NotificationsYou must be signed in to change notification settings
Fork0
Star0

Commitb304ab1

Felipe Zimmerle

committed

Improves SecRemoteRules messages on IIS

IIS was not displaying correctly the error messages and the amount ofloaded rules while the operator SecRemoteRules was used.

1 parentf7c7a30 commitb304ab1Copy full SHA for b304ab1

File tree

5 files changed

+46

-13

lines changed

5 files changed

+46

-13

lines changed

`‎apache2/mod_security2.c‎`

Lines changed: 4 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -752,7 +752,7 @@ static int hook_post_config(apr_pool_t mp, apr_pool_t mp_log, apr_pool_t *mp_t`
`752`	`752`	`real_server_signature);`
`753`	`753`	`}`
`754`	`754`
`755`		`-#ifndefWIN32`
	`755`	`+#ifndefVERSION_IIS`
`756`	`756`	`if (status_engine_state!=STATUS_ENGINE_DISABLED) {`
`757`	`757`	`msc_status_engine_call();`
`758`	`758`	`}`
`@@ -767,18 +767,12 @@ static int hook_post_config(apr_pool_t mp, apr_pool_t mp_log, apr_pool_t *mp_t`
`767`	`767`	`/**`
`768`	`768`	`* Checking if it is not the first time that we are in this very function.`
`769`	`769`	`* We want to show the messages below during the start and the reload.`
`770`		`- *`
`771`		`- * Turns out that IIS version does not hit it twice, thus, we have to show`
`772`		`- * the message in the first (and unique) opportunity.`
`773`	`770`	`*/`
`774`		`-#ifdefVERSION_IIS`
`775`		`-if (first_time==1)`
`776`		`- {`
`777`		`-#else`
	`771`	`+#ifndefVERSION_IIS`
`778`	`772`	`if (first_time!=1)`
`779`	`773`	`{`
`780`		`-#endif`
`781`	`774`	`#ifdefWITH_REMOTE_RULES`
	`775`	`+`
`782`	`776`	`if (remote_rules_server!=NULL)`
`783`	`777`	`{`
`784`	`778`	`if (remote_rules_server->amount_of_rules==1)`
`@@ -804,6 +798,7 @@ static int hook_post_config(apr_pool_t mp, apr_pool_t mp_log, apr_pool_t *mp_t`
`804`	`798`	`remote_rules_fail_message);`
`805`	`799`	`}`
`806`	`800`	`}`
	`801`	`+#endif`
`807`	`802`
`808`	`803`	`srand((unsignedint)(time(NULL)*getpid()));`
`809`	`804`

`‎iis/mymodule.cpp‎`

Lines changed: 8 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -797,8 +797,12 @@ CMyHttpModule::OnBeginRequest(`
`797`	`797`	`goto Finished;`
`798`	`798`	`}`
`799`	`799`
`800`		`-modsecStatusEngineCall();`
`801`		`-`
	`800`	`+modsecReportRemoteLoadedRules();`
	`801`	`+if (this->status_call_already_sent ==false)`
	`802`	`+{`
	`803`	`+this->status_call_already_sent =true;`
	`804`	`+modsecStatusEngineCall();`
	`805`	`+}`
`802`	`806`	`}`
`803`	`807`	`delete apppath;`
`804`	`808`	`}`
`@@ -1254,6 +1258,8 @@ CMyHttpModule::CMyHttpModule()`
`1254`	`1258`	`GetSystemInfo(&sysInfo);`
`1255`	`1259`	`m_dwPageSize = sysInfo.dwPageSize;`
`1256`	`1260`
	`1261`	`+this->status_call_already_sent =false;`
	`1262`	`+`
`1257`	`1263`	`InitializeCriticalSection(&m_csLock);`
`1258`	`1264`
`1259`	`1265`	`modsecSetLogHook(this, Log);`

`‎iis/mymodule.h‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -52,6 +52,7 @@ class CMyHttpModule : public CHttpModule`
`52`	`52`	`voidDispose();`
`53`	`53`
`54`	`54`	`BOOLWriteEventViewerLog(LPCSTR szNotification, WORD category = EVENTLOG_INFORMATION_TYPE);`
	`55`	`+ BOOL status_call_already_sent;`
`55`	`56`	`};`
`56`	`57`
`57`	`58`	`#endif`

`‎standalone/api.c‎`

Lines changed: 31 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -705,7 +705,7 @@ const char *modsecIsServerSignatureAvailale(void) {`
`705`	`705`	`returnnew_server_signature;`
`706`	`706`	`}`
`707`	`707`
`708`		`-#ifdefWIN32`
	`708`	`+#ifdefVERSION_IIS`
`709`	`709`	`voidmodsecStatusEngineCall()`
`710`	`710`	`{`
`711`	`711`	`if (status_engine_state!=STATUS_ENGINE_DISABLED) {`
`@@ -717,4 +717,34 @@ void modsecStatusEngineCall()`
`717`	`717`	`"SecStatusEngine to On.\n");`
`718`	`718`	`}`
`719`	`719`	`}`
	`720`	`+`
	`721`	`+voidmodsecReportRemoteLoadedRules()`
	`722`	`+{`
	`723`	`+#ifdefWITH_REMOTE_RULES`
	`724`	`+if (remote_rules_server!=NULL)`
	`725`	`+ {`
	`726`	`+if (remote_rules_server->amount_of_rules==1)`
	`727`	`+ {`
	`728`	`+ap_log_error(APLOG_MARK,APLOG_NOTICE,0,NULL,`
	`729`	`+"ModSecurity: Loaded %d rule from: '%s'.",`
	`730`	`+remote_rules_server->amount_of_rules,`
	`731`	`+remote_rules_server->uri);`
	`732`	`+ }`
	`733`	`+else`
	`734`	`+ {`
	`735`	`+ap_log_error(APLOG_MARK,APLOG_NOTICE,0,NULL,`
	`736`	`+"ModSecurity: Loaded %d rules from: '%s'.",`
	`737`	`+remote_rules_server->amount_of_rules,`
	`738`	`+remote_rules_server->uri);`
	`739`	`+ }`
	`740`	`+ }`
	`741`	`+#endif`
	`742`	`+if (remote_rules_fail_message!=NULL)`
	`743`	`+ {`
	`744`	`+ap_log_error(APLOG_MARK,APLOG_NOTICE,0,NULL,"ModSecurity: " \`
	`745`	`+"Problems loading external resources: %s",`
	`746`	`+remote_rules_fail_message);`
	`747`	`+ }`
	`748`	`+`
	`749`	`+}`
`720`	`750`	`#endif`

`‎standalone/api.h‎`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -119,8 +119,9 @@ void modsecSetConfigForIISRequestBody(request_rec *r);`
`119`	`119`
`120`	`120`	`constchar*modsecIsServerSignatureAvailale(void);`
`121`	`121`
`122`		`-#ifdefWIN32`
	`122`	`+#ifdefVERSION_IIS`
`123`	`123`	`voidmodsecStatusEngineCall(void);`
	`124`	`+voidmodsecReportRemoteLoadedRules(void);`
`124`	`125`	`#endif`
`125`	`126`
`126`	`127`	`#ifdef__cplusplus`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitb304ab1

File tree

5 files changed

5 files changed

`‎apache2/mod_security2.c‎`

`‎iis/mymodule.cpp‎`

`‎iis/mymodule.h‎`

`‎standalone/api.c‎`

`‎standalone/api.h‎`

0 commit comments