||||
m_phase = modsecurity::Phases::LoggingPhase;
|
||||
m_secRulesPhase = 5;
|
||||
}
|
||||
}
|
||||
@@ -69,7 +69,7 @@ bool Phase::init(std::string *error) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (m_phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
|
||||
if (m_phase > modsecurity::Phases::NUMBER_OF_PHASES) {
|
||||
error->assign("Unknown phase: " + std::to_string(m_phase));
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -33,7 +33,7 @@ namespace operators {
|
||||
std::string Rbl::mapIpToAddress(std::string ipStr, Transaction *trans) {
|
||||
std::string addr;
|
||||
int h0, h1, h2, h3;
|
||||
std::string key = trans->m_rules->m_httpblKey;
|
||||
std::string key = trans->m_rules->m_httpblKey.m_value;
|
||||
|
||||
if (sscanf(ipStr.c_str(), "%d.%d.%d.%d", &h0, &h1, &h2, &h3) != 4) {
|
||||
debug(trans, 0, std::string("Failed to understand `" + ipStr +
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
|
||||
#include "parser/seclang-parser.hh"
|
||||
#include "audit_log/audit_log.h"
|
||||
#include "modsecurity/rules_properties.h"
|
||||
|
||||
using modsecurity::audit_log::AuditLog;
|
||||
using modsecurity::Rule;
|
||||
@@ -25,7 +26,8 @@ namespace modsecurity {
|
||||
namespace Parser {
|
||||
|
||||
Driver::Driver()
|
||||
: trace_scanning(false),
|
||||
: RulesProperties(),
|
||||
trace_scanning(false),
|
||||
trace_parsing(false) {
|
||||
m_auditLog = new audit_log::AuditLog();
|
||||
m_auditLog->refCountIncrease();
|
||||
@@ -41,7 +43,7 @@ Driver::~Driver() {
|
||||
|
||||
|
||||
int Driver::addSecMarker(std::string marker) {
|
||||
for (int i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
Rule *rule = new Rule(marker);
|
||||
rule->phase = i;
|
||||
rules[i].push_back(rule);
|
||||
@@ -51,7 +53,7 @@ int Driver::addSecMarker(std::string marker) {
|
||||
|
||||
|
||||
int Driver::addSecAction(Rule *rule) {
|
||||
if (rule->phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
|
||||
if (rule->phase > modsecurity::Phases::NUMBER_OF_PHASES) {
|
||||
m_parserError << "Unknown phase: " << std::to_string(rule->phase);
|
||||
m_parserError << std::endl;
|
||||
return false;
|
||||
@@ -63,7 +65,7 @@ int Driver::addSecAction(Rule *rule) {
|
||||
}
|
||||
|
||||
int Driver::addSecRule(Rule *rule) {
|
||||
if (rule->phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
|
||||
if (rule->phase > modsecurity::Phases::NUMBER_OF_PHASES) {
|
||||
m_parserError << "Unknown phase: " << std::to_string(rule->phase);
|
||||
m_parserError << std::endl;
|
||||
return false;
|
||||
@@ -96,7 +98,7 @@ int Driver::addSecRule(Rule *rule) {
|
||||
m_parserError << std::to_string(rule->m_lineNumber) << std::endl;
|
||||
return false;
|
||||
}
|
||||
for (int i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
std::vector<Rule *> rules = this->rules[i];
|
||||
for (int j = 0; j < rules.size(); j++) {
|
||||
if (rules[j]->rule_id == rule->rule_id) {
|
||||
|
||||
@@ -420,7 +420,8 @@ audit_log:
|
||||
}
|
||||
| CONFIG_UPLOAD_DIR
|
||||
{
|
||||
driver.m_uploadDirectory = $1;
|
||||
driver.m_uploadDirectory.m_set = true;
|
||||
driver.m_uploadDirectory.m_value = $1;
|
||||
}
|
||||
| CONFIG_UPDLOAD_SAVE_TMP_FILES CONFIG_VALUE_ON
|
||||
{
|
||||
@@ -560,7 +561,7 @@ expression:
|
||||
}
|
||||
}
|
||||
if (definedPhase == -1) {
|
||||
definedPhase = modsecurity::ModSecurity::Phases::RequestHeadersPhase;
|
||||
definedPhase = modsecurity::Phases::RequestHeadersPhase;
|
||||
}
|
||||
|
||||
if (!driver.defaultActions[definedPhase].empty()) {
|
||||
|
||||
@@ -408,7 +408,7 @@ int Multipart::tmp_file_name(std::string *filename) {
|
||||
|
||||
localtime_r(&tt, &timeinfo);
|
||||
|
||||
path = m_transaction->m_rules->m_uploadDirectory;
