100 Commits

Author	SHA1	Message	Date
b1v1r	058283fb5a	Add the ability to build custom request body parser extensions. ... Add an example for a request body parser extension.	2010-05-05 23:01:11 +00:00
b1v1r	08edc0c26f	Merge 2.5.x (2.5.12) changes into trunk.	2010-02-05 19:05:20 +00:00
ivanr	5448b3fc26	Log the duration of garbage collection at level 3.	2010-02-03 07:29:54 +00:00
ivanr	4cd09b9daf	Revert unneeded changes in r1459.	2010-02-01 19:10:31 +00:00
ivanr	c24e61ac85	Added missing conditional debug logging.	2010-02-01 16:14:51 +00:00
b1v1r	7379a4fb3f	Merge 2.5.x changes into trunk.	2009-08-12 23:03:11 +00:00
b1v1r	73fb8eae5d	Merge latest 2.5.x changes to trunk.	2009-07-24 05:11:45 +00:00
b1v1r	12b9bcd33a	Merge 2.5.x changes into trunk.	2009-05-21 06:26:26 +00:00
b1v1r	ffc5d968e6	Merge 2.5.x changes into trunk.	2009-05-21 06:18:18 +00:00
b1v1r	a16eb9677c	Merge 2.5.x changes into trunk.	2009-05-16 10:42:32 +00:00
b1v1r	dc0a2161ac	Merge 2.5.9 changes into trunk.	2009-03-12 15:31:10 +00:00
ivanr	2818e66a95	Tidy up the code for the performance-measurement mode. Remove the per-phase measurements, which don't seem to work (at least not in my case).	2008-09-01 09:38:30 +00:00
ivanr	acec75be45	Make PERFORMANCE_MEASUREMENT more accurate by removing stray msr_log() invocation. Clean the code a bit.	2008-08-29 16:09:59 +00:00
brectanus	10713fbd37	Sync up branches/2.5.x and trunk.	2008-07-31 22:36:24 +00:00
ivanr	b2119411dd	Minor code cleanup.	2008-06-05 14:00:28 +00:00
brectanus	16acbe4949	Fixed issue where logging was not occuring unless "auditlog" was enabled. See #497, #4, #451 and #445.	2008-06-02 23:34:31 +00:00
brectanus	f2449c6f35	Enable "auditlog" action by default. See #445 and #451.	2008-06-02 23:31:27 +00:00
brectanus	eb77be6e0e	Fixed issue where transformation cache used default (fixed in 2.5.4).	2008-05-13 00:09:18 +00:00
brectanus	5f09dbb3ee	Sync up trunk with changes from 2.5.x.	2008-03-28 17:06:44 +00:00
brectanus	7a1e2db148	Fixed code according to Ivan's review.	2008-02-20 00:41:43 +00:00
brectanus	e4eaade2ca	Make Lua support optional since it is still experimental (--without-lua). If someone still uses SecRuleScript, however, it iignores it and just warns on Apache startup.	2008-02-16 00:27:44 +00:00
brectanus	f428d37680	Cleanup - remove extraneous whitespace and tabs.	2008-02-07 21:45:05 +00:00
brectanus	e2ad283fdb	Fix some sprintf formatters so they do not generate warnings.	2008-02-04 21:50:10 +00:00
brectanus	3232a2d41e	Fix debug log "Expanded" msg to only print when expanded.	2008-02-04 18:21:27 +00:00
brectanus	ed581b56f4	Revert part of the noauditlog fix in changelog:878. See #451.	2008-01-28 22:10:12 +00:00
brectanus	4c6dccada2	Fixed noauditlog. See #451.	2008-01-25 05:52:49 +00:00
brectanus	52ccced72b	Cleanup building actionsets and use minimal default. See #445. ... Fully resolve all rules before logging.	2008-01-25 04:52:49 +00:00
brectanus	946a350043	Fixed removing cained rules with ctl action.	2008-01-24 22:39:13 +00:00
brectanus	09ada31a28	Fixed potential crash if actionset was NULL. See #441 and #442.	2008-01-24 18:08:39 +00:00
brectanus	a3584993f5	Implement "block" pseudo-action. See #441.	2008-01-24 05:16:35 +00:00
brectanus	18e9ef0808	Remove default transformations. See #445.	2008-01-22 05:50:42 +00:00
brectanus	c4e1ede358	Fixed merging actionsets so we can build a more accurate rule for auditing.	2008-01-22 05:39:33 +00:00
brectanus	0d24a08f33	Implemented SecRuleUpdateActionById. See #442.	2008-01-19 02:23:41 +00:00
brectanus	f4a44bc320	Remove an extraneous debug log.	2008-01-18 01:02:29 +00:00
brectanus	9fb03d277d	Fixing code based on review comments... ... Cleaned up what vars are cacheable. Added parens around "*foo++" where it clarified the operation to be "*(foo++)". Added " at VARNAME" to operator matches where needed. Escaped var->name in the var generation (user-supplied data). Marked a bunch of TODOs as ENHs instead. Transformed some C++ style comments to C style. Removed the %0-9 macros code which was commented out. Optimized some ctl action code so that multiple ifs are else ifs. Implemented some error messages marked as ENH. Make commented out acmp debugging a configure-time option. Cleanup GEO debug log messages. Added relative filename support for geo dbs. Added help text to Sec* directives.	2008-01-18 00:47:30 +00:00
brectanus	99c41afc3d	Added a check that SecServerSignature actually worked (Apache changed some of this code as of 2.2.4 and could potentially change it again and break this). ... Cleaned up some configure code. Cleaned up some extraneous cache logging. Cleaned up the output from the test script.	2008-01-14 22:32:53 +00:00
brectanus	b5033e6e29	It is 2008 now :)	2008-01-11 00:00:31 +00:00
brectanus	106a54f876	Fixed partial transformation caching and reduced some debugging output.	2008-01-09 00:52:51 +00:00
brectanus	31e3ada844	Fixed phase 5 rules not being excludable.	2008-01-08 20:45:54 +00:00
brectanus	c622e7ec93	Expand PERFORMANCE_MEASUREMENT output to break down the full rule timing into transformation, operator and full. ... Add a "Transformation completed in N usec." debug line to compliment the operator timing.	2008-01-08 16:21:40 +00:00
ivanr	2068357af8	Added m.getvars() and finalised Lua support.	2007-12-21 12:50:03 +00:00
ivanr	f64c7c39e8	Lua: Added support for scripting to @inspectFile.	2007-12-20 15:53:23 +00:00
ivanr	4cecdf4c5b	Added support for Lua to the exec action.	2007-12-20 12:06:30 +00:00
ivanr	e357bb55af	Add quoting to unparsed rule generation.	2007-12-19 16:11:32 +00:00
ivanr	aef5a460b6	Fix Lua support. Enable logging from Lua scripts (using m.log()).	2007-12-19 12:50:21 +00:00
ivanr	afd3cbf14f	Implemented SecRuleScript LUA_SCRIPT [ACTIONS].	2007-12-19 11:22:52 +00:00
ivanr	6f6934e9d3	Code polish.	2007-12-19 09:22:58 +00:00
brectanus	8360aacc22	Use use new msr->rule_was_intercepted flag. See #425.	2007-12-17 19:58:35 +00:00
brectanus	cd51a10046	Allow all rules to run in phase 5. See #425.	2007-12-14 22:34:16 +00:00
brectanus	4c11791a94	Escape cache value in log.	2007-12-14 00:42:04 +00:00