github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

refactoring: Moves Phases enum to outside ModSecurity class

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-10-07 19:05:50 -03:00
parent c680ddf2cd
commit b48e4b3a37
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
14 changed files with 198 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
headers/modsecurity/modsecurity.h
View File

@ -86,62 +86,8 @@
#ifndef __cplusplus #ifndef __cplusplus
typedef struct ModSecurity_t modsecurity; typedef struct ModSecurity_t modsecurity;
#endif #else
#include "modsecurity/intervention.h"
#include "modsecurity/transaction.h"
#include "modsecurity/debug_log.h"
/**
* TAG_NUM:
*
* Alpha - 001
* Beta - 002
* Dev - 010
* Rc1 - 051
* Rc2 - 052
* ... - ...
* Release- 100
*
*/
#define MODSECURITY_MAJOR "3"
#define MODSECURITY_MINOR "0"
#define MODSECURITY_PATCHLEVEL "0"
#define MODSECURITY_TAG "-alpha"
#define MODSECURITY_TAG_NUM "001"
#define MODSECURITY_VERSION MODSECURITY_MAJOR "." \
MODSECURITY_MINOR "." MODSECURITY_PATCHLEVEL \
MODSECURITY_TAG
#define MODSECURITY_VERSION_NUM MODSECURITY_MAJOR \
MODSECURITY_MINOR MODSECURITY_PATCHLEVEL MODSECURITY_TAG_NUM
typedef void (*LogCb) (void *, const char *);
#ifdef __cplusplus
namespace modsecurity { namespace modsecurity {
/* few forwarded declarations */
namespace actions {
class Action;
}
class Rule;
/** @ingroup ModSecurity_CPP_API */
class ModSecurity {
public:
ModSecurity();
~ModSecurity();
static const std::string whoAmI();
void setConnectorInformation(std::string connector);
void setServerLogCb(LogCb cb);
void serverLog(void *data, const std::string& msg);
const std::string& getConnectorInformation();
/** /**
* *
* The Phases enumerator consists in mapping the different stages of a * The Phases enumerator consists in mapping the different stages of a
@ -217,6 +163,63 @@ class ModSecurity {
*/ */
NUMBER_OF_PHASES, NUMBER_OF_PHASES,
}; };
} // namespace modsecurity
#endif
#include "modsecurity/intervention.h"
#include "modsecurity/transaction.h"
#include "modsecurity/debug_log.h"
/**
* TAG_NUM:
*
* Alpha - 001
* Beta - 002
* Dev - 010
* Rc1 - 051
* Rc2 - 052
* ... - ...
* Release- 100
*
*/
#define MODSECURITY_MAJOR "3"
#define MODSECURITY_MINOR "0"
#define MODSECURITY_PATCHLEVEL "0"
#define MODSECURITY_TAG "-alpha"
#define MODSECURITY_TAG_NUM "001"
#define MODSECURITY_VERSION MODSECURITY_MAJOR "." \
MODSECURITY_MINOR "." MODSECURITY_PATCHLEVEL \
MODSECURITY_TAG
#define MODSECURITY_VERSION_NUM MODSECURITY_MAJOR \
MODSECURITY_MINOR MODSECURITY_PATCHLEVEL MODSECURITY_TAG_NUM
typedef void (*LogCb) (void *, const char *);
#ifdef __cplusplus
namespace modsecurity {
/* few forwarded declarations */
namespace actions {
class Action;
}
class Rule;
/** @ingroup ModSecurity_CPP_API */
class ModSecurity {
public:
ModSecurity();
~ModSecurity();
static const std::string whoAmI();
void setConnectorInformation(std::string connector);
void setServerLogCb(LogCb cb);
void serverLog(void *data, const std::string& msg);
const std::string& getConnectorInformation();
collection::Collection *m_global_collection; collection::Collection *m_global_collection;
collection::Collection *m_resource_collection; collection::Collection *m_resource_collection;

