55 Commits

Author SHA1 Message Date
Felipe Zimmerle
966e7e1ff1 Adds verification before access the strcmp
Audit log was making the assumption that "arg->origin" was filled which
is not necessary true. This commit adds an verification.
2014-03-31 16:22:09 -07:00
Ewald Dieterich
7e459827e0 Log why writing to audit log failed
Add error description from apr_strerror() to message that is logged if
writing to audit log failed.
2014-03-31 07:14:55 -07:00
Ewald Dieterich
607dfd229a Fix segmentation fault if writing to audit log fails
A segmentation fault occurs if concurrent audit log format is enabled
(SecAuditLogType Concurrent) and writing to the log fails.
2014-03-31 07:14:55 -07:00
Breno Silva
aa18ec7f45 Updated copyright dates 2013-04-19 03:20:46 -04:00
Breno Silva
ce3cf00a2c Fixed byte conversion issue during logging under zlinux 2012-10-31 17:05:41 -04:00
brenosilva
0d2307192c MODSEC-336 2012-10-05 18:03:58 +00:00
brenosilva
866cb6d6b4 Update trunk for 2.7 2012-05-10 23:18:39 +00:00
brenosilva
b19f32bb3e Make clean and maintainer-clean removes unused files, also add # when rule chain doenst match 2011-04-29 19:05:48 +00:00
brenosilva
f468224a40 Change log_escape_nq to log_escape 2011-04-27 16:40:08 +00:00
brenosilva
6b7edc4d47 Fixes, code cleanups, improvements 2011-04-27 15:58:22 +00:00
brenosilva
cf97731cc0 Fix logging MATCHED_VARS issue 2011-04-25 19:46:33 +00:00
brenosilva
4c6419cf74 Remove extra debug msg for log section K 2011-04-14 18:12:56 +00:00
brenosilva
9cd2efd97a Added extra debug msg for log section K 2011-04-12 21:25:14 +00:00
brenosilva
025d41f71f Added extra debug msg for log section K 2011-04-12 20:53:37 +00:00
brenosilva
5bfb2973e8 Change rule comparing to log section K 2011-04-12 20:06:28 +00:00
brenosilva
6ea5cba17b Move version() to mod_security2 2011-04-12 13:53:33 +00:00
brenosilva
0d32c17c30 Memory pool fixes and code cleanup 2011-04-03 03:57:02 +00:00
brenosilva
6031e7fdae Improvements, bug fixes and cleanup from Tom Donavan 2011-04-02 23:10:16 +00:00
brenosilva
104f0de46e New License 2011-03-30 14:12:44 +00:00
brenosilva
49732256f6 Improvements, fixes and new features 2011-03-25 13:51:13 +00:00
brenosilva
8b52a7d1e2 MODSEC-173 2011-03-11 17:34:18 +00:00
brenosilva
3c53fe5beb Add ifdef when print lua version 2011-02-17 17:26:22 +00:00
brenosilva
7f52d86e4b Include data edition, sanitizematched and few fixes 2011-02-14 12:49:55 +00:00
brenosilva
fdded33831 MODSEC-60 2011-01-12 15:45:46 +00:00
brenosilva
8907f66f3f MODSEC-127 2011-01-09 14:23:00 +00:00
brenosilva
549f059480 move 2.5.13 into trunk 2010-12-08 18:58:18 +00:00
b1v1r
3a10f9fb8d Fix autoconf header and include path so trunk builds. 2010-08-31 18:35:55 +00:00
b1v1r
08edc0c26f Merge 2.5.x (2.5.12) changes into trunk. 2010-02-05 19:05:20 +00:00
ivanr
221af6f5c1 Add PERF_ALL, sepearate PERF_STORAGE into PERF_SREAD and PERF_SWRITE. 2010-02-01 12:10:28 +00:00
ivanr
bc35ab7e0b Implement variables for access to performance measurements. 2010-02-01 11:44:32 +00:00
ivanr
7b56982f26 Implemented a new time-measuring mechanism. Added Stopwatch2. 2010-02-01 09:42:23 +00:00
ivanr
8fe278e845 Change 'sanitise' to 'sanitize' everywhere, preserving the 'sanitise' action variants for backward compatibility. 2009-10-29 17:57:18 +00:00
b1v1r
826124b378 Merge 2.5.x changes to trunk. 2009-08-25 22:19:33 +00:00
b1v1r
dc0a2161ac Merge 2.5.9 changes into trunk. 2009-03-12 15:31:10 +00:00
brectanus
20cc395510 Added mlogc source. 2008-09-02 23:10:36 +00:00
brectanus
10713fbd37 Sync up branches/2.5.x and trunk. 2008-07-31 22:36:24 +00:00
brectanus
f428d37680 Cleanup - remove extraneous whitespace and tabs. 2008-02-07 21:45:05 +00:00
brectanus
85e0b4d969 Add parens for clarity. 2008-01-22 06:53:30 +00:00
brectanus
9fb03d277d Fixing code based on review comments...
Cleaned up what vars are cacheable.
Added parens around "*foo++" where it clarified the operation to be "*(foo++)".
Added " at VARNAME" to operator matches where needed.
Escaped var->name in the var generation (user-supplied data).
Marked a bunch of TODOs as ENHs instead.
Transformed some C++ style comments to C style.
Removed the %0-9 macros code which was commented out.
Optimized some ctl action code so that multiple ifs are else ifs.
Implemented some error messages marked as ENH.
Make commented out acmp debugging a configure-time option.
Cleanup GEO debug log messages.
Added relative filename support for geo dbs.
Added help text to Sec* directives.
2008-01-18 00:47:30 +00:00
brectanus
b5033e6e29 It is 2008 now :) 2008-01-11 00:00:31 +00:00
brectanus
a6c2d867f4 Improvements to audit logging matching rules. See #93. 2007-11-30 21:31:12 +00:00
brectanus
dcdce0cbc5 Added matching rules to audit log data. See #93. 2007-11-30 00:52:21 +00:00
ivanr
fd5e4fb32c Fix bugs introduced by the recent change to audit logging. 2007-11-29 11:09:38 +00:00
ivanr
4a08d7e6bf Handle out-of-disk-space conditions gracefully when writing to audit log. 2007-11-27 10:52:14 +00:00
brectanus
e47fdeb420 Changed %p formatter to APRs %pp (wish that was documented).
Marked msr_log() as a printf style function so GNU compiler can check formatting types.
Fixed a few other warnings with msr_log() formatters.
2007-11-26 22:53:51 +00:00
ivanr
b163864ba7 Implemented SecComponentSignature. 2007-11-26 16:05:56 +00:00
ivanr
e467d3cac0 Unified messages in the error log and in the audit log. 2007-11-26 15:39:37 +00:00
brectanus
aff6900539 Initial full pass through code to fix issues with 64-bit/mismatch sign/mismatch size printf style formatters.
Still need to look more into how we are handling time and convert to apr_time_t (or time_t) where appropriate.
Still need to look into our use of 'long' as windows is LLP64 where 'long' is still 32-bit.
2007-11-15 19:09:14 +00:00
brectanus
fe1021e369 More cleanup of error messages and marking as relevant. See #4. 2007-09-28 20:02:02 +00:00
brectanus
63a47c370e Prefer %d string formatter to %i so we do not get warnings on some platforms. 2007-09-27 21:34:29 +00:00