From b8bd0c5960199c661996ffa1d8a5e55ad437b04d Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <felipe@zimmerle.org>
Date: Mon, 20 Jun 2016 23:57:02 -0300
Subject: [PATCH] API CHANGE: response status is now set on
 processResponseHeaders

That change was needed to move the variable attribution to earliest
as possible. We also have a new field for HTTP_PROTOCOL version used
on the response.
---
 examples/multithread_c/multi.c         |  4 ++--
 examples/simple_example_using_c/test.c |  4 ++--
 headers/modsecurity/transaction.h      |  9 +++++----
 src/transaction.cc                     | 23 +++++++++++++----------
 test/benchmark/benchmark.cc            |  4 ++--
 test/regression/regression.cc          | 16 +++++++++++++---
 6 files changed, 37 insertions(+), 23 deletions(-)

diff --git a/examples/multithread_c/multi.c b/examples/multithread_c/multi.c
index c6118c98..a2823b16 100644
--- a/examples/multithread_c/multi.c
+++ b/examples/multithread_c/multi.c
@@ -66,9 +66,9 @@ void process_request (void *ptr)
         msc_process_request_headers(transaction);
         msc_process_request_body(transaction);
         msc_add_response_header(transaction, "Content-type", "text/html");
-        msc_process_response_headers(transaction);
+        msc_process_response_headers(transaction, 200, "HTTP 1.0");
         msc_process_response_body(transaction);
-        msc_process_logging(transaction, 200);
+        msc_process_logging(transaction);
         msc_transaction_cleanup(transaction);
         tv.tv_sec = 0;
         tv.tv_usec = 1000;
diff --git a/examples/simple_example_using_c/test.c b/examples/simple_example_using_c/test.c
index 4393e876..ad66bc64 100644
--- a/examples/simple_example_using_c/test.c
+++ b/examples/simple_example_using_c/test.c
@@ -63,9 +63,9 @@ int main (int argc, char **argv)
         "GET", "1.1");
     msc_process_request_headers(transaction);
     msc_process_request_body(transaction);
-    msc_process_response_headers(transaction);
+    msc_process_response_headers(transaction, 200, "HTTP 1.3");
     msc_process_response_body(transaction);
-    msc_process_logging(transaction, 200);
+    msc_process_logging(transaction);
 end:
     msc_rules_cleanup(rules);
     msc_cleanup(modsec);
diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h
index 519b0ef3..1fbdfee8 100644
--- a/headers/modsecurity/transaction.h
+++ b/headers/modsecurity/transaction.h
@@ -131,7 +131,7 @@ class Transaction {
     int appendRequestBody(const unsigned char *body, size_t size);
     int requestBodyFromFile(const char *path);
 
-    int processResponseHeaders();
+    int processResponseHeaders(int code, const std::string& proto);
     int addResponseHeader(const std::string& key, const std::string& value);
     int addResponseHeader(const unsigned char *key, const unsigned char *value);
     int addResponseHeader(const unsigned char *key, size_t len_key,
@@ -140,7 +140,7 @@ class Transaction {
     int processResponseBody();
     int appendResponseBody(const unsigned char *body, size_t size);
 
-    int processLogging(int status_code);
+    int processLogging();
 
     bool intervention(ModSecurityIntervention *it);
 
@@ -392,7 +392,8 @@ int msc_append_request_body(Transaction *transaction,
 int msc_request_body_from_file(Transaction *transaction, const char *path);
 
 /** @ingroup ModSecurity_C_API */
-int msc_process_response_headers(Transaction *transaction);
+int msc_process_response_headers(Transaction *transaction, int code,
+    const char* protocol);
 
 /** @ingroup ModSecurity_C_API */
 int msc_add_response_header(Transaction *transaction,
@@ -427,7 +428,7 @@ void msc_transaction_cleanup(Transaction *transaction);
 int msc_intervention(Transaction *transaction, ModSecurityIntervention *it);
 
 /** @ingroup ModSecurity_C_API */
-int msc_process_logging(Transaction *transaction, int code);
+int msc_process_logging(Transaction *transaction);
 
 #ifdef __cplusplus
 }
diff --git a/src/transaction.cc b/src/transaction.cc
index a2b26061..89f2b56b 100644
--- a/src/transaction.cc
+++ b/src/transaction.cc
@@ -823,16 +823,22 @@ int Transaction::appendRequestBody(const unsigned char *buf, size_t len) {
  *
  * @note Remember to check for a possible intervention.
  *
+ * @param code The returned http code.
+ * @param proto Protocol used on the response.
+ * 
  * @returns If the operation was successful or not.
  * @retval true Operation was successful.
  * @retval false Operation failed.
  *
  */
-int Transaction::processResponseHeaders() {
+int Transaction::processResponseHeaders(int code, const std::string& proto) {
 #ifndef NO_LOGS
     debug(4, "Starting phase RESPONSE_HEADERS. (SecRules 3)");
 #endif
 
