c3c822ea01
Revert r1205 as it was fixed in mod_jk upstream.
2008-09-17 16:54:31 +00:00
7b0e71f929
CHANGES text describing when REQUEST_BODY is populated was not accurate.
2008-09-17 10:59:11 +00:00
3848ff5b36
Worked around mod_jk issue where a 401 response was not including the WWW-Authentication header (MODSEC-16).
2008-09-15 19:51:06 +00:00
309510d70b
Change from ctl:requestBodyBuffering to ctl:forceRequestBodyVariable.
2008-09-10 17:11:20 +00:00
f20059b009
Make sure we fail to validate DTD/schema after a parsing error. Fixes MODSEC-5.
2008-09-03 22:16:42 +00:00
34798e9abe
Allow ability to force request body buffering to memory. Fixes MODSEC-2.
2008-09-03 20:42:28 +00:00
139d651bbf
Updated the CHANGES.
2008-09-03 18:06:14 +00:00
20cc395510
Added mlogc source.
2008-09-02 23:10:36 +00:00
d419a21682
Update CHANGES.
...
Sync up docs.
2008-08-15 20:25:27 +00:00
10713fbd37
Sync up branches/2.5.x and trunk.
2008-07-31 22:36:24 +00:00
ae40b8c213
Implemented cssDecode.
2008-07-16 13:08:12 +00:00
e6e06bff72
Update trunk CHANGES with 2.5.5 release.
2008-07-07 15:47:49 +00:00
f072738c82
Remove an extraneous debug statement and update version date.
2008-06-05 17:29:29 +00:00
83ff6c4796
Re-enable error output filter with a fix after more testing/tracing of code. See #498 .
...
Update versions to ready for release of 2.5.5.
2008-06-03 20:28:05 +00:00
16acbe4949
Fixed issue where logging was not occuring unless "auditlog" was enabled. See #497 , #4 , #451 and #445 .
2008-06-02 23:34:31 +00:00
f2449c6f35
Enable "auditlog" action by default. See #445 and #451 .
2008-06-02 23:31:27 +00:00
0c95f9c644
Backport fix to improve request body processing error messages. See #504 .
2008-05-30 20:16:34 +00:00
4d2fa2741c
Backported changeset:1056 to 2.5.x which handles a lacking new line after the final multipart boundary. See #502 .
2008-05-30 20:07:47 +00:00
6241dfe961
Fixed XML multithreading crash. See #501 .
2008-05-30 20:01:44 +00:00
0c1f2f2e09
Fixed blocking in phase 3 by reverting changeset:591 (for now). See #65 and #498 .
2008-05-30 19:31:22 +00:00
f394c6faa2
Add atomic updates for persistent counters. See #20 .
2008-05-13 00:05:02 +00:00
8f7b861d94
Added mod_rpaf-2.0 and mod_custom_header to the beforeme list.
2008-05-09 15:50:17 +00:00
ec19e25171
Update changes with 2.5.4 release.
2008-05-09 15:48:57 +00:00
cfeb3b9769
Update CRS to 1.6.1. See #484 .
2008-04-24 16:48:08 +00:00
06eeb7ef04
Fixed crash if a persistent variable name was more than 126 characters. See #478 .
2008-04-24 16:40:14 +00:00
5735d5fc63
Fixed issue where the exec action may not be able to execute shell scripts. See #475 .
2008-04-24 16:30:58 +00:00
b4f473f87f
Expand macros in expirevar and deprecatevar. See #477 .
...
Cleaned up debug logs in actions.
Warn on mismatched curly braces in macro expansion.
2008-04-24 16:23:35 +00:00
070e0bb0c6
Update CHANGES with current releases.
2008-04-11 20:10:27 +00:00
563a8e0f0c
Fixed issue where the exec action may not be able to execute shell scripts. See #475 .
2008-04-11 20:05:44 +00:00
c50e5b0b38
Update versions for release.
2008-04-02 16:10:47 +00:00
aa6be1614e
Make sure all filehandles are closed at the end of a trasaction. See #464 and #465 .
