github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-11-17 01:41:52 +03:00
Code Issues Packages Projects Releases Wiki Activity

Nov_12_2023-Dev

Browse Source
This commit is contained in:
Ned Wright
2023-11-12 18:50:17 +00:00
parent 0869b8f24d
commit 3061342b45
114 changed files with 3627 additions and 1305 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
components/security_apps/waap/waap_component_impl.cc
View File

@@ -41,6 +41,7 @@ using namespace std;
USE_DEBUG_FLAG(D_WAAP);
USE_DEBUG_FLAG(D_WAAP_ULIMITS);
USE_DEBUG_FLAG(D_OA_SCHEMA_UPDATER);
WaapComponent::Impl::Impl() :
pending_response(ngx_http_cp_verdict_e::TRAFFIC_VERDICT_INSPECT),
@@ -90,7 +91,7 @@ WaapComponent::Impl::init(const std::string &waapDataFileName)
reputationAggregator.init();
waapStateTable = Singleton::Consume<I_Table>::by<WaapComponent>();
bool success = waf2_proc_start(waapDataFileName);
if (!success) {
dbgWarning(D_WAAP) << "WAF2 engine FAILED to initialize (probably failed to load signatures). Aborting!";
@@ -162,7 +163,6 @@ WaapComponent::Impl::respond(const NewHttpTransactionEvent &event)
std::string httpMethodStr = event.getHttpMethod();
dbgTrace(D_WAAP) << "start Transaction: " << httpMethodStr << " " << uri << " (REQUEST)";
// See below..
Waf2TransactionFlags &waf2TransactionFlags = waf2Transaction.getTransactionFlags();
waf2TransactionFlags.requestDataPushStarted = false;
@@ -187,9 +187,11 @@ WaapComponent::Impl::respond(const NewHttpTransactionEvent &event)
// Tell waf2 API that request headers started
waf2Transaction.start_request_hdrs();
return pending_response;
}
// Request headers coming
// Should return pending_response to hold the data (not send to upstream)
EventVerdict
@@ -209,6 +211,7 @@ WaapComponent::Impl::respond(const HttpRequestHeaderEvent &event)
dbgWarning(D_WAAP)
<< " * \e[31mNGEN_EVENT: http_header - "
<< "failed to get waf2 transaction, state not exist\e[0m";
return drop_response;
}
IWaf2Transaction& waf2Transaction = waapStateTable->getState<Waf2Transaction>();
@@ -241,6 +244,7 @@ WaapComponent::Impl::respond(const HttpRequestHeaderEvent &event)
// Delete state before returning any verdict which is not pending
if ((verdict.getVerdict() != pending_response.getVerdict()) && waapStateTable->hasState<Waf2Transaction>()) {
finishTransaction(waf2Transaction);
} else {
}
return verdict;
@@ -283,6 +287,7 @@ WaapComponent::Impl::respond(const HttpRequestBodyEvent &event)
return EventVerdict(verdict);
}
// Called when request ends and response starts.
// For WAAP its time to decide and return either "accept_response" or "drop_response"
EventVerdict
@@ -339,7 +344,6 @@ WaapComponent::Impl::respond(const ResponseCodeEvent &event)
}
IWaf2Transaction& waf2Transaction = waapStateTable->getState<Waf2Transaction>();
// TODO:: extract HTTP version from attachment?
static const int http_version = 0x11;