+    this->m_httpCodeReturned = code;
+    this->m_collections.store("STATUS", std::to_string(code));
+
     if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) {
 #ifndef NO_LOGS
         debug(4, "Rule engine disabled, returning...");
@@ -1123,7 +1129,7 @@ int Transaction::getResponseBodyLenth() {
  * @retval false Operation failed.
  *
  */
-int Transaction::processLogging(int returned_code) {
+int Transaction::processLogging() {
 #ifndef NO_LOGS
     debug(4, "Starting phase LOGGING. (SecRules 5)");
 #endif
@@ -1135,9 +1141,6 @@ int Transaction::processLogging(int returned_code) {
         return true;
     }
 
-    this->m_httpCodeReturned = returned_code;
-    this->m_collections.store("STATUS", std::to_string(returned_code));
-
     this->m_rules->evaluate(ModSecurity::LoggingPhase, this);
 
     /* If relevant, save this transaction information at the audit_logs */
@@ -1720,8 +1723,9 @@ extern "C" int msc_request_body_from_file(Transaction *transaction,
  * @retval 0 Operation failed.
  *
  */
-extern "C" int msc_process_response_headers(Transaction *transaction) {
-    return transaction->processResponseHeaders();
+extern "C" int msc_process_response_headers(Transaction *transaction,
+    int code, const char* protocol) {
+    return transaction->processResponseHeaders(code, protocol);
 }
 
 
@@ -1961,15 +1965,14 @@ extern "C" int msc_get_response_body_length(Transaction *transaction) {
  * delivered prior to the execution of this function.
  *
  * @param transaction ModSecurity transaction.
- * @param code  HTTP code returned to the user.
  *
  * @returns If the operation was successful or not.
  * @retval 1 Operation was successful.
  * @retval 0 Operation failed.
  *
  */
-extern "C" int msc_process_logging(Transaction *transaction, int code) {
-    return transaction->processLogging(code);
+extern "C" int msc_process_logging(Transaction *transaction) {
+    return transaction->processLogging();
 }
 
 }  // namespace modsecurity
diff --git a/test/benchmark/benchmark.cc b/test/benchmark/benchmark.cc
index 4c7160fe..f1a625df 100644
--- a/test/benchmark/benchmark.cc
+++ b/test/benchmark/benchmark.cc
@@ -147,7 +147,7 @@ int main(int argc, char *argv[]) {
         modsecTransaction->addResponseHeader("Content-Length",
             "200");
 
-        modsecTransaction->processResponseHeaders();
+        modsecTransaction->processResponseHeaders(200, "HTTP 1.2");
 
         if (modsecTransaction->intervention(&it)) {
             std::cout << "There is an intervention" << std::endl;
@@ -165,7 +165,7 @@ int main(int argc, char *argv[]) {
         }
 
 next_request:
-        modsecTransaction->processLogging(200);
+        modsecTransaction->processLogging();
         delete modsecTransaction;
     }
 
diff --git a/test/regression/regression.cc b/test/regression/regression.cc
index 89f29193..4c84949d 100644
--- a/test/regression/regression.cc
+++ b/test/regression/regression.cc
@@ -246,17 +246,21 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
             t->clientPort, t->serverIp.c_str(), t->serverPort);
 
         actions(&r, modsec_transaction);
+#if 0
         if (r.status != 200) {
              goto end;
         }
+#endif
 
         modsec_transaction->processURI(t->uri.c_str(), t->method.c_str(),
             t->httpVersion.c_str());
 
         actions(&r, modsec_transaction);
+#if 0
         if (r.status != 200) {
             goto end;
         }
+#endif
 
         for (std::pair<std::string, std::string> headers :
             t->request_headers) {
@@ -267,7 +271,7 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
         modsec_transaction->processRequestHeaders();
         actions(&r, modsec_transaction);
         if (r.status != 200) {
-            goto end;
+            //goto end;
         }
 
         modsec_transaction->appendRequestBody(
@@ -275,9 +279,11 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
             t->request_body.size());
         modsec_transaction->processRequestBody();
         actions(&r, modsec_transaction);
+#if 0
         if (r.status != 200) {
             goto end;
         }
+#endif
 
         for (std::pair<std::string, std::string> headers :
             t->response_headers) {
@@ -285,23 +291,27 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
                 headers.second.c_str());
         }
 
-        modsec_transaction->processResponseHeaders();
+        modsec_transaction->processResponseHeaders(r.status, "HTTP 1.1");
         actions(&r, modsec_transaction);
+#if 0
         if (r.status != 200) {
             goto end;
         }
+#endif
 
         modsec_transaction->appendResponseBody(
             (unsigned char *)t->response_body.c_str(),
             t->response_body.size());
         modsec_transaction->processResponseBody();
         actions(&r, modsec_transaction);
+#if 0
         if (r.status != 200) {
             goto end;
         }
+#endif
 
 end:
-        modsec_transaction->processLogging(r.status);
+        modsec_transaction->processLogging();
 
         CustomDebugLog *d = reinterpret_cast<CustomDebugLog *>
             (modsec_rules->m_debugLog);