github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,357 Commits 55 Branches 109 Tags
Commit Graph

2357 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
9245369a54
Adds support to action CtlRuleRemoteTargetByTag 2016-10-25 15:43:50 -03:00
Felipe Zimmerle
730d7dbd28
Cosmetic: Coding style fixes. 2016-10-24 10:07:01 -03:00
Felipe Zimmerle
8757840bc3
Refactoring on the operators: negation is now being handled globally 
Other minors changes were also made, including adding the prefix `m_'
to all the members of the class.
 2016-10-19 10:30:26 -03:00
Abhi Joglekar
28a44b966a
SecLang uses RESPONSE_STATUS as variable, not STATUS 
Seclang uses RESPONSE_STATUS as variable to encode the status code for the
request.
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#RESPONSE_STATUS

The CRS v3.0.0-dev rules, for instance, uses the RESPONSE_STATUS variable.
https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.0.0-dev/rules/RESPONSE-50-DATA-LEAKAGES-IIS.conf

When processing response headers, the variable was named STATUS when creating/storing
it in the collection. Fix it, and update regression testcases.
 2016-10-18 21:30:06 -03:00
Felipe Zimmerle
678a97d0f7
Refectoring on the DebugLog mechanism 
The DebugLog implementation was modified to use shared memory
to keep the information about the opened files and file handles.
The modification was necessary to avoid race-conditions. This
commit also closes the issue SpiderLabs/ModSecurity-nginx#17
 2016-10-18 18:43:51 -03:00
Felipe Zimmerle
f3bbcfc7ef
Removes SecDebugLog directive from the test cases 2016-10-18 18:23:35 -03:00
Felipe Zimmerle
8ac15e2915
Removes wrong test case: there is not transformation ge 2016-10-18 18:16:02 -03:00
Alexey Zelkin
4e3a599f68
Add hack to fix MacOS X build 2016-10-17 10:39:44 -03:00
Robert Paprocki
049f1abb62
Fix compilation error 
lmdb.cc fails to compile following commit c680ddf.
 2016-10-07 19:07:14 -03:00
Felipe Zimmerle
b48e4b3a37
refactoring: Moves Phases enum to outside ModSecurity class 2016-10-07 19:05:50 -03:00
Felipe Zimmerle
c680ddf2cd
Refactoring on rulesProperties class 
Among of other things the merge process was improved to detect if
certain properties were set on the origin rule set.
 2016-10-05 12:01:15 -03:00
Andrei Belov
ae8698d8cf
Makes JIT support in PCRE to be optional 
In particular, this change allows to build libmodsecurity on some old
but still supported systems such as RHEL/CentOS 6.
 2016-09-26 14:50:31 -03:00
Felipe Zimmerle
13b6a3ecf6
Fix: Rules ID are validated during a set merge 
Further info at: #1192
 2016-09-23 16:28:47 -03:00
Felipe Zimmerle
ecd3fd0dc1
build: avoids compilation problems due to non existence of the lmdb.h 
Based on: 56abe98cb8c791812d46c0902b4e742c8c39620e by @phantom-az
 2016-09-22 10:28:45 -03:00
Felipe Zimmerle
8f5c1c3cf6
parser: avoids parser error while loading an empty file 2016-09-22 10:16:00 -03:00
Felipe Zimmerle
5553b2a5b9
Moves web server message to appropriate place and removing the garbage 2016-09-20 22:23:23 -03:00
Felipe Zimmerle
16b8ef98fd
Fix: placed missing variable initialization 2016-09-19 21:18:00 -03:00
Felipe Zimmerle
56cbbeff52
Adjust the phase value between the core and the rules 2016-09-19 21:17:03 -03:00
Felipe Zimmerle
115afffe33
Cosmetic: Limit the matched log size 2016-09-14 16:29:57 -03:00