1
headers/modsecurity/rules_exceptions.h
View File

@ -42,6 +42,7 @@ class RulesExceptions {
bool addRange(int a, int b); bool addRange(int a, int b);
bool addNumber(int a); bool addNumber(int a);
bool contains(int a); bool contains(int a);
bool merge(const RulesExceptions& from);
private: private:
std::list<std::pair<int, int> > m_ranges; std::list<std::pair<int, int> > m_ranges;

140
headers/modsecurity/rules_properties.h
View File

@ -77,7 +77,6 @@ class RulesProperties {
public: public:
RulesProperties() : m_auditLog(NULL), RulesProperties() : m_auditLog(NULL),
m_debugLog(new DebugLog()), m_debugLog(new DebugLog()),
m_httpblKey(""),
m_remoteRulesActionOnFailed(PropertyNotSetRemoteRulesAction), m_remoteRulesActionOnFailed(PropertyNotSetRemoteRulesAction),
m_secRequestBodyAccess(PropertyNotSetConfigBoolean), m_secRequestBodyAccess(PropertyNotSetConfigBoolean),
m_secResponseBodyAccess(PropertyNotSetConfigBoolean), m_secResponseBodyAccess(PropertyNotSetConfigBoolean),
@ -91,7 +90,6 @@ class RulesProperties {
explicit RulesProperties(DebugLog *debugLog) : m_auditLog(NULL), explicit RulesProperties(DebugLog *debugLog) : m_auditLog(NULL),
m_debugLog(debugLog), m_debugLog(debugLog),
m_httpblKey(""),
m_remoteRulesActionOnFailed(PropertyNotSetRemoteRulesAction), m_remoteRulesActionOnFailed(PropertyNotSetRemoteRulesAction),
m_secRequestBodyAccess(PropertyNotSetConfigBoolean), m_secRequestBodyAccess(PropertyNotSetConfigBoolean),
m_secResponseBodyAccess(PropertyNotSetConfigBoolean), m_secResponseBodyAccess(PropertyNotSetConfigBoolean),
@ -126,27 +124,27 @@ class RulesProperties {
* *
*/ */
enum RuleEngine { enum RuleEngine {
/** /**
* *
* Rules won't be evaluated if Rule Engine is set to DisabledRuleEngine * Rules won't be evaluated if Rule Engine is set to DisabledRuleEngine
* *
*/ */
DisabledRuleEngine, DisabledRuleEngine,
/** /**
* *
* Rules will be evaluated and disturb actions will take place if needed. * Rules will be evaluated and disturb actions will take place if needed.
* *
*/ */
EnabledRuleEngine, EnabledRuleEngine,
/** /**
* Rules will be evaluated but it won't generate any disruptive action. * Rules will be evaluated but it won't generate any disruptive action.
* *
*/ */
DetectionOnlyRuleEngine, DetectionOnlyRuleEngine,
/** /**
* *
*/ */
PropertyNotSetRuleEngine PropertyNotSetRuleEngine
}; };
@ -232,7 +230,7 @@ class RulesProperties {
static int mergeProperties(RulesProperties *from, RulesProperties *to, static int mergeProperties(RulesProperties *from, RulesProperties *to,
std::ostringstream *err) { std::ostringstream *err) {
int amount_of_rules = 0; int amount_of_rules = 0;
amount_of_rules = appendRules(from->rules, to->rules, err); amount_of_rules = appendRules(from->rules, to->rules, err);
@ -264,8 +262,6 @@ class RulesProperties {
to->m_tmpSaveUploadedFiles = from->m_tmpSaveUploadedFiles; to->m_tmpSaveUploadedFiles = from->m_tmpSaveUploadedFiles;
} }
to->m_components = from->m_components;
if (from->m_requestBodyLimit.m_set == true) { if (from->m_requestBodyLimit.m_set == true) {
to->m_requestBodyLimit.m_value = from->m_requestBodyLimit.m_value; to->m_requestBodyLimit.m_value = from->m_requestBodyLimit.m_value;
} }
@ -282,7 +278,6 @@ class RulesProperties {
to->m_responseBodyLimitAction = from->m_responseBodyLimitAction; to->m_responseBodyLimitAction = from->m_responseBodyLimitAction;
} }
if (from->m_uploadFileLimit.m_set == true) { if (from->m_uploadFileLimit.m_set == true) {
to->m_uploadFileLimit.m_value = from->m_uploadFileLimit.m_value; to->m_uploadFileLimit.m_value = from->m_uploadFileLimit.m_value;
} }
@ -291,9 +286,31 @@ class RulesProperties {
to->m_uploadFileMode.m_value = from->m_uploadFileMode.m_value; to->m_uploadFileMode.m_value = from->m_uploadFileMode.m_value;
} }
to->m_uploadDirectory = from->m_uploadDirectory; if (from->m_uploadDirectory.m_set == true) {
to->m_uploadDirectory.m_value = from->m_uploadDirectory.m_value;
}
to->m_exceptions = from->m_exceptions; if (from->m_uploadTmpDirectory.m_set == true) {
to->m_uploadTmpDirectory.m_value = \
from->m_uploadTmpDirectory.m_value;
}
if (from->m_httpblKey.m_set == true) {
to->m_httpblKey.m_value = from->m_httpblKey.m_value;
}
if (from->m_auditLogPath.m_set == true) {
to->m_auditLogPath.m_value = from->m_auditLogPath.m_value;
}