...
Fixes a few typos in some error messages when we are over the limits.
2008-03-28 20:00:37 +00:00
5f09dbb3ee
Sync up trunk with changes from 2.5.x.
2008-03-28 17:06:44 +00:00
1fbf0c97f2
Update CHANGES, versions and dates for 2.5.0.
2008-02-15 22:51:01 +00:00
8cf74f5c91
Update version dates.
...
Fix a small typo in Lua example: nil, not null.
2008-02-14 22:16:21 +00:00
f00e15cc0a
More updates for Windows builds suggested by Tom Donovan at apachelounge.
2008-02-13 18:10:04 +00:00
cc2110b187
Updates to build on Windows with MS VC++ 8.
2008-02-13 07:10:54 +00:00
20bc34a53f
Update core rules to 1.6.0-rc3.
2008-02-11 22:57:54 +00:00
731ac3321b
Update version date for 2.5.0-rc3.
2008-02-11 22:49:08 +00:00
94f617ae1c
Update CHANGES and release dates.
2008-02-09 01:22:01 +00:00
45e85e4c89
Update CHANGES and version dates.
2008-02-08 01:24:46 +00:00
fd8f4e319f
Update CHANGES and versions for 2.5.0-rc3.
2008-02-05 00:55:16 +00:00
4535b2e67b
Cleanup CHANGES and set release dates for 2.5.0-rc2.
2008-01-29 16:36:36 +00:00
52ccced72b
Cleanup building actionsets and use minimal default. See #445 .
...
Fully resolve all rules before logging.
2008-01-25 04:52:49 +00:00
946a350043
Fixed removing cained rules with ctl action.
2008-01-24 22:39:13 +00:00
f8adea949c
Implemented SecUploadFileMode. See #448 .
2008-01-24 22:10:37 +00:00
a3584993f5
Implement "block" pseudo-action. See #441 .
2008-01-24 05:16:35 +00:00
9dbc7807d9
Remove query string from error log. See #447 .
2008-01-23 18:12:59 +00:00
c72057bc57
Cleanup CHANGES.
2008-01-22 06:59:06 +00:00
18e9ef0808
Remove default transformations. See #445 .
2008-01-22 05:50:42 +00:00
0d24a08f33
Implemented SecRuleUpdateActionById. See #442 .
2008-01-19 02:23:41 +00:00
9fb03d277d
Fixing code based on review comments...
...
Cleaned up what vars are cacheable.
Added parens around "*foo++" where it clarified the operation to be "*(foo++)".
Added " at VARNAME" to operator matches where needed.
Escaped var->name in the var generation (user-supplied data).
Marked a bunch of TODOs as ENHs instead.
Transformed some C++ style comments to C style.
Removed the %0-9 macros code which was commented out.
Optimized some ctl action code so that multiple ifs are else ifs.
Implemented some error messages marked as ENH.
Make commented out acmp debugging a configure-time option.
Cleanup GEO debug log messages.
Added relative filename support for geo dbs.
Added help text to Sec* directives.
2008-01-18 00:47:30 +00:00
31e3ada844
Fixed phase 5 rules not being excludable.
2008-01-08 20:45:54 +00:00
badb2791f1
Initial 'configure' based compilation (buildconf generates configure script).
2008-01-02 21:32:10 +00:00
2068357af8
Added m.getvars() and finalised Lua support.
2007-12-21 12:50:03 +00:00
59685455d9
Update core rules to 1.5.1.
2007-12-20 17:01:12 +00:00
b9a28882b2
Enhanced allow.
2007-12-17 11:22:47 +00:00
5bd9e0640f
Add CHANGES entry. See #425 .
2007-12-15 00:57:21 +00:00
3c4eacf6f1
Update Core Rules to those in 2.1.4.
2007-12-14 23:23:46 +00:00
4602f7d908
Remove tabs from CHANGES.
2007-12-14 22:52:29 +00:00
9136d391d3
Forgoten CHANGES entry for last commit.
2007-12-14 22:50:01 +00:00
515290434c
Add 2.1.4 changes to trunk CHANGES.
