github_mirrors/attachment
3
0
Fork 1
mirror of https://github.com/openappsec/attachment.git synced 2025-06-28 16:41:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

April 21th 2024 update

Browse Source
This commit is contained in:
Ned Wright 2024-04-21 12:25:05 +00:00
parent cc6383b6c1
commit a6300bf2da
4 changed files with 38 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
attachments/nginx/ngx_module/ngx_cp_custom_response.c
View File

@ -209,7 +209,7 @@ ngx_http_cp_finalize_rejected_request(ngx_http_request_t *request)
{
static u_char text_html[] = {'t', 'e', 'x', 't', '/', 'h', 't', 'm', 'l'};
static size_t size_of_text_html = sizeof(text_html);
ngx_int_t res_code, res;
ngx_int_t http_res_code, rc;
ngx_table_elt_t *location_header;
ngx_chain_t out_chain[7]; // http://lxr.nginx.org/source/src/http/ngx_http_special_response.c#0772
int send_response_custom_body = 1;
@ -218,19 +218,19 @@ ngx_http_cp_finalize_rejected_request(ngx_http_request_t *request)
request->keepalive = 0;
res_code = get_response_code();
request->headers_out.status = res_code;
http_res_code = get_response_code();
request->headers_out.status = http_res_code;
request->headers_out.status_line.len = 0;
if (res_code == 0) {
if (http_res_code == 0) {
// Response code was not provided, setting it to NGX_HTTP_CLOSE.
write_dbg(
DBG_LEVEL_WARNING,
"Response code was not provided. Returning default response: %d (NGX_HTTP_CLOSE)",
NGX_HTTP_CLOSE
);
res_code = NGX_HTTP_CLOSE;
request->headers_out.status = res_code;
request->headers_out.status = NGX_HTTP_CLOSE;
rc = NGX_HTTP_CLOSE;
goto CUSTOM_RES_OUT;
}
@ -253,7 +253,7 @@ ngx_http_cp_finalize_rejected_request(ngx_http_request_t *request)
if (location_header == NULL) {
// Failed to allocate header.
write_dbg(DBG_LEVEL_ERROR, "Failed to allocate header");
res_code = NGX_HTTP_CLOSE;
rc = NGX_HTTP_CLOSE;
goto CUSTOM_RES_OUT;
}
@ -263,6 +263,7 @@ ngx_http_cp_finalize_rejected_request(ngx_http_request_t *request)
}
request->keepalive = 1;
rc = NGX_HTTP_TEMPORARY_REDIRECT;
goto CUSTOM_RES_OUT;
}
@ -287,14 +288,14 @@ ngx_http_cp_finalize_rejected_request(ngx_http_request_t *request)
delete_headers_list(&request->headers_out.headers);
write_dbg(DBG_LEVEL_TRACE, "Sending response headers for rejected request");
res = ngx_http_send_header(request);
if (res == NGX_ERROR || res > NGX_OK) {
rc = ngx_http_send_header(request);
if (rc == NGX_ERROR || rc > NGX_OK) {
// Failed to send response headers.
write_dbg(
DBG_LEVEL_DEBUG,
"Failed to send response headers (result: %d). Returning response code: %d",
res,
res_code
rc,
http_res_code
);
goto CUSTOM_RES_OUT;
}
@ -317,12 +318,12 @@ ngx_http_cp_finalize_rejected_request(ngx_http_request_t *request)
}
write_dbg(DBG_LEVEL_TRACE, "Successfully generated web response page for rejected request");
write_dbg(DBG_LEVEL_TRACE, "Sending web response body");
ngx_int_t output_filter_result = ngx_http_output_filter(request, out_chain);
if (output_filter_result != NGX_OK) {
rc = ngx_http_output_filter(request, out_chain);
if (rc != NGX_OK && rc != NGX_AGAIN) {
// Failed to send response body.
write_dbg(DBG_LEVEL_WARNING, "Failed to send web response body");
} else {
write_dbg(DBG_LEVEL_TRACE, "Successfully sent web response body");
write_dbg(DBG_LEVEL_TRACE, "%s web response body sent", rc == NGX_AGAIN ? "Partial" : "Full" );
}
} else {
out_chain[0].buf = ngx_calloc_buf(request->pool);
@ -337,8 +338,8 @@ ngx_http_cp_finalize_rejected_request(ngx_http_request_t *request)
}
CUSTOM_RES_OUT:
ngx_http_finalize_request(request, res_code);
return res_code;
ngx_http_finalize_request(request, rc);
return NGX_DONE;
}
///