if (from->m_auditLogParts.m_set == true) {
to->m_auditLogParts.m_value = from->m_auditLogParts.m_value;
}
to->m_exceptions.merge(from->m_exceptions);
to->m_components.insert(to->m_components.end(),
from->m_components.begin(), from->m_components.end());
for (std::set<std::string>::iterator for (std::set<std::string>::iterator
it = from->m_responseBodyTypeToBeInspected.begin(); it = from->m_responseBodyTypeToBeInspected.begin();
@ -301,50 +318,41 @@ class RulesProperties {
to->m_responseBodyTypeToBeInspected.insert(*it); to->m_responseBodyTypeToBeInspected.insert(*it);
} }
/* for (int i = 0; i <= modsecurity::Phases::NUMBER_OF_PHASES; i++) {
* std::vector<actions::Action *> *actions_from = \
* default Actions is something per configuration context, there is from->defaultActions+i;
* need to merge anything. std::vector<actions::Action *> *actions_to = to->defaultActions+i;
* for (int j = 0; j < actions_from->size(); j++) {
*/ actions::Action *action = actions_from->at(j);
for (int i = 0; i <= 8; i++) { actions_to->push_back(action);
std::vector<actions::Action *> actions = from->defaultActions[i];
to->defaultActions[i].clear();
for (int j = 0; j < actions.size(); j++) {
actions::Action *action = actions[j];
to->defaultActions[i].push_back(action);
} }
} }
if (from->m_debugLog && to->m_debugLog && if (from->m_debugLog && to->m_debugLog &&
from->m_debugLog->isLogFileSet()) { from->m_debugLog->isLogFileSet()) {
to->m_debugLog->setDebugLogFile( to->m_debugLog->setDebugLogFile(
from->m_debugLog->getDebugLogFile()); from->m_debugLog->getDebugLogFile());
} }
if (from->m_debugLog && to->m_debugLog &&
from->m_debugLog->isLogLevelSet()) {
to->m_debugLog->setDebugLogLevel(
from->m_debugLog->getDebugLogLevel());
}
return amount_of_rules; return amount_of_rules;
} }
static int appendRules(std::vector<modsecurity::Rule *> from[8], static int appendRules(
std::vector<modsecurity::Rule *> to[8], std::vector<modsecurity::Rule *> *from,
std::vector<modsecurity::Rule *> *to,
std::ostringstream *err) { std::ostringstream *err) {
int amount_of_rules = 0; int amount_of_rules = 0;
for (int i = 0; i <= 8; i++) { for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<modsecurity::Rule *> rules_to = to[i]; std::vector<modsecurity::Rule *> *rules_to = to+i;
std::vector<modsecurity::Rule *> rules_from = from[i]; std::vector<modsecurity::Rule *> *rules_from = from+i;
for (int j = 0; j < rules_from->size(); j++) {
for (int j = 0; j < rules_from.size(); j++) { Rule *rule = rules_from->at(j);
Rule *rule = rules_from[j]; for (int z = 0; z < rules_to->size(); z++) {
for (int z = 0; z < rules_to.size(); z++) { Rule *rule_ckc = rules_to->at(z);
Rule *rule_ckc = rules_to[z]; if (rule_ckc->rule_id == rule->rule_id &&
if (rule_ckc->rule_id == rule->rule_id) { rule_ckc->m_secmarker == false &&
rule->m_secmarker == false) {
if (err != NULL) { if (err != NULL) {
*err << "Rule id: " \ *err << "Rule id: " \
<< std::to_string(rule->rule_id) \ << std::to_string(rule->rule_id) \
@ -354,7 +362,7 @@ class RulesProperties {
} }
} }
amount_of_rules++; amount_of_rules++;
rules_to.push_back(rule); rules_to->push_back(rule);
rule->refCountIncrease(); rule->refCountIncrease();
} }
} }
@ -363,7 +371,7 @@ class RulesProperties {
std::vector<modsecurity::Rule *> *getRulesForPhase(int phase) { std::vector<modsecurity::Rule *> *getRulesForPhase(int phase) {
if (phase > 7) { if (phase >= modsecurity::Phases::NUMBER_OF_PHASES) {
return NULL; return NULL;
} }
return &rules[phase]; return &rules[phase];
@ -391,11 +399,11 @@ class RulesProperties {
std::list<std::string> m_components; std::list<std::string> m_components;
std::ostringstream m_parserError; std::ostringstream m_parserError;
std::set<std::string> m_responseBodyTypeToBeInspected; std::set<std::string> m_responseBodyTypeToBeInspected;
std::string m_auditLogParts; ConfigString m_auditLogParts;
std::string m_auditLogPath; ConfigString m_auditLogPath;
std::string m_httpblKey; ConfigString m_httpblKey;
std::string m_uploadDirectory; ConfigString m_uploadDirectory;
std::string m_uploadTmpDirectory; ConfigString m_uploadTmpDirectory;
std::vector<actions::Action *> defaultActions[8]; std::vector<actions::Action *> defaultActions[8];
std::vector<modsecurity::Rule *> rules[8]; std::vector<modsecurity::Rule *> rules[8];
}; };

