Expands log_cb to share ruleMessage structure instead text

Text version still available and it is the default options

headers/modsecurity/actions/action.h

@@ -17,6 +17,7 @@
 
 #include <string>
 #include <iostream>
+#include <memory>
 
 #endif
 
@@ -62,7 +63,7 @@ class Action {
         Transaction *transaction);
     virtual bool evaluate(Rule *rule, Transaction *transaction);
     virtual bool evaluate(Rule *rule, Transaction *transaction,
-        RuleMessage *ruleMessage) {
+        std::shared_ptr<RuleMessage> ruleMessage) {
         return evaluate(rule, transaction);
     }
     virtual bool init(std::string *error) { return true; }

headers/modsecurity/modsecurity.h

@@ -77,6 +77,7 @@
 #include <ctime>
 #include <iostream>
 #include <string>
+#include <memory>
 #endif
 
 
@@ -163,6 +164,8 @@ namespace modsecurity {
      */
      NUMBER_OF_PHASES,
     };
+
+
 }  // namespace modsecurity
 #endif
 
@@ -198,17 +201,77 @@ namespace modsecurity {
 #define MODSECURITY_VERSION_NUM MODSECURITY_MAJOR \
     MODSECURITY_MINOR MODSECURITY_PATCHLEVEL MODSECURITY_TAG_NUM
 
-typedef void (*LogCb) (void *, const char *);
+
+/*
+ * @name    ModSecLogCb
+ * @brief   Callback to be function on every log generation
+ *
+ *
+ * The callback is going to be called on every log request.
+ *
+ *
+ * void *   Internal reference to be used by the API consumer. Whatever
+ *          is set here will be passed on every call.
+ * void *   Pointer to a const char * or RuleMessage class. The returned
+ *          data is selected on the log register property.
+ *
+ * @note    Vide LogProperty enum to learn more about Log Properties.
+ *
+ */
+typedef void (*ModSecLogCb) (void *, const void *);
+
 
 #ifdef __cplusplus
 namespace modsecurity {
 
+
 /* few forwarded declarations */
 namespace actions {
 class Action;
 }
 class Rule;
 
+#ifdef __cplusplus
+extern "C" {
+#endif
+    /**
+     *
+     * Properties used to configure the general log callback.
+     *
+     */
+    enum LogProperty {
+    /**
+     *
+     * Original ModSecurity text log entry. The same entry that can be found
+     * within the Apache error_log (in the 2.x family)
+     *
+     */
+     TextLogProperty = 1,
+    /**
+     *
+     * Instead of return the text log entry an instance of the class
+     * RuleMessages is returned.
+     *
+     */
+     RuleMessageLogProperty = 2,
+    /**
+     * This property only makes sense with the utilization of the
+     * RuleMessageLogProperty. Without this property set the RuleMessage
+     * structure will not be filled with the information of the hightlight.
+     *
+     * Notice that the highlight can be calculate post-analisys. Calculate it
+     * during the analisys may delay the analisys process.
+     *
+    */
+     IncludeFullHighlightLogProperty = 4,
+    };
+
+
+#ifdef __cplusplus
+}
+#endif
+
+
 /** @ingroup ModSecurity_CPP_API */
 class ModSecurity {
  public:
@@ -217,8 +280,17 @@ class ModSecurity {
 
     static const std::string whoAmI();
     void setConnectorInformation(std::string connector);
-    void setServerLogCb(LogCb cb);
-    void serverLog(void *data, const std::string& msg);
+    void setServerLogCb(ModSecLogCb cb);
+    /**
+     *
+     * properties   Properties to inform ModSecurity what kind of infornation
+     *              is expected be returned.
+     *
+     */
+    void setServerLogCb(ModSecLogCb cb, int properties);
+
+    void serverLog(void *data, std::shared_ptr<RuleMessage> rm);
+
     const std::string& getConnectorInformation();
 
     int processContentOffset(const char *content, size_t len,
@@ -232,7 +304,8 @@ class ModSecurity {
 
  private:
     std::string m_connector;
-    LogCb m_logCb;
+    ModSecLogCb m_logCb;
+    int m_logProperties;
 };
 
 
@@ -249,7 +322,7 @@ const char *msc_who_am_i(ModSecurity *msc);
 /** @ingroup ModSecurity_C_API */
 void msc_set_connector_info(ModSecurity *msc, const char *connector);
 /** @ingroup ModSecurity_C_API */
-void msc_set_log_cb(ModSecurity *msc, LogCb cb);
+void msc_set_log_cb(ModSecurity *msc, ModSecLogCb cb);
 /** @ingroup ModSecurity_C_API */
 void msc_cleanup(ModSecurity *msc);
 

headers/modsecurity/rule.h

@@ -52,21 +52,21 @@ class Rule {
     explicit Rule(std::string marker);
     ~Rule();
 