Felipe Zimmerle
a1a1c71d6b
Makes LMDB support optional 2016-09-13 09:51:03 -03:00
Felipe Zimmerle
0a22f880dd
Adds support to custom operator's message in case of a match 2016-09-12 15:49:20 -03:00
Felipe Zimmerle
ad61838118
Considering collection RULE independent of the case at macro expansion 2016-09-12 15:27:03 -03:00
Felipe Zimmerle
241269eede
Adds missing `nog_log' action 2016-09-12 10:34:45 -03:00
Felipe Zimmerle
c3378ec528
Fix the size of the rules and actions vectors 2016-09-01 00:39:54 -03:00
Felipe Zimmerle
8d84ff6f4d
Accepting both: normalizePath and normalisePath 2016-08-26 16:26:16 -03:00
Felipe Zimmerle
fb0afdb34b
Fix @validateByteRange initialization 2016-08-26 16:21:05 -03:00
Andrei Belov
ed18c73cda include pre-generated parser sources into the distribution 2016-08-16 20:01:53 -03:00
Felipe Zimmerle
062dd17f14 Cosmetics: reducing the compilation warnings 2016-07-29 18:42:20 -03:00
Felipe Zimmerle
0e5f72977e Changes MATCHED_VAR behaviour 
Only cleanup the variable if there wasn't a match within the rule
 2016-07-29 10:40:45 -07:00
Felipe Zimmerle
665df04516 Cosmetics: avoid compilation warnings 2016-07-29 11:29:24 -03:00
Felipe Zimmerle
5febc7b26d Looking for lmdb in the right location under MacOS 2016-07-28 17:40:41 -03:00
Felipe Zimmerle
7f7bd99843
Adds missing file: rules_exceptions 2016-07-22 13:35:05 -03:00
Felipe Zimmerle
f723870f18
Fix case sensitive variable resolution in in memory backend 
Variables are case insensitive
 2016-07-22 13:34:57 -03:00
Felipe Zimmerle
5d64f73817
Makes RULE collection to be resolved inside a macro expansion 2016-07-21 13:09:22 -03:00
Felipe Zimmerle
5514b66145
Adds missing file: rules_exceptions.h 2016-07-19 13:45:02 -03:00
Felipe Zimmerle
52808b6cf0
Allows REQUEST_HEADERS:Content-Type to be null 
If REQUEST_HEADERS:Content-Type is null, REQBODY_ERROR will be marked as "0"
 2016-07-18 21:31:26 -03:00
Felipe Zimmerle
c961373fc1
Adds missing header 2016-07-18 18:03:22 -03:00
Felipe Zimmerle
8416eca98b
Initializes m_maturity in the rule class 
m_maturity was not initialized in one of the constructors of Rule
 2016-07-18 16:19:53 -03:00
Felipe Zimmerle
37079ef668
Adds support to SecRuleRemoveById 2016-07-18 15:02:38 -03:00
Felipe Zimmerle
d781b00f70
Fix the `log' action and the webserver error callback 2016-07-16 15:20:31 -03:00
Felipe Zimmerle
8d9abfb46b
Makes tests output buildbot friendly 2016-07-14 00:20:04 -03:00
Felipe Zimmerle
c0ebd45a68
Reduces bison required version to test it over the buildbots 2016-07-14 00:20:01 -03:00
Felipe Zimmerle
8a135cff9a
Extends the possible names for liblmdb0 2016-07-14 00:19:47 -03:00
Manish Malik
75e2e9d4dc
Fixing multiprocess_c compile error 2016-07-12 22:05:43 -03:00
Felipe Zimmerle
4cf6c714ac
Cosmetics: Fix coding style 2016-07-12 21:59:17 -03:00
Felipe Zimmerle
3615c84ee5
Adds check-coding-style target to our Makefiles 2016-07-12 21:39:07 -03:00
Felipe Zimmerle
f26824bcf4
Adds more suppressions to the cppcheck 2016-07-12 12:52:55 -03:00
Felipe Zimmerle
4078677b7f
Cosmetic changes: applies changes suggested by static analysis 2016-07-12 00:46:12 -03:00
Felipe Zimmerle
247f24c5bb
Removes check-valgrind files after a maintainer-clean 2016-07-11 14:57:25 -03:00
Felipe Zimmerle
46f4b84a07
Removes collections db after maintainer-clean 2016-07-11 14:15:52 -03:00