20
src/actions/phase.cc
View File

@ -33,33 +33,33 @@ bool Phase::init(std::string *error) {
try { try {
m_phase = std::stoi(m_parser_payload); m_phase = std::stoi(m_parser_payload);
if (m_phase == 0) { if (m_phase == 0) {
m_phase = ModSecurity::Phases::ConnectionPhase; m_phase = modsecurity::Phases::ConnectionPhase;
m_secRulesPhase = 0; m_secRulesPhase = 0;
} else if (m_phase == 1) { } else if (m_phase == 1) {
m_phase = ModSecurity::Phases::RequestHeadersPhase; m_phase = modsecurity::Phases::RequestHeadersPhase;
m_secRulesPhase = 1; m_secRulesPhase = 1;
} else if (m_phase == 2) { } else if (m_phase == 2) {
m_phase = ModSecurity::Phases::RequestBodyPhase; m_phase = modsecurity::Phases::RequestBodyPhase;
m_secRulesPhase = 2; m_secRulesPhase = 2;
} else if (m_phase == 3) { } else if (m_phase == 3) {
m_phase = ModSecurity::Phases::ResponseHeadersPhase; m_phase = modsecurity::Phases::ResponseHeadersPhase;
m_secRulesPhase = 3; m_secRulesPhase = 3;
} else if (m_phase == 4) { } else if (m_phase == 4) {
m_phase = ModSecurity::Phases::ResponseBodyPhase; m_phase = modsecurity::Phases::ResponseBodyPhase;
m_secRulesPhase = 4; m_secRulesPhase = 4;
} else if (m_phase == 5) { } else if (m_phase == 5) {
m_phase = ModSecurity::Phases::LoggingPhase; m_phase = modsecurity::Phases::LoggingPhase;
m_secRulesPhase = 5; m_secRulesPhase = 5;
} }
} catch (...) { } catch (...) {
if (a == "request") { if (a == "request") {
m_phase = ModSecurity::Phases::RequestBodyPhase; m_phase = modsecurity::Phases::RequestBodyPhase;
m_secRulesPhase = 2; m_secRulesPhase = 2;
} else if (a == "response") { } else if (a == "response") {
m_phase = ModSecurity::Phases::ResponseBodyPhase; m_phase = modsecurity::Phases::ResponseBodyPhase;
m_secRulesPhase = 4; m_secRulesPhase = 4;
} else if (a == "logging") { } else if (a == "logging") {
m_phase = ModSecurity::Phases::LoggingPhase; m_phase = modsecurity::Phases::LoggingPhase;
m_secRulesPhase = 5; m_secRulesPhase = 5;
} }
} }
@ -69,7 +69,7 @@ bool Phase::init(std::string *error) {
return false; return false;
} }
if (m_phase > ModSecurity::Phases::NUMBER_OF_PHASES) { if (m_phase > modsecurity::Phases::NUMBER_OF_PHASES) {
error->assign("Unknown phase: " + std::to_string(m_phase)); error->assign("Unknown phase: " + std::to_string(m_phase));
return false; return false;
} }

