1 /* 2 * ModSecurity for Apache 2.x, http://www.modsecurity.org/ 3 * Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/) 4 * 5 * You may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * If any of the files related to licensing are missing or if you have any 11 * other questions related to licensing please contact Trustwave Holdings, Inc. 12 * directly using the email address security@modsecurity.org. 13 */ 14 15 #ifndef _MODSECURITY_H_ 16 #define _MODSECURITY_H_ 17 18 #include <stdio.h> 19 #include <stdlib.h> 20 21 #include <limits.h> 22 #include <libxml/tree.h> 23 #include <libxml/HTMLparser.h> 24 25 typedef struct rule_exception rule_exception; 26 typedef struct rule_exception hash_method; 27 typedef struct modsec_rec modsec_rec; 28 typedef struct directory_config directory_config; 29 typedef struct error_message_t error_message_t; 30 typedef struct msc_engine msc_engine; 31 typedef struct msc_data_chunk msc_data_chunk; 32 typedef struct msc_arg msc_arg; 33 typedef struct msc_string msc_string; 34 typedef struct msc_parm msc_parm; 35 36 #include "msc_release.h" 37 #include "msc_logging.h" 38 #include "msc_multipart.h" 39 #include "msc_pcre.h" 40 #include "msc_util.h" 41 #include "msc_json.h" 42 #include "msc_xml.h" 43 #include "msc_tree.h" 44 #include "msc_geo.h" 45 #include "msc_gsb.h" 46 #include "msc_unicode.h" 47 #include "re.h" 48 #include "msc_crypt.h" 49 #include "msc_remote_rules.h" 50 51 #include "ap_config.h" 52 #include "apr_md5.h" 53 #include "apr_strings.h" 54 #include "apr_hash.h" 55 #include "httpd.h" 56 #include "http_config.h" 57 #include "http_log.h" 58 #include "http_protocol.h" 59 60 #if defined(WITH_LUA) 61 #include "msc_lua.h" 62 #endif 63 64 #define PHASE_REQUEST_HEADERS 1 65 #define PHASE_REQUEST_BODY 2 66 #define PHASE_RESPONSE_HEADERS 3 67 #define PHASE_RESPONSE_BODY 4 68 #define PHASE_LOGGING 5 69 #define PHASE_FIRST PHASE_REQUEST_HEADERS 70 #define PHASE_LAST PHASE_LOGGING 71 72 #define NOT_SET -1l 73 #define NOT_SET_P ((void *)-1l) 74 75 #define CREATEMODE ( APR_UREAD | APR_UWRITE | APR_GREAD ) 76 #define CREATEMODE_DIR ( APR_UREAD | APR_UWRITE | APR_UEXECUTE | APR_GREAD | APR_GEXECUTE ) 77 78 #if defined(NETWARE) 79 #define CREATEMODE_UNISTD ( S_IREAD | S_IWRITE ) 80 #elif defined(WIN32) 81 #define CREATEMODE_UNISTD ( _S_IREAD | _S_IWRITE ) 82 #else 83 #define CREATEMODE_UNISTD ( S_IRUSR | S_IWUSR | S_IRGRP ) 84 #endif 85 86 #if !defined(O_BINARY) 87 #define O_BINARY (0) 88 #endif 89 90 #ifndef PIPE_BUF 91 #define PIPE_BUF (512) 92 #endif 93 94 #define REQUEST_BODY_HARD_LIMIT 1073741824L 95 #define REQUEST_BODY_DEFAULT_INMEMORY_LIMIT 131072 96 #define REQUEST_BODY_DEFAULT_LIMIT 134217728 97 #define REQUEST_BODY_NO_FILES_DEFAULT_LIMIT 1048576 98 #define RESPONSE_BODY_DEFAULT_LIMIT 524288 99 #define RESPONSE_BODY_HARD_LIMIT 1073741824L 100 101 #define RESPONSE_BODY_LIMIT_ACTION_REJECT 0 102 #define RESPONSE_BODY_LIMIT_ACTION_PARTIAL 1 103 104 #define REQUEST_BODY_FORCEBUF_OFF 0 105 #define REQUEST_BODY_FORCEBUF_ON 1 106 107 #define REQUEST_BODY_LIMIT_ACTION_REJECT 