Blame ext/mod_reqbody_example.c

Packit Service 384592
/*
Packit Service 384592
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
Packit Service 384592
* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
Packit Service 384592
*
Packit Service 384592
* You may not use this file except in compliance with
Packit Service 384592
* the License.  You may obtain a copy of the License at
Packit Service 384592
*
Packit Service 384592
*     http://www.apache.org/licenses/LICENSE-2.0
Packit Service 384592
*
Packit Service 384592
* If any of the files related to licensing are missing or if you have any
Packit Service 384592
* other questions related to licensing please contact Trustwave Holdings, Inc.
Packit Service 384592
* directly using the email address security@modsecurity.org.
Packit Service 384592
*/
Packit Service 384592
Packit Service 384592
/* This is just an example on how to make an extension to allow custom
Packit Service 384592
 * request body parsing.  This just describes how to do this externally
Packit Service 384592
 * and you should look more at on e of the internal parsers to see
Packit Service 384592
 * the full potential.
Packit Service 384592
 *
Packit Service 384592
 * This module defines "EXAMPLE" and can be enabled with a rule like this:
Packit Service 384592
 *
Packit Service 384592
 *   SecAction "phase:1,pass,nolog,ctl:requestBodyProcessor=EXAMPLE"
Packit Service 384592
 *
Packit Service 384592
 * See these for real parsers:
Packit Service 384592
 *   msc_reqbody.c
Packit Service 384592
 *   msc_multipart.c
Packit Service 384592
 *   msc_xml.c 
Packit Service 384592
 */
Packit Service 384592
Packit Service 384592
#include "httpd.h"
Packit Service 384592
#include "http_core.h"
Packit Service 384592
#include "http_config.h"
Packit Service 384592
#include "http_log.h"
Packit Service 384592
#include "http_protocol.h"
Packit Service 384592
#include "ap_config.h"
Packit Service 384592
#include "apr_optional.h"
Packit Service 384592
Packit Service 384592
#include "modsecurity.h"
Packit Service 384592
Packit Service 384592
typedef struct example_ctx {
Packit Service 384592
    unsigned long    length;
Packit Service 384592
} example_ctx;
Packit Service 384592
Packit Service 384592
/**
Packit Service 384592
 * This function will be invoked to initialize the processor.  This is
Packit Service 384592
 * probably only needed for streaming parsers that must create a context.
Packit Service 384592
 */
Packit Service 384592
static int example_init(modsec_rec *msr, char **error_msg)
Packit Service 384592
{
Packit Service 384592
    if (error_msg == NULL) return -1;
Packit Service 384592
    *error_msg = NULL;
Packit Service 384592
Packit Service 384592
    ap_log_error(APLOG_MARK, APLOG_INFO | APLOG_NOERRNO, 0, NULL,
Packit Service 384592
        "mod_reqbody_example: init()");
Packit Service 384592
Packit Service 384592
    msr->reqbody_processor_ctx = apr_pcalloc(msr->mp, sizeof(example_ctx));
Packit Service 384592
    if (msr->reqbody_processor_ctx == NULL) {
Packit Service 384592
        /* Set error message and return -1 if unsuccessful */
Packit Service 384592
        *error_msg = apr_pstrdup(msr->mp, "failed to create example requbody processor context");
Packit Service 384592
        return -1;
Packit Service 384592
    }
Packit Service 384592
Packit Service 384592
    /* Return 1 on success */
Packit Service 384592
    return 1;
Packit Service 384592
}
Packit Service 384592
Packit Service 384592
/**
Packit Service 384592
 * This function will be invoked whenever the ModSecurity has data to
Packit Service 384592
 * be processed.  You probably at least need to increment the no_files
Packit Service 384592
 * length, but otherwise this is only useful for a streaming parser.
Packit Service 384592
 */
Packit Service 384592
static int example_process(modsec_rec *msr,
Packit Service 384592
                           const char *buf, unsigned int size, char **error_msg)
Packit Service 384592
{
Packit Service 384592
    example_ctx *ctx = (example_ctx *)msr->reqbody_processor_ctx;
Packit Service 384592
Packit Service 384592
    if (error_msg == NULL) return -1;
Packit Service 384592
    *error_msg = NULL;
Packit Service 384592
Packit Service 384592
    ap_log_error(APLOG_MARK, APLOG_INFO | APLOG_NOERRNO, 0, NULL,
Packit Service 384592
        "mod_reqbody_example: process()");
Packit Service 384592
Packit Service 384592
    /* Need to increment the no_files length if this is not an uploaded file.