2
src/operators/rbl.cc
View File

@ -33,7 +33,7 @@ namespace operators {
std::string Rbl::mapIpToAddress(std::string ipStr, Transaction *trans) { std::string Rbl::mapIpToAddress(std::string ipStr, Transaction *trans) {
std::string addr; std::string addr;
int h0, h1, h2, h3; int h0, h1, h2, h3;
std::string key = trans->m_rules->m_httpblKey; std::string key = trans->m_rules->m_httpblKey.m_value;
if (sscanf(ipStr.c_str(), "%d.%d.%d.%d", &h0, &h1, &h2, &h3) != 4) { if (sscanf(ipStr.c_str(), "%d.%d.%d.%d", &h0, &h1, &h2, &h3) != 4) {
debug(trans, 0, std::string("Failed to understand `" + ipStr + debug(trans, 0, std::string("Failed to understand `" + ipStr +

12
src/parser/driver.cc
View File

@ -17,6 +17,7 @@
#include "parser/seclang-parser.hh" #include "parser/seclang-parser.hh"
#include "audit_log/audit_log.h" #include "audit_log/audit_log.h"
#include "modsecurity/rules_properties.h"
using modsecurity::audit_log::AuditLog; using modsecurity::audit_log::AuditLog;
using modsecurity::Rule; using modsecurity::Rule;
@ -25,7 +26,8 @@ namespace modsecurity {
namespace Parser { namespace Parser {
Driver::Driver() Driver::Driver()
: trace_scanning(false), : RulesProperties(),
trace_scanning(false),
trace_parsing(false) { trace_parsing(false) {
m_auditLog = new audit_log::AuditLog(); m_auditLog = new audit_log::AuditLog();
m_auditLog->refCountIncrease(); m_auditLog->refCountIncrease();
@ -41,7 +43,7 @@ Driver::~Driver() {
int Driver::addSecMarker(std::string marker) { int Driver::addSecMarker(std::string marker) {
for (int i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) { for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
Rule *rule = new Rule(marker); Rule *rule = new Rule(marker);
rule->phase = i; rule->phase = i;
rules[i].push_back(rule); rules[i].push_back(rule);
@ -51,7 +53,7 @@ int Driver::addSecMarker(std::string marker) {
int Driver::addSecAction(Rule *rule) { int Driver::addSecAction(Rule *rule) {
if (rule->phase > ModSecurity::Phases::NUMBER_OF_PHASES) { if (rule->phase > modsecurity::Phases::NUMBER_OF_PHASES) {
m_parserError << "Unknown phase: " << std::to_string(rule->phase); m_parserError << "Unknown phase: " << std::to_string(rule->phase);
m_parserError << std::endl; m_parserError << std::endl;
return false; return false;
@ -63,7 +65,7 @@ int Driver::addSecAction(Rule *rule) {
} }
int Driver::addSecRule(Rule *rule) { int Driver::addSecRule(Rule *rule) {
if (rule->phase > ModSecurity::Phases::NUMBER_OF_PHASES) { if (rule->phase > modsecurity::Phases::NUMBER_OF_PHASES) {
m_parserError << "Unknown phase: " << std::to_string(rule->phase); m_parserError << "Unknown phase: " << std::to_string(rule->phase);
m_parserError << std::endl; m_parserError << std::endl;
return false; return false;
@ -96,7 +98,7 @@ int Driver::addSecRule(Rule *rule) {
m_parserError << std::to_string(rule->m_lineNumber) << std::endl; m_parserError << std::to_string(rule->m_lineNumber) << std::endl;
return false; return false;
} }
for (int i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) { for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<Rule *> rules = this->rules[i]; std::vector<Rule *> rules = this->rules[i];
for (int j = 0; j < rules.size(); j++) { for (int j = 0; j < rules.size(); j++) {
if (rules[j]->rule_id == rule->rule_id) { if (rules[j]->rule_id == rule->rule_id) {

