github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-10 02:04:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Backport fixes for #66 to 2.1.x. See #431.

Browse Source
This commit is contained in:
brectanus
2007-12-15 00:51:19 +00:00
parent 021191368f
commit d06aec8361
3 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGES
View File

@@ -1,3 +1,12 @@
14 Dec 2007 - 2.1.5-rc1
-----------------------
* Stricter configuration parsing. Disruptive actions, meta actions and
phases are no longer allowed in a chained rule.
* Fixed t:escapeSeqDecode to better follow ANSI C escapes.
27 Nov 2007 - 2.1.4
-------------------

19
apache2/apache2_config.c
View File

@@ -441,21 +441,18 @@ static const char *add_rule(cmd_parms *cmd, directory_config *dcfg, const char *
if (dcfg->tmp_default_actionset == NULL) return FATAL_ERROR;
}
/* Merge actions with the parent. */
rule->actionset = msre_actionset_merge(modsecurity->msre, dcfg->tmp_default_actionset,
rule->actionset, 1);
if (dcfg->tmp_chain_starter != NULL) {
/* This rule is part of a chain. */
/* Check some cases prior to merging so we know where it came from */
/* Check syntax for chained rules */
if ((rule->actionset != NULL) && (dcfg->tmp_chain_starter != NULL)) {
/* Must NOT specify a disruptive action. */
if (rule->actionset->intercept_action == NOT_SET) {
if (rule->actionset->intercept_action != NOT_SET) {
return apr_psprintf(cmd->pool, "ModSecurity: Disruptive actions can only "
"be specified by chain starter rules.");
}
/* Must NOT specify a phase. */
if (rule->actionset->phase == NOT_SET) {
if (rule->actionset->phase != NOT_SET) {
return apr_psprintf(cmd->pool, "ModSecurity: Execution phases can only be "
"specified by chain starter rules.");
}
@@ -474,7 +471,13 @@ static const char *add_rule(cmd_parms *cmd, directory_config *dcfg, const char *
return apr_psprintf(cmd->pool, "ModSecurity: The skip action can only be used "
" by chain starter rules. ");
}
}
/* Merge actions with the parent. */
rule->actionset = msre_actionset_merge(modsecurity->msre, dcfg->tmp_default_actionset,
rule->actionset, 1);
if (dcfg->tmp_chain_starter != NULL) {
rule->chain_starter = dcfg->tmp_chain_starter;
rule->actionset->phase = rule->chain_starter->actionset->phase;
}

2
doc/modsecurity2-apache-reference.xml
View File

@@ -3,7 +3,7 @@
<title>ModSecurity Reference Manual</title>
<articleinfo>
<releaseinfo>Version 2.1.4 / (November 27, 2007)</releaseinfo>
<releaseinfo>Version 2.1.5-rc1 / (December 14, 2007)</releaseinfo>
<copyright>
<year>2004-2007</year>