github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,374 Commits 55 Branches 109 Tags
Commit Graph

50 Commits

Author SHA1 Message Date
Felipe Zimmerle
e2af60e765
Expands log_cb to share ruleMessage structure instead text 
Text version still available and it is the default options
 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
4ad3574cf2
Adds offset regression tests and assorted fixes on var's offsets 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
795994bb0e
Adds support to error_log in the regression tests 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
c06daba398
Adds support for curl resource on the regression tests 2017-03-06 15:02:01 -03:00
Felipe Zimmerle
a88dc8efa9
Changes the check script to detect segfaults 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
8bd5f03a3d
Fix memory leak on the regression tests 2016-12-28 20:01:12 -03:00
Felipe Zimmerle
88fb456a16
Cosmetics: Reduces the static analysis warnings 2016-12-28 17:46:47 -03:00
Felipe Zimmerle
64e2927922 Moves debuglog stuff inside the debug_log namespace 2016-12-09 09:52:01 -03:00
Felipe Zimmerle
4ced1d18e0
Using full path in the header inclusion 2016-11-04 14:45:01 -03:00
Felipe Zimmerle
4cf6c714ac
Cosmetics: Fix coding style 2016-07-12 21:59:17 -03:00
Felipe Zimmerle
4078677b7f
Cosmetic changes: applies changes suggested by static analysis 2016-07-12 00:46:12 -03:00
Felipe Zimmerle
df1f7c5e08
Adds support to the RESPONSE_PROTOCOL variable 2016-06-21 10:52:18 -03:00
Felipe Zimmerle
b8bd0c5960
API CHANGE: response status is now set on processResponseHeaders 
That change was needed to move the variable attribution to earliest
as possible. We also have a new field for HTTP_PROTOCOL version used
on the response.
 2016-06-21 09:24:46 -03:00
Felipe Zimmerle
9919026620
Fixes regarding memory management 
Fixes assorted issues identified by valgrind.
 2016-06-16 00:03:57 -03:00
Felipe Zimmerle
f0155e3f32 Adds support to make check 
The regression and unit tests are now integrated with `make check`.
It is possible to use make check -jN to have multiple tests running
in parallel.
 2016-06-14 09:47:41 -03:00
Felipe Zimmerle
a51e707517 Renames class Assay to Transaction 2016-01-13 15:57:00 -03:00
Felipe Zimmerle
2a950a435b Fix various minor bugs in the regression test suite 
Now if a test fails it keep testing the others tests from the same
family. The output was also improved.
 2015-12-10 18:36:20 -03:00
Felipe Zimmerle
b5a43871e6 Changes library namespace from ModSecurity to modsecurity 2015-12-01 10:55:59 -03:00
Felipe Zimmerle
18c862a84a Adds the concept of `resources' to the regression test utility 
If a given resource is not available the test is skipped. Useful
to test operators that depends on 3rd party libraries that may
not be available, for instance: GeoIP.
 2015-11-20 13:39:57 -03:00
Felipe Zimmerle
3c45a57130 Fix regression tests structure : using method instead of protocol 2015-11-18 11:14:49 -03:00
Felipe Zimmerle
95a707964d Warn about parser error during the regression test 2015-10-19 17:18:27 -03:00
Felipe Zimmerle
b0089cfde9 Adds MODSEC_NO_LOGS option to be part of the configure 2015-10-15 15:47:52 -03:00
Felipe Zimmerle
b497091017 Cosmetics: Fix coding style 2015-09-28 16:32:59 -03:00
Felipe Zimmerle
2c39f83b5f Fix the regression test regexp validation 2015-09-24 12:33:37 -07:00
Felipe Zimmerle
d0c215d78b Adds support for the server log integration 2015-09-17 09:01:52 -03:00
Felipe Zimmerle
6782fd0989 Cosmetic: Makes the parser error more verbose on the regression tests 2015-09-16 15:42:59 -03:00
Felipe Zimmerle
c8f91ca856 Adds expected results when a regression test failed due to unexpected debug logs 2015-09-16 15:00:16 -03:00
Felipe Zimmerle
7a468a8fbe Cosmetic: Prints regression test results in a better shape 2015-09-16 13:36:52 -03:00
Felipe Zimmerle
24b7d72666 DebugLogs are now being redirected to the correct files 2015-08-27 15:36:56 -03:00
Felipe Zimmerle
15893e312b Fix regression test and example: checking if rules are loaded ok 
It was checking only the amount of rules loaded, which could be 0 if
only configuration directives are loaded.
