Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

bunkerweb 1.4.0

Browse Source
This commit is contained in:
bunkerity
2022-06-03 17:24:14 +02:00
parent 3a078326c5
commit a9f886804a
5245 changed files with 1432051 additions and 27894 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
deps/src/ModSecurity/.github/ISSUE_TEMPLATE/bug-report-for-version-2-x.md vendored Normal file
View File

@@ -0,0 +1,46 @@
---
name: Bug report for version 2.x
about: Create a report to help us improve
---
**Describe the bug**
A clear and concise description of what the bug is.
**Logs and dumps**
Output of:
1. DebugLogs (level 9)
2. AuditLogs
3. Error logs
4. If there is a crash, the core dump file.
_Notice:_ Be carefully to not leak any confidential information.
**To Reproduce**
Steps to reproduce the behavior:
A **curl** command line that mimics the original request and reproduces the problem. Or a ModSecurity v3 test case.
[e.g: curl "modsec-full/ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd" or [issue-394.json](https://github.com/SpiderLabs/ModSecurity/blob/v3/master/test/test-cases/regression/issue-394.json)]
**Expected behavior**
A clear and concise description of what you expected to happen.
**Server (please complete the following information):**
- ModSecurity version (and connector): [e.g. ModSecurity v3.0.1 with nginx-connector v1.0.0]
- WebServer: [e.g. nginx-1.15.5]
- OS (and distro): [e.g. Linux, archlinux]
**Rule Set (please complete the following information):**
- Running any public or commercial rule set? [e.g. SpiderLabs commercial rules]
- What is the version number? [e.g. 2018-08-11]
**Additional context**
Add any other context about the problem here.

47
deps/src/ModSecurity/.github/ISSUE_TEMPLATE/bug-report-for-version-3-x.md vendored Normal file
View File

@@ -0,0 +1,47 @@
---
name: Bug report for version 3.x
about: Create a report to help us improve. If you don't know a specific detail or
piece of information leave it blank, if necessary we will help you to figure out.
---
**Describe the bug**
A clear and concise description of what the bug is.
**Logs and dumps**
Output of:
1. DebugLogs (level 9)
2. AuditLogs
3. Error logs
4. If there is a crash, the core dump file.
_Notice:_ Be carefully to not leak any confidential information.
**To Reproduce**
Steps to reproduce the behavior:
A **curl** command line that mimics the original request and reproduces the problem. Or a ModSecurity v3 test case.
[e.g: curl "modsec-full/ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd" or [issue-394.json](https://github.com/SpiderLabs/ModSecurity/blob/v3/master/test/test-cases/regression/issue-394.json)]
**Expected behavior**
A clear and concise description of what you expected to happen.
**Server (please complete the following information):**
- ModSecurity version (and connector): [e.g. ModSecurity v3.0.1 with nginx-connector v1.0.0]
- WebServer: [e.g. nginx-1.15.5]
- OS (and distro): [e.g. Linux, archlinux]
**Rule Set (please complete the following information):**
- Running any public or commercial rule set? [e.g. SpiderLabs commercial rules]
- What is the version number? [e.g. 2018-08-11]
**Additional context**
Add any other context about the problem here.

50
deps/src/ModSecurity/.gitignore vendored Normal file
View File

@@ -0,0 +1,50 @@
*.o
*.lo
*.la
**/Makefile
**/Makefile.in
aclocal.m4
ar-lib
autom4te.cache/
build/libtool.m4
build/ltoptions.m4
build/ltsugar.m4
build/ltversion.m4
build/lt~obsolete.m4
compile
config.guess
config.log
config.status
config.sub
configure
depcomp
.deps
.libs
.dirstamp
src/config.h
src/config.h.in
src/location.hh
src/position.hh
src/stack.hh
src/stamp-h1
/test/rules_optimization
/test/regression_tests
/test/unit_tests
/test-driver
/test/massif.out.*
/test/benchmark/benchmark
/test/benchmark/owasp-v3/
/test/test-cases/regression/*.trs
/test/test-cases/regression/*.log
/test-suite.log
ylwrap
missing
install-sh
libtool
ltmain.sh
examples/simple_example_using_c/test
/tools/rules-check/modsec-rules-check
examples/multiprocess_c/multi
examples/reading_logs_via_rule_message/simple_request
examples/reading_logs_with_offset/read
examples/using_bodies_in_chunks/simple_request

9
deps/src/ModSecurity/.gitmodules vendored Normal file
View File

@@ -0,0 +1,9 @@
[submodule "test/test-cases/secrules-language-tests"]
path = test/test-cases/secrules-language-tests
url = https://github.com/SpiderLabs/secrules-language-tests
[submodule "others/libinjection"]
path = others/libinjection
url = https://github.com/client9/libinjection.git
[submodule "bindings/python"]
path = bindings/python
url = https://github.com/SpiderLabs/ModSecurity-Python-bindings.git

60
deps/src/ModSecurity/.travis.yml vendored Normal file
View File

@@ -0,0 +1,60 @@
dist: trusty
sudo: true
addons:
apt:
packages:
- libfuzzy-dev
- libyajl-dev
- libgeoip-dev
- liblua5.2-dev
- liblmdb-dev
- cppcheck
language: cpp
compiler:
- clang
- gcc
os:
- linux
- osx
env:
- OPTS="--enable-parser-generation $OPTS"
- OPTS="--without-curl $OPTS"
- OPTS="--without-yajl $OPTS"
- OPTS="--without-geoip $OPTS"
- OPTS="--with-lmdb $OPTS"
- OPTS="--without-ssdeep $OPTS"
- OPTS="--without-lua $OPTS"
- OPTS="--without-maxmind $OPTS"
before_script:
- echo $TRAVIS_OS_NAME
- '[ "$TRAVIS_OS_NAME" != osx ] || brew update'
- '[ "$TRAVIS_OS_NAME" != osx ] || brew install cppcheck'
- '[ "$TRAVIS_OS_NAME" != osx ] || brew install libmaxminddb'
- '[ "$TRAVIS_OS_NAME" != osx ] || brew install lmdb'
- '[ "$TRAVIS_OS_NAME" != linux ] || sudo add-apt-repository --yes ppa:maxmind/ppa'
- '[ "$TRAVIS_OS_NAME" != linux ] || sudo apt-get update'
- '[ "$TRAVIS_OS_NAME" != linux ] || sudo apt-cache search maxmind'
- '[ "$TRAVIS_OS_NAME" != linux ] || sudo apt-get install -y libmaxminddb-dev'
script:
- ./build.sh
- ./configure $OPTS
- make parser
- make
#
# Temporarily disabled.
# - make -j$(getconf _NPROCESSORS_ONLN)
# Leading build to crash with parser enabled.
# Not sure why.
#
- make check
- make check-static

4
deps/src/ModSecurity/AUTHORS vendored Normal file
View File

@@ -0,0 +1,4 @@
zimmerle = Felipe Zimmerle <felipe@zimmerle.org>
rbarnett = Ryan C. Barnett <rcbarnett@gmail.com>
csanders-git = Chaim Sanders <chaim@chaimsanders.com>
victorhora = Victor Hora <victorminuto@gmail.com>

409
deps/src/ModSecurity/CHANGES vendored Normal file
View File

@@ -0,0 +1,409 @@
v3.0.4 - 2020-Jan-13
--------------------
- Fix: audit log data omitted when nolog,auditlog
[@martinhsv]
- Fix: ModSecurity 3.x inspectFile operator does not pass
FILES_TMPNAMES parameter to lua engine
[Issue #2204, #2205 - @kadirerdogan]
- XML: Remove error messages from stderr
[Issue #2010 - @JaiHarpalani, @zimmerle]
- Filter comment or blank line for pmFromFile operator
[Issue #1645 - @LeeShan87, @victorhora, @tdoubley]
- Additional adjustment to Cookie header parsing
[@martinhsv]
- Restore chained rule part H logging to be more like 2.9 behaviour
[Issue #2196 - @martinhsv]
- Small fixes in log messages to help debugging the file upload
[Issue #2130 - @airween]
- Fix Cookie header parsing issues
[Issue #2201 - @airween, @martinhsv]
- Fix rules with nolog are logging to part H
[Issue #2196 - @martinhsv]
- Fix argument key-value pair parsing cases
[Issue #1904 - @martinhsv]
- Fix: audit log part for response body for JSON format to be E
[Issue #2066 - @martinhsv, @zimmerle]
- Make sure m_rulesMessages is filled after successfull match
[Issue #2000, #2048 - @victorhora, @defanator]
- Fix @pm lookup for possible matches on offset zero.
[@zimmerle, @afoxdavidi, @martinhsv, @marshal09]
- Regex lookup on the key name instead of COLLECTION:key
[@rdiperri-yottaa, @danbiagini-work, @mmelo-yottaa, @zimmerle]
- Missing throw in Operator::instantiate
[Issue #2106 - @marduone]
- Making block action execution dependent of the SecEngine status
[Issue #2113, #2111 - @theMiddleBlue, @airween]
- Making block action execution dependent of the SecEngine status
[Issue #1960 - @theMiddleBlue, @zimmerle, @airween, @victorhora]
- Having body limits to respect the rule engine state
[@zimmerle]
- Fix SecRuleUpdateTargetById does not match regular expressions
[Issue #1872 - @zimmerle, @anush-cr, @victorhora, @j0k2r]
- Adds missing check for runtime ctl:ruleRemoveByTag
[Issue #2102, #2099 - @airween]
- Adds a new operator verifySVNR that checks for Austrian social
security numbers.
[Issue #2063 - @Rufus125]
- Fix variables output in debug logs
[Issue #2057 - @jleproust]
- Correct typo validade in log output
[Issue #2059 - @nerrehmit]
- fix/minor: Error encoding hexa decimal.
[Issue #2068 - @tech-ozon-io]
- Limit more log variables to 200 characters.
[Issue #2073 - @jleproust]
- parser: fix parsed file names
[@zimmerle]
- Allow empty anchored variable
[Issue #2024 - @airween]
- Fixed FILES_NAMES collection after the end of multipart parsing
[Issue #2016 - @airween]
- Fixed validateByteRange parsing method
[Issue #2017 - @airween]
- Removes a memory leak on the JSON parser
[@zimmerle]
- Enables LMDB on the regression tests.
[Issue #2011, #2008 - @WGH-, @mdunc]
- Fix: Extra whitespace in some configuration directives causing error
[Issue #2006 - @porjo, @zimmerle]
- Refactoring on Regex and SMatch classes.
[@WGH-]
- Fixed buffer overflow in Utils::Md5::hexdigest()
[Issue #2002 - @defanator]
- Implemented merge() method for ConfigInt, ConfigDouble, ConfigString
[Issue #1990 - @defanator]
- Adds initially support to the drop action.
[@zimmerle]
- Complete merging of particular rule properties
[Issue #1978 - @defanator]
- Replaces AC_CHECK_FILE with 'test -f'
[Issue #1984 - @chuckwolber]
- Fix inet addr handling on 64 bit big endian systems
[Issue #1980 - @airween]
- Fix tests on FreeBSD
[Issue #1973 - @defanator]
- Changes ENV test case to read the default MODSECURTIY env var
[Issue #1969 - @zimmerle, @airween, @inittab]
- Regression: Sets MODSECURITY env var during the tests execution
[Issue #1969 - @zimmerle, @airween, @inittab]
- Fix setenv action to strdup key=variable
[@zimmerle]
- Allow 0 length JSON requests.
[Issue #1822 - @allanbomsft, @zimmerle, @victorhora, @marcstern]
- Fix "make dist" target to include default configuration
[Issue #1966 - @defanator]
- Replaced log locking using mutex with fcntl lock
[Issue #1949, #1927 - @Cloaked9000]
- Correct the usage of modsecurity::Phases::NUMBER_OF_PHASES
[Issue #1959 - @weliu]
- Adds support to multiple ranges in ctl:ruleRemoveById
[Issue #1956 - @theseion, @victorhora, @zimmerle]
- Rule variable interpolation broken
[Issue #1961 - @soonum, @zimmerle]
- Make the boundary check less strict as per RFC2046
[Issue #1943 - @victorhora, @allanbomsft]
- Fix buffer size for utf8toUnicode transformation
[Issue #1208 - @katef, @victorhora]
v3.0.3 - 2018-Nov-05
--------------------
- Fix double macros bug
[Issue #1943 - @supplient, @zimmerle]
- Override the default status code if not suitable to redirect action
[Issue #1850 - @zimmerle, @victorhora]
- parser: Fix the support for CRLF configuration files
[Issue #1945 - @zimmerle, @defanator, @kjakub]
- Organizes the server logs
[0xb7c36 and 0x5ac20 - @zimmerle, @steven-j-wojcik]
- m_lineNumber in Rule not mapping with the correct line number in file
[Issue #1844 - @zimmerle, @victorhora, @xizeng]
- Using shared_ptr instead of unique_ptr on rules exceptions
[Issue #1697 - @zimmerle, @brianp9906, @victorhora, @LeSwiss, @defanator]
- Changes debuglogs schema to avoid unecessary str allocation
[0xb2840 - @zimmerle]
- Fix the SecUnicodeMapFile and SecUnicodeCodePage
[0x3094d - @zimmerle, @victorhora]
- Changes the timing to save the rule message
[0xca270 - @zimmerle]
- Fix crash in msc_rules_add_file() when using disruptive action in chain
[Issue #1849 - @victorhora, @zimmerle, @rperper]
- Fix memory leak in AuditLog::init()
[Issue #1897 - @weliu]
- Fix RulesProperties::appendRules()
[Issue #1901 - @steven-j-wojcik]
- Fix RULE lookup in chained rules
[0x3077c - @zimmerle]
- @ipMatch "Could not add entry" on slash/32 notation in 2.9.0
[Issue #849 - @zimmerle, @dune73]
- Using values after transformation at MATCHED_VARS
[0x14316 - @zimmerle]
- Adds support to UpdateActionById.
[Issue #1800 - @zimmerle, @victorhora, @NisariAIT]
- Add correct C function prototypes for msc_init and msc_create_rule_set
[Issue #1922 - @steven-j-wojcik]
- Allow LuaJIT 2.1 to be used
[Issue #1909 - @victorhora, @mdunc]
- Match m_id JSON log with RuleMessage and v2 format
[Issue #1185 - @victorhora]
- Adds support to setenv action.
[Issue #1044 - @zimmerle]
- Adds new transaction constructor that accepts the transaction id
as parameter.
[Issue #1627 - @defanator, @zimmerle]
- Adds request IDs and URIs to the debug log
[Issue #1627 - @defanator, @zimmerle]
- Treating variables exception on load-time instead of run time.
[0x028e0 and 0x275a1 - @zimmerle]
- Fix: function m.setvar in Lua scripts and add testcases
[Issue #1859 - @nowaits, @victorhora]
- Fix SecResponseBodyAccess and ctl:requestBodyAccess directives
[Issue #1531 - @victorhora, @defanator]
- Fix OpenBSD build
[Issue #1841 - @victorhora, @zimmerle, @juanfra684]
- Fix parser to support GeoLookup with MaxMind
[Issue #1884, #1895 - @victorhora, @everping]
- parser: Fix simple quote setvar in the end of the line
[Issue #1831 - @zimmerle, @csanders-git]
- Fix pc file
[Issue #1847 - @gquintard]
- modsec_rules_check: uses the gnu `.la' instead of `.a' file
[Issue #1853 - @ste7677, @victorhora, @zimmerle]
- good practices: Initialize variables before use it
[Issue #1889 - Marc Stern]
- Fix utf-8 character encoding conversion
[Issue #1794 - @tinselcity, @zimmerle]
- Adds support for ctl:requestBodyProcessor=URLENCODED
[Issue #1797 - @victorhora]
- Add LUA compatibility for CentOS and try to use LuaJIT first if available
[Issue #1622 - @victorhora, @dmitryzykov]
- Allow LuaJIT to be used
[Issue #1809 - @victorhora, @p0pr0ck5]
- Implement support for Lua 5.1
[Issue #1809 - @p0pr0ck5, @victorhora]
- Variable names must match fully, not partially. Match should be case
insensitive.
[Issue #1818, #1820, #1810, #1808 - @michaelgranzow-avi, @victorhora,
@theMiddleBlue, @airween, @zimmerle,
@LeeShan87]
- Improves the performance while loading the rules
[Issue #1735 - @zimmerle, @p0pr0ck5, @victorhora]
- Allow empty strings to be evaluated by regex::searchAll
[Issue #1799, #1785 - @victorhora, @XuanHuyDuong, @zimmerle]
- Adds basic pkg-config info
[Issue #1790 - @gquintard, @zimmerle]
- Fixed LMDB collection errors
[Issue #1787 - @airween, @zimmerle]
- Fixed false positive MULTIPART_UNMATCHED_BOUNDARY errors
[Issue #1747, #1924 - @airween, @victorhora, @defanator, @zimmerle]
- Fix ip tree lookup on netmask content
[Issue #1793 - @tinselcity, @zimmerle]
- Changes the behavior of the default sec actions
[Issue #1629 - @mirkodziadzka-avi, @zimmerle, @victorhora]
- Refactoring on {global,ip,resources,session,tx,user} collections
[Issue #1754, #1778 - @LeeShan87, @zimmerle, @victorhora, @wwd5613,
@sobigboy]
- Fix race condition in UniqueId::uniqueId()
[Issue #1786 - @weliu]
- Fix memory leak in error message for msc_rules_merge C APIs
[Issue #1765 - @weliu]
- Return false in SharedFiles::open() when an error happens
[Issue #1783 - @weliu]
- Use rvalue reference in ModSecurity::serverLog
[Issue #1769 - @weliu]
- Build System: Fix when multiple lines for curl version.
[Issue #1771 - @Artistan]
- Checks if response body inspection is enabled before process it
[Issue #1643 - @zoltan-fedor, @dennus, @defanator, @zimmerle]
- Code Cleanup.
[Issue #1757, #1755, #1756, #1761 - @p0pr0ck5]
- Fix setvar parsing of quoted data
[Issue #1733, #1759, #1775 - @victorhora, @JaiHarpalani, @defanator]
- Fix LDFLAGS for unit tests.
[Issue #1758 - @smlx]
- Adds time stamp back to the audit logs
[Issue #1762 - @Pjack, @zimmerle]
- Disables skip counter if debug log is disabled
[@zimmerle]
- Cosmetics: Represents amount of skipped rules without decimal
[Issue #1737 - @p0pr0ck5]
- Add missing escapeSeqDecode, urlEncode and trimLeft/Right tfns to parser
[Issue #1752 - @victorhora]
- Fix STATUS var parsing and accept STATUS_LINE var for v2 backward comp.
[Issue #1738 - @victorhora]
- Fix memory leak in modsecurity::utils::expandEnv()
[Issue #1750 - @defanator]
- Initialize m_dtd member in ValidateDTD class as NULL
[Issue #1751 - @airween]
- Fix broken @detectxss operator regression test case
[Issue #1739 - @p0pr0ck5]
- Fix utils::string::ssplit() to handle delimiter in the end of string
[Issue #1743, #1744 - @defanator]
- Fix variable FILES_TMPNAMES
[Issue #1646, #1610 - @victorhora, @zimmerle, @defanator]
- Fix memory leak in Collections
[Issue #1729, #1730 - @defanator]
v3.0.2 - 2018-Apr-03
--------------------
- Fix lib version information while generating the .so file
[@gl1f1v21, @zimmerle]
v3.0.1 - 2018-Apr-02
--------------------
- Adds support for ctl:ruleRemoveByTag
[@zimmerle, @weliu]
- Fix SecUploadDir configuration merge
[Issue #1720 - @zimmerle, @gjvanetten]
- Include all prerequisites for "make check" into dist archive
[Issue #1716 - @defanator]
- Fix: Reverse logic of checking output in @inspectFile
[Issue #1715 - @defanator]
- Adds support to libMaxMind
[Issue #1307 - @zimmerle, @defanator]
- Adds capture action to detectXSS
[Issue #1698 - @victorhora]
- Temporarily accept invalid MULTIPART_SEMICOLON_MISSING operator
[Issue #1701 - @victorhora]
- Adds capture action to detectSQLi
[Issue #1698 - @zimmerle]
- Adds capture action to rbl
[Issue #1698 - @zimmerle]
- Adds capture action to verifyCC
[Issue #1698 - @michaelgranzow-avi, @zimmerle]
- Adds capture action to verifySSN
[Issue #1698 - @zimmerle]
- Adds capture action to verifyCPF
[Issue #1698 - @zimmerle]
- Prettier error messages for unsupported configurations (UX)
[@victorhora]
- Add missing verify*** transformation statements to parser
[Issue #1006 and #1007 - @victorhora]
- Fix a set of compilation warnings
[Issue #1650 - @zimmerle, @JayCase]
- Check for disruptive action on SecDefaultAction.
[Issue #1614 - @zimmerle, @michaelgranzow-avi]
- Fix block-block infinite loop.
[Issue #1614 - @zimmerle, @michaelgranzow-avi]
- Correction remove_by_tag and remove_by_msg logic.
[Issue #1636 - @Minasu]
- Fix LMDB compile error
[Issue #1691 - @airween]
- Fix msc_who_am_i() to return pointer to a valid C string
[Issue #1640 - @defanator]
- Added some cosmetics to autoconf related code
[Issue #1652 - @airween]
- Fix "make dist" target to include necessary headers for Lua
[Issue #1678 - @defanator]
- Fix "include /foo/*.conf" for single matched object in directory
[Issue #1677 - @defanator, @zimmerle]
- Add missing Base64 transformation statements to parser
[Issue #1632 - @victorhora, @zimmerle]
- Fixed resource load on ip match from file
[#1674 - @zimmerle, @StefaanSeys]
- Fixed examples compilation while using disable-shared
[#1670 - @zimmerle, @ivanbaldo]
- Fixed compilation issue while xml is disabled
[0x243028 - @zimmerle]
- Having LDADD and LDFLAGS organized on Makefile.am
[0xd0e85e - @zimmerle]
- Checking std::deque size before use it
[0x217cbf - @zimmerle, Yaron Dayagi]
- perf improvement: Added the concept of RunTimeString and removed
all run time parser.
[0x3eae51 0x0320e0 0xb5688f 0xfe47a9 0xfa9842 0x1affc3 0x079de4
0xc7c04f 0x5262ea 0x01974a 0xd5ee1e - @zimmerle]
- perf improvement: Checks debuglog level before format debug msg
[0x42ee9 - @zimmerle]
- perf. improvement/rx: Only compute dynamic regex in case of macro
[0x91ff3 - @zimmerle]
- Fix uri on the benchmark utility
[0x63bec - @zimmerle]
- disable Lua on systems with liblua5.1
[Issue #1639 - @victorhora, @defanator]
v3.0.0 - 2017-Dec-13
--------------------
- Improvements on LUA build scripts and support for LUA 5.2.
[Issue #1617 and #1622 - @victorhora, @zimmerle]
- Fix compilation error with disable_debug_log flag
[0xfd84e - Izik Abramov]
- Improvements on the benchmark tool.
[Issue #1615 - @zimmerle]
- Fix lua headers on the build scripts
[Issue #1621 - @Minasu]
- Refactoring on the JSON parser.
[Issue #1576, #1577 - Tobias Gutknecht, @zimmerle, @victorhora, @marcstern]
- Adds support to WEBAPPID variable.
[Issue #1027 - @zimmerle, @victorhora]
- Adds support for SecWebAppId.
[Issue #1442 - @zimmerle, @victorhora]
- Adds support for SecRuleRemoveByTag.
[Issue #1476 - @zimmerle, @victorhora]
- Adds support for update target by message.
[Issue #1474 - @zimmerle, @victorhora]
- Adds support to SecRuleScript directive.
[Issue #994 - @zimmerle]
- Adds support for the exec action.
[Issue #1050 - @zimmerle]
- Adds support for transformations inside Lua engine
[Issue #994 - @zimmerle]
- Adds initial support for Lua engine.
[Issue #994 - @zimmerle]
- Adds support for @inspectFile operator.
[Issue #999 - @zimmerle, @victorhora]
- Adds support for RESOURCE variable collection.
[Issue #1014 - @zimmerle, @victorhora]
- Adds support for @fuzzyHash operator.
[Issue #997 - @zimmerle]
- Fix build on non x86 arch build
[Issue #1598 - @athmane]
- Fix memory issue while changing rule target dynamic
[Issue #1590 - @zimmerle, @slabber]
- Fix log while displaying the name of a dict selection by regex.
[@zimmerle]
- Setting http response code on the auditlog.
[Issue #1592 - @zimmerle]
- Refactoring on RuleMessage class, now accepting http code as parameter.
[@zimmerle]
- Having disruptive msgs as disruptive [instead of warnings] on audit log
[Issue #1592 - @zimmerle, @nobodysz]
- Parser: Pipes are no longer welcomed inside regex dict element selection.
[Issue #1591 - @zimmerle, @slabber]
- Avoids unicode initialization on every rules object
[Issue #1563 - @zimmerle, @Tiki-God, @sethinsd, @Cloaked9000, @AnoopAlias,
@intelbg]
- Makes clear to the user whenever the audit log is empty due to missing
JSON support.
[Issue #1585 - @zimmerle]
- Makes auditlog more verbose on debug logs
[Issue: #1559 - @zimmerle]
- Enable support for AuditLogFormat
Issue: #1583, #1493 and #1453 - @victorhora]
- Adds macro expansion for @rx operator
[Issue: #1528, #1536 - @asterite3, @zimmerle]
- Consideres under quoted variable while loading the rules.
[Felipe Zimmerle/@zimmerle, Victor Hora/@victorhora]
- Store the connection and url parameters in std::string
[Issue: #1571 - @majordaw]
- Eliminate some reorder and sign warnings
[Issue: #1572 - Dávid Major/@majordaw]
- Makes parallel logging to work when SELinux is enabled.
[Issue: #1562 - David Buckle/@met3or]
- Adds possibility to run the pm operator inside a mutex to avoid concurrent
access while working on a thread environment. This option is a compilation
flag.
[Felipe Zimmerle/@zimmerle]
v3.0.0-rc1 - 2017-Aug-28
------------------------
Very first public version.

201
deps/src/ModSecurity/LICENSE vendored Normal file
View File

@@ -0,0 +1,201 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

338
deps/src/ModSecurity/Makefile.am vendored Normal file
View File

@@ -0,0 +1,338 @@
if TEST_UTILITIES
export MAYBE_TEST = test
endif
if EXAMPLES
export MAYBE_EXAMPLES = examples
endif
SUBDIRS = \
others \
src \
doc \
tools \
$(MAYBE_EXAMPLES) \
$(MAYBE_TEST)
# make clean
CLEANFILES =
ACLOCAL_AMFLAGS = -I build
# make maintainer-clean
MAINTAINERCLEANFILES = \
aclocal.m4 \
ar-lib \
build/libtool.m4 \
build/lt~obsolete.m4 \
build/ltoptions.m4 \
build/ltsugar.m4 \
build/ltversion.m4 \
coding-style.txt \
compile \
config.guess \
config.sub \
configure \
cppcheck.txt \
depcomp \
install-sh \
ltmain.sh \
Makefile.in \
missing \
test/modsec-shared-collections \
test/modsec-shared-collections-lock \
test-suite-drd.log \
test-suite-helgrind.log \
test-suite-memcheck.log \
ylwrap
parser:
cat src/parser/seclang-parser.hh | sed "s/return \*new (yyas_<T> ()) T (t)/return *new (yyas_<T> ()) T (std::move((T\&)t))/g" > src/parser/seclang-parser.hh.fix && mv src/parser/seclang-parser.hh.fix src/parser/seclang-parser.hh
cppcheck:
@cppcheck \
--suppressions-list=./test/cppcheck_suppressions.txt \
--enable=all \
--inconclusive \
--template="warning: {file},{line},{severity},{id},{message}" \
--std=posix . 2> cppcheck.txt
cat cppcheck.txt | grep -v "/ lalr1.cc"
check-static: cppcheck
check-style: check-coding-style
check-coding-style:
@cpplint.py \
$$(find . -name "*.h" -o -name "*.cc" | xargs) 2>&1 \
| egrep -v $$(echo -n "catchall" ; \
for i in $$(cat test/coding_style_suppressions.txt); do echo -n "|"$$i; done) \
| sed 's/^\./warning: ./g' > coding-style.txt
-cat coding-style.txt
@VALGRIND_CHECK_RULES@
VALGRIND_SUPPRESSIONS_FILES = valgrind_suppressions.txt
LOG_DRIVER = env $(SHELL) $(top_srcdir)/test/custom-test-driver
AM_TESTS_ENVIRONMENT=AUTOMAKE_TESTS=true; export AUTOMAKE_TESTS;
LOG_COMPILER=test/test-suite.sh
# for i in `find test/test-cases -iname *.json`; do echo TESTS+=$i; done
TESTS=
TESTS+=test/test-cases/regression/action-allow.json
TESTS+=test/test-cases/regression/action-block.json
TESTS+=test/test-cases/regression/action-ctl_request_body_access.json
TESTS+=test/test-cases/regression/action-ctl_request_body_processor.json
TESTS+=test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json
TESTS+=test/test-cases/regression/action-ctl_rule_engine.json
TESTS+=test/test-cases/regression/action-ctl_rule_remove_by_id.json
TESTS+=test/test-cases/regression/action-ctl_rule_remove_by_tag.json
TESTS+=test/test-cases/regression/action-ctl_rule_remove_target_by_id.json
TESTS+=test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json
TESTS+=test/test-cases/regression/action-disruptive.json
TESTS+=test/test-cases/regression/action-exec.json
TESTS+=test/test-cases/regression/action-id.json
TESTS+=test/test-cases/regression/action-initcol.json
TESTS+=test/test-cases/regression/action-msg.json
TESTS+=test/test-cases/regression/action-setenv.json
TESTS+=test/test-cases/regression/action-setrsc.json
TESTS+=test/test-cases/regression/action-setsid.json
TESTS+=test/test-cases/regression/action-setuid.json
TESTS+=test/test-cases/regression/actions.json
TESTS+=test/test-cases/regression/action-skip.json
TESTS+=test/test-cases/regression/action-tag.json
TESTS+=test/test-cases/regression/action-tnf-base64.json
TESTS+=test/test-cases/regression/action-xmlns.json
TESTS+=test/test-cases/regression/auditlog.json
TESTS+=test/test-cases/regression/collection-case-insensitive.json
TESTS+=test/test-cases/regression/collection-lua.json
TESTS+=test/test-cases/regression/collection-regular_expression_selection.json
TESTS+=test/test-cases/regression/collection-resource.json
TESTS+=test/test-cases/regression/collection-tx.json
TESTS+=test/test-cases/regression/collection-tx-with-macro.json
TESTS+=test/test-cases/regression/config-body_limits.json
TESTS+=test/test-cases/regression/config-calling_phases_by_name.json
TESTS+=test/test-cases/regression/config-include-bad.json
TESTS+=test/test-cases/regression/config-include.json
TESTS+=test/test-cases/regression/config-remove_by_id.json
TESTS+=test/test-cases/regression/config-remove_by_msg.json
TESTS+=test/test-cases/regression/config-remove_by_tag.json
TESTS+=test/test-cases/regression/config-response_type.json
TESTS+=test/test-cases/regression/config-secdefaultaction.json
TESTS+=test/test-cases/regression/config-secremoterules.json
TESTS+=test/test-cases/regression/config-update-action-by-id.json
TESTS+=test/test-cases/regression/config-update-target-by-id.json
TESTS+=test/test-cases/regression/config-update-target-by-msg.json
TESTS+=test/test-cases/regression/config-update-target-by-tag.json
TESTS+=test/test-cases/regression/config-xml_external_entity.json
TESTS+=test/test-cases/regression/debug_log.json
TESTS+=test/test-cases/regression/directive-sec_rule_script.json
TESTS+=test/test-cases/regression/issue-1152.json
TESTS+=test/test-cases/regression/issue-1528.json
TESTS+=test/test-cases/regression/issue-1565.json
TESTS+=test/test-cases/regression/issue-1576.json
TESTS+=test/test-cases/regression/issue-1591.json
TESTS+=test/test-cases/regression/issue-1725.json
TESTS+=test/test-cases/regression/issue-1743.json
TESTS+=test/test-cases/regression/issue-1785.json
TESTS+=test/test-cases/regression/issue-1812.json
TESTS+=test/test-cases/regression/issue-1831.json
TESTS+=test/test-cases/regression/issue-1844.json
TESTS+=test/test-cases/regression/issue-1850.json
TESTS+=test/test-cases/regression/issue-1941.json
TESTS+=test/test-cases/regression/issue-1943.json
TESTS+=test/test-cases/regression/issue-1956.json
TESTS+=test/test-cases/regression/issue-1960.json
TESTS+=test/test-cases/regression/issue-2099.json
TESTS+=test/test-cases/regression/issue-2111.json
TESTS+=test/test-cases/regression/issue-394.json
TESTS+=test/test-cases/regression/issue-849.json
TESTS+=test/test-cases/regression/issue-960.json
TESTS+=test/test-cases/regression/misc.json
TESTS+=test/test-cases/regression/misc-variable-under-quotes.json
TESTS+=test/test-cases/regression/offset-variable.json
TESTS+=test/test-cases/regression/operator-detectsqli.json
TESTS+=test/test-cases/regression/operator-detectxss.json
TESTS+=test/test-cases/regression/operator-fuzzyhash.json
TESTS+=test/test-cases/regression/operator-inpectFile.json
TESTS+=test/test-cases/regression/operator-ipMatchFromFile.json
TESTS+=test/test-cases/regression/operator-pm.json
TESTS+=test/test-cases/regression/operator-rx.json
TESTS+=test/test-cases/regression/operator-UnconditionalMatch.json
TESTS+=test/test-cases/regression/operator-validate-byte-range.json
TESTS+=test/test-cases/regression/operator-verifycc.json
TESTS+=test/test-cases/regression/operator-verifycpf.json
TESTS+=test/test-cases/regression/operator-verifyssn.json
TESTS+=test/test-cases/regression/operator-verifysvnr.json
TESTS+=test/test-cases/regression/request-body-parser-json.json
TESTS+=test/test-cases/regression/request-body-parser-multipart-crlf.json
TESTS+=test/test-cases/regression/request-body-parser-multipart.json
TESTS+=test/test-cases/regression/request-body-parser-xml.json
TESTS+=test/test-cases/regression/request-body-parser-xml-validade-dtd.json
TESTS+=test/test-cases/regression/rule-920120.json
TESTS+=test/test-cases/regression/rule-920200.json
TESTS+=test/test-cases/regression/rule-920274.json
TESTS+=test/test-cases/regression/secaction.json
TESTS+=test/test-cases/regression/sec_component_signature.json
TESTS+=test/test-cases/regression/secmarker.json
TESTS+=test/test-cases/regression/secruleengine.json
TESTS+=test/test-cases/regression/transformation-none.json
TESTS+=test/test-cases/regression/transformations.json
TESTS+=test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json
TESTS+=test/test-cases/regression/variable-ARGS_GET.json
TESTS+=test/test-cases/regression/variable-ARGS_GET_NAMES.json
TESTS+=test/test-cases/regression/variable-ARGS.json
TESTS+=test/test-cases/regression/variable-ARGS_NAMES.json
TESTS+=test/test-cases/regression/variable-ARGS_POST.json
TESTS+=test/test-cases/regression/variable-ARGS_POST_NAMES.json
TESTS+=test/test-cases/regression/variable-AUTH_TYPE.json
TESTS+=test/test-cases/regression/variable-DURATION.json
TESTS+=test/test-cases/regression/variable-ENV.json
TESTS+=test/test-cases/regression/variable-FILES_COMBINED_SIZE.json
TESTS+=test/test-cases/regression/variable-FILES.json
TESTS+=test/test-cases/regression/variable-FILES_NAMES.json
TESTS+=test/test-cases/regression/variable-FILES_SIZES.json
TESTS+=test/test-cases/regression/variable-FULL_REQUEST.json
TESTS+=test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json
TESTS+=test/test-cases/regression/variable-GEO.json
TESTS+=test/test-cases/regression/variable-HIGHEST_SEVERITY.json
TESTS+=test/test-cases/regression/variable-INBOUND_DATA_ERROR.json
TESTS+=test/test-cases/regression/variable-MATCHED_VAR.json
TESTS+=test/test-cases/regression/variable-MATCHED_VAR_NAME.json
TESTS+=test/test-cases/regression/variable-MATCHED_VARS.json
TESTS+=test/test-cases/regression/variable-MATCHED_VARS_NAMES.json
TESTS+=test/test-cases/regression/variable-MODSEC_BUILD.json
TESTS+=test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json
TESTS+=test/test-cases/regression/variable-MULTIPART_FILENAME.json
TESTS+=test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json
TESTS+=test/test-cases/regression/variable-MULTIPART_NAME.json
TESTS+=test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json
TESTS+=test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json
TESTS+=test/test-cases/regression/variable-OUTBOUND_DATA_ERROR.json
TESTS+=test/test-cases/regression/variable-PATH_INFO.json
TESTS+=test/test-cases/regression/variable-QUERY_STRING.json
TESTS+=test/test-cases/regression/variable-REMOTE_ADDR.json
TESTS+=test/test-cases/regression/variable-REMOTE_HOST.json
TESTS+=test/test-cases/regression/variable-REMOTE_PORT.json
TESTS+=test/test-cases/regression/variable-REMOTE_USER.json
TESTS+=test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json
TESTS+=test/test-cases/regression/variable-REQBODY_PROCESSOR.json
TESTS+=test/test-cases/regression/variable-REQUEST_BASENAME.json
TESTS+=test/test-cases/regression/variable-REQUEST_BODY.json
TESTS+=test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json
TESTS+=test/test-cases/regression/variable-REQUEST_COOKIES.json
TESTS+=test/test-cases/regression/variable-REQUEST_COOKIES_NAMES.json
TESTS+=test/test-cases/regression/variable-REQUEST_FILENAME.json
TESTS+=test/test-cases/regression/variable-REQUEST_HEADERS.json
TESTS+=test/test-cases/regression/variable-REQUEST_HEADERS_NAMES.json
TESTS+=test/test-cases/regression/variable-REQUEST_LINE.json
TESTS+=test/test-cases/regression/variable-REQUEST_METHOD.json
TESTS+=test/test-cases/regression/variable-REQUEST_PROTOCOL.json
TESTS+=test/test-cases/regression/variable-REQUEST_URI.json
TESTS+=test/test-cases/regression/variable-REQUEST_URI_RAW.json
TESTS+=test/test-cases/regression/variable-RESPONSE_BODY.json
TESTS+=test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json
TESTS+=test/test-cases/regression/variable-RESPONSE_CONTENT_TYPE.json
TESTS+=test/test-cases/regression/variable-RESPONSE_HEADERS.json
TESTS+=test/test-cases/regression/variable-RESPONSE_HEADERS_NAMES.json
TESTS+=test/test-cases/regression/variable-RESPONSE_PROTOCOL.json
TESTS+=test/test-cases/regression/variable-RULE.json
TESTS+=test/test-cases/regression/variable-SERVER_ADDR.json
TESTS+=test/test-cases/regression/variable-SERVER_NAME.json
TESTS+=test/test-cases/regression/variable-SERVER_PORT.json
TESTS+=test/test-cases/regression/variable-SESSIONID.json
TESTS+=test/test-cases/regression/variable-STATUS.json
TESTS+=test/test-cases/regression/variable-TIME_DAY.json
TESTS+=test/test-cases/regression/variable-TIME_EPOCH.json
TESTS+=test/test-cases/regression/variable-TIME_HOUR.json
TESTS+=test/test-cases/regression/variable-TIME.json
TESTS+=test/test-cases/regression/variable-TIME_MIN.json
TESTS+=test/test-cases/regression/variable-TIME_MON.json
TESTS+=test/test-cases/regression/variable-TIME_SEC.json
TESTS+=test/test-cases/regression/variable-TIME_WDAY.json
TESTS+=test/test-cases/regression/variable-TIME_YEAR.json
TESTS+=test/test-cases/regression/variable-TX.json
TESTS+=test/test-cases/regression/variable-UNIQUE_ID.json
TESTS+=test/test-cases/regression/variable-URLENCODED_ERROR.json
TESTS+=test/test-cases/regression/variable-USERID.json
TESTS+=test/test-cases/regression/variable-variation-count.json
TESTS+=test/test-cases/regression/variable-variation-exclusion.json
TESTS+=test/test-cases/regression/variable-WEBAPPID.json
TESTS+=test/test-cases/regression/variable-WEBSERVER_ERROR_LOG.json
TESTS+=test/test-cases/secrules-language-tests/operators/beginsWith.json
TESTS+=test/test-cases/secrules-language-tests/operators/contains.json
TESTS+=test/test-cases/secrules-language-tests/operators/containsWord.json
TESTS+=test/test-cases/secrules-language-tests/operators/detectSQLi.json
TESTS+=test/test-cases/secrules-language-tests/operators/detectXSS.json
TESTS+=test/test-cases/secrules-language-tests/operators/endsWith.json
TESTS+=test/test-cases/secrules-language-tests/operators/eq.json
TESTS+=test/test-cases/secrules-language-tests/operators/ge.json
TESTS+=test/test-cases/secrules-language-tests/operators/geoLookup.json
TESTS+=test/test-cases/secrules-language-tests/operators/gt.json
TESTS+=test/test-cases/secrules-language-tests/operators/ipMatch.json
TESTS+=test/test-cases/secrules-language-tests/operators/le.json
TESTS+=test/test-cases/secrules-language-tests/operators/lt.json
TESTS+=test/test-cases/secrules-language-tests/operators/noMatch.json
TESTS+=test/test-cases/secrules-language-tests/operators/pmFromFile.json
TESTS+=test/test-cases/secrules-language-tests/operators/pm.json
TESTS+=test/test-cases/secrules-language-tests/operators/rx.json
TESTS+=test/test-cases/secrules-language-tests/operators/streq.json
TESTS+=test/test-cases/secrules-language-tests/operators/strmatch.json
TESTS+=test/test-cases/secrules-language-tests/operators/unconditionalMatch.json
TESTS+=test/test-cases/secrules-language-tests/operators/validateByteRange.json
TESTS+=test/test-cases/secrules-language-tests/operators/validateUrlEncoding.json
TESTS+=test/test-cases/secrules-language-tests/operators/validateUtf8Encoding.json
TESTS+=test/test-cases/secrules-language-tests/operators/verifyCC.json
TESTS+=test/test-cases/secrules-language-tests/operators/verifycpf.json
TESTS+=test/test-cases/secrules-language-tests/operators/verifyssn.json
TESTS+=test/test-cases/secrules-language-tests/operators/verifysvnr.json
TESTS+=test/test-cases/secrules-language-tests/operators/within.json
TESTS+=test/test-cases/secrules-language-tests/transformations/base64DecodeExt.json
TESTS+=test/test-cases/secrules-language-tests/transformations/base64Decode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/base64Encode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/cmdLine.json
TESTS+=test/test-cases/secrules-language-tests/transformations/compressWhitespace.json
TESTS+=test/test-cases/secrules-language-tests/transformations/cssDecode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/escapeSeqDecode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/hexDecode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/hexEncode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/htmlEntityDecode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/jsDecode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/length.json
TESTS+=test/test-cases/secrules-language-tests/transformations/lowercase.json
TESTS+=test/test-cases/secrules-language-tests/transformations/md5.json
TESTS+=test/test-cases/secrules-language-tests/transformations/normalisePath.json
TESTS+=test/test-cases/secrules-language-tests/transformations/normalisePathWin.json
TESTS+=test/test-cases/secrules-language-tests/transformations/parityEven7bit.json
TESTS+=test/test-cases/secrules-language-tests/transformations/parityOdd7bit.json
TESTS+=test/test-cases/secrules-language-tests/transformations/parityZero7bit.json
TESTS+=test/test-cases/secrules-language-tests/transformations/removeCommentsChar.json
TESTS+=test/test-cases/secrules-language-tests/transformations/removeComments.json
TESTS+=test/test-cases/secrules-language-tests/transformations/removeNulls.json
TESTS+=test/test-cases/secrules-language-tests/transformations/removeWhitespace.json
TESTS+=test/test-cases/secrules-language-tests/transformations/replaceComments.json
TESTS+=test/test-cases/secrules-language-tests/transformations/replaceNulls.json
TESTS+=test/test-cases/secrules-language-tests/transformations/sha1.json
TESTS+=test/test-cases/secrules-language-tests/transformations/sqlHexDecode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/trim.json
TESTS+=test/test-cases/secrules-language-tests/transformations/trimLeft.json
TESTS+=test/test-cases/secrules-language-tests/transformations/trimRight.json
TESTS+=test/test-cases/secrules-language-tests/transformations/urlDecode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/urlDecodeUni.json
TESTS+=test/test-cases/secrules-language-tests/transformations/urlEncode.json
TESTS+=test/test-cases/secrules-language-tests/transformations/utf8toUnicode.json
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = modsecurity.pc
EXTRA_DIST = modsecurity.pc.in \
modsecurity.conf-recommended \
unicode.mapping

277
deps/src/ModSecurity/README.md vendored Normal file
View File

@@ -0,0 +1,277 @@
<img src="https://github.com/SpiderLabs/ModSecurity/raw/v3/master/others/modsec.png" width="50%">
[![Build Status](https://travis-ci.org/SpiderLabs/ModSecurity.svg?branch=v3/master)](https://travis-ci.org/SpiderLabs/ModSecurity)
[![](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.com)
[![Build Status](https://sonarcloud.io/api/project_badges/measure?project=USHvY32Uy62L&metric=alert_status)](https://sonarcloud.io/dashboard?id=USHvY32Uy62L)
[![](https://sonarcloud.io/api/project_badges/measure?project=USHvY32Uy62L&metric=sqale_rating
)](https://sonarcloud.io/dashboard?id=USHvY32Uy62L)
[![](https://sonarcloud.io/api/project_badges/measure?project=USHvY32Uy62L&metric=reliability_rating
)](https://sonarcloud.io/dashboard?id=USHvY32Uy62L)
[![](https://sonarcloud.io/api/project_badges/measure?project=USHvY32Uy62L&metric=security_rating
)](https://sonarcloud.io/dashboard?id=USHvY32Uy62L)
[![](https://sonarcloud.io/api/project_badges/measure?project=USHvY32Uy62L&metric=vulnerabilities
)](https://sonarcloud.io/dashboard?id=USHvY32Uy62L)
Libmodsecurity is one component of the ModSecurity v3 project. The library
codebase serves as an interface to ModSecurity Connectors taking in web traffic
and applying traditional ModSecurity processing. In general, it provides the
capability to load/interpret rules written in the ModSecurity SecRules format
and apply them to HTTP content provided by your application via Connectors.
If you are looking for ModSecurity for Apache (aka ModSecurity v2.x), it is still under maintenence and available:
[here](https://github.com/SpiderLabs/ModSecurity/tree/v2/master).
### What is the difference between this project and the old ModSecurity (v2.x.x)?
* All Apache dependences have been removed
* Higher performance
* New features
* New architecture
Libmodsecurity is a complete rewrite of the ModSecurity platform. When it was first devised the ModSecurity project started as just an Apache module. Over time the project has been extended, due to popular demand, to support other platforms including (but not limited to) Nginx and IIS. In order to provide for the growing demand for additional platform support, it has became necessary to remove the Apache dependencies underlying this project, making it more platform independent.
As a result of this goal we have rearchitechted Libmodsecurity such that it is no longer dependent on the Apache web server (both at compilation and during runtime). One side effect of this is that across all platforms users can expect increased performance. Additionally, we have taken this opprotunity to lay the groundwork for some new features that users have been long seeking. For example we are looking to nativly support auditlogs in the JSON format, along with a host of other functionality in future versions.
### It is no longer just a module.
The 'ModSecurity' branch no longer contains the traditional module logic (for Nginx, Apache, and IIS) that has traditionally been packaged all together. Instead, this branch only contains the library portion (libmodsecurity) for this project. This library is consumed by what we have termed 'Connectors' these connectors will interface with your webserver and provide the library with a common format that it undersands. Each of these connectors is maintained as a seperate GitHub project. For instance, the Nginx connector is supplied by the ModSecurity-nginx project (https://github.com/SpiderLabs/ModSecurity-nginx).
Keeping these connectors seperated allows each project to be have different release cycles, issues and development trees. Addtionally, it means that when you install ModSecurity v3 you only get exactly what you need, no extras you won't be using.
# Compilation
Before starting the compilation process, make sure that you have all the
dependencies in place. Read the subsection “Dependencies” for further
information.
After the compilation make sure that there are no issues on your
build/platform. We strongly recommend the utilization of the unit tests and
regression tests. These test utilities are located under the subfolder tests.
As a dynamic library, dont forget that libmodsecurity must be installed to a location (folder) where you OS will be looking for dynamic libraries.
### Unix (Linux, MacOS, FreeBSD, …)
On unix the project uses autotools to help the compilation process.
```shell
$ ./build.sh
$ ./configure
$ make
$ sudo make install
```
Details on distribution specific builds can be found in our Wiki:
[Compilation Recipes](https://github.com/SpiderLabs/ModSecurity/wiki/Compilation-recipes)
### Windows
Windows build is not ready yet.
## Dependencies
This library is written in C++ using the C++11 standards. It also uses Flex
and Yacc to produce the “Sec Rules Language” parser. Other, manditory dependencies include YAJL, as ModSecurity uses JSON for producing logs and its testing framework, libpcre (not yet manditory) for processing regular expressions in SecRules, and libXML2 (not yet manditory) which is used for parsing XML requests.
All others dependencies are related to operators specified within SecRules or configuration directives and may not be required for compilation. A short list of such dependencies is as follows:
* libinjection is needed for the operator @detectXSS and @detectSQL
* curl is needed for the directive SecRemoteRules.
If those libraries are missing ModSecurity will be compiled without the support for the operator @detectXSS and the configuration directive SecRemoteRules.
# Library documentation
The library documentation is written within the code in Doxygen format. To generate this documentation, please use the doxygen utility with the provided configuration file, “doxygen.cfg”, located with the "doc/" subfolder. This will generate HTML formatted documentation including usage examples.
# Library utilization
The library provides a C++ and C interface. Some resources are currently only
available via the C++ interface, for instance, the capability to create custom logging
mechanism (see the regression test to check for how those logging mechanism works).
The objective is to have both APIs (C, C++) providing the same functionality,
if you find an aspect of the API that is missing via a perticular interface, please open an issue.
Inside the subfolder examples, there are simple examples on how to use the API.
Below some are illustrated:
### Simple example using C++
```c++
using ModSecurity::ModSecurity;
using ModSecurity::Rules;
using ModSecurity::Transaction;
ModSecurity *modsec;
ModSecurity::Rules *rules;
modsec = new ModSecurity();
rules = new Rules();
rules->loadFromUri(rules_file);
Transaction *modsecTransaction = new Transaction(modsec, rules);
modsecTransaction->processConnection("127.0.0.1");
if (modsecTransaction->intervention()) {
std::cout << "There is an intervention" << std::endl;
}
```
### Simple example using C
```c
#include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h"
char main_rule_uri[] = "basic_rules.conf";
int main (int argc, char **argv)
{
ModSecurity *modsec = NULL;
Transaction *transaction = NULL;
Rules *rules = NULL;
modsec = msc_init();
rules = msc_create_rules_set();
msc_rules_add_file(rules, main_rule_uri);
transaction = msc_new_transaction(modsec, rules);
msc_process_connection(transaction, "127.0.0.1");
msc_process_uri(transaction, "http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3&test=args&test=test");
msc_process_request_headers(transaction);
msc_process_request_body(transaction);
msc_process_response_headers(transaction);
msc_process_response_body(transaction);
return 0;
}
```
# Contributing
You are more than welcome to contribute to this project and look forward to growing the community around this new version of ModSecurity. Areas of interest include: New
functionalities, fixes, bug report, support for beginning users, or anything that you
are willing to help with.
## Providing patches
We prefer to have your patch within the GtiHub infrastructure to facilitate our
review work, and our Q.A. integration. GitHub provides excellent
documentation on how to perform “Pull Requests”, more information available
here: https://help.github.com/articles/using-pull-requests/
Please respect the coding style. Pull requests can include various commits, so
provide one fix or one piece of functionality per commit. Please do not change anything outside
the scope of your target work (e.g. coding style in a function that you have
passed by). For further information about the coding style used in this
project, please check: https://www.chromium.org/blink/coding-style
Provides explanative commit messages. Your first line should give the highlights of your
patch, 3rd and on give a more detailed explanation/technical details about your
patch. Patch explanation is valuable during the review process.
### Dont know where to start?
Within our code there are various items marked as TODO or FIXME that may need
your attention. Check the list of items by performing a grep:
```
$ cd /path/to/modsecurity-nginx
$ egrep -Rin "TODO|FIXME" -R *
```
A TODO list is also available as part of the Doxygen documentation.
### Testing your patch
Along with the manual testing, we strongly recommend you to use the our
regression tests and unit tests. If you have implemented an operator, dont
forget to create unit tests for it. If you impliment anything else, it is encouraged that you develop complimentary regression tests for it.
The regression test and unit test utilities are native and do not demand any
external tool or script, although you need to fetch the test cases from other
repositories, as they are shared with other versions of ModSecurity, those
others repositories git submodules. To fetch the submodules repository and run
the utilities, follow the commands listed below:
```shell
$ cd /path/to/your/ModSecurity
$ git submodule foreach git pull
$ cd test
$ ./regression-tests
$ ./unit-tests
```
### Debugging
Before start the debugging process, make sure of where your bug is. The problem
could be on your connector or in libmodsecurity. In order to identify where the
bug is, it is recommended that you develop a regression test that mimics the
scenario where the bug is happening. If the bug is reproducible with the
regression-test utility, then it will be far simpliar to debug and ensure that it never occurs again. On Linux it is
recommended that anyone undertaking debugging utilize gdb and/or valgrind as needed.
During the configuration/compilation time, you may want to disable the compiler
optimization making your “back traces” populated with readable data. Use the
CFLAGS to disable the compilation optimization parameters:
```shell
$ export CFLAGS="-g -O0"
$ ./build.sh
$ ./configure
$ make
$ sudo make install
```
## Reporting Issues
If you are facing a configuration issue or something is not working as you
expected to be, please use the ModSecurity users mailing list. Issues on GitHub
are also welcomed, but we prefer to have user ask questions on the mailing list first so that you can reach an entire community. Also dont forget to look for existing issues before open a new one.
If you are going to open a new issue on GitHub, dont forget to tell us the
version of your libmodsecurity and the version of a specific connector if there
is one.
### Security issue
Please do not make public any security issue. Contact us at:
security@modsecurity.org reporting the issue. Once the problem is fixed your
credit will be given.
## Feature request
We are open to discussing any new feature request with the community via the mailing lists. You can alternativly,
feel free to open GitHub issues requesting new features. Before opening a
new issue, please check if there is one already opened on the same topic.
## Bindings
The libModSecurity design allows the integration with bindings. There is an effort to avoid brake the API [binary] compatibility to make an easy integration with possible bindings. Currently, there are two notable projects maintained by the community:
* Python - https://github.com/actions-security/pymodsecurity
* Varnish - https://github.com/xdecock/vmod-modsecurity
## Packing
Having our packages in distros on time is a desire that we have, so let us know
if there is anything we can do to facilitate your work as a packager.

