github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,227 Commits 55 Branches 109 Tags
Commit Graph

2227 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
28008be616 Build: Adds /usr/lib64 as possible path for YAJL 
Reported by @LinuxJedi at #1077
 2016-03-18 16:42:15 -03:00
Felipe Zimmerle
d528b8ea6d Build: Looking for YAJL's LD flags instead of CFLAGS 
Original author: @LinuxJedi. Reported at #1077.
 2016-03-18 16:41:22 -03:00
Felipe Zimmerle
e3dd2937e6 Installs the library file in the right path [lib|lib64] 
Fixed the issue reported on #1083:
 - The option --libdir will be respected whenever it is used.
 - The library will be installed at ??/lib64 when needed.
 2016-03-18 16:01:02 -03:00
Felipe Zimmerle
88ca736543 Avoids the installation of test utilities during `make install' 
Those utilities are not interesting for the general usage, most
likekly it will be used by very retrict number of people whom are
likely to compile ModSecurity by their selfs.

This issue was reported on #1083
 2016-03-18 14:26:41 -03:00
Felipe Zimmerle
e0926fee37 Fix parser error while dealing with operator negation 
This patch closes the issue #960
 2016-03-17 18:06:46 -03:00
Felipe Zimmerle
47a62b98bb Saves `MATCHED_VAR' and related before execute the actions 
Actions should have access to the MATCHED_VAR.
 2016-02-18 20:02:28 -03:00
Felipe Zimmerle
778db259cf Treats the keys of the sec language variables as case-insensitive 2016-02-18 19:58:14 -03:00
Felipe Zimmerle
30d9ade192 Fix macro expansion: Now support } and/or }% to close a variable 2016-02-18 19:39:43 -03:00
Felipe Zimmerle
f44143436b Fix parser error on free text operator 2016-02-18 10:11:54 -03:00
Felipe Zimmerle
1f68075a28 Process the logging phase on the benchmark utility 2016-02-17 14:39:10 -03:00
Felipe Zimmerle
1e3cafb734 Fix memory management on the rules' messages (try 2) 2016-02-17 13:32:31 -03:00
Felipe Zimmerle
71970915b1 Using `clear' to clean up lists instead of clean via integration 2016-02-17 12:21:05 -03:00
Felipe Zimmerle
163483e8d4 Fix memory management on the rules' messages 2016-02-16 23:30:14 -03:00
Felipe Zimmerle
ed8b0c85d7 Fix `capture' memory management 
The capture action was implemented before the transaction concept.
While partially ported to use the transaction, some of the elements
were not freed correctly. Now it is fully ported to use the class
Transaction.
 2016-02-16 23:24:15 -03:00
Felipe Zimmerle
e346454374 Fix memory leaks on the collections/variables management 2016-02-16 23:04:11 -03:00
Felipe Zimmerle
49fc1f8b79 Fix memory leak on the benchmark utility 
Now deleting the transaction object even if there is an intervention
 2016-02-16 23:04:07 -03:00
Felipe Zimmerle
8647d63e90 Fix m accuracy initialization inside the Rule class 2016-02-15 15:47:36 -03:00
Felipe Zimmerle
a2ffb36159 Adds "matched" line to the audit logs 2016-02-12 13:28:43 -03:00
Felipe Zimmerle
362b376acb Adds verbose logs to audit logs while deciding or not to save a request 2016-02-12 11:51:33 -03:00
Felipe Zimmerle
77a1dcab9b parser: fix issue with skipAfter action 
Considering \n and/or \r as the end of the token.
 2016-02-11 16:42:39 -03:00
Felipe Zimmerle
049e4eb69d Adds support to the @rbl operator 2016-02-11 14:25:58 -03:00
Felipe Zimmerle
4bdb4ed63a Fix chained rules execution order 2016-02-10 14:29:45 -03:00
Felipe Zimmerle
8143f8ea89 Adds support to the action `maturity' 2016-02-10 13:55:12 -03:00
Felipe Zimmerle
714df8db20 Adds support to the action `accuracy' 2016-02-10 13:35:02 -03:00
Felipe Zimmerle
5a2a81a568 Adds support to the action `ver' 2016-02-10 12:53:22 -03:00
Felipe Zimmerle
77900ed4e2 Fix rules `messages' on the auditlog 2016-02-10 12:03:52 -03:00
Felipe Zimmerle
9474373264 General improvements on audit logs information 
Making actions: msg, logdata, tag and others to work in the same
fashion that they work on ModSecurity v2.x
 2016-02-05 15:19:53 -03:00
Chaim Sanders
31117d7577 Fix error on older systems 2016-01-25 10:15:45 -03:00
Felipe Zimmerle
b9b3e82900 Fix AuditLog parts selection 2016-01-21 15:03:47 -03:00
Felipe Zimmerle
9343942398 Adds mutex around the write operation on the auditlogs 2016-01-20 10:21:21 -03:00
Felipe Zimmerle
b4691aa748 Updates python bindings version 2016-01-18 13:53:17 -03:00
Felipe Zimmerle
b46dc34573 Temporarily disable the HTML ENTITY DECODE transformation 2016-01-18 13:48:00 -03:00
Felipe Zimmerle
a102b5ce2c Improves the method fill the ARGS collection 2016-01-15 10:35:24 -03:00
Felipe Zimmerle
98f45f357a Using a better number generator to avoid conflicts 2016-01-15 09:34:51 -03:00
Felipe Zimmerle
36dfe81da0 Adds YAJL_CFLAGS to the project core 2016-01-15 08:12:40 -03:00
Felipe Zimmerle
fc225ff001 Fix whoAmI() call on Transaction 2016-01-15 08:12:27 -03:00
Felipe Zimmerle
b06eaadac7 Places the classes related to audit log into a separate namespace 2016-01-14 14:29:36 -03:00
Felipe Zimmerle
2830525f89 Adds missing file: script.lua 2016-01-14 12:07:59 -03:00
Felipe Zimmerle
aaf995cc71 Adds missing file: transaction.h and removes assay.cc from git 2016-01-14 12:07:25 -03:00
Felipe Zimmerle
e45ad3b08e Updates Python bindings git hash 2016-01-14 12:03:28 -03:00
Felipe Zimmerle
4db5cc7d26 Refactoring on Transaction class: adding comments and renaming variables 2016-01-14 12:02:59 -03:00
Felipe Zimmerle
6f1e6f37d7 Fix trasanction cleanup on the C API 2016-01-14 09:39:11 -03:00
Felipe Zimmerle
a51e707517 Renames class Assay to Transaction 2016-01-13 15:57:00 -03:00
Felipe Zimmerle
f3fd5d6621 Adds owasp/2 experiemntal rules on the test set for benchmark 2016-01-12 14:24:59 -03:00
Felipe Zimmerle
d780fd6290 Fix the parse to distinguish between @pm content and a variable 
Before this patch the parser was not understanding @pm content that
contains a variable.
 2016-01-12 13:59:27 -03:00
Felipe Zimmerle
702551ed42 Adds support to action `exec' to sec lang parser 2016-01-12 10:57:06 -03:00
Felipe Zimmerle
331df90bab Enables OWASP CRS optional_rules on becnhmark test case 2016-01-12 10:50:38 -03:00
Felipe Zimmerle
923620fbd0 Adds support to the action `allow' in the sec parser 2016-01-12 10:42:36 -03:00
Felipe Zimmerle
7901c2c899 Adds the actions SetSID and SetUID to the seclang parser 2016-01-12 10:34:33 -03:00
Felipe Zimmerle
ab92bed6fa Parser improvement: Supporting variables selection with regex 2016-01-12 09:59:33 -03:00