2007-12-14 20:22:54 +00:00
f68f0156c3
Cleanup CHANGES.
2007-12-14 20:20:18 +00:00
5065852dfe
More efficient collection persistance and deletion on retrieval. See #345 and #426 .
2007-12-14 19:53:23 +00:00
aa68fff104
Fixed decoding \9 with t:escapeSeqDecode. See #423 .
2007-12-14 00:30:25 +00:00
8aa31fd099
Change jsDecodeuni to jsDecode which also decodes all the other JS escapes. See #193 .
2007-12-14 00:19:46 +00:00
b0de659133
Added t:jsDecodeUni handling unicode similar to t:urlDecodeUni. See #193 .
2007-12-13 00:58:02 +00:00
cbf79d43ba
Update version to ready for 2.5.0-rc1.
2007-12-12 23:08:14 +00:00
54cac6461b
Add IS_NEW and IS_EXPIRED collection variables. See #345 .
2007-12-12 22:52:08 +00:00
715a8eae58
Implement SecMarker. See #416 .
2007-12-11 17:53:50 +00:00
a6c2d867f4
Improvements to audit logging matching rules. See #93 .
2007-11-30 21:31:12 +00:00
dcdce0cbc5
Added matching rules to audit log data. See #93 .
2007-11-30 00:52:21 +00:00
ff12e6f1c0
Remove comment that is not needed.
2007-11-29 18:10:54 +00:00
526bcc0b5a
More informative change log message for fixing utf-8 validation.
2007-11-29 14:50:54 +00:00
c5c759d6f0
Forgot to update CHANGES.
2007-11-29 14:03:05 +00:00
575e86388a
Implemented SecRequestBodyNoFilesLimit ( #103 ).
2007-11-29 11:41:48 +00:00
4a08d7e6bf
Handle out-of-disk-space conditions gracefully when writing to audit log.
2007-11-27 10:52:14 +00:00
1860e2a35e
Renamed SecGeoLookupsDb to SecGeoLookupDB.
2007-11-26 17:04:42 +00:00
6ca5b831fb
Document SecComponentSignature. Update CHANGES.
2007-11-26 16:22:33 +00:00
e45ea12fc8
Fix warnings on Solaris and/or 64bit builds.
2007-11-02 22:31:47 +00:00
8e99090067
Add the input filter if we have read the body (even if a sub-request). See #335 .
2007-10-17 22:41:37 +00:00
9d49adf028
Basic implementation of skipAfter (still need to implement placeholders so it works with removed rules). See #258 .
2007-10-17 19:59:28 +00:00
974298a76c
Added ctl:ruleRemoveById action. See #259 .
2007-10-17 19:11:47 +00:00
b784e6cb73
Change from TX:LAST_MATCHED_VAR_NAME to MATCHED_VAR. See #123 .
2007-10-03 00:23:46 +00:00
83a7886071
Now use memcmp() vs strncmp() in string comparison operators since we already short-circuit when the match will not fit in the target.
...
Added @containsWord. See #182 .
2007-10-02 18:50:35 +00:00
da1399f0b8
Added TX:LAST_MATCHED_VAR_NAME. See #123 .
2007-10-01 22:35:52 +00:00
9d4965b29e
Fix macro expansion in setvar. See #126 .
2007-10-01 17:24:10 +00:00
fe1021e369
More cleanup of error messages and marking as relevant. See #4 .
2007-09-28 20:02:02 +00:00
f3a8854fe9
Mark any error conditions/alerts as 'relevant'.
...
Clean up/add error messages where this can happen.
2007-09-27 21:18:23 +00:00
5022ddcadf
Cleanup more subrequest code.
...
Do not run with subrequests in phase 3-4.
Still need to look at phase 5 to see what I can cleanup there.
See #135 .
2007-09-26 21:46:06 +00:00
86c9a9bf1f
Cleanup CHANGES.
2007-09-26 21:39:45 +00:00
72f8149338
Do not process subrequests in phase 2. See #135 .