5
src/parser/seclang-parser.yy
View File

@ -420,7 +420,8 @@ audit_log:
} }
| CONFIG_UPLOAD_DIR | CONFIG_UPLOAD_DIR
{ {
driver.m_uploadDirectory = $1; driver.m_uploadDirectory.m_set = true;
driver.m_uploadDirectory.m_value = $1;
} }
| CONFIG_UPDLOAD_SAVE_TMP_FILES CONFIG_VALUE_ON | CONFIG_UPDLOAD_SAVE_TMP_FILES CONFIG_VALUE_ON
{ {
@ -560,7 +561,7 @@ expression:
} }
} }
if (definedPhase == -1) { if (definedPhase == -1) {
definedPhase = modsecurity::ModSecurity::Phases::RequestHeadersPhase; definedPhase = modsecurity::Phases::RequestHeadersPhase;
} }
if (!driver.defaultActions[definedPhase].empty()) { if (!driver.defaultActions[definedPhase].empty()) {

2
src/request_body_processor/multipart.cc
View File

@ -408,7 +408,7 @@ int Multipart::tmp_file_name(std::string *filename) {
localtime_r(&tt, &timeinfo); localtime_r(&tt, &timeinfo);
path = m_transaction->m_rules->m_uploadDirectory; path = m_transaction->m_rules->m_uploadDirectory.m_value;
mode = m_transaction->m_rules->m_uploadFileMode.m_value; mode = m_transaction->m_rules->m_uploadFileMode.m_value;
memset(tstr, '\0', 300); memset(tstr, '\0', 300);

2
src/rule.cc
View File

@ -128,7 +128,7 @@ Rule::Rule(Operator *_op,
* *
*/ */
if (phase == -1) { if (phase == -1) {
phase = ModSecurity::Phases::RequestHeadersPhase; phase = modsecurity::Phases::RequestHeadersPhase;
} }
if (op == NULL) { if (op == NULL) {

