mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-14 05:45:59 +03:00
Renames Sec{Read|Write}StateLimits
The Sec{Read|Write}StateLimits are filters related to the connections, when the
server did not know yet which vhost the request goes to. This means that once
those configrations are set it will be applied to entire server. This patch
just renames the Sec{Read|Write}StateLimits to SecConn{Read|Write}StateLimits
to make it more clear to the user. SecConnectionEngine was also renamed to
SecConnEngine.
This commit is contained in:
Felipe Zimmerle
parent
48d85c7d6e
commit
efef989ddd
@ -1705,7 +1705,7 @@ char *parser_conn_limits_operator(apr_pool_t *mp, const char *p2,
|
|||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
return apr_psprintf(mp, "ModSecurity: Invalid operator for " \
|
return apr_psprintf(mp, "ModSecurity: Invalid operator for " \
|
||||||
"SecReadStateLimit: %s, expected operators: @ipMatch, @ipMatchF " \
|
"SecConnReadStateLimit: %s, expected operators: @ipMatch, @ipMatchF " \
|
||||||
"or @ipMatchFromFile with or without !", p2);
|
"or @ipMatchFromFile with or without !", p2);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1726,7 +1726,7 @@ char *parser_conn_limits_operator(apr_pool_t *mp, const char *p2,
|
|||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Add SecReadStateLimit configuration option
|
* \brief Add SecConnReadStateLimit configuration option
|
||||||
*
|
*
|
||||||
* \param cmd Pointer to configuration data
|
* \param cmd Pointer to configuration data
|
||||||
* \param _dcfg Pointer to directory configuration
|
* \param _dcfg Pointer to directory configuration
|
||||||
@ -1747,7 +1747,7 @@ static const char *cmd_conn_read_state_limit(cmd_parms *cmd, void *_dcfg,
|
|||||||
limit = strtol(p1, NULL, 10);
|
limit = strtol(p1, NULL, 10);
|
||||||
if ((limit == LONG_MAX) || (limit == LONG_MIN) || (limit <= 0)) {
|
if ((limit == LONG_MAX) || (limit == LONG_MIN) || (limit <= 0)) {
|
||||||
return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
|
return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
|
||||||
"SecReadStateLimit: %s", p1);
|
"SecConnReadStateLimit: %s", p1);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (p2 != NULL) {
|
if (p2 != NULL) {
|
||||||
@ -1764,8 +1764,18 @@ static const char *cmd_conn_read_state_limit(cmd_parms *cmd, void *_dcfg,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static const char *cmd_read_state_limit(cmd_parms *cmd, void *_dcfg,
|
||||||
|
const char *p1, const char *p2)
|
||||||
|
{
|
||||||
|
ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, cmd->pool,
|
||||||
|
"SecReadStateLimit is depricated, use SecConnReadStateLimit " \
|
||||||
|
"instead.");
|
||||||
|
|
||||||
|
return cmd_conn_read_state_limit(cmd, _dcfg, p1, p2);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Add SecWriteStateLimit configuration option
|
* \brief Add SecConnWriteStateLimit configuration option
|
||||||
*
|
*
|
||||||
* \param cmd Pointer to configuration data
|
* \param cmd Pointer to configuration data
|
||||||
* \param _dcfg Pointer to directory configuration
|
* \param _dcfg Pointer to directory configuration
|
||||||
@ -1786,7 +1796,7 @@ static const char *cmd_conn_write_state_limit(cmd_parms *cmd, void *_dcfg,
|
|||||||
limit = strtol(p1, NULL, 10);
|
limit = strtol(p1, NULL, 10);
|
||||||
if ((limit == LONG_MAX) || (limit == LONG_MIN) || (limit <= 0)) {