2007-09-26 18:03:08 +00:00
426ce1aea7
Fixed deprecatevar. See #59 .
2007-09-25 21:40:04 +00:00
9ed3cf9e5a
Added support for partial response body processing.
2007-09-21 23:23:11 +00:00
59333a6a81
Update CHANGES.
2007-09-21 22:15:12 +00:00
eb6b456f5b
Fix potential buffer overrun by 1 byte in base64Decode caused by bad docs from APR-Util. See #255 .
2007-09-21 00:20:31 +00:00
ad940d1ff9
Partially corrected the filter error code. See #3 .
2007-09-14 23:01:58 +00:00
53011819d4
Cleanup some doc formatting.
...
Prepare trunk for use as 2.5.0-devN tree.
2007-09-14 21:41:34 +00:00
1e603d8a3e
Detect and use new API calls to get the server version/banner when available.
2007-09-11 18:01:28 +00:00
70e8246ae4
Update CHANGES.
2007-08-21 23:47:06 +00:00
e275162463
Quiet "warning: int format, pid_t arg" type warnings.
2007-08-13 17:49:37 +00:00
32905f9d46
Add ability to compile without API support (-DNO_MODSEC_API). See #198 .
2007-08-10 00:46:04 +00:00
f4389c9a55
Update docs and CHANGES for logdata action.
2007-08-10 00:44:20 +00:00
648037fdb5
Added TX_SEVERITY variable. See #60 .
2007-08-08 22:11:02 +00:00
d2fd881c00
Fix typo in CHANGES.
2007-08-08 20:53:00 +00:00
f41c27a28c
Added ARGS_GET, ARGS_POST, ARGS_GET_NAME, ARGS_POST_NAMES variables. See #136 .
2007-08-08 20:49:51 +00:00
fe8c564ed0
Added MODSEC_BUILD variable. See #38 .
2007-08-08 18:25:03 +00:00
5a6ce01429
Added logging of target variable expansion. See #62 .
2007-08-08 14:48:49 +00:00
9695f2b816
Improvements in transformation cache (add options, document).
...
Update CHANGES.
2007-08-03 20:25:30 +00:00
b761c1c01c
Merge in some doc changes.
...
Fix some doc formatting issues.
Update the CHANGES file.
2007-08-02 20:40:37 +00:00
3e5e2a06b7
Stricter validation for @validateUtf8Encoding.
...
Capture the match in TX:0 when using "capture" action w/@pm operators.
2007-07-31 19:04:07 +00:00
7fbf664ec8
Added cygwin to list of compilers that do not support hidden visibility attribute.
2007-07-02 14:49:56 +00:00
698955aae1
Update changes to reflect the 2.2 -> 2.5 change.
2007-06-21 15:45:21 +00:00
19887f9cc6
Added @within string comparison operator with support for macro expansion. See #134 .
2007-06-21 02:21:06 +00:00
b58efb3466
Update CHANGES.
...
Reversion from 2.2. to 2.5.
Update @pmFromFile to base relative filenames off of rule file path.
2007-06-20 19:58:01 +00:00
efe52d4e77
Initialize rules tmp pool properly.
...
Update to latest core rules.
2007-06-14 18:48:35 +00:00
81d0f84ad3
Update copyright text to Breach Security, Inc.
...
Merge in changes from branches/2.1.x
2007-06-14 16:05:45 +00:00
6350e2badc
Do not log alert message for subrequests. See #124 .
...
Cleanup CHANGES.
2007-06-11 21:28:03 +00:00
11456dd87a
Use pmFromFile instead of pmfile and p=phrase instead of parallel in docs. See #16 .
2007-06-04 20:16:48 +00:00
e5c00d156a
Added rule file/line to audit log messages. See #49 .
2007-06-01 15:32:08 +00:00
84c0ca303e
Fixed patch for subrequests to be more complete. See #124 .
2007-05-31 15:42:42 +00:00
e887faac2b
Add @pm/@pmfile operators (parallel patch). See #16 .
2007-05-30 22:02:35 +00:00
f53c4241fd
Add entry to CHANGES.