2
attachments/nginx/ngx_module/ngx_cp_io.c
View File

@ -323,8 +323,8 @@ handle_custom_web_response(ngx_http_cp_web_response_data_t *web_response_data)
// Setting custom web response title's and body's data.
title.data = (u_char *)web_response_data->response_data.custom_response_data.data;
body.data = (u_char *)web_response_data->response_data.custom_response_data.data + title.len;
uuid.data = (u_char *)web_response_data->response_data.custom_response_data.data + title.len + body.len;
}
uuid.data = (u_char *)web_response_data->response_data.custom_response_data.data + title.len + body.len;
set_custom_response(&title, &body, &uuid, web_response_data->response_data.custom_response_data.response_code);
}

25
attachments/nginx/ngx_module/ngx_cp_utils.c
View File

@ -51,6 +51,7 @@ static char web_response_body[256]; ///< Web response body static buffer.
static ngx_uint_t web_response_uuid_size = 0;
static char web_response_uuid[64]; ///< Web response body uuid buffer.
static char incident[sizeof(web_response_uuid) + 16]; ///< Web response body uuid buffer with incident Id prefix.
static ngx_uint_t add_event_id = 0;
static ngx_uint_t redirect_location_size = 0; ///< Redirect location size.
@ -525,8 +526,11 @@ set_custom_response(const ngx_str_t *title, const ngx_str_t *body, const ngx_str
// Copies the provided variables into their respective response variables.
memcpy(web_response_title, title->data, web_response_title_size);
memcpy(web_response_body, body->data, web_response_body_size);
memcpy(web_response_uuid, "Incident Id: ", strlen("Incident Id: "));
memcpy(web_response_uuid + strlen("Incident Id: "), uuid->data, web_response_uuid_size);
if (web_response_uuid_size >= sizeof(web_response_uuid)) {
web_response_uuid_size = sizeof(web_response_uuid) - 1;
}
memcpy(web_response_uuid, uuid->data, web_response_uuid_size);
web_response_uuid[web_response_uuid_size] = 0;
}
void
@ -540,7 +544,12 @@ set_redirect_response(const ngx_str_t *location, const ngx_str_t *uuid, uint add
// Sets the redirection location data and the web response uuid.
redirect_location_size = location->len;
memcpy(redirect_location, location->data, redirect_location_size);
web_response_uuid_size = uuid->len;
if (web_response_uuid_size >= sizeof(web_response_uuid)) {
web_response_uuid_size = sizeof(web_response_uuid) - 1;
}
memcpy(web_response_uuid, uuid->data, web_response_uuid_size);
web_response_uuid[web_response_uuid_size] = 0;
}
u_char *
@ -579,13 +588,17 @@ get_response_page(ngx_http_request_t *request, ngx_chain_t (*out_chain)[7])
{
ngx_int_t idx;
ngx_chain_t *tmp_next;
size_t incident_prefix_size = strlen("Incident Id: ");
ngx_buf_t *buf[7]; // Title prefix -> Title -> Body prefix -> Body -> UUID prefix -> UUID -> UUID suffix
ngx_str_t title = { web_response_title_size, (u_char *)web_response_title };
ngx_str_t body = { web_response_body_size, (u_char *)web_response_body };
ngx_str_t uuid = { web_response_uuid_size, (u_char *)web_response_uuid };
ngx_str_t uuid = { web_response_uuid_size + incident_prefix_size, (u_char *)incident };
if (web_response_title_size == 0 || web_response_body_size == 0) return NGX_ERROR_ERR;
memcpy(incident, "Incident Id: ", incident_prefix_size);
memcpy(incident + incident_prefix_size, web_response_uuid, web_response_uuid_size);
for (idx = 0; idx < 7; idx++) {
buf[idx] = ngx_calloc_buf(request->pool);
if (buf[idx] == NULL) {
@ -634,7 +647,7 @@ get_response_page_length(void)
total_length += web_response_title_size;
total_length += web_response_body_size;
total_length += web_response_uuid_size;
total_length += strlen("Incident Id: ") + web_response_uuid_size;
return total_length;
}
@ -648,13 +661,13 @@ get_response_code(void)
const char *
get_web_response_uuid(void)
{
return web_response_uuid + strlen("Incident Id: ");
return web_response_uuid;
}
ngx_uint_t
get_web_response_uuid_size(void)
{
return web_response_uuid_size - strlen("Incident Id: ");
return web_response_uuid_size;
}
const char *

1
core/include/attachments/attachment_types.h
View File

@ -24,6 +24,7 @@ enum AttachmentType
NGINX_ATT_ID,
PRELOAD_ATT_ID,
SQUID_ATT_ID,
ENVOY_ATT_ID,
#ifdef __cplusplus
COUNT
#endif