13
deps/src/ModSecurity/build.sh vendored Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/sh
rm -rf autom4te.cache
rm -f aclocal.m4
case `uname` in Darwin*) glibtoolize --force --copy ;;
*) libtoolize --force --copy ;; esac
autoreconf --install
autoheader
automake --add-missing --foreign --copy --force-missing
autoconf --force
rm -rf autom4te.cache

0
deps/src/ModSecurity/build/.empty vendored Normal file
View File

171
deps/src/ModSecurity/build/ax_cxx_compile_stdcxx_11.m4 vendored Normal file
View File

@@ -0,0 +1,171 @@
# ============================================================================
# http://www.gnu.org/software/autoconf-archive/ax_cxx_compile_stdcxx_11.html
# ============================================================================
#
# SYNOPSIS
#
# AX_CXX_COMPILE_STDCXX_11([ext|noext],[mandatory|optional])
#
# DESCRIPTION
#
# Check for baseline language coverage in the compiler for the C++11
# standard; if necessary, add switches to CXXFLAGS to enable support.
#
# The first argument, if specified, indicates whether you insist on an
# extended mode (e.g. -std=gnu++11) or a strict conformance mode (e.g.
# -std=c++11). If neither is specified, you get whatever works, with
# preference for an extended mode.
#
# The second argument, if specified 'mandatory' or if left unspecified,
# indicates that baseline C++11 support is required and that the macro
# should error out if no mode with that support is found. If specified
# 'optional', then configuration proceeds regardless, after defining
# HAVE_CXX11 if and only if a supporting mode is found.
#
# LICENSE
#
# Copyright (c) 2008 Benjamin Kosnik <bkoz@redhat.com>
# Copyright (c) 2012 Zack Weinberg <zackw@panix.com>
# Copyright (c) 2013 Roy Stogner <roystgnr@ices.utexas.edu>
# Copyright (c) 2014, 2015 Google Inc.; contributed by Alexey Sokolov <sokolov@google.com>
# Copyright (c) 2015 Paul Norman <penorman@mac.com>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 12
m4_define([_AX_CXX_COMPILE_STDCXX_11_testbody], [[
template <typename T>
struct check
{
static_assert(sizeof(int) <= sizeof(T), "not big enough");
};
struct Base {
virtual void f() {}
};
struct Child : public Base {
virtual void f() override {}
};
typedef check<check<bool>> right_angle_brackets;
int a;
decltype(a) b;
typedef check<int> check_type;
check_type c;
check_type&& cr = static_cast<check_type&&>(c);
auto d = a;
auto l = [](){};
// Prevent Clang error: unused variable 'l' [-Werror,-Wunused-variable]
struct use_l { use_l() { l(); } };
// http://stackoverflow.com/questions/13728184/template-aliases-and-sfinae
// Clang 3.1 fails with headers of libstd++ 4.8.3 when using std::function because of this
namespace test_template_alias_sfinae {
struct foo {};
template<typename T>
using member = typename T::member_type;
template<typename T>
void func(...) {}
template<typename T>
void func(member<T>*) {}
void test();
void test() {
func<foo>(0);
}
}
// Check for C++11 attribute support
void noret [[noreturn]] () { throw 0; }
]])
AC_DEFUN([AX_CXX_COMPILE_STDCXX_11], [dnl
m4_if([$1], [], [],
[$1], [ext], [],
[$1], [noext], [],
[m4_fatal([invalid argument `$1' to AX_CXX_COMPILE_STDCXX_11])])dnl
m4_if([$2], [], [ax_cxx_compile_cxx11_required=true],
[$2], [mandatory], [ax_cxx_compile_cxx11_required=true],
[$2], [optional], [ax_cxx_compile_cxx11_required=false],
[m4_fatal([invalid second argument `$2' to AX_CXX_COMPILE_STDCXX_11])])
AC_LANG_PUSH([C++])dnl
ac_success=no
AC_CACHE_CHECK(whether $CXX supports C++11 features by default,
ax_cv_cxx_compile_cxx11,
[AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXX_COMPILE_STDCXX_11_testbody])],
[ax_cv_cxx_compile_cxx11=yes],
[ax_cv_cxx_compile_cxx11=no])])
if test x$ax_cv_cxx_compile_cxx11 = xyes; then
ac_success=yes
fi
m4_if([$1], [noext], [], [dnl
if test x$ac_success = xno; then
for switch in -std=gnu++11 -std=gnu++0x; do
cachevar=AS_TR_SH([ax_cv_cxx_compile_cxx11_$switch])
AC_CACHE_CHECK(whether $CXX supports C++11 features with $switch,
$cachevar,
[ac_save_CXXFLAGS="$CXXFLAGS"
CXXFLAGS="$CXXFLAGS $switch"
AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXX_COMPILE_STDCXX_11_testbody])],
[eval $cachevar=yes],
[eval $cachevar=no])
CXXFLAGS="$ac_save_CXXFLAGS"])
if eval test x\$$cachevar = xyes; then
CXXFLAGS="$CXXFLAGS $switch"
ac_success=yes
break
fi
done
fi])
m4_if([$1], [ext], [], [dnl
if test x$ac_success = xno; then
dnl HP's aCC needs +std=c++11 according to:
dnl http://h21007.www2.hp.com/portal/download/files/unprot/aCxx/PDF_Release_Notes/769149-001.pdf
for switch in -std=c++11 -std=c++0x +std=c++11; do
cachevar=AS_TR_SH([ax_cv_cxx_compile_cxx11_$switch])
AC_CACHE_CHECK(whether $CXX supports C++11 features with $switch,
$cachevar,
[ac_save_CXXFLAGS="$CXXFLAGS"
CXXFLAGS="$CXXFLAGS $switch"
AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXX_COMPILE_STDCXX_11_testbody])],
[eval $cachevar=yes],
[eval $cachevar=no])
CXXFLAGS="$ac_save_CXXFLAGS"])
if eval test x\$$cachevar = xyes; then
CXXFLAGS="$CXXFLAGS $switch"
ac_success=yes
break
fi
done
fi])
AC_LANG_POP([C++])
if test x$ax_cxx_compile_cxx11_required = xtrue; then
if test x$ac_success = xno; then
AC_MSG_ERROR([*** A compiler with support for C++11 language features is required.])
fi
else
if test x$ac_success = xno; then
HAVE_CXX11=0
AC_MSG_NOTICE([No compiler with C++11 support was found])
else
HAVE_CXX11=1
AC_DEFINE(HAVE_CXX11,1,
[define if the compiler supports basic C++11 syntax])
fi
AC_SUBST(HAVE_CXX11)
fi
])

533
deps/src/ModSecurity/build/ax_prog_doxygen.m4 vendored Normal file
View File

@@ -0,0 +1,533 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_prog_doxygen.html
# ===========================================================================
#
# SYNOPSIS
#
# DX_INIT_DOXYGEN(PROJECT-NAME, DOXYFILE-PATH, [OUTPUT-DIR])
# DX_DOXYGEN_FEATURE(ON|OFF)
# DX_DOT_FEATURE(ON|OFF)
# DX_HTML_FEATURE(ON|OFF)
# DX_CHM_FEATURE(ON|OFF)
# DX_CHI_FEATURE(ON|OFF)
# DX_MAN_FEATURE(ON|OFF)
# DX_RTF_FEATURE(ON|OFF)
# DX_XML_FEATURE(ON|OFF)
# DX_PDF_FEATURE(ON|OFF)
# DX_PS_FEATURE(ON|OFF)
#
# DESCRIPTION
#
# The DX_*_FEATURE macros control the default setting for the given
# Doxygen feature. Supported features are 'DOXYGEN' itself, 'DOT' for
# generating graphics, 'HTML' for plain HTML, 'CHM' for compressed HTML
# help (for MS users), 'CHI' for generating a seperate .chi file by the
# .chm file, and 'MAN', 'RTF', 'XML', 'PDF' and 'PS' for the appropriate
# output formats. The environment variable DOXYGEN_PAPER_SIZE may be
# specified to override the default 'a4wide' paper size.
#
# By default, HTML, PDF and PS documentation is generated as this seems to
# be the most popular and portable combination. MAN pages created by
# Doxygen are usually problematic, though by picking an appropriate subset
# and doing some massaging they might be better than nothing. CHM and RTF
# are specific for MS (note that you can't generate both HTML and CHM at
# the same time). The XML is rather useless unless you apply specialized
# post-processing to it.
#
# The macros mainly control the default state of the feature. The use can
# override the default by specifying --enable or --disable. The macros
# ensure that contradictory flags are not given (e.g.,
# --enable-doxygen-html and --enable-doxygen-chm,
# --enable-doxygen-anything with --disable-doxygen, etc.) Finally, each
# feature will be automatically disabled (with a warning) if the required
# programs are missing.
#
# Once all the feature defaults have been specified, call DX_INIT_DOXYGEN
# with the following parameters: a one-word name for the project for use
# as a filename base etc., an optional configuration file name (the
# default is 'Doxyfile', the same as Doxygen's default), and an optional
# output directory name (the default is 'doxygen-doc').
#
# Automake Support
#
# The following is a template aminclude.am file for use with Automake.
# Make targets and variables values are controlled by the various
# DX_COND_* conditionals set by autoconf.
#
# The provided targets are:
#
# doxygen-doc: Generate all doxygen documentation.
#
# doxygen-run: Run doxygen, which will generate some of the
# documentation (HTML, CHM, CHI, MAN, RTF, XML)
# but will not do the post processing required
# for the rest of it (PS, PDF, and some MAN).
#
# doxygen-man: Rename some doxygen generated man pages.
#
# doxygen-ps: Generate doxygen PostScript documentation.
#
# doxygen-pdf: Generate doxygen PDF documentation.
#
# Note that by default these are not integrated into the automake targets.
# If doxygen is used to generate man pages, you can achieve this
# integration by setting man3_MANS to the list of man pages generated and
# then adding the dependency:
#
# $(man3_MANS): doxygen-doc
#
# This will cause make to run doxygen and generate all the documentation.
#
# The following variable is intended for use in Makefile.am:
#
# DX_CLEANFILES = everything to clean.
#
# Then add this variable to MOSTLYCLEANFILES.
#
# ----- begin aminclude.am -------------------------------------
#
# ## --------------------------------- ##
# ## Format-independent Doxygen rules. ##
# ## --------------------------------- ##
#
# if DX_COND_doc
#
# ## ------------------------------- ##
# ## Rules specific for HTML output. ##
# ## ------------------------------- ##
#
# if DX_COND_html
#
# DX_CLEAN_HTML = @DX_DOCDIR@/html
#
# endif DX_COND_html
#
# ## ------------------------------ ##
# ## Rules specific for CHM output. ##
# ## ------------------------------ ##
#
# if DX_COND_chm
#
# DX_CLEAN_CHM = @DX_DOCDIR@/chm
#
# if DX_COND_chi
#
# DX_CLEAN_CHI = @DX_DOCDIR@/@PACKAGE@.chi
#
# endif DX_COND_chi
#
# endif DX_COND_chm
#
# ## ------------------------------ ##
# ## Rules specific for MAN output. ##
# ## ------------------------------ ##
#
# if DX_COND_man
#
# DX_CLEAN_MAN = @DX_DOCDIR@/man
#
# endif DX_COND_man
#
# ## ------------------------------ ##
# ## Rules specific for RTF output. ##
# ## ------------------------------ ##
#
# if DX_COND_rtf
#
# DX_CLEAN_RTF = @DX_DOCDIR@/rtf
#
# endif DX_COND_rtf
#
# ## ------------------------------ ##
# ## Rules specific for XML output. ##
# ## ------------------------------ ##
#
# if DX_COND_xml
#
# DX_CLEAN_XML = @DX_DOCDIR@/xml
#
# endif DX_COND_xml
#
# ## ----------------------------- ##
# ## Rules specific for PS output. ##
# ## ----------------------------- ##
#
# if DX_COND_ps
#
# DX_CLEAN_PS = @DX_DOCDIR@/@PACKAGE@.ps
#
# DX_PS_GOAL = doxygen-ps
#
# doxygen-ps: @DX_DOCDIR@/@PACKAGE@.ps
#
# @DX_DOCDIR@/@PACKAGE@.ps: @DX_DOCDIR@/@PACKAGE@.tag
# cd @DX_DOCDIR@/latex; \
# rm -f *.aux *.toc *.idx *.ind *.ilg *.log *.out; \
# $(DX_LATEX) refman.tex; \
# $(MAKEINDEX_PATH) refman.idx; \
# $(DX_LATEX) refman.tex; \
# countdown=5; \
# while $(DX_EGREP) 'Rerun (LaTeX|to get cross-references right)' \
# refman.log > /dev/null 2>&1 \
# && test $$countdown -gt 0; do \
# $(DX_LATEX) refman.tex; \
# countdown=`expr $$countdown - 1`; \
# done; \
# $(DX_DVIPS) -o ../@PACKAGE@.ps refman.dvi
#
# endif DX_COND_ps
#
# ## ------------------------------ ##
# ## Rules specific for PDF output. ##
# ## ------------------------------ ##
#
# if DX_COND_pdf
#
# DX_CLEAN_PDF = @DX_DOCDIR@/@PACKAGE@.pdf
#
# DX_PDF_GOAL = doxygen-pdf
#
# doxygen-pdf: @DX_DOCDIR@/@PACKAGE@.pdf
#
# @DX_DOCDIR@/@PACKAGE@.pdf: @DX_DOCDIR@/@PACKAGE@.tag
# cd @DX_DOCDIR@/latex; \
# rm -f *.aux *.toc *.idx *.ind *.ilg *.log *.out; \
# $(DX_PDFLATEX) refman.tex; \
# $(DX_MAKEINDEX) refman.idx; \
# $(DX_PDFLATEX) refman.tex; \
# countdown=5; \
# while $(DX_EGREP) 'Rerun (LaTeX|to get cross-references right)' \
# refman.log > /dev/null 2>&1 \
# && test $$countdown -gt 0; do \
# $(DX_PDFLATEX) refman.tex; \
# countdown=`expr $$countdown - 1`; \
# done; \
# mv refman.pdf ../@PACKAGE@.pdf
#
# endif DX_COND_pdf
#
# ## ------------------------------------------------- ##
# ## Rules specific for LaTeX (shared for PS and PDF). ##
# ## ------------------------------------------------- ##
#
# if DX_COND_latex
#
# DX_CLEAN_LATEX = @DX_DOCDIR@/latex
#
# endif DX_COND_latex
#
# .PHONY: doxygen-run doxygen-doc $(DX_PS_GOAL) $(DX_PDF_GOAL)
#
# .INTERMEDIATE: doxygen-run $(DX_PS_GOAL) $(DX_PDF_GOAL)
#
# doxygen-run: @DX_DOCDIR@/@PACKAGE@.tag
#
# doxygen-doc: doxygen-run $(DX_PS_GOAL) $(DX_PDF_GOAL)
#
# @DX_DOCDIR@/@PACKAGE@.tag: $(DX_CONFIG) $(pkginclude_HEADERS)
# rm -rf @DX_DOCDIR@
# $(DX_ENV) $(DX_DOXYGEN) $(srcdir)/$(DX_CONFIG)
# echo Timestamp >$@
#
# DX_CLEANFILES = \
# @DX_DOCDIR@/@PACKAGE@.tag \
# -r \
# $(DX_CLEAN_HTML) \
# $(DX_CLEAN_CHM) \
# $(DX_CLEAN_CHI) \
# $(DX_CLEAN_MAN) \
# $(DX_CLEAN_RTF) \
# $(DX_CLEAN_XML) \
# $(DX_CLEAN_PS) \
# $(DX_CLEAN_PDF) \
# $(DX_CLEAN_LATEX)
#
# endif DX_COND_doc
#
# ----- end aminclude.am ---------------------------------------
#
# LICENSE
#
# Copyright (c) 2009 Oren Ben-Kiki <oren@ben-kiki.org>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 13
## ----------##
## Defaults. ##
## ----------##
DX_ENV=""
AC_DEFUN([DX_FEATURE_doc], ON)
AC_DEFUN([DX_FEATURE_dot], OFF)
AC_DEFUN([DX_FEATURE_man], OFF)
AC_DEFUN([DX_FEATURE_html], ON)
AC_DEFUN([DX_FEATURE_chm], OFF)
AC_DEFUN([DX_FEATURE_chi], OFF)
AC_DEFUN([DX_FEATURE_rtf], OFF)
AC_DEFUN([DX_FEATURE_xml], OFF)
AC_DEFUN([DX_FEATURE_pdf], ON)
AC_DEFUN([DX_FEATURE_ps], ON)
## --------------- ##
## Private macros. ##
## --------------- ##
# DX_ENV_APPEND(VARIABLE, VALUE)
# ------------------------------
# Append VARIABLE="VALUE" to DX_ENV for invoking doxygen.
AC_DEFUN([DX_ENV_APPEND], [AC_SUBST([DX_ENV], ["$DX_ENV $1='$2'"])])
# DX_DIRNAME_EXPR
# ---------------
# Expand into a shell expression prints the directory part of a path.
AC_DEFUN([DX_DIRNAME_EXPR],
[[expr ".$1" : '\(\.\)[^/]*$' \| "x$1" : 'x\(.*\)/[^/]*$']])
# DX_IF_FEATURE(FEATURE, IF-ON, IF-OFF)
# -------------------------------------
# Expands according to the M4 (static) status of the feature.
AC_DEFUN([DX_IF_FEATURE], [ifelse(DX_FEATURE_$1, ON, [$2], [$3])])
# DX_REQUIRE_PROG(VARIABLE, PROGRAM)
# ----------------------------------
# Require the specified program to be found for the DX_CURRENT_FEATURE to work.
AC_DEFUN([DX_REQUIRE_PROG], [
AC_PATH_TOOL([$1], [$2])
if test "$DX_FLAG_[]DX_CURRENT_FEATURE$$1" = 1; then
AC_MSG_WARN([$2 not found - will not DX_CURRENT_DESCRIPTION])
AC_SUBST(DX_FLAG_[]DX_CURRENT_FEATURE, 0)
fi
])
# DX_TEST_FEATURE(FEATURE)
# ------------------------
# Expand to a shell expression testing whether the feature is active.
AC_DEFUN([DX_TEST_FEATURE], [test "$DX_FLAG_$1" = 1])
# DX_CHECK_DEPEND(REQUIRED_FEATURE, REQUIRED_STATE)
# -------------------------------------------------
# Verify that a required features has the right state before trying to turn on
# the DX_CURRENT_FEATURE.
AC_DEFUN([DX_CHECK_DEPEND], [
test "$DX_FLAG_$1" = "$2" \
|| AC_MSG_ERROR([doxygen-DX_CURRENT_FEATURE ifelse([$2], 1,
requires, contradicts) doxygen-DX_CURRENT_FEATURE])
])
# DX_CLEAR_DEPEND(FEATURE, REQUIRED_FEATURE, REQUIRED_STATE)
# ----------------------------------------------------------
# Turn off the DX_CURRENT_FEATURE if the required feature is off.
AC_DEFUN([DX_CLEAR_DEPEND], [
test "$DX_FLAG_$1" = "$2" || AC_SUBST(DX_FLAG_[]DX_CURRENT_FEATURE, 0)
])
# DX_FEATURE_ARG(FEATURE, DESCRIPTION,
# CHECK_DEPEND, CLEAR_DEPEND,
# REQUIRE, DO-IF-ON, DO-IF-OFF)
# --------------------------------------------
# Parse the command-line option controlling a feature. CHECK_DEPEND is called
# if the user explicitly turns the feature on (and invokes DX_CHECK_DEPEND),
# otherwise CLEAR_DEPEND is called to turn off the default state if a required
# feature is disabled (using DX_CLEAR_DEPEND). REQUIRE performs additional
# requirement tests (DX_REQUIRE_PROG). Finally, an automake flag is set and
# DO-IF-ON or DO-IF-OFF are called according to the final state of the feature.
AC_DEFUN([DX_ARG_ABLE], [
AC_DEFUN([DX_CURRENT_FEATURE], [$1])
AC_DEFUN([DX_CURRENT_DESCRIPTION], [$2])
AC_ARG_ENABLE(doxygen-$1,
[AS_HELP_STRING(DX_IF_FEATURE([$1], [--disable-doxygen-$1],
[--enable-doxygen-$1]),
DX_IF_FEATURE([$1], [don't $2], [$2]))],
[
case "$enableval" in
#(
y|Y|yes|Yes|YES)
AC_SUBST([DX_FLAG_$1], 1)
$3
;; #(
n|N|no|No|NO)
AC_SUBST([DX_FLAG_$1], 0)
;; #(
*)
AC_MSG_ERROR([invalid value '$enableval' given to doxygen-$1])
;;
esac
], [
AC_SUBST([DX_FLAG_$1], [DX_IF_FEATURE([$1], 1, 0)])
$4
])
if DX_TEST_FEATURE([$1]); then
$5
:
fi
AM_CONDITIONAL(DX_COND_$1, DX_TEST_FEATURE([$1]))
if DX_TEST_FEATURE([$1]); then
$6
:
else
$7
:
fi
])
## -------------- ##
## Public macros. ##
## -------------- ##
# DX_XXX_FEATURE(DEFAULT_STATE)
# -----------------------------
AC_DEFUN([DX_DOXYGEN_FEATURE], [AC_DEFUN([DX_FEATURE_doc], [$1])])
AC_DEFUN([DX_DOT_FEATURE], [AC_DEFUN([DX_FEATURE_dot], [$1])])
AC_DEFUN([DX_MAN_FEATURE], [AC_DEFUN([DX_FEATURE_man], [$1])])
AC_DEFUN([DX_HTML_FEATURE], [AC_DEFUN([DX_FEATURE_html], [$1])])
AC_DEFUN([DX_CHM_FEATURE], [AC_DEFUN([DX_FEATURE_chm], [$1])])
AC_DEFUN([DX_CHI_FEATURE], [AC_DEFUN([DX_FEATURE_chi], [$1])])
AC_DEFUN([DX_RTF_FEATURE], [AC_DEFUN([DX_FEATURE_rtf], [$1])])
AC_DEFUN([DX_XML_FEATURE], [AC_DEFUN([DX_FEATURE_xml], [$1])])
AC_DEFUN([DX_XML_FEATURE], [AC_DEFUN([DX_FEATURE_xml], [$1])])
AC_DEFUN([DX_PDF_FEATURE], [AC_DEFUN([DX_FEATURE_pdf], [$1])])
AC_DEFUN([DX_PS_FEATURE], [AC_DEFUN([DX_FEATURE_ps], [$1])])
# DX_INIT_DOXYGEN(PROJECT, [CONFIG-FILE], [OUTPUT-DOC-DIR])
# ---------------------------------------------------------
# PROJECT also serves as the base name for the documentation files.
# The default CONFIG-FILE is "Doxyfile" and OUTPUT-DOC-DIR is "doxygen-doc".
AC_DEFUN([DX_INIT_DOXYGEN], [
# Files:
AC_SUBST([DX_PROJECT], [$1])
AC_SUBST([DX_CONFIG], [ifelse([$2], [], Doxyfile, [$2])])
AC_SUBST([DX_DOCDIR], [ifelse([$3], [], doxygen-doc, [$3])])
# Environment variables used inside doxygen.cfg:
DX_ENV_APPEND(SRCDIR, $srcdir)
DX_ENV_APPEND(PROJECT, $DX_PROJECT)
DX_ENV_APPEND(DOCDIR, $DX_DOCDIR)
DX_ENV_APPEND(VERSION, $PACKAGE_VERSION)
# Doxygen itself:
DX_ARG_ABLE(doc, [generate any doxygen documentation],
[],
[],
[DX_REQUIRE_PROG([DX_DOXYGEN], doxygen)
DX_REQUIRE_PROG([DX_PERL], perl)],
[DX_ENV_APPEND(PERL_PATH, $DX_PERL)])
# Dot for graphics:
DX_ARG_ABLE(dot, [generate graphics for doxygen documentation],
[DX_CHECK_DEPEND(doc, 1)],
[DX_CLEAR_DEPEND(doc, 1)],
[DX_REQUIRE_PROG([DX_DOT], dot)],
[DX_ENV_APPEND(HAVE_DOT, YES)
DX_ENV_APPEND(DOT_PATH, [`DX_DIRNAME_EXPR($DX_DOT)`])],
[DX_ENV_APPEND(HAVE_DOT, NO)])
# Man pages generation:
DX_ARG_ABLE(man, [generate doxygen manual pages],
[DX_CHECK_DEPEND(doc, 1)],
[DX_CLEAR_DEPEND(doc, 1)],
[],
[DX_ENV_APPEND(GENERATE_MAN, YES)],
[DX_ENV_APPEND(GENERATE_MAN, NO)])
# RTF file generation:
DX_ARG_ABLE(rtf, [generate doxygen RTF documentation],
[DX_CHECK_DEPEND(doc, 1)],
[DX_CLEAR_DEPEND(doc, 1)],
[],
[DX_ENV_APPEND(GENERATE_RTF, YES)],
[DX_ENV_APPEND(GENERATE_RTF, NO)])
# XML file generation:
DX_ARG_ABLE(xml, [generate doxygen XML documentation],
[DX_CHECK_DEPEND(doc, 1)],
[DX_CLEAR_DEPEND(doc, 1)],
[],
[DX_ENV_APPEND(GENERATE_XML, YES)],
[DX_ENV_APPEND(GENERATE_XML, NO)])
# (Compressed) HTML help generation:
DX_ARG_ABLE(chm, [generate doxygen compressed HTML help documentation],
[DX_CHECK_DEPEND(doc, 1)],
[DX_CLEAR_DEPEND(doc, 1)],
[DX_REQUIRE_PROG([DX_HHC], hhc)],
[DX_ENV_APPEND(HHC_PATH, $DX_HHC)
DX_ENV_APPEND(GENERATE_HTML, YES)
DX_ENV_APPEND(GENERATE_HTMLHELP, YES)],
[DX_ENV_APPEND(GENERATE_HTMLHELP, NO)])
# Seperate CHI file generation.
DX_ARG_ABLE(chi, [generate doxygen seperate compressed HTML help index file],
[DX_CHECK_DEPEND(chm, 1)],
[DX_CLEAR_DEPEND(chm, 1)],
[],
[DX_ENV_APPEND(GENERATE_CHI, YES)],
[DX_ENV_APPEND(GENERATE_CHI, NO)])
# Plain HTML pages generation:
DX_ARG_ABLE(html, [generate doxygen plain HTML documentation],
[DX_CHECK_DEPEND(doc, 1) DX_CHECK_DEPEND(chm, 0)],
[DX_CLEAR_DEPEND(doc, 1) DX_CLEAR_DEPEND(chm, 0)],
[],
[DX_ENV_APPEND(GENERATE_HTML, YES)],
[DX_TEST_FEATURE(chm) || DX_ENV_APPEND(GENERATE_HTML, NO)])
# PostScript file generation:
DX_ARG_ABLE(ps, [generate doxygen PostScript documentation],
[DX_CHECK_DEPEND(doc, 1)],
[DX_CLEAR_DEPEND(doc, 1)],
[DX_REQUIRE_PROG([DX_LATEX], latex)
DX_REQUIRE_PROG([DX_MAKEINDEX], makeindex)
DX_REQUIRE_PROG([DX_DVIPS], dvips)
DX_REQUIRE_PROG([DX_EGREP], egrep)])
# PDF file generation:
DX_ARG_ABLE(pdf, [generate doxygen PDF documentation],
[DX_CHECK_DEPEND(doc, 1)],
[DX_CLEAR_DEPEND(doc, 1)],
[DX_REQUIRE_PROG([DX_PDFLATEX], pdflatex)
DX_REQUIRE_PROG([DX_MAKEINDEX], makeindex)
DX_REQUIRE_PROG([DX_EGREP], egrep)])
# LaTeX generation for PS and/or PDF:
AM_CONDITIONAL(DX_COND_latex, DX_TEST_FEATURE(ps) || DX_TEST_FEATURE(pdf))
if DX_TEST_FEATURE(ps) || DX_TEST_FEATURE(pdf); then
DX_ENV_APPEND(GENERATE_LATEX, YES)
else
DX_ENV_APPEND(GENERATE_LATEX, NO)
fi
# Paper size for PS and/or PDF:
AC_ARG_VAR(DOXYGEN_PAPER_SIZE,
[a4wide (default), a4, letter, legal or executive])
case "$DOXYGEN_PAPER_SIZE" in
#(
"")
AC_SUBST(DOXYGEN_PAPER_SIZE, "")
;; #(
a4wide|a4|letter|legal|executive)
DX_ENV_APPEND(PAPER_SIZE, $DOXYGEN_PAPER_SIZE)
;; #(
*)
AC_MSG_ERROR([unknown DOXYGEN_PAPER_SIZE='$DOXYGEN_PAPER_SIZE'])
;;
esac
#For debugging:
#echo DX_FLAG_doc=$DX_FLAG_doc
#echo DX_FLAG_dot=$DX_FLAG_dot
#echo DX_FLAG_man=$DX_FLAG_man
#echo DX_FLAG_html=$DX_FLAG_html
#echo DX_FLAG_chm=$DX_FLAG_chm
#echo DX_FLAG_chi=$DX_FLAG_chi
#echo DX_FLAG_rtf=$DX_FLAG_rtf
#echo DX_FLAG_xml=$DX_FLAG_xml
#echo DX_FLAG_pdf=$DX_FLAG_pdf
#echo DX_FLAG_ps=$DX_FLAG_ps
#echo DX_ENV=$DX_ENV
])

236
deps/src/ModSecurity/build/ax_valgrind_check.m4 vendored Normal file
View File

@@ -0,0 +1,236 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_valgrind_check.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_VALGRIND_DFLT(memcheck|helgrind|drd|sgcheck, on|off)
# AX_VALGRIND_CHECK()
#
# DESCRIPTION
#
# AX_VALGRIND_CHECK checks whether Valgrind is present and, if so, allows
# running `make check` under a variety of Valgrind tools to check for
# memory and threading errors.
#
# Defines VALGRIND_CHECK_RULES which should be substituted in your
# Makefile; and $enable_valgrind which can be used in subsequent configure
# output. VALGRIND_ENABLED is defined and substituted, and corresponds to
# the value of the --enable-valgrind option, which defaults to being
# enabled if Valgrind is installed and disabled otherwise. Individual
# Valgrind tools can be disabled via --disable-valgrind-<tool>, the
# default is configurable via the AX_VALGRIND_DFLT command or is to use
# all commands not disabled via AX_VALGRIND_DFLT. All AX_VALGRIND_DFLT
# calls must be made before the call to AX_VALGRIND_CHECK.
#
# If unit tests are written using a shell script and automake's
# LOG_COMPILER system, the $(VALGRIND) variable can be used within the
# shell scripts to enable Valgrind, as described here:
#
# https://www.gnu.org/software/gnulib/manual/html_node/Running-self_002dtests-under-valgrind.html
#
# Usage example:
#
# configure.ac:
#
# AX_VALGRIND_DFLT([sgcheck], [off])
# AX_VALGRIND_CHECK
#
# Makefile.am:
#
# @VALGRIND_CHECK_RULES@
# VALGRIND_SUPPRESSIONS_FILES = my-project.supp
# EXTRA_DIST = my-project.supp
#
# This results in a "check-valgrind" rule being added to any Makefile.am
# which includes "@VALGRIND_CHECK_RULES@" (assuming the module has been
# configured with --enable-valgrind). Running `make check-valgrind` in
# that directory will run the module's test suite (`make check`) once for
# each of the available Valgrind tools (out of memcheck, helgrind and drd)
# while the sgcheck will be skipped unless enabled again on the
# commandline with --enable-valgrind-sgcheck. The results for each check
# will be output to test-suite-$toolname.log. The target will succeed if
# there are zero errors and fail otherwise.
#
# Alternatively, a "check-valgrind-$TOOL" rule will be added, for $TOOL in
# memcheck, helgrind, drd and sgcheck. These are useful because often only
# some of those tools can be ran cleanly on a codebase.
#
# The macro supports running with and without libtool.
#
# LICENSE
#
# Copyright (c) 2014, 2015, 2016 Philip Withnall <philip.withnall@collabora.co.uk>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 13
dnl Configured tools
m4_define([valgrind_tool_list], [[memcheck], [helgrind], [drd], [sgcheck]])
m4_set_add_all([valgrind_exp_tool_set], [sgcheck])
m4_foreach([vgtool], [valgrind_tool_list],
[m4_define([en_dflt_valgrind_]vgtool, [on])])
AC_DEFUN([AX_VALGRIND_DFLT],[
m4_define([en_dflt_valgrind_$1], [$2])
])dnl
AC_DEFUN([AX_VALGRIND_CHECK],[
dnl Check for --enable-valgrind
AC_ARG_ENABLE([valgrind],
[AS_HELP_STRING([--enable-valgrind], [Whether to enable Valgrind on the unit tests])],
[enable_valgrind=$enableval],[enable_valgrind=])
AS_IF([test "$enable_valgrind" != "no"],[
# Check for Valgrind.
AC_CHECK_PROG([VALGRIND],[valgrind],[valgrind])
AS_IF([test "$VALGRIND" = ""],[
AS_IF([test "$enable_valgrind" = "yes"],[
AC_MSG_ERROR([Could not find valgrind; either install it or reconfigure with --disable-valgrind])
],[
enable_valgrind=no
])
],[
enable_valgrind=yes
])
])
AM_CONDITIONAL([VALGRIND_ENABLED],[test "$enable_valgrind" = "yes"])
AC_SUBST([VALGRIND_ENABLED],[$enable_valgrind])
# Check for Valgrind tools we care about.
[valgrind_enabled_tools=]
m4_foreach([vgtool],[valgrind_tool_list],[
AC_ARG_ENABLE([valgrind-]vgtool,
m4_if(m4_defn([en_dflt_valgrind_]vgtool),[off],dnl
[AS_HELP_STRING([--enable-valgrind-]vgtool, [Whether to use ]vgtool[ during the Valgrind tests])],dnl
[AS_HELP_STRING([--disable-valgrind-]vgtool, [Whether to skip ]vgtool[ during the Valgrind tests])]),
[enable_valgrind_]vgtool[=$enableval],
[enable_valgrind_]vgtool[=])
AS_IF([test "$enable_valgrind" = "no"],[
enable_valgrind_]vgtool[=no],
[test "$enable_valgrind_]vgtool[" ]dnl
m4_if(m4_defn([en_dflt_valgrind_]vgtool), [off], [= "yes"], [!= "no"]),[
AC_CACHE_CHECK([for Valgrind tool ]vgtool,
[ax_cv_valgrind_tool_]vgtool,[
ax_cv_valgrind_tool_]vgtool[=no
m4_set_contains([valgrind_exp_tool_set],vgtool,
[m4_define([vgtoolx],[exp-]vgtool)],
[m4_define([vgtoolx],vgtool)])
AS_IF([`$VALGRIND --tool=]vgtoolx[ --help >/dev/null 2>&1`],[
ax_cv_valgrind_tool_]vgtool[=yes
])
])
AS_IF([test "$ax_cv_valgrind_tool_]vgtool[" = "no"],[
AS_IF([test "$enable_valgrind_]vgtool[" = "yes"],[
AC_MSG_ERROR([Valgrind does not support ]vgtool[; reconfigure with --disable-valgrind-]vgtool)
],[
enable_valgrind_]vgtool[=no
])
],[
enable_valgrind_]vgtool[=yes
])
])
AS_IF([test "$enable_valgrind_]vgtool[" = "yes"],[
valgrind_enabled_tools="$valgrind_enabled_tools ]m4_bpatsubst(vgtool,[^exp-])["
])
AC_SUBST([ENABLE_VALGRIND_]vgtool,[$enable_valgrind_]vgtool)
])
AC_SUBST([valgrind_tools],["]m4_join([ ], valgrind_tool_list)["])
AC_SUBST([valgrind_enabled_tools],[$valgrind_enabled_tools])
[VALGRIND_CHECK_RULES='
# Valgrind check
#
# Optional:
# - VALGRIND_SUPPRESSIONS_FILES: Space-separated list of Valgrind suppressions
# files to load. (Default: empty)
# - VALGRIND_FLAGS: General flags to pass to all Valgrind tools.
# (Default: --num-callers=30)
# - VALGRIND_$toolname_FLAGS: Flags to pass to Valgrind $toolname (one of:
# memcheck, helgrind, drd, sgcheck). (Default: various)
# Optional variables
VALGRIND_SUPPRESSIONS ?= $(addprefix --suppressions=,$(VALGRIND_SUPPRESSIONS_FILES))
VALGRIND_FLAGS ?= --num-callers=30
VALGRIND_memcheck_FLAGS ?= --leak-check=full --show-reachable=no
VALGRIND_helgrind_FLAGS ?= --history-level=approx
VALGRIND_drd_FLAGS ?=
VALGRIND_sgcheck_FLAGS ?=
# Internal use
valgrind_log_files = $(addprefix test-suite-,$(addsuffix .log,$(valgrind_tools)))
valgrind_memcheck_flags = --tool=memcheck $(VALGRIND_memcheck_FLAGS)
valgrind_helgrind_flags = --tool=helgrind $(VALGRIND_helgrind_FLAGS)
valgrind_drd_flags = --tool=drd $(VALGRIND_drd_FLAGS)
valgrind_sgcheck_flags = --tool=exp-sgcheck $(VALGRIND_sgcheck_FLAGS)
valgrind_quiet = $(valgrind_quiet_$(V))
valgrind_quiet_ = $(valgrind_quiet_$(AM_DEFAULT_VERBOSITY))
valgrind_quiet_0 = --quiet
valgrind_v_use = $(valgrind_v_use_$(V))
valgrind_v_use_ = $(valgrind_v_use_$(AM_DEFAULT_VERBOSITY))
valgrind_v_use_0 = @echo " USE " $(patsubst check-valgrind-%,%,$''@):;
# Support running with and without libtool.
ifneq ($(LIBTOOL),)
valgrind_lt = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=execute
else
valgrind_lt =
endif
# Use recursive makes in order to ignore errors during check
check-valgrind:
ifeq ($(VALGRIND_ENABLED),yes)
-$(A''M_V_at)$(foreach tool,$(valgrind_enabled_tools), \
$(MAKE) $(AM_MAKEFLAGS) -k check-valgrind-$(tool); \
)
else
@echo "Need to reconfigure with --enable-valgrind"
endif
# Valgrind running
VALGRIND_TESTS_ENVIRONMENT = \
$(TESTS_ENVIRONMENT) \
env VALGRIND=$(VALGRIND) \
G_SLICE=always-malloc,debug-blocks \
G_DEBUG=fatal-warnings,fatal-criticals,gc-friendly
VALGRIND_LOG_COMPILER = test/test-suite.sh $(VALGRIND_SUPPRESSIONS) $(VALGRIND_FLAGS)
# $(valgrind_lt) \
# $(VALGRIND) $(VALGRIND_SUPPRESSIONS) --error-exitcode=1 $(VALGRIND_FLAGS)
define valgrind_tool_rule =
check-valgrind-$(1):
ifeq ($$(VALGRIND_ENABLED)-$$(ENABLE_VALGRIND_$(1)),yes-yes)
$$(valgrind_v_use)$$(MAKE) check-TESTS \
TESTS_ENVIRONMENT="$$(VALGRIND_TESTS_ENVIRONMENT)" \
LOG_COMPILER="$$(VALGRIND_LOG_COMPILER)" \
LOG_FLAGS="$$(valgrind_$(1)_flags)" \
TEST_SUITE_LOG=test-suite-$(1).log
else ifeq ($$(VALGRIND_ENABLED),yes)
@echo "Need to reconfigure with --enable-valgrind-$(1)"
else
@echo "Need to reconfigure with --enable-valgrind"
endif
endef
$(foreach tool,$(valgrind_tools),$(eval $(call valgrind_tool_rule,$(tool))))
A''M_DISTCHECK_CONFIGURE_FLAGS ?=
A''M_DISTCHECK_CONFIGURE_FLAGS += --disable-valgrind
MOSTLYCLEANFILES ?=
MOSTLYCLEANFILES += $(valgrind_log_files)
.PHONY: check-valgrind $(add-prefix check-valgrind-,$(valgrind_tools))
']
AC_SUBST([VALGRIND_CHECK_RULES])
m4_ifdef([_AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE([VALGRIND_CHECK_RULES])])
])

131
deps/src/ModSecurity/build/curl.m4 vendored Normal file
View File

@@ -0,0 +1,131 @@
dnl Check for CURL Libraries
dnl CHECK_CURL(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
dnl Sets:
dnl CURL_CFLAGS
dnl CURL_LIBS
CURL_CONFIG=""
CURL_VERSION=""
CURL_CPPFLAGS=""
CURL_CFLAGS=""
CURL_LDFLAGS=""
CURL_LDADD=""
CURL_MIN_VERSION="7.15.1"
AC_DEFUN([CHECK_CURL], [
AC_ARG_WITH(
curl,
[AC_HELP_STRING([--with-curl=PATH],[Path to curl prefix or config script])],
[test_paths="${with_curl}"],
[test_paths="/usr/local/libcurl /usr/local/curl /usr/local /opt/libcurl /opt/curl /opt /usr"])
AC_MSG_CHECKING([for libcurl config script])
for x in ${test_paths}; do
dnl # Determine if the script was specified and use it directly
if test ! -d "$x" -a -e "$x"; then
CURL_CONFIG=$x
curl_path="no"
break
fi
dnl # Try known config script names/locations
for CURL_CONFIG in curl-config; do
if test -e "${x}/bin/${CURL_CONFIG}"; then
curl_path="${x}/bin"
break
elif test -e "${x}/${CURL_CONFIG}"; then
curl_path="${x}"
break
else
curl_path=""
fi
done
if test -n "$curl_path"; then
break
fi
done
if test -n "${curl_path}"; then
if test "${curl_path}" != "no"; then
CURL_CONFIG="${curl_path}/${CURL_CONFIG}"
fi
AC_MSG_RESULT([${CURL_CONFIG}])
CURL_VERSION=`${CURL_CONFIG} --version | sed 's/^[[^0-9]][[^[:space:]]][[^[:space:]]]*[[[:space:]]]*//' | tr '\r\n' ' '`
if test ! -z "${CURL_VERSION}"; then AC_MSG_NOTICE(curl VERSION: $CURL_VERSION); fi
CURL_CFLAGS="`${CURL_CONFIG} --cflags`"
if test ! -z "${CURL_CFLAGS}"; then AC_MSG_NOTICE(curl CFLAGS: $CURL_CFLAGS); fi
CURL_LDADD="`${CURL_CONFIG} --libs`"
if test ! -z "${CURL_CONFIG}"; then AC_MSG_NOTICE(curl LDADD: $CURL_LIBS); fi
dnl # Check version is ok
AC_MSG_CHECKING([if libcurl is at least v${CURL_MIN_VERSION}])
curl_min_ver=`echo ${CURL_MIN_VERSION} | awk -F. '{print (\$ 1 * 1000000) + (\$ 2 * 1000) + \$ 3}'`
curl_ver=`echo ${CURL_VERSION} | awk -F. '{print (\$ 1 * 1000000) + (\$ 2 * 1000) + \$ 3}'`
if test "$curl_min_ver" -le "$curl_ver"; then
AC_MSG_RESULT([yes, $CURL_VERSION])
curl_tlsv2_ver=`echo 7.34.0 | awk -F. '{print (\$ 1 * 1000000) + (\$ 2 * 1000) + \$ 3}'`
if test "$curl_tlsv2_ver" -le "$curl_ver"; then
CURL_CFLAGS="${CURL_CFLAGS} -DWITH_CURL_SSLVERSION_TLSv1_2"
fi
CURL_CFLAGS="${CURL_CFLAGS} -DWITH_CURL"
else
AC_MSG_RESULT([no, $CURL_VERSION])
AC_MSG_NOTICE([NOTE: curl library may be too old])
fi
dnl # Check/warn if GnuTLS is used
AC_MSG_CHECKING([if libcurl is linked with gnutls])
curl_uses_gnutls=`echo ${CURL_LIBS} | grep gnutls | wc -l`
if test "$curl_uses_gnutls" -ne 0; then
AC_MSG_RESULT([yes])
AC_MSG_NOTICE([NOTE: curl linked with gnutls may be buggy, openssl recommended])
CURL_USES_GNUTLS=yes
else
AC_MSG_RESULT([no])
CURL_USES_GNUTLS=no
fi
else
AC_MSG_RESULT([no])
fi
AC_SUBST(CURL_CONFIG)
AC_SUBST(CURL_VERSION)
AC_SUBST(CURL_CPPFLAGS)
AC_SUBST(CURL_CFLAGS)
AC_SUBST(CURL_LDFLAGS)
AC_SUBST(CURL_LDADD)
AC_SUBST(CURL_USES_GNUTLS)
if test "x${with_curl}" == "xno"; then
CURL_DISABLED=yes
else
if test "x${with_curl}" != "x"; then
CURL_MANDATORY=yes
fi
fi
if test -z "${CURL_VERSION}"; then
AC_MSG_NOTICE([*** curl library not found.])
if test -z "${CURL_MANDATORY}"; then
if test -z "${CURL_DISABLED}"; then
CURL_FOUND=0
else
CURL_FOUND=2
fi
else
AC_MSG_ERROR([Curl was explicitly referenced but it was not found])
CURL_FOUND=-1
fi
else
CURL_FOUND=1
AC_MSG_NOTICE([using curl v${CURL_VERSION}])
CURL_DISPLAY="${CURL_LDADD}, ${CURL_CFLAGS}"
fi
AC_SUBST(CURL_FOUND)
AC_SUBST(CURL_DISPLAY)
])