2007-05-30 16:13:22 +00:00
af6160b9c4
Fixed problem with subrequests not being intercepted. See #124 .
2007-05-30 14:14:00 +00:00
a1a0c24b88
Do not compile on Solaris with visibility attributes.
2007-05-23 16:04:25 +00:00
a627e96c75
Lessen "capture" debug log messages.
2007-05-17 12:02:59 +00:00
eaa8e444dd
Fixed decoding full-width unicode in t:urlDecodeUni for ASCII range 0xFF01-0xFF5E. Probably need more work/testing. (See #122 )
2007-05-16 20:09:28 +00:00
e03ea11f9a
Only calculate debug data when we are debugging.
2007-05-16 19:48:21 +00:00
b60f206976
Remove use of GNU extention strnlen().
...
Fix CHANGES.
2007-05-16 19:37:27 +00:00
a68eb04884
Add geo lookup support. See #22 .
2007-05-11 16:14:11 +00:00
2733cc739a
Do not try to intercept a request after a failed rule. (See #53 )
2007-05-10 04:28:37 +00:00
c0c5d8d894
Removed extraneous symbols from dso via DSOLOCAL.
2007-05-03 16:17:42 +00:00
fca9eabafe
Merged the PDF XSS protection functionality into ModSecurity.
2007-05-03 12:09:24 +00:00
c559f3ee21
Change @eq to @streq. See #54 .
2007-05-03 03:41:29 +00:00
2aa6e61605
Exported API for registering custom variables. See #120 .
...
Simple example in api/mod_var_remote_host_port.c
2007-05-03 03:26:30 +00:00
fa13b02f7f
Updated the CHANGES file with the RESPONSE_* variable changes.
2007-05-02 11:23:21 +00:00
e0a8602929
Added experiemental support for content injection.
2007-05-02 11:22:09 +00:00
3f7fc7c758
Added string comparison operators: @contains, @is, @beginsWith and @endsWith with support for macro expansion. See #54 .
2007-05-01 22:00:34 +00:00
0a1610f850
More debug log enhancements - quote values to easier see whitespace.
2007-05-01 21:52:47 +00:00
a3c3f25ae0
Fix macro expansion. See #118 .
...
Fix some debug log output to escape NULs properly in preparation for #54 .
Up version to prepare for 2.2.0 pre-releases.
2007-05-01 21:36:24 +00:00
b93eef9db3
Added t:length to transform a value to its character length. See #55 .
2007-05-01 15:59:52 +00:00
5482606c37
Added t:trimLeft, t:trimRight, t:trim to remove whitespace from a value on the left, right or both. (see trac #117 )
2007-05-01 15:55:35 +00:00
d9a26780ab
Add SecAuditLog2 directive (trac #102 )
2007-04-25 20:46:23 +00:00
82fdc7cf3f
Format CHANGES to add space before '*'
2007-04-05 17:43:22 +00:00
51a5418b4b
Update changes to reflect merges into 2.1.x branch
2007-04-05 15:13:22 +00:00
00dcb2714f
Add the PCRE_DOLLAR_ENDONLY option when compiling regular expression for the @rx operator and variables. (trac #57 )
2007-04-05 01:54:03 +00:00
9e669fcc78
Better CHANGES entry. (trac #43 )
2007-03-27 17:47:15 +00:00
383119a147
Really set PCRE_DOTALL option when compiling the regular expression for the @rx operator as the docs state. (trac #51 )
2007-03-27 17:22:35 +00:00
f6de76b053
Removed CGI style HTTP_* variables in favor of REQUEST_HEADERS:Header-Name. (trac #23 )
2007-03-27 17:18:21 +00:00
485c664a42
Enhance debug log output for capturing to detect all regex/capture mismatches (trac #21 ).
2007-03-27 17:13:42 +00:00
891859f9c5
Revert back to using captured regex execution as it seems to be more effecient as the ovector can be used for working space even if it is not used for captures.
...
Warn when captures are used in the regex, but "capture" not specified.
2007-03-27 15:32:53 +00:00
brectanus
ivanr