github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

API CHANGE: response status is now set on processResponseHeaders

Browse Source 
That change was needed to move the variable attribution to earliest
as possible. We also have a new field for HTTP_PROTOCOL version used
on the response.
This commit is contained in:
Felipe Zimmerle 2016-06-20 23:57:02 -03:00
parent a36b2da86a
commit b8bd0c5960
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
6 changed files with 37 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
examples/multithread_c/multi.c
View File

@ -66,9 +66,9 @@ void process_request (void *ptr)
msc_process_request_headers(transaction);
msc_process_request_body(transaction);
msc_add_response_header(transaction, "Content-type", "text/html");
msc_process_response_headers(transaction);
msc_process_response_headers(transaction, 200, "HTTP 1.0");
msc_process_response_body(transaction);
msc_process_logging(transaction, 200);
msc_process_logging(transaction);
msc_transaction_cleanup(transaction);
tv.tv_sec = 0;
tv.tv_usec = 1000;

4
examples/simple_example_using_c/test.c
View File

@ -63,9 +63,9 @@ int main (int argc, char **argv)
"GET", "1.1");
msc_process_request_headers(transaction);
msc_process_request_body(transaction);
msc_process_response_headers(transaction);
msc_process_response_headers(transaction, 200, "HTTP 1.3");
msc_process_response_body(transaction);
msc_process_logging(transaction, 200);
msc_process_logging(transaction);
end:
msc_rules_cleanup(rules);
msc_cleanup(modsec);

9
headers/modsecurity/transaction.h
View File

@ -131,7 +131,7 @@ class Transaction {
int appendRequestBody(const unsigned char *body, size_t size);
int requestBodyFromFile(const char *path);
int processResponseHeaders();
int processResponseHeaders(int code, const std::string& proto);
int addResponseHeader(const std::string& key, const std::string& value);
int addResponseHeader(const unsigned char *key, const unsigned char *value);
int addResponseHeader(const unsigned char *key, size_t len_key,
@ -140,7 +140,7 @@ class Transaction {
int processResponseBody();
int appendResponseBody(const unsigned char *body, size_t size);
int processLogging(int status_code);
int processLogging();
bool intervention(ModSecurityIntervention *it);
@ -392,7 +392,8 @@ int msc_append_request_body(Transaction *transaction,
int msc_request_body_from_file(Transaction *transaction, const char *path);
/** @ingroup ModSecurity_C_API */
int msc_process_response_headers(Transaction *transaction);
int msc_process_response_headers(Transaction *transaction, int code,
const char* protocol);
/** @ingroup ModSecurity_C_API */
int msc_add_response_header(Transaction *transaction,
@ -427,7 +428,7 @@ void msc_transaction_cleanup(Transaction *transaction);
int msc_intervention(Transaction *transaction, ModSecurityIntervention *it);
/** @ingroup ModSecurity_C_API */
int msc_process_logging(Transaction *transaction, int code);
int msc_process_logging(Transaction *transaction);
#ifdef __cplusplus
}