191
deps/src/ModSecurity/build/libgeoip.m4 vendored Normal file
View File

@@ -0,0 +1,191 @@
dnl Check for GEOIP Libraries
dnl CHECK_GEOIP(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
dnl Sets:
dnl GEOIP_CFLAGS
dnl GEOIP_LDADD
dnl GEOIP_LDFLAGS
dnl GEOIP_LIBS
dnl GEOIP_VERSION
AC_DEFUN([PROG_GEOIP], [
# Needed if pkg-config will be used.
AC_REQUIRE([PKG_PROG_PKG_CONFIG])
# Possible names for the geoip library/package (pkg-config)
GEOIP_POSSIBLE_LIB_NAMES="geoip2 geoip GeoIP"
# Possible extensions for the library
GEOIP_POSSIBLE_EXTENSIONS="so la sl dll dylib"
# Possible paths (if pkg-config was not found, proceed with the file lookup)
GEOIP_POSSIBLE_PATHS="/usr/local/libgeoip /usr/local/geoip /usr/local /opt/libgeoip /opt/geoip /opt /usr /opt/local/include /opt/local /usr/lib /usr/local/lib /usr/lib64 /usr"
# Variables to be set by this very own script.
GEOIP_VERSION=""
GEOIP_CFLAGS=""
GEOIP_CPPFLAGS=""
GEOIP_LDADD=""
GEOIP_LDFLAGS=""
AC_ARG_WITH(
geoip,
AS_HELP_STRING(
[--with-geoip=PATH],
[Path to GeoIP (including headers). Use 'no' to disable GeoIP support.]
)
)
# AS_HELP_STRING(
# [--without-geoip],
# [Complete dsiables GeoIP support]
# )
if test "x${with_geoip}" == "xno"; then
AC_DEFINE(HAVE_GEOIP, 0, [Support for GeoIP was disabled by the utilization of --without-geoip or --with-geoip=no])
AC_MSG_NOTICE([Support for GeoIP was disabled by the utilization of --without-geoip or --with-geoip=no])
GEOIP_DISABLED=yes
else
if test "x${with_geoip}" == "xyes"; then
GEOIP_MANDATORY=yes
AC_MSG_NOTICE([GeoIP support was marked as mandatory by the utilization of --with-geoip=yes])
fi
# for x in ${GEOIP_POSSIBLE_LIB_NAMES}; do
# CHECK_FOR_GEOIP_AT(${x})
# if test -n "${GEOIP_VERSION}"; then
# break
# fi
# done
# if test "x${with_geoip}" != "xyes" or test "x${with_geoip}" == "xyes"; then
if test "x${with_geoip}" == "x" || test "x${with_geoip}" == "xyes"; then
# Nothing about GeoIP was informed, using the pkg-config to figure things out.
if test -n "${PKG_CONFIG}"; then
GEOIP_PKG_NAME=""
for x in ${GEOIP_POSSIBLE_LIB_NAMES}; do
if ${PKG_CONFIG} --exists ${x}; then
GEOIP_PKG_NAME="$x"
break
fi
done
fi
AC_MSG_NOTICE([Nothing about GeoIP was informed during the configure phase. Trying to detect it on the platform...])
if test -n "${GEOIP_PKG_NAME}"; then
# Package was found using the pkg-config scripts
GEOIP_VERSION="`${PKG_CONFIG} ${GEOIP_PKG_NAME} --modversion`"
GEOIP_CFLAGS="`${PKG_CONFIG} ${GEOIP_PKG_NAME} --cflags`"
GEOIP_LDADD="`${PKG_CONFIG} ${GEOIP_PKG_NAME} --libs-only-l`"
GEOIP_LDFLAGS="`${PKG_CONFIG} ${GEOIP_PKG_NAME} --libs-only-L --libs-only-other`"
GEOIP_DISPLAY="${GEOIP_LDADD}, ${GEOIP_CFLAGS}"
else
# If pkg-config did not find anything useful, go over file lookup.
for x in ${GEOIP_POSSIBLE_PATHS}; do
CHECK_FOR_GEOIP_AT(${x})
if test -n "${GEOIP_VERSION}"; then
break
fi
done
fi
fi
if test "x${with_geoip}" != "x"; then
# An specific path was informed, lets check.
GEOIP_MANDATORY=yes
CHECK_FOR_GEOIP_AT(${with_geoip})
fi
# fi
fi
if test -z "${GEOIP_CFLAGS}"; then
if test -z "${GEOIP_MANDATORY}"; then
if test -z "${GEOIP_DISABLED}"; then
AC_MSG_NOTICE([GeoIP library was not found])
GEOIP_FOUND=0
else
GEOIP_FOUND=2
fi
else
AC_MSG_ERROR([GeoIP was explicit requested but it was not found])
GEOIP_FOUND=-1
fi
else
GEOIP_FOUND=1
AC_MSG_NOTICE([using GeoIP v${GEOIP_VERSION}])
GEOIP_CFLAGS="-DWITH_GEOIP ${GEOIP_CFLAGS}"
AC_SUBST(GEOIP_VERSION)
AC_SUBST(GEOIP_LDADD)
AC_SUBST(GEOIP_LIBS)
AC_SUBST(GEOIP_LDFLAGS)
AC_SUBST(GEOIP_CFLAGS)
AC_SUBST(GEOIP_DISPLAY)
fi
AC_SUBST(GEOIP_FOUND)
]) # AC_DEFUN [PROG_GEOIP]
AC_DEFUN([CHECK_FOR_GEOIP_AT], [
path=$1
for y in ${GEOIP_POSSIBLE_EXTENSIONS}; do
for z in ${GEOIP_POSSIBLE_LIB_NAMES}; do
if test -e "${path}/${z}.${y}"; then
geoip_lib_path="${path}/"
geoip_lib_name="${z}"
geoip_lib_file="${geoip_lib_path}/${z}.${y}"
break
fi
if test -e "${path}/lib${z}.${y}"; then
geoip_lib_path="${path}/"
geoip_lib_name="${z}"
geoip_lib_file="${geoip_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/lib${z}.${y}"; then
geoip_lib_path="${path}/lib/"
geoip_lib_name="${z}"
geoip_lib_file="${geoip_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib64/lib${z}.${y}"; then
geoip_lib_path="${path}/lib64/"
geoip_lib_name="${z}"
geoip_lib_file="${geoip_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/x86_64-linux-gnu/lib${z}.${y}"; then
geoip_lib_path="${path}/lib/x86_64-linux-gnu/"
geoip_lib_name="${z}"
geoip_lib_file="${geoip_lib_path}/lib${z}.${y}"
break
fi
done
if test -n "$geoip_lib_path"; then
break
fi
done
if test -e "${path}/include/GeoIPCity.h"; then
geoip_inc_path="${path}/include"
elif test -e "${path}/GeoIPCity.h"; then
geoip_inc_path="${path}"
fi
if test -n "${geoip_inc_path}" -a -n "${geoip_lib_path}"; then
AC_MSG_NOTICE([GeoIP headers found at: ${geoip_inc_path}])
AC_MSG_NOTICE([GeoIP library found at: ${geoip_lib_file}])
fi
if test -n "${geoip_lib_path}" -a -n "${geoip_inc_path}"; then
# TODO: Compile a piece of code to check the version.
GEOIP_CFLAGS="-I${geoip_inc_path}"
GEOIP_LDADD="-l${geoip_lib_name}"
GEOIP_LDFLAGS="-L${geoip_lib_path}"
GEOIP_DISPLAY="${geoip_lib_file}, ${geoip_inc_path}"
fi
]) # AC_DEFUN [CHECK_FOR_GEOIP_AT]

194
deps/src/ModSecurity/build/libmaxmind.m4 vendored Normal file
View File

@@ -0,0 +1,194 @@
dnl Check for MAXMIND Libraries
dnl CHECK_MAXMIND(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
dnl Sets:
dnl MAXMIND_CFLAGS
dnl MAXMIND_LDADD
dnl MAXMIND_LDFLAGS
dnl MAXMIND_LIBS
dnl MAXMIND_VERSION
AC_DEFUN([PROG_MAXMIND], [
# Needed if pkg-config will be used.
AC_REQUIRE([PKG_PROG_PKG_CONFIG])
# Possible names for the maxmind library/package (pkg-config)
MAXMIND_POSSIBLE_LIB_NAMES="libmaxminddb maxminddb maxmind"
# Possible extensions for the library
MAXMIND_POSSIBLE_EXTENSIONS="so la sl dll dylib"
# Possible paths (if pkg-config was not found, proceed with the file lookup)
MAXMIND_POSSIBLE_PATHS="/usr/local/libmaxmind /usr/local/maxmind /usr/local /opt/libmaxmind /opt/maxmind /opt /usr /opt/local/include /opt/local /usr/lib /usr/local/lib /usr/lib64 /usr /usr/include/x86_64-linux-gnu/"
# Variables to be set by this very own script.
MAXMIND_VERSION=""
MAXMIND_CFLAGS=""
MAXMIND_CPPFLAGS=""
MAXMIND_LDADD=""
MAXMIND_LDFLAGS=""
AC_ARG_WITH(
maxmind,
AS_HELP_STRING(
[--with-maxmind=PATH],
[Path to MaxMind (including headers). Use 'no' to disable MaxMind support.]
)
)
# AS_HELP_STRING(
# [--without-maxmind],
# [Complete dsiables MaxMind support]
# )
if test "x${with_maxmind}" == "xno"; then
AC_DEFINE(HAVE_MAXMIND, 0, [Support for MaxMind was disabled by the utilization of --without-maxmind or --with-maxmind=no])
AC_MSG_NOTICE([Support for MaxMind was disabled by the utilization of --without-maxmind or --with-maxmind=no])
MAXMIND_DISABLED=yes
else
if test "x${with_maxmind}" == "xyes"; then
MAXMIND_MANDATORY=yes
AC_MSG_NOTICE([MaxMind support was marked as mandatory by the utilization of --with-maxmind=yes])
fi
# for x in ${MAXMIND_POSSIBLE_LIB_NAMES}; do
# CHECK_FOR_MAXMIND_AT(${x})
# if test -n "${MAXMIND_VERSION}"; then
# break
# fi
# done
# if test "x${with_maxmind}" != "xyes" or test "x${with_maxmind}" == "xyes"; then
if test "x${with_maxmind}" == "x" || test "x${with_maxmind}" == "xyes"; then
# Nothing about MaxMind was informed, using the pkg-config to figure things out.
if test -n "${PKG_CONFIG}"; then
MAXMIND_PKG_NAME=""
for x in ${MAXMIND_POSSIBLE_LIB_NAMES}; do
if ${PKG_CONFIG} --exists ${x}; then
MAXMIND_PKG_NAME="$x"
break
fi
done
fi
AC_MSG_NOTICE([Nothing about MaxMind was informed during the configure phase. Trying to detect it on the platform...])
if test -n "${MAXMIND_PKG_NAME}"; then
# Package was found using the pkg-config scripts
MAXMIND_VERSION="`${PKG_CONFIG} ${MAXMIND_PKG_NAME} --modversion`"
MAXMIND_CFLAGS="`${PKG_CONFIG} ${MAXMIND_PKG_NAME} --cflags`"
MAXMIND_LDADD="`${PKG_CONFIG} ${MAXMIND_PKG_NAME} --libs-only-l`"
MAXMIND_LDFLAGS="`${PKG_CONFIG} ${MAXMIND_PKG_NAME} --libs-only-L --libs-only-other`"
MAXMIND_DISPLAY="${MAXMIND_LDADD}"
else
# If pkg-config did not find anything useful, go over file lookup.
for x in ${MAXMIND_POSSIBLE_PATHS}; do
CHECK_FOR_MAXMIND_AT(${x})
if test -n "${MAXMIND_VERSION}"; then
break
fi
done
fi
fi
if test "x${with_maxmind}" != "x"; then
# An specific path was informed, lets check.
MAXMIND_MANDATORY=yes
CHECK_FOR_MAXMIND_AT(${with_maxmind})
fi
# fi
fi
if test -z "${MAXMIND_DISPLAY}"; then
if test -z "${MAXMIND_MANDATORY}"; then
if test -z "${MAXMIND_DISABLED}"; then
AC_MSG_NOTICE([MaxMind library was not found])
MAXMIND_FOUND=0
else
MAXMIND_FOUND=2
fi
else
AC_MSG_ERROR([MaxMind was explicit requested but it was not found])
MAXMIND_FOUND=-1
fi
else
MAXMIND_FOUND=1
AC_MSG_NOTICE([using MaxMind v${MAXMIND_VERSION}])
MAXMIND_CFLAGS="-DWITH_MAXMIND ${MAXMIND_CFLAGS}"
if ! test "x$MAXMIND_CFLAGS" = "x"; then
MAXMIND_DISPLAY="${MAXMIND_DISPLAY}, ${MAXMIND_CFLAGS}"
fi
AC_SUBST(MAXMIND_VERSION)
AC_SUBST(MAXMIND_LDADD)
AC_SUBST(MAXMIND_LIBS)
AC_SUBST(MAXMIND_LDFLAGS)
AC_SUBST(MAXMIND_CFLAGS)
AC_SUBST(MAXMIND_DISPLAY)
fi
AC_SUBST(MAXMIND_FOUND)
]) # AC_DEFUN [PROG_MAXMIND]
AC_DEFUN([CHECK_FOR_MAXMIND_AT], [
path=$1
for y in ${MAXMIND_POSSIBLE_EXTENSIONS}; do
for z in ${MAXMIND_POSSIBLE_LIB_NAMES}; do
if test -e "${path}/${z}.${y}"; then
maxmind_lib_path="${path}/"
maxmind_lib_name="${z}"
maxmind_lib_file="${maxmind_lib_path}/${z}.${y}"
break
fi
if test -e "${path}/lib${z}.${y}"; then
maxmind_lib_path="${path}/"
maxmind_lib_name="${z}"
maxmind_lib_file="${maxmind_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/lib${z}.${y}"; then
maxmind_lib_path="${path}/lib/"
maxmind_lib_name="${z}"
maxmind_lib_file="${maxmind_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib64/lib${z}.${y}"; then
maxmind_lib_path="${path}/lib64/"
maxmind_lib_name="${z}"
maxmind_lib_file="${maxmind_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/x86_64-linux-gnu/lib${z}.${y}"; then
maxmind_lib_path="${path}/lib/x86_64-linux-gnu/"
maxmind_lib_name="${z}"
maxmind_lib_file="${maxmind_lib_path}/lib${z}.${y}"
break
fi
done
if test -n "$maxmind_lib_path"; then
break
fi
done
if test -e "${path}/include/maxminddb.h"; then
maxmind_inc_path="${path}/include"
elif test -e "${path}/maxminddb.h"; then
maxmind_inc_path="${path}"
fi
if test -n "${maxmind_inc_path}" -a -n "${maxmind_lib_path}"; then
AC_MSG_NOTICE([MaxMind headers found at: ${maxmind_inc_path}])
AC_MSG_NOTICE([MaxMind library found at: ${maxmind_lib_file}])
fi
if test -n "${maxmind_lib_path}" -a -n "${maxmind_inc_path}"; then
# TODO: Compile a piece of code to check the version.
MAXMIND_CFLAGS="-I${maxmind_inc_path}"
MAXMIND_LDADD="-l${maxmind_lib_name}"
MAXMIND_LDFLAGS="-L${maxmind_lib_path}"
MAXMIND_DISPLAY="${maxmind_lib_file}, ${maxmind_inc_path}"
fi
]) # AC_DEFUN [CHECK_FOR_MAXMIND_AT]

111
deps/src/ModSecurity/build/libxml.m4 vendored Normal file
View File

@@ -0,0 +1,111 @@
dnl Check for LIBXML2 Libraries
dnl CHECK_LIBXML2(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
dnl Sets:
dnl LIBXML2_CFLAGS
dnl LIBXML2_LIBS
LIBXML2_CONFIG=""
LIBXML2_VERSION=""
LIBXML2_CFLAGS=""
LIBXML2_CPPFLAGS=""
LIBXML2_LDADD=""
LIBXML2_LDFLAGS=""
AC_DEFUN([CHECK_LIBXML2], [
AC_ARG_WITH(
libxml,
[AC_HELP_STRING([--with-libxml=PATH],[Path to libxml2 prefix or config script])],
[test_paths="${with_libxml}"],
[test_paths="/usr/local/libxml2 /usr/local/xml2 /usr/local/xml /usr/local /opt/libxml2 /opt/libxml /opt/xml2 /opt/xml /opt /usr"])
AC_MSG_CHECKING([for libxml2 config script])
for x in ${test_paths}; do
dnl # Determine if the script was specified and use it directly
if test ! -d "$x" -a -e "$x"; then
LIBXML2_CONFIG=$x
libxml2_path="no"
break
fi
dnl # Try known config script names/locations
for LIBXML2_CONFIG in xml2-config xml-2-config xml-config; do
if test -e "${x}/bin/${LIBXML2_CONFIG}"; then
libxml2_path="${x}/bin"
break
elif test -e "${x}/${LIBXML2_CONFIG}"; then
libxml2_path="${x}"
break
else
libxml2_path=""
fi
done
if test -n "$libxml2_path"; then
break
fi
done
if test -n "${libxml2_path}"; then
if test "${libxml2_path}" != "no"; then
LIBXML2_CONFIG="${libxml2_path}/${LIBXML2_CONFIG}"
fi
AC_MSG_RESULT([${LIBXML2_CONFIG}])
LIBXML2_VERSION=`${LIBXML2_CONFIG} --version | sed 's/^[[^0-9]][[^[:space:]]][[^[:space:]]]*[[[:space:]]]*//'`
if test ! -z "${LIBXML2_VERSION}"; then AC_MSG_NOTICE(xml VERSION: $LIBXML2_VERSION); fi
LIBXML2_CFLAGS="`${LIBXML2_CONFIG} --cflags` -DWITH_LIBXML2"
if test ! -z "${LIBXML2_CFLAGS}"; then AC_MSG_NOTICE(xml CFLAGS: $LIBXML2_CFLAGS); fi
LIBXML2_LDADD="`${LIBXML2_CONFIG} --libs`"
if test ! -z "${LIBXML2_LDADD}"; then AC_MSG_NOTICE(xml LDADD: $LIBXML2_LDADD); fi
AC_MSG_CHECKING([if libxml2 is at least v2.6.29])
libxml2_min_ver=`echo 2.6.29 | awk -F. '{print (\$ 1 * 1000000) + (\$ 2 * 1000) + \$ 3}'`
libxml2_ver=`echo ${LIBXML2_VERSION} | awk -F. '{print (\$ 1 * 1000000) + (\$ 2 * 1000) + \$ 3}'`
if test "$libxml2_ver" -ge "$libxml2_min_ver"; then
AC_MSG_RESULT([yes, $LIBXML2_VERSION])
else
AC_MSG_RESULT([no, $LIBXML2_VERSION])
AC_MSG_ERROR([NOTE: libxml2 library must be at least 2.6.29])
fi
else
AC_MSG_RESULT([no])
fi
AC_SUBST(LIBXML2_CONFIG)
AC_SUBST(LIBXML2_VERSION)
AC_SUBST(LIBXML2_CFLAGS)
AC_SUBST(LIBXML2_CPPFLAGS)
AC_SUBST(LIBXML2_LDADD)
AC_SUBST(LIBXML2_LDFLAGS)
if test "x${with_libxml}" == "xno"; then
LIBXML2_DISABLED=yes
else
if test "x${with_libxml}" != "x"; then
LIBXML2_MANDATORY=yes
fi
fi
if test -z "${LIBXML2_VERSION}"; then
AC_MSG_NOTICE([*** libxml2 library not found.])
if test -z "${LIBXML2_MANDATORY}"; then
if test -z "${LIBXML2_DISABLED}"; then
LIBXML2_FOUND=0
else
LIBXML2_FOUND=2
fi
else
AC_MSG_ERROR([Libxml2 was explicitly referenced but it was not found])
LIBXML2_FOUND=-1
fi
else
LIBXML2_FOUND=1
AC_MSG_NOTICE([using libxml2 v${LIBXML2_VERSION}])
LIBXML2_DISPLAY="${LIBXML2_LDADD}, ${LIBXML2_CFLAGS}"
fi
AC_SUBST(LIBXML2_FOUND)
AC_SUBST(LIBXML2_DISPLAY)
])

187
deps/src/ModSecurity/build/lmdb.m4 vendored Normal file
View File

@@ -0,0 +1,187 @@
dnl Check for LMDB Libraries
dnl CHECK_LMDB(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
AC_DEFUN([PROG_LMDB], [
# Needed if pkg-config will be used.LMDB
AC_REQUIRE([PKG_PROG_PKG_CONFIG])
# Possible names for the lmdb library/package (pkg-config)
LMDB_POSSIBLE_LIB_NAMES="lmdb"
# Possible extensions for the library
LMDB_POSSIBLE_EXTENSIONS="so so0 la sl dll dylib so.0.0.0"
# Possible paths (if pkg-config was not found, proceed with the file lookup)
LMDB_POSSIBLE_PATHS="/usr/lib /usr/local/lib /usr/local/liblmdb /usr/local/lmdb /usr/local /opt/liblmdb /opt/lmdb /opt /usr /usr/lib64 /opt/local"
# Variables to be set by this very own script.
LMDB_VERSION=""
LMDB_CFLAGS=""
LMDB_CPPFLAGS=""
LMDB_LDADD=""
LMDB_LDFLAGS=""
AC_ARG_WITH(
lmdb,
AC_HELP_STRING(
[--with-lmdb=PATH],
[Path to lmdb prefix or config script]
)
)
if test "x${with_lmdb}" == "xno"; then
AC_DEFINE(HAVE_LMDB, 0, [Support for LMDB was disabled by the utilization of --without-lmdb or --with-lmdb=no])
AC_MSG_NOTICE([Support for LMDB was disabled by the utilization of --without-lmdb or --with-lmdb=no])
LMDB_DISABLED=yes
else
if test "x${with_lmdb}" == "xyes"; then
LMDB_MANDATORY=yes
AC_MSG_NOTICE([LMDB support was marked as mandatory by the utilization of --with-lmdb=yes])
fi
# for x in ${LMDB_POSSIBLE_LIB_NAMES}; do
# CHECK_FOR_LMDB_AT(${x})
# if test -n "${LMDB_VERSION}"; then
# break
# fi
# done
# if test "x${with_lmdb}" != "xyes" or test "x${with_lmdb}" == "xyes"; then
if test "x${with_lmdb}" == "x" || test "x${with_lmdb}" == "xyes"; then
# Nothing about LMDB was informed, using the pkg-config to figure things out.
if test -n "${PKG_CONFIG}"; then
LMDB_PKG_NAME=""
for x in ${LMDB_POSSIBLE_LIB_NAMES}; do
if ${PKG_CONFIG} --exists ${x}; then
LMDB_PKG_NAME="$x"
break
fi
done
fi
AC_MSG_NOTICE([Nothing about LMDB was informed during the configure phase. Trying to detect it on the platform...])
if test -n "${LMDB_PKG_NAME}"; then
# Package was found using the pkg-config scripts
LMDB_VERSION="`${PKG_CONFIG} ${LMDB_PKG_NAME} --modversion`"
LMDB_CFLAGS="`${PKG_CONFIG} ${LMDB_PKG_NAME} --cflags`"
LMDB_LDADD="`${PKG_CONFIG} ${LMDB_PKG_NAME} --libs-only-l`"
LMDB_LDFLAGS="`${PKG_CONFIG} ${LMDB_PKG_NAME} --libs-only-L --libs-only-other`"
LMDB_DISPLAY="${LMDB_LDADD}, ${LMDB_CFLAGS}"
else
# If pkg-config did not find anything useful, go over file lookup.
for x in ${LMDB_POSSIBLE_PATHS}; do
CHECK_FOR_LMDB_AT(${x})
if test -n "${LMDB_VERSION}"; then
break
fi
done
fi
fi
if test "x${with_lmdb}" != "x"; then
# An specific path was informed, lets check.
LMDB_MANDATORY=yes
CHECK_FOR_LMDB_AT(${with_lmdb})
fi
# fi
fi
if test -z "${LMDB_LDADD}"; then
if test -z "${LMDB_MANDATORY}"; then
if test -z "${LMDB_DISABLED}"; then
AC_MSG_NOTICE([LMDB library was not found])
LMDB_FOUND=0
else
LMDB_FOUND=2
fi
else
AC_MSG_ERROR([LMDB was explicitly referenced but it was not found])
LMDB_FOUND=-1
fi
else
if test -z "${LMDB_MANDATORY}"; then
LMDB_FOUND=2
AC_MSG_NOTICE([LMDB is disabled by default.])
else
LMDB_FOUND=1
AC_MSG_NOTICE([using LMDB v${LMDB_VERSION}])
LMDB_CFLAGS="-DWITH_LMDB ${LMDB_CFLAGS}"
LMDB_DISPLAY="${LMDB_LDADD}, ${LMDB_CFLAGS}"
AC_SUBST(LMDB_VERSION)
AC_SUBST(LMDB_LDADD)
AC_SUBST(LMDB_LIBS)
AC_SUBST(LMDB_LDFLAGS)
AC_SUBST(LMDB_CFLAGS)
AC_SUBST(LMDB_DISPLAY)
fi
fi
AC_SUBST(LMDB_FOUND)
]) # AC_DEFUN [PROG_LMDB]
AC_DEFUN([CHECK_FOR_LMDB_AT], [
path=$1
echo "*** LOOKING AT PATH: " ${path}
for y in ${LMDB_POSSIBLE_EXTENSIONS}; do
for z in ${LMDB_POSSIBLE_LIB_NAMES}; do
if test -e "${path}/${z}.${y}"; then
lmdb_lib_path="${path}/"
lmdb_lib_name="${z}"
lmdb_lib_file="${lmdb_lib_path}/${z}.${y}"
break
fi
if test -e "${path}/lib${z}.${y}"; then
lmdb_lib_path="${path}/"
lmdb_lib_name="${z}"
lmdb_lib_file="${lmdb_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/lib${z}.${y}"; then
lmdb_lib_path="${path}/lib/"
lmdb_lib_name="${z}"
lmdb_lib_file="${lmdb_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/x86_64-linux-gnu/lib${z}.${y}"; then
lmdb_lib_path="${path}/lib/x86_64-linux-gnu/"
lmdb_lib_name="${z}"
lmdb_lib_file="${lmdb_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/i386-linux-gnu/lib${z}.${y}"; then
lmdb_lib_path="${path}/lib/i386-linux-gnu/"
lmdb_lib_name="${z}"
lmdb_lib_file="${lmdb_lib_path}/lib${z}.${y}"
break
fi
done
if test -n "$lmdb_lib_path"; then
break
fi
done
if test -e "${path}/include/lmdb.h"; then
lmdb_inc_path="${path}/include"
elif test -e "${path}/lmdb.h"; then
lmdb_inc_path="${path}"
elif test -e "${path}/include/lmdb/lmdb.h"; then
lmdb_inc_path="${path}/include"
fi
if test -n "${lmdb_lib_path}"; then
AC_MSG_NOTICE([LMDB library found at: ${lmdb_lib_file}])
fi
if test -n "${lmdb_inc_path}"; then
AC_MSG_NOTICE([LMDB headers found at: ${lmdb_inc_path}])
fi
if test -n "${lmdb_lib_path}" -a -n "${lmdb_inc_path}"; then
# TODO: Compile a piece of code to check the version.
LMDB_CFLAGS="-I${lmdb_inc_path}"
LMDB_LDADD="-l${lmdb_lib_name}"
LMDB_LDFLAGS="-L${lmdb_lib_path}"
LMDB_DISPLAY="${lmdb_lib_file}, ${lmdb_inc_path}"
fi
]) # AC_DEFUN [CHECK_FOR_LMDB_AT]

235
deps/src/ModSecurity/build/lua.m4 vendored Normal file
View File

@@ -0,0 +1,235 @@
dnl Check for LUA Libraries
dnl CHECK_LUA(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
AC_DEFUN([CHECK_LUA],
[dnl
# Possible names for the lua library/package (pkg-config)
LUA_POSSIBLE_LIB_NAMES="luajit luajit-5.1 lua53 lua5.3 lua-5.3 lua52 lua5.2 lua-5.2 lua51 lua5.1 lua-5.1 lua"
# Possible extensions for the library
LUA_POSSIBLE_EXTENSIONS="so so0 la sl dll dylib so.0.0.0"
# Possible paths (if pkg-config was not found, proceed with the file lookup)
LUA_POSSIBLE_PATHS="/usr/lib /usr/local/lib /usr/local/lib64 /usr/local/lua /usr/local/liblua /usr/local /opt /usr /usr/lib64 /opt/local"
# Variables to be set by this very own script.
LUA_CFLAGS=""
LUA_LDFLAGS=""
LUA_LDADD=""
LUA_DISPLAY=""
AC_ARG_WITH(
lua,
AC_HELP_STRING(
[--with-lua=PATH],
[Path to lua prefix]
)
)
if test "x${with_lua}" == "xno"; then
AC_DEFINE(HAVE_LUA, 0, [Support for LUA was disabled by the utilization of --without-lua or --with-lua=no])
AC_MSG_NOTICE([Support for LUA was disabled by the utilization of --without-lua or --with-lua=no])
LUA_DISABLED=yes
else
if test "x${with_lua}" == "xyes"; then
LUA_MANDATORY=yes
AC_MSG_NOTICE([LUA support was marked as mandatory by the utilization of --with-lua=yes])
else
LUA_MANDATORY=no
fi
for x in ${LUA_POSSIBLE_PATHS}; do
CHECK_FOR_LUA_AT(${x})
if test -n "${LUA_CFLAGS}"; then
break
fi
done
if test -z "${LUA_CFLAGS}"; then
#Trying to figure out the version using pkg-config...
if test -n "${PKG_CONFIG}"; then
LUA_PKG_NAME=""
for x in ${LUA_POSSIBLE_LIB_NAMES}; do
if ${PKG_CONFIG} --exists ${x}; then
LUA_PKG_NAME="$x"
LUA_PKG_VERSION="`${PKG_CONFIG} ${LUA_PKG_NAME} --modversion`"
break
fi
done
fi
if test -n "${LUA_PKG_NAME}"; then
# Package was found using the pkg-config scripts
LUA_PKG_VERSION="`${PKG_CONFIG} ${LUA_PKG_NAME} --modversion`"
LUA_CFLAGS="`${PKG_CONFIG} ${LUA_PKG_NAME} --cflags`"
LUA_LDADD="`${PKG_CONFIG} ${LUA_PKG_NAME} --libs-only-l`"
LUA_LDFLAGS="`${PKG_CONFIG} ${LUA_PKG_NAME} --libs-only-L --libs-only-other`"
LUA_DISPLAY="${LUA_LDADD}, ${LUA_CFLAGS}"
case $LUA_PKG_VERSION in
(5.1*) LUA_CFLAGS="-DWITH_LUA_5_1 ${LUA_CFLAGS}" ; lua_5_1=1 ;;
(5.2*) LUA_CFLAGS="-DWITH_LUA_5_2 ${LUA_CFLAGS}" ; lua_5_2=1 ;;
(2.0*) LUA_CFLAGS="-DWITH_LUA_5_1 ${LUA_CFLAGS}" ; lua_5_1=1 ;;
(2.1*) LUA_CFLAGS="-DWITH_LUA_5_1 -DWITH_LUA_JIT_2_1 ${LUA_CFLAGS}" ; lua_5_1=1 ;;
esac
AC_MSG_NOTICE([LUA pkg-config version: ${LUA_PKG_VERSION}])
fi
fi
fi
if test -z "${LUA_CFLAGS}"; then
if test -z "${LUA_MANDATORY}" || test "x${LUA_MANDATORY}" == "xno"; then
if test -z "${LUA_DISABLED}"; then
AC_MSG_NOTICE([LUA library was not found])
LUA_FOUND=0
else
LUA_FOUND=2
fi
else
AC_MSG_ERROR([LUA was explicitly referenced but it was not found])
LUA_FOUND=-1
fi
else
if test -z "${LUA_MANDATORY}" || test "x${LUA_MANDATORY}" == "xno"; then
LUA_FOUND=1
AC_MSG_NOTICE([using LUA ${LUA_LDADD}])
LUA_CFLAGS="-DWITH_LUA ${LUA_CFLAGS}"
LUA_DISPLAY="${LUA_LDADD} ${LUA_LDFLAGS}, ${LUA_CFLAGS}"
AC_SUBST(LUA_LDFLAGS)
AC_SUBST(LUA_LDADD)
AC_SUBST(LUA_CFLAGS)
AC_SUBST(LUA_DISPLAY)
else
LUA_FOUND=1
AC_MSG_NOTICE([using LUA ${LUA_LDADD}])
LUA_CFLAGS="-DWITH_LUA ${LUA_CFLAGS}"
LUA_DISPLAY="${LUA_LDADD} ${LUA_LDFLAGS}, ${LUA_CFLAGS}"
AC_SUBST(LUA_LDFLAGS)
AC_SUBST(LUA_LDADD)
AC_SUBST(LUA_CFLAGS)
AC_SUBST(LUA_DISPLAY)
fi
fi
AC_SUBST(LUA_FOUND)
]) # AC_DEFUN [CHECK_LUA]
AC_DEFUN([CHECK_FOR_LUA_AT], [
path=$1
echo "*** LOOKING AT PATH: " ${path}
for y in ${LUA_POSSIBLE_EXTENSIONS}; do
for z in ${LUA_POSSIBLE_LIB_NAMES}; do
if test -e "${path}/${z}.${y}"; then
lua_lib_path="${path}/"
lua_lib_name="${z}"
lua_lib_file="${lua_lib_path}/${z}.${y}"
break
fi
if test -e "${path}/lib${z}.${y}"; then
lua_lib_path="${path}/"
lua_lib_name="${z}"
lua_lib_file="${lua_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/lib${z}.${y}"; then
lua_lib_path="${path}/lib/"
lua_lib_name="${z}"
lua_lib_file="${lua_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/x86_64-linux-gnu/lib${z}.${y}"; then
lua_lib_path="${path}/lib/x86_64-linux-gnu/"
lua_lib_name="${z}"
lua_lib_file="${lua_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/i386-linux-gnu/lib${z}.${y}"; then
lua_lib_path="${path}/lib/i386-linux-gnu/"
lua_lib_name="${z}"
lua_lib_file="${lua_lib_path}/lib${z}.${y}"
break
fi
done
if test -n "$lua_lib_path"; then
break
fi
done
if test -e "${path}/include/lua.h"; then
lua_inc_path="${path}/include"
elif test -e "${path}/lua.h"; then
lua_inc_path="${path}"
elif test -e "${path}/include/lua/lua.h"; then
lua_inc_path="${path}/include/lua"
elif test -e "${path}/include/lua5.3/lua.h"; then
lua_inc_path="${path}/include/lua5.3"
LUA_VERSION=503
elif test -e "${path}/include/lua5.2/lua.h"; then
lua_inc_path="${path}/include/lua5.2"
LUA_VERSION=502
elif test -e "${path}/include/lua5.1/lua.h"; then
lua_inc_path="${path}/include/lua5.1"
LUA_VERSION=501
elif test -e "${path}/include/luajit-2.0/lua.h"; then
lua_inc_path="${path}/include/luajit-2.0"
LUA_VERSION=501
fi
if test -n "${lua_lib_path}"; then
AC_MSG_NOTICE([LUA library found at: ${lua_lib_file}])
fi
if test -n "${lua_inc_path}"; then
AC_MSG_NOTICE([LUA headers found at: ${lua_inc_path}])
fi
if test -n "${lua_lib_path}" -a -n "${lua_inc_path}"; then
LUA_CFLAGS="-I${lua_inc_path}"
LUA_LDADD="-l${lua_lib_name}"
LUA_LDFLAGS="-L${lua_lib_path}"
LUA_DISPLAY="${lua_lib_file}, ${lua_inc_path}"
# Double checking version from lua.h...
AC_TRY_COMPILE([ #include <lua.h>> ],
[ #if (LUA_VERSION_NUM < 502)
return 0;
#else
#error Lua 5.1 not detected
#endif ],
[ LUA_VERSION=501 ], [ lua_5_1=0 ]
)
AC_TRY_COMPILE([ #include <lua.h> ],
[ #if (LUA_VERSION_NUM == 502)
return 0;
#else
#error Lua 5.2 not detected
#endif ],
[ LUA_VERSION=502 ], [ lua_5_2=0 ]
)
if test -z "${LUA_VERSION}" ; then
# As a last resort, try to find LUA version from $lua_inc_path
while read -r line
do
case "$line" in
(\#define\ LUA_VERSION_NUM*501*) LUA_VERSION=501 ;;
(\#define\ LUA_VERSION_NUM*502*) LUA_VERSION=501 ;;
(\#define\ LUA_VERSION_NUM*503*) LUA_VERSION=503
esac
done <"${lua_inc_path}/lua.h"
AC_MSG_NOTICE([LUA_VERSION is ${LUA_VERSION} found at: ${lua_inc_path}])
else
AC_MSG_NOTICE([LUA version from includes: ${LUA_VERSION}])
fi
case $LUA_VERSION in
(501) LUA_CFLAGS="-DWITH_LUA_5_1 ${LUA_CFLAGS}" ; lua_5_1=1 ;;
(502) LUA_CFLAGS="-DWITH_LUA_5_2 ${LUA_CFLAGS}" ; lua_5_2=1 ;;
esac
fi
]) # AC_DEFUN [CHECK_FOR_LUA_AT]

109
deps/src/ModSecurity/build/pcre.m4 vendored Normal file
View File

@@ -0,0 +1,109 @@
dnl Check for PCRE Libraries
dnl CHECK_PCRE(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
dnl Sets:
dnl PCRE_CFLAGS
dnl PCRE_LIBS
PCRE_CONFIG=""
PCRE_VERSION=""
PCRE_CPPFLAGS=""
PCRE_CFLAGS=""
PCRE_LDFLAGS=""
PCRE_LDADD=""
PCRE_LD_PATH=""
AC_DEFUN([CHECK_PCRE],
[dnl
AC_ARG_WITH(
pcre,
[AC_HELP_STRING([--with-pcre=PATH],[Path to pcre prefix or config script])],
[test_paths="${with_pcre}"],
[test_paths="/usr/local/libpcre /usr/local/pcre /usr/local /opt/libpcre /opt/pcre /opt /usr /opt/local"])
AC_MSG_CHECKING([for libpcre config script])
for x in ${test_paths}; do
dnl # Determine if the script was specified and use it directly
if test ! -d "$x" -a -e "$x"; then
PCRE_CONFIG=$x
pcre_path="no"
break
fi
dnl # Try known config script names/locations
for PCRE_CONFIG in pcre-config; do
if test -e "${x}/bin/${PCRE_CONFIG}"; then
pcre_path="${x}/bin"
break
elif test -e "${x}/${PCRE_CONFIG}"; then
pcre_path="${x}"
break
else
pcre_path=""
fi
done
if test -n "$pcre_path"; then
break
fi
done
if test -n "${pcre_path}"; then
if test "${pcre_path}" != "no"; then
PCRE_CONFIG="${pcre_path}/${PCRE_CONFIG}"
fi
AC_MSG_RESULT([${PCRE_CONFIG}])
PCRE_VERSION="`${PCRE_CONFIG} --version`"
if test ! -z "${PCRE_VERSION}"; then AC_MSG_NOTICE(pcre VERSION: $PCRE_VERSION); fi
PCRE_CFLAGS="`${PCRE_CONFIG} --cflags`"
if test ! -z "${PCRE_CFLAGS}"; then AC_MSG_NOTICE(pcre CFLAGS: $PCRE_CFLAGS); fi
PCRE_LDADD="`${PCRE_CONFIG} --libs`"
if test ! -z "${PCRE_LDADD}"; then AC_MSG_NOTICE(pcre LDADD: $PCRE_LDADD); fi
PCRE_LD_PATH="/`${PCRE_CONFIG} --libs | cut -d'/' -f2,3,4,5,6 | cut -d ' ' -f1`"
if test ! -z "${PCRE_LD_PATH}"; then AC_MSG_NOTICE(pcre PCRE_LD_PATH: $PCRE_LD_PATH); fi
else
AC_MSG_RESULT([no])
fi
if test -n "${PCRE_VERSION}"; then
AC_MSG_CHECKING(for PCRE JIT)
save_CFLAGS=$CFLAGS
save_LDFLAGS=$LDFLAGS
CFLAGS="${PCRE_CFLAGS} ${CFLAGS}"
LDFLAGS="${LDFLAGS} ${PCRE_LDADD}"
AC_TRY_COMPILE([ #include <stdio.h>
#include <pcre.h> ],
[ int jit = 0;
pcre_free_study(NULL);
pcre_config(PCRE_CONFIG_JIT, &jit);
if (jit != 1) return 1; ],
[ pcre_jit_available=yes ], [:]
)
if test "x$pcre_jit_available" = "xyes"; then
AC_MSG_RESULT(yes)
PCRE_CFLAGS="${PCRE_CFLAGS} -DPCRE_HAVE_JIT"
else
AC_MSG_RESULT(no)
fi
CFLAGS=$save_CFLAGS
LDFLAGS=$save_$LDFLAGS
fi
AC_SUBST(PCRE_CONFIG)
AC_SUBST(PCRE_VERSION)
AC_SUBST(PCRE_CPPFLAGS)
AC_SUBST(PCRE_CFLAGS)
AC_SUBST(PCRE_LDFLAGS)
AC_SUBST(PCRE_LDADD)
AC_SUBST(PCRE_LD_PATH)
if test -z "${PCRE_VERSION}"; then
AC_MSG_NOTICE([*** pcre library not found.])
ifelse([$2], , AC_MSG_ERROR([pcre library is required]), $2)
else
AC_MSG_NOTICE([using pcre v${PCRE_VERSION}])
ifelse([$1], , , $1)
PCRE_LDADD="${PCRE_LDADD} -lpcre"
fi
])

21
deps/src/ModSecurity/build/release.sh vendored Executable file
View File

@@ -0,0 +1,21 @@
#!/bin/bash
git clean -xfdi
git submodule foreach --recursive git clean -xfdi
VERSION=`git describe --tags`
DIR_NAME="modsecurity-$VERSION"
TAR_NAME="modsecurity-$VERSION.tar.gz"
MY_DIR=${PWD##*/}
./build.sh
cd ..
tar --transform "s/^$MY_DIR/$DIR_NAME/" -cvzf $TAR_NAME --exclude .git $MY_DIR
sha256sum $TAR_NAME > $TAR_NAME.sha256
gpg --detach-sign -a $TAR_NAME
cd -
echo $TAR_NAME ": done."

147
deps/src/ModSecurity/build/ssdeep.m4 vendored Normal file
View File

@@ -0,0 +1,147 @@
dnl Check for SSDEEP Libraries
dnl CHECK_SSDEEP(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
AC_DEFUN([CHECK_SSDEEP],
[dnl
# Possible names for the ssdeep library/package (pkg-config)
SSDEEP_POSSIBLE_LIB_NAMES="fuzzy"
# Possible extensions for the library
SSDEEP_POSSIBLE_EXTENSIONS="so so0 la sl dll dylib so.0.0.0"
# Possible paths (if pkg-config was not found, proceed with the file lookup)
SSDEEP_POSSIBLE_PATHS="/usr/lib /usr/local/lib /usr/local/fuzzy /usr/local/libfuzzy /usr/local /opt /usr /usr/lib64 /opt/local"
# Variables to be set by this very own script.
SSDEEP_CFLAGS=""
SSDEEP_LDFLAGS=""
SSDEEP_LDADD=""
SSDEEP_DISPLAY=""
AC_ARG_WITH(
ssdeep,
AC_HELP_STRING(
[--with-ssdeep=PATH],
[Path to ssdeep prefix]
)
)
if test "x${with_ssdeep}" == "xno"; then
AC_DEFINE(HAVE_SSDEEP, 0, [Support for SSDEEP was disabled by the utilization of --without-ssdeep or --with-ssdeep=no])
AC_MSG_NOTICE([Support for SSDEEP was disabled by the utilization of --without-ssdeep or --with-ssdeep=no])
SSDEEP_DISABLED=yes
else
if test "x${with_ssdeep}" == "xyes"; then
SSDEEP_MANDATORY=yes
AC_MSG_NOTICE([SSDEEP support was marked as mandatory by the utilization of --with-ssdeep=yes])
else
SSDEEP_MANDATORY=no
fi
for x in ${SSDEEP_POSSIBLE_PATHS}; do
CHECK_FOR_SSDEEP_AT(${x})
if test -n "${SSDEEP_CFLAGS}"; then
break
fi
done
fi
if test -z "${SSDEEP_CFLAGS}"; then
if test -z "${SSDEEP_MANDATORY}" || test "x${SSDEEP_MANDATORY}" == "xno"; then
if test -z "${SSDEEP_DISABLED}"; then
AC_MSG_NOTICE([SSDEEP library was not found])
SSDEEP_FOUND=0
else
SSDEEP_FOUND=2
fi
else
AC_MSG_ERROR([SSDEEP was explicitly referenced but it was not found])
SSDEEP_FOUND=-1
fi
else
SSDEEP_FOUND=1
AC_MSG_NOTICE([using SSDEEP v${SSDEEP_VERSION}])
SSDEEP_CFLAGS="-DWITH_SSDEEP ${SSDEEP_CFLAGS}"
SSDEEP_DISPLAY="${SSDEEP_LDADD} ${SSDEEP_LDFLAGS}, ${SSDEEP_CFLAGS}"
AC_SUBST(SSDEEP_LDFLAGS)
AC_SUBST(SSDEEP_LDADD)
AC_SUBST(SSDEEP_CFLAGS)
AC_SUBST(SSDEEP_DISPLAY)
fi
AC_SUBST(SSDEEP_FOUND)
]) # AC_DEFUN [CHECK_SSDEEP]
AC_DEFUN([CHECK_FOR_SSDEEP_AT], [
path=$1
echo "*** LOOKING AT PATH: " ${path}
for y in ${SSDEEP_POSSIBLE_EXTENSIONS}; do
for z in ${SSDEEP_POSSIBLE_LIB_NAMES}; do
if test -e "${path}/${z}.${y}"; then
ssdeep_lib_path="${path}/"
ssdeep_lib_name="${z}"
ssdeep_lib_file="${ssdeep_lib_path}/${z}.${y}"
break
fi
if test -e "${path}/lib${z}.${y}"; then
ssdeep_lib_path="${path}/"
ssdeep_lib_name="${z}"
ssdeep_lib_file="${ssdeep_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/lib${z}.${y}"; then
ssdeep_lib_path="${path}/lib/"
ssdeep_lib_name="${z}"
ssdeep_lib_file="${ssdeep_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/x86_64-linux-gnu/lib${z}.${y}"; then
ssdeep_lib_path="${path}/lib/x86_64-linux-gnu/"
ssdeep_lib_name="${z}"
ssdeep_lib_file="${ssdeep_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/i386-linux-gnu/lib${z}.${y}"; then
ssdeep_lib_path="${path}/lib/i386-linux-gnu/"
ssdeep_lib_name="${z}"
ssdeep_lib_file="${ssdeep_lib_path}/lib${z}.${y}"
break
fi
done
if test -n "$ssdeep_lib_path"; then
break
fi
done
if test -e "${path}/include/fuzzy.h"; then
ssdeep_inc_path="${path}/include"
elif test -e "${path}/fuzzy.h"; then
ssdeep_inc_path="${path}"
elif test -e "${path}/include/fuzzy/fuzzy.h"; then
ssdeep_inc_path="${path}/include"
fi
if test -n "${ssdeep_lib_path}"; then
AC_MSG_NOTICE([SSDEEP library found at: ${ssdeep_lib_file}])
fi
if test -n "${ssdeep_inc_path}"; then
AC_MSG_NOTICE([SSDEEP headers found at: ${ssdeep_inc_path}])
fi
if test -n "${ssdeep_lib_path}" -a -n "${ssdeep_inc_path}"; then
# TODO: Compile a piece of code to check the version.
SSDEEP_CFLAGS="-I${ssdeep_inc_path}"
SSDEEP_LDADD="-l${ssdeep_lib_name}"
SSDEEP_LDFLAGS="-L${ssdeep_lib_path}"
SSDEEP_DISPLAY="${ssdeep_lib_file}, ${ssdeep_inc_path}"
fi
]) # AC_DEFUN [CHECK_FOR_SSDEEP_AT]

