mirror of
https://github.com/openappsec/attachment.git
synced 2025-06-28 16:41:03 +03:00
May 27 update
This commit is contained in:
Ned Wright
parent
0e2a4b74fc
commit
700c5ef611
@ -271,7 +271,7 @@ ngx_http_cp_req_body_filter_thread(void *_ctx)
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
session_data_p->remaining_messages_to_reply += num_messages_sent;
|
||||
|
||||
@ -308,7 +308,7 @@ ngx_http_cp_req_end_transaction_thread(void *_ctx)
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
|
||||
session_data_p->remaining_messages_to_reply += num_messages_sent;
|
||||
@ -357,7 +357,7 @@ ngx_http_cp_res_header_filter_thread(void *_ctx)
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
|
||||
session_data_p->remaining_messages_to_reply += num_messages_sent;
|
||||
@ -379,7 +379,7 @@ ngx_http_cp_res_header_filter_thread(void *_ctx)
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
|
||||
session_data_p->remaining_messages_to_reply += num_messages_sent;
|
||||
@ -399,7 +399,7 @@ ngx_http_cp_res_header_filter_thread(void *_ctx)
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
session_data_p->response_data.new_compression_type = session_data_p->response_data.original_compression_type;
|
||||
|
||||
@ -421,7 +421,7 @@ ngx_http_cp_res_header_filter_thread(void *_ctx)
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
|
||||
session_data_p->remaining_messages_to_reply += num_messages_sent;
|
||||
@ -468,7 +468,7 @@ ngx_http_cp_res_body_filter_thread(void *_ctx)
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
session_data_p->remaining_messages_to_reply += num_messages_sent;
|
||||
|
||||
@ -485,7 +485,7 @@ ngx_http_cp_res_body_filter_thread(void *_ctx)
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
session_data_p->remaining_messages_to_reply++;
|
||||
}
|
||||
@ -523,7 +523,7 @@ ngx_http_cp_hold_verdict_thread(void *_ctx)
|
||||
if (fail_mode_hold_verdict == NGX_OK) {
|
||||
THREAD_CTX_RETURN_NEXT_FILTER();
|
||||
}
|
||||
THREAD_CTX_RETURN(NGX_ERROR);
|
||||
THREAD_CTX_RETURN(NGX_HTTP_FORBIDDEN);
|
||||
}
|
||||
session_data_p->remaining_messages_to_reply += num_messages_sent;
|
||||
|
||||
|
||||
@ -600,7 +600,7 @@ ngx_http_cp_req_body_filter(ngx_http_request_t *request, ngx_chain_t *request_bo
|
||||
updateMetricField(MAX_REQ_BODY_SIZE_UPON_TIMEOUT, session_data_p->processed_req_body_size);
|
||||
updateMetricField(MIN_REQ_BODY_SIZE_UPON_TIMEOUT, session_data_p->processed_req_body_size);
|
||||
|
||||
return fail_mode_verdict == NGX_OK ? ngx_http_next_request_body_filter(request, request_body_chain) : NGX_ERROR;
|
||||
return fail_mode_verdict == NGX_OK ? ngx_http_next_request_body_filter(request, request_body_chain) : NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
write_dbg(
|
||||
DBG_LEVEL_DEBUG,
|
||||
@ -615,7 +615,7 @@ ngx_http_cp_req_body_filter(ngx_http_request_t *request, ngx_chain_t *request_bo
|
||||
if (!res) {
|
||||
session_data_p->verdict = fail_mode_hold_verdict == NGX_OK ? TRAFFIC_VERDICT_ACCEPT : TRAFFIC_VERDICT_DROP;
|
||||
updateMetricField(HOLD_THREAD_TIMEOUT, 1);
|
||||
return fail_mode_verdict == NGX_OK ? ngx_http_next_request_body_filter(request, request_body_chain) : NGX_ERROR;
|
||||
return fail_mode_verdict == NGX_OK ? ngx_http_next_request_body_filter(request, request_body_chain) : NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
}
|
||||
|
||||
@ -636,7 +636,7 @@ ngx_http_cp_req_body_filter(ngx_http_request_t *request, ngx_chain_t *request_bo
|
||||
session_data_p->verdict == TRAFFIC_VERDICT_ACCEPT ? "accept" : "drop"
|
||||
);
|
||||
updateMetricField(REQ_BODY_THREAD_TIMEOUT, 1);
|
||||
return fail_mode_verdict == NGX_OK ? ngx_http_next_request_body_filter(request, request_body_chain) : NGX_ERROR;
|
||||
return fail_mode_verdict == NGX_OK ? ngx_http_next_request_body_filter(request, request_body_chain) : NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
|
||||
write_dbg(
|
||||
@ -671,7 +671,7 @@ ngx_http_cp_req_body_filter(ngx_http_request_t *request, ngx_chain_t *request_bo
|
||||
session_data_p->session_id,
|
||||
session_data_p->verdict == TRAFFIC_VERDICT_ACCEPT ? "accept" : "drop"
|
||||
);
|
||||
return fail_mode_verdict == NGX_OK ? ngx_http_next_request_body_filter(request, request_body_chain) : NGX_ERROR;
|
||||
return fail_mode_verdict == NGX_OK ? ngx_http_next_request_body_filter(request, request_body_chain) : NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
|
||||
final_res = ctx.res;
|
||||
@ -978,7 +978,7 @@ ngx_http_cp_res_body_filter(ngx_http_request_t *request, ngx_chain_t *body_chain
|
||||
if (was_transaction_timedout(session_data_p)) {
|
||||
// Session was timed out.
