diff --git a/CHANGES b/CHANGES
index 04f5a602..3be55b24 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,7 +1,10 @@
-?? ??? 2007 - 2.5.0-dev3
+01 Oct 2007 - 2.5.0-dev3
------------------------
+ * Used new TX:LAST_MATCHED_VAR_NAME to store the last matched variable name
+ so that it can be more easily used by rules.
+
* Fixed expansion of macros when using relative changes with setvar. In
addition, added support for expanding macros in the variable name.
diff --git a/apache2/re.c b/apache2/re.c
index e043a002..150ae9b0 100644
--- a/apache2/re.c
+++ b/apache2/re.c
@@ -1335,6 +1335,8 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
else {
/* Match. */
+ msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
+
if (rc == 0) {
/* Operator did not match so we need to provide a message. */
my_error_msg = apr_psprintf(msr->mp, "Match of \"%s %s\" against \"%s\" required.",
@@ -1344,6 +1346,21 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
msr->matched_var = apr_pstrdup(msr->mp, var->name);
+ if (s == NULL) {
+ msr_log(msr, 3, "Internal error: Failed to allocate space for TX.last_matched_var_name.");
+ }
+ else {
+ s->name = "last_matched_var_name";
+ s->value = apr_pstrdup(msr->mp, var->name);
+ s->value_len = strlen(var->name);
+ if ((s->name == NULL)||(s->value == NULL)) return -1;
+ apr_table_setn(msr->tx_vars, s->name, (void *)s);
+ if (msr->txcfg->debuglog_level >= 9) {
+ msr_log(msr, 9, "Added matched variable name to TX.%s: %s", s->name, var->name);
+ }
+ }
+
+
/* Keep track of the highest severity matched so far */
if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity))
{
diff --git a/apache2/re_operators.c b/apache2/re_operators.c
index 663593fd..2cdf6f4a 100644
--- a/apache2/re_operators.c
+++ b/apache2/re_operators.c
@@ -142,7 +142,7 @@ static int msre_op_rx_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
if ((s->name == NULL)||(s->value == NULL)) return -1;
apr_table_setn(msr->tx_vars, s->name, (void *)s);
if (msr->txcfg->debuglog_level >= 9) {
- msr_log(msr, 9, "Adding regex subexpression to TXVARS (%d): %s", i,
+ msr_log(msr, 9, "Added regex subexpression to TX.%d: %s", i,
log_escape_nq_ex(msr->mp, s->value, s->value_len));
}
}
@@ -346,7 +346,7 @@ static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
apr_table_setn(msr->tx_vars, s->name, (void *)s);
if (msr->txcfg->debuglog_level >= 9) {
- msr_log(msr, 9, "Adding phrase match to TXVARS (0): %s",
+ msr_log(msr, 9, "Added phrase match to TX.0: %s",
log_escape_nq_ex(msr->mp, s->value, s->value_len));
}
diff --git a/doc/modsecurity2-apache-reference.xml b/doc/modsecurity2-apache-reference.xml
index 5d35a3c6..321ef877 100644
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -3,7 +3,7 @@
ModSecurity Reference Manual
- Version 2.5.0-dev3 / (September 28, 2007)
+ Version 2.5.0-dev3 / (October 1, 2007)
2004-2007
@@ -2977,6 +2977,30 @@ SecAction setsid:%{REQUEST_COOKIES.PHPSESSID}
this this request and then it will decided whether or not to allow/deny
the request through.
+ The following is a list of reserved names in the TX
+ collection:
+
+
+
+ TX:0 - The matching value
+ when using the @rx or @pm operator with the capture action.
+
+
+
+ TX:1-TX:9 - The captured
+ subexpression value when using the @rx operator with capturing parens and the
+ capture action.
+
+
+
+ TX:LAST_MATCHED_VAR_NAME -
+ The full name of the variable that was matched against.
+
+
+
SecRule WEBSERVER_ERROR_LOG "does not exist" "phase:5,pass,setvar:tx.score=+5"
SecRule TX:SCORE "@gt 20" deny,log
@@ -5028,4 +5052,4 @@ SecRule REQUEST_METHOD "!@within %{tx.allowed_methods}
-
\ No newline at end of file
+