0 108 #define REQUEST_BODY_LIMIT_ACTION_PARTIAL 1 109 110 #define SECACTION_TARGETS "REMOTE_ADDR" 111 #define SECACTION_ARGS "@unconditionalMatch" 112 113 #define SECMARKER_TARGETS "REMOTE_ADDR" 114 #define SECMARKER_ARGS "@noMatch" 115 #define SECMARKER_BASE_ACTIONS "t:none,pass,marker:" 116 117 #if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE) 118 #include "unixd.h" 119 #define __SET_MUTEX_PERMS 120 #endif 121 122 #define COOKIES_V0 0 123 #define COOKIES_V1 1 124 125 #ifdef WIN32 126 #include <direct.h> 127 #else 128 #include <sys/types.h> 129 #include <unistd.h> 130 #endif 131 132 #define NOTE_MSR "modsecurity-tx-context" 133 134 #define FATAL_ERROR "ModSecurity: Fatal error (memory allocation or unexpected internal error)!" 135 136 extern DSOLOCAL char *new_server_signature; 137 extern DSOLOCAL char *real_server_signature; 138 extern DSOLOCAL char *chroot_dir; 139 140 extern module AP_MODULE_DECLARE_DATA security2_module; 141 142 extern DSOLOCAL const command_rec module_directives[]; 143 144 extern DSOLOCAL unsigned long int msc_pcre_match_limit; 145 146 extern DSOLOCAL unsigned long int msc_pcre_match_limit_recursion; 147 148 #ifdef WITH_REMOTE_RULES 149 extern DSOLOCAL msc_remote_rules_server *remote_rules_server; 150 #endif 151 extern DSOLOCAL int remote_rules_fail_action; 152 extern DSOLOCAL char *remote_rules_fail_message; 153 154 extern DSOLOCAL int status_engine_state; 155 156 extern DSOLOCAL int conn_limits_filter_state; 157 158 extern DSOLOCAL unsigned long int conn_read_state_limit; 159 extern DSOLOCAL TreeRoot *conn_read_state_whitelist; 160 extern DSOLOCAL TreeRoot *conn_read_state_suspicious_list; 161 162 extern DSOLOCAL unsigned long int conn_write_state_limit; 163 extern DSOLOCAL TreeRoot *conn_write_state_whitelist; 164 extern DSOLOCAL TreeRoot *conn_write_state_suspicious_list; 165 166 extern DSOLOCAL unsigned long int unicode_codepage; 167 168 extern DSOLOCAL int *unicode_map_table; 169 170 #define RESBODY_STATUS_NOT_READ 0 /* we were not configured to read the body */ 171 #define RESBODY_STATUS_ERROR 1 /* error occured while we were reading the body */ 172 #define RESBODY_STATUS_PARTIAL 2 /* partial body content available in the brigade */ 173 #define RESBODY_STATUS_READ_BRIGADE 3 /* body was read but not flattened */ 174 #define RESBODY_STATUS_READ 4 /* body was read and flattened */ 175 176 #define IF_STATUS_NONE 0 177 #define IF_STATUS_WANTS_TO_RUN 1 178 #define IF_STATUS_COMPLETE 2 179 180 #define OF_STATUS_NOT_STARTED 0 181 #define OF_STATUS_IN_PROGRESS 1 182 #define OF_STATUS_COMPLETE 2 183 184 #define MSC_REQBODY_NONE 0 185 #define MSC_REQBODY_MEMORY 1 186 #define MSC_REQBODY_DISK 2 187 188 #define ACTION_NONE 0 189 #define ACTION_DENY 1 190 #define ACTION_REDIRECT 2 191 #define ACTION_PROXY 3 192 #define ACTION_DROP 4 193 #define ACTION_ALLOW 5 194 #define ACTION_ALLOW_REQUEST 6 195 #define ACTION_ALLOW_PHASE 7 196 #define ACTION_PAUSE 8 197 198 #define MODSEC_DISABLED 0 199 #define MODSEC_DETECTION_ONLY 1 200 #define MODSEC_ENABLED 2 201 202 #define STATUS_ENGINE_ENABLED 1 203 #define STATUS_ENGINE_DISABLED 0 204 205 #define REMOTE_RULES_ABORT_ON_FAIL 0 206 #define REMOTE_RULES_WARN_ON_FAIL 1 207 208 #define HASH_DISABLED 0 209 #define HASH_ENABLED 1 210 211 #define HASH_URL_HREF_HASH_RX 0 212 #define HASH_URL_HREF_HASH_PM 1 213 #define HASH_URL_FACTION_HASH_RX 2 214 #define HASH_URL_FACTION_HASH_PM 3 215 #define HASH_URL_LOCATION_HASH_RX 4 216 #define HASH_URL_LOCATION_HASH_PM 5 217 #define HASH_URL_IFRAMESRC_HASH_RX 6 218 #define HASH_URL_IFRAMESRC_HASH_PM 7 219 #define HASH_URL_FRAMESRC_HASH_RX 8 220 #define HASH_URL_FRAMESRC_HASH_PM 9 221 222 #define HASH_KEYONLY 0 223 #define HASH_SESSIONID 1 224 #define HASH_REMOTEIP 2 225 226 #define MODSEC_CACHE_DISABLED 0 227 #define MODSEC_CACHE_ENABLED 1 228 229 #define MODSEC_OFFLINE 0 230 #define MODSEC_ONLINE 1 231 232 #define REGEX_CAPTURE_BUFLEN 1024 233 234 #define KEEP_FILES_OFF 0 235 #define KEEP_FILES_ON 1 236 #define KEEP_FILES_RELEVANT_ONLY 2 237 238 #define RULE_EXCEPTION_IMPORT_ID 1 239 #define RULE_EXCEPTION_IMPORT_MSG 2 240 #define RULE_EXCEPTION_REMOVE_ID 3 241 #define RULE_EXCEPTION_REMOVE_MSG 4 242 #define RULE_EXCEPTION_REMOVE_TAG 5 243 244 #define NBSP 160 245 246 struct rule_exception { 247 int type; 248 const char *param; 249 void *param_data; 250 }; 251 252 struct modsec_rec { 253 apr_pool_t *mp; 254 msc_engine *modsecurity; 255 256 request_rec *r_early; 257 request_rec *r; 258 directory_config *dcfg1; 259 directory_config *dcfg2; 260 directory_config *usercfg; 261 directory_config *txcfg; 262 263 unsigned int reqbody_should_exist; 264 unsigned int reqbody_chunked; 265 266 unsigned int phase; 267 unsigned int phase_request_headers_complete; 268 unsigned int phase_request_body_complete; 269 270 apr_bucket_brigade *if_brigade; 271 unsigned int if_seen_eos; 272 unsigned int if_status; 273 unsigned int if_started_forwarding; 274 275 apr_size_t reqbody_length; 276 277 apr_bucket_brigade *of_brigade; 278 unsigned int of_status; 279 unsigned int of_done_reading; 280 unsigned int of_skipping; 281 unsigned int of_partial; 282 unsigned int of_is_error; 283 284 unsigned int resbody_status; 285 apr_size_t resbody_length; 286 char *resbody_data; 287 unsigned int resbody_contains_html; 288 289 apr_size_t stream_input_length; 290 #ifdef MSC_LARGE_STREAM_INPUT 291 apr_size_t stream_input_allocated_length; 292 #endif 293 294 char *stream_input_data; 295 apr_size_t stream_output_length; 296 char *stream_output_data; 297 unsigned int of_stream_changed; 298 unsigned int if_stream_changed; 299 300 apr_array_header_t *error_messages; 301 apr_array_header_t *alerts; 302 303 const char *txid; 304 const char *sessionid; 305 const char *userid; 306 307 const char *server_software; 308 const char *local_addr; 309 unsigned int local_port; 310 const char *local_user; 311 312 /* client */ 313 314 const char *remote_addr; 315 unsigned int remote_port; 316 const char *remote_user; 317 318 /* useragent */ 319 const char *useragent_ip; 320 321 /* request */ 322 323 const char *request_line; 324 