|
||||
if (session_data_p->verdict == TRAFFIC_VERDICT_DROP) {
|
||||
return NGX_ERROR;
|
||||
return NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
session_data_p->verdict = fail_mode_verdict == NGX_OK ? TRAFFIC_VERDICT_ACCEPT : TRAFFIC_VERDICT_DROP;
|
||||
fini_cp_session_data(session_data_p);
|
||||
@ -1041,7 +1041,7 @@ ngx_http_cp_res_body_filter(ngx_http_request_t *request, ngx_chain_t *body_chain
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
return ngx_http_next_response_body_filter(request, body_chain);
|
||||
}
|
||||
return NGX_ERROR;
|
||||
return NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
write_dbg(
|
||||
DBG_LEVEL_DEBUG,
|
||||
@ -1080,7 +1080,7 @@ ngx_http_cp_res_body_filter(ngx_http_request_t *request, ngx_chain_t *body_chain
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
return ngx_http_next_response_body_filter(request, body_chain);
|
||||
}
|
||||
return NGX_ERROR;
|
||||
return NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
|
||||
final_res = ctx.res;
|
||||
@ -1100,7 +1100,7 @@ ngx_http_cp_res_body_filter(ngx_http_request_t *request, ngx_chain_t *body_chain
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
return ngx_http_next_response_body_filter(request, body_chain);
|
||||
}
|
||||
return NGX_ERROR;
|
||||
return NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
|
||||
if (ctx.modifications) {
|
||||
@ -1112,7 +1112,7 @@ ngx_http_cp_res_body_filter(ngx_http_request_t *request, ngx_chain_t *body_chain
|
||||
if (fail_mode_verdict == NGX_OK) {
|
||||
return ngx_http_next_response_body_filter(request, body_chain);
|
||||
}
|
||||
return NGX_ERROR;
|
||||
return NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1148,7 +1148,7 @@ ngx_http_cp_res_body_filter(ngx_http_request_t *request, ngx_chain_t *body_chain
|
||||
fini_cp_session_data(session_data_p);
|
||||
return fail_mode_verdict == NGX_OK ?
|
||||
ngx_http_next_response_body_filter(request, body_chain) :
|
||||
NGX_ERROR;
|
||||
NGX_HTTP_FORBIDDEN;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -736,7 +736,6 @@ disconnect_communication()
|
||||
}
|
||||
|
||||
set_need_registration(NOT_REGISTERED);
|
||||
init_attachment_registration_thread();
|
||||
}
|
||||
|
||||
ngx_int_t
|
||||
|
||||
@ -208,7 +208,7 @@ free_list_from_pool(ngx_pool_t *memory_pool, ngx_list_t *list)
|
||||
/// @param[in, out] key_list List of keys to add to the initialized hash table.
|
||||
/// @param[in] initial_data_value_ptr Initial data value pointer.
|
||||
/// @param[in] initial_data_size Initial data size that will be increased if necessary.
|
||||
/// @returns ngx_int_t
|
||||
/// @returns ngx_int_t
|
||||
/// - #NGX_OK.
|
||||
/// - #NGX_ERROR.
|
||||
///
|
||||
@ -407,7 +407,7 @@ split_chain_elem(ngx_chain_t *elem, uint16_t split_index, ngx_pool_t *pool)
|
||||
/// @param[in] data_size Size of the data to be put in NGINX chain.
|
||||
/// @param[in, out] data Data to put into the newly allocates NGINX chain.
|
||||
/// @param[in, out] pool NGINX pool to allocate buffers from.
|
||||
/// @returns
|
||||
/// @returns
|
||||
///
|
||||
ngx_chain_t *
|
||||
create_chain_elem(uint32_t data_size, char *data, ngx_pool_t *pool)
|
||||
@ -929,11 +929,11 @@ init_general_config(const char *conf_path)
|
||||
}
|
||||
|
||||
// Setting fail open/close.
|
||||
fail_mode_verdict = isFailOpenMode() == 1 ? NGX_OK : NGX_ERROR;
|
||||
fail_mode_verdict = isFailOpenMode() == 1 ? NGX_OK : NGX_HTTP_FORBIDDEN;
|
||||
fail_open_timeout = getFailOpenTimeout();
|
||||
|
||||
// Setting fail wait open/close
|
||||
fail_mode_hold_verdict = isFailOpenHoldMode() == 1 ? NGX_OK : NGX_ERROR;
|
||||
fail_mode_hold_verdict = isFailOpenHoldMode() == 1 ? NGX_OK : NGX_HTTP_FORBIDDEN;
|
||||
fail_open_hold_timeout = getFailOpenHoldTimeout();
|
||||
|
||||
// Setting attachment's variables.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user