176
deps/src/ModSecurity/build/yajl.m4 vendored Normal file
View File

@@ -0,0 +1,176 @@
dnl Check for YAJL Libraries
dnl CHECK_YAJL(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
AC_DEFUN([PROG_YAJL], [
# Needed if pkg-config will be used.
AC_REQUIRE([PKG_PROG_PKG_CONFIG])
# Possible names for the yajl library/package (pkg-config)
YAJL_POSSIBLE_LIB_NAMES="yajl2 yajl"
# Possible extensions for the library
YAJL_POSSIBLE_EXTENSIONS="so la sl dll dylib"
# Possible paths (if pkg-config was not found, proceed with the file lookup)
YAJL_POSSIBLE_PATHS="/usr/lib /usr/local/lib /usr/local/libyajl /usr/local/yajl /usr/local /opt/libyajl /opt/yajl /opt /usr /usr/lib64"
# Variables to be set by this very own script.
YAJL_VERSION=""
YAJL_CFLAGS=""
YAJL_CPPFLAGS=""
YAJL_LDADD=""
YAJL_LDFLAGS=""
AC_ARG_WITH(
yajl,
AC_HELP_STRING(
[--with-yajl=PATH],
[Path to yajl prefix or config script]
)
)
if test "x${with_yajl}" == "xno"; then
AC_DEFINE(HAVE_GEOIP, 0, [Support for GeoIP was disabled by the utilization of --without-yajl or --with-yajl=no])
AC_MSG_NOTICE([Support for GeoIP was disabled by the utilization of --without-yajl or --with-yajl=no])
YAJL_DISABLED=yes
else
if test "x${with_yajl}" == "xyes"; then
YAJL_MANDATORY=yes
AC_MSG_NOTICE([GeoIP support was marked as mandatory by the utilization of --with-yajl=yes])
fi
# for x in ${YAJL_POSSIBLE_LIB_NAMES}; do
# CHECK_FOR_YAJL_AT(${x})
# if test -n "${YAJL_VERSION}"; then
# break
# fi
# done
# if test "x${with_yajl}" != "xyes" or test "x${with_yajl}" == "xyes"; then
if test "x${with_yajl}" == "x" || test "x${with_yajl}" == "xyes"; then
# Nothing about GeoIP was informed, using the pkg-config to figure things out.
if test -n "${PKG_CONFIG}"; then
YAJL_PKG_NAME=""
for x in ${YAJL_POSSIBLE_LIB_NAMES}; do
if ${PKG_CONFIG} --exists ${x}; then
YAJL_PKG_NAME="$x"
break
fi
done
fi
AC_MSG_NOTICE([Nothing about GeoIP was informed during the configure phase. Trying to detect it on the platform...])
if test -n "${YAJL_PKG_NAME}"; then
# Package was found using the pkg-config scripts
YAJL_VERSION="`${PKG_CONFIG} ${YAJL_PKG_NAME} --modversion`"
YAJL_CFLAGS="`${PKG_CONFIG} ${YAJL_PKG_NAME} --cflags`"
YAJL_LDADD="`${PKG_CONFIG} ${YAJL_PKG_NAME} --libs-only-l`"
YAJL_LDFLAGS="`${PKG_CONFIG} ${YAJL_PKG_NAME} --libs-only-L --libs-only-other`"
YAJL_DISPLAY="${YAJL_LDADD}, ${YAJL_CFLAGS}"
else
# If pkg-config did not find anything useful, go over file lookup.
for x in ${YAJL_POSSIBLE_LIB_NAMES}; do
CHECK_FOR_YAJL_AT(${x})
if test -n "${YAJL_VERSION}"; then
break
fi
done
fi
fi
if test "x${with_yajl}" != "x"; then
# An specific path was informed, lets check.
YAJL_MANDATORY=yes
CHECK_FOR_YAJL_AT(${with_yajl})
fi
# fi
fi
if test -z "${YAJL_LDADD}"; then
if test -z "${YAJL_MANDATORY}"; then
if test -z "${YAJL_DISABLED}"; then
AC_MSG_NOTICE([YAJL library was not found])
YAJL_FOUND=0
else
YAJL_FOUND=2
fi
else
AC_MSG_ERROR([YAJL was explicitly referenced but it was not found])
YAJL_FOUND=-1
fi
else
YAJL_FOUND=1
AC_MSG_NOTICE([using YAJL v${YAJL_VERSION}])
YAJL_CFLAGS="-DWITH_YAJL ${YAJL_CFLAGS}"
YAJL_DISPLAY="${YAJL_LDADD}, ${YAJL_CFLAGS}"
AC_SUBST(YAJL_VERSION)
AC_SUBST(YAJL_LDADD)
AC_SUBST(YAJL_LIBS)
AC_SUBST(YAJL_LDFLAGS)
AC_SUBST(YAJL_CFLAGS)
AC_SUBST(YAJL_DISPLAY)
fi
AC_SUBST(YAJL_FOUND)
]) # AC_DEFUN [PROG_YAJL]
AC_DEFUN([CHECK_FOR_YAJL_AT], [
path=$1
for y in ${YAJL_POSSIBLE_EXTENSIONS}; do
for z in ${YAJL_POSSIBLE_LIB_NAMES}; do
if test -e "${path}/${z}.${y}"; then
yajl_lib_path="${path}/"
yajl_lib_name="${z}"
yajl_lib_file="${yajl_lib_path}/${z}.${y}"
break
fi
if test -e "${path}/lib${z}.${y}"; then
yajl_lib_path="${path}/"
yajl_lib_name="${z}"
yajl_lib_file="${yajl_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/lib${z}.${y}"; then
yajl_lib_path="${path}/lib/"
yajl_lib_name="${z}"
yajl_lib_file="${yajl_lib_path}/lib${z}.${y}"
break
fi
if test -e "${path}/lib/x86_64-linux-gnu/lib${z}.${y}"; then
yajl_lib_path="${path}/lib/x86_64-linux-gnu/"
yajl_lib_name="${z}"
yajl_lib_file="${yajl_lib_path}/lib${z}.${y}"
break
fi
done
if test -n "$yajl_lib_path"; then
break
fi
done
if test -e "${path}/include/yajl_parse.h"; then
yajl_inc_path="${path}/include"
elif test -e "${path}/yajl_parse.h"; then
yajl_inc_path="${path}"
elif test -e "${path}/include/yajl/yajl_parse.h"; then
yajl_inc_path="${path}/include"
fi
if test -n "${yajl_lib_path}"; then
AC_MSG_NOTICE([YAJL library found at: ${yajl_lib_file}])
fi
if test -n "${yajl_inc_path}"; then
AC_MSG_NOTICE([YAJL headers found at: ${yajl_inc_path}])
fi
if test -n "${yajl_lib_path}" -a -n "${yajl_inc_path}"; then
# TODO: Compile a piece of code to check the version.
YAJL_CFLAGS="-I${yajl_inc_path}"
YAJL_LDADD="-l${yajl_lib_name}"
YAJL_LDFLAGS="-L${yajl_lib_path}"
YAJL_DISPLAY="${yajl_lib_file}, ${yajl_inc_path}"
fi
]) # AC_DEFUN [CHECK_FOR_YAJL_AT]

609
deps/src/ModSecurity/configure.ac vendored Normal file
View File

@@ -0,0 +1,609 @@
# ModSecurity configure.ac
# Get the hash of the last commit, to be used if it is not an
# official release.
AC_DEFUN([MSC_GIT_HASH], m4_esyscmd_s(git log -1 --format="%h" --abbrev-commit))
AC_DEFUN([MSC_MAJOR], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep "define MODSECURITY_MAJOR " | awk {'print $3'} | sed 's/\"//g'))
AC_DEFUN([MSC_MINOR], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep "define MODSECURITY_MINOR " | awk {'print $3'} | sed 's/\"//g'))
AC_DEFUN([MSC_PATCHLEVEL], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep "define MODSECURITY_PATCHLEVEL " | awk {'print $3'} | sed 's/\"//g'))
AC_DEFUN([MSC_TAG], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep "define MODSECURITY_FTAG " | awk {'print $3'} | sed 's/\"//g'))
# Version definition to be further used by AC_INIT and
# .so file naming.
m4_define([msc_version_major], [MSC_MAJOR])
m4_define([msc_version_minor], [MSC_MINOR])
m4_define([msc_version_patchlevel], [MSC_PATCHLEVEL])
m4_define([msc_version_c_plus_a], [m4_eval(msc_version_major + msc_version_minor)])
m4_define([msc_version],
[msc_version_major.msc_version_minor])
m4_define([msc_version_with_patchlevel],
[msc_version_major.msc_version_minor.msc_version_patchlevel])
m4_define([msc_version_git],
[m4_esyscmd_s(git describe)])
m4_define([msc_version_info],
[msc_version_c_plus_a:msc_version_patchlevel:msc_version_minor])
# Project Information
AC_INIT([modsecurity], [3.0], [security@modsecurity.org])
# General definitions
AC_CONFIG_MACRO_DIR([build])
AC_PREFIX_DEFAULT([/usr/local/modsecurity])
# General automake options.
AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
# Check for dependencies (C++, AR, Lex, Yacc and Make)
AC_PROG_CXX
AM_PROG_AR
AC_PROG_MAKE_SET
# Check if the compiler is c++11 compatible.
# AX_CXX_COMPILE_STDCXX_11(,mandatory)
# Check for libinjection
if ! test -f "others/libinjection/src/libinjection_html5.c"; then
AC_MSG_ERROR([\
libInjection was not found within ModSecurity source directory.
libInjection code is available as part of ModSecurity source code in a format
of a git-submodule. git-submodule allow us to specify the correct version of
libInjection and still uses the libInjection repository to download it.
You can download libInjection using git:
$ git submodule init
$ git submodule update
])
fi
# Libinjection version
AC_DEFUN([LIBINJECTION_VERSION], m4_esyscmd_s(cd "others/libinjection" && git describe && cd ../..))
# SecLang test version
AC_DEFUN([SECLANG_TEST_VERSION], m4_esyscmd_s(cd "test/test-cases/secrules-language-tests" && git log -1 --format="%h" --abbrev-commit && cd ../../..))
# Check for yajl
PROG_YAJL
AM_CONDITIONAL([YAJL_VERSION], [test "$YAJL_VERSION" != ""])
# Check for LibGeoIP
PROG_GEOIP
AM_CONDITIONAL([GEOIP_CFLAGS], [test "GEOIP_CFLAGS" != ""])
# Check for MaxMind
PROG_MAXMIND
AM_CONDITIONAL([MAXMIND_CFLAGS], [test "MAXMIND_CFLAGS" != ""])
# Check for LMDB
PROG_LMDB
AM_CONDITIONAL([LMDB_CFLAGS], [test "LMDB_CFLAGS" != ""])
# Check for SSDEEP
CHECK_SSDEEP
AM_CONDITIONAL([SSDEEP_CFLAGS], [test "SSDEEP_CFLAGS" != ""])
# Check for LUA
CHECK_LUA
AM_CONDITIONAL([LUA_CFLAGS], [test "LUA_CFLAGS" != ""])
#
# Check for curl
#
CHECK_CURL
if ! test -z "${CURL_VERSION}"; then
AC_DEFINE([MSC_WITH_CURL], [1], [Define if libcurl is available])
fi
#
# Check for LibXML
#
CHECK_LIBXML2
#
# Check for libpcre
#
CHECK_PCRE
# Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS([string])
AC_CHECK_HEADERS([iostream])
AC_CHECK_HEADERS([sys/utsname.h])
# ??
LT_INIT([dlopen])
# Identify platform
AC_CANONICAL_HOST
case $host in
*-*-aix*)
echo "Checking platform... Identified as AIX"
AC_DEFINE([AIX], [1], [Define if the operating system is AIX])
PLATFORM="AIX"
;;
*-*-hpux*)
echo "Checking platform... Identified as HPUX"
AC_DEFINE([HPUX], [1], [Define if the operating system is HPUX])
PLATFORM="HPUX"
;;
*-*-darwin*)
echo "Checking platform... Identified as Macintosh OS X"
AC_DEFINE([MACOSX], [1], [Define if the operating system is Macintosh OSX])
PLATFORM="MacOSX"
;;
*-*-linux*)
echo "Checking platform... Identified as Linux"
AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX])
PLATFORM="Linux"
;;
*-*-solaris*)
echo "Checking platform... Identified as Solaris"
AC_DEFINE([SOLARIS], [1], [Define if the operating system is SOLARIS])
PLATFORM="Solaris"
;;
*-*-freebsd*)
echo "Checking platform... Identified as FreeBSD"
AC_DEFINE([FREEBSD], [1], [Define if the operating system is FREEBSD])
PLATFORM="FreeBSD"
;;
*-*-netbsd*)
echo "Checking platform... Identified as NetBSD"
AC_DEFINE([NETBSD], [1], [Define if the operating system is NETBSD])
PLATFORM="NetBSD"
;;
*-*-openbsd*)
echo "Checking platform... Identified as OpenBSD"
AC_DEFINE([OPENBSD], [1], [Define if the operating system is OPENBSD])
PLATFORM="OpenBSD"
;;
*-*-kfreebsd*)
echo "Checking platform... Identified as kFreeBSD, treating as linux"
AC_DEFINE([FREEBSD], [1], [Define if the operating system is FREEBSD])
PLATFORM="kFreeBSD"
;;
*-*-gnu*.*)
echo "Checking platform... Identified as HURD, treating as linux"
AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX])
PLATFORM="HURD"
;;
*)
echo "Unknown CANONICAL_HOST $host"
exit
;;
esac
# Variables to be used inside the Makefile.am files.
MSC_BASE_DIR=`pwd`
AC_SUBST([MSC_BASE_DIR])
MSC_VERSION_INFO=msc_version_info
AC_SUBST([MSC_VERSION_INFO])
MSC_VERSION_WITH_PATCHLEVEL=msc_version_with_patchlevel
AC_SUBST([MSC_VERSION_WITH_PATCHLEVEL])
MSC_VERSION=msc_version
AC_SUBST([MSC_VERSION])
MSC_GIT_VERSION=msc_version_git
AC_SUBST([MSC_GIT_VERSION])
AC_ARG_ENABLE(debug-logs,
[AC_HELP_STRING([--disable-debug-logs],[Turn off the SecDebugLog feature])],
[case "${enableval}" in
yes) debugLogs=true ;;
no) debugLogs=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-debug-logs) ;;
esac],
[debugLogs=true]
)
if test "$debugLogs" != "true"; then
MODSEC_NO_LOGS="-DNO_LOGS=1"
AC_SUBST(MODSEC_NO_LOGS)
fi
# Fuzzer
AC_ARG_ENABLE(afl-fuzz,
[AC_HELP_STRING([--enable-afl-fuzz],[Turn on the afl fuzzer compilation utilities])],
[case "${enableval}" in
yes) aflFuzzer=true ;;
no) aflFuzzer=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-afl-fuzz) ;;
esac],
[aflFuzzer=false]
)
# Examples
AC_ARG_ENABLE(examples,
[AC_HELP_STRING([--enable-examples],[Turn on the examples compilation (default option)])],
[case "${enableval}" in
yes) buildExamples=true ;;
no) buildExamples=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-examples) ;;
esac],
[buildExamples=true]
)
# Parser
AC_ARG_ENABLE(parser-generation,
[AC_HELP_STRING([--enable-parser-generation],[Enables parser generation during the build])],
[case "${enableval}" in
yes) buildParser=true ;;
no) buildParser=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-parser-generation) ;;
esac],
[buildParser=false]
)
# Mutex
AC_ARG_ENABLE(mutex-on-pm,
[AC_HELP_STRING([--enable-mutex-on-pm],[Treats pm operations as a critical section])],
[case "${enableval}" in
yes) mutexPm=true ;;
no) mutexPm=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-mutex-on-pm) ;;
esac],
[mutexPm=false]
)
if test "$mutexPm" == "true"; then
MODSEC_MUTEX_ON_PM="-DMUTEX_ON_PM=1"
AC_SUBST(MODSEC_MUTEX_ON_PM)
fi
if test $buildParser = true; then
AC_PROG_YACC
AC_PROG_LEX
AC_PATH_PROG([FLEX], [flex])
test "x$FLEX" = "x" && AC_MSG_ERROR([flex is needed to build ModSecurity])
AC_PATH_PROG([BISON], [bison])
test "x$BISON" = "x" && AC_MSG_ERROR([bison is needed to build ModSecurity])
AC_PATH_PROG([YACC_INST], $YACC)
if test ! -f "$srcdir/gram.c"; then
if test -z "$YACC_INST"; then
AC_MSG_ERROR([yacc not found - unable to compile ModSecurity])
fi
fi
fi
# Decide if we want to build the tests or not.
# buildTestUtilities=false
# if test "x$YAJL_FOUND" = "x1"; then
# Regression tests will not be able to run without the logging support.
# But we still have the unit tests.
# if test "$debugLogs" = "true"; then
# buildTestUtilities=true
# fi
# fi
AM_CONDITIONAL([TEST_UTILITIES], [test $buildTestUtilities = true])
if test $buildTestUtilities = true; then
if test $debugLogs = true; then
if test -f ./test/test-list.sh; then
TEST_CASES=`./test/test-list.sh`
fi
fi
fi
AM_CONDITIONAL([EXAMPLES], [test $buildExamples = true])
AM_CONDITIONAL([BUILD_PARSER], [test $buildParser = true])
AM_CONDITIONAL([USE_MUTEX_ON_PM], [test $mutexPm = true])
# General link options
if test "$PLATFORM" != "MacOSX" -a "$PLATFORM" != "OpenBSD"; then
GLOBAL_LDADD="-lrt "
fi
if test "$aflFuzzer" == "true"; then
FUZZ_CPPCFLAGS="-fsanitize=address -fsanitize-coverage=4 "
GLOBAL_LDADD="$GLOBAL_LDADD -fsanitize=address "
GLOBAL_CPPFLAGS="$GLOBAL_CPPFLAGS $FUZZ_CPPCFLAGS"
$buildExamples = false
fi
AC_SUBST(GLOBAL_LDADD)
AC_SUBST(GLOBAL_CPPFLAGS)
AM_CONDITIONAL([AFL_FUZZER], [test $aflFuzzer = true])
GLOBAL_CFLAGS=""
AC_SUBST(GLOBAL_CFLAGS)
# Files to be generated via autotools.
AC_CONFIG_FILES([\
modsecurity.pc \
Makefile \
doc/Makefile \
src/Makefile \
others/Makefile \
tools/Makefile \
tools/rules-check/Makefile
])
AM_COND_IF([TEST_UTILITIES],
[AC_CONFIG_FILES([test/Makefile test/benchmark/Makefile])])
AM_COND_IF([EXAMPLES],
[AC_CONFIG_FILES([ \
examples/Makefile \
examples/simple_example_using_c/Makefile \
examples/multiprocess_c/Makefile \
examples/reading_logs_with_offset/Makefile \
examples/reading_logs_via_rule_message/Makefile \
examples/using_bodies_in_chunks/Makefile \
])])
AM_COND_IF([AFL_FUZZER],
[AC_CONFIG_FILES([test/fuzzer/Makefile])])
AM_COND_IF([BUILD_PARSER],
[AC_CONFIG_FILES([src/parser/Makefile])])
AC_CONFIG_HEADERS([src/config.h])
# Doxygen support
DX_HTML_FEATURE(ON)
DX_CHM_FEATURE(OFF)
DX_CHI_FEATURE(OFF)
DX_MAN_FEATURE(OFF)
DX_RTF_FEATURE(OFF)
DX_XML_FEATURE(OFF)
DX_PDF_FEATURE(OFF)
DX_PS_FEATURE(OFF)
DX_INIT_DOXYGEN([ModSecurity],[doc/doxygen.cfg])
# make check-valgrind
AX_VALGRIND_DFLT([sgcheck], [off])
AX_VALGRIND_CHECK
# Generate the files.
AC_OUTPUT
# Print a fancy summary
echo " "
echo " "
echo "ModSecurity - ${MSC_GIT_VERSION} for $PLATFORM"
echo " "
echo " Mandatory dependencies"
echo -n " + libInjection ...."
echo LIBINJECTION_VERSION
echo -n " + SecLang tests ...."
echo SECLANG_TEST_VERSION
echo " "
echo " Optional dependencies"
## GeoIP - MaxMind
if test "x$GEOIP_FOUND" = "x0" && test "x$MAXMIND_FOUND" = "x0"; then
echo " + GeoIP/MaxMind ....not found"
fi
if test "x$GEOIP_FOUND" = "x1" || test "x$MAXMIND_FOUND" = "x1"; then
echo -n " + GeoIP/MaxMind ....found "
echo ""
if test "x$MAXMIND_FOUND" = "x1"; then
echo " * (MaxMind) v${MAXMIND_VERSION}"
echo " ${MAXMIND_DISPLAY}"
fi
if test "x$GEOIP_FOUND" = "x1"; then
echo " * (GeoIP) v${GEOIP_VERSION}"
echo " ${GEOIP_DISPLAY}"
fi
fi
if test "x$GEOIP_FOUND" = "x2" && test "x$MAXMIND_FOUND" = "x2"; then
echo " + GeoIP/MaxMind ....disabled"
fi
## LibCurl
if test "x$CURL_FOUND" = "x0"; then
echo " + LibCURL ....not found"
fi
if test "x$CURL_FOUND" = "x1"; then
echo -n " + LibCURL ....found "
if ! test "x$CURL_VERSION" = "x"; then
echo "v${CURL_VERSION}"
else
echo ""
fi
echo " ${CURL_DISPLAY}"
fi
if test "x$CURL_FOUND" = "x2"; then
echo " + LibCURL ....disabled"
fi
## YAJL
if test "x$YAJL_FOUND" = "x0"; then
echo " + YAJL ....not found"
fi
if test "x$YAJL_FOUND" = "x1"; then
echo -n " + YAJL ....found "
if ! test "x$YAJL_VERSION" = "x"; then
echo "v${YAJL_VERSION}"
else
echo ""
fi
echo " ${YAJL_DISPLAY}"
fi
if test "x$YAJL_FOUND" = "x2"; then
echo " + YAJL ....disabled"
fi
## LMDB
if test "x$LMDB_FOUND" = "x0"; then
echo " + LMDB ....not found"
fi
if test "x$LMDB_FOUND" = "x1"; then
echo -n " + LMDB ....found "
if ! test "x$LMDB_VERSION" = "x"; then
echo "v${LMDB_VERSION}"
else
echo ""
fi
echo " ${LMDB_DISPLAY}"
fi
if test "x$LMDB_FOUND" = "x2"; then
echo " + LMDB ....disabled"
fi
## libxml2
if test "x$LIBXML2_FOUND" = "x0"; then
echo " + LibXML2 ....not found"
fi
if test "x$LIBXML2_FOUND" = "x1"; then
echo -n " + LibXML2 ....found "
if ! test "x$LIBXML2_VERSION" = "x"; then
echo "v${LIBXML2_VERSION}"
else
echo ""
fi
echo " ${LIBXML2_DISPLAY}"
fi
if test "x$LIBXML2_FOUND" = "x2"; then
echo " + LibXML2 ....disabled"
fi
## SSDEEP
if test "x$SSDEEP_FOUND" = "x0"; then
echo " + SSDEEP ....not found"
fi
if test "x$SSDEEP_FOUND" = "x1"; then
echo -n " + SSDEEP ....found "
if ! test "x$SSDEEP_VERSION" = "x"; then
echo "v${SSDEEP_VERSION}"
else
echo ""
fi
echo " ${SSDEEP_DISPLAY}"
fi
if test "x$SSDEEP_FOUND" = "x2"; then
echo " + SSDEEP ....disabled"
fi
## LUA
if test "x$LUA_FOUND" = "x0"; then
echo " + LUA ....not found"
fi
if test "x$LUA_FOUND" = "x1"; then
echo -n " + LUA ....found "
if ! test "x$LUA_VERSION" = "x"; then
echo "v${LUA_VERSION}"
else
echo ""
fi
echo " ${LUA_DISPLAY}"
fi
if test "x$LUA_FOUND" = "x2"; then
echo " + LUA ....disabled"
fi
echo " "
echo " Other Options"
if test $buildTestUtilities = true; then
if test $debugLogs = true; then
echo " + Test Utilities ....enabled"
else
echo " + Test Utilities ....partially"
fi
else
echo " + Test Utilities ....disabled"
fi
if test $debugLogs = true; then
echo " + SecDebugLog ....enabled"
else
echo " + SecDebugLog ....disabled"
fi
if test "$aflFuzzer" = "true"; then
echo " + afl fuzzer ....enabled"
echo " ($FUZZ_CPPCFLAGS)"
else
echo " + afl fuzzer ....disabled"
fi
if test "$buildExamples" = "true"; then
echo " + library examples ....enabled"
else
echo " + library examples ....disabled"
fi
if test "$buildParser" = "true"; then
echo " + Building parser ....enabled"
else
echo " + Building parser ....disabled"
fi
if test "$mutexPm" = "true"; then
echo " + Treating pm operations as critical section ....enabled"
else
echo " + Treating pm operations as critical section ....disabled"
fi
echo " "
if test "$aflFuzzer" = "true"; then
echo "WARNING: afl fuzzer was enabled. Make sure you are using the"
echo " 'afl-clang-fast' as the compiler, otherwise the compilation"
echo " will fail."
echo " "
echo " You can set the compiler using:"
echo " "
echo " $ export CXX=afl-clang-fast++ "
echo " $ export CC=afl-clang-fast "
echo " "
fi

0
deps/src/ModSecurity/doc/.empty vendored Normal file
View File

17
deps/src/ModSecurity/doc/Makefile.am vendored Normal file
View File

@@ -0,0 +1,17 @@
ACLOCAL_AMFLAGS = -I build
# Doxygen support
# include $(top_srcdir)/build/ax_prog_doxygen.m4
# distribution of the Doxygen configuration file
EXTRA_DIST = \
doxygen.cfg
MAINTAINERCLEANFILES = \
Makefile.in \
doxygen_sqlite3.db \
html \
latex

2403
deps/src/ModSecurity/doc/doxygen.cfg vendored Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
deps/src/ModSecurity/doc/ms-doxygen-logo.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 10 KiB

21
deps/src/ModSecurity/examples/Makefile.am vendored Normal file
View File

@@ -0,0 +1,21 @@
ACLOCAL_AMFLAGS = -I build
SUBDIRS = \
multiprocess_c \
reading_logs_with_offset \
reading_logs_via_rule_message \
simple_example_using_c \
using_bodies_in_chunks
pkginclude_HEADERS = \
reading_logs_via_rule_message/reading_logs_via_rule_message.h
# make clean
CLEANFILES =
# make maintainer-clean
MAINTAINERCLEANFILES = \
Makefile.in

34
deps/src/ModSecurity/examples/multiprocess_c/Makefile.am vendored Normal file
View File

@@ -0,0 +1,34 @@
noinst_PROGRAMS = multi
multi_SOURCES = \
multi.c
multi_LDADD = \
$(SSDEEP_LDADD) \
$(LUA_LDADD) \
$(MAXMIND_LDADD) \
$(GLOBAL_LDADD)
multi_LDFLAGS = \
-L$(top_builddir)/src/.libs/ \
$(GEOIP_LDFLAGS) \
-lmodsecurity \
-lpthread \
-lm \
-lstdc++ \
$(LUA_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(MAXMIND_LDFLAGS) \
$(YAJL_LDFLAGS)
multi_CFLAGS = \
-I$(top_builddir)/headers \
-I$(top_builddir) \
$(GLOBAL_CFLAGS)
MAINTAINERCLEANFILES = \
Makefile.in

14
deps/src/ModSecurity/examples/multiprocess_c/basic_rules.conf vendored Normal file
View File

@@ -0,0 +1,14 @@
SecDebugLog /dev/stdout
SecDebugLogLevel 9
SecRule REQUEST_HEADERS:User-Agent ".*" "id:1,phase:1,t:sha1,t:hexEncode,setvar:tx.ua_hash=%{MATCHED_VAR}"
SecAction "phase:2,initcol:ip=%{REMOTE_ADDR}_%{tx.ua_hash}"
SecRule REQUEST_HEADERS:User-Agent ".*" "id:2,phase:2,setvar:ip.auth_attempt=+1"
SecRule ARGS:foo "herewego" "id:3,phase:2,setvar:ip.foo=bar"
SecRule IP "bar" "id:4,phase:2"
SecRule IP:auth_attempt "bar" "id:5,phase:2"

140
deps/src/ModSecurity/examples/multiprocess_c/multi.c vendored Normal file
View File

@@ -0,0 +1,140 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <modsecurity/modsecurity.h>
#include <modsecurity/transaction.h>
#include <modsecurity/rules.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/time.h>
#define FORKS 5
#define REQUESTS_PER_PROCESS 100
char main_rule_uri[] = "basic_rules.conf";
Rules *rules = NULL;
ModSecurity *modsec = NULL;
void process_special_request (int j) {
Transaction *transaction;
transaction = msc_new_transaction(modsec, rules, NULL);
msc_process_connection(transaction, "127.0.0.1", 12345, "127.0.0.1", 80);
msc_process_uri(transaction,
"http://www.modsecurity.org/test?foo=herewego",
"GET", "1.1");
msc_add_request_header(transaction, "User-Agent",
"Basic ModSecurity example");
msc_process_request_headers(transaction);
msc_process_request_body(transaction);
msc_add_response_header(transaction, "Content-type", "text/html");
msc_process_response_headers(transaction, 200, "HTTP 1.0");
msc_process_response_body(transaction);
msc_process_logging(transaction);
msc_transaction_cleanup(transaction);
}
void process_request (int j) {
int i;
for (i = 0; i < REQUESTS_PER_PROCESS; i++) {
if (i == 1 && j == 1) {
process_special_request(j);
continue;
}
struct timeval tv;
Transaction *transaction;
transaction = msc_new_transaction(modsec, rules, NULL);
msc_process_connection(transaction, "127.0.0.1", 12345, "127.0.0.1", 80);
msc_process_uri(transaction,
"http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3",
"GET", "1.1");
msc_add_request_header(transaction, "User-Agent",
"Basic ModSecurity example");
msc_process_request_headers(transaction);
msc_process_request_body(transaction);
msc_add_response_header(transaction, "Content-type", "text/html");
msc_process_response_headers(transaction, 200, "HTTP 1.0");
msc_process_response_body(transaction);
msc_process_logging(transaction);
msc_transaction_cleanup(transaction);
tv.tv_sec = 1;
tv.tv_usec = 500;
select(0, NULL, NULL, NULL, &tv);
}
}
int main (int argc, char **argv)
{
int ret;
const char *error = NULL;
int i = 0;
pid_t pid;
int f;
modsec = msc_init();
msc_set_connector_info(modsec, "ModSecurity-test v0.0.1-alpha (Simple " \
"example on how to use ModSecurity API");
rules = msc_create_rules_set();
ret = msc_rules_add_file(rules, main_rule_uri, &error);
if (ret < 0) {
fprintf(stderr, "Problems loading the rules --\n");
fprintf(stderr, "%s\n", error);
goto end;
}
msc_rules_dump(rules);
for (f = 0; f < FORKS; f++) {
pid = fork();
if (pid == 0) {
process_request(f);
goto child;
}
struct timeval tv;
tv.tv_sec = 0;
tv.tv_usec = 500;
select(0, NULL, NULL, NULL, &tv);
}
wait(NULL);
child:
if (pid == 0) {
return 0;
}
end:
msc_rules_cleanup(rules);
msc_cleanup(modsec);
return 0;
}

52
deps/src/ModSecurity/examples/reading_logs_via_rule_message/Makefile.am vendored Normal file
View File

@@ -0,0 +1,52 @@
noinst_PROGRAMS = simple_request
simple_request_SOURCES = \
simple_request.cc
simple_request_LDADD = \
$(top_builddir)/src/.libs/libmodsecurity.a \
$(CURL_LDADD) \
$(GEOIP_LDADD) \
$(GLOBAL_LDADD) \
$(LIBXML2_LDADD) \
$(LMDB_LDADD) \
$(MAXMIND_LDADD) \
$(LUA_LDADD) \
$(PCRE_LDADD) \
$(SSDEEP_LDADD) \
$(YAJL_LDADD)
simple_request_LDFLAGS = \
$(GEOIP_LDFLAGS) \
$(LMDB_LDFLAGS) \
-lpthread \
$(LUA_LDFLAGS) \
$(MAXMIND_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(YAJL_LDFLAGS)
simple_request_CPPFLAGS = \
$(GLOBAL_CFLAGS) \
-std=c++11 \
-I$(top_builddir)/headers \
-I$(top_builddir) \
-g \
-I../others \
-fPIC \
-O3 \
$(GEOIP_CFLAGS) \
$(GLOBAL_CPPFLAGS) \
$(MODSEC_NO_LOGS) \
$(YAJL_CFLAGS) \
$(LMDB_CFLAGS) \
$(LUA_CFLAGS) \
$(PCRE_CFLAGS) \
$(LIBXML2_CFLAGS)
MAINTAINERCLEANFILES = \
Makefile.in

3
deps/src/ModSecurity/examples/reading_logs_via_rule_message/blocked_request.conf vendored Normal file
View File

@@ -0,0 +1,3 @@
SecRule ARGS:param1 "test" "id:1,deny,phase:2,chain,msg:'test'"
SecRule ARGS:param1 "test" "log"

2
deps/src/ModSecurity/examples/reading_logs_via_rule_message/blocked_request_engine_on.conf vendored Normal file
View File

@@ -0,0 +1,2 @@
SecRuleEngine On
SecRule ARGS:param1 "test" "id:1,deny"

1
deps/src/ModSecurity/examples/reading_logs_via_rule_message/match.conf vendored Normal file
View File

@@ -0,0 +1 @@
SecRule ARGS:param1 "test" "id:1,deny,msg:'this',msg:'is',msg:'a',msg:'test'"

1
deps/src/ModSecurity/examples/reading_logs_via_rule_message/no_match.conf vendored Normal file
View File

@@ -0,0 +1 @@
SecRule ARGS:param1 "WHEEE" "id:1,phase:2,deny,msg:'this',msg:'is',msg:'a',msg:'test'"

211
deps/src/ModSecurity/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h vendored Normal file
View File

@@ -0,0 +1,211 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <unistd.h>
#include <string>
#include <memory>
#define NUM_THREADS 100
char request_header[] = "" \
"GET /tutorials/other/top-20-mysql-best-practices/ HTTP/1.1\n\r" \
"Host: net.tutsplus.com\n\r" \
"User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)" \
" Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)\n\r" \
"Accept: text/html,application/xhtml+xml,application/xml; " \
"q=0.9,*/*;q=0.8\n\r" \
"Accept-Language: en-us,en;q=0.5\n\r" \
"Accept-Encoding: gzip,deflate\n\r" \
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\n\r" \
"Keep-Alive: 300\n\r" \
"Connection: keep-alive\n\r" \
"Cookie: PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120\n\r" \
"Pragma: no-cache\n\r" \
"Cache-Control: no-cache\n\r";
char request_uri[] = "/test.pl?param1=test&para2=test2";
char request_body[] = "";
char response_headers[] = "" \
"HTTP/1.1 200 OK\n\r" \
"Content-Type: text/xml; charset=utf-8\n\r" \
"Content-Length: length\n\r";
char response_body[] = "" \
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r" \
"<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " \
"xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" " \
"xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\n\r" \
" <soap:Body>\n\r" \
" <EnlightenResponse xmlns=\"http://clearforest.com/\">\n\r" \
" <EnlightenResult>string</EnlightenResult>\n\r" \
" </EnlightenResponse>\n\r" \
" </soap:Body>\n\r" \
"</soap:Envelope>\n\r";
char ip[] = "200.249.12.31";
#include "modsecurity/rule_message.h"
#ifndef EXAMPLES_READING_LOGS_VIA_RULE_MESSAGE_READING_LOGS_VIA_RULE_MESSAGE_H_
#define EXAMPLES_READING_LOGS_VIA_RULE_MESSAGE_READING_LOGS_VIA_RULE_MESSAGE_H_
struct data_ms {
modsecurity::ModSecurity *modsec;
modsecurity::Rules *rules;
};
static void *process_request(void *data) {
struct data_ms *a = (struct data_ms *)data;
modsecurity::ModSecurity *modsec = a->modsec;
modsecurity::Rules *rules = a->rules;
int z = 0;
for (z = 0; z < 10000; z++) {
modsecurity::Transaction *modsecTransaction = \
new modsecurity::Transaction(modsec, rules, NULL);
modsecTransaction->processConnection(ip, 12345, "127.0.0.1", 80);
modsecTransaction->processURI(request_uri, "GET", "1.1");
usleep(10);
modsecTransaction->addRequestHeader("Host",
"net.tutsplus.com");
modsecTransaction->processRequestHeaders();
modsecTransaction->processRequestBody();
modsecTransaction->addResponseHeader("HTTP/1.1",
"200 OK");
modsecTransaction->processResponseHeaders(200, "HTTP 1.2");
modsecTransaction->appendResponseBody(
(const unsigned char*)response_body,
strlen((const char*)response_body));
modsecTransaction->processResponseBody();
modsecTransaction->processLogging();
delete modsecTransaction;
}
pthread_exit(NULL);
return NULL;
}
class ReadingLogsViaRuleMessage {
public:
ReadingLogsViaRuleMessage(char *request_header,
char *request_uri,
char *request_body,
char *response_headers,
char *response_body,
char *ip,
std::string rules) :
m_request_header(request_header),
m_request_uri(request_uri),
m_request_body(request_body),
m_response_headers(response_headers),
m_response_body(response_body),
m_ip(ip),
m_rules(rules)
{ }
int process() {
pthread_t threads[NUM_THREADS];
int i;
struct data_ms dms;
void *status;
modsecurity::ModSecurity *modsec;
modsecurity::Rules *rules;
modsecurity::ModSecurityIntervention it;
modsec = new modsecurity::ModSecurity();
modsec->setConnectorInformation("ModSecurity-test v0.0.1-alpha" \
" (ModSecurity test)");
modsec->setServerLogCb(logCb, modsecurity::RuleMessageLogProperty
| modsecurity::IncludeFullHighlightLogProperty);
rules = new modsecurity::Rules();
if (rules->loadFromUri(m_rules.c_str()) < 0) {
std::cout << "Problems loading the rules..." << std::endl;
std::cout << rules->m_parserError.str() << std::endl;
return -1;
}
dms.modsec = modsec;
dms.rules = rules;
for (i = 0; i < NUM_THREADS; i++) {
pthread_create(&threads[i], NULL, process_request,
reinterpret_cast<void *>(&dms));
// process_request((void *)&dms);
}
usleep(10000);
for (i=0; i < NUM_THREADS; i++) {
pthread_join(threads[i], &status);
std::cout << "Main: completed thread id :" << i << std::endl;
}
delete rules;
delete modsec;
pthread_exit(NULL);
return 0;
end:
return -1;
}
static void logCb(void *data, const void *ruleMessagev) {
if (ruleMessagev == NULL) {
std::cout << "I've got a call but the message was null ;(";
std::cout << std::endl;
return;
}
const modsecurity::RuleMessage *ruleMessage = \
reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev);
std::cout << "Rule Id: " << std::to_string(ruleMessage->m_ruleId);
std::cout << " phase: " << std::to_string(ruleMessage->m_phase);
std::cout << std::endl;
if (ruleMessage->m_isDisruptive) {
std::cout << " * Disruptive action: ";
std::cout << modsecurity::RuleMessage::log(ruleMessage);
std::cout << std::endl;
std::cout << " ** %d is meant to be informed by the webserver.";
std::cout << std::endl;
} else {
std::cout << " * Match, but no disruptive action: ";
std::cout << modsecurity::RuleMessage::log(ruleMessage);
std::cout << std::endl;
}
}
protected:
char *m_request_header;
char *m_request_uri;
char *m_request_body;
char *m_response_headers;
char *m_response_body;
char *m_ip;
std::string m_rules;
};
#endif // EXAMPLES_READING_LOGS_VIA_RULE_MESSAGE_READING_LOGS_VIA_RULE_MESSAGE_H_

42
deps/src/ModSecurity/examples/reading_logs_via_rule_message/simple_request.cc vendored Normal file
View File

@@ -0,0 +1,42 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <stdio.h>
#include <string.h>
#include <modsecurity/modsecurity.h>
#include <modsecurity/rules.h>
#include "examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h"
int main(int argc, char **argv) {
if (argc < 2) {
std::cout << "Use " << *argv << " test-case-file.conf";
std::cout << std::endl << std::endl;
return -1;
}
*(argv++);
std::string rules(*argv);
ReadingLogsViaRuleMessage rlvrm(request_header, request_uri, request_body,
response_headers, response_body, ip, rules);
rlvrm.process();
pthread_exit(NULL);
return 0;
}

52
deps/src/ModSecurity/examples/reading_logs_with_offset/Makefile.am vendored Normal file
View File

@@ -0,0 +1,52 @@
noinst_PROGRAMS = read
read_SOURCES = \
read.cc
read_LDADD = \
$(top_builddir)/src/.libs/libmodsecurity.a \
$(CURL_LDADD) \
$(GEOIP_LDADD) \
$(MAXMIND_LDADD) \
$(GLOBAL_LDADD) \
$(LIBXML2_LDADD) \
$(LMDB_LDADD) \
$(LUA_LDADD) \
$(PCRE_LDADD) \
$(SSDEEP_LDADD) \
$(YAJL_LDADD)
read_LDFLAGS = \
$(GEOIP_LDFLAGS) \
$(LMDB_LDFLAGS) \
$(LUA_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(MAXMIND_LDFLAGS) \
$(YAJL_LDFLAGS)
read_CPPFLAGS = \
$(GLOBAL_CFLAGS) \
-std=c++11 \
-I$(top_builddir)/headers \
-I$(top_builddir) \
-g \
-I../others \
-fPIC \
-O3 \
$(GEOIP_CFLAGS) \
$(MAXMIND_CFLAGS) \
$(GLOBAL_CPPFLAGS) \
$(MODSEC_NO_LOGS) \
$(YAJL_CFLAGS) \
$(LMDB_CFLAGS) \
$(LUA_CFLAGS) \
$(PCRE_CFLAGS) \
$(LIBXML2_CFLAGS)
MAINTAINERCLEANFILES = \
Makefile.in

34
deps/src/ModSecurity/examples/reading_logs_with_offset/read.cc vendored Normal file
View File

@@ -0,0 +1,34 @@
#include <stdio.h>
#include <string.h>
#include <modsecurity/modsecurity.h>
// Variable offset - REQUEST_HEADERS_NAMES
const char *request = "" \
"GET /index.html?param1=value1&param2=value1&param3=value1 HTTP/\n" \
"AuThOrIzAtIoN: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==\n" \
"Host: localhost\n" \
"Content-Length: 27\n" \
"Content-Type: application/x-www-form-urlencoded\n";
int main() {
modsecurity::ModSecurity msc;
std::string json("");
const char *err = NULL;
int ret = 0;
ret = msc.processContentOffset(request, strlen(request),
"o0,4v64,13v114,4v130,14v149,12t:lowercase", &json, &err);
if (ret >= 0) {
std::cout << json << std::endl;
} else {
std::cout << err << std::endl;
}
return ret;
}

31
deps/src/ModSecurity/examples/simple_example_using_c/Makefile.am vendored Normal file
View File

@@ -0,0 +1,31 @@
noinst_PROGRAMS = test
test_SOURCES = \
test.c
test_LDADD = \
$(GLOBAL_LDADD) \
$(LUA_LDADD) \
$(SSDEEP_LDADD)
test_LDFLAGS = \
-L$(top_builddir)/src/.libs/ \
$(GEOIP_LDFLAGS) \
-lmodsecurity \
-lm \
-lstdc++ \
$(LUA_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(YAJL_LDFLAGS)
test_CFLAGS = \
-I$(top_builddir)/headers \
-I$(top_builddir) \
$(GLOBAL_CFLAGS)
MAINTAINERCLEANFILES = \
Makefile.in

223
deps/src/ModSecurity/examples/simple_example_using_c/basic_rules.conf vendored Normal file
View File

@@ -0,0 +1,223 @@
# -- Rule engine initialization ----------------------------------------------
# Enable ModSecurity, attaching it to every transaction. Use detection
# only to start with, because that minimises the chances of post-installation
# disruption.
#
SecRuleEngine DetectionOnly
# -- Request body handling ---------------------------------------------------
# Allow ModSecurity to access request bodies. If you don't, ModSecurity
# won't be able to see any POST parameters, which opens a large security
# hole for attackers to exploit.
#
SecRequestBodyAccess On
# Enable XML request body parser.
# Initiate XML Processor in case of xml content-type
#
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
# Enable JSON request body parser.
# Initiate JSON Processor in case of JSON content-type; change accordingly
# if your application does not use 'application/json'
#
SecRule REQUEST_HEADERS:Content-Type "application/json" \
"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
# Maximum request body size we will accept for buffering. If you support
# file uploads then the value given on the first line has to be as large
# as the largest file you are willing to accept. The second value refers
# to the size of data, with files excluded. You want to keep that value as
# low as practical.
#
# Store up to 128 KB of request body data in memory. When the multipart
# parser reachers this limit, it will start using your hard disk for
# storage. That is slow, but unavoidable.
#
# What do do if the request body size is above our configured limit.
# Keep in mind that this setting will automatically be set to ProcessPartial
# when SecRuleEngine is set to DetectionOnly mode in order to minimize
# disruptions when initially deploying ModSecurity.
#
SecRequestBodyLimitAction Reject
# Verify that we've correctly processed the request body.
# As a rule of thumb, when failing to process a request body
# you should reject the request (when deployed in blocking mode)
# or log a high-severity alert (when deployed in detection-only mode).
#
SecRule REQBODY_ERROR "!@eq 0" \
"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
# By default be strict with what we accept in the multipart/form-data
# request body. If the rule below proves to be too strict for your
# environment consider changing it to detection-only. You are encouraged
# _not_ to remove it altogether.
#
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
"id:'200003',phase:2,t:none,log,deny,status:400, \
msg:'Multipart request body failed strict validation: \
PE %{REQBODY_PROCESSOR_ERROR}, \
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
DB %{MULTIPART_DATA_BEFORE}, \
DA %{MULTIPART_DATA_AFTER}, \
HF %{MULTIPART_HEADER_FOLDING}, \
LF %{MULTIPART_LF_LINE}, \
SM %{MULTIPART_MISSING_SEMICOLON}, \
IQ %{MULTIPART_INVALID_QUOTING}, \
IP %{MULTIPART_INVALID_PART}, \
IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
# Did we see anything that might be a boundary?
#
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
# PCRE Tuning
# We want to avoid a potential RegEx DoS condition
#
SecPcreMatchLimit 1000
SecPcreMatchLimitRecursion 1000
# Some internal errors will set flags in TX and we will need to look for these.
# All of these are prefixed with "MSC_". The following flags currently exist:
#
# MSC_PCRE_LIMITS_EXCEEDED: PCRE match limits were exceeded.
#
SecRule TX:/^MSC_/ "!@streq 0" \
"id:'200005',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
# -- Response body handling --------------------------------------------------
# Allow ModSecurity to access response bodies.
# You should have this directive enabled in order to identify errors
# and data leakage issues.
#
# Do keep in mind that enabling this directive does increases both
# memory consumption and response latency.
#
SecResponseBodyAccess On
# Which response MIME types do you want to inspect? You should adjust the
# configuration below to catch documents but avoid static files
# (e.g., images and archives).
#
SecResponseBodyMimeType text/plain text/html text/xml
# Buffer response bodies of up to 512 KB in length.
SecResponseBodyLimit 524288
# What happens when we encounter a response body larger than the configured
# limit? By default, we process what we have and let the rest through.
# That's somewhat less secure, but does not break any legitimate pages.
#
SecResponseBodyLimitAction ProcessPartial
# -- Filesystem configuration ------------------------------------------------
# The location where ModSecurity stores temporary files (for example, when
# it needs to handle a file upload that is larger than the configured limit).
#
# This default setting is chosen due to all systems have /tmp available however,
# this is less than ideal. It is recommended that you specify a location that's private.
#
SecTmpDir /tmp/
# The location where ModSecurity will keep its persistent data. This default setting
# is chosen due to all systems have /tmp available however, it
# too should be updated to a place that other users can't access.
#
SecDataDir /tmp/
# -- File uploads handling configuration -------------------------------------
# The location where ModSecurity stores intercepted uploaded files. This
# location must be private to ModSecurity. You don't want other users on
# the server to access the files, do you?
#
#SecUploadDir /opt/modsecurity/var/upload/
# By default, only keep the files that were determined to be unusual
# in some way (by an external inspection script). For this to work you
# will also need at least one file inspection rule.
#
#SecUploadKeepFiles RelevantOnly
# Uploaded files are by default created with permissions that do not allow
# any other user to access them. You may need to relax that if you want to
# interface ModSecurity to an external program (e.g., an anti-virus).
#
#SecUploadFileMode 0600
# -- Debug log configuration -------------------------------------------------
# The default debug log configuration is to duplicate the error, warning
# and notice messages from the error log.
#
#SecDebugLog /opt/modsecurity/var/log/debug.log
#SecDebugLogLevel 3
# -- Audit log configuration -------------------------------------------------
# Log the transactions that are marked by a rule, as well as those that
# trigger a server error (determined by a 5xx or 4xx, excluding 404,
# level response status codes).
#
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
# Log everything we know about a transaction.
SecAuditLogParts ABIJDEFHZ
# Use a single file for logging. This is much easier to look at, but
# assumes that you will use the audit log only ocassionally.
#
SecAuditLogType Serial
SecAuditLog /var/log/modsec_audit.log
# Specify the path for concurrent audit logging.
#SecAuditLogStorageDir /opt/modsecurity/var/audit/
# -- Miscellaneous -----------------------------------------------------------
# Use the most commonly used application/x-www-form-urlencoded parameter
# separator. There's probably only one application somewhere that uses
# something else so don't expect to change this value.
#
SecArgumentSeparator &
# Settle on version 0 (zero) cookies, as that is what most applications
# use. Using an incorrect cookie version may open your installation to
# evasion attacks (against the rules that examine named cookies).
#
SecCookieFormat 0
# Specify your Unicode Code Point.
# This mapping is used by the t:urlDecodeUni transformation function
# to properly map encoded data to your language. Properly setting
# these directives helps to reduce false positives and negatives.
#
SecUnicodeMapFile unicode.mapping 20127
# Improve the quality of ModSecurity by sharing information about your
# current ModSecurity version and dependencies versions.
# The following information will be shared: ModSecurity version,
# Web Server version, APR version, PCRE version, Lua version, Libxml2
# version, Anonymous unique id for host.
SecStatusEngine On

4
deps/src/ModSecurity/examples/simple_example_using_c/test-valgrind.sh vendored Executable file
View File

@@ -0,0 +1,4 @@
#!/usr/bin/env bash
valgrind --tool=massif
valgrind --show-leak-kinds=all --leak-check=full ./test

77
deps/src/ModSecurity/examples/simple_example_using_c/test.c vendored Normal file
View File

@@ -0,0 +1,77 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <stdio.h>
#include <stdlib.h>
#include "modsecurity/modsecurity.h"
#include "modsecurity/rules.h"
char main_rule_uri[] = "basic_rules.conf";
int main (int argc, char **argv)
{
int ret;
const char *error = NULL;
ModSecurity *modsec;
Transaction *transaction = NULL;
Rules *rules;
modsec = msc_init();
msc_set_connector_info(modsec, "ModSecurity-test v0.0.1-alpha (Simple " \
"example on how to use ModSecurity API");
rules = msc_create_rules_set();
ret = msc_rules_add_file(rules, main_rule_uri, &error);
if (ret < 0) {
fprintf(stderr, "Problems loading the rules --\n");
fprintf(stderr, "%s\n", error);
goto end;
}
msc_rules_dump(rules);
ret = msc_rules_add_remote(rules, "test",
"https://www.modsecurity.org/modsecurity-regression-test-secremoterules.txt",
&error);
if (ret < 0) {
fprintf(stderr, "Problems loading the rules --\n");
fprintf(stderr, "%s\n", error);
goto end;
}
msc_rules_dump(rules);
transaction = msc_new_transaction(modsec, rules, NULL);
msc_process_connection(transaction, "127.0.0.1", 12345, "127.0.0.1", 80);
msc_process_uri(transaction,
"http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3",
"GET", "1.1");
msc_process_request_headers(transaction);
msc_process_request_body(transaction);
msc_process_response_headers(transaction, 200, "HTTP 1.3");
msc_process_response_body(transaction);
msc_process_logging(transaction);
end:
msc_rules_cleanup(rules);
msc_cleanup(modsec);
return 0;
}

52
deps/src/ModSecurity/examples/using_bodies_in_chunks/Makefile.am vendored Normal file
View File

@@ -0,0 +1,52 @@
noinst_PROGRAMS = simple_request
simple_request_SOURCES = \
simple_request.cc
simple_request_LDADD = \
$(top_builddir)/src/.libs/libmodsecurity.a \
$(CURL_LDADD) \
$(GEOIP_LDADD) \
$(MAXMIND_LDADD) \
$(GLOBAL_LDADD) \
$(LIBXML2_LDADD) \
$(LMDB_LDADD) \
$(LUA_LDADD) \
$(PCRE_LDADD) \
$(SSDEEP_LDADD) \
$(YAJL_LDADD)
simple_request_LDFLAGS = \
$(GEOIP_LDFLAGS) \
$(MAXMIND_LDFLAGS) \
$(LMDB_LDFLAGS) \
-lpthread \
$(LUA_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(YAJL_LDFLAGS)
simple_request_CPPFLAGS = \
$(GLOBAL_CFLAGS) \
-std=c++11 \
-I$(top_builddir)/headers \
-I$(top_builddir) \
-g \
-I../others \
-fPIC \
-O3 \
$(GEOIP_CFLAGS) \
$(MAXMIND_CFLAGS) \
$(GLOBAL_CPPFLAGS) \
$(MODSEC_NO_LOGS) \
$(YAJL_CFLAGS) \
$(LMDB_CFLAGS) \
$(LUA_CFLAGS) \
$(PCRE_CFLAGS) \
$(LIBXML2_CFLAGS)
MAINTAINERCLEANFILES = \
Makefile.in

