Computes auditlog during rules load time

2025-11-16 01:22:18 +03:00 · 2020-06-03 20:57:27 -03:00
parent d6e8352873
commit c7813a1973
18 changed files with 197 additions and 92 deletions
--- a/headers/modsecurity/actions/action.h
+++ b/headers/modsecurity/actions/action.h
@@ -33,20 +33,20 @@ namespace actions {
 class Action {
 public:
    Action()
-        : m_name(""),
-        m_parserPayload("")
+        : m_parserPayload(""),
+        m_name("")
    { }


    explicit Action(const std::string& action)
-        : m_name(sort_name(action)),
-        m_parserPayload(sort_payload(action))
+        : m_parserPayload(sort_payload(action)),
+        m_name(sort_name(action))
    { }


    Action(const Action &a)
-        : m_name(a.m_name),
-        m_parserPayload(a.m_parserPayload)
+        : m_parserPayload(a.m_parserPayload),
+        m_name(a.m_name)
    { }


@@ -76,7 +76,7 @@ class Action {
    }


-    const std::string *getName() {
+    const std::string *getName() const {
        return &m_name;
    }

--- a/headers/modsecurity/audit_log.h
+++ b/headers/modsecurity/audit_log.h
@@ -170,9 +170,8 @@ class AuditLog {
    bool init(std::string *error);
    virtual bool close();

-    bool saveIfRelevant(Transaction *transaction);
-    bool saveIfRelevant(Transaction *transaction, int parts);
-    bool isRelevant(int status);
+    bool saveIfRelevant(Transaction *transaction) const noexcept;
+    bool isRelevant(int status) const noexcept;

    static int addParts(int parts, const std::string& new_parts);
    static int removeParts(int parts, const std::string& new_parts);
--- a/headers/modsecurity/rule_message.h
+++ b/headers/modsecurity/rule_message.h
@@ -130,6 +130,8 @@ class RuleMessage {
    std::string getUri() const;
    bool isDisruptive() const;

+    bool toBeAuditLog() const;
+
    int m_severity;
    std::list<std::string> m_tags;

--- a/headers/modsecurity/transaction.h
+++ b/headers/modsecurity/transaction.h
@@ -322,8 +322,7 @@ class TransactionSecMarkerManagement {
 class TransactionRuleMessageManagement {
 public:
    explicit TransactionRuleMessageManagement(Transaction *t)
-        : m_transaction(t),
-        m_noAuditLog(false) { 
+        : m_transaction(t) {
            messageNew();
        };

@@ -332,22 +331,7 @@ class TransactionRuleMessageManagement {

    void logMatchLastRuleOnTheChain(RuleWithActions *rule);

-    void messageSetNoAuditLog(bool a) {
-        m_noAuditLog = a;
-    }
-
-    bool messageSaveAuditLog() const {
-        return m_noAuditLog;
-    }
-
-    std::list<RuleMessage *> messageGetAll() {
-        std::list<RuleMessage *> messages;
-        for (RuleMessage *a : m_rulesMessages) {
-            messages.push_back(a);
-        }
-
-        return messages;
-    }
+    std::list<RuleMessage *> messageGetAll();

    void messageClear() {
        m_rulesMessages.clear();
@@ -362,7 +346,6 @@ class TransactionRuleMessageManagement {
    std::list<RuleMessage *> m_rulesMessages;

    Transaction *m_transaction;
-    bool m_noAuditLog;
 };