Packit Service 384592
     * Failing to do this will mess up some other limit checks.
Packit Service 384592
     */
Packit Service 384592
    msr->msc_reqbody_no_files_length += size;
Packit Service 384592
Packit Service 384592
    /* Check for an existing context and do something interesting
Packit Service 384592
     * with the chunk of data we have been given.
Packit Service 384592
     */
Packit Service 384592
    if (ctx != NULL) {
Packit Service 384592
        ctx->length += size;
Packit Service 384592
    }
Packit Service 384592
Packit Service 384592
    /* Return 1 on success */
Packit Service 384592
    return 1;
Packit Service 384592
}
Packit Service 384592
Packit Service 384592
/**
Packit Service 384592
 * This function is called to signal the parser that the request body is
Packit Service 384592
 * complete. Here you should do any final parsing.  For non-streaming parsers
Packit Service 384592
 * you can parse the data in msr->msc_reqbody_buffer of length
Packit Service 384592
 * msr->msc_reqbody_length.  See modsecurity_request_body_end_urlencoded() in
Packit Service 384592
 * msc_reqbody.c for an example of this.
Packit Service 384592
 */
Packit Service 384592
static int example_complete(modsec_rec *msr, char **error_msg)
Packit Service 384592
{
Packit Service 384592
    example_ctx *ctx = (example_ctx *)msr->reqbody_processor_ctx;
Packit Service 384592
Packit Service 384592
    if (error_msg == NULL) return -1;
Packit Service 384592
    *error_msg = NULL;
Packit Service 384592
Packit Service 384592
    ap_log_error(APLOG_MARK, APLOG_INFO | APLOG_NOERRNO, 0, NULL,
Packit Service 384592
        "mod_reqbody_example: complete()");
Packit Service 384592
Packit Service 384592
    ap_log_error(APLOG_MARK, APLOG_INFO | APLOG_NOERRNO, 0, NULL,
Packit Service 384592
        "mod_reqbody_example: request body length=%lu", ctx->length);
Packit Service 384592
Packit Service 384592
    /* Return 1 on success */
Packit Service 384592
    return 1;
Packit Service 384592
}
Packit Service 384592
Packit Service 384592
static int hook_pre_config(apr_pool_t *mp, apr_pool_t *mp_log, apr_pool_t *mp_temp) {
Packit Service 384592
    
Packit Service 384592
    void (*fn)(const char *name,
Packit Service 384592
               void *fn_init, void *fn_process, void *fn_complete);
Packit Service 384592
Packit Service 384592
    /* Look for the registration function exported by ModSecurity. */
Packit Service 384592
    fn = APR_RETRIEVE_OPTIONAL_FN(modsec_register_reqbody_processor);
Packit Service 384592
    if (fn) {
Packit Service 384592
        /* Use it to register our new request body parser functions under
Packit Service 384592
         * the name "EXAMPLE".
Packit Service 384592
         */
Packit Service 384592
        fn("EXAMPLE",
Packit Service 384592
           (void *)example_init,
Packit Service 384592
           (void *)example_process,
Packit Service 384592
           (void *)example_complete);
Packit Service 384592
    }
Packit Service 384592
    else {
Packit Service 384592
        ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, NULL,
Packit Service 384592
            "mod_reqbody_example: Unable to find modsec_register_reqbody_processor.");
Packit Service 384592
    }
Packit Service 384592
Packit Service 384592
    return OK;
Packit Service 384592
}
Packit Service 384592
Packit Service 384592
/* This is a function to register another function to be called during
Packit Service 384592
 * the Apache configuration process.
Packit Service 384592
 */
Packit Service 384592
static void register_hooks(apr_pool_t *p) {
Packit Service 384592
    ap_hook_pre_config(hook_pre_config, NULL, NULL, APR_HOOK_LAST);
Packit Service 384592
}
Packit Service 384592
Packit Service 384592
/* Dispatch list for API hooks */
Packit Service 384592
module AP_MODULE_DECLARE_DATA reqbody_example_module = {
Packit Service 384592
    STANDARD20_MODULE_STUFF, 
Packit Service 384592
    NULL,                  /* create per-dir    config structures */
Packit Service 384592
    NULL,                  /* merge  per-dir    config structures */
Packit Service 384592
    NULL,                  /* create per-server config structures */
Packit Service 384592
    NULL,                  /* merge  per-server config structures */
Packit Service 384592
    NULL,                  /* table of config file commands       */
Packit Service 384592
    register_hooks         /* register hooks                      */
Packit Service 384592
};
Packit Service 384592