3
deps/src/ModSecurity/examples/using_bodies_in_chunks/example.conf vendored Normal file
View File

@@ -0,0 +1,3 @@
SecDebugLog /dev/stdout
SecDebugLogLevel 9
SecRule RESPONSE_BODY "/soap:Body" "id:1,phase:5,deny"

279
deps/src/ModSecurity/examples/using_bodies_in_chunks/simple_request.cc vendored Normal file
View File

@@ -0,0 +1,279 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <modsecurity/modsecurity.h>
#include <modsecurity/rules.h>
#include <modsecurity/rule_message.h>
#include <string>
#include <memory>
char request_uri[] = "/test.pl?param1=test&para2=test2";
char request_body_first[] = "" \
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r" \
"<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " \
"xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" ";
char request_body_second[] = "" \
"xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\n\r" \
" <soap:Body>\n\r" \
" <EnlightenResponse xmlns=\"http://clearforest.com/\">\n\r" \
" <EnlightenResult>string</EnlightenResult>\n\r";
char request_body_third[] = "" \
" </EnlightenResponse>\n\r" \
" </soap:Body>\n\r" \
"</soap:Envelope>\n\r";
char response_body_first[] = "" \
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r" \
"<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " \
"xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" ";
char response_body_second[] = "" \
"xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\n\r" \
" <soap:Body>\n\r" \
" <EnlightenResponse xmlns=\"http://clearforest.com/\">\n\r" \
" <EnlightenResult>string</EnlightenResult>\n\r";
char response_body_third[] = "" \
" </EnlightenResponse>\n\r" \
" </soap:Body>\n\r" \
"</soap:Envelope>\n\r";
char ip[] = "200.249.12.31";
static void logCb(void *data, const void *ruleMessagev) {
if (ruleMessagev == NULL) {
std::cout << "I've got a call but the message was null ;(";
std::cout << std::endl;
return;
}
const modsecurity::RuleMessage *ruleMessage = \
reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev);
std::cout << "Rule Id: " << std::to_string(ruleMessage->m_ruleId);
std::cout << " phase: " << std::to_string(ruleMessage->m_phase);
std::cout << std::endl;
if (ruleMessage->m_isDisruptive) {
std::cout << " * Disruptive action: ";
std::cout << modsecurity::RuleMessage::log(ruleMessage);
std::cout << std::endl;
std::cout << " ** %d is meant to be informed by the webserver.";
std::cout << std::endl;
} else {
std::cout << " * Match, but no disruptive action: ";
std::cout << modsecurity::RuleMessage::log(ruleMessage);
std::cout << std::endl;
}
}
int process_intervention(modsecurity::Transaction *transaction) {
modsecurity::ModSecurityIntervention intervention;
intervention.status = 200;
intervention.url = NULL;
intervention.log = NULL;
intervention.disruptive = 0;
if (msc_intervention(transaction, &intervention) == 0) {
return 0;
}
if (intervention.log == NULL) {
intervention.log = strdup("(no log message was specified)");
}
std::cout << "Log: " << intervention.log << std::endl;
free(intervention.log);
intervention.log = NULL;
if (intervention.url != NULL) {
std::cout << "Intervention, redirect to: " << intervention.url;
std::cout << " with status code: " << intervention.status << std::endl;
free(intervention.url);
intervention.url = NULL;
return intervention.status;
}
if (intervention.status != 200) {
std::cout << "Intervention, returning code: " << intervention.status;
std::cout << std::endl;
return intervention.status;
}
return 0;
}
int main(int argc, char **argv) {
modsecurity::ModSecurity *modsec;
modsecurity::Rules *rules;
modsecurity::ModSecurityIntervention it;
if (argc < 2) {
std::cout << "Use " << *argv << " test-case-file.conf";
std::cout << std::endl << std::endl;
return -1;
}
*(argv++);
std::string rules_arg(*argv);
/**
* ModSecurity initial setup
*
*/
modsec = new modsecurity::ModSecurity();
modsec->setConnectorInformation("ModSecurity-test v0.0.1-alpha" \
" (ModSecurity test)");
modsec->setServerLogCb(logCb, modsecurity::RuleMessageLogProperty
| modsecurity::IncludeFullHighlightLogProperty);
/**
* loading the rules....
*
*/
rules = new modsecurity::Rules();
if (rules->loadFromUri(rules_arg.c_str()) < 0) {
std::cout << "Problems loading the rules..." << std::endl;
std::cout << rules->m_parserError.str() << std::endl;
return -1;
}
/**
* We are going to have a transaction
*
*/
modsecurity::Transaction *modsecTransaction = \
new modsecurity::Transaction(modsec, rules, NULL);
process_intervention(modsecTransaction);
/**
* Initial connection setup
*
*/
modsecTransaction->processConnection(ip, 12345, "127.0.0.1", 80);
process_intervention(modsecTransaction);
/**
* Finally we've got the URI
*
*/
modsecTransaction->processURI(request_uri, "GET", "1.1");
process_intervention(modsecTransaction);
/**
* Lets add our request headers.
*
*/
modsecTransaction->addRequestHeader("Host",
"net.tutsplus.com");
process_intervention(modsecTransaction);
/**
* No other reuqest header to add, let process it.
*
*/
modsecTransaction->processRequestHeaders();
process_intervention(modsecTransaction);
/**
* There is a request body to be informed...
*
*/
modsecTransaction->appendRequestBody(
(const unsigned char*)request_body_first,
strlen((const char*)request_body_first));
process_intervention(modsecTransaction);
modsecTransaction->appendRequestBody(
(const unsigned char*)request_body_second,
strlen((const char*)request_body_second));
process_intervention(modsecTransaction);
modsecTransaction->appendRequestBody(
(const unsigned char*)request_body_third,
strlen((const char*)request_body_third));
process_intervention(modsecTransaction);
/**
* Request body is there ;) lets process it.
*
*/
modsecTransaction->processRequestBody();
process_intervention(modsecTransaction);
/**
* The webserver is giving back the response headers.
*/
modsecTransaction->addResponseHeader("HTTP/1.1",
"200 OK");
process_intervention(modsecTransaction);
/**
* The response headers are filled in, lets process.
*
*/
modsecTransaction->processResponseHeaders(200, "HTTP 1.2");
process_intervention(modsecTransaction);
/**
* It is time to let modsec aware of the response body
*
*/
modsecTransaction->appendResponseBody(
(const unsigned char*)response_body_first,
strlen((const char*)response_body_first));
process_intervention(modsecTransaction);
modsecTransaction->appendResponseBody(
(const unsigned char*)response_body_second,
strlen((const char*)response_body_second));
process_intervention(modsecTransaction);
modsecTransaction->appendResponseBody(
(const unsigned char*)response_body_third,
strlen((const char*)response_body_third));
process_intervention(modsecTransaction);
/**
* Finally, lets have the response body processed.
*
*/
modsecTransaction->processResponseBody();
process_intervention(modsecTransaction);
/**
* Keeping track of everything: saving the logs.
*
*/
modsecTransaction->processLogging();
process_intervention(modsecTransaction);
/**
* cleanup.
*/
delete modsecTransaction;
delete rules;
delete modsec;
}

156
deps/src/ModSecurity/headers/modsecurity/actions/action.h vendored Normal file
View File

@@ -0,0 +1,156 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <string>
#include <iostream>
#include <memory>
#endif
#include "modsecurity/intervention.h"
#include "modsecurity/rule.h"
#ifndef HEADERS_MODSECURITY_ACTIONS_ACTION_H_
#define HEADERS_MODSECURITY_ACTIONS_ACTION_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
class Rule;
namespace actions {
class Action {
public:
explicit Action(const std::string& _action)
: m_isNone(false),
temporaryAction(false),
action_kind(2),
m_name(""),
m_parser_payload(""),
m_referenceCount(1) {
set_name_and_payload(_action);
}
explicit Action(const std::string& _action, int kind)
: m_isNone(false),
temporaryAction(false),
action_kind(kind),
m_name(""),
m_parser_payload(""),
m_referenceCount(1) {
set_name_and_payload(_action);
}
virtual ~Action() { }
virtual std::string evaluate(std::string exp,
Transaction *transaction);
virtual bool evaluate(Rule *rule, Transaction *transaction);
virtual bool evaluate(Rule *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> ruleMessage) {
return evaluate(rule, transaction);
}
virtual bool init(std::string *error) { return true; }
virtual bool isDisruptive() { return false; }
void set_name_and_payload(const std::string& data) {
size_t pos = data.find(":");
std::string t = "t:";
if (data.compare(0, t.length(), t) == 0) {
pos = data.find(":", 2);
}
if (pos == std::string::npos) {
m_name = data;
return;
}
m_name = std::string(data, 0, pos);
m_parser_payload = std::string(data, pos + 1, data.length());
if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) {
m_parser_payload.erase(0, 1);
m_parser_payload.pop_back();
}
}
int refCountDecreaseAndCheck() {
this->m_referenceCount--;
if (this->m_referenceCount == 0) {
delete this;
return 1;
}
return 0;
}
void refCountIncrease() {
this->m_referenceCount++;
}
bool m_isNone;
bool temporaryAction;
int action_kind;
std::string m_name;
std::string m_parser_payload;
/**
*
* Define the action kind regarding to the execution time.
*
*
*/
enum Kind {
/**
*
* Action that are executed while loading the configuration. For instance
* the rule ID or the rule phase.
*
*/
ConfigurationKind,
/**
*
* Those are actions that demands to be executed before call the operator.
* For instance the tranformations.
*
*
*/
RunTimeBeforeMatchAttemptKind,
/**
*
* Actions that are executed after the execution of the operator, only if
* the operator returned Match (or True). For instance the disruptive
* actions.
*
*/
RunTimeOnlyIfMatchKind,
};
private:
int m_referenceCount;
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_ACTIONS_ACTION_H_

113
deps/src/ModSecurity/headers/modsecurity/anchored_set_variable.h vendored Normal file
View File

@@ -0,0 +1,113 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <ctime>
#include <fstream>
#include <iomanip>
#include <iostream>
#include <list>
#include <map>
#include <sstream>
#include <string>
#include <unordered_map>
#include <utility>
#include <vector>
#include <algorithm>
#include <memory>
#endif
#include "modsecurity/variable_value.h"
#ifndef HEADERS_MODSECURITY_ANCHORED_SET_VARIABLE_H_
#define HEADERS_MODSECURITY_ANCHORED_SET_VARIABLE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace Utils {
class Regex;
}
namespace variables {
class KeyExclusions;
}
struct MyEqual {
bool operator()(const std::string& Left, const std::string& Right) const {
return Left.size() == Right.size()
&& std::equal(Left.begin(), Left.end(), Right.begin(),
[](char a, char b) {
return tolower(a) == tolower(b);
});
}
};
struct MyHash{
size_t operator()(const std::string& Keyval) const {
// You might need a better hash function than this
size_t h = 0;
std::for_each(Keyval.begin(), Keyval.end(), [&](char c) {
h += tolower(c);
});
return h;
}
};
class AnchoredSetVariable : public std::unordered_multimap<std::string,
VariableValue *, MyHash, MyEqual> {
public:
AnchoredSetVariable(Transaction *t, std::string name);
~AnchoredSetVariable();
void unset();
void set(const std::string &key, const std::string &value,
size_t offset);
void set(const std::string &key, const std::string &value,
size_t offset, size_t len);
void setCopy(std::string key, std::string value, size_t offset);
void resolve(std::vector<const VariableValue *> *l);
void resolve(std::vector<const VariableValue *> *l,
variables::KeyExclusions &ke);
void resolve(const std::string &key,
std::vector<const VariableValue *> *l);
void resolveRegularExpression(Utils::Regex *r,
std::vector<const VariableValue *> *l);
void resolveRegularExpression(Utils::Regex *r,
std::vector<const VariableValue *> *l,
variables::KeyExclusions &ke);
std::unique_ptr<std::string> resolveFirst(const std::string &key);
Transaction *m_transaction;
std::string m_name;
};
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_ANCHORED_SET_VARIABLE_H_

75
deps/src/ModSecurity/headers/modsecurity/anchored_variable.h vendored Normal file
View File

@@ -0,0 +1,75 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <ctime>
#include <fstream>
#include <iomanip>
#include <iostream>
#include <list>
#include <map>
#include <sstream>
#include <string>
#include <unordered_map>
#include <utility>
#include <vector>
#include <memory>
#endif
#include "modsecurity/variable_value.h"
#ifndef HEADERS_MODSECURITY_ANCHORED_VARIABLE_H_
#define HEADERS_MODSECURITY_ANCHORED_VARIABLE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
class AnchoredVariable {
public:
AnchoredVariable(Transaction* t, std::string name);
~AnchoredVariable();
void unset();
void set(const std::string &a, size_t offset);
void set(const std::string &a, size_t offset, size_t offsetLen);
void append(const std::string &a, size_t offset,
bool spaceSeparator = false);
void append(const std::string &a, size_t offset,
bool spaceSeparator, int size);
void evaluate(std::vector<const VariableValue *> *l);
std::string * evaluate();
std::unique_ptr<std::string> resolveFirst();
Transaction *m_transaction;
int m_offset;
std::string m_name;
std::string m_value;
private:
VariableValue *m_var;
};
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_ANCHORED_VARIABLE_H_

224
deps/src/ModSecurity/headers/modsecurity/audit_log.h vendored Normal file
View File

@@ -0,0 +1,224 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <iostream>
#include <fstream>
#include <string>
#endif
#ifndef HEADERS_MODSECURITY_AUDIT_LOG_H_
#define HEADERS_MODSECURITY_AUDIT_LOG_H_
#include "modsecurity/transaction.h"
#ifdef __cplusplus
namespace modsecurity {
namespace audit_log {
namespace writer {
class Writer;
}
/** @ingroup ModSecurity_CPP_API */
class AuditLog {
public:
AuditLog();
~AuditLog();
enum AuditLogType {
NotSetAuditLogType,
SerialAuditLogType,
ParallelAuditLogType,
HttpsAuditLogType
};
enum AuditLogStatus {
NotSetLogStatus,
OnAuditLogStatus,
OffAuditLogStatus,
RelevantOnlyAuditLogStatus
};
enum AuditLogFormat {
NotSetAuditLogFormat,
JSONAuditLogFormat,
NativeAuditLogFormat
};
enum AuditLogParts {
/**
* Audit log header (mandatory).
*
*/
AAuditLogPart = 2,
/**
* Request headers.
*
*/
BAuditLogPart = 4,
/**
* Request body (present only if the request body exists and ModSecurity
* is configured to intercept it).
*
*/
CAuditLogPart = 8,
/**
* Reserved for intermediary response headers; not implemented yet.
*
*/
DAuditLogPart = 16,
/**
* Intermediary response body (present only if ModSecurity is configured
* to intercept response bodies, and if the audit log engine is
* configured to record it). Intermediary response body is the same as the
* actual response body unless ModSecurity intercepts the intermediary
* response body, in which case the actual response body will contain the
* error message (either the Apache default error message, or the
* ErrorDocument page).
*
*/
EAuditLogPart = 32,
/**
* Final response headers (excluding the Date and Server headers, which
* are always added by Apache in the late stage of content delivery).
*
*/
FAuditLogPart = 64,
/**
* Reserved for the actual response body; not implemented yet.
*
*/
GAuditLogPart = 128,
/**
* Audit log trailer.
*
*/
HAuditLogPart = 256,
/**
* This part is a replacement for part C. It will log the same data as C
* in all cases except when multipart/form-data encoding in used. In this
* case, it will log a fake application/x-www-form-urlencoded body that
* contains the information about parameters but not about the files. This
* is handy if you dont want to have (often large) files stored in your
* audit logs.
*
*/
IAuditLogPart = 512,
/**
* This part contains information about the files uploaded using
* multipart/form-data encoding.
*/
JAuditLogPart = 1024,
/**
* This part contains a full list of every rule that matched (one per
* line) in the order they were matched. The rules are fully qualified and
* will thus show inherited actions and default operators. Supported as of
* v2.5.0.
*
*/
KAuditLogPart = 2048,
/**
* Final boundary, signifies the end of the entry (mandatory).
*
*/
ZAuditLogPart = 4096
};
bool setStorageDirMode(int permission);
bool setFileMode(int permission);
bool setStatus(AuditLogStatus new_status);
bool setRelevantStatus(const std::basic_string<char>& new_relevant_status);
bool setFilePath1(const std::basic_string<char>& path);
bool setFilePath2(const std::basic_string<char>& path);
bool setStorageDir(const std::basic_string<char>& path);
bool setFormat(AuditLogFormat fmt);
int getDirectoryPermission();
int getFilePermission();
int getParts();
bool setParts(const std::basic_string<char>& new_parts);
bool setType(AuditLogType audit_type);
bool init(std::string *error);
bool close();
bool saveIfRelevant(Transaction *transaction);
bool saveIfRelevant(Transaction *transaction, int parts);
bool isRelevant(int status);
int addParts(int parts, const std::string& new_parts);
int removeParts(int parts, const std::string& new_parts);
bool merge(AuditLog *from, std::string *error);
std::string m_path1;
std::string m_path2;
std::string m_storage_dir;
void refCountIncrease() {
m_refereceCount++;
}
bool refCountDecreaseAndCheck() {
m_refereceCount--;
if (m_refereceCount == 0) {
delete this;
return true;
}
return false;
}
AuditLogFormat m_format;
protected:
int m_parts;
int m_defaultParts = AAuditLogPart | BAuditLogPart | CAuditLogPart
| FAuditLogPart | HAuditLogPart | ZAuditLogPart;
int m_filePermission;
int m_defaultFilePermission = 0640;
int m_directoryPermission;
int m_defaultDirectoryPermission = 0750;
private:
AuditLogStatus m_status;
AuditLogType m_type;
std::string m_relevant;
audit_log::writer::Writer *m_writer;
int m_refereceCount;
};
} // namespace audit_log
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_AUDIT_LOG_H_

205
deps/src/ModSecurity/headers/modsecurity/collection/collection.h vendored Normal file
View File

@@ -0,0 +1,205 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <string>
#include <iostream>
#include <unordered_map>
#include <list>
#include <vector>
#include <algorithm>
#include <memory>
#endif
#include "modsecurity/variable_value.h"
#ifndef HEADERS_MODSECURITY_COLLECTION_COLLECTION_H_
#define HEADERS_MODSECURITY_COLLECTION_COLLECTION_H_
#ifndef __cplusplus
typedef struct Variable_t Variables;
#endif
#ifdef __cplusplus
namespace modsecurity {
namespace variables {
class KeyExclusions;
}
namespace collection {
class Collection {
public:
explicit Collection(std::string a) : m_name(a) { }
virtual ~Collection() { }
virtual void store(std::string key, std::string value) = 0;
virtual bool storeOrUpdateFirst(const std::string &key,
const std::string &value) = 0;
virtual bool updateFirst(const std::string &key,
const std::string &value) = 0;
virtual void del(const std::string& key) = 0;
virtual std::unique_ptr<std::string> resolveFirst(
const std::string& var) = 0;
virtual void resolveSingleMatch(const std::string& var,
std::vector<const VariableValue *> *l) = 0;
virtual void resolveMultiMatches(const std::string& var,
std::vector<const VariableValue *> *l,
variables::KeyExclusions &ke) = 0;
virtual void resolveRegularExpression(const std::string& var,
std::vector<const VariableValue *> *l,
variables::KeyExclusions &ke) = 0;
/* store */
virtual void store(std::string key, std::string compartment,
std::string value) {
std::string nkey = compartment + "::" + key;
store(nkey, value);
}
virtual void store(std::string key, std::string compartment,
std::string compartment2, std::string value) {
std::string nkey = compartment + "::" + compartment2 + "::" + key;
store(nkey, value);
}
/* storeOrUpdateFirst */
virtual bool storeOrUpdateFirst(const std::string &key,
std::string compartment, const std::string &value) {
std::string nkey = compartment + "::" + key;
return storeOrUpdateFirst(nkey, value);
}
virtual bool storeOrUpdateFirst(const std::string &key,
std::string compartment, std::string compartment2,
const std::string &value) {
std::string nkey = compartment + "::" + compartment2 + "::" + key;
return storeOrUpdateFirst(nkey, value);
}
/* updateFirst */
virtual bool updateFirst(const std::string &key, std::string compartment,
const std::string &value) {
std::string nkey = compartment + "::" + key;
return updateFirst(nkey, value);
}
virtual bool updateFirst(const std::string &key, std::string compartment,
std::string compartment2, const std::string &value) {
std::string nkey = compartment + "::" + compartment2 + "::" + key;
return updateFirst(nkey, value);
}
/* del */
virtual void del(const std::string& key, std::string compartment) {
std::string nkey = compartment + "::" + key;
del(nkey);
}
virtual void del(const std::string& key, std::string compartment,
std::string compartment2) {
std::string nkey = compartment + "::" + compartment2 + "::" + key;
del(nkey);
}
/* resolveFirst */
virtual std::unique_ptr<std::string> resolveFirst(const std::string& var,
std::string compartment) {
std::string nkey = compartment + "::" + var;
return resolveFirst(nkey);
}
virtual std::unique_ptr<std::string> resolveFirst(const std::string& var,
std::string compartment, std::string compartment2) {
std::string nkey = compartment + "::" + compartment2 + "::" + var;
return resolveFirst(nkey);
}
/* resolveSingleMatch */
virtual void resolveSingleMatch(const std::string& var,
std::string compartment, std::vector<const VariableValue *> *l) {
std::string nkey = compartment + "::" + var;
resolveSingleMatch(nkey, l);
}
virtual void resolveSingleMatch(const std::string& var,
std::string compartment, std::string compartment2,
std::vector<const VariableValue *> *l) {
std::string nkey = compartment + "::" + compartment2 + "::" + var;
resolveSingleMatch(nkey, l);
}
/* resolveMultiMatches */
virtual void resolveMultiMatches(const std::string& var,
std::string compartment, std::vector<const VariableValue *> *l,
variables::KeyExclusions &ke) {
std::string nkey = compartment + "::" + var;
resolveMultiMatches(nkey, l, ke);
}
virtual void resolveMultiMatches(const std::string& var,
std::string compartment, std::string compartment2,
std::vector<const VariableValue *> *l,
variables::KeyExclusions &ke) {
std::string nkey = compartment + "::" + compartment2 + "::" + var;
resolveMultiMatches(nkey, l, ke);
}
/* resolveRegularExpression */
virtual void resolveRegularExpression(const std::string& var,
std::string compartment, std::vector<const VariableValue *> *l,
variables::KeyExclusions &ke) {
std::string nkey = compartment + "::" + var;
resolveRegularExpression(nkey, l, ke);
}
virtual void resolveRegularExpression(const std::string& var,
std::string compartment, std::string compartment2,
std::vector<const VariableValue *> *l, variables::KeyExclusions &ke) {
std::string nkey = compartment + "::" + compartment2 + "::" + var;
resolveRegularExpression(nkey, l, ke);
}
std::string m_name;
};
} // namespace collection
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_COLLECTION_COLLECTION_H_

73
deps/src/ModSecurity/headers/modsecurity/collection/collections.h vendored Normal file
View File

@@ -0,0 +1,73 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <ctime>
#include <iostream>
#include <unordered_map>
#include <fstream>
#include <vector>
#include <iomanip>
#include <set>
#include <cstdio>
#include <string>
#include <list>
#include <memory>
#endif
#include "modsecurity/collection/collection.h"
#include "modsecurity/variable_value.h"
#ifndef HEADERS_MODSECURITY_COLLECTION_COLLECTIONS_H_
#define HEADERS_MODSECURITY_COLLECTION_COLLECTIONS_H_
#ifndef __cplusplus
typedef struct Collections_t Collections;
#endif
#ifdef __cplusplus
namespace modsecurity {
namespace collection {
class Collections {
public:
Collections(Collection *global, Collection *ip, Collection *session,
Collection *user, Collection *resource);
~Collections();
std::string m_global_collection_key;
std::string m_ip_collection_key;
std::string m_session_collection_key;
std::string m_user_collection_key;
std::string m_resource_collection_key;
Collection *m_global_collection;
Collection *m_ip_collection;
Collection *m_session_collection;
Collection *m_user_collection;
Collection *m_resource_collection;
Collection *m_tx_collection;
};
} // namespace collection
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_COLLECTION_COLLECTIONS_H_

63
deps/src/ModSecurity/headers/modsecurity/debug_log.h vendored Normal file
View File

@@ -0,0 +1,63 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <string>
#endif
#ifndef HEADERS_MODSECURITY_DEBUG_LOG_H_
#define HEADERS_MODSECURITY_DEBUG_LOG_H_
#ifndef __cplusplus
typedef struct DebugLog_t DebugLog;
#endif
#ifdef __cplusplus
namespace modsecurity {
namespace debug_log {
/** @ingroup ModSecurity_CPP_API */
class DebugLog {
public:
DebugLog()
: m_debugLevel(-1),
m_fileName("") { }
virtual ~DebugLog();
virtual void write(int level, const std::string &msg);
virtual void write(int level, const std::string &id,
const std::string &uri, const std::string &msg);
bool isLogFileSet();
bool isLogLevelSet();
void setDebugLogLevel(int level);
void setDebugLogFile(const std::string &fileName, std::string *error);
const std::string& getDebugLogFile();
virtual int getDebugLogLevel();
int m_debugLevel;
private:
std::string m_fileName;
};
} // namespace debug_log
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_DEBUG_LOG_H_

71
deps/src/ModSecurity/headers/modsecurity/intervention.h vendored Normal file
View File

@@ -0,0 +1,71 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifndef HEADERS_MODSECURITY_INTERVENTION_H_
#define HEADERS_MODSECURITY_INTERVENTION_H_
#ifdef __cplusplus
namespace modsecurity {
#endif
typedef struct ModSecurityIntervention_t {
int status;
int pause;
char *url;
char *log;
int disruptive;
} ModSecurityIntervention;
#ifdef __cplusplus
namespace intervention {
static void reset(ModSecurityIntervention_t *i) {
i->status = 200;
i->pause = 0;
i->disruptive = 0;
}
static void clean(ModSecurityIntervention_t *i) {
i->url = NULL;
i->log = NULL;
reset(i);
}
static void freeUrl(ModSecurityIntervention_t *i) {
if (i->url) {
free(i->url);
i->url = NULL;
}
}
static void freeLog(ModSecurityIntervention_t *i) {
if (i->log) {
free(i->log);
i->log = NULL;
}
}
static void free(ModSecurityIntervention_t *i) {
freeUrl(i);
freeLog(i);
}
} // namespace intervention
#endif
#ifdef __cplusplus
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_INTERVENTION_H_

337
deps/src/ModSecurity/headers/modsecurity/modsecurity.h vendored Normal file
View File

@@ -0,0 +1,337 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
/** @file modsecurity.h Main ModSecurity header file */
/** @mainpage ModSecurity - open source, cross platform web application firewall
*
* Example Usage:
* @code
*
* using ModSecurity::ModSecurity;
* using ModSecurity::Rules;
* using ModSecurity::Transaction;
*
* ModSecurity *modsec;
* ModSecurity::Rules *rules;
*
* modsec = new ModSecurity();
* rules = new Rules();
* rules->loadFromUri(rules_file);
*
* Transaction *modsecTransaction = new Transaction(modsec, rules);
* modsecTransaction->processConnection("127.0.0.1");
*
* if (modsecTransaction->intervention()) {
* std::cout << "There is an intervention" << std::endl;
* }
*
* ...
*
* @endcode
*
*/
/**
* @defgroup ModSecurity_C_API ModSecurity C API
*
* This is the ModSecurity C API description
*
* At this page you can get information on how the extend your C
* application, by embedding ModSecurity.
*
*/
/**
* @defgroup ModSecurity_CPP_API ModSecurity CPP API
*
* This is the ModSecurity CPP API description.
*
* At this page you can get information on how the extend your CPP
* application, by embedding ModSecurity.
*
*/
/**
* @defgroup ModSecurity_Operator ModSecurity Operators
*
* SecLanguage operator
*/
#ifdef __cplusplus
#include <ctime>
#include <iostream>
#include <string>
#include <memory>
#endif
#ifndef HEADERS_MODSECURITY_MODSECURITY_H_
#define HEADERS_MODSECURITY_MODSECURITY_H_
#ifndef __cplusplus
typedef struct ModSecurity_t modsecurity;
#else
namespace modsecurity {
/**
*
* The Phases enumerator consists in mapping the different stages of a
* given request. ModSecurity is expected to inspect data based on those
* "phases". If your module/application use this in a different order, it
* will lead ModSecurity to act in an unexpected behavior.
*
* It is mandatory to call all the phases, even if you don't have this
* phases segmented in your end.
*
*/
enum Phases {
/**
*
* The connection is the very first information that ModSecurity can
* inspect. It is expected to happens before the virtual host name be
* resolved. This phase is expected to happen immediately after a
* connection is established.
*
*/
ConnectionPhase,
/**
*
* The "URI" phase happens just after the web server (or any other
* application that you may use with ModSecurity) have the acknowledgement
* of the full request URI.
*
*/
UriPhase,
/**
*
* The "RequestHeaders" phase happens when the server has all the
* information about the headers. Notice however, that it is expected to
* happen prior to the reception of the request body (if any).
*
*/
RequestHeadersPhase,
/**
*
* At the "RequestHeaders" phase, ModSecurity is expected to inspect the
* content of a request body, that does not happens when the server has all
* the content but prior to that, when the body transmission started.
* ModSecurity can ask the webserver to block (or make any other disruptive
* action) while the client is still transmitting the data.
*
*/
RequestBodyPhase,
/**
*
* The "ResponseHeaders" happens just before all the response headers are
* ready to be delivery to the client.
*
*/
ResponseHeadersPhase,
/**
*
* Same as "RequestBody" the "ResponseBody" phase perform a stream
* inspection which may result in a disruptive action.
*
*/
ResponseBodyPhase,
/**
*
* The last phase is the logging phase. At this phase ModSecurity will
* generate the internal logs, there is no need to hold the request at
* this point as this phase does not produce any kind of action.
*
*/
LoggingPhase,
/**
* Just a marking for the expected number of phases.
*
*/
NUMBER_OF_PHASES,
};
} // namespace modsecurity
#endif
#include "modsecurity/intervention.h"
#include "modsecurity/transaction.h"
#include "modsecurity/debug_log.h"
/**
* TAG_NUM:
*
* Alpha - 001
* Beta - 002
* Dev - 010
* Rc1 - 051
* Rc2 - 052
* ... - ...
* Release- 100
*
*/
#define MODSECURITY_MAJOR "3"
#define MODSECURITY_MINOR "0"
#define MODSECURITY_PATCHLEVEL "4"
#define MODSECURITY_TAG ""
#define MODSECURITY_TAG_NUM "100"
#define MODSECURITY_VERSION MODSECURITY_MAJOR "." \
MODSECURITY_MINOR "." MODSECURITY_PATCHLEVEL \
MODSECURITY_TAG
#define MODSECURITY_VERSION_NUM MODSECURITY_MAJOR \
MODSECURITY_MINOR MODSECURITY_PATCHLEVEL MODSECURITY_TAG_NUM
/*
* @name ModSecLogCb
* @brief Callback to be function on every log generation
*
*
* The callback is going to be called on every log request.
*
*
* void * Internal reference to be used by the API consumer. Whatever
* is set here will be passed on every call.
* void * Pointer to a const char * or RuleMessage class. The returned
* data is selected on the log register property.
*
* @note Vide LogProperty enum to learn more about Log Properties.
*
*/
typedef void (*ModSecLogCb) (void *, const void *);
#ifdef __cplusplus
namespace modsecurity {
/* few forwarded declarations */
namespace actions {
class Action;
}
class Rule;
#ifdef __cplusplus
extern "C" {
#endif
/**
*
* Properties used to configure the general log callback.
*
*/
enum LogProperty {
/**
*
* Original ModSecurity text log entry. The same entry that can be found
* within the Apache error_log (in the 2.x family)
*
*/
TextLogProperty = 1,
/**
*
* Instead of return the text log entry an instance of the class
* RuleMessages is returned.
*
*/
RuleMessageLogProperty = 2,
/**
* This property only makes sense with the utilization of the
* RuleMessageLogProperty. Without this property set the RuleMessage
* structure will not be filled with the information of the hightlight.
*
* Notice that the highlight can be calculate post-analisys. Calculate it
* during the analisys may delay the analisys process.
*
*/
IncludeFullHighlightLogProperty = 4,
};
#ifdef __cplusplus
}
#endif
/** @ingroup ModSecurity_CPP_API */
class ModSecurity {
public:
ModSecurity();
~ModSecurity();
const std::string& whoAmI();
void setConnectorInformation(std::string connector);
void setServerLogCb(ModSecLogCb cb);
/**
*
* properties Properties to inform ModSecurity what kind of infornation
* is expected be returned.
*
*/
void setServerLogCb(ModSecLogCb cb, int properties);
void serverLog(void *data, std::shared_ptr<RuleMessage> rm);
const std::string& getConnectorInformation();
int processContentOffset(const char *content, size_t len,
const char *matchString, std::string *json, const char **err);
collection::Collection *m_global_collection;
collection::Collection *m_resource_collection;
collection::Collection *m_ip_collection;
collection::Collection *m_session_collection;
collection::Collection *m_user_collection;
private:
std::string m_connector;
std::string m_whoami;
ModSecLogCb m_logCb;
int m_logProperties;
};
#endif
#ifdef __cplusplus
extern "C" {
#endif
/** @ingroup ModSecurity_C_API */
ModSecurity *msc_init(void);
/** @ingroup ModSecurity_C_API */
const char *msc_who_am_i(ModSecurity *msc);
/** @ingroup ModSecurity_C_API */
void msc_set_connector_info(ModSecurity *msc, const char *connector);
/** @ingroup ModSecurity_C_API */
void msc_set_log_cb(ModSecurity *msc, ModSecLogCb cb);
/** @ingroup ModSecurity_C_API */
void msc_cleanup(ModSecurity *msc);
#ifdef __cplusplus
}
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_MODSECURITY_H_

163
deps/src/ModSecurity/headers/modsecurity/rule.h vendored Normal file
View File

@@ -0,0 +1,163 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <stack>
#include <vector>
#include <string>
#include <list>
#include <memory>
#include <utility>
#endif
#ifndef HEADERS_MODSECURITY_RULE_H_
#define HEADERS_MODSECURITY_RULE_H_
#include "modsecurity/transaction.h"
#include "modsecurity/variable_value.h"
#ifdef __cplusplus
namespace modsecurity {
namespace variables {
class Variable;
class Variables;
}
namespace actions {
class Action;
class Severity;
class LogData;
class Msg;
class Rev;
class SetVar;
class Tag;
}
namespace operators {
class Operator;
}
class Rule {
public:
Rule(operators::Operator *_op,
variables::Variables *_variables,
std::vector<actions::Action *> *_actions,
std::string fileName,
int lineNumber);
explicit Rule(std::string marker);
virtual ~Rule();
virtual bool evaluate(Transaction *transaction,
std::shared_ptr<RuleMessage> rm);
void organizeActions(std::vector<actions::Action *> *actions);
void cleanUpActions();
void executeAction(Transaction *trans,
bool containsBlock, std::shared_ptr<RuleMessage> ruleMessage,
actions::Action *a, bool context);
inline void executeTransformation(actions::Action *a,
std::shared_ptr<std::string> *value,
Transaction *trans,
std::list<std::pair<std::shared_ptr<std::string>,
std::shared_ptr<std::string>>> *ret,
std::string *path,
int *nth);
void getVariablesExceptions(Transaction *t,
variables::Variables *exclusion, variables::Variables *addition);
inline void getFinalVars(variables::Variables *vars,
variables::Variables *eclusion, Transaction *trans);
void executeActionsAfterFullMatch(Transaction *trasn,
bool containsDisruptive, std::shared_ptr<RuleMessage> ruleMessage);
std::list<std::pair<std::shared_ptr<std::string>,
std::shared_ptr<std::string>>> executeDefaultTransformations(
Transaction *trasn, const std::string &value);
bool executeOperatorAt(Transaction *trasn, std::string key,
std::string value, std::shared_ptr<RuleMessage> rm);
void executeActionsIndependentOfChainedRuleResult(Transaction *trasn,
bool *b, std::shared_ptr<RuleMessage> ruleMessage);
inline void updateMatchedVars(Transaction *trasn, const std::string &key,
const std::string &value);
inline void cleanMatchedVars(Transaction *trasn);
std::vector<actions::Action *> getActionsByName(const std::string& name,
Transaction *t);
bool containsTag(const std::string& name, Transaction *t);
bool containsMsg(const std::string& name, Transaction *t);
int refCountDecreaseAndCheck() {
m_referenceCount--;
if (m_referenceCount == 0) {
delete this;
return 1;
}
return 0;
}
void refCountIncrease() {
m_referenceCount++;
}
void executeTransformations(
actions::Action *a,
std::shared_ptr<std::string> newValue,
std::shared_ptr<std::string> value,
Transaction *trans,
std::list<std::pair<std::shared_ptr<std::string>,
std::shared_ptr<std::string>>> *ret,
std::shared_ptr<std::string> transStr,
int nth);
actions::Action *m_theDisruptiveAction;
actions::LogData *m_logData;
actions::Msg *m_msg;
actions::Severity *m_severity;
bool m_chained;
bool m_containsCaptureAction;
bool m_containsMultiMatchAction;
bool m_containsStaticBlockAction;
bool m_secMarker;
int64_t m_ruleId;
int m_accuracy;
int m_lineNumber;
int m_maturity;
int m_phase;
modsecurity::variables::Variables *m_variables;
operators::Operator *m_op;
Rule *m_chainedRuleChild;
Rule *m_chainedRuleParent;
std::string m_fileName;
std::string m_marker;
std::string m_rev;
std::string m_ver;
std::vector<actions::Action *> m_actionsRuntimePos;
std::vector<actions::Action *> m_actionsRuntimePre;
std::vector<actions::SetVar *> m_actionsSetVar;
std::vector<actions::Tag *> m_actionsTag;
private:
bool m_unconditional;
int m_referenceCount;
};
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_RULE_H_

124
deps/src/ModSecurity/headers/modsecurity/rule_message.h vendored Normal file
View File

@@ -0,0 +1,124 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <stack>
#include <vector>
#include <string>
#include <list>
#include <cstring>
#endif
#ifndef HEADERS_MODSECURITY_RULE_MESSAGE_H_
#define HEADERS_MODSECURITY_RULE_MESSAGE_H_
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#ifdef __cplusplus
namespace modsecurity {
class RuleMessage {
public:
enum LogMessageInfo {
ErrorLogTailLogMessageInfo = 2,
ClientLogMessageInfo = 4
};
explicit RuleMessage(Rule *rule, Transaction *trans) :
m_accuracy(rule->m_accuracy),
m_clientIpAddress(trans->m_clientIpAddress),
m_data(""),
m_id(trans->m_id),
m_isDisruptive(false),
m_match(""),
m_maturity(rule->m_maturity),
m_message(""),
m_noAuditLog(false),
m_phase(rule->m_phase - 1),
m_reference(""),
m_rev(rule->m_rev),
m_rule(rule),
m_ruleFile(rule->m_fileName),
m_ruleId(rule->m_ruleId),
m_ruleLine(rule->m_lineNumber),
m_saveMessage(true),
m_serverIpAddress(trans->m_serverIpAddress),
m_severity(0),
m_uriNoQueryStringDecoded(trans->m_uri_no_query_string_decoded),
m_ver(rule->m_ver)
{ }
std::string log() {
return RuleMessage::log(this, 0);
}
std::string log(int props) {
return RuleMessage::log(this, props);
}
std::string log(int props, int responseCode) {
return RuleMessage::log(this, props, responseCode);
}
std::string errorLog() {
return RuleMessage::log(this,
ClientLogMessageInfo | ErrorLogTailLogMessageInfo);
}
static std::string log(const RuleMessage *rm, int props, int code);
static std::string log(const RuleMessage *rm, int props) {
return RuleMessage::log(rm, props, -1);
}
static std::string log(const RuleMessage *rm) {
return RuleMessage::log(rm, 0);
}
static std::string _details(const RuleMessage *rm);
static std::string _errorLogTail(const RuleMessage *rm);
int m_accuracy;
std::string m_clientIpAddress;
std::string m_data;
std::string m_id;
bool m_isDisruptive;
std::string m_match;
int m_maturity;
std::string m_message;
bool m_noAuditLog;
int m_phase;
std::string m_reference;
std::string m_rev;
Rule *m_rule;
std::string m_ruleFile;
int m_ruleId;
int m_ruleLine;
bool m_saveMessage;
std::string m_serverIpAddress;
int m_severity;
std::string m_uriNoQueryStringDecoded;
std::string m_ver;
std::list<std::string> m_tags;
};
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_RULE_MESSAGE_H_

113
deps/src/ModSecurity/headers/modsecurity/rules.h vendored Normal file
View File

@@ -0,0 +1,113 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <stdio.h>
#include <string.h>
#ifdef __cplusplus
#include <ctime>
#include <iostream>
#include <string>
#include <vector>
#include <list>
#endif
#ifndef HEADERS_MODSECURITY_RULES_H_
#define HEADERS_MODSECURITY_RULES_H_
#include "modsecurity/rules_properties.h"
#include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h"
#ifdef __cplusplus
namespace modsecurity {
class Rule;
namespace Parser {
class Driver;
}
/** @ingroup ModSecurity_CPP_API */
class Rules : public RulesProperties {
public:
Rules()
: RulesProperties(new DebugLog()),
unicode_codepage(0),
#ifndef NO_LOGS
m_secmarker_skipped(0),
#endif
m_referenceCount(0) { }
explicit Rules(DebugLog *customLog)
: RulesProperties(customLog),
unicode_codepage(0),
#ifndef NO_LOGS
m_secmarker_skipped(0),
#endif
m_referenceCount(0) { }
~Rules() { }
void incrementReferenceCount(void);
void decrementReferenceCount(void);
int loadFromUri(const char *uri);
int loadRemote(const char *key, const char *uri);
int load(const char *rules);
int load(const char *rules, const std::string &ref);
void dump();
int merge(Parser::Driver *driver);
int merge(Rules *rules);
int evaluate(int phase, Transaction *transaction);
std::string getParserError();
void debug(int level, const std::string &id, const std::string &uri,
const std::string &msg);
int64_t unicode_codepage;
private:
int m_referenceCount;
#ifndef NO_LOGS
uint8_t m_secmarker_skipped;
#endif
};
#endif
#ifdef __cplusplus
extern "C" {
#endif
Rules *msc_create_rules_set(void);
void msc_rules_dump(Rules *rules);
int msc_rules_merge(Rules *rules_dst, Rules *rules_from, const char **error);
int msc_rules_add_remote(Rules *rules, const char *key, const char *uri,
const char **error);
int msc_rules_add_file(Rules *rules, const char *file, const char **error);
int msc_rules_add(Rules *rules, const char *plain_rules, const char **error);
int msc_rules_cleanup(Rules *rules);
#ifdef __cplusplus
}
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_RULES_H_

98
deps/src/ModSecurity/headers/modsecurity/rules_exceptions.h vendored Normal file
View File

@@ -0,0 +1,98 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <ctime>
#include <fstream>
#include <iomanip>
#include <iostream>
#include <list>
#include <map>
#include <sstream>
#include <string>
#include <unordered_map>
#include <utility>
#include <vector>
#include <memory>
#endif
#ifndef HEADERS_MODSECURITY_RULES_EXCEPTIONS_H_
#define HEADERS_MODSECURITY_RULES_EXCEPTIONS_H_
#ifdef __cplusplus
namespace modsecurity {
namespace actions {
class Action;
}
namespace variables {
class Variable;
}
class RulesExceptions {
public:
RulesExceptions();
~RulesExceptions();
bool load(const std::string &data, std::string *error);
bool addRange(int a, int b);
bool addNumber(int a);
bool contains(int a);
bool merge(RulesExceptions *from);
bool loadRemoveRuleByMsg(const std::string &msg, std::string *error);
bool loadRemoveRuleByTag(const std::string &msg, std::string *error);
bool loadUpdateTargetByMsg(const std::string &msg,
std::unique_ptr<std::vector<std::unique_ptr<variables::Variable> > > v,
std::string *error);
bool loadUpdateTargetByTag(const std::string &tag,
std::unique_ptr<std::vector<std::unique_ptr<variables::Variable> > > v,
std::string *error);
bool loadUpdateTargetById(double id,
std::unique_ptr<std::vector<std::unique_ptr<variables::Variable> > > v,
std::string *error);
bool loadUpdateActionById(double id,
std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > actions,
std::string *error);
std::unordered_multimap<std::shared_ptr<std::string>,
std::shared_ptr<variables::Variable>> m_variable_update_target_by_tag;
std::unordered_multimap<std::shared_ptr<std::string>,
std::shared_ptr<variables::Variable>> m_variable_update_target_by_msg;
std::unordered_multimap<double,
std::shared_ptr<variables::Variable>> m_variable_update_target_by_id;
std::unordered_multimap<double,
std::shared_ptr<actions::Action>> m_action_pre_update_target_by_id;
std::unordered_multimap<double,
std::shared_ptr<actions::Action>> m_action_pos_update_target_by_id;
std::list<std::string> m_remove_rule_by_msg;
std::list<std::string> m_remove_rule_by_tag;
private:
std::list<std::pair<int, int> > m_ranges;
std::list<int> m_numbers;
};
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_RULES_EXCEPTIONS_H_

561
deps/src/ModSecurity/headers/modsecurity/rules_properties.h vendored Normal file
View File

