349 Commits

Author	SHA1	Message	Date
Felipe Zimmerle	cd533e00e7	parser: Adds support to quoted arguments on SecUploadDir	2017-08-16 10:17:51 -03:00
Felipe Zimmerle	b5d0dc2409	paser: Adds support for quoted argument on SecTmpDir	2017-08-16 09:51:56 -03:00
Felipe Zimmerle	5ffc5c1633	parser: Adds support to quoted arguments in asorted configurations	2017-08-16 09:37:34 -03:00
Felipe Zimmerle	9abc37157d	parser: Adds msg: ContentInjection is not yet supported	2017-08-16 09:21:23 -03:00
Felipe Zimmerle	06447ea3d4	parser: Adds support to double quotes on adit logs file	2017-08-16 00:18:06 -03:00
Felipe Zimmerle	c525cbfb20	parser: Adds ability to inform auditlog status without quotes	2017-08-16 00:17:58 -03:00
Felipe Zimmerle	9ee412735d	parser: Improves the reading for the url in the redirect action	2017-08-15 15:18:52 -03:00
Felipe Zimmerle	8c66a1b4c2	Adds support to double quotes on debug logs conf	2017-08-15 14:20:39 -03:00
Victor Hora	53ff0e1a57	Adds initial support to SecHttpBlKey	2017-07-29 00:12:14 -03:00
Felipe Zimmerle	4bec6b0019	Adds support to ctl:ruleEngine	2017-07-27 22:05:10 -03:00
Felipe Zimmerle	e14dc602e5	Adds support to SecRuleUpdateTargetById	2017-07-04 13:13:13 -07:00
Felipe Zimmerle	fba9c20ea1	Adds initial support to SecRuleUpdateTargetByTag	2017-07-03 17:42:34 -07:00
Felipe Zimmerle	508a2b5a4a	Adds sanity check on SecRemoteRules directive input	2017-06-21 19:08:12 -07:00
Felipe Zimmerle	c3a0d8d9bb	Fix collections element selection by regex ... Reported at #1369	2017-06-17 00:11:28 -03:00
Felipe Zimmerle	9cb3f23b50	Adds support to setrsc action	2017-06-09 16:59:04 -03:00
Felipe Zimmerle	e795253ecf	Fix crash on SecRuleRemoveById malformated parameter ... Fix issue #1440	2017-06-06 22:14:13 -03:00
Victor Hora	37868d1534	Add missing feature: t:uppercase transformation	2017-06-02 21:47:54 -03:00
Victor Hora	9d70345d3d	Add missing hexDecode transformation to seclang parser	2017-05-29 22:48:23 -03:00
Felipe Zimmerle	0e05b7bb8a	Avoids to load a directory structure as a rules file	2017-05-02 16:42:22 -03:00
Felipe Zimmerle	c97db2f361	Adds verbose message when a resource is not found. ... Fix #1309	2017-05-02 13:39:37 -03:00
Felipe Zimmerle	6421ff087a	Forces disruptive to be first-rule-only ... ModSecurity version 3 is capable to handle disruptive actions in different rules from the chain. However, lets get it working in the same fashion that we have in version 2.	2017-04-24 21:06:35 -03:00
Felipe Zimmerle	b3c8e97ff7	Parse fix: accepting variables in between quotes	2017-03-30 10:02:36 -03:00
Felipe Zimmerle	e2bd87d07d	Fix minor parser errors	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	d6363607aa	Accept quoted regexp in the collection selection	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	f9552ede2b	Adds missing file	2017-03-06 15:02:01 -03:00
Felipe Zimmerle	e95efa05cc	Fix assorted memory and static analysis errors	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	f2d149fc5f	Extends the direct access model to other collections	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	ca24b6bb06	PoC: Adds support to direct access on ARGS collection	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	c1f11ab4e5	Cosmetics: assorted fixes on the coding style	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	ff65d618e4	Adds missing Makefile.am file	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	ba6b972ca8	Makes global collection allowed to be set by setVar	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	b516cc6de1	Adds operation unset to setVar action	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	e95555132e	Contionuation of 1 time variable patch ... Now we have almost 100% of the transaction variables hosted on the new schema. Variable modifcators (count and exclusion) are not yet supported on the new schema. Notice that setvar is now using the parser.	2017-03-06 15:01:58 -03:00
Felipe Zimmerle	703da3c4f0	Adds PoC about 1-time variable resolution and draft for offset ... There is no need for the variable purely associated with the transaction (transient) be part of collection that demands lookups. Also, those variables will held the concept of offset: The offset from the first byte of the request till the start of the variable.	2017-03-06 15:01:52 -03:00
Felipe Zimmerle	3eccfaf1f6	Disables parser generation on all builds ... The parser generation is now an configure option	2017-03-06 15:01:52 -03:00
Felipe Zimmerle	03d0570e99	Deletes the Rule object in case of a parser failure	2017-03-06 15:01:52 -03:00
Felipe Zimmerle	1aa2a9c01b	Avoids memory leak by cleaning loc stack on Driver's destructor	2017-03-06 15:01:52 -03:00
Felipe Zimmerle	839ac62585	Fix memory leaks in parser failures	2017-03-06 15:01:51 -03:00
Felipe Zimmerle	a6f07f621d	Makes the lexical errors a little bit more verbose	2017-03-06 15:01:51 -03:00
Felipe Zimmerle	5880524db6	cosmetics: Improves the tokens organization	2017-03-06 15:01:51 -03:00
Felipe Zimmerle	808fd23358	Avoids a second initialization of the Audit Log class	2017-03-06 15:01:51 -03:00
Felipe Zimmerle	60402d8b80	Renames defaultActions to m_defaultActions in RulesProperties	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	7927ddda91	Renames rules to m_rules in RulesProperties	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	5086fef492	Fix parser while continuation line is used between var and op	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	59114dd598	Refactoring on the operators parsers (2/2) ... This is the first step towards remove the memory leaks in the parser	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	9cda4c0be0	cosmetics: Having the parser in a better shape regarding operators 1/2	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	15b81d09e7	Refactoring on the transformation classes	2016-12-28 19:53:37 -03:00
Felipe Zimmerle	88fb456a16	Cosmetics: Reduces the static analysis warnings	2016-12-28 17:46:47 -03:00
Felipe Zimmerle	9c7416da97	Refactoring the actions classes	2016-12-28 15:20:06 -03:00
Felipe Zimmerle	2e9a35c358	Refactoring on the audit logs implementation ... Among of other things, it is now supporting shared file locks between different process.	2016-12-14 23:17:28 -03:00