-    bool evaluate(Transaction *transaction);
+    bool evaluate(Transaction *transaction, std::shared_ptr<RuleMessage> rm);
     bool evaluateActions(Transaction *transaction);
     std::vector<std::unique_ptr<collection::Variable>>
 	getFinalVars(Transaction *trasn);
     void executeActionsAfterFullMatch(Transaction *trasn,
-        bool containsDisruptive, RuleMessage *ruleMessage);
+        bool containsDisruptive, std::shared_ptr<RuleMessage> ruleMessage);
 
     std::list<std::pair<std::shared_ptr<std::string>,
         std::shared_ptr<std::string>>> executeDefaultTransformations(
         Transaction *trasn, const std::string &value, bool multiMatch);
 
     bool executeOperatorAt(Transaction *trasn, std::string key,
-        std::string value, RuleMessage *rm);
+        std::string value, std::shared_ptr<RuleMessage> rm);
     void executeActionsIndependentOfChainedRuleResult(Transaction *trasn,
-        bool *b, RuleMessage *ruleMessage);
+        bool *b, std::shared_ptr<RuleMessage> ruleMessage);
     std::string resolveMatchMessage(std::string key, std::string value);
     void updateMatchedVars(Transaction *trasn, std::string key,
         std::string value);

headers/modsecurity/rule_message.h

@@ -34,47 +34,76 @@ namespace modsecurity {
 
 class RuleMessage {
  public:
-    explicit RuleMessage(Rule *rule) :
-        m_ruleFile(rule->m_fileName),
-        m_ruleLine(rule->m_lineNumber),
-        m_ruleId(rule->m_ruleId),
-        m_rev(rule->m_rev),
+    explicit RuleMessage(Rule *rule, Transaction *trans) :
         m_accuracy(rule->m_accuracy),
-        m_message(std::string("")),
-        m_data(std::string("")),
-        m_severity(0),
-        m_ver(rule->m_ver),
+        m_clientIpAddress(trans->m_clientIpAddress),
+        m_data(""),
+        m_disruptiveMessage(""),
+        m_id(trans->m_id),
+        m_isDisruptive(false),
+        m_match(""),
         m_maturity(rule->m_maturity),
-        m_rule(rule),
-        m_saveMessage(false),
+        m_message(""),
         m_noAuditLog(false),
-        m_match(std::string(""))
+        m_phase(rule->m_phase - 1),
+        m_reference(""),
+        m_rev(rule->m_rev),
+        m_rule(rule),
+        m_ruleFile(rule->m_fileName),
+        m_ruleId(rule->m_ruleId),
+        m_ruleLine(rule->m_lineNumber),
+        m_saveMessage(false),
+        m_serverIpAddress(trans->m_serverIpAddress),
+        m_severity(0),
+        m_uriNoQueryStringDecoded(trans->m_uri_no_query_string_decoded),
+        m_ver(rule->m_ver)
     { }
 
-    std::string errorLog(Transaction *trans);
-    std::string disruptiveErrorLog(Transaction *trans, std::string log2);
-    std::string noClientErrorLog(Transaction *trans);
-    std::string errorLogTail(Transaction *trans);
+    std::string errorLog() {
+        return RuleMessage::errorLog(this);
+    }
+    std::string disruptiveErrorLog() {
+        return RuleMessage::disruptiveErrorLog(this);
+    }
+    std::string noClientErrorLog() {
+        return RuleMessage::noClientErrorLog(this);
+    }
+    std::string errorLogTail() {
+        return RuleMessage::errorLogTail(this);
+    }
+    std::string log() {
+        return RuleMessage::log(this);
+    }
+    static std::string disruptiveErrorLog(const RuleMessage *rm);
+    static std::string noClientErrorLog(const RuleMessage *rm);
+    static std::string errorLogTail(const RuleMessage *rm);
+    static std::string errorLog(const RuleMessage *rm);
+    static std::string log(const RuleMessage *rm);
 
-    std::string m_match;
-    std::string m_ruleFile;
-    int m_ruleLine;
-    int m_ruleId;
-    std::string m_message;
-    std::string m_data;
-    int m_severity;
-    std::string m_ver;
-    std::string m_rev;
-    int m_maturity;
     int m_accuracy;
+    std::string m_clientIpAddress;
+    std::string m_data;
+    std::string m_disruptiveMessage;
+    std::string m_id;
+    bool m_isDisruptive;
+    std::string m_match;
+    int m_maturity;
+    std::string m_message;
+    bool m_noAuditLog;
+    int m_phase;
     std::string m_reference;
+    std::string m_rev;
+    Rule *m_rule;
+    std::string m_ruleFile;
+    int m_ruleId;
+    int m_ruleLine;
+    bool m_saveMessage;
+    std::string m_serverIpAddress;
+    int m_severity;
+    std::string m_uriNoQueryStringDecoded;
+    std::string m_ver;
 
     std::list<std::string> m_tags;
-    std::list<std::string> m_server_logs;
-
-    bool m_noAuditLog;
-    Rule *m_rule;
-    bool m_saveMessage;
 };
 
 

headers/modsecurity/transaction.h

@@ -323,7 +323,7 @@ class Transaction : public TransactionAnchoredVariables {
 #ifndef NO_LOGS
     void debug(int, std::string);
 #endif
-    void serverLog(const std::string& msg);
+    void serverLog(std::shared_ptr<RuleMessage> rm);
 
     std::string toJSON(int parts);
     std::string toOldAuditLogFormat(int parts, const std::string &trailer);