@@ -0,0 +1,561 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <ctime>
#include <iostream>
#include <string>
#include <vector>
#include <list>
#include <set>
#include <cstring>
#endif
#ifndef HEADERS_MODSECURITY_RULES_PROPERTIES_H_
#define HEADERS_MODSECURITY_RULES_PROPERTIES_H_
#include "modsecurity/modsecurity.h"
#include "modsecurity/rule.h"
#include "modsecurity/rules_exceptions.h"
#include "modsecurity/actions/action.h"
#include "modsecurity/audit_log.h"
#define CODEPAGE_SEPARATORS " \t\n\r"
#define merge_boolean_value(to, from, default) \
if (to == PropertyNotSetConfigBoolean) { \
to = (from == PropertyNotSetConfigBoolean) ? default : from; \
}
#define merge_ruleengine_value(to, from, default) \
if (to == PropertyNotSetRuleEngine) { \
to = (from == PropertyNotSetRuleEngine) ? default : from; \
}
#define merge_bodylimitaction_value(to, from, default) \
if (to == PropertyNotSetBodyLimitAction) { \
to = (from == PropertyNotSetBodyLimitAction) ? default : from; \
}
#ifdef __cplusplus
namespace modsecurity {
class RulesExceptions;
namespace Parser {
class Driver;
}
using modsecurity::debug_log::DebugLog;
using modsecurity::audit_log::AuditLog;
/** @ingroup ModSecurity_CPP_API */
class ConfigInt {
public:
ConfigInt() : m_set(false), m_value(0) { }
bool m_set;
int m_value;
void merge(ConfigInt *from) {
if (m_set == true || from->m_set == false) {
return;
}
m_set = true;
m_value = from->m_value;
return;
}
};
class ConfigDouble {
public:
ConfigDouble() : m_set(false), m_value(0) { }
bool m_set;
double m_value;
void merge(ConfigDouble *from) {
if (m_set == true || from->m_set == false) {
return;
}
m_set = true;
m_value = from->m_value;
return;
}
};
class ConfigString {
public:
ConfigString() : m_set(false), m_value("") { }
bool m_set;
std::string m_value;
void merge(ConfigString *from) {
if (m_set == true || from->m_set == false) {
return;
}
m_set = true;
m_value = from->m_value;
return;
}
};
class ConfigSet {
public:
ConfigSet() : m_set(false), m_clear(false) { }
bool m_set;
bool m_clear;
std::set<std::string> m_value;
};
class UnicodeMapHolder {
public:
UnicodeMapHolder() {
memset(m_data, -1, (sizeof(int)*65536));
};
int& operator[](int index) { return m_data[index]; }
int operator[](int index) const { return m_data[index]; }
int at(int index) const { return m_data[index]; }
void change(int i, int a) { m_data[i] = a; }
int m_data[65536];
};
class RulesProperties;
class ConfigUnicodeMap {
public:
ConfigUnicodeMap() : m_set(false),
m_unicodeCodePage(0),
m_unicodeMapTable(NULL) { }
static void loadConfig(std::string f, double codePage,
RulesProperties *driver, std::string *errg);
void merge(ConfigUnicodeMap *from) {
if (from->m_set == false) {
return;
}
m_set = true;
m_unicodeCodePage = from->m_unicodeCodePage;
m_unicodeMapTable = from->m_unicodeMapTable;
return;
}
bool m_set;
double m_unicodeCodePage;
std::shared_ptr<modsecurity::UnicodeMapHolder> m_unicodeMapTable;
};
class RulesProperties {
public:
RulesProperties() :
m_auditLog(new AuditLog()),
m_requestBodyLimitAction(PropertyNotSetBodyLimitAction),
m_responseBodyLimitAction(PropertyNotSetBodyLimitAction),
m_secRequestBodyAccess(PropertyNotSetConfigBoolean),
m_secResponseBodyAccess(PropertyNotSetConfigBoolean),
m_secXMLExternalEntity(PropertyNotSetConfigBoolean),
m_tmpSaveUploadedFiles(PropertyNotSetConfigBoolean),
m_uploadKeepFiles(PropertyNotSetConfigBoolean),
m_debugLog(new DebugLog()),
m_remoteRulesActionOnFailed(PropertyNotSetRemoteRulesAction),
m_secRuleEngine(PropertyNotSetRuleEngine) { }
explicit RulesProperties(DebugLog *debugLog) :
m_auditLog(new AuditLog()),
m_requestBodyLimitAction(PropertyNotSetBodyLimitAction),
m_responseBodyLimitAction(PropertyNotSetBodyLimitAction),
m_secRequestBodyAccess(PropertyNotSetConfigBoolean),
m_secResponseBodyAccess(PropertyNotSetConfigBoolean),
m_secXMLExternalEntity(PropertyNotSetConfigBoolean),
m_tmpSaveUploadedFiles(PropertyNotSetConfigBoolean),
m_uploadKeepFiles(PropertyNotSetConfigBoolean),
m_debugLog(debugLog),
m_remoteRulesActionOnFailed(PropertyNotSetRemoteRulesAction),
m_secRuleEngine(PropertyNotSetRuleEngine) { }
~RulesProperties() {
int i = 0;
/** Cleanup the rules */
for (i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<Rule *> rules = m_rules[i];
while (rules.empty() == false) {
Rule *rule = rules.back();
rules.pop_back();
if (rule->refCountDecreaseAndCheck()) {
rule = NULL;
}
}
}
for (i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<actions::Action *> *tmp = &m_defaultActions[i];
while (tmp->empty() == false) {
actions::Action *a = tmp->back();
tmp->pop_back();
if (a->refCountDecreaseAndCheck()) {
a = NULL;
}
}
}
delete m_debugLog;
delete m_auditLog;
}
/**
*
*
*/
enum ConfigBoolean {
TrueConfigBoolean,
FalseConfigBoolean,
PropertyNotSetConfigBoolean
};
/**
*
* The RuleEngine enumerator consists in mapping the different states
* of the rule engine.
*
*/
enum RuleEngine {
/**
*
* Rules won't be evaluated if Rule Engine is set to DisabledRuleEngine
*
*/
DisabledRuleEngine,
/**
*
* Rules will be evaluated and disturb actions will take place if needed.
*
*/
EnabledRuleEngine,
/**
* Rules will be evaluated but it won't generate any disruptive action.
*
*/
DetectionOnlyRuleEngine,
/**
*
*/
PropertyNotSetRuleEngine
};
/**
*
* Defines what actions should be taken in case the body (response or
* request) is bigger than the expected size.
*
*/
enum BodyLimitAction {
/**
*
* Process partial
*
*/
ProcessPartialBodyLimitAction,
/**
*
* Reject the request
*
*/
RejectBodyLimitAction,
/**
*
*/
PropertyNotSetBodyLimitAction
};
/**
*
* Defines what actions should be taken in case the remote rules failed to
* be downloaded (independent of the circumstances)
*
*
*/
enum OnFailedRemoteRulesAction {
/**
*
* Abort
*
*/
AbortOnFailedRemoteRulesAction,
/**
*
* Warn on logging
*
*/
WarnOnFailedRemoteRulesAction,
/**
*
*/
PropertyNotSetRemoteRulesAction
};
static const char *ruleEngineStateString(RuleEngine i) {
switch (i) {
case DisabledRuleEngine:
return "Disabled";
case EnabledRuleEngine:
return "Enabled";
case DetectionOnlyRuleEngine:
return "DetectionOnly";
case PropertyNotSetRuleEngine:
return "PropertyNotSet/DetectionOnly";
}
return NULL;
}
static std::string configBooleanString(ConfigBoolean i) {
switch (i) {
case TrueConfigBoolean:
return "True";
case FalseConfigBoolean:
return "False";
case PropertyNotSetConfigBoolean:
return "Not set";
}
return NULL;
}
static int mergeProperties(RulesProperties *from, RulesProperties *to,
std::ostringstream *err) {
int amount_of_rules = 0;
amount_of_rules = appendRules(from->m_rules, to->m_rules, err);
if (amount_of_rules < 0) {
return amount_of_rules;
}
merge_ruleengine_value(to->m_secRuleEngine, from->m_secRuleEngine,
PropertyNotSetRuleEngine);
merge_boolean_value(to->m_secRequestBodyAccess,
from->m_secRequestBodyAccess,
PropertyNotSetConfigBoolean);
merge_boolean_value(to->m_secResponseBodyAccess,
from->m_secResponseBodyAccess,
PropertyNotSetConfigBoolean);
merge_boolean_value(to->m_secXMLExternalEntity,
from->m_secXMLExternalEntity,
PropertyNotSetConfigBoolean);
merge_boolean_value(to->m_uploadKeepFiles,
from->m_uploadKeepFiles,
PropertyNotSetConfigBoolean);
merge_boolean_value(to->m_tmpSaveUploadedFiles,
from->m_tmpSaveUploadedFiles,
PropertyNotSetConfigBoolean);
to->m_requestBodyLimit.merge(&from->m_requestBodyLimit);
to->m_responseBodyLimit.merge(&from->m_responseBodyLimit);
merge_bodylimitaction_value(to->m_requestBodyLimitAction,
from->m_requestBodyLimitAction,
PropertyNotSetBodyLimitAction);
merge_bodylimitaction_value(to->m_responseBodyLimitAction,
from->m_responseBodyLimitAction,
PropertyNotSetBodyLimitAction);
to->m_uploadFileLimit.merge(&from->m_uploadFileLimit);
to->m_uploadFileMode.merge(&from->m_uploadFileMode);
to->m_uploadDirectory.merge(&from->m_uploadDirectory);
to->m_uploadTmpDirectory.merge(&from->m_uploadTmpDirectory);
to->m_secArgumentSeparator.merge(&from->m_secArgumentSeparator);
to->m_secWebAppId.merge(&from->m_secWebAppId);
to->m_unicodeMapTable.merge(&from->m_unicodeMapTable);
to->m_httpblKey.merge(&from->m_httpblKey);
to->m_exceptions.merge(&from->m_exceptions);
to->m_components.insert(to->m_components.end(),
from->m_components.begin(), from->m_components.end());
if (from->m_responseBodyTypeToBeInspected.m_set == true) {
if (from->m_responseBodyTypeToBeInspected.m_clear == true) {
to->m_responseBodyTypeToBeInspected.m_value.clear();
from->m_responseBodyTypeToBeInspected.m_value.clear();
} else {
for (std::set<std::string>::iterator
it = from->m_responseBodyTypeToBeInspected.m_value.begin();
it != from->m_responseBodyTypeToBeInspected.m_value.end();
++it) {
to->m_responseBodyTypeToBeInspected.m_value.insert(*it);
}
}
to->m_responseBodyTypeToBeInspected.m_set = true;
}
for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<actions::Action *> *actions_from = \
from->m_defaultActions+i;
std::vector<actions::Action *> *actions_to = to->m_defaultActions+i;
for (size_t j = 0; j < actions_from->size(); j++) {
actions::Action *action = actions_from->at(j);
action->refCountIncrease();
actions_to->push_back(action);
}
}
if (to->m_auditLog) {
std::string error;
to->m_auditLog->merge(from->m_auditLog, &error);
if (error.size() > 0) {
*err << error;
return -1;
}
}
if (from->m_debugLog && to->m_debugLog &&
from->m_debugLog->isLogFileSet()) {
if (to->m_debugLog->isLogFileSet() == false) {
std::string error;
to->m_debugLog->setDebugLogFile(
from->m_debugLog->getDebugLogFile(),
&error);
if (error.size() > 0) {
*err << error;
return -1;
}
}
}
if (from->m_debugLog && to->m_debugLog &&
from->m_debugLog->isLogLevelSet()) {
if (to->m_debugLog->isLogLevelSet() == false) {
to->m_debugLog->setDebugLogLevel(
from->m_debugLog->getDebugLogLevel());
}
}
return amount_of_rules;
}
static int appendRules(
std::vector<modsecurity::Rule *> *from,
std::vector<modsecurity::Rule *> *to,
std::ostringstream *err) {
int amount_of_rules = 0;
// TODO: std::vector could be replaced with something more efficient.
std::vector<int64_t> v;
for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<modsecurity::Rule *> *rules_to = to+i;
v.reserve(rules_to->size());
for (size_t z = 0; z < rules_to->size(); z++) {
Rule *rule_ckc = rules_to->at(z);
if (rule_ckc->m_secMarker == true) {
continue;
}
v.push_back(rule_ckc->m_ruleId);
}
}
std::sort (v.begin(), v.end());
for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
std::vector<modsecurity::Rule *> *rules_from = from+i;
std::vector<modsecurity::Rule *> *rules_to = to+i;
for (size_t j = 0; j < rules_from->size(); j++) {
Rule *rule = rules_from->at(j);
if (std::binary_search(v.begin(), v.end(), rule->m_ruleId)) {
if (err != NULL) {
*err << "Rule id: " << std::to_string(rule->m_ruleId) \
<< " is duplicated" << std::endl;
}
return -1;
}
amount_of_rules++;
rule->refCountIncrease();
rules_to->push_back(rule);
}
}
return amount_of_rules;
}
std::vector<modsecurity::Rule *> *getRulesForPhase(int phase) {
if (phase >= modsecurity::Phases::NUMBER_OF_PHASES) {
return NULL;
}
return &m_rules[phase];
}
audit_log::AuditLog *m_auditLog;
BodyLimitAction m_requestBodyLimitAction;
BodyLimitAction m_responseBodyLimitAction;
ConfigBoolean m_secRequestBodyAccess;
ConfigBoolean m_secResponseBodyAccess;
ConfigBoolean m_secXMLExternalEntity;
ConfigBoolean m_tmpSaveUploadedFiles;
ConfigBoolean m_uploadKeepFiles;
ConfigDouble m_requestBodyLimit;
ConfigDouble m_requestBodyNoFilesLimit;
ConfigDouble m_responseBodyLimit;
ConfigInt m_uploadFileLimit;
ConfigInt m_uploadFileMode;
DebugLog *m_debugLog;
OnFailedRemoteRulesAction m_remoteRulesActionOnFailed;
RuleEngine m_secRuleEngine;
RulesExceptions m_exceptions;
std::list<std::string> m_components;
std::ostringstream m_parserError;
ConfigSet m_responseBodyTypeToBeInspected;
ConfigString m_httpblKey;
ConfigString m_uploadDirectory;
ConfigString m_uploadTmpDirectory;
ConfigString m_secArgumentSeparator;
ConfigString m_secWebAppId;
std::vector<actions::Action *> m_defaultActions[modsecurity::Phases::NUMBER_OF_PHASES];
std::vector<modsecurity::Rule *> m_rules[modsecurity::Phases::NUMBER_OF_PHASES];
ConfigUnicodeMap m_unicodeMapTable;
};
#endif
#ifdef __cplusplus
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_RULES_PROPERTIES_H_

686
deps/src/ModSecurity/headers/modsecurity/transaction.h vendored Normal file
View File

@@ -0,0 +1,686 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <ctime>
#include <fstream>
#include <iomanip>
#include <iostream>
#include <list>
#include <map>
#include <sstream>
#include <string>
#include <unordered_map>
#include <utility>
#include <vector>
#include <memory>
#endif
#include <stdlib.h>
#include <stddef.h>
#ifndef HEADERS_MODSECURITY_TRANSACTION_H_
#define HEADERS_MODSECURITY_TRANSACTION_H_
#ifndef __cplusplus
typedef struct ModSecurity_t ModSecurity;
typedef struct Transaction_t Transaction;
typedef struct Rules_t Rules;
#endif
#include "modsecurity/anchored_set_variable.h"
#include "modsecurity/anchored_variable.h"
#include "modsecurity/intervention.h"
#include "modsecurity/collection/collections.h"
#include "modsecurity/variable_value.h"
#include "modsecurity/collection/collection.h"
#include "modsecurity/variable_origin.h"
#ifndef NO_LOGS
#define ms_dbg(b, c) \
do { \
if (m_rules && m_rules->m_debugLog && m_rules->m_debugLog->m_debugLevel >= b) { \
m_rules->debug(b, m_id, m_uri, c); \
} \
} while (0);
#else
#define ms_dbg(b, c) \
do { } while (0);
#endif
#ifndef NO_LOGS
#define ms_dbg_a(t, b, c) \
do { \
if (t && t->m_rules && t->m_rules->m_debugLog && t->m_rules->m_debugLog->m_debugLevel >= b) { \
t->debug(b, c); \
} \
} while (0);
#else
#define ms_dbg_a(t, b, c) \
do { } while (0);
#endif
#define LOGFY_ADD(a, b) \
yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \
if (b == NULL) { \
yajl_gen_string(g, reinterpret_cast<const unsigned char*>(""), \
strlen("")); \
} else { \
yajl_gen_string(g, reinterpret_cast<const unsigned char*>(b), \
strlen(b)); \
}
#define LOGFY_ADD_INT(a, b) \
yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \
yajl_gen_number(g, reinterpret_cast<const char*>(b), strlen(b));
#define LOGFY_ADD_NUM(a, b) \
yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \
yajl_gen_integer(g, b);
#ifdef __cplusplus
namespace modsecurity {
class ModSecurity;
class Transaction;
class Rules;
class RuleMessage;
namespace actions {
class Action;
namespace disruptive {
enum AllowType : int;
}
}
namespace RequestBodyProcessor {
class XML;
class JSON;
}
namespace operators {
class Operator;
}
class TransactionAnchoredVariables {
public:
explicit TransactionAnchoredVariables(Transaction *t)
: m_variableArgsNames(t, "ARGS_NAMES"),
m_variableArgsGetNames(t, "ARGS_GET_NAMES"),
m_variableArgsPostNames(t, "ARGS_POST_NAMES"),
m_variableRequestHeadersNames(t, "REQUEST_HEADERS_NAMES"),
m_variableResponseContentType(t, "RESPONSE_CONTENT_TYPE"),
m_variableResponseHeadersNames(t, "RESPONSE_HEADERS_NAMES"),
m_variableARGScombinedSize(t, "ARGS_COMBINED_SIZE"),
m_variableAuthType(t, "AUTH_TYPE"),
m_variableFilesCombinedSize(t, "FILES_COMBINED_SIZE"),
m_variableFullRequest(t, "FULL_REQUEST"),
m_variableFullRequestLength(t, "FULL_REQUEST_LENGTH"),
m_variableInboundDataError(t, "INBOUND_DATA_ERROR"),
m_variableMatchedVar(t, "MATCHED_VAR"),
m_variableMatchedVarName(t, "MATCHED_VAR_NAME"),
m_variableMultipartBoundaryQuoted(t, "MULTIPART_BOUNDARY_QUOTED"),
m_variableMultipartBoundaryWhiteSpace(t,
"MULTIPART_BOUNDARY_WHITESPACE"),
m_variableMultipartCrlfLFLines(t, "MULTIPART_CRLF_LF_LINES"),
m_variableMultipartDataAfter(t, "MULTIPART_DATA_AFTER"),
m_variableMultipartDataBefore(t, "MULTIPART_DATA_BEFORE"),
m_variableMultipartFileLimitExceeded(t,
"MULTIPART_FILE_LIMIT_EXCEEDED"),
m_variableMultipartHeaderFolding(t, "MULTIPART_HEADER_FOLDING"),
m_variableMultipartInvalidHeaderFolding(t,
"MULTIPART_INVALID_HEADER_FOLDING"),
m_variableMultipartInvalidPart(t, "MULTIPART_INVALID_PART"),
m_variableMultipartInvalidQuoting(t, "MULTIPART_INVALID_QUOTING"),
m_variableMultipartLFLine(t, "MULTIPART_LF_LINE"),
m_variableMultipartMissingSemicolon(t, "MULTIPART_MISSING_SEMICOLON"),
m_variableMultipartStrictError(t, "MULTIPART_STRICT_ERROR"),
m_variableMultipartUnmatchedBoundary(t,
"MULTIPART_UNMATCHED_BOUNDARY"),
m_variableOutboundDataError(t, "OUTBOUND_DATA_ERROR"),
m_variablePathInfo(t, "PATH_INFO"),
m_variableQueryString(t, "QUERY_STRING"),
m_variableRemoteAddr(t, "REMOTE_ADDR"),
m_variableRemoteHost(t, "REMOTE_HOST"),
m_variableRemotePort(t, "REMOTE_PORT"),
m_variableReqbodyError(t, "REQBODY_ERROR"),
m_variableReqbodyErrorMsg(t, "REQBODY_ERROR_MSG"),
m_variableReqbodyProcessorError(t, "REQBODY_PROCESSOR_ERROR"),
m_variableReqbodyProcessorErrorMsg(t, "REQBODY_PROCESSOR_ERROR_MSG"),
m_variableReqbodyProcessor(t, "REQBODY_PROCESSOR"),
m_variableRequestBasename(t, "REQUEST_BASENAME"),
m_variableRequestBody(t, "REQUEST_BODY"),
m_variableRequestBodyLength(t, "REQUEST_BODY_LENGTH"),
m_variableRequestFilename(t, "REQUEST_FILENAME"),
m_variableRequestLine(t, "REQUEST_LINE"),
m_variableRequestMethod(t, "REQUEST_METHOD"),
m_variableRequestProtocol(t, "REQUEST_PROTOCOL"),
m_variableRequestURI(t, "REQUEST_URI"),
m_variableRequestURIRaw(t, "REQUEST_URI_RAW"),
m_variableResource(t, "RESOURCE"),
m_variableResponseBody(t, "RESPONSE_BODY"),
m_variableResponseContentLength(t, "RESPONSE_CONTENT_LENGTH"),
m_variableResponseProtocol(t, "RESPONSE_PROTOCOL"),
m_variableResponseStatus(t, "RESPONSE_STATUS"),
m_variableServerAddr(t, "SERVER_ADDR"),
m_variableServerName(t, "SERVER_NAME"),
m_variableServerPort(t, "SERVER_PORT"),
m_variableSessionID(t, "SESSIONID"),
m_variableUniqueID(t, "UNIQUE_ID"),
m_variableUrlEncodedError(t, "URLENCODED_ERROR"),
m_variableUserID(t, "USERID"),
m_variableArgs(t, "ARGS"),
m_variableArgsGet(t, "ARGS_GET"),
m_variableArgsPost(t, "ARGS_POST"),
m_variableFilesSizes(t, "FILES_SIZES"),
m_variableFilesNames(t, "FILES_NAMES"),
m_variableFilesTmpContent(t, "FILES_TMP_CONTENT"),
m_variableMultipartFileName(t, "MULTIPART_FILENAME"),
m_variableMultipartName(t, "MULTIPART_NAME"),
m_variableMatchedVarsNames(t, "MATCHED_VARS_NAMES"),
m_variableMatchedVars(t, "MATCHED_VARS"),
m_variableFiles(t, "FILES"),
m_variableRequestCookies(t, "REQUEST_COOKIES"),
m_variableRequestHeaders(t, "REQUEST_HEADERS"),
m_variableResponseHeaders(t, "RESPONSE_HEADERS"),
m_variableGeo(t, "GEO"),
m_variableRequestCookiesNames(t, "REQUEST_COOKIES_NAMES"),
m_variableFilesTmpNames(t, "FILES_TMPNAMES"),
m_variableOffset(0)
{ }
AnchoredSetVariable m_variableArgsNames;
AnchoredSetVariable m_variableArgsGetNames;
AnchoredSetVariable m_variableArgsPostNames;
AnchoredSetVariable m_variableRequestHeadersNames;
AnchoredVariable m_variableResponseContentType;
AnchoredSetVariable m_variableResponseHeadersNames;
AnchoredVariable m_variableARGScombinedSize;
AnchoredVariable m_variableAuthType;
AnchoredVariable m_variableFilesCombinedSize;
AnchoredVariable m_variableFullRequest;
AnchoredVariable m_variableFullRequestLength;
AnchoredVariable m_variableInboundDataError;
AnchoredVariable m_variableMatchedVar;
AnchoredVariable m_variableMatchedVarName;
AnchoredVariable m_variableMultipartBoundaryQuoted;
AnchoredVariable m_variableMultipartBoundaryWhiteSpace;
AnchoredVariable m_variableMultipartCrlfLFLines;
AnchoredVariable m_variableMultipartDataAfter;
AnchoredVariable m_variableMultipartDataBefore;
AnchoredVariable m_variableMultipartFileLimitExceeded;
AnchoredVariable m_variableMultipartHeaderFolding;
AnchoredVariable m_variableMultipartInvalidHeaderFolding;
AnchoredVariable m_variableMultipartInvalidPart;
AnchoredVariable m_variableMultipartInvalidQuoting;
AnchoredVariable m_variableMultipartLFLine;
AnchoredVariable m_variableMultipartMissingSemicolon;
AnchoredVariable m_variableMultipartStrictError;
AnchoredVariable m_variableMultipartUnmatchedBoundary;
AnchoredVariable m_variableOutboundDataError;
AnchoredVariable m_variablePathInfo;
AnchoredVariable m_variableQueryString;
AnchoredVariable m_variableRemoteAddr;
AnchoredVariable m_variableRemoteHost;
AnchoredVariable m_variableRemotePort;
AnchoredVariable m_variableReqbodyError;
AnchoredVariable m_variableReqbodyErrorMsg;
AnchoredVariable m_variableReqbodyProcessorError;
AnchoredVariable m_variableReqbodyProcessorErrorMsg;
AnchoredVariable m_variableReqbodyProcessor;
AnchoredVariable m_variableRequestBasename;
AnchoredVariable m_variableRequestBody;
AnchoredVariable m_variableRequestBodyLength;
AnchoredVariable m_variableRequestFilename;
AnchoredVariable m_variableRequestLine;
AnchoredVariable m_variableRequestMethod;
AnchoredVariable m_variableRequestProtocol;
AnchoredVariable m_variableRequestURI;
AnchoredVariable m_variableRequestURIRaw;
AnchoredVariable m_variableResource;
AnchoredVariable m_variableResponseBody;
AnchoredVariable m_variableResponseContentLength;
AnchoredVariable m_variableResponseProtocol;
AnchoredVariable m_variableResponseStatus;
AnchoredVariable m_variableServerAddr;
AnchoredVariable m_variableServerName;
AnchoredVariable m_variableServerPort;
AnchoredVariable m_variableSessionID;
AnchoredVariable m_variableUniqueID;
AnchoredVariable m_variableUrlEncodedError;
AnchoredVariable m_variableUserID;
AnchoredSetVariable m_variableArgs;
AnchoredSetVariable m_variableArgsGet;
AnchoredSetVariable m_variableArgsPost;
AnchoredSetVariable m_variableFilesSizes;
AnchoredSetVariable m_variableFilesNames;
AnchoredSetVariable m_variableFilesTmpContent;
AnchoredSetVariable m_variableMultipartFileName;
AnchoredSetVariable m_variableMultipartName;
AnchoredSetVariable m_variableMatchedVarsNames;
AnchoredSetVariable m_variableMatchedVars;
AnchoredSetVariable m_variableFiles;
AnchoredSetVariable m_variableRequestCookies;
AnchoredSetVariable m_variableRequestHeaders;
AnchoredSetVariable m_variableResponseHeaders;
AnchoredSetVariable m_variableGeo;
AnchoredSetVariable m_variableRequestCookiesNames;
AnchoredSetVariable m_variableFilesTmpNames;
int m_variableOffset;
};
/** @ingroup ModSecurity_CPP_API */
class Transaction : public TransactionAnchoredVariables {
public:
Transaction(ModSecurity *transaction, Rules *rules, void *logCbData);
Transaction(ModSecurity *transaction, Rules *rules, char *id,
void *logCbData);
~Transaction();
/** TODO: Should be an structure that fits an IP address */
int processConnection(const char *client, int cPort,
const char *server, int sPort);
int processURI(const char *uri, const char *protocol,
const char *http_version);
/**
* Types of request body that ModSecurity may give a special treatment
* for the data.
*/
enum RequestBodyType {
/**
*
*/
UnknownFormat,
/**
*
*/
MultiPartRequestBody,
/**
*
*/
WWWFormUrlEncoded,
/**
*
*/
JSONRequestBody,
/**
*
*/
XMLRequestBody
};
int processRequestHeaders();
int addRequestHeader(const std::string& key, const std::string& value);
int addRequestHeader(const unsigned char *key, const unsigned char *value);
int addRequestHeader(const unsigned char *key, size_t len_key,
const unsigned char *value, size_t len_value);
int processRequestBody();
int appendRequestBody(const unsigned char *body, size_t size);
int requestBodyFromFile(const char *path);
int processResponseHeaders(int code, const std::string& proto);
int addResponseHeader(const std::string& key, const std::string& value);
int addResponseHeader(const unsigned char *key, const unsigned char *value);
int addResponseHeader(const unsigned char *key, size_t len_key,
const unsigned char *value, size_t len_value);
int processResponseBody();
int appendResponseBody(const unsigned char *body, size_t size);
int processLogging();
int updateStatusCode(int status);
bool intervention(ModSecurityIntervention *it);
bool addArgument(const std::string& orig, const std::string& key,
const std::string& value, size_t offset);
bool extractArguments(const std::string &orig, const std::string& buf,
size_t offset);
const char *getResponseBody();
size_t getResponseBodyLength();
size_t getRequestBodyLength();
#ifndef NO_LOGS
void debug(int, std::string) const;
#endif
void serverLog(std::shared_ptr<RuleMessage> rm);
int getRuleEngineState();
std::string toJSON(int parts);
std::string toOldAuditLogFormat(int parts, const std::string &trailer);
std::string toOldAuditLogFormatIndex(const std::string &filename,
double size, const std::string &md5);
/**
* Filled during the class instantiation, this variable can be later
* used to fill the SecRule variable `duration'. The variable `duration'
* is dynamic calculated, it is always relative to the value found in
* m_creationTimeStamp.
*
* @note There is space for performance improvement. This value don't
* need to be filled if there is no rule using the variable
* `duration'.
*/
clock_t m_creationTimeStamp;
/**
* Holds the client IP address.
*/
std::string m_clientIpAddress;
/**
* Holds the HTTP version: 1.2, 2.0, 3.0 and so on....
*/
std::string m_httpVersion;
/**
* Holds the server IP Address
*/
std::string m_serverIpAddress;
/**
* Holds the raw URI that was requested.
*/
std::string m_uri;
/**
* Holds the URI that was requests (without the query string).
*/
std::string m_uri_no_query_string_decoded;
/**
* Holds the combined size of all arguments, later used to fill the
* variable ARGS_COMBINED_SIZE.
*/
double m_ARGScombinedSizeDouble;
/**
* Client tcp port.
*/
int m_clientPort;
/**
* This variable is set by the action `severity' and later can be
* consulted via the SecLanguage variable HIGHEST_SEVERITY.
*/
int m_highestSeverityAction;
/**
* Holds the HTTP return code when it is known. If 0 nothing was
* set.
*/
int m_httpCodeReturned;
/**
* Holds the server port.
*/
int m_serverPort;
/**
* ModSecurity instance used to start this transaction. Basically used
* to fill the server log whenever is needed.
*/
ModSecurity *m_ms;
/**
* Holds the type of the request body, in case there is one.
*/
RequestBodyType m_requestBodyType;
/**
* Holds the request body "processor"
*/
RequestBodyType m_requestBodyProcessor;
/**
* Rules object utilized during this specific transaction.
*/
Rules *m_rules;
/**
*
*/
std::list<int > m_ruleRemoveById;
std::list<std::pair<int, int> > m_ruleRemoveByIdRange;
/**
*
*/
std::list<std::string> m_ruleRemoveByTag;
/**
*
*/
std::list< std::pair<std::string, std::string> > m_ruleRemoveTargetByTag;
/**
*
*/
std::list< std::pair<int, std::string> > m_ruleRemoveTargetById;
/**
*
*/
int m_requestBodyAccess;
/**
* The list m_auditLogModifier contains modifications to the `auditlogs'
* for this specific request, those modifications can happens via the
* utilization of the action: `ctl:auditLogParts='
*
*/
std::list< std::pair<int, std::string> > m_auditLogModifier;
/**
* This variable holds all the messages asked to be save by the utilization
* of the actions: `log_data' and `msg'. These should be included on the
* auditlogs.
*/
std::list<modsecurity::RuleMessage> m_rulesMessages;
/**
* Holds the request body, in case of any.
*/
std::ostringstream m_requestBody;
/**
* Holds the response body, in case of any.
*/
std::ostringstream m_responseBody;
/**
* Contains the unique ID of the transaction. Use by the variable
* `UNIQUE_ID'. This unique id is also saved as part of the AuditLog.
*/
std::string m_id;
/**
* Holds the SecMarker name that this transaction should wait to perform
* rules evaluation again.
*/
std::string m_marker;
/**
* Holds the amount of rules that should be skipped. If bigger than 0 the
* current rule should be skipped and the number needs to be decreased.
*/
int m_skip_next;
/**
* If allow action was utilized, this variable holds the allow type.
*/
modsecurity::actions::disruptive::AllowType m_allowType;
/**
* Holds the decode URI. Notice that m_uri holds the raw version
* of the URI.
*/
std::string m_uri_decoded;
/**
* Actions (disruptive?) that should be taken by the connector related to
* that transaction.
*/
std::vector<ModSecurityIntervention> m_actions;
ModSecurityIntervention m_it;
/**
* Holds the creation time stamp, using std::time.
*
* TODO: m_timeStamp and m_creationTimeStamp may be merged into a single
* variable.
*/
time_t m_timeStamp;
/**
* Holds all the collections related to that transaction.
*/
collection::Collections m_collections;
/**
* Holds the whatever matched in the operation utilization.
* That variable will be further used by the capture action.
*
*/
std::list<std::string> m_matched;
RequestBodyProcessor::XML *m_xml;
RequestBodyProcessor::JSON *m_json;
int m_secRuleEngine;
std::string m_variableDuration;
std::map<std::string, std::string> m_variableEnvs;
std::string m_variableHighestSeverityAction;
std::string m_variableRemoteUser;
std::string m_variableTime;
std::string m_variableTimeDay;
std::string m_variableTimeEpoch;
std::string m_variableTimeHour;
std::string m_variableTimeMin;
std::string m_variableTimeSec;
std::string m_variableTimeWDay;
std::string m_variableTimeYear;
private:
/**
* Pointer to the callback function that will be called to fill
* the web server (connector) log.
*/
void *m_logCbData;
};
#endif
#ifdef __cplusplus
extern "C" {
#endif
/** @ingroup ModSecurity_C_API */
Transaction *msc_new_transaction(ModSecurity *ms,
Rules *rules, void *logCbData);
/** @ingroup ModSecurity_C_API */
Transaction *msc_new_transaction_with_id(ModSecurity *ms,
Rules *rules, char *id, void *logCbData);
/** @ingroup ModSecurity_C_API */
int msc_process_connection(Transaction *transaction,
const char *client, int cPort, const char *server, int sPort);
/** @ingroup ModSecurity_C_API */
int msc_process_request_headers(Transaction *transaction);
/** @ingroup ModSecurity_C_API */
int msc_add_request_header(Transaction *transaction, const unsigned char *key,
const unsigned char *value);
/** @ingroup ModSecurity_C_API */
int msc_add_n_request_header(Transaction *transaction,
const unsigned char *key, size_t len_key, const unsigned char *value,
size_t len_value);
/** @ingroup ModSecurity_C_API */
int msc_process_request_body(Transaction *transaction);
/** @ingroup ModSecurity_C_API */
int msc_append_request_body(Transaction *transaction,
const unsigned char *body, size_t size);
/** @ingroup ModSecurity_C_API */
int msc_request_body_from_file(Transaction *transaction, const char *path);
/** @ingroup ModSecurity_C_API */
int msc_process_response_headers(Transaction *transaction, int code,
const char* protocol);
/** @ingroup ModSecurity_C_API */
int msc_add_response_header(Transaction *transaction,
const unsigned char *key, const unsigned char *value);
/** @ingroup ModSecurity_C_API */
int msc_add_n_response_header(Transaction *transaction,
const unsigned char *key, size_t len_key, const unsigned char *value,
size_t len_value);
/** @ingroup ModSecurity_C_API */
int msc_process_response_body(Transaction *transaction);
/** @ingroup ModSecurity_C_API */
int msc_append_response_body(Transaction *transaction,
const unsigned char *body, size_t size);
/** @ingroup ModSecurity_C_API */
int msc_process_uri(Transaction *transaction, const char *uri,
const char *protocol, const char *http_version);
/** @ingroup ModSecurity_C_API */
const char *msc_get_response_body(Transaction *transaction);
/** @ingroup ModSecurity_C_API */
size_t msc_get_response_body_length(Transaction *transaction);
/** @ingroup ModSecurity_C_API */
size_t msc_get_request_body_length(Transaction *transaction);
/** @ingroup ModSecurity_C_API */
void msc_transaction_cleanup(Transaction *transaction);
/** @ingroup ModSecurity_C_API */
int msc_intervention(Transaction *transaction, ModSecurityIntervention *it);
/** @ingroup ModSecurity_C_API */
int msc_process_logging(Transaction *transaction);
/** @ingroup ModSecurity_C_API */
int msc_update_status_code(Transaction *transaction, int status);
#ifdef __cplusplus
}
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_TRANSACTION_H_

56
deps/src/ModSecurity/headers/modsecurity/variable_origin.h vendored Normal file
View File

@@ -0,0 +1,56 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <string>
#endif
#ifndef HEADERS_MODSECURITY_VARIABLE_ORIGIN_H_
#define HEADERS_MODSECURITY_VARIABLE_ORIGIN_H_
#ifndef __cplusplus
typedef struct DebugLog_t DebugLog;
#endif
#ifdef __cplusplus
namespace modsecurity {
/** @ingroup ModSecurity_CPP_API */
class VariableOrigin {
public:
VariableOrigin()
: m_length(0),
m_offset(0) { }
std::string toText() {
std::string offset = std::to_string(m_offset);
std::string len = std::to_string(m_length);
return "v" + offset + "," + len;
}
int m_length;
size_t m_offset;
};
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_VARIABLE_ORIGIN_H_

119
deps/src/ModSecurity/headers/modsecurity/variable_value.h vendored Normal file
View File

@@ -0,0 +1,119 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifdef __cplusplus
#include <string>
#include <iostream>
#include <memory>
#include <list>
#include <utility>
#endif
#include "modsecurity/variable_origin.h"
#ifndef HEADERS_MODSECURITY_VARIABLE_VALUE_H_
#define HEADERS_MODSECURITY_VARIABLE_VALUE_H_
#ifndef __cplusplus
typedef struct Variable_t VariableValue;
#endif
#ifdef __cplusplus
namespace modsecurity {
class Collection;
class VariableValue {
public:
using Origins = std::list<std::unique_ptr<VariableOrigin>>;
VariableValue(const std::string *key,
const std::string *value = nullptr)
: m_key(*key),
m_keyWithCollection(*key),
m_collection(""),
m_value(value != nullptr?*value:"")
{ }
VariableValue(const std::string *collection,
const std::string *key,
const std::string *value)
: m_key(*key),
m_keyWithCollection(*collection + ":" + *key),
m_collection(*collection),
m_value(*value)
{ }
explicit VariableValue(const VariableValue *o) :
m_key(o->m_key),
m_value(o->m_value),
m_collection(o->m_collection),
m_keyWithCollection(o->m_keyWithCollection)
{
for (auto &i : o->m_orign) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
origin->m_offset = i->m_offset;
origin->m_length = i->m_length;
m_orign.push_back(std::move(origin));
}
}
const std::string& getKey() const {
return m_key;
}
const std::string& getKeyWithCollection() const {
return m_keyWithCollection;
}
const std::string& getCollection() const {
return m_collection;
}
const std::string& getValue() const {
return m_value;
}
void setValue(const std::string &value) {
m_value = value;
}
void addOrigin(std::unique_ptr<VariableOrigin> origin) {
m_orign.push_back(std::move(origin));
}
const Origins& getOrigin() const {
return m_orign;
}
private:
Origins m_orign;
std::string m_collection;
std::string m_key;
std::string m_keyWithCollection;
std::string m_value;
};
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_VARIABLE_VALUE_H_

263
deps/src/ModSecurity/modsecurity.conf-recommended vendored Normal file
View File

@@ -0,0 +1,263 @@
# -- Rule engine initialization ----------------------------------------------
# Enable ModSecurity, attaching it to every transaction. Use detection
# only to start with, because that minimises the chances of post-installation
# disruption.
#
SecRuleEngine DetectionOnly
# -- Request body handling ---------------------------------------------------
# Allow ModSecurity to access request bodies. If you don't, ModSecurity
# won't be able to see any POST parameters, which opens a large security
# hole for attackers to exploit.
#
SecRequestBodyAccess On
# Enable XML request body parser.
# Initiate XML Processor in case of xml content-type
#
SecRule REQUEST_HEADERS:Content-Type "(?:application(?:/soap\+|/)|text/)xml" \
"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
# Enable JSON request body parser.
# Initiate JSON Processor in case of JSON content-type; change accordingly
# if your application does not use 'application/json'
#
SecRule REQUEST_HEADERS:Content-Type "application/json" \
"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
# Maximum request body size we will accept for buffering. If you support
# file uploads then the value given on the first line has to be as large
# as the largest file you are willing to accept. The second value refers
# to the size of data, with files excluded. You want to keep that value as
# low as practical.
#
SecRequestBodyLimit 13107200
SecRequestBodyNoFilesLimit 131072
# What do do if the request body size is above our configured limit.
# Keep in mind that this setting will automatically be set to ProcessPartial
# when SecRuleEngine is set to DetectionOnly mode in order to minimize
# disruptions when initially deploying ModSecurity.
#
SecRequestBodyLimitAction Reject
# Verify that we've correctly processed the request body.
# As a rule of thumb, when failing to process a request body
# you should reject the request (when deployed in blocking mode)
# or log a high-severity alert (when deployed in detection-only mode).
#
SecRule REQBODY_ERROR "!@eq 0" \
"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
# By default be strict with what we accept in the multipart/form-data
# request body. If the rule below proves to be too strict for your
# environment consider changing it to detection-only. You are encouraged
# _not_ to remove it altogether.
#
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
"id:'200003',phase:2,t:none,log,deny,status:400, \
msg:'Multipart request body failed strict validation: \
PE %{REQBODY_PROCESSOR_ERROR}, \
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
DB %{MULTIPART_DATA_BEFORE}, \
DA %{MULTIPART_DATA_AFTER}, \
HF %{MULTIPART_HEADER_FOLDING}, \
LF %{MULTIPART_LF_LINE}, \
SM %{MULTIPART_MISSING_SEMICOLON}, \
IQ %{MULTIPART_INVALID_QUOTING}, \
IP %{MULTIPART_INVALID_PART}, \
IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
# Did we see anything that might be a boundary?
#
# Here is a short description about the ModSecurity Multipart parser: the
# parser returns with value 0, if all "boundary-like" line matches with
# the boundary string which given in MIME header. In any other cases it returns
# with different value, eg. 1 or 2.
#
# The RFC 1341 descript the multipart content-type and its syntax must contains
# only three mandatory lines (above the content):
# * Content-Type: multipart/mixed; boundary=BOUNDARY_STRING
# * --BOUNDARY_STRING
# * --BOUNDARY_STRING--
#
# First line indicates, that this is a multipart content, second shows that
# here starts a part of the multipart content, third shows the end of content.
#
# If there are any other lines, which starts with "--", then it should be
# another boundary id - or not.
#
# After 3.0.3, there are two kinds of types of boundary errors: strict and permissive.
#
# If multipart content contains the three necessary lines with correct order, but
# there are one or more lines with "--", then parser returns with value 2 (non-zero).
#
# If some of the necessary lines (usually the start or end) misses, or the order
# is wrong, then parser returns with value 1 (also a non-zero).
#
# You can choose, which one is what you need. The example below contains the
# 'strict' mode, which means if there are any lines with start of "--", then
# ModSecurity blocked the content. But the next, commented example contains
# the 'permissive' mode, then you check only if the necessary lines exists in
# correct order. Whit this, you can enable to upload PEM files (eg "----BEGIN.."),
# or other text files, which contains eg. HTTP headers.
#
# The difference is only the operator - in strict mode (first) the content blocked
# in case of any non-zero value. In permissive mode (second, commented) the
# content blocked only if the value is explicit 1. If it 0 or 2, the content will
# allowed.
#
#
# See #1747 and #1924 for further information on the possible values for
# MULTIPART_UNMATCHED_BOUNDARY.
#
SecRule MULTIPART_UNMATCHED_BOUNDARY "@eq 1" \
"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
# PCRE Tuning
# We want to avoid a potential RegEx DoS condition
#
SecPcreMatchLimit 1000
SecPcreMatchLimitRecursion 1000
# Some internal errors will set flags in TX and we will need to look for these.
# All of these are prefixed with "MSC_". The following flags currently exist:
#
# MSC_PCRE_LIMITS_EXCEEDED: PCRE match limits were exceeded.
#
SecRule TX:/^MSC_/ "!@streq 0" \
"id:'200005',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
# -- Response body handling --------------------------------------------------
# Allow ModSecurity to access response bodies.
# You should have this directive enabled in order to identify errors
# and data leakage issues.
#
# Do keep in mind that enabling this directive does increases both
# memory consumption and response latency.
#
SecResponseBodyAccess On
# Which response MIME types do you want to inspect? You should adjust the
# configuration below to catch documents but avoid static files
# (e.g., images and archives).
#
SecResponseBodyMimeType text/plain text/html text/xml
# Buffer response bodies of up to 512 KB in length.
SecResponseBodyLimit 524288
# What happens when we encounter a response body larger than the configured
# limit? By default, we process what we have and let the rest through.
# That's somewhat less secure, but does not break any legitimate pages.
#
SecResponseBodyLimitAction ProcessPartial
# -- Filesystem configuration ------------------------------------------------
# The location where ModSecurity stores temporary files (for example, when
# it needs to handle a file upload that is larger than the configured limit).
#
# This default setting is chosen due to all systems have /tmp available however,
# this is less than ideal. It is recommended that you specify a location that's private.
#
SecTmpDir /tmp/
# The location where ModSecurity will keep its persistent data. This default setting
# is chosen due to all systems have /tmp available however, it
# too should be updated to a place that other users can't access.
#
SecDataDir /tmp/
# -- File uploads handling configuration -------------------------------------
# The location where ModSecurity stores intercepted uploaded files. This
# location must be private to ModSecurity. You don't want other users on
# the server to access the files, do you?
#
#SecUploadDir /opt/modsecurity/var/upload/
# By default, only keep the files that were determined to be unusual
# in some way (by an external inspection script). For this to work you
# will also need at least one file inspection rule.
#
#SecUploadKeepFiles RelevantOnly
# Uploaded files are by default created with permissions that do not allow
# any other user to access them. You may need to relax that if you want to
# interface ModSecurity to an external program (e.g., an anti-virus).
#
#SecUploadFileMode 0600
# -- Debug log configuration -------------------------------------------------
# The default debug log configuration is to duplicate the error, warning
# and notice messages from the error log.
#
#SecDebugLog /opt/modsecurity/var/log/debug.log
#SecDebugLogLevel 3
# -- Audit log configuration -------------------------------------------------
# Log the transactions that are marked by a rule, as well as those that
# trigger a server error (determined by a 5xx or 4xx, excluding 404,
# level response status codes).
#
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
# Log everything we know about a transaction.
SecAuditLogParts ABIJDEFHZ
# Use a single file for logging. This is much easier to look at, but
# assumes that you will use the audit log only ocassionally.
#
SecAuditLogType Serial
SecAuditLog /var/log/modsec_audit.log
# Specify the path for concurrent audit logging.
#SecAuditLogStorageDir /opt/modsecurity/var/audit/
# -- Miscellaneous -----------------------------------------------------------
# Use the most commonly used application/x-www-form-urlencoded parameter
# separator. There's probably only one application somewhere that uses
# something else so don't expect to change this value.
#
SecArgumentSeparator &
# Settle on version 0 (zero) cookies, as that is what most applications
# use. Using an incorrect cookie version may open your installation to
# evasion attacks (against the rules that examine named cookies).
#
SecCookieFormat 0
# Specify your Unicode Code Point.
# This mapping is used by the t:urlDecodeUni transformation function
# to properly map encoded data to your language. Properly setting
# these directives helps to reduce false positives and negatives.
#
SecUnicodeMapFile unicode.mapping 20127
# Improve the quality of ModSecurity by sharing information about your
# current ModSecurity version and dependencies versions.
# The following information will be shared: ModSecurity version,
# Web Server version, APR version, PCRE version, Lua version, Libxml2
# version, Anonymous unique id for host.
SecStatusEngine On

10
deps/src/ModSecurity/modsecurity.pc.in vendored Normal file
View File

@@ -0,0 +1,10 @@
prefix=@prefix@
exec_prefix=@exec_prefix@
libdir=@libdir@
includedir=@includedir@
Name: ModSecurity
Description: ModSecurity API
Version: @MSC_VERSION_WITH_PATCHLEVEL@
Cflags: -I@includedir@
Libs: -L@libdir@ -lmodsecurity

28
deps/src/ModSecurity/others/Makefile.am vendored Normal file
View File

@@ -0,0 +1,28 @@
noinst_LTLIBRARIES = libinjection.la libmbedtls.la
libinjection_la_SOURCES = \
libinjection/src/libinjection_html5.c \
libinjection/src/libinjection_sqli.c \
libinjection/src/libinjection_xss.c
noinst_HEADERS = \
libinjection/src/libinjection.h \
libinjection/src/libinjection_html5.h \
libinjection/src/libinjection_sqli.h \
libinjection/src/libinjection_sqli_data.h \
libinjection/src/libinjection_xss.h \
mbedtls/base64.h \
mbedtls/check_config.h \
mbedtls/mbed-tls-config.h \
mbedtls/md5.h \
mbedtls/platform.h \
mbedtls/sha1.h
libmbedtls_la_SOURCES = \
mbedtls/base64.c \
mbedtls/md5.c \
mbedtls/sha1.c
libmbedtls_la_CFLAGS = -D MBEDTLS_CONFIG_FILE=\"mbed-tls-config.h\" -Iothers
libmbedtls_la_CPPFLAGS =
libmbedtls_la_LIBADD =

87
deps/src/ModSecurity/others/libinjection/.github/workflows/ci.yml vendored Normal file
View File

@@ -0,0 +1,87 @@
name: CI
on:
push:
pull_request:
jobs:
cppcheck:
runs-on: ubuntu-20.04
name: cppcheck
steps:
- uses: actions/checkout@v2
name: checkout repo
- name: Setup Dependencies
run: |
sudo apt-get update -y -qq
sudo apt-get install cppcheck
- name: cppcheck
run: |
cppcheck --std=c89 \
--enable=all \
--inconclusive \
--suppress=variableScope \
--suppress=missingIncludeSystem \
--quiet \
--error-exitcode=1 \
--template='{file}:{line} {id} {severity} {message}' \
.
clang-static:
runs-on: ubuntu-20.04
name: clang static check
steps:
- uses: actions/checkout@v2
name: checkout repo
- name: make analyze
run: make analyze
working-directory: src
env:
CFLAGS: '-g -ansi -fpic -O3 -Weverything -Wno-unused-macros -Wno-padded -Wno-covered-switch-default -Wno-disabled-macro-expansion -Werror'
build-linux:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-20.04, ubuntu-18.04, ubuntu-16.04]
platform: [x32, x64]
compiler: [gcc, clang]
steps:
- uses: actions/checkout@v2
- name: Setup Dependencies
run: |
sudo apt-get update -y -qq
sudo apt-get install valgrind
- name: build
run: make all
- name: test
run: make -e check
- name: clean
run: make clean
- name: build pedantic
run: make all
env:
CFLAGS: '-Wall -Wextra -Werror -pedantic -ansi -g -O1'
- name: test valgrind
run: make -e check
env:
VALGRIND: 'valgrind --gen-suppressions=no --leak-check=full --show-leak-kinds=all --read-var-info=yes --error-exitcode=1 --track-origins=yes --suppressions=/home/runner/work/libinjection/libinjection/src/alpine.supp'
build-macos:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [macos-10.15]
compiler: [gcc, clang]
steps:
- uses: actions/checkout@v2
- name: build
run: make all
- name: test
run: make -e check
- name: clean
run: make clean
- name: build pedantic
run: make all
env:
CFLAGS: '-Wall -Wextra -Werror -pedantic -ansi -g -O1'

46
deps/src/ModSecurity/others/libinjection/.gitignore vendored Normal file
View File

@@ -0,0 +1,46 @@
*~
*.pyc
*.dSYM
c/#*
*.plist
*.info
*.gch
*.gcov
# gnu autotest
*.trs
#aclocal.m4
app.info
autom4te.cache
#compile
config.h
#config.h.in
#config.guess
config.log
config.status
#config.sub
#configure
configure.scan
coverage_report
#depcomp
#install-sh
#libtool
#ltmain.sh
#Makefile.in
#m4
#missing
stamp-h1
*~
*.html
*.log
*.o
*.la
*.so*
*.a
.deps
*.tar*
*.zip
*.lo
*.gcno
*.gcda

2
deps/src/ModSecurity/others/libinjection/CHANGELOG vendored Normal file
View File

@@ -0,0 +1,2 @@
see CHANGELOG.md

288
deps/src/ModSecurity/others/libinjection/CHANGELOG.md vendored Normal file
View File