|
||||
path = m_transaction->m_rules->m_uploadDirectory.m_value;
|
||||
mode = m_transaction->m_rules->m_uploadFileMode.m_value;
|
||||
|
||||
memset(tstr, '\0', 300);
|
||||
|
||||
@@ -128,7 +128,7 @@ Rule::Rule(Operator *_op,
|
||||
*
|
||||
*/
|
||||
if (phase == -1) {
|
||||
phase = ModSecurity::Phases::RequestHeadersPhase;
|
||||
phase = modsecurity::Phases::RequestHeadersPhase;
|
||||
}
|
||||
|
||||
if (op == NULL) {
|
||||
|
||||
20
src/rules.cc
20
src/rules.cc
@@ -82,7 +82,7 @@ Rules::~Rules() {
|
||||
int i = 0;
|
||||
|
||||
/** Cleanup the rules */
|
||||
for (int i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
std::vector<Rule *> rules = this->rules[i];
|
||||
while (rules.empty() == false) {
|
||||
Rule *rule = rules.back();
|
||||
@@ -90,7 +90,7 @@ Rules::~Rules() {
|
||||
rules.pop_back();
|
||||
}
|
||||
}
|
||||
for (i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
for (i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
std::vector<actions::Action *> *tmp = &defaultActions[i];
|
||||
while (tmp->empty() == false) {
|
||||
actions::Action *a = tmp->back();
|
||||
@@ -181,7 +181,7 @@ std::string Rules::getParserError() {
|
||||
|
||||
|
||||
int Rules::evaluate(int phase, Transaction *transaction) {
|
||||
if (phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
|
||||
if (phase > modsecurity::Phases::NUMBER_OF_PHASES) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -191,13 +191,13 @@ int Rules::evaluate(int phase, Transaction *transaction) {
|
||||
" rule(s).");
|
||||
|
||||
if (transaction->m_allowType == actions::FromNowOneAllowType
|
||||
&& phase != ModSecurity::Phases::LoggingPhase) {
|
||||
&& phase != modsecurity::Phases::LoggingPhase) {
|
||||
debug(9, "Skipping all rules evaluation on this phase as request " \
|
||||
"through the utilization of an `allow' action.");
|
||||
return true;
|
||||
}
|
||||
if (transaction->m_allowType == actions::RequestAllowType
|
||||
&& phase <= ModSecurity::Phases::RequestBodyPhase) {
|
||||
&& phase <= modsecurity::Phases::RequestBodyPhase) {
|
||||
debug(9, "Skipping all rules evaluation on this phase as request " \
|
||||
"through the utilization of an `allow' action.");
|
||||
return true;
|
||||
@@ -241,8 +241,8 @@ int Rules::evaluate(int phase, Transaction *transaction) {
|
||||
int Rules::merge(Driver *from) {
|
||||
int amount_of_rules = 0;
|
||||
amount_of_rules = mergeProperties(
|
||||
reinterpret_cast<RulesProperties *>(from),
|
||||
reinterpret_cast<RulesProperties *>(this),
|
||||
dynamic_cast<RulesProperties *>(from),
|
||||
dynamic_cast<RulesProperties *>(this),
|
||||
&m_parserError);
|
||||
|
||||
if (from->m_auditLog != NULL && this->m_auditLog != NULL) {
|
||||
@@ -263,8 +263,8 @@ int Rules::merge(Driver *from) {
|
||||
int Rules::merge(Rules *from) {
|
||||
int amount_of_rules = 0;
|
||||
amount_of_rules = mergeProperties(
|
||||
reinterpret_cast<RulesProperties *>(from),
|
||||
reinterpret_cast<RulesProperties *>(this),
|
||||
dynamic_cast<RulesProperties *>(from),
|
||||
dynamic_cast<RulesProperties *>(this),
|
||||
&m_parserError);
|
||||
|
||||
if (from->m_auditLog != NULL && this->m_auditLog != NULL) {
|
||||
@@ -291,7 +291,7 @@ void Rules::debug(int level, std::string message) {
|
||||
|
||||
void Rules::dump() {
|
||||
std::cout << "Rules: " << std::endl;
|
||||
for (int i = 0; i <= ModSecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
for (int i = 0; i <= modsecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
std::vector<Rule *> rules = this->rules[i];
|
||||
std::cout << "Phase: " << std::to_string(i);
|
||||
std::cout << " (" << std::to_string(rules.size());
|
||||
|
||||
@@ -95,5 +95,23 @@ bool RulesExceptions::contains(int a) {
