From ee8b886371a68a03b00f292fee031ab626ca8121 Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <fcosta@trustwave.com>
Date: Wed, 9 Sep 2015 17:39:54 -0300
Subject: [PATCH] Adds parser support to ctl:[auditEngine|ruleEngine]

---
 src/parser/seclang-parser.yy  | 30 ++++++++++++++++++++++++++++--
 src/parser/seclang-scanner.ll |  8 ++++++--
 2 files changed, 34 insertions(+), 4 deletions(-)

diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy
index dc59f333..34593ff3 100644
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -230,9 +230,11 @@ using ModSecurity::Variables::Variable;
 %token <std::string> ACTION_REV
 %token <std::string> LOG_DATA
 %token <std::string> TRANSFORMATION
-%token <std::string> ACTION_CTL_BDY_XML
-%token <std::string> ACTION_CTL_BDY_JSON
+%token <std::string> ACTION_CTL_AUDIT_ENGINE
 %token <std::string> ACTION_CTL_AUDIT_LOG_PARTS
+%token <std::string> ACTION_CTL_BDY_JSON
+%token <std::string> ACTION_CTL_BDY_XML
+%token <std::string> ACTION_CTL_RULE_ENGINE
 
 %type <std::vector<Action *> *> actions
 %type <std::vector<Variable *> *> variables
@@ -751,6 +753,30 @@ act:
       {
         $$ = new CtlAuditLogParts($1);
       }
+    | ACTION_CTL_RULE_ENGINE CONFIG_VALUE_ON
+      {
+        $$ = Action::instantiate($1);
+      }
+    | ACTION_CTL_RULE_ENGINE CONFIG_VALUE_OFF
+      {
+        $$ = Action::instantiate($1);
+      }
+    | ACTION_CTL_RULE_ENGINE CONFIG_VALUE_DETC
+      {
+        $$ = Action::instantiate($1);
+      }
+    | ACTION_CTL_AUDIT_ENGINE CONFIG_VALUE_ON
+      {
+        $$ = Action::instantiate($1);
+      }
+    | ACTION_CTL_AUDIT_ENGINE CONFIG_VALUE_OFF
+      {
+        $$ = Action::instantiate($1);
+      }
+    | ACTION_CTL_AUDIT_ENGINE CONFIG_VALUE_RELEVANT_ONLY
+      {
+        $$ = Action::instantiate($1);
+      }
     ;
 
 actions:
diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll
index 93dd905b..7f86d86b 100755
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@@ -34,9 +34,11 @@ ACTION_SETVAR   (?i:setvar)
 ACTION_MSG      (?i:msg)
 ACTION_TAG      (?i:tag)
 ACTION_REV      (?i:rev)
-ACTION_CTL_BDY_XML (?i:ctl:requestBodyProcessor=XML)
-ACTION_CTL_BDY_JSON (?i:ctl:requestBodyProcessor=JSON)
+ACTION_CTL_BDY_XML         (?i:ctl:requestBodyProcessor=XML)
+ACTION_CTL_BDY_JSON        (?i:ctl:requestBodyProcessor=JSON)
 ACTION_CTL_AUDIT_LOG_PARTS (?i:ctl:auditLogParts)
+ACTION_CTL_RULE_ENGINE     (?i:ctl:ruleEngine)
+ACTION_CTL_AUDIT_ENGINE    (?i:ctl:auditEngine)
 DIRECTIVE       (?i:SecRule)
 LOG_DATA        (?i:logdata)
 
@@ -177,6 +179,8 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
 {CONFIG_DIR_AUDIT_STS}[ ]["]{FREE_TEXT}["]         { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_STS(strchr(yytext, ' ') + 1, *driver.loc.back()); }
 {CONFIG_DIR_AUDIT_TPE}                             { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_TPE(yytext, *driver.loc.back()); }
 {ACTION_CTL_AUDIT_LOG_PARTS}=[+|-]{AUDIT_PARTS}    { return yy::seclang_parser::make_ACTION_CTL_AUDIT_LOG_PARTS(yytext, *driver.loc.back()); }
+{ACTION_CTL_RULE_ENGINE}=                          { return yy::seclang_parser::make_ACTION_CTL_RULE_ENGINE(yytext, *driver.loc.back()); }
+{ACTION_CTL_AUDIT_ENGINE}=                         { return yy::seclang_parser::make_ACTION_CTL_AUDIT_ENGINE(yytext, *driver.loc.back()); }
 
 %{ /* Debug log entries */ %}
 {CONFIG_DIR_DEBUG_LOG}[ ]{CONFIG_VALUE_PATH}    { return yy::seclang_parser::make_CONFIG_DIR_DEBUG_LOG(strchr(yytext, ' ') + 1, *driver.loc.back()); }