@@ -0,0 +1,288 @@
# NEXT
* [#126](/client9/libinjection/issues/126) oracle false negative
* [#117](/client9/libinjection/issues/117) [#116](/client9/libinjection/issues/116) - overread in XSS
* [#112](/client9/libinjection/issues/112) fix shared library on macOS
* [#122](/client9/libinjection/issues/122) [#115](/client9/libinjection/issues/115) - false positive issue for XSS
* [#113](/client9/libinjection/issues/113) save space in struct
* [#126](/client9/libinjection/issues/126) add usage to sqli cli tool
* [#125](/client9/libinjection/issues/125) many false positives
* [#114](/client9/libinjection/issues/114) false negative with TSQL and "IF NOT" operation
# v3.9.2 - 2016-05-21
* Release of whatever changes have been made over the last 2.5 years.
# v3.9.1 - 2013-12-26
Day-After-Christmas Edition
* No functional changes
* Code reverted to strict C90 style to allow builds on embedded systems, Windows and FreeBSD
* For gcc this means `-std=c90 -pedantic`, which seems to simulate Windows behavior on Linux
* Other minor style changes to header files.
# v3.9.0 - 2013-11-29
Black Friday Edition
* Big API Change!! everything in `libinjection.h` is now `libinjection_sqli.h`. And a new super simple API is in `libinjection.h`
* Improvements to folder to prevent bypasses using SQL types (casts). This eliminated about 400 fingerprints as well.
* Blacklisted a very degenerate MySQL ODBC case, that is highly unlike to be used in 'real inputs'. thanks to @LightOS foreporting.. not clear who found it originally.
* Over 400 unit tests now!
* Compiles clean under clang with `-Weverything -Wno-padded` `-Wno-padded` is excluded since it's architecture dependant. See `clang.sh` to see how to invoke.
* PHP documentation fixes, thanks @LightOS
# v3.8.0 - 2013-10-18
LAMP Special Edition: MySQL and PHP improvements
* [Issue #33](https://github.com/client9/libinjection/issues/54) Fixes MySQL in latin1-mode use of `%A0` as whitespace. This was tricky since `%A0` might be part of larger UTF-8 encoding as well. Or perhaps `%C2%A0` (utf-8 encoding) might be treated as whitespace. Fortunately, MySQL only seems to treat `%A0` as whitespace in latin1 mode. HT [@ru_raz0r](https://twitter.com/ru_raz0r)
* Fixes to Lua testdriver and portability fixes
* Much improved PHP build and test. It now uses `phpize` and builds and tests like a real module.
* API CHANGE: the macro `LIBINJECTION_VERSION` has been replaced by `const char* libinjection_version()`. This allows us to increment the version number without having to regenerate SWIG (or other) bindings for minor releases.
NOTE:
Pregenerated [SWIG](http://www.swig.org/) bindings are removed. You'll need to install SWIG before running `make`. SWIG is packaged on virtually every OS so this should not be a problem.
Here's why:
* Latest versions of swig appear to generate poor quality bindings for LUA and Python. Bugs are filed upstream [1341](https://sourceforge.net/p/swig/bugs/1341/), [1343](https://sourceforge.net/p/swig/bugs/1343/), [1345](https://sourceforge.net/p/swig/bugs/1345/). These are fixed or will be fixed in swig 3.0.0.
* In addition, I've received a number of reports of generated code failing various static analysis
* I can't triangulate which SWIG for which language for which OS will work for you
* I may be switching to [libffi](http://cffi.readthedocs.org/) for python, and [luajit.ffi](http://luajit.org/ext_ffi.html) for lua(jit) in the future, anyways.
# v3.7.1 -- 2013-10-13
* Remove un-needed code
# v3.7.0 -- 2013-10-13
Major Release
* [Issue #54](https://github.com/client9/libinjection/issues/54): Add test vectors from [Arne Swinnen](http://www.arneswinnen.net/2013/09/automated-sql-injection-detection/). Thanks [qerub@github](https://github.com/qerub)
* Minor fingerprint update for [Issue #54](https://github.com/client9/libinjection/issues/54). I don't really think it's valid SQL but it's safe enough to detect without false positives.
* [Issue #55](https://github.com/client9/libinjection/issues/55): Parse MS SQLSERVER use of \[brackets\] for column and table names. This is a big one that closes a lot of holes. Thanks [nroggle@github](https://github.com/nroggel)
* [Issue #56](https://github.com/client9/libinjection/issues/56): fix buffer over-read. Thanks [safe3@github](https://github.com/Safe3) and [flily@github](https://github.com/flily)
* Remove use of `-fstack-protector` as it breaks valgrind detecting memory problems
Read more about it http://blog.client9.com/2013/10/12/gcc-valgrind-stackprotector.html
* Fixed folding issue where `1,-sin(1))` would be folded as `1 (1)`
* Add more test cases and improved test coverage to [98.8%](https://libinjection.client9.com/cicada/artifacts/libinjection-coverage-unittest/lcov-html/c/libinjection_sqli.c.gcov.html)
# v3.6.0 -- 2013-09-11
* New PHP API
* Big fingerprint update
** about 500 new fingerprints added based on fuzzing tests by Reto Ischi
** about 700 impossible, dead fingerprints removed
** adding folding rule for "sqltype sqltype -> sqltype" since
`select binary binary binary 1` is valid
* Other minor fingerprints added
* -maybe- API change as typedefs and structs were re-arranged for SWIG
# v3.5.3 -- 2013-08-25
* Fingerprint update -- `BETWEEN` operation bypasses
* Fingerprint update -- `ANY/SOME` quasi-function bypasses
* Fixed issue with folding where `1-(2-3)` would fold to "nothing" instead of `1`
* Improved test coverage to [98.0%](https://libinjection.client9.com/cicada/artifacts/libinjection-coverage-unittest/lcov-html/c/libinjection_sqli.c.gcov.html)
* More adjustments to the PHP/MYSQL backtick to reduce false positives
# v3.5.2 -- 2013-08-21
* Fingerprint update. Credit: Reto Ischi
# v3.5.1 -- 2013-08-21
* found regression in handling of PHP/MySQL backticks. Tests added
* Dead code removed.
* Improved test coverage to [97.7%](https://libinjection.client9.com/cicada/artifacts/libinjection-coverage-unittest/lcov-html/c/libinjection_sqli.c.gcov.html)
# v3.5.0 -- 2013-08-21
* Bug fix for libinjection_sqli_reset @brianrectanus
https://github.com/client9/libinjection/pull/50
* Non-critical parser fix for numbers with oracle's ending
suffix. "SELECT 1FROM .." -> (SELECT, 1, FROM) not
(SELECT, 1F, ROM)
* Yet another fix for disambiguating Oracle's "f" suffix for numbers HT @LightOS
* Better parsing of generated number forms of "10.e" and "10.10e"
(these are actually table specifiers!) HT @LightOS
* Change sizing of some static arrays to have a length >= 8
For GCC based applications, this allows -fstack-protector to work
and -Wstack-protector will now not emit errors.
* Added '-fstack-protector-all -D_FORTIFY_SOURCE=2' to default CFLAGS.
About 10% performance loss with -fstack-protector-all
* Improvements in reducing false positives, HT modsecurity team
* Add fingerprint, HT @FluxReiners
* Support for parsing of old ODBC-style typing, e.g. 'select {foo 1};' (valid in MySQL)
* Fix tokenization of "IF EXISTS(....", "IF NOT EXISTS(..."
* Fi possible stack over-read, and improve detection of "sp_password" flag
in short sqli HT modsecurity team
# v3.4.1 2013-07-18
* Fingerprint update only HT @LightOS
# v3.4.0 2013-07-18
* Fix regression with COLLATE
* Handle "procedure analyze" under MySQL
* Make API most robust when setting flags
* Add folding API
* Add new all-C test driver to improve testing speed
* Makefile cleanups
* Fired Jenkins! Using in-house system.
* Fixed bypass reported by @FluxReiners
# v3.3.0 2013-07-13
* change how backslash is handled to catch old MSSQL servers sqli
See http://websec.ca/kb/sql_injection#MSSQL_Allowed_Intermediary_Chars_AND-OR
for details
* Reworking of COLLATE to handle MySQL, TSQL types automatically
* Handle bizarro world TSQL '\%1' which is parsed as "0 % 1"
* Better stacked query detection, fixing some regressions
* Folding improvements
* False positive improvements
# v3.2.0 2013-07-12
* Parse binary litterals "0b010101" used by at least mysql and pgsql
* Add fingerprints '1&EUE', '1&EkU' to work around ambiguous parsing rules
"-1.for" == '-1.f OR' vs. '-1. FOR' CREDIT @LightOS
* Add parsing rules for COLLATION in MySQL, CREDIT @LightOS
* Reduce false positives by removing all fingerprints that contained "sn"
* Improvement in handling MySQL 'binary' quasi-operator/type
* Improvements in folding
* Removed dependency on SWIG for installing python module
# v3.1.0 2013-07-02
* Fix for parsing Oracle numeric literals
* Fix for oracle whitespace with null char.
* Add unusual SQL join types to keywords lists
* Minor fixes to python API examples
# v3.0.0 2013-06-23
Big Release and Big Engine change. Highly recommend
* Numerous evasions and false positives fixed!
* Tokenizer is now really dumb, and publically exposed. See `libinjection_sqli_tokenize`.
* Folding engine completely rewritten to be simpler and easier to extend, debug, port.
* MySQL `backticks` now handled correctly
* @"var" and @'var' parsed correctly (mysql)
* ":=" operator parsed correctly
* non-ascii SQL variables and barewords handled correctly
* less false positives and those that are false positives
are more "indeterminate cases" and are only in a few
fingerprints
* autogeneration of fingerprints with trivial SQL variations
* support for pgsql $ strings
* support for oracle's q and nq strings
* support for mysql's n strings
* parsing stats exposed
* new swig bindings for python and lua, with callbacks into original scripting
language for accept/reject of fingerprints (i.e. manage fingerprints in
script, not C code)
* Improved parsing of various special cases in MySQL
* Ban MySQL conditional comments. If we find them, it's marked as SQLi immediately.
* Probably a bunch of other stuff too
# v2.0.4 2013-05-21 IMPORTANT
All users are advised to upgrade due to risk of DOS
## security
* more fingerprints, more tests
* Issue 34: fix infinite loop
# v2.0.3 2013-05-21
## security
* Add variations on '1U(((', thanks @LightOS
* Add automatically all variations on other cases of
'parens padding'
# v2.0.2 2013-05-21
## security
* Added fingerprint 'nU(kn' and variations, thanks to
discussion with @ModSecurity .
# v2.0.1 2013-05-21
## security
* Added fingerprint knknk, thanks @d0znpp
# v2.0.0 2013-05-17
Version 2 is more a software engineering release than SQLi.
The API, the code, and filenames are improved for embedded
use. Please see the README.md file for details on use.
## security
* Fix Issue30: detection of more small sqli forms with fingerprint "1c".
* Fix Issue32: false positive of '*/*' of type 'oc' Thanks to @brianrectanus
## API Changes
BIG CHANGES
* File name changes. These are the only relevant files:
* `c/libinjection.h`
* `c/libinjection_sqli.c`
* `c/libinjection_sqli_data.h`
* `COPYING`
* Just need to include `libinjection.h` and link with `libinjection_sqli_.c`
* `sqlparse_private.h` and `sqli_fingerprints.h` are deprecated.
Only use `#include "libinjection.h"`
* API name changes `is_sqli` and `is_string_sqli` are now
`libinjection_is_sqli` and `libinjection_is_string_sqli`
* API change, `libinjection_is_sqli` now takes a 5th arg for callback data
* API change, `libinjection_is_sqli` accepts `NULL` for arg4 and arg5
in which case, a default lookup of fingerprints is used.
* `sqlmap_data.json` now includes fingerprint information, so people making
ports only need to parse one file.
## other
* Allow `clang` compiler (also in Jenkins, a build with clang and
make-scan is done)
* Optimizations should result in > 10% performance improvement
for normal workloads
* Add `sqlite3` special functions and keywords (since why not)
# v1.2.0 2013-05-06
## security
* fix regression in detecting SQLi of type '1c'
##
* improved documentation, comments, edits.
# v1.1.0 2013-05-04
## security
* Fix for nested c-style comments used by postgresql and transact-sql.
Thanks to @Kanatoko for the report.
* Numerous additions to SQL functions lists (in particular pgsql, transact-sql
and ms-access functions)
Thanks to Christoffer Sawicki (GitHub "qerub") for report on cut-n-paste error.
Thanks to @ryancbarnett for reminder that MS-ACCESS exists ;-)
* Adding of fingerprints to detect HPP attacks.
* Algorihmically added new fingerprints to detect new _future_ sqli attacks. All of these
new fingerprints have no been seen 'in the wild' yet.
## other
* Replaced BSD memmem with optimzed version. This eliminates all 3rd party code.
* Added alpha python module (python setup.py install)
* Added sqlparse_fingerprints.h and sqlparse_data.json to aid porting and embeddeding.
* Added version number in sqlparse.h, based on
http://www.python.org/dev/peps/pep-0386/#normalizedversion
# v1.0.0 2013-04-24
* retroactive initial release
* all memory issues fixed

32
deps/src/ModSecurity/others/libinjection/COPYING vendored Normal file
View File

@@ -0,0 +1,32 @@
Copyright (c) 2012-2016, Nick Galbreath
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
https://github.com/client9/libinjection
http://opensource.org/licenses/BSD-3-Clause

110
deps/src/ModSecurity/others/libinjection/README.md vendored Normal file
View File

@@ -0,0 +1,110 @@
<img src="https://raw.githubusercontent.com/libinjection/libinjection/main/misc/libinjection.svg" width="70%">
![CI](https://github.com/libinjection/libinjection/workflows/CI/badge.svg)
[![license](https://img.shields.io/badge/license-BSD_3--Clause-blue.svg?style=flat)](https://raw.githubusercontent.com/client9/libinjection/master/COPYING)
SQL / SQLI tokenizer parser analyzer. For
* C and C++
* [PHP](https://libinjection.client9.com/doc-sqli-php)
* [Python](https://libinjection.client9.com/doc-sqli-python)
* [Lua](/lua)
* [Java](https://github.com/jeonglee/Libinjection) (external port)
* [LuaJIT/FFI] (https://github.com/p0pr0ck5/lua-ffi-libinjection) (external port)
See
[https://www.client9.com/](https://www.client9.com/)
for details and presentations.
Simple example:
```c
#include <stdio.h>
#include <strings.h>
#include <errno.h>
#include "libinjection.h"
#include "libinjection_sqli.h"
int main(int argc, const char* argv[])
{
struct libinjection_sqli_state state;
int issqli;
const char* input = argv[1];
size_t slen = strlen(input);
/* in real-world, you would url-decode the input, etc */
libinjection_sqli_init(&state, input, slen, FLAG_NONE);
issqli = libinjection_is_sqli(&state);
if (issqli) {
fprintf(stderr, "sqli detected with fingerprint of '%s'\n", state.fingerprint);
}
return issqli;
}
```
```
$ gcc -Wall -Wextra examples.c libinjection_sqli.c
$ ./a.out "-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
sqli detected with fingerprint of 's&1UE'
```
More advanced samples:
* [sqli_cli.c](/src/sqli_cli.c)
* [reader.c](/src/reader.c)
* [fptool](/src/fptool.c)
VERSION INFORMATION
===================
See [CHANGELOG](/CHANGELOG) for details.
Versions are listed as "major.minor.point"
Major are significant changes to the API and/or fingerprint format.
Applications will need recompiling and/or refactoring.
Minor are C code changes. These may include
* logical change to detect or suppress
* optimization changes
* code refactoring
Point releases are purely data changes. These may be safely applied.
QUALITY AND DIAGNOSITICS
========================
The continuous integration results at
https://travis-ci.org/client9/libinjection tests the following:
- [x] build and unit-tests under GCC
- [x] build and unit-tests under Clang
- [x] static analysis using [clang static analyzer](http://clang-analyzer.llvm.org)
- [x] static analysis using [cppcheck](https://github.com/danmar/cppcheck)
- [x] checks for memory errors using [valgrind](http://valgrind.org/)
LICENSE
=============
Copyright (c) 2012-2016 Nick Galbreath
Licensed under the standard [BSD 3-Clause](http://opensource.org/licenses/BSD-3-Clause) open source
license. See [COPYING](/COPYING) for details.
EMBEDDING
=============
The [src](https://github.com/client9/libinjection/tree/master/src)
directory contains everything, but you only need to copy the following
into your source tree:
* [src/libinjection.h](/src/libinjection.h)
* [src/libinjection_sqli.c](/src/libinjection_sqli.c)
* [src/libinjection_sqli_data.h](/src/libinjection_sqli_data.h)
* [COPYING](/COPYING)

33
deps/src/ModSecurity/others/libinjection/RELEASE-HOWTO.md vendored Normal file
View File

@@ -0,0 +1,33 @@
# libinjection release howto
Comments and improvements welcome.
## Update the internal version number
in `src/libinjection_sqli.c` edit the definition
```c
#define LIBINJECTION_VERSION "3.9.1"
```
## Update the CHANGELOG.md file
There isn't much of specific format. It's not GNU changelog style. Just make sure it looks good in markdown.
## test and commit
Something like this
```sh
make test
git commit -m 'VERSION'
```
## run ./tags.sh
This will get the version number from the file above and create a local
and remote tag.
## HELP!
I would be great to dump a src tarball on github releases.

20
deps/src/ModSecurity/others/libinjection/configure-clang-asan.sh vendored Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
set -e
#
# adjust as needed for your clang setup
#
# -Wno-padded padding can change by OS/version this check is really
# for embedded systems so it's ok to skip
#
# -Wno-covered-switch-default Don't warn if we have a switch that
# covers all of an enum AND we have a default. enums are only loosely
# typed, it's good to have a default: assert(0) in case someone does
# a bad cast, etc also this conflicts with GCC checks.
#
# -Wdisabled-macro-expansion triggered on some linux libc headers involving
# stdout and stdin definitions
#
make clean
export CC=clang
export CFLAGS="-g -ansi -fpic -O3 -Weverything -Wno-unused-macros -Wno-padded -Wno-covered-switch-default -Wno-disabled-macro-expansion -Werror -fsanitize=address"
make -e check

20
deps/src/ModSecurity/others/libinjection/configure-clang.sh vendored Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
set -e
#
# adjust as needed for your clang setup
#
# -Wno-padded padding can change by OS/version this check is really
# for embedded systems so it's ok to skip
#
# -Wno-covered-switch-default Don't warn if we have a switch that
# covers all of an enum AND we have a default. enums are only loosely
# typed, it's good to have a default: assert(0) in case someone does
# a bad cast, etc also this conflicts with GCC checks.
#
# -Wdisabled-macro-expansion triggered on some linux libc headers involving
# stdout and stdin definitions
#
make clean
export CC=clang
export CFLAGS="-g -ansi -fpic -O3 -Weverything -Wno-unused-macros -Wno-padded -Wno-covered-switch-default -Wno-disabled-macro-expansion -Werror"
make -e check

16
deps/src/ModSecurity/others/libinjection/configure-gcc-hardened.sh vendored Executable file
View File

@@ -0,0 +1,16 @@
#!/bin/sh
set -e
#
# See https://wiki.debian.org/Hardening for details
#
# -Wno-padded padding can change by OS/version this check is really
# for embedded systems so it's ok to skip
#
# -Wno-covered-switch-default Don't warn if we have a switch that
# covers all of an enum AND we have a default. enums are only loosely
# typed, it's good to have a default: assert(0) in case someone does
# a bad cast, etc also this conflicts with GCC checks.
#
make clean
export CFLAGS="-g -O3 -pie -fPIE -fPIC -fstack-protector --param ssp-buffer-size=4 -Wall -Wextra -Wformat -Wformat-security -Werror -Wcast-align -Wshadow -Wpointer-arith -Wcast-qual -Wstack-protector -D_FORTIFY_SOURCE=2 -ansi -pedantic"
make -e

11
deps/src/ModSecurity/others/libinjection/configure-gcov.sh vendored Executable file
View File

@@ -0,0 +1,11 @@
#!/bin/sh
set -e
#
# gprof build
#
make clean
export CC=gcc
export CFLAGS="-ansi -g -O0 -fprofile-arcs -ftest-coverage -Wall -Wextra"
make -e

9
deps/src/ModSecurity/others/libinjection/configure-gprof.sh vendored Executable file
View File

@@ -0,0 +1,9 @@
#!/bin/sh
set -e
#
# gprof build
#
make clean
export CFLAGS="-O2 -pg -ansi"
make -e

12
deps/src/ModSecurity/others/libinjection/data/README.md vendored Normal file
View File

@@ -0,0 +1,12 @@
Files in this directory are sample input for SQLi or false positives
Lines that are empty or start with `#` ignored. Otherwise they should
be URL-encoded "user input" as might be found in query string.
Each of the `sqli-\*.txt` files should generate a sqli match (with a few
outliers).
The `false-positive.txt` file are inputs that in the process of
development where falsely marked as sqli.

443
deps/src/ModSecurity/others/libinjection/data/false_positives.txt vendored Normal file
View File

@@ -0,0 +1,443 @@
#
# List of various inputs that failed and caused a false positive
#
24-7-TEAM
A-LAST-MINUTE
1/26/11
TRUE#LAST
1D0AA0A700000004/9GUH7NYWTMDHBAA CTFT0FG7/W4AWAABAAAAGK0WQAGHAAAAGAAABJMCGA=
HTTP://WWW.TINYBELLESBLOG.COM/2011/11/2ND-ANNIVERSARY3K-FAN-GIVEAWAY.HTML#{"COLOR":"#2A1100","BACKGROUNDCOLOR":"WHITE","UNVISITEDLINKCOLOR":"#D860A7","FONTFAMILY":"GEORGIA, SERIF"}
NOT ALL WHO WANDER
ALL NATURAL SKIN CARE
DAD TO BE
UNIQUE TABLE RUNNER
AS FOR ME AND MY HOUSE
LOCK AND KEY
1 BY 1 INCH PILLOWS
SET WITH ENVELOPES
FROM TO TAG CHRISTMAS
3 BY 5 RECIPE CARDS
3 TO 6 MONTHS
BY ORDER OF THE MANAGEMENT
A IS FOR ADORABLE
WHERE IS GEORGE
KEY TO MY HEART
Y'ALL COME BACK NOW
1950's dresses
EC-2HM85288X8372881C
4/_ZBKO2JKUCJC73C8KPIUDTJ3IMGM
MATS 5" BY 7"
I'M AFRAID SO. YOU'RE ENTIRELY BONKERS. BUT I'LL TELL YOU A SECRET THE BEST PEOPLE ARE" - ALICE
HUGE BRASS CLOCK GEAR 2 3/4" - VINTAGE
JACK-O'-LANTERN?
7 AND A HALF
7 FOR ALL MANKIND
5 AND A QUARTER BY 8 INCHES
40 AND FAB
6 KEY CHAR
3 FOR 20
F AND A NECKLACE
21 LONG IN
FD AND C COSMETIC COLORANT
2 OR 4 METAL BUTTONS
13 IS A LUCKY NUMBER
1 AND 1/2" BUTTON
"DARE TO BE AWESOME":
"ALASKA" + 1978
10 DOUBLE LOOP SETS
B IS FOR BLACK BY TATIANA SOROKA
DANCIN' LIKE A ROBOT ON FIRE
D AND D DICE
BE TRUE 2 U
B AND A PRINTS
"SWEATER DRESS" AND "CHRISTMAS"
SMALL "& SIGN
9-2-5 BLACK PUMPS
2-3/4 CELLO BAGS
30-30-60 INVITE
11-11-11 DAY POPPY
4-1-7-CUEIPNJF1QIETPB8PQBVZ5
1-1/8 PLUGS
1 1/8 PLUGS
1&1/8 PLUGS
909-527-9247
+1 (917) 666-0987
(9178787873)
(junk)
"PINK ROSES" -DRESS -CLOTHES -SWEATER -COAT -JACKET -SKIRT -PANTS -SHIRT
DRESS SIZE 20" -PATTERN -BABY
"CROSS STITCH" -PDF -WOOL
DRESS WITH HAT 18';
2:1320316063:9-3Z6OMATJOWG5BO2JWF3I2S0QEN:XXMET8ACIJ1CVLEHB5MBBW-NPIEQ:0440D7CD127A7FBFCB9D17B01D38FB0A7C0EBC11
HUGE BRASS CLOCK GEAR 2 3/4" - VINTAGE - STEAMPUNKVINTAGEFIND AT ETSY G194
IN ORDER TO USE SEARCH
BEGIN EACH DAY WITH LOVE
SQL-3-RMGN_V-BBNGV40NGQRAGGZ
IF-9-86MDXMB1Z-FINBSB4WIDF-B
HTTP://CONTUBO.TV/VIDEOS/1949/2-BEST-MINIFALDAS,-TANGAS,CULONAS-MINISKIRTS"-BIKINIS-"SEXY-GIRLS"-BOOBIES-BOOTTIES
GROUP UPDATE FACEBOOK LINK NOT PROVIDED
CHRISTMAS STOCKING "NOT" STUFFER
ORDER@ALLTHATSHEWANTS.US
ALL@MKSAT.NET
ALL NATURAL SHA
WHERE IS THE SHOW
"ALASKA" + 1978
SMALL "&" SIGN
50%2526%252339%253Bs
VINTAGE CARVED BEAD'" -LUCITE -PLASTIC
pr_shop%22%3EMamaBearBabyWear%3C/a%3E
poem+'if'
CRAFT SHOW SET
DIARY WITH LOCK
CLIP ON READ
CLOCK WITH KEYS
THERE IS NOT PLACE LIKE HOME
BASE; SET SWAROVSKI
LED -(ZEPPELIN)
LIFE IS NOT ABOUT WAITING FOR THE STORM TO PASS
70" ROUND TABLE CLOTH
"CASE"
"RIGHT ON"
"NOT ALL WHO WANDER"
V1_OTHER_1"><IMG CLASS="SIZE-FULL WP-IMAGE-2764
CAT2_GALLERY_20">ETSY</A
OUR FIELD BAG IS INTENDED AS A DAILY WORKHORSE, A CROSSOVER BETWEEN A TRADITIONAL ENGLISH FISHING BAG AND AN URBAN MESSENGER BAG. DURABLE CONSTRUCTION AND PRACTICAL FEATURES ALLOW THE BAG TO EXCEL AT CARRYING GEAR BOTH OUTDOORS AND TO THE OFFICE. THE FIELD BAG IS CONSTRUCTED FROM THE HIGHEST QUALITY MATERIALS: 22 OZ WAXED TWILL FABRIC, HORWEEN LEATHER, AND THREAD ARE OF US ORIGIN. WEBBING AND MOST OF OUR BRASS HARDWARE IS SOURCED FROM THE UK. RIRI ZIPPERS ARE MADE IN SWITZERLAND. FEATURES INCLUDE A ROOMY MAIN COMPARTMENT, TWO BELLOWS POCKETS, AND ONE LARGE POCKET ACROSS THE BACK OF THE FIELD BAG. A SOLID BRASS RING PROVIDES AN EASY ATTACHMENT POINT FOR KEYS OR FISHING NET. LEATHER STRAP, ROLLER BUCKLE, AND A HEAVY-DUTY ZIPPER SECURE THE BAG'S CONTENTS. EDGES ARE BOUND IN WAXED COTTON TAPE, ALL STRESS POINTS ARE BAR-TACKED OR RIVETED, AND EACH BAG IS HAND-NUMBERED. EASILY FITS LAPTOPS (UP TO 15") IN THE OWNER'S OWN SLEEVE. DIMENSIONS: 16" X 12.75" X 4"
ALLENTOWN, () PA UNITED STATES
/SEARCH/SUPPLIES?SEARCH_SUBMIT=&Q=STAR COPPER BLANK 1/2"&ORDER=MOST_RELEVANT&SHIP_TO=US&VIEW_TYPE=GALLERY
/SEARCH/HANDMADE/ART/PRINT?SEARCH_QUERY=14 X 18"&SEARCH_SUBMIT=&SEARCH_TYPE=CATEGORY&CATEGORY=ART&PAGE=3
/SEARCH/HANDMADE?SEARCH_SUBMIT=&Q=WOODEN EMBROIDERY HOOP (3")&ORDER=MOST_RELEVANT&SHIP_TO=US&VIEW_TYPE=GALLERY
GREEN...GREEN...GREENISH))) BY JULIA
BRIDAL SHOWER INVITATION RECIPE CARDS'===
/SEARCH/HANDMADE?SEARCH_SUBMIT=&Q="<3"&VIEW_TYPE=GALLERY&SHIP_TO=FR
/SEARCH/HANDMADE?Q=8.9" CASE&VIEW_TYPE=GALLERY&SHIP_TO=US
/SEARCH_RESULTS.PHP?SEARCH_TYPE=ALL&INCLUDES[0]=TAGS_EXACT&SEARCH_QUERY=RED SHOES 9"&PAGE=1&REF=RELATED
7/" ALUMINUM DISC
"MOD" "KITCHEN"
'M M L"\\ INITIALS
I' IS NOT A PLASTIC BAG
;EACH
;ON
IPHONE CASE 4 CASE
LAPTOP CASE 13 AND PHONE
IPAD -4 CASE
EP-2 CASE
ECID=15&
"///
CARD IS 4 AND A HALF X 5 AND A HALF INCHES AND IS AVAILABLE IN A LARGER SIZE AS WELL
2012 WRITE ON CALENDAR
1960 OUTER SPACE METAL LUNCH BOX PAIL TIN DOME TOP 239-S
MACBOOK CASE 13 -IPHONE -IPAD
DUPIONI -UNIQUE -"-UNIQUE -FAT -FQ -RIBBON -TRIM -POLY -POLYESTER
LAPTOP CASE 14&#39;
"UNIQUE" PRINTABLE WEDDING
SILVER BRACELET "FORCE"
MOVIN' ON T-SHIRT
77921690/TURQUOISE-NATURAL-TU
"WRITE" DESIGN
"WHERE'S GEORGE"
"UNIQUE" PRINTABLE WEDDING
"UNION" BY ROBERT F
"TABLE"
"TRUE"
"ON" WHITE GREEN
"CREATE" STERLING GOLD
"CHANGE" NECKLACE
CHAIN MEASURES 18" AND IS COMPOSED COMPLETELY OUT OF BRASS
TAN (WATER RESISTANT INSULATED) MESSENGER
HAND-STITCHED MACBOOK AIR / MACBOOK PRO LEATHER SLEEVE (13") WITH FREE MONOGRAMMING
1/4"-1/2" WIDE RIBBON
1/4"-1" WIDE RIBBON
BILLEEVERSBOUTIQUE , BROWNING "LIKE"
'-"8 TRACK" PLAYER
"AND WHEN THE KIDS ARE OLD ENOUGH"
"AND WHEN THE KIDS ARE OLD
5-ELGIFPIS-0LGAJJZ-NV54YKIS4
"WOOD" AND "SIGN" AND "POLKA DOTS"
TAN
INFINITY LOOP SCARF
INFINITY LOOP
7 DEC 01
CARDS @ TWITTER
1;1;1;CONTROL;0;0;1;
{%25 $NUM_VIEWS|STRING_FORMAT:"%25D" %25} VUES
7 AND A HALF
1060 OR 70S
18 CREATE GOLD
2 LOOP CONNECTORS
7 AND HALF
8 LOOP BOW
8 OR 9 WLV
00 AND 3
10.00 AND UNDER
102 TABLE CLOTH
10 OR LESS
TRUE-CUT
1.25 READ BUTTONS
"ON SALE ON SALE"
(NEW AND UNIQUE)
NEW AND UNIQUE)
1 REAL FEATHER AND 1 PETITE REAL SHELL
(DICKEY DICKIE*)
(1297-MR)
1297-MR),
(BRASS) PEN -BULLET
(CERAMIC OR POTTERY) MUGS
3/4 FEAR AND LOATHING
1 FEAR AND LOATHING
9/16 PLUGS AND TUNNELS
78881214/LARGE-PINK-QUARTZ-DROPS-AND-22K-GOLD
"RETURN ADDRESS LABELS" STICKER
"ON THE WAY"
"ON THE AIR" SIGN
20 SET 3/4
20 SET 3
"CREATE A CRITTER"
"INTO THE WILD"
"ON FIRE FOR" WHITE GREEN
"FOR BETTER OR WORSE"
(ANTIQUE, VINTAGE) QUILT
ANTIQUE, VINTAGE) QUILT
(TRUMPTON, IVOR, CLANGERS, POOH)
TRUMPTON, IVOR, CLANGERS, POOH)
OR-9-9WYTCZT313XRCN2UV62MBE1
IS-8-RJYG1PGMI0GTBH2XDV8AKGZ
(RUSTIC OR ORGANIC) EVERYDAY NECKLACE
RUSTIC OR ORGANIC) EVERYDAY NECKLACE
BLAH <A HREF="/PATH1/PATH2/PATH3">FOO</A>
BLAH <A HREF="FOO.HTML">FOO</A>
BLAH <A HREF="/FOO.HTML">FOO</A>
RSCHMIDT @FPMC-WILLMAR/COM
XSERVING"; ";PLATTER"; ";VINTAGE";
/SEARCH/?INCLUDES=&SEARCH_QUERY=TYPOGRAPHY+PRINT+"WITH+YOU"&REF=RELATED&PAGE=1
LLLLLLLLLLLLLLLLLLLLLLLLLLLLLKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;''''''''''''''''''''''''''''''''''''''''''''''';;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKL;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;';;LK
SCRAPBOOK PAPER PACK (8.5X11"-300 DPI) --
SWIRLS DIGITAL SCRAPBOOK PAPER PACK (8.5X11"-300 DPI) -- 10 DIGITAL PAPERS -- 122
HTTP://WWW.MECKMOM.COM/MMDL/CHRISTMAS BUDGET PLANNER.PDF';" HREF="HTTP:/WWW.MECKMOM.COM
1.5 WITH 1/2 INCH LOOP END LOBSTER
60;S MOD DRESSES
7" #2 CIRCULAR NEEDLE
9/PLUGS AND TUNNELS
9/16PLUGS AND TUNNELS
"NOT ON FACEBOOK"
"#2 MOM"
80%25 ACRYLIC AND 20%25 WOOL
35%25 COTTON AND 65%25 POLYESTER.
5685587||ORDER=||SECTION_ID=||PAGE=2
{%25 $SENDER_FULL_NAME %25} BLAH BLAH BLAH {%25 $CONVO_SEND_DATE|DATE_FORMAT:'%25B %25D, %25Y' %25}.
UJUUUI8UJKPKJMMJUMNMJUJMMNNJUJMNJJJMNJKJMJJKBJ9I8UJJMMNJNJJJJJJNNKJNMKUJJUNKJJJNJNJKJJJJJJJJJMNJJJJJKJIJJJJJJJJJJJJJJJJJGGGFSAQWERTYUIOP[]';LKGFDSAZXBNM,.
BAMBOO CHARCOAL SOAP 1 '#
BLUE BROWN -BABY -TODDLER -CCBCUSTOMDRESSES' -SHOES -SANDLES -HEEL --INFANT -CHILD -CHILDS -CHILDRENS -KID -KIDS -BOYS -BOY -MEN -MENS
BLUE BROWN -BABY -TODDLER -CCBCUSTOMDRESSES' --INFANT -CHILD -CHILDS -CHILDRENS -KID -KIDS -BOYS -BOY -MEN -MENS
<SPAN CLASS="SHOW-TEXT">REGARDEZ</SPAN>
BOOKMAR';[K]]
WOOL AND ACRYLIC FOR SOFTNESS
01/DEC/2011:20:45:25
0;1;0;1;0
5-DEC-QRIBMKCDNBUO2ELCW2FGFI
WOMEN';S ART DEC
DO OR NOT DO, THERE IS NO
ABC AND 123 WALL DEC
1.5 WITH 1/2 INCH LOOP END
"NOT FOR SALE"
"IS" STAMP
"LIKE" STAMP
/SEARCH/?INCLUDES=&SEARCH_QUERY=TYPOGRAPHY+PRINT+"WITH+YOU"&REF=RELATED&PAGE=1
1950' AND 60'S WOMEN'S COATS WITH FAKE
FOO; BAR 1+2+3
WO;DCAT[JPTPGRA][
/SEARCH_RESULTS.PHP?SEARCH_TYPE=ALL&INCLUDES[0]=TAGS&SEARCH_QUERY=MACBOOK PRO DECALS 15"&PAGE=2
/SEARCH_RESULTS.PHP?SEARCH_TYPE=ALL&INCLUDES[0]=TAGS&SEARCH_QUERY=MACBOOK+PRO+DECALS+15&PAGE=2
%2FSEARCH_RESULTS.PHP%3FSEARCH_TYPE%3DALL%26INCLUDES%5B0%5D%3DTAGS%26SEARCH_QUERY%3DMACBOOK%2BPRO%2BDECALS%2B15%26PAGE%3D2
%2FSEARCH_RESULTS.PHP%3FSEARCH_TYPE%3DALL%26INCLUDES%5B0%5D%3DTAGS%26SEARCH_QUERY%3DMACBOOK%2BPRO%2BDECALS%2B15%22%26PAGE%3D2
KNICKIN' AND KNACKIN' SEE WHAT ONFIRE'S PACKIN' FOR CHRISTMAS BY ANNIE BECWAR
0=[]'
"AS FOR ME AND MY
"EXIT, PURSUED B
"EXIT, PURSUED BY
4%27%2BX%2B4%27%2BWOOD
48%22%2BX%2B48%22%2BMODERN%2BART
90-%2B6%2BINCH
%2FSEARCH%2FHANDMADE%3FSEARCH_SUBMIT%3D%26Q%3D20%22%2BX%2B20%22%2BPILLOW%2BCOVER%2BGREEN%2BPATTERN%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS
%2FSEARCH%2FHANDMADE%3FSEARCH_SUBMIT%3D%26Q%3D%22NOT%2BAMUSED%22%26ORDER%3DMOST_RELEVANT%26SHIP_TO%3DZZ%26VIEW_TYPE%3DGALLERY%26PAGE%3D4
%2FSEARCH%2FHANDMADE%2FPLANTS_AND_EDIBLES%3FSEARCH_SUBMIT%3D%26Q%3D%22SET%2BOF%2B6%22%26MAX%3D18%26ORDER%3DMOST_RELEVANT%26SHIP_TO%3DUS%26VIEW_TYPE%3DGALLERY
%2FSEARCH%2FVINTAGE%3FSEARCH_SUBMIT%3D%26Q%3D%22TABLE%2BLAMP%22%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS%26PAGE%3D10
%2FSEARCH%2FHANDMADE%3FSEARCH_SUBMIT%3D%26Q%3DSHABBY%2B%22AND%2BWHITE%22%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS%26PAGE%3D6
%2FSEARCH_RESULTS.PHP%3FINCLUDES%5B0%5D%3DTAGS%26SEARCH_QUERY%3DSILVER%2BCHAIN%2B20%22%26FILTER%5B0%5D%3DSUPPLIES
%2FSEARCH_RESULTS.PHP%3FINCLUDES%5B0%5D%3DTAGS%26SEARCH_QUERY%3DWALDORF%2BDOLLS%2B16%22%26FILTER%5B0%5D%3DVINTAGE
%2FSEARCH_RESULTS.PHP%3FINCLUDES%5B0%5D%3DTAGS%26SEARCH_QUERY%3DWALDORF%2BDOLLS%2B16%22%26FILTER%3DVINTAGE
%2FSEARCH%2FHANDMADE%3FQ%3DYELLOW%2BPHOTOGRAPHY%2BBACKDROP%2B%2B-3%27%2B-4%27%2B-DIGITAL%2B-MINI%26VIEW_TYPE%3DGALLERY
HTTP%3A%2F%2FDEEDEECAMPBELL.BLOGSPOT.COM%2F2011%2F12%2FHAPPY-SNOWMAN-TAG.HTML%3FUTM_SOURCE%3DFEEDBURNER%26UTM_MEDIUM%3DFEED%26UTM_CAMPAIGN%3DFEED%3A%2BSCRAPPINWITHDEEDEE%2B%28SCRAPPIN%27%2BWITH%2BDEEDEE%29
RECLAIMED%20WOOD%22%20%2B%20%22SIGN%22%20%2B%20%22PRIMITIVE%22
%22MOD%22%20%22
/SEARCH/HANDMADE%3FSEARCH_SUBMIT%3D%26Q%3D%22MOD%22%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS%26PAGE%3D14
/SEARCH%3FSEARCH_SUBMIT%3D%26Q%3D36%22%2BX%2B48%2B%22%2BFRAME%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS
DO%20OR%20NOT%20DO
DO%20OR%20NOT%20DO%2C
9%216%2BEARINGS
%22NOT+GAY+AS+I
%22+-+%22MAGAZINE%22
FAITES+UN+TOUR+SUR+NOTRE+NOUVELLE+%3CBR+%2F%3E%3CA+HREF%3D%22%2FAPPS%2F%22%3EGALERIE+D%27APPLICATIONS%3C%2FA%3E%21
RENCONTREZ+DES+PERSONNES+AVEC+QUI+VOUS+AVEZ+DES+INTRTS+COMMUNS+ET+COLLABOREZ+AVEC+EUX.+TROUVEZ+DES+TEAMS+LOCAUX++REJOINDRE+SUR+LA+%3CA+HREF%3D%22%2FTEAMS%2F%22%3EPAGE+DES+TEAMS%3C%2FA%3E
FHFUIVJGUJOKKIIKIIOJKK%5BI%5B%27%3D%5C%5D%3D-%5DL%3B/...
%27-%228
%27-%228%20TRACK%22
%27-%228%20TRACK%20PL
2%20got%20%40AOL.COM
L%3BIN%20TABLE%20RUNNER
OW%3BCAST%20IRON%20TRIVETS
/SEARCH/HANDMADE%3FSEARCH_SUBMIT%3D%26REF%3DAUTO%26Q%3DPICTURES%2BFRENCH%2B11%22%2B-%2B14%22%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS
SET%208%20-MINI%20AS
1/4%22-1/2RIBBON
1/4%22-1/RIBBON
PHILLIPKEEGAN-777-%40HOTMAIL.COM
AUG%2B15%2BKEYS
%22foo%22+AND+%22bar%22+AND
%22foo%22+AND+%22bar%22
%22WILD+OLIVE%22+%2B+%22YELLOW+CHERRIES%22
%22WHITE%22+%2B+%22PLATE%22+%2B+%22POTTERY%22
FOO+BAR%27%23+BLAH
5%2F8%2BLOOP
CONNECTORS+%2B+2-PRONG
50%2BSIZE%2B36%2B%287%2F8%2BINCH%29%2BCOVER%2BBUTTONS
50PCS%2BANTIQUE%2BBRONZE%2BFINISH%2BCONNECTORS%2B8MM%2B%280633%29
32%2BKRAFT%2BBROWN%2B%22HANDMADE%22%2BSTICKER
25%2BSIZE%2B36%2B%287%2F8%2BINCH%29%2BCOVER%2BBUTTONS
%281156-MG%29%2BNEW%2BMATTE%2BGOLD%2BPLATED%2BTEXTURED%2BLINKED%2B3-RING%2BPENDANTS
%22CROSS+STITCH%22+%2B+%22TREE+SKIRT
%2FSEARCH%3FQ%3D15%22%2BLAPTOP%2BCASE%26PAGE%3D6
%2BIPHONE%2B4%2BCASE
%22TERRACE%22++-++1932++-++WM.+ROGERS+MFG.+CO.
%22ATEAM%22+AND+AND+%22GIFT+CERTIFICATE%22
%22CLIP+ON%22+-EARRING%2A+-SWEATER+-SHOE%2A+-TIE%2A+-EPHEMERA+-CUFFLINK%2A+-HAIR+-BARRETTE%2A+-DRESS%2A+-BROOCH%2A+-PIN%2A+-MONEY+-PRINT
4%2FABKDFAY1YORLFIM6NZYU8DTZP1-1
%2FSEARCH%2FHANDMADE%3FSEARCH_SUBMIT%3D%26Q%3DPIN%2B%22AS%2BIS%22%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS
%2FSEARCH%2FHANDMADE%3FSEARCH_SUBMIT%3D%26Q%3D%22AND%2BWHEN%2BTHE%2BKIDS%2BARE%2BOLD%2BENOUGH%22%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS
THING%2B1%2BAND%2BTHING%2B2
1Q9D819XMTILZVG1BOBY27-4-ROW
NOT+AS+SAD+AS+I+USED+TO+BE
NOT+AS+SAD+AS+I
IPHONE%2B4%2BCASE%2BRUSSIAN
COPPER%2B20%2BROUND
CASE+FOR+KINDLE+WITH+KEYBOARD
%2FSEARCH%2FHANDMADE%3FSEARCH_SUBMIT%3D%26Q%3D%22LIKE%22%2BSTAMP%26VIEW_TYPE%3DGALLERY%26SHIP_TO%3DUS
MISTERGLAS.DK%27%2A%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27%27
BIRTHDAY%2B12%2BMONTH%2B
6R2OS3JNSM-48-IN-0ZENVYLUJJL
14+1%2F2%22+-+USUALLY+FOR+3+MONTHS+TO+6+MONTHS
XVPG_TLIHBUY60_ZHXPSA-4-PI-P
GALLERY%3D1%3D5
I+%3C3+%3C3
I+%3C3+%3C3+THE+DOCTOR
SIZE%2B36%2B%287%2F8%2BINCH%29%2BCOVER%2BBUTTONS%2BSTARTER%2BKIT
4%7C28940%7C10142125%7C6003940396642%7C6003940506642%7C%7C%7CTC%7C%7CC%7C%7C%7C
-3-B39RBBO58YMVIHEVAUZBS-6TF
.75+%22+X+1.5%22
"SIGNAL LOCK"
3 TABLE LAMP WITH FLOWERS
9483773&REFERRING_LISTING_ID=62611583&REF=LS_CONTACT_BOTTOM
1950 UNION MADE
EWELRY; __UTMC=111461200; __UTMB=111461200.37.10.13431224
1 AND A1/2 INCH LIME GREEN GROSGRAIN RIBBON
3271888&SR=1-1-SPELL&KEYWORDS=LEGAND+POSTER
SHELL IS 65 AND 35 POLY COTTON BLEND
Y; __UTMC=111461200; __UTMB=111461200.29.10.1342974283
5EOR-5MDKFIKK50HAHCPYPUVLG-2
LISTING-PRICE"> P="L TING-PRICE"> <A-TRIGVORITE LISTING-FAVORITE INNNNN SHABBY CHIC CREAM CURTAINS VINTAGE CURTAI RIG <IMG SRC=
5683190/TARGET="_BLANK"
3 TRAILING AIRPLANES WITH YOUR NAME DECAL
SUKAN / SET (2 PIECE) HAND WOVEN ORIGINAL SILK
# some base64 things?
zzh7W_krs4jSNwVV2TssQsSbOj--
1611-IioXXIG1ti8rspL2vbXFy--
1611/IioXXIG1ti8rspL2vbXFy--
Mosaic "Table top"
# Used in HTTP headers, e.g. Accept: */*
*/*
"Dr. Who" and coffee
"rose gold" necklace 14
"flagging" -american -festive --peace -prayer -america -stripes -straws
shabby "and white
"3 1'/3
"*"
necklace length 16" or 18"
4 pcs- (5003-BK) 14mm Black
"Keys"
"dec"
'countdown calendar" and "disney:
1950 or 1960
black and "shower curtain"
dad and keychain and "loved by"
if all else fails call grandma
case 13"
12.5 x 12.5&quot;
O'connors UNION selected a few friendsf from a
O'connors UNION selected a few friendsf from
O'connors UNION selected a few friendsf fr
O' UNION selected a few friends
O'connors UNION selected a few friends
1 I like having true friends
I like having true friends
I having true friends
I was having true friends
1 having
"1--"
'1--'
"1--
'1--
1 collate these union documents
17+inch+PC+LAPTOP+Sleeve%2FBag%2FCase+with+zipper+pocket+and+adjustable+strap
# from https://github.com/client9/libinjection/issues/49
1,(1)
Toronto, ON, Canada - (YYZ)
1,1--
(1)-x
1 function (1)
'/1x-
# technically x OR 1
#x|x||1
select 'and'
x/void(1)
select x from y where
x/*
1x(((
1),(1
x, @x, @x
#
1; exec will create the case 7
`
1234`
junk <a href="../">foo.com</a>
# bogus
1alert(1)
foo 'null' bar
User(foo),junk
User(login_name),Images(url_170x135)
mr and mrs table sign
USPS 1-3 Day (USPS doesn't guarantee 3 day arrival)
foo or bar add 1
Apt is gated; call when you get here, and we'll come down to get it.
DaVi - Open and Close Your Blinds With Your Phone!
Foo and 80&#039;s Foo / Bar
Work Time (Rosewood, Lavender, Bergamot, Grapefruit) Recommended
Same as reward #1 however
foobar sent you 1 message about
4.7" & iPhone 6 Plus 5.5
Family and friends having meal outdoors
<table width="99%" border="0" cellpadding="1"'
8-bit Limit (BRK)
3rd space(s)
Ink and White Out 2 in 1 Pen
Reality check (2016)
Please select pair #1

30
deps/src/ModSecurity/others/libinjection/data/sqli-@ru_raz0-20160705.txt vendored Normal file
View File

@@ -0,0 +1,30 @@
# https://twitter.com/ru_raz0r/status/750311113435283456
#
username'exec master..xp_cmdshell'ping 127.0.0.1' -- and password = 'test'
username'declare @s varchar (8000); ...
username'DECLARE @find varchar(30) = 'Man%'
'begin declare @s varchar (8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s); end
'goto label; label: declare @s varchar (8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'begin try select 1/0 end try begin catch declare @s varchar (8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end catch--
'begin try declare @s varchar (8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end try begin catch print 1 end catch--
'begin goto label declare @a varchar label: declare @s varchar (8000) set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end
'begin goto label ALTER DATABASE pubs SET RECOVERY SIMPLE label: declare @s varchar (8000) set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end--
'begin goto label select 1 label: @s varchar (8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end--
'begin goto label label: declare @s varchar (8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s); end--
'goto label label: declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'goto label ALTER DATABASE pubs SET RECOVERY SIMPLE; label: declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'goto label INSERT INTO Production.UnitMeasure (Name, UnitMeasureCode,ModifiedDate) VALUES (N'Square Yards', N'Y2', GETDATE()) label: declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'goto label declare @a label: declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'goto label select cast(@@version as varchar) label: declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'goto label select @@version label: declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'goto label select "a" label: declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'goto label select 1 label: declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'select @@version; declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end--
'select 'a'; declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end--
'select 1; declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end--
'select @@version begin declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end--
'select 'a' begin declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end--
'select 1 begin declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s) end--
'select @@version goto label select 'a' label:declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'select 'a' goto label select 'a' label:declare @s varchar(8000);set @s = cast(0x65786563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--
'select 1 goto label select 'a' label:declare @s varchar(8000);set @s = cast(0x6576563206D61737465722E2E78705F636D647368656C6C202770696E67203137322E31362E392E3627 as varchar(max));exec(@s)--

11
deps/src/ModSecurity/others/libinjection/data/sqli-arithmetic_blind_sqli.txt vendored Normal file
View File

@@ -0,0 +1,11 @@
# Not sure of original source
# attributed to David Litchfield
#
234+%2B+%281+%2F+ASCII%28substring%28passwd%2C1%2C1%29%29-4%29
foo%27+%2B+%281+%2F+ASCII%28substring%28passwd%2C1%2C1%29%29-4%29--
456+%2B+ASCII%28substring%28passwd%2C1%2C1%29%29-10
foo%27%2B+ASCII%28substring%28passwd%2C1%2C1%29%29-10--
# overflow
123%2B+%28%280+%2F+ascii%28substring%28passwd%2C1%2C1%29%29+%2A+4294967296%29

73
deps/src/ModSecurity/others/libinjection/data/sqli-arithmetic_variations.txt vendored Normal file
View File