 2015-08-25 07:48:37 -03:00
Felipe Zimmerle
fd8578351d Fix segmentation fault in the regression tests 2015-08-25 00:24:28 -03:00
Felipe Zimmerle
fb161a69a9 Removes some warnings by adding missing returns 2015-08-11 13:13:16 -03:00
Felipe Zimmerle
7c406529ed Prints "failed!" for failed test cases 2015-08-10 11:18:35 -03:00
Felipe Zimmerle
17f88f5821 Using libpcre instead of c++11 regex 2015-08-03 13:45:09 -03:00
Felipe Zimmerle
e016b72a8e Handles better the memory utilization 
- Added reference counts to Rule and AuditLog;
- Some memory leaks were removed, including GeoLookup;
- Deal better with parser errors;
- Overriding the AutlogLogWritter destructor.
 2015-07-26 22:51:57 -03:00
Felipe Zimmerle
7ba5c76c78 Returns elegant errors if rules load operation failed 2015-07-25 03:04:57 -03:00
Felipe Zimmerle
b8f7fb441d Adds support to SecRemoteRules and Include directives 
This commit includes a refactoring on important pieces of the parser
to allow it work in a stack fashion. Driver and Rules classes were
simplified and the RulesProperties class was created.
 2015-07-24 22:57:29 -03:00
Felipe Zimmerle
dc0b13ad74 Cosmetic: fix copyright header 2015-07-22 23:03:09 -03:00
Felipe Zimmerle
30b2624ec5 Adds support to parser error 2015-07-22 21:29:15 -03:00
Felipe Zimmerle
5b3fd479fc regression: better format errors, making easy to read the output 2015-07-22 21:29:06 -03:00
Felipe Zimmerle
3f883df763 regression: Sorts test cases by file, making easy to read 2015-07-22 21:28:58 -03:00
Felipe Zimmerle
c9620ac50f Writes audit log in parallel mode 
First version still missing the index among other things
 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
693238b235 Process the log phase independent of disruptive actions 
Disruptive actions was making the log phase to not be processed.
 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
2138dd1369 Adds method setConnectorInformation to ModSecurity class 
For the purpose of log it is necessary for modsecurity to understand which
'connector' is consuming the API.
 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
278b513933 Adds protocol and http version to processUri method's signature 
Protocol and http version will be further used to fill some variables
and the audit log.
 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
2109910848 Adds support to the server ID generation 
The server ID is a sha-1 identifier generated from the mac address of the first
ethernet device plus the server name. The process is the same used by
ModSecurity 2.9
 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
7ea9ff8836 Code cosmetic: Having the code following our coding style 
This commit also update some methods parameters to const.
 2015-07-08 17:33:29 -03:00
Felipe Zimmerle
73154b51a1 Adds processLogging phase to regression tests 
Regression tests was not processing the 'LoggingPhase'. It was stopping in the
'ResponseBodyPhase'. As we are implementing the AuditLogs this phase is now
mandatory.
 2015-07-08 15:17:40 -03:00
Chaim Sanders
f262b404cc Fixed issue #905 that dealt with compilation on c++ 5.x > 2015-07-03 17:00:46 -04:00
Felipe Zimmerle
95cb4c56ab Very first commit: libmodsecurity 
Check the README.md file for further information about the libmodsecurity.
 2015-06-26 14:35:15 -03:00