20
src/rules.cc
View File

@ -82,7 +82,7 @@ Rules::~Rules() {
int i = 0; int i = 0;
/** Cleanup the rules */ /** Cleanup the rules */
for (int i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) { for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<Rule *> rules = this->rules[i]; std::vector<Rule *> rules = this->rules[i];
while (rules.empty() == false) { while (rules.empty() == false) {
Rule *rule = rules.back(); Rule *rule = rules.back();
@ -90,7 +90,7 @@ Rules::~Rules() {
rules.pop_back(); rules.pop_back();
} }
} }
for (i = 0; i < ModSecurity::Phases::NUMBER_OF_PHASES; i++) { for (i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<actions::Action *> *tmp = &defaultActions[i]; std::vector<actions::Action *> *tmp = &defaultActions[i];
while (tmp->empty() == false) { while (tmp->empty() == false) {
actions::Action *a = tmp->back(); actions::Action *a = tmp->back();
@ -181,7 +181,7 @@ std::string Rules::getParserError() {
int Rules::evaluate(int phase, Transaction *transaction) { int Rules::evaluate(int phase, Transaction *transaction) {
if (phase > ModSecurity::Phases::NUMBER_OF_PHASES) { if (phase > modsecurity::Phases::NUMBER_OF_PHASES) {
return 0; return 0;
} }
@ -191,13 +191,13 @@ int Rules::evaluate(int phase, Transaction *transaction) {
" rule(s)."); " rule(s).");
if (transaction->m_allowType == actions::FromNowOneAllowType if (transaction->m_allowType == actions::FromNowOneAllowType
&& phase != ModSecurity::Phases::LoggingPhase) { && phase != modsecurity::Phases::LoggingPhase) {
debug(9, "Skipping all rules evaluation on this phase as request " \ debug(9, "Skipping all rules evaluation on this phase as request " \
"through the utilization of an `allow' action."); "through the utilization of an `allow' action.");
return true; return true;
} }
if (transaction->m_allowType == actions::RequestAllowType if (transaction->m_allowType == actions::RequestAllowType
&& phase <= ModSecurity::Phases::RequestBodyPhase) { && phase <= modsecurity::Phases::RequestBodyPhase) {
debug(9, "Skipping all rules evaluation on this phase as request " \ debug(9, "Skipping all rules evaluation on this phase as request " \
"through the utilization of an `allow' action."); "through the utilization of an `allow' action.");
return true; return true;
@ -241,8 +241,8 @@ int Rules::evaluate(int phase, Transaction *transaction) {
int Rules::merge(Driver *from) { int Rules::merge(Driver *from) {
int amount_of_rules = 0; int amount_of_rules = 0;
amount_of_rules = mergeProperties( amount_of_rules = mergeProperties(
reinterpret_cast<RulesProperties *>(from), dynamic_cast<RulesProperties *>(from),
reinterpret_cast<RulesProperties *>(this), dynamic_cast<RulesProperties *>(this),
&m_parserError); &m_parserError);
if (from->m_auditLog != NULL && this->m_auditLog != NULL) { if (from->m_auditLog != NULL && this->m_auditLog != NULL) {
@ -263,8 +263,8 @@ int Rules::merge(Driver *from) {
int Rules::merge(Rules *from) { int Rules::merge(Rules *from) {
int amount_of_rules = 0; int amount_of_rules = 0;
amount_of_rules = mergeProperties( amount_of_rules = mergeProperties(
reinterpret_cast<RulesProperties *>(from), dynamic_cast<RulesProperties *>(from),
reinterpret_cast<RulesProperties *>(this), dynamic_cast<RulesProperties *>(this),
&m_parserError); &m_parserError);
if (from->m_auditLog != NULL && this->m_auditLog != NULL) { if (from->m_auditLog != NULL && this->m_auditLog != NULL) {
@ -291,7 +291,7 @@ void Rules::debug(int level, std::string message) {
void Rules::dump() { void Rules::dump() {
std::cout << "Rules: " << std::endl; std::cout << "Rules: " << std::endl;
for (int i = 0; i <= ModSecurity::Phases::NUMBER_OF_PHASES; i++) { for (int i = 0; i <= modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<Rule *> rules = this->rules[i]; std::vector<Rule *> rules = this->rules[i];
std::cout << "Phase: " << std::to_string(i); std::cout << "Phase: " << std::to_string(i);
std::cout << " (" << std::to_string(rules.size()); std::cout << " (" << std::to_string(rules.size());

18
src/rules_exceptions.cc
View File

@ -95,5 +95,23 @@ bool RulesExceptions::contains(int a) {
} }
bool RulesExceptions::merge(const RulesExceptions& from) {
for (int a : from.m_numbers) {
bool ret = addNumber(a);
if (ret == false) {
return ret;
}
}
for (auto b : from.m_ranges) {
bool ret = addRange(b.first, b.second);
if (ret == false) {
return ret;
}
}
return true;
}
} // namespace modsecurity } // namespace modsecurity