|
if ((limit == LONG_MAX) || (limit == LONG_MIN) || (limit <= 0)) {
|
||||||
return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
|
return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
|
||||||
"SecWriteStateLimit: %s", p1);
|
"SecConnWriteStateLimit: %s", p1);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (p2 != NULL) {
|
if (p2 != NULL) {
|
||||||
@ -1802,6 +1812,16 @@ static const char *cmd_conn_write_state_limit(cmd_parms *cmd, void *_dcfg,
|
|||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
static const char *cmd_write_state_limit(cmd_parms *cmd, void *_dcfg,
|
||||||
|
const char *p1, const char *p2)
|
||||||
|
{
|
||||||
|
ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, cmd->pool,
|
||||||
|
"SecWriteStateLimit is depricated, use SecConnWriteStateLimit " \
|
||||||
|
"instead.");
|
||||||
|
|
||||||
|
return cmd_conn_write_state_limit(cmd, _dcfg, p1, p2);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
static const char *cmd_request_body_inmemory_limit(cmd_parms *cmd, void *_dcfg,
|
static const char *cmd_request_body_inmemory_limit(cmd_parms *cmd, void *_dcfg,
|
||||||
@ -2163,7 +2183,7 @@ static const char *cmd_sever_conn_filters_engine(cmd_parms *cmd, void *_dcfg,
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
|
return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
|
||||||
"SecConnectionEngine: %s", p1);
|
"SecConnEngine: %s", p1);
|
||||||
}
|
}
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -3308,7 +3328,7 @@ const command_rec module_directives[] = {
|
|||||||
),
|
),
|
||||||
|
|
||||||
AP_INIT_TAKE12 (
|
AP_INIT_TAKE12 (
|
||||||
"SecReadStateLimit",
|
"SecConnReadStateLimit",
|
||||||
cmd_conn_read_state_limit,
|
cmd_conn_read_state_limit,
|
||||||
NULL,
|
NULL,
|
||||||
CMD_SCOPE_ANY,
|
CMD_SCOPE_ANY,
|
||||||
@ -3316,13 +3336,29 @@ const command_rec module_directives[] = {
|
|||||||
),
|
),
|
||||||
|
|
||||||
AP_INIT_TAKE12 (
|
AP_INIT_TAKE12 (
|
||||||
"SecWriteStateLimit",
|
"SecReadStateLimit",
|
||||||
|
cmd_read_state_limit,
|
||||||
|
NULL,
|
||||||
|
CMD_SCOPE_ANY,
|
||||||
|
"maximum number of threads in READ_BUSY state per ip address"
|
||||||
|
),
|
||||||
|
|
||||||
|
AP_INIT_TAKE12 (
|
||||||
|
"SecConnWriteStateLimit",
|
||||||
cmd_conn_write_state_limit,
|
cmd_conn_write_state_limit,
|
||||||
NULL,
|
NULL,
|
||||||
CMD_SCOPE_ANY,
|
CMD_SCOPE_ANY,
|
||||||
"maximum number of threads in WRITE_BUSY state per ip address"
|
"maximum number of threads in WRITE_BUSY state per ip address"
|
||||||
),
|
),
|
||||||
|
|
||||||
|
AP_INIT_TAKE12 (
|
||||||
|
"SecWriteStateLimit",
|
||||||
|
cmd_write_state_limit,
|
||||||
|
NULL,
|
||||||
|
CMD_SCOPE_ANY,
|
||||||
|
"maximum number of threads in WRITE_BUSY state per ip address"
|
||||||
|
),
|
||||||
|
|
||||||
AP_INIT_TAKE1 (
|
AP_INIT_TAKE1 (
|
||||||
"SecRequestBodyInMemoryLimit",
|
"SecRequestBodyInMemoryLimit",
|
||||||
cmd_request_body_inmemory_limit,
|
cmd_request_body_inmemory_limit,
|
||||||
@ -3438,7 +3474,7 @@ const command_rec module_directives[] = {
|
|||||||
),
|
),
|
||||||
|
|
||||||
AP_INIT_TAKE1 (
|
AP_INIT_TAKE1 (
|
||||||
"SecConnectionEngine",
|
"SecConnEngine",
|
||||||
cmd_sever_conn_filters_engine,
|
cmd_sever_conn_filters_engine,
|
||||||
NULL,
|
NULL,
|
||||||
CMD_SCOPE_ANY,
|
CMD_SCOPE_ANY,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user