@@ -0,0 +1,73 @@
# samples
# unlikely to execute correctly
# probably just generated automatically without regard for usefulness
# but seen in wild "FIELD AND NUM=NUM"
# FAILS
#"1*HOPE AND 8=3",
#"0+HOPE AND 8=3",
#"0+(HOPE) AND 8=3",
HOPE%2A1+AND+8%3D3
## HOPE%2A%281%29+AND+8%3D3
# RHS variations
HOPE+AND+8%3D3
HOPE+AND+-8%3D3
HOPE+AND+-8%3D-3
HOPE+AND+%28-8%29%3D%28-3%29
HOPE+AND+%288%29%3D3
HOPE+AND+8%3D%283%29
HOPE+AND+%288%29%3D%283%29
HOPE+AND+1%2B2%3D3%2B4
HOPE+AND+COS%283%29%3DSIN%284%29
# lhs work arounds
HOPE%2A1+AND+8%3D3
## HOPE%2A%281%29+AND+8%3D3
%28HOPE%29+AND+8%3D3
%28HOPE%29%2A1+AND+8%3D3
%28HOPE%29%2B0+AND+8%3D3
1%2A%28HOPE%29+AND+8%3D3
%281%29%2A%28HOPE%29+AND+8%3D3
%281%29%2AHOPE+AND+8%3D3
%28%281%29%29%2AHOPE+AND+8%3D3
%28%281%29%29%2A%28HOPE%29+AND+8%3D3
%28%281%29%29%2A%28%28HOPE%29%29+AND+8%3D3
%28%28%281%29%29%29%2AHOPE+AND+8%3D3
%28%28%28%281%29%29%29%29%2AHOPE+AND+8%3D3
# based on NUM AND 1=1--
PI%28%29+AND+COS%28PI%28%29%29%3D-1
PI%28%29+%26%26+COS%28PI%28%29%29%3D-1
FLOOR%28PI%28%29%29+AND+SIN%28PI%28%29%29%3D0
-9-%282%29+OR+1+%3D+1
8-9+OR+1+%3D+1
-9-%282%29+OR+1+%3D+1
-9-%28%282%29%29+OR+1+%3D+1
-9-%28%28%282%29%29%29+OR+1+%3D+1
%7E9-%282%29+OR+1+%3D+%7E1
a%27%2712%27+and+%28pi%28%29%3Dpi%28%29%29--
a%27%2712%27+and+pi%28%29%3Dpi%28%29--
dingberry%27%271%27+and+%28false%29--
dingberry%27%271%27+and+%28pi%28%29%3D3%29--
dingberry%27%271%27+and+%283%3Dpi%28%29%29--
1%27%2712%27+and+%283%3Dpi%28%29%29--
1%27%2B%2712%27+and+%283%3Dpi%28%29%29--
1%27%2B%28%2712%27%29+and+%283%3Dpi%28%29%29--
1%27%2B%28%28%2712%27%29%29+and+%283%3Dpi%28%29%29--
1%27%2B%28%28%28%2712%27%29%29%29+and+%283%3Dpi%28%29%29--
1%2B%28%2712%27%29+and+%283%3Dpi%28%29%29--
1%2Bpi%28%29+and+%283%3Dpi%28%29%29--
1%2B%28pi%28%29%29+and+%283%3Dpi%28%29%29--
1%2B%28%28pi%28%29%29%29+and+%283%3Dpi%28%29%29--
1%2B%28%28%28pi%28%29%29%29%29+and+%283%3Dpi%28%29%29--
1%27%2Bpi%28%29+and+%283%3Dpi%28%29%29--
1234%27%27z%27+and+%283%3Dpi%28%29%29--
foo%27+and+1%2B2%2B3%2B4%2B5%2B6%3D21--
foo%27+and+1%2B2%2B3%2B4%2B5%2B6%3D%2821%29--
foo%27+and+%281%2B2%2B3%2B4%2B5%2B6%29%3D21--
foo%27+and+1%2B2%2B3%2B4%2B5%2B6%3D%287%2A3%29--
foo%27+and+%281%2B2%2B3%2B4%2B5%2B6%29%3D%287%2A3%29--
foo%27+and+%281%2B2%2B3%2B4%2B5%2B6%29%3D7%2A3--
foo%27+and+%281%2B2%2B3%2B%284%2B5%2B6%29%29%3D7%2A3--

15
deps/src/ModSecurity/others/libinjection/data/sqli-arneswinnen.net-boolean.txt vendored Normal file
View File

@@ -0,0 +1,15 @@
#
# from http://www.arneswinnen.net/2013/09/automated-sql-injection-detection/
#
999999 or 1=1 or 1=1
' or 1=1 or '1'='1
" or 1=1 or "1"="1
999999) or 1=1 or (1=1
') or 1=1 or ('1'='1
") or 1=1 or ("1"="1
999999)) or 1=1 or ((1=1
')) or 1=1 or (('1'='1
")) or 1=1 or (("1"="1
999999))) or 1=1 or (((1
'))) or 1=1 or ((('1'='1
"))) or 1=1 or ((("1"="1

44
deps/src/ModSecurity/others/libinjection/data/sqli-arneswinnen.net-time.txt vendored Executable file
View File

@@ -0,0 +1,44 @@
#
# http://www.arneswinnen.net/2013/09/automated-sql-injection-detection/
#
1 or (select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6)=0 or 1=1
(select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6)
(select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6) as test
9999' or (select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6)=0 or '0'='9999
9999" or (select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6)=0 or "0"="9999
9999'+(select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6)+'9999
9999"+(select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6)+"9999
9999'||(select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6)||'9999
9999"||(select count(*) from INFORMATION_SCHEMA.tables as sys1,INFORMATION_SCHEMA.tables as sys2,INFORMATION_SCHEMA.tables as sys3,INFORMATION_SCHEMA.tables as sys4,INFORMATION_SCHEMA.tables as sys5,INFORMATION_SCHEMA.tables as sys6)||"9999
(select like('abcdefg',upper(hex(randomblob(150000000))))) as test
(select like('abcdefg',upper(hex(randomblob(150000000)))))
9999'||(select like('abcdefg',upper(hex(randomblob(150000000)))))||'9999
9999"||(select like('abcdefg',upper(hex(randomblob(150000000)))))||"9999
(select count(*) from all_users t1,all_users t2,all_users t3,all_users t4,all_users t5) as test
(select count(*) from all_users t1,all_users t2,all_users t3,all_users t4,all_users t5)
9999'||(select count(*) from all_users t1,all_users t2,all_users t3,all_users t4,all_users t5)||'9999
9999"||(select count(*) from all_users t1,all_users t2,all_users t3,all_users t4,all_users t5)||"9999
(select benchmark(15000000,md5(0x4e446b6e))-9999) as test
benchmark(15000000,md5(0x4e446b6e))-9999
9999' or benchmark(15000000,md5(0x4e446b6e)) or '0'='9999
9999" or benchmark(15000000,md5(0x4e446b6e)) or "0"="9999
(select count(*) from sysusers as sys1,sysusers as sys2,sysusers as sys3,sysusers as sys4,sysusers as sys5,sysusers as sys6,sysusers as sys7) as test
(select count(*) from sysusers as sys1,sysusers as sys2,sysusers as sys3,sysusers as sys4,sysusers as sys5,sysusers as sys6,sysusers as sys7)
9999'+(select count(*) from sysusers as sys1,sysusers as sys2,sysusers as sys3,sysusers as sys4,sysusers as sys5,sysusers as sys6,sysusers as sys7)+'9999
9999"+(select count(*) from sysusers as sys1,sysusers as sys2,sysusers as sys3,sysusers as sys4,sysusers as sys5,sysusers as sys6,sysusers as sys7)+"9999
(select count(*) from domain.domains as t1,domain.columns as t2,domain.tables as t3) as test
(select count(*) from domain.domains as t1,domain.columns as t2,domain.tables as t3)
9999'||(select count(*) from domain.domains as t1,domain.columns as t2,domain.tables as t3)||'9999
9999"||(select count(*) from domain.domains as t1,domain.columns as t2,domain.tables as t3)||"9999
(select count(*) from rdb$fields as t1,rdb$types as t2,rdb$collations as t3) as test
(select count(*) from rdb$fields as t1,rdb$types as t2,rdb$collations as t3)
9999'||(select count(*) from rdb$fields as t1,rdb$types as t2,rdb$collations as t3)||'9999
9999"||(select count(*) from rdb$fields as t1,rdb$types as t2,rdb$collations as t3)||"9999
(select count(*) from sysibm.systables as t1,sysibm.systables as t2,sysibm.systables as t3) as test
(select count(*) from sysibm.systables as t1,sysibm.systables as t2,sysibm.systables as t3)
9999'||(select count(*) from sysibm.systables as t1,sysibm.systables as t2,sysibm.systables as t3)||'9999
9999"||(select count(*) from sysibm.systables as t1,sysibm.systables as t2,sysibm.systables as t3)||"9999
(select 99999999 from pg_sleep(15)) as test
(select 99999999 from pg_sleep(15))
9999'||(select 99999999 from pg_sleep(15))||'9999
9999"||(select 99999999 from pg_sleep(15))||"9999

15
deps/src/ModSecurity/others/libinjection/data/sqli-comparitiveprecomputation.txt vendored Normal file
View File

@@ -0,0 +1,15 @@
# http://www.blackhatlibrary.net/Comparative_precomputation
ascii(substring(version() from 1 for 1))
length((select length(version())))
ascii(substring(length(version()),1,1))
(select id from (select id,@v:=@v+1 as pos from articles y join (select @v:=0) k limit 255) x where pos=1)
(select id from (select id,@v:=@v+1 as pos from articles y join (select @v:=0) k limit 255) x where pos=ascii(substring(version() from 1 for 1)))
vulnerable_site' and 1=5 or title=() #'
conv(hex(substr(version() FROM 1 FOR 2)),16,10)
conv(hex(substr(version() FROM 1 FOR 2)),16,10) >> 0x6
conv(hex(substr(version() FROM 2 FOR 2)),16,10) << 0x2 >> 0x6
uncompress(compress(version()))
LENGTH(compress(version()))
LENGTH(version())
LENGTH(load_file('/etc/passwd'))
LENGTH(compress(load_file('/etc/passwd')))

40
deps/src/ModSecurity/others/libinjection/data/sqli-edb-17934.txt vendored Normal file
View File

@@ -0,0 +1,40 @@
# http://www.exploit-db.com/papers/17934/
# A few typos corrected
1+or+1+%3D+1
1+%7C%7C+1+%3D+1
1+and+1+%3D+1
1+%26%26+1+%3D+1
1+%7C%7C+%28select+user+from+users+where+user_id+%3D+1%29+%3D+%27admin%27
1+%7C%7C+%28select+user+from+users+where+user_id+%3D+1%29+%3D+%27admin%27
1+%7C%7C+%28select+user+from+users+limit+1%29+%3D+%27admin%27
1+%7C%7C+%28select+user+from+users+group+by+user_id+having+user_id+%3D+1%29+%3D+%27admin%27
1+%7C%7C+%28select+substr%28group_concat%28user_id%29%2C1%2C1%29+user+from+users+%29+%3D+1
1+%7C%7C+%28select+substr%28group_concat%28user_id%29%2C1%2C1%29+user+from+users%29+%3D+1
1+%7C%7C+1+%3D+1+into+outfile+%27result.txt%27
1+%7C%7C+substr%28user%2C1%2C1%29+%3D+%27a%27
1+%7C%7C+%28select+substr%28group_concat%28user_id%29%2C1%2C1%29+user+from+users%29+%3D+1
1+%7C%7C+user_id+is+not+null
1+%7C%7C+substr%28user%2C1%2C1%29+%3D+0x61
1+%7C%7C+substr%28user%2C1%2C1%29+%3D+unhex%2861%29
1+%7C%7C+substr%28user%2C1%2C1%29+%3D+lower%28conv%2811%2C10%2C36%29%29
1+%7C%7C+lpad%28user%2C7%2C1%29
1%0b||%0blpad(user,7,1)
1+union+select+1%2C+table_name+from+information_schema.tables+where+table_name+%3D+%27users%27
1+union+select+1%2C+table_name+from+information_schema.tables+where+table_name+between+%27a%27+and+%27z%27
1+union+select+1%2C+table_name+from+information_schema.tables+where+table_name+between+char%2897%29+and+char%28122%29
1+union+select+1%2C+table_name+from+information_schema.tables+where+table_name+between+0x61+and+0x7a
1+union+select+1%2C+table_name+from+information_schema.tables+where+table_name+like+0x7573657273
1+UnIoN/**/SeLecT/**/1,2,3--
# double url-encoded
## 21%252f%252a*/union%252f%252a*/select%252f%252a*/1,2,3%252f%252a*/from%252f%252a*/users--
21%2f%2a*/union%2f%2a*/select%2f%2a*/1,2,3%2f%2a*/from%2f%2a*/users--
1+/**/union/**/select
1+/%2A%2A/union/%2A%2A/select
1+%2f**%2funion%2f**%2fselect
0+div+1+union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1%2C2%2Ccurrent_user
0+div+1+union+select+1%2C2%2Ccurrent_user
1+and+(select 1)=(select+0x414141414141441414141414114141414141414141414141414141414141414141.)+union+select+1,2,version(),database(),user(),6,7,8,9,10--
1/*!UnIoN*/SeLecT+1,2,3--
=/*!UnIoN*/+/*!SeLecT*/+1,2,concat(/*!table_name*/)+FrOm/*!information_schema*/.tables+*!WhErE*/+/*!TaBlE_sChEMa*/+like+database()--
1%27%3B+%2F%2A%26id%3D1%2A%2F+EXEC+%2F%2A%26id%3D1%2A%2F+master..xp_cmdshell+%2F%2A%26id%3D1%2A%2F+net+user+lucifer+UrWaFisShiT+%2F%2A%26id%3D1%2A%2F+--

14072
deps/src/ModSecurity/others/libinjection/data/sqli-forums.txt vendored Executable file
View File

File diff suppressed because it is too large Load Diff

131
deps/src/ModSecurity/others/libinjection/data/sqli-fullqueries.txt vendored Normal file
View File

@@ -0,0 +1,131 @@
#
# Frequently not SQLi but
#
select 1 from foo where
select @version from foo where
select 'foo' from bar where
# select 1,1,1,1,1,1,1
# select @version,@version,@version
# select 'foo','bar',1,2,3,4
select sin(1),2 from bar where
select sin(id),2 from bar where
select sin('1'),2 from bar where
select sin(@version),2 from bar where
select sin((1)),2 from bar where
select sin((id)),2 from bar where
select sin(('1')),2 from bar where
select sin((@version)),2 from bar where
select sin(((1)),2 from bar where
select sin(((id)),2 from bar where
select sin((('1')),2 from bar where
select sin(((@version)),2 from bar where
select -sin(1),2 from bar where
select -sin(id),2 from bar where
select -sin('1'),2 from bar where
select -sin(@version),2 from bar where
select -sin((1)),2 from bar where
select -sin((id)),2 from bar where
select -sin(('1')),2 from bar where
select -sin((@version)),2 from bar where
select -sin(((1)),2 from bar where
select -sin(((id)),2 from bar where
select -sin((('1')),2 from bar where
select -sin(((@version)),2 from bar where
select 1,sin(1),2 from bar where
select 1,sin(id),2 from bar where
select 1,sin('1'),2 from bar where
select 1,sin(@version),2 from bar where
select 1,sin((1)),2 from bar where
select 1,sin((id)),2 from bar where
select 1,sin(('1')),2 from bar where
select 1,sin((@version)),2 from bar where
select 1,sin(((1)),2 from bar where
select 1,sin(((id)),2 from bar where
select 1,sin((('1')),2 from bar where
select 1,sin(((@version)),2 from bar where
select -1,sin(1),2 from bar where
select -1,sin(id),2 from bar where
select -1,sin('1'),2 from bar where
select -1,sin(@version),2 from bar where
select -1,sin((1)),2 from bar where
select -1,sin((id)),2 from bar where
select -1,sin(('1')),2 from bar where
select -1,sin((@version)),2 from bar where
select -1,sin(((1)),2 from bar where
select -1,sin(((id)),2 from bar where
select -1,sin((('1')),2 from bar where
select -1,sin(((@version)),2 from bar where
select id,sin(1),2 from bar where
select id,sin(id),2 from bar where
select id,sin('1'),2 from bar where
select id,sin(@version),2 from bar where
select id,sin((1)),2 from bar where
select id,sin((id)),2 from bar where
select id,sin(('1')),2 from bar where
select id,sin((@version)),2 from bar where
select id,sin(((1)),2 from bar where
select id,sin(((id)),2 from bar where
select id,sin((('1')),2 from bar where
select id,sin(((@version)),2 from bar where
select @version,sin(1),2 from bar where
select @version,sin(id),2 from bar where
select @version,sin('1'),2 from bar where
select @version,sin(@version),2 from bar where
select @version,sin((1)),2 from bar where
select @version,sin((id)),2 from bar where
select @version,sin(('1')),2 from bar where
select @version,sin((@version)),2 from bar where
select @version,sin(((1)),2 from bar where
select @version,sin(((id)),2 from bar where
select @version,sin((('1')),2 from bar where
select @version,sin(((@version)),2 from bar where
select '1',sin(1),2 from bar where
select '1',sin(id),2 from bar where
select '1',sin('1'),2 from bar where
select '1',sin(@version),2 from bar where
select '1',sin((1)),2 from bar where
select '1',sin((id)),2 from bar where
select '1',sin(('1')),2 from bar where
select '1',sin((@version)),2 from bar where
select '1',sin(((1)),2 from bar where
select '1',sin(((id)),2 from bar where
select '1',sin((('1')),2 from bar where
select '1',sin(((@version)),2 from bar where
select -'1',sin(1),2 from bar where
select -'1',sin(id),2 from bar where
select -'1',sin('1'),2 from bar where
select -'1',sin(@version),2 from bar where
select -'1',sin((1)),2 from bar where
select -'1',sin((id)),2 from bar where
select -'1',sin(('1')),2 from bar where
select -'1',sin((@version)),2 from bar where
select -'1',sin(((1)),2 from bar where
select -'1',sin(((id)),2 from bar where
select -'1',sin((('1')),2 from bar where
select -'1',sin(((@version)),2 from bar where
select 1,(2),3 from bar where
select (1),(2),3 from bar where
select ((1)),(2),3 from bar where
select (((1))),(2),3 from bar where
select ('1'),(2),3 from bar where
select (('1')),(2),3 from bar where
select ((('1'))),(2),3 from bar where
select (@version),(2),3 from bar where
select ((@version)),(2),3 from bar where
select (((@version))),(2),3 from bar where
select (id),(2),3 from bar where
select ((id)),(2),3 from bar where
select (((id))),(2),3 from bar where
select (@version),(2),3 from bar where
select (((((1,2,3,4)))) from bar

315
deps/src/ModSecurity/others/libinjection/data/sqli-fuzz-ischi.txt vendored Normal file
View File

@@ -0,0 +1,315 @@
#
#
#
( 'a' ) --
' - ( (SELECT BINARY ( 'b')) ) --
' - ( ( BINARY COS ( 'b')) ) --
' - ( BINARY BINARY ( 'b') ) --
( 1 OR 1 ) --
( 1 OR @a ) --
( ( 1 ) ) --
( 1 * @a ) --
( (SELECT ( 1)) ) --
( (SELECT ( @a)) ) --
( BINARY ( 1) ) --
( BINARY ( @a) ) --
( @a OR 1 ) --
( @a OR @a ) --
( ( @a ) ) --
( ( 1 OR 'b') ) --
( ( 1 * 'b') ) --
( (SELECT ( SELECT 'b')) ) --
( ( SELECT ( 'b')) ) --
( (SELECT 1 OR 'b') ) --
( (SELECT 'a' OR 'b') ) --
( (SELECT BINARY ( 'b')) ) --
( (SELECT BINARY COS ( 'b')) ) --
( (SELECT @a OR 'b') ) --
( COS ( 1 OR 'b') ) --
( COS ( 'a' OR 'b') ) --
( COS ( BINARY ( 'b')) ) --
( COS ( BINARY COS ( 'b')) ) --
( COS ( @a OR 'b') ) --
( 'a' OR 1 ) --
( 'a' OR 'a' ) --
( 'a' OR @a ) --
( 'a' ) --
( 'a' * 1 ) --
( 'a' * 'a' ) --
( 'a' * @a ) --
( BINARY ( SELECT 'b') ) --
( ( BINARY ( 'b')) ) --
( BINARY BINARY ( 'b') ) --
( BINARY BINARY COS ( 'b') ) --
( ( @a OR 'b') ) --
( ( @a * 'b') ) --
( 1 in ( BINARY COS ( 'b')) ) --
( (SELECT ( 1 OR 'b')) ) --
( (SELECT ( SELECT 1)) ) --
( (SELECT ( SELECT @a)) ) --
( (SELECT ( 'a' OR 'b')) ) --
( (SELECT ( BINARY ( 'b'))) ) --
( (SELECT ( BINARY COS ( 'b'))) ) --
( (SELECT ( @a OR 'b')) ) --
( (SELECT 1 OR ( 'b')) ) --
( (SELECT 1 OR 1) ) --
( (SELECT 1 OR COS ( 'b')) ) --
( (SELECT 1 OR @a) ) --
( (SELECT 1 LIMIT 1) ) --
( (SELECT COS ( 1 OR 'b')) ) --
( (SELECT COS ( ( SELECT 'b'))) ) --
( (SELECT COS ( 'a' OR 'b')) ) --
( (SELECT COS ( BINARY ( 'b'))) ) --
( (SELECT COS ( BINARY COS ( 'b'))) ) --
( (SELECT COS ( @a OR 'b')) ) --
( (SELECT 'a' OR ( 'b')) ) --
( (SELECT 'a' OR 1) ) --
( (SELECT 'a' OR COS ( 'b')) ) --
( (SELECT 'a' OR @a) ) --
( (SELECT 'a' LIMIT 1) ) --
( (SELECT BINARY ( 1)) ) --
( (SELECT BINARY ( SELECT 'b')) ) --
( (SELECT BINARY ( COS ( 'b'))) ) --
( (SELECT BINARY ( @a)) ) --
( (SELECT BINARY COS ( 1)) ) --
( (SELECT BINARY COS ( COS ( 'b'))) ) --
( (SELECT BINARY COS ( @a)) ) --
( (SELECT BINARY BINARY ( 'b')) ) --
( (SELECT BINARY BINARY COS ( 'b')) ) --
( (SELECT @a OR ( 'b')) ) --
( (SELECT @a OR 1) ) --
( (SELECT @a OR COS ( 'b')) ) --
( (SELECT @a OR @a) ) --
( (SELECT @a LIMIT 1) ) --
( COS ( 1 OR ( 'b')) ) --
( COS ( 1 OR 1) ) --
( COS ( 1 OR COS ( 'b')) ) --
( COS ( 1 OR @a) ) --
( COS ( COS ( ( SELECT 'b'))) ) --
( COS ( COS ( BINARY ( 'b'))) ) --
( COS ( 'a' OR ( 'b')) ) --
( COS ( 'a' OR 1) ) --
( COS ( 'a' OR COS ( 'b')) ) --
( COS ( 'a' OR @a) ) --
( COS ( BINARY ( 1)) ) --
( COS ( BINARY ( SELECT 'b')) ) --
( COS ( BINARY ( COS ( 'b'))) ) --
( COS ( BINARY ( @a)) ) --
( COS ( BINARY BINARY ( 'b')) ) --
( COS ( BINARY BINARY COS ( 'b')) ) --
( COS ( @a OR ( 'b')) ) --
( COS ( @a OR 1) ) --
( COS ( @a OR COS ( 'b')) ) --
( COS ( @a OR @a) ) --
( BINARY ( 1 OR 'b') ) --
( BINARY ( SELECT ( 'b')) ) --
( BINARY ( SELECT 1) ) --
( BINARY ( SELECT COS ( 'b')) ) --
( BINARY ( SELECT @a) ) --
( BINARY ( 'a' OR 'b') ) --
( BINARY ( BINARY COS ( 'b')) ) --
( BINARY ( @a OR 'b') ) --
( BINARY COS ( 1 OR 'b') ) --
( BINARY COS ( ( SELECT 'b')) ) --
( BINARY COS ( 'a' OR 'b') ) --
( BINARY COS ( BINARY ( 'b')) ) --
( BINARY COS ( BINARY COS ( 'b')) ) --
( BINARY COS ( @a OR 'b') ) --
( BINARY BINARY ( 1) ) --
( BINARY BINARY ( SELECT 'b') ) --
( BINARY BINARY ( COS ( 'b')) ) --
( BINARY BINARY ( @a) ) --
( BINARY BINARY COS ( 1) ) --
( BINARY BINARY COS ( COS ( 'b')) ) --
( BINARY BINARY COS ( @a) ) --
( BINARY BINARY BINARY ( 'b') ) --
( BINARY BINARY BINARY COS ( 'b') ) --
( @a in ( BINARY COS ( 'b')) ) --
( 1 OR ( BINARY ( 'b')) ) --
( 1 OR ( BINARY COS ( 'b')) ) --
( 1 OR COS ( BINARY ( 'b')) ) --
( 1 ) in ( BINARY ( 'b') ) --
( 1 in ( BINARY BINARY ( 'b')) ) --
( 1 * COS ( BINARY ( 'b')) ) --
( (SELECT ( 1 OR ( 'b'))) ) --
( (SELECT ( 1 OR 1)) ) --
( (SELECT ( 1 OR COS ( 'b'))) ) --
( (SELECT ( 1 OR @a)) ) --
( (SELECT ( SELECT 1 OR 'b')) ) --
( (SELECT ( SELECT 'a' OR 'b')) ) --
( (SELECT ( SELECT BINARY ( 'b'))) ) --
( (SELECT ( SELECT BINARY COS ( 'b'))) ) --
( (SELECT ( SELECT @a OR 'b')) ) --
( (SELECT ( COS ( ( SELECT 'b')))) ) --
( (SELECT ( COS ( BINARY ( 'b')))) ) --
( (SELECT ( 'a' OR ( 'b'))) ) --
( (SELECT ( 'a' OR 1)) ) --
( (SELECT ( 'a' OR COS ( 'b'))) ) --
( (SELECT ( 'a' OR @a)) ) --
( (SELECT ( BINARY ( 1))) ) --
( (SELECT ( BINARY ( SELECT 'b'))) ) --
( (SELECT ( BINARY ( COS ( 'b')))) ) --
( (SELECT ( BINARY ( @a))) ) --
( (SELECT ( BINARY BINARY ( 'b'))) ) --
( (SELECT ( BINARY BINARY COS ( 'b'))) ) --
( (SELECT ( @a OR ( 'b'))) ) --
( (SELECT ( @a OR 1)) ) --
( (SELECT ( @a OR COS ( 'b'))) ) --
( (SELECT ( @a OR @a)) ) --
( (SELECT 1 OR ( 1)) ) --
( (SELECT 1 OR ( COS ( 'b'))) ) --
( (SELECT 1 OR ( @a)) ) --
( (SELECT 1 OR 1 * 'b') ) --
( (SELECT 1 OR 'a' * 'b') ) --
( (SELECT 1 OR @a * 'b') ) --
( (SELECT 1 ) OR ( 'b') ) --
( (SELECT 1 ) OR COS ( 'b') ) --
( ( SELECT 1 ) OR 'b' ) --
( (SELECT 1 UNION ( SELECT 'b')) ) --
( (SELECT 1 in ( BINARY ( 'b'))) ) --
( (SELECT COS ( ( SELECT ( 'b')))) ) --
( (SELECT COS ( ( SELECT 1))) ) --
( (SELECT COS ( ( SELECT COS ( 'b')))) ) --
( (SELECT COS ( ( SELECT @a))) ) --
( (SELECT COS ( BINARY BINARY ( 'b'))) ) --
( (SELECT 'a' OR ( 1)) ) --
( (SELECT 'a' OR ( COS ( 'b'))) ) --
( (SELECT 'a' OR ( @a)) ) --
( (SELECT 'a' OR 1 * 'b') ) --
( (SELECT 'a' OR 'a' * 'b') ) --
( (SELECT 'a' OR @a * 'b') ) --
( (SELECT 'a' ) OR ( 'b') ) --
( (SELECT 'a' ) OR COS ( 'b') ) --
( ( SELECT 'a' ) OR 'b' ) --
( (SELECT 'a' UNION ( SELECT 'b')) ) --
( (SELECT 'a' in ( BINARY ( 'b'))) ) --
( (SELECT BINARY ( 1 OR 'b')) ) --
( (SELECT BINARY ( 1 * 'b')) ) --
( (SELECT BINARY ( SELECT ( 'b'))) ) --
( (SELECT BINARY ( SELECT 1)) ) --
( (SELECT BINARY ( SELECT COS ( 'b'))) ) --
( (SELECT BINARY ( SELECT @a)) ) --
( (SELECT BINARY ( 'a' OR 'b')) ) --
( (SELECT BINARY ( 'a' * 'b')) ) --
( (SELECT BINARY ( BINARY ( 'b'))) ) --
( (SELECT BINARY ( BINARY COS ( 'b'))) ) --
( (SELECT BINARY ( @a OR 'b')) ) --
( (SELECT BINARY ( @a * 'b')) ) --
( (SELECT BINARY COS ( ( SELECT 'b'))) ) --
( (SELECT BINARY COS ( BINARY ( 'b'))) ) --
( (SELECT BINARY BINARY ( 1)) ) --
( (SELECT BINARY BINARY ( SELECT 'b')) ) --
( (SELECT BINARY BINARY ( COS ( 'b'))) ) --
( (SELECT BINARY BINARY ( @a)) ) --
( (SELECT BINARY BINARY BINARY ( 'b')) ) --
( (SELECT BINARY BINARY BINARY COS ( 'b')) ) --
( (SELECT @a OR ( 1)) ) --
( (SELECT @a OR ( COS ( 'b'))) ) --
( (SELECT @a OR ( @a)) ) --
( (SELECT @a OR 1 * 'b') ) --
( (SELECT @a OR 'a' * 'b') ) --
( (SELECT @a OR @a * 'b') ) --
( (SELECT @a ) OR ( 'b') ) --
( (SELECT @a ) OR COS ( 'b') ) --
( ( SELECT @a ) OR 'b' ) --
( (SELECT @a UNION ( SELECT 'b')) ) --
( (SELECT @a in ( BINARY ( 'b'))) ) --
( COS ( ( SELECT ( SELECT 'b'))) ) --
( COS ( ( SELECT 1 OR 'b')) ) --
( COS ( ( SELECT 'a' OR 'b')) ) --
( COS ( ( SELECT BINARY ( 'b'))) ) --
( COS ( ( SELECT BINARY COS ( 'b'))) ) --
( COS ( ( SELECT @a OR 'b')) ) --
( COS ( BINARY ( BINARY ( 'b'))) ) --
( COS ( BINARY BINARY BINARY ( 'b')) ) --
( 'a' OR ( BINARY ( 'b')) ) --
( 'a' OR ( BINARY COS ( 'b')) ) --
( 'a' OR COS ( BINARY ( 'b')) ) --
( 'a' ) in ( BINARY ( 'b') ) --
( 'a' * COS ( BINARY ( 'b')) ) --
( BINARY ( 1 OR ( 'b')) ) --
( BINARY ( 1 OR 1) ) --
( BINARY ( 1 OR COS ( 'b')) ) --
( BINARY ( 1 OR @a) ) --
( BINARY ( 1 ) OR 'b' ) --
( BINARY ( SELECT ( 1)) ) --
( BINARY ( SELECT ( SELECT 'b')) ) --
( BINARY ( SELECT ( COS ( 'b'))) ) --
( BINARY ( SELECT ( @a)) ) --
( BINARY ( SELECT 1 OR 'b') ) --
( BINARY ( SELECT 1 * 'b') ) --
( BINARY ( SELECT 'a' OR 'b') ) --
( BINARY ( SELECT 'a' * 'b') ) --
( BINARY ( SELECT BINARY ( 'b')) ) --
( BINARY ( SELECT BINARY COS ( 'b')) ) --
( BINARY ( SELECT @a OR 'b') ) --
( BINARY ( SELECT @a * 'b') ) --
( BINARY ( COS ( ( SELECT 'b'))) ) --
( BINARY ( COS ( BINARY ( 'b'))) ) --
( BINARY ( 'a' OR ( 'b')) ) --
( BINARY ( 'a' OR 1) ) --
( BINARY ( 'a' OR COS ( 'b')) ) --
( BINARY ( 'a' OR @a) ) --
( BINARY ( 'a' ) OR 'b' ) --
( BINARY ( BINARY ( SELECT 'b')) ) --
( BINARY ( BINARY BINARY ( 'b')) ) --
( BINARY ( BINARY BINARY COS ( 'b')) ) --
( BINARY ( @a OR ( 'b')) ) --
( BINARY ( @a OR 1) ) --
( BINARY ( @a OR COS ( 'b')) ) --
( BINARY ( @a OR @a) ) --
( BINARY ( @a ) OR 'b' ) --
( BINARY COS ( ( SELECT ( 'b'))) ) --
( BINARY COS ( ( SELECT 1)) ) --
( BINARY COS ( ( SELECT COS ( 'b'))) ) --
( BINARY COS ( ( SELECT @a)) ) --
( BINARY COS ( BINARY BINARY ( 'b')) ) --
( BINARY BINARY ( 1 OR 'b') ) --
( BINARY BINARY ( 1 * 'b') ) --
( BINARY BINARY ( SELECT ( 'b')) ) --
( BINARY BINARY ( SELECT 1) ) --
( BINARY BINARY ( SELECT COS ( 'b')) ) --
( BINARY BINARY ( SELECT @a) ) --
( BINARY BINARY ( 'a' OR 'b') ) --
( BINARY BINARY ( 'a' * 'b') ) --
( BINARY BINARY ( BINARY ( 'b')) ) --
( BINARY BINARY ( BINARY COS ( 'b')) ) --
( BINARY BINARY ( @a OR 'b') ) --
( BINARY BINARY ( @a * 'b') ) --
( BINARY BINARY COS ( ( SELECT 'b')) ) --
( BINARY BINARY COS ( BINARY ( 'b')) ) --
( BINARY BINARY BINARY ( 1) ) --
( BINARY BINARY BINARY ( SELECT 'b') ) --
( BINARY BINARY BINARY ( COS ( 'b')) ) --
( BINARY BINARY BINARY ( @a) ) --
( BINARY BINARY BINARY BINARY ( 'b') ) --
( BINARY BINARY BINARY BINARY COS ( 'b') ) --
( @a OR ( BINARY ( 'b')) ) --
( @a OR ( BINARY COS ( 'b')) ) --
( @a OR COS ( BINARY ( 'b')) ) --
( @a ) in ( BINARY ( 'b') ) --
( @a in ( BINARY BINARY ( 'b')) ) --
( @a * COS ( BINARY ( 'b')) ) --
( 1 - (SELECT BINARY ( 1)) ) --
( 1 - BINARY ( SELECT 1) ) --
( 1 - BINARY COS ( ( 1)) ) --
( 1 - BINARY BINARY ( 1) ) --
( 1 - BINARY BINARY COS ( 1) ) --
( 1 - BINARY BINARY BINARY ( 'b') ) --
( 'a' or (SELECT BINARY ( 'b')) ) --
( 'a' or BINARY ( SELECT 'b') ) --
( 'a' or BINARY COS ( 1) ) --
( 'a' or BINARY BINARY ( 'b') ) --
( 'a' or BINARY BINARY COS ( 'b') ) --
( 1 IN (1) or (SELECT BINARY ( 'b')) ) --
( 1 IN (1) or BINARY ( SELECT 'b') ) --
( 1 IN (1) or BINARY COS ( 1) ) --
( 1 IN (1) or BINARY BINARY ( 'b') ) --
( 1 IN (1) or BINARY BINARY COS ( 'b') ) --
(select 1 from dual union select 1 limit 1) --
(select 1); (select 1); update users set password = 99
(select 1); select 1; update users set password = 99
select 1; (select 1); update users set password = 99
1; update users set password=1
( (SELECT 'b') ) ; UPDATE user set password = 99;
( (SELECT @a) ) ; UPDATE user set password = 99;

6
deps/src/ModSecurity/others/libinjection/data/sqli-github-110.txt vendored Normal file
View File

@@ -0,0 +1,6 @@
# https://github.com/client9/libinjection/issues/110
# lots of great details in this ticket HT: @lifeforms
id having (1 or 1)
id having (1 or true)
id having (true or 1)

4
deps/src/ModSecurity/others/libinjection/data/sqli-github-114.txt vendored Normal file
View File

@@ -0,0 +1,4 @@
# https://github.com/client9/libinjection/issues/114
# ht @sshayb
; if not((select serverproperty('isintegratedsecurityonly')) <> 1) waitfor delay '0:0:2

1
deps/src/ModSecurity/others/libinjection/data/sqli-github-123.txt vendored Normal file
View File

@@ -0,0 +1 @@
name=David' AND 2259=DBMS_UTILITY.SQLID_TO_SQLHASH((CHR(113)||CHR(113)||CHR(122)||CHR(112)||CHR(113)||(SELECT (CASE WHEN (2259=2259) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(112)||CHR(112)||CHR(118)||CHR(113))) AND 'XrMo' LIKE 'XrMo

11
deps/src/ModSecurity/others/libinjection/data/sqli-github-125.txt vendored Normal file
View File

@@ -0,0 +1,11 @@
# https://github.com/client9/libinjection/issues/125 HT @d0znpp
"-sqlite_version() UNION SELECT password FROM users- --
1337) INTO OUTFILE xxx--
123);DROP TABLE users--
) OR (SELECT password FROM users ...
# the following don't fit into the libinjection model and are
# best handled in another layer, at least for now.
#)-sleep(9999
#*/UNION SELECT password FROM users--

3
deps/src/ModSecurity/others/libinjection/data/sqli-github-modsec-782.txt vendored Normal file
View File

@@ -0,0 +1,3 @@
# https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/782
.1or-UTC_DATE--

265
deps/src/ModSecurity/others/libinjection/data/sqli-hackers.txt vendored Normal file
View File

@@ -0,0 +1,265 @@
1%20AND%20%28select%20DCount%28last%28username%29
1%29%20from%20users%20where%20username%3D%27ad1min%27%29
%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20substr%28id%2C%40a%2C%40v%29%20from%20users%20limit%201%2C1%29
%28select%20substr%20%28id%2C%40a%2C%40v%29%20from%20users%20limit%201%2C1%29
%28select%20login/2%20from%20users%20limit%201%2C1%29
%28select%20login/2%20%0D%0A%0D%0Afrom%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20substr%0D%0A%28login%0D%0A%0D%0A%29%0D%0Afrom%20users%20limit%201%2C1%29
union%20%28select%20id%20from%20users%20limit%201%2C1%29
0x00%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
0x30%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
0x3%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-0union%20%28select%20id%20from%20users%20limit%201%2C1%29
-union%20%28select%20id%20from%20users%20limit%201%2C1%29
-.1union%20%28select%20id%20from%20users%20limit%201%2C1%29
-.1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-.1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20table_name%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
%28select%20substr%0D%0A%28login%0D%0A%2C1%0D%0A%2C%0D%0A2%0D%0A%29%0D%0Afrom%20users%20limit%201%2C1%29
%28select%20substr%0D%0A%28login%0D%0A%2C1%0D%0A%2C%0D%0A2%0D%0A%29%0D%0Afrom%20users%20limit%201%2C1%29
%28select%20substr%0D%0A%28login%0D%0A%29%0D%0Afrom%20users%20limit%201%2C1%29
%28select%20substr%0D%0A%28login%0D%0A%2C%0D%0A%0D%0A1%0D%0A%0D%0A%2C%0D%0A%0D%0A%0D%0A%0D%0A%0D%0A%0D%0A1%0D%0A%29%0D%0Afrom%20users%20limit%201%2C1%29
%28select%20substr%0D%0A%28login%0D%0A%2C
%28select%20substr%28login%0D%0A%29
%28select%20substr%28login%29
%28select%20substr%28login%29%0D%0Afrom%20users%20limit%201%2C1%29
##%28select%20asd%28login%29%0D%0Afrom%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
/%2A%20BAR%20%2A/%20UNION%20ALL%20SELECT%20%282%2C3%2C4%29
-999.9%27%20UNION%20ALL%20SELECT%200x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%20and%20%27x%27%3D%27x
-999.9%27%20UNION%20ALL%20SELECT%200x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%20and%20%27x%27%3D%27x
-999.9%27%20UNION%20ALL%20SELECT%200x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%20and%20%27x%27%3D%27x
-999.9%27%20UNION%20ALL%20SELECT%200x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%20and%20%27x%27%3D%27x
-999.9%27%20UNION%20ALL%20SELECT%200x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%20and%20%27x%27%3D%27x
-999.9%27%20UNION%20ALL%20SELECT%200x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%20and%20%27x%27%3D%27x
-999.9%27%20UNION%20ALL%20SELECT%200x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%20and%20%27x%27%3D%27x
-999.9%27%20UNION%20ALL%20SELECT%200x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%20and%20%27x%27%3D%27x
%27%20or%201%3D1%20or%20%27
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
0x1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%27foo%27%20%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
oo%27%20%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
a%0D%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
id%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
xxx%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
xxx%20union%20%28select%201%20from%20users%20limit%201%2C1%29
xxx%20union%20%28select%20xxx%20from%20users%20limit%201%2C1%29
oo%27%20%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
xxx%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%27s%27%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%27s%27%20union%20%28select%201%20from%20users%20limit%201%2C1%29
%28select%20id%20from%20users%20limit%201%2C1%29
1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1a%27%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1a%22%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1a%27%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1a%22%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1a%27%22%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1a%23%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23a%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23aaaaa%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%231aaaaa%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%231a%23%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23%231a%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23--1a%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23--%20-1a%0A%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%27s%27%20union%20%28select%201%20from%20users%20limit%201%2C1%29
xxx%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%27s%27%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
%27s%27%20union%20%28select%201%20from%20users%20limit%201%2C1%29
-1%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23%20union%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23%20union%0Aunion%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20union%23%20union%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20union
-1%20union%23%20union%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23union%23%20union%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%23%0Aunion%23%20union%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20%23union%0A%23%20union%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20%23feafafeas%0A%23%20union%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20%23feafafeas%0Aunion%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20--eafafeas%0Aunion%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20--eafafeas%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20--%0A%20%28select%20id%20from%20users%20limit%201%2C1%29
-1%20--%0A%20union%28%20select%20id%20from%20users%20limit%201%2C1%29
-1%20--%0A%20%28union%28%20select%20id%20from%20users%20limit%201%2C1%29%29
-1--%0A%20%28union%28%20select%20id%20from%20users%20limit%201%2C1%29%29
-1--%0A%20%28union%28%20select%20table_name%20from%20users%20limit%201%2C1%29%29
-1--%0A%20%28union%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29
-1--%0A%20union%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29
-1--%0A%20union%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%20all%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%20%23%28%0A%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%20%23%28%23%0A%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%20select%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%0Cselect%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%0C%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%0C-%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%20%23%28%0A%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0A%20union%28%20select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0D%0A%20union%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0D%0A%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
-1--%0D%0A%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1--%0D%0A%20union%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29
-1--%0D%0A%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
%27-%40%D1%84%D1%84%D1%841-%40a%20union%20select%20us3rs%20from%20table1
%27union%20select%20us3rs%20from%20table1
%27-%40aa1-%40a%20union%20select%20us3rs%20from%20table1
%27-%40%D1%84%D1%84%D1%841-%40a%20union%20select%20us3rs%20from%20table1
%27-%40UNION1-%40a%20union%20select%20us3rs%20from%20table1
%27-%40%D1%841-%40%D0%B0%20union%20select%20us3rs%20from%20table1
%27-%40%D1%841%20union%20select%20us3rs%20from%20table1
%27-%40a1%20union%20select%20us3rs%20from%20table1
%27-%40%D1%841%20union%20select%20us3rs%20from%20table1
%27-%40%D1%841-%40a%20union%20select%20us3rs%20from%20table1
%27-%40a2-%40a3%5E%40a3%20union%20select%20us3rs%20from%20table1
%27-%40a2-%40a3%5E%40a3-%40a5%20union%20select%20us3rs%20from%20table1
%27-%40a2%5E%40a3%5E%40a3-%40a5%20union%20select%20us3rs%20from%20table1
%27-%40%D1%841%20union%20select%20us3rs%20from%20table1
%27-%401%20union%20select%20us3rs%20from%20table1
%27-%401%20union%20select%20us3rs%20from%20table1
%27-%40%D1%841%20union%20select%20us3rs%20from%20table1
-1%20union%28%28%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1%20union%28%28%28select-table_name%20from%20information_schema.tables%20limit%201%2C1%29%29%29
%27-%40%D1%841%20union%20select%20us3rs%20from%20table1
-1%20union%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29
-1%20union%28%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29
-1%20union%28%28%28%28%28%28%28%28%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1%20union%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%28%28%28%28%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%28%28%28%28%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
%27-%40a1%20union%20select%20us3rs%20from%20table1
-1%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%28%28%28%28%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%23%0D%0A%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%23fdafdsa%0D%0A%28select%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
#-1%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%23fdafdsa%0D%0A%28select%23%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
#-1%23%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%23fdafdsa%0D%0A%28select%23%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
#-1%23%0D%0A%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%23fdafdsa%0D%0A%28select%23%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
#-1%23%0D%0A%23%20union%20%20%20%0D%0A%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%23fdafdsa%0D%0A%28select%23%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
#-1%23%0D%0A%23%20union%20%20%20%0D%0Aun%0D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%28%28%28%28%20%28%28%28%28%20%20%20%20%20%20%20%20%20%20%20%28%28%23fdafdsa%0D%0A%28select%23%28table_name%29%20from%20information_schema.tables%20limit%201%2C1%29%29%29%29%29%29%29%29%29%29%29
-1%23%0D%0A%0D%0Aunion
-1%23%0D%0A%0D%0Aunion%20%23
-1%23%0D%0A%0D%0Aunion%20%23%0D%0A%23
-1%23%0D%0Aunion%20%23%0D%0A%23
-1%23union%20%23%0D%0Aunion
-1%23union%20%23%23%0D%0Aunion
-1%23union%20%23%23%0D%0A--%0D%0Aunion
#-1%23union%20%23%23%0D%0A---%0D%0Aunion
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%0D%0Aunion
-1%23unn%20%23%23%0D%0A--%0D%0A--%0D%0A%0D%0Aunion
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%0D%0Aunion
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%0D%0Aunion%0D%0A%23
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%0D%0Aunion%0D%0A%23rfae%0D%0A%23%23
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%0D%0Aunion%0D%0A%23rfae%0D%0A%23%23union
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%23%0D%0Aunion%0D%0A%23rfae%0D%0A%23%23union
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%23%0D%0Aunion%23%0D%0A%23rfae%0D%0A%23%23union
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%23%0D%0Aunion%23--%0D%0A%23rfae%0D%0A%23%23union
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%23--%0D%0Aunion%23--%0D%0A%23rfae%0D%0A%23%23union
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%23/--%0D%0Aunion%23--%0D%0A%23rfae%0D%0A%23%23union
-1%23union%20%23%23%0D%0A--%0D%0A--%0D%0A%23/--%0D%0A/%2A%2A/union%23--%0D%0A%23rfae%0D%0A%23%23union
-1%23union%20%23%23%0D%0A%23/%0D%0A/%2A%2A/union%23--
-1%23union%20%23%23%0D%0A/1/%2A%2A/union%23--
-11/1/%2A%2A/union%23--
-1%0D%0A/1/%2A%2A/union%23--
-1/1/%2A%2A/union%23--
1/1/%2A%2A/union%23--
-11/1/%2A%2A/union%23--
-1%0D%0A/1/%2A%2A/union
-1%0D%0A/1/%2A%2A/union
-1%0D%0A/1/%2A%2A/union%23
-1%0D%0A/1/%2A%2A/union%23--
-1%0D%0A/1/%2A%2A/union
1/1/%2A%2A/union
%0D%0A1/1/%2A%2A/union
0-%0D%0A1/1/%2A%2A/union
0x1-%0D%0A1/1/%2A%2A/union
0x1%20-%0D%0A1/1/%2A%2A/union
test%27-%0D%0A1/1/%2A%2A/union%20select
test%27-%0D%0A1/1/%2A%2A/union%28select
test%27-%0D%0A1/1/%2A%2A/union%28select%20table%29
test%27-%0D%0A1/1/%2A%2A/union%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
test%27-%0D%0A1/1/%2A%2A/union%28select%20table%29
test%27-%0D%0A1/1/%2A%2A/union%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
test%27-1/1/%2A%2A/union%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
test%27-%0D%0A1/1/%2A%2A/union%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
test%27-%20%40version%20union%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
1-%20%40version%20union%28select%20table_name%20from%20information_schema.tables%20limit%201%2C1%29
0/%2A%2A/union/%2A%2150000select%2A/table_name%60foo%60/%2A%2A/
0/%2A%2A/union/%2A%2150000select%2A/table_name%60foo%60/%2A%2A/
0-select/%2A%211%20union%20select%20version%28%29%2A/from%20test%3B
%27select/%2A%211%20union%20select%20version%28%29%2A/from%20test%3B
%27-select/%2A%211%20union%20select%20version%28%29%2A/from%20test%3B
-1.select/%2A%211%20union%20select%20version%28%29%2A/from%20test%3B
0/%2A%2A/union/%2A%2150000select%2A/table_name%60foo%60/%2A%2A/
select%20load_file%28%27/asd/asd%27%29
select%20load_file%28%27/asd/asd%27%29
select%20load_file%28%27/asd/asd%27%29
%27%20into%20outfile%20%27/var/www/aa.php
%27%20into%20outfile%20%27/var/www/aa.php
%27%20into%20outfile%20%27/var/www/aa.php%27--
%27%20into%20outfile%20%27/var/www/aa.php%27--a-
%27%20into%20outfile%20%27/var/www/aa.php%27--a-
%27%20into%20outfile%20%27/var/www/aa.php%27%23
%27%20into%20outfile%20%0D%0A%27/var/www/aa.php%27
select%20load_file%28%27/asd/asd%27%29
1%20into%20outfile%20%27asd%27%0D%0A
1%20into%20outfile%20%27asd%27%0D%0A
%27%20into%20outfile%20%27/var/www/aa.php
%27%20into%20outfile%20%27/var/www/aa.php%27--a-
1%20into%20outfile%20%27asd%27%0D%0A
%40%D1%841%D1%841%D1%841%D1%841%D1%841%D1%841%D1%841%20%20union%20select%20
%27%20into%20outfile%20%27/var/www/aa.php
%27%20into%20outfile%20%27/var/www/aa.php%27--a-
1%20into%20outfile%20%27asd%27%0D%0A
%40%D1%841%D1%841%D1%841%D1%841%D1%841%D1%841%D1%841%20%20union%20select%20
%27-%40%D1%841%20union%20select%20us3rs%20from%20table1
%40%D1%841%D1%841%D1%841%D1%841%D1%841%D1%841%D1%841%20%20union%20select%20a%20from%20b
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
1a%20union%20%28select%20id%20from%20users%20limit%201%2C1%29
union%20%28select%20id%20from%20users%20limit%201%2C1%29
1%20into%20outfile%20%27asd%27%0D%0A
%27%20into%20outfile%20%27/var/www/aa.php%27--a-
%27union%20select%20
%27union%20select
%22union%20select
1%20union%20select
%40a%20union%20select

Some files were not shown because too many files have changed in this diff Show More