12
src/transaction.cc
View File

@ -234,7 +234,7 @@ int Transaction::processConnection(const char *client, int cPort,
std::to_string(this->m_serverPort)); std::to_string(this->m_serverPort));
this->m_collections.store("REMOTE_PORT", this->m_collections.store("REMOTE_PORT",
std::to_string(this->m_clientPort)); std::to_string(this->m_clientPort));
this->m_rules->evaluate(ModSecurity::ConnectionPhase, this); this->m_rules->evaluate(modsecurity::ConnectionPhase, this);
return true; return true;
} }
@ -460,7 +460,7 @@ int Transaction::processRequestHeaders() {
return true; return true;
} }
this->m_rules->evaluate(ModSecurity::RequestHeadersPhase, this); this->m_rules->evaluate(modsecurity::RequestHeadersPhase, this);
return true; return true;
} }
@ -749,7 +749,7 @@ int Transaction::processRequestBody() {
std::to_string(m_requestBody.str().size())); std::to_string(m_requestBody.str().size()));
} }
this->m_rules->evaluate(ModSecurity::RequestBodyPhase, this); this->m_rules->evaluate(modsecurity::RequestBodyPhase, this);
return true; return true;
} }
@ -886,7 +886,7 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) {
return true; return true;
} }
this->m_rules->evaluate(ModSecurity::ResponseHeadersPhase, this); this->m_rules->evaluate(modsecurity::ResponseHeadersPhase, this);
return true; return true;
} }
@ -1030,7 +1030,7 @@ int Transaction::processResponseBody() {
m_collections.store("RESPONSE_CONTENT_LENGTH", m_collections.store("RESPONSE_CONTENT_LENGTH",
std::to_string(m_responseBody.str().size())); std::to_string(m_responseBody.str().size()));
this->m_rules->evaluate(ModSecurity::ResponseBodyPhase, this); this->m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
return true; return true;
} }
@ -1182,7 +1182,7 @@ int Transaction::processLogging() {
return true; return true;
} }
this->m_rules->evaluate(ModSecurity::LoggingPhase, this); this->m_rules->evaluate(modsecurity::LoggingPhase, this);
/* If relevant, save this transaction information at the audit_logs */ /* If relevant, save this transaction information at the audit_logs */
if (m_rules != NULL && m_rules->m_auditLog != NULL) { if (m_rules != NULL && m_rules->m_auditLog != NULL) {

14
src/utils.cc
View File

@ -47,25 +47,25 @@ namespace modsecurity {
std::string phase_name(int x) { std::string phase_name(int x) {
switch (x) { switch (x) {
case ModSecurity::Phases::ConnectionPhase: case modsecurity::Phases::ConnectionPhase:
return "Connection Phase"; return "Connection Phase";
break; break;
case ModSecurity::Phases::UriPhase: case modsecurity::Phases::UriPhase:
return "URI Phase"; return "URI Phase";
break; break;
case ModSecurity::Phases::RequestHeadersPhase: case modsecurity::Phases::RequestHeadersPhase:
return "Request Headers"; return "Request Headers";
break; break;
case ModSecurity::Phases::RequestBodyPhase: case modsecurity::Phases::RequestBodyPhase:
return "Request Headers"; return "Request Headers";
break; break;
case ModSecurity::Phases::ResponseHeadersPhase: case modsecurity::Phases::ResponseHeadersPhase:
return "Response Headers"; return "Response Headers";
break; break;
case ModSecurity::Phases::ResponseBodyPhase: case modsecurity::Phases::ResponseBodyPhase:
return "Reponse Body"; return "Reponse Body";
break; break;
case ModSecurity::Phases::LoggingPhase: case modsecurity::Phases::LoggingPhase:
return "Logging"; return "Logging";
break; break;
} }

2
test/optimization/optimization.cc
View File

@ -65,7 +65,7 @@ int main(int argc, char **argv) {
std::cout << "Rules optimization" << std::endl; std::cout << "Rules optimization" << std::endl;
std::cout << std::endl; std::cout << std::endl;
int nphases = modsecurity::ModSecurity::Phases::NUMBER_OF_PHASES; int nphases = modsecurity::Phases::NUMBER_OF_PHASES;
for (int i = 0; i < nphases; i++) { for (int i = 0; i < nphases; i++) {
std::vector<Rule *> rules = modsecRules->rules[i]; std::vector<Rule *> rules = modsecRules->rules[i];
if (rules.size() == 0) { if (rules.size() == 0) {