github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,753 Commits 55 Branches 109 Tags
Commit Graph

198 Commits

Author SHA1 Message Date
Felipe Zimmerle
0c0a9b3083
Accepts component signature between brackets 2016-06-23 23:14:01 -03:00
Felipe Zimmerle
a36b2da86a
Adds support to the STATUS variable 2016-06-20 20:34:39 -03:00
Felipe Zimmerle
56d084a7f4
Adds support the variable rule 
Issue #1016
 2016-06-20 14:03:45 -03:00
Felipe Zimmerle
9919026620
Fixes regarding memory management 
Fixes assorted issues identified by valgrind.
 2016-06-16 00:03:57 -03:00
Alexey Zelkin
cb91af537c
Enforce bison requirement to 3.0.4. 
Previous versions of bison proven to generate broken code which caused to assert() regression
tests of libmodsecurity for clang 3.4 and gcc 4.8.  Upgrading bison to 3.0.4 solved mentioned issues
for FreeBSD 10, CentOS 7, RHEL 7 and Ubuntu 14.
 2016-06-15 23:10:27 -03:00
Felipe Zimmerle
2e3da7ea24 Better support for multipart 
ModSecurity v2.x parser was ported into 3.x branch.

All the multipart related variables should be workbale.
 2016-06-10 09:40:08 -03:00
Felipe Zimmerle
9e5cf2de8e Adds Upload configuration paramters to the libmodsec parser 2016-06-07 14:23:56 -03:00
Felipe Zimmerle
4b9cff3ec7 Partially adds the REMOTE_USER variable support 2016-05-23 11:04:19 -03:00
Felipe Zimmerle
f989ecd5cb Adds support to SecXMLExternalEntity 2016-05-18 17:02:15 -03:00
Felipe Zimmerle
6a7b970fe3 Adds support to ctl:requestBodyProcessor=XML 2016-05-18 10:30:25 -03:00
Felipe Zimmerle
8c714af8e1 Actions refactoring: now there is a clear definiation on the action name 2016-05-17 14:36:59 -03:00
Felipe Zimmerle
1b88947d9b Adds support 'xmlns' action to the libmodsec parser 2016-05-16 18:24:54 -03:00
Felipe Zimmerle
6a40752500 Adds XML variable, xml body request processor and @validateSchema 2016-05-12 11:11:40 -03:00
Felipe Zimmerle
758ecb5d6d Adds support to USER collection, setuid action and USERID variable 
More details on: #1026, #1024, #1048
 2016-05-09 20:27:08 -03:00
Felipe Zimmerle
a2a47798e9 Adds support to the collection SESSION and setsid action 2016-05-06 14:38:04 -03:00
Felipe Zimmerle
8d052853a8 Adds support to https audit log output 
This functionality was built for test only.
 2016-04-04 13:29:15 -03:00
Felipe Zimmerle
f44143436b Fix parser error on free text operator 2016-02-18 10:11:54 -03:00
Felipe Zimmerle
8143f8ea89 Adds support to the action `maturity' 2016-02-10 13:55:12 -03:00
Felipe Zimmerle
714df8db20 Adds support to the action `accuracy' 2016-02-10 13:35:02 -03:00
Felipe Zimmerle
5a2a81a568 Adds support to the action `ver' 2016-02-10 12:53:22 -03:00
Felipe Zimmerle
b06eaadac7 Places the classes related to audit log into a separate namespace 2016-01-14 14:29:36 -03:00
Felipe Zimmerle
d780fd6290 Fix the parse to distinguish between @pm content and a variable 
Before this patch the parser was not understanding @pm content that
contains a variable.
 2016-01-12 13:59:27 -03:00
Felipe Zimmerle
702551ed42 Adds support to action `exec' to sec lang parser 2016-01-12 10:57:06 -03:00
Felipe Zimmerle
923620fbd0 Adds support to the action `allow' in the sec parser 2016-01-12 10:42:36 -03:00
Felipe Zimmerle
7901c2c899 Adds the actions SetSID and SetUID to the seclang parser 2016-01-12 10:34:33 -03:00
Felipe Zimmerle
3acc013e49 Improves the secrules parser 2016-01-11 17:50:35 -03:00
Felipe Zimmerle
decf04d264 Adds support to SecResponseBodyMimeType 2015-12-24 11:55:24 -03:00
Felipe Zimmerle
913e22a77d Adds initial support to initcol action 2015-12-22 12:10:15 -03:00
Felipe Zimmerle
fb3696ac04 Fix a few things to provide an easy interface for script bindings 2015-12-22 11:53:36 -03:00
Felipe Zimmerle
b5a43871e6 Changes library namespace from ModSecurity to modsecurity 2015-12-01 10:55:59 -03:00
Felipe Zimmerle
09a958544d Makes @geoLookup optional depending on the availability of libGeoIP 2015-11-20 11:09:05 -03:00
Felipe Zimmerle
e641c3cc17 Huge improve in the variables resolution time 2015-11-03 22:44:59 -03:00
Felipe Zimmerle
48704c27a9 Removes some memory leaks 2015-10-30 18:59:08 -03:00
Felipe Zimmerle
e54ef72051 Looks for external resources in the same path of the rule 2015-10-06 09:21:30 -03:00
Felipe Zimmerle
5cc9e94505 Splits operator into OPERATOR and FREE_TEXT on sec lang grammar 2015-10-02 12:07:18 -03:00
Felipe Zimmerle
df819dc43b Removes SPACE token form the GRAMMAR 2015-10-02 11:30:05 -03:00
Felipe Zimmerle
54c51e2512 Fix parser shift/reduce problem on state 133 2015-10-02 11:03:04 -03:00
Felipe Zimmerle
03eabd9c12 Fix shift/reduce conflict in the sec lang grammar. 2015-10-01 17:36:18 -03:00
Felipe Zimmerle
941b9e75c4 Adds support to rules with actions without quotes 2015-10-01 14:55:55 -03:00
Felipe Zimmerle
8255ce86ca Adds reference to filename and line number to lexer errors 2015-09-30 14:36:33 -03:00
Felipe Zimmerle
cb9524ffd7 Adds support to collection in the parser 2015-09-29 13:14:36 -07:00
Felipe Zimmerle
9d60dc6df8 Adds macro expansion for all operators 2015-09-16 11:25:07 -03:00
Felipe Zimmerle
23d843259d Fix rule.h include on modsecurity.cc and seclang-parser.yy 2015-09-15 16:05:29 -03:00
Felipe Zimmerle
736183b7f1 Adds ctl:forceRequestBodyVariable to the seclang parser 2015-09-09 22:43:18 -03:00
Felipe Zimmerle
4095ae7b52 Adds action accuracy to the parser 2015-09-09 22:26:35 -03:00
Felipe Zimmerle
1079b5ba54 Adds action maturity to the parser 2015-09-09 22:19:07 -03:00
Felipe Zimmerle
09651baf9a Adds action ver to the seclang parser 2015-09-09 22:10:45 -03:00
Felipe Zimmerle
254b29265e Adds action expirevar to the parser and fix the line counting 2015-09-09 18:31:37 -03:00
Felipe Zimmerle
ee8b886371 Adds parser support to ctl:[auditEngine|ruleEngine] 2015-09-09 17:51:53 -03:00
Felipe Zimmerle
d1fa2cfa7b Parser: Fix redirect action and adds SecRule first line-only comment syle 2015-09-09 15:10:38 -03:00