213 Commits

Author	SHA1	Message	Date
Felipe Zimmerle	9733cacd4d	Refactoring: moves ctl_ actions into ctl namespace	2016-11-01 14:58:51 -03:00
Felipe Zimmerle	2bb9d7988f	Cosmetics: huge refactoring in the parser ... The parser is now more elegant and resilient.	2016-10-31 17:33:24 -03:00
Felipe Zimmerle	4711644600	dds support to CtlRequestBodyAccess	2016-10-28 09:48:10 -03:00
Felipe Zimmerle	1c21d1aeba	Adds support to action CtlRuleRemoveById	2016-10-26 11:00:18 -03:00
Felipe Zimmerle	161cc36acf	Adds support to action CtlRuleRemoteTargetById	2016-10-26 10:58:42 -03:00
Felipe Zimmerle	9245369a54	Adds support to action CtlRuleRemoteTargetByTag	2016-10-25 15:43:50 -03:00
Felipe Zimmerle	678a97d0f7	Refectoring on the DebugLog mechanism ... The DebugLog implementation was modified to use shared memory to keep the information about the opened files and file handles. The modification was necessary to avoid race-conditions. This commit also closes the issue SpiderLabs/ModSecurity-nginx#17	2016-10-18 18:43:51 -03:00
Felipe Zimmerle	b48e4b3a37	refactoring: Moves Phases enum to outside ModSecurity class	2016-10-07 19:05:50 -03:00
Felipe Zimmerle	c680ddf2cd	Refactoring on rulesProperties class ... Among of other things the merge process was improved to detect if certain properties were set on the origin rule set.	2016-10-05 12:01:15 -03:00
Felipe Zimmerle	8f5c1c3cf6	parser: avoids parser error while loading an empty file	2016-09-22 10:16:00 -03:00
Felipe Zimmerle	37079ef668	Adds support to SecRuleRemoveById	2016-07-18 15:02:38 -03:00
Felipe Zimmerle	c0ebd45a68	Reduces bison required version to test it over the buildbots	2016-07-14 00:20:01 -03:00
Felipe Zimmerle	f72bd587ec	Adds support to the allow action	2016-06-30 20:44:51 -03:00
Felipe Zimmerle	b0f69b1262	Adds support to the `skip' action	2016-06-30 10:35:42 -03:00
Felipe Zimmerle	90adb53935	Adds support to JSON request body parser	2016-06-29 21:55:41 -03:00
Felipe Zimmerle	0c0a9b3083	Accepts component signature between brackets	2016-06-23 23:14:01 -03:00
Felipe Zimmerle	a36b2da86a	Adds support to the STATUS variable	2016-06-20 20:34:39 -03:00
Felipe Zimmerle	56d084a7f4	Adds support the variable rule ... Issue #1016	2016-06-20 14:03:45 -03:00
Felipe Zimmerle	9919026620	Fixes regarding memory management ... Fixes assorted issues identified by valgrind.	2016-06-16 00:03:57 -03:00
Alexey Zelkin	cb91af537c	Enforce bison requirement to 3.0.4. ... Previous versions of bison proven to generate broken code which caused to assert() regression tests of libmodsecurity for clang 3.4 and gcc 4.8. Upgrading bison to 3.0.4 solved mentioned issues for FreeBSD 10, CentOS 7, RHEL 7 and Ubuntu 14.	2016-06-15 23:10:27 -03:00
Felipe Zimmerle	2e3da7ea24	Better support for multipart ... ModSecurity v2.x parser was ported into 3.x branch. All the multipart related variables should be workbale.	2016-06-10 09:40:08 -03:00
Felipe Zimmerle	9e5cf2de8e	Adds Upload configuration paramters to the libmodsec parser	2016-06-07 14:23:56 -03:00
Felipe Zimmerle	4b9cff3ec7	Partially adds the REMOTE_USER variable support	2016-05-23 11:04:19 -03:00
Felipe Zimmerle	f989ecd5cb	Adds support to SecXMLExternalEntity	2016-05-18 17:02:15 -03:00
Felipe Zimmerle	6a7b970fe3	Adds support to ctl:requestBodyProcessor=XML	2016-05-18 10:30:25 -03:00
Felipe Zimmerle	8c714af8e1	Actions refactoring: now there is a clear definiation on the action name	2016-05-17 14:36:59 -03:00
Felipe Zimmerle	1b88947d9b	Adds support 'xmlns' action to the libmodsec parser	2016-05-16 18:24:54 -03:00
Felipe Zimmerle	6a40752500	Adds XML variable, xml body request processor and @validateSchema	2016-05-12 11:11:40 -03:00
Felipe Zimmerle	758ecb5d6d	Adds support to USER collection, setuid action and USERID variable ... More details on: #1026, #1024, #1048	2016-05-09 20:27:08 -03:00
Felipe Zimmerle	a2a47798e9	Adds support to the collection SESSION and setsid action	2016-05-06 14:38:04 -03:00
Felipe Zimmerle	8d052853a8	Adds support to https audit log output ... This functionality was built for test only.	2016-04-04 13:29:15 -03:00
Felipe Zimmerle	f44143436b	Fix parser error on free text operator	2016-02-18 10:11:54 -03:00
Felipe Zimmerle	8143f8ea89	Adds support to the action `maturity'	2016-02-10 13:55:12 -03:00
Felipe Zimmerle	714df8db20	Adds support to the action `accuracy'	2016-02-10 13:35:02 -03:00
Felipe Zimmerle	5a2a81a568	Adds support to the action `ver'	2016-02-10 12:53:22 -03:00
Felipe Zimmerle	b06eaadac7	Places the classes related to audit log into a separate namespace	2016-01-14 14:29:36 -03:00
Felipe Zimmerle	d780fd6290	Fix the parse to distinguish between @pm content and a variable ... Before this patch the parser was not understanding @pm content that contains a variable.	2016-01-12 13:59:27 -03:00
Felipe Zimmerle	702551ed42	Adds support to action `exec' to sec lang parser	2016-01-12 10:57:06 -03:00
Felipe Zimmerle	923620fbd0	Adds support to the action `allow' in the sec parser	2016-01-12 10:42:36 -03:00
Felipe Zimmerle	7901c2c899	Adds the actions SetSID and SetUID to the seclang parser	2016-01-12 10:34:33 -03:00
Felipe Zimmerle	3acc013e49	Improves the secrules parser	2016-01-11 17:50:35 -03:00
Felipe Zimmerle	decf04d264	Adds support to SecResponseBodyMimeType	2015-12-24 11:55:24 -03:00
Felipe Zimmerle	913e22a77d	Adds initial support to initcol action	2015-12-22 12:10:15 -03:00
Felipe Zimmerle	fb3696ac04	Fix a few things to provide an easy interface for script bindings	2015-12-22 11:53:36 -03:00
Felipe Zimmerle	b5a43871e6	Changes library namespace from ModSecurity to modsecurity	2015-12-01 10:55:59 -03:00
Felipe Zimmerle	09a958544d	Makes @geoLookup optional depending on the availability of libGeoIP	2015-11-20 11:09:05 -03:00
Felipe Zimmerle	e641c3cc17	Huge improve in the variables resolution time	2015-11-03 22:44:59 -03:00
Felipe Zimmerle	48704c27a9	Removes some memory leaks	2015-10-30 18:59:08 -03:00
Felipe Zimmerle	e54ef72051	Looks for external resources in the same path of the rule	2015-10-06 09:21:30 -03:00
Felipe Zimmerle	5cc9e94505	Splits operator into OPERATOR and FREE_TEXT on sec lang grammar	2015-10-02 12:07:18 -03:00