|
||||
}
|
||||
|
||||
|
||||
bool RulesExceptions::merge(const RulesExceptions& from) {
|
||||
for (int a : from.m_numbers) {
|
||||
bool ret = addNumber(a);
|
||||
if (ret == false) {
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
for (auto b : from.m_ranges) {
|
||||
bool ret = addRange(b.first, b.second);
|
||||
if (ret == false) {
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
} // namespace modsecurity
|
||||
|
||||
|
||||
@@ -234,7 +234,7 @@ int Transaction::processConnection(const char *client, int cPort,
|
||||
std::to_string(this->m_serverPort));
|
||||
this->m_collections.store("REMOTE_PORT",
|
||||
std::to_string(this->m_clientPort));
|
||||
this->m_rules->evaluate(ModSecurity::ConnectionPhase, this);
|
||||
this->m_rules->evaluate(modsecurity::ConnectionPhase, this);
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -460,7 +460,7 @@ int Transaction::processRequestHeaders() {
|
||||
return true;
|
||||
}
|
||||
|
||||
this->m_rules->evaluate(ModSecurity::RequestHeadersPhase, this);
|
||||
this->m_rules->evaluate(modsecurity::RequestHeadersPhase, this);
|
||||
|
||||
return true;
|
||||
}
|
||||
@@ -749,7 +749,7 @@ int Transaction::processRequestBody() {
|
||||
std::to_string(m_requestBody.str().size()));
|
||||
}
|
||||
|
||||
this->m_rules->evaluate(ModSecurity::RequestBodyPhase, this);
|
||||
this->m_rules->evaluate(modsecurity::RequestBodyPhase, this);
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -886,7 +886,7 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) {
|
||||
return true;
|
||||
}
|
||||
|
||||
this->m_rules->evaluate(ModSecurity::ResponseHeadersPhase, this);
|
||||
this->m_rules->evaluate(modsecurity::ResponseHeadersPhase, this);
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -1030,7 +1030,7 @@ int Transaction::processResponseBody() {
|
||||
m_collections.store("RESPONSE_CONTENT_LENGTH",
|
||||
std::to_string(m_responseBody.str().size()));
|
||||
|
||||
this->m_rules->evaluate(ModSecurity::ResponseBodyPhase, this);
|
||||
this->m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -1182,7 +1182,7 @@ int Transaction::processLogging() {
|
||||
return true;
|
||||
}
|
||||
|
||||
this->m_rules->evaluate(ModSecurity::LoggingPhase, this);
|
||||
this->m_rules->evaluate(modsecurity::LoggingPhase, this);
|
||||
|
||||
/* If relevant, save this transaction information at the audit_logs */
|
||||
if (m_rules != NULL && m_rules->m_auditLog != NULL) {
|
||||
|
||||
14
src/utils.cc
14
src/utils.cc
@@ -47,25 +47,25 @@ namespace modsecurity {
|
||||
|
||||
std::string phase_name(int x) {
|
||||
switch (x) {
|
||||
case ModSecurity::Phases::ConnectionPhase:
|
||||
case modsecurity::Phases::ConnectionPhase:
|
||||
return "Connection Phase";
|
||||
break;
|
||||
case ModSecurity::Phases::UriPhase:
|
||||
case modsecurity::Phases::UriPhase:
|
||||
return "URI Phase";
|
||||
break;
|
||||
case ModSecurity::Phases::RequestHeadersPhase:
|
||||
case modsecurity::Phases::RequestHeadersPhase:
|
||||
return "Request Headers";
|
||||
break;
|
||||
case ModSecurity::Phases::RequestBodyPhase:
|
||||
case modsecurity::Phases::RequestBodyPhase:
|
||||
return "Request Headers";
|
||||
break;
|
||||
case ModSecurity::Phases::ResponseHeadersPhase:
|
||||
case modsecurity::Phases::ResponseHeadersPhase:
|
||||
return "Response Headers";
|
||||
break;
|
||||
case ModSecurity::Phases::ResponseBodyPhase:
|
||||
case modsecurity::Phases::ResponseBodyPhase:
|
||||
return "Reponse Body";
|
||||
break;
|
||||
case ModSecurity::Phases::LoggingPhase:
|
||||
case modsecurity::Phases::LoggingPhase:
|
||||
return "Logging";
|
||||
break;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user