23
src/transaction.cc
View File

@ -823,16 +823,22 @@ int Transaction::appendRequestBody(const unsigned char *buf, size_t len) {
*
* @note Remember to check for a possible intervention.
*
* @param code The returned http code.
* @param proto Protocol used on the response.
*
* @returns If the operation was successful or not.
* @retval true Operation was successful.
* @retval false Operation failed.
*
*/
int Transaction::processResponseHeaders() {
int Transaction::processResponseHeaders(int code, const std::string& proto) {
#ifndef NO_LOGS
debug(4, "Starting phase RESPONSE_HEADERS. (SecRules 3)");
#endif
this->m_httpCodeReturned = code;
this->m_collections.store("STATUS", std::to_string(code));
if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
#ifndef NO_LOGS
debug(4, "Rule engine disabled, returning...");
@ -1123,7 +1129,7 @@ int Transaction::getResponseBodyLenth() {
* @retval false Operation failed.
*
*/
int Transaction::processLogging(int returned_code) {
int Transaction::processLogging() {
#ifndef NO_LOGS
debug(4, "Starting phase LOGGING. (SecRules 5)");
#endif
@ -1135,9 +1141,6 @@ int Transaction::processLogging(int returned_code) {
return true;
}
this->m_httpCodeReturned = returned_code;
this->m_collections.store("STATUS", std::to_string(returned_code));
this->m_rules->evaluate(ModSecurity::LoggingPhase, this);
/* If relevant, save this transaction information at the audit_logs */
@ -1720,8 +1723,9 @@ extern "C" int msc_request_body_from_file(Transaction *transaction,
* @retval 0 Operation failed.
*
*/
extern "C" int msc_process_response_headers(Transaction *transaction) {
return transaction->processResponseHeaders();
extern "C" int msc_process_response_headers(Transaction *transaction,
int code, const char* protocol) {
return transaction->processResponseHeaders(code, protocol);
}
@ -1961,15 +1965,14 @@ extern "C" int msc_get_response_body_length(Transaction *transaction) {
* delivered prior to the execution of this function.
*
* @param transaction ModSecurity transaction.
* @param code HTTP code returned to the user.
*
* @returns If the operation was successful or not.
* @retval 1 Operation was successful.
* @retval 0 Operation failed.
*
*/
extern "C" int msc_process_logging(Transaction *transaction, int code) {
return transaction->processLogging(code);
extern "C" int msc_process_logging(Transaction *transaction) {
return transaction->processLogging();
}
} // namespace modsecurity

4
test/benchmark/benchmark.cc
View File

@ -147,7 +147,7 @@ int main(int argc, char *argv[]) {
modsecTransaction->addResponseHeader("Content-Length",
"200");
modsecTransaction->processResponseHeaders();
modsecTransaction->processResponseHeaders(200, "HTTP 1.2");
if (modsecTransaction->intervention(&it)) {
std::cout << "There is an intervention" << std::endl;
@ -165,7 +165,7 @@ int main(int argc, char *argv[]) {
}
next_request:
modsecTransaction->processLogging(200);
modsecTransaction->processLogging();
delete modsecTransaction;
}

16
test/regression/regression.cc
View File

@ -246,17 +246,21 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
t->clientPort, t->serverIp.c_str(), t->serverPort);
actions(&r, modsec_transaction);
#if 0
if (r.status != 200) {
goto end;
}
#endif
modsec_transaction->processURI(t->uri.c_str(), t->method.c_str(),
t->httpVersion.c_str());
actions(&r, modsec_transaction);
#if 0
if (r.status != 200) {
goto end;
}
#endif
for (std::pair<std::string, std::string> headers :
t->request_headers) {
@ -267,7 +271,7 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
modsec_transaction->processRequestHeaders();
actions(&r, modsec_transaction);
if (r.status != 200) {
goto end;
//goto end;
}
modsec_transaction->appendRequestBody(
@ -275,9 +279,11 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
t->request_body.size());
modsec_transaction->processRequestBody();
actions(&r, modsec_transaction);
#if 0
if (r.status != 200) {
goto end;
}
#endif
for (std::pair<std::string, std::string> headers :
t->response_headers) {
@ -285,23 +291,27 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
headers.second.c_str());
}
modsec_transaction->processResponseHeaders();
modsec_transaction->processResponseHeaders(r.status, "HTTP 1.1");
actions(&r, modsec_transaction);
#if 0
if (r.status != 200) {
goto end;
}
#endif
modsec_transaction->appendResponseBody(
(unsigned char *)t->response_body.c_str(),
t->response_body.size());
modsec_transaction->processResponseBody();
actions(&r, modsec_transaction);
#if 0
if (r.status != 200) {
goto end;
}
#endif
end:
modsec_transaction->processLogging(r.status);
modsec_transaction->processLogging();
CustomDebugLog *d = reinterpret_cast<CustomDebugLog *>
(modsec_rules->m_debugLog);