const char *request_method; 325 const char *request_uri; 326 const char *query_string; 327 const char *request_protocol; 328 329 const char *hostname; 330 331 apr_table_t *request_headers; 332 333 apr_off_t request_content_length; 334 const char *request_content_type; 335 336 apr_table_t *arguments; 337 apr_table_t *arguments_to_sanitize; 338 apr_table_t *request_headers_to_sanitize; 339 apr_table_t *response_headers_to_sanitize; 340 apr_table_t *request_cookies; 341 apr_table_t *pattern_to_sanitize; 342 343 unsigned int urlencoded_error; 344 unsigned int inbound_error; 345 unsigned int outbound_error; 346 347 unsigned int is_relevant; 348 349 apr_table_t *tx_vars; 350 351 /* ENH: refactor to allow arbitrary var tables */ 352 apr_table_t *geo_vars; 353 354 /* response */ 355 unsigned int response_status; 356 const char *status_line; 357 const char *response_protocol; 358 apr_table_t *response_headers; 359 unsigned int response_headers_sent; 360 apr_off_t bytes_sent; 361 362 /* modsecurity request body processing stuff */ 363 364 unsigned int msc_reqbody_storage; /* on disk or in memory */ 365 unsigned int msc_reqbody_spilltodisk; 366 unsigned int msc_reqbody_read; 367 368 apr_pool_t *msc_reqbody_mp; /* this is where chunks are allocated from */ 369 apr_array_header_t *msc_reqbody_chunks; /* data chunks when stored in memory */ 370 unsigned int msc_reqbody_length; /* the amount of data received */ 371 int msc_reqbody_chunk_position; /* used when retrieving the body */ 372 unsigned int msc_reqbody_chunk_offset; /* offset of the chunk currently in use */ 373 msc_data_chunk *msc_reqbody_chunk_current; /* current chunk */ 374 char *msc_reqbody_buffer; 375 376 const char *msc_reqbody_filename; /* when stored on disk */ 377 int msc_reqbody_fd; 378 msc_data_chunk *msc_reqbody_disk_chunk; 379 380 const char *msc_reqbody_processor; 381 int msc_reqbody_error; 382 const char *msc_reqbody_error_msg; 383 384 apr_size_t msc_reqbody_no_files_length; 385 386 char *msc_full_request_buffer; 387 int msc_full_request_length; 388 389 char *multipart_filename; 390 char *multipart_name; 391 multipart_data *mpd; /* MULTIPART processor data structure */ 392 393 xml_data *xml; /* XML processor data structure */ 394 #ifdef WITH_YAJL 395 json_data *json; /* JSON processor data structure */ 396 #endif 397 398 /* audit logging */ 399 char *new_auditlog_boundary; 400 char *new_auditlog_filename; 401 apr_file_t *new_auditlog_fd; 402 unsigned int new_auditlog_size; 403 apr_md5_ctx_t new_auditlog_md5ctx; 404 405 unsigned int was_intercepted; 406 unsigned int rule_was_intercepted; 407 unsigned int intercept_phase; 408 msre_actionset *intercept_actionset; 409 const char *intercept_message; 410 411 /* performance measurement */ 412 apr_time_t request_time; 413 apr_time_t time_phase1; 414 apr_time_t time_phase2; 415 apr_time_t time_phase3; 416 apr_time_t time_phase4; 417 apr_time_t time_phase5; 418 apr_time_t time_storage_read; 419 apr_time_t time_storage_write; 420 apr_time_t time_logging; 421 apr_time_t time_gc; 422 apr_table_t *perf_rules; 423 424 apr_array_header_t *matched_rules; 425 msc_string *matched_var; 426 int highest_severity; 427 428 /* upload */ 429 int upload_extract_files; 430 int upload_remove_files; 431 int upload_files_count; 432 433 /* other */ 434 apr_table_t *collections_original; 435 apr_table_t *collections; 436 apr_table_t *collections_dirty; 437 438 /* rule processing temp pool */ 439 apr_pool_t *msc_rule_mptmp; 440 441 /* content injection */ 442 const char *content_prepend; 443 apr_off_t content_prepend_len; 444 const char *content_append; 445 apr_off_t content_append_len; 446 447 /* data cache */ 448 apr_hash_t *tcache; 449 apr_size_t tcache_items; 450 451 /* removed rules */ 452 apr_array_header_t *removed_rules; 453 apr_array_header_t *removed_rules_tag; 454 apr_array_header_t *removed_rules_msg; 455 456 /* removed targets */ 457 apr_table_t *removed_targets; 458 459 /* When "allow" is executed the variable below is 460 * updated to contain the scope of the allow action. Set 461 * at 0 by default, it will have ACTION_ALLOW if we are 462 * to allow phases 1-4 and ACTION_ALLOW_REQUEST if we 463 * are to allow phases 1-2 only. 464 */ 465 unsigned int allow_scope; 466 467 /* matched vars */ 468 apr_table_t *matched_vars; 469 470 /* Generic request body processor context to be used by custom parsers. */ 471 void *reqbody_processor_ctx; 472 473 htmlDocPtr crypto_html_tree; 474 #if defined(WITH_LUA) 475 #ifdef CACHE_LUA 476 lua_State *L; 477 #endif 478 #endif 479 480 int msc_sdbm_delete_error; 481 }; 482 483 struct directory_config { 484 apr_pool_t *mp; 485 486 msre_ruleset *ruleset; 487 488 int is_enabled; 489 int reqbody_access; 490 int reqintercept_oe; 491 int reqbody_buffering; 492 long int reqbody_inmemory_limit; 493 long int reqbody_limit; 494 long int reqbody_no_files_limit; 495 int resbody_access; 496 497 long int of_limit; 498 apr_table_t *of_mime_types; 499 int of_mime_types_cleared; 500 int of_limit_action; 501 int if_limit_action; 502 503 const char *debuglog_name; 504 int debuglog_level; 505 apr_file_t *debuglog_fd; 506 507 int cookie_format; 508 int argument_separator; 509 const char *cookiev0_separator; 510 511 int rule_inheritance; 512 apr_array_header_t *rule_exceptions; 513 514 515 /* -- Audit log -- */ 516 517 /* Max rule time */ 518 int max_rule_time; 519 520 /* Whether audit log should be enabled in the context or not */ 521 int auditlog_flag; 522 523 /* AUDITLOG_SERIAL (single file) or AUDITLOG_CONCURRENT (multiple files) */ 524 int auditlog_type; 525 526 #ifdef WITH_YAJL 527 /* AUDITLOGFORMAT_NATIVE or AUDITLOGFORMAT_JSON */ 528 int auditlog_format; 529 #endif 530 531 /* Mode for audit log directories and files */ 532 apr_fileperms_t auditlog_dirperms; 533 apr_fileperms_t auditlog_fileperms; 534 535 /* The name of the audit log file (for the old type), or the 536 * name of the index file (for the new audit log type) 537 */ 538 char *auditlog_name; 539 /* The name of the secondary index file */ 540 char *auditlog2_name; 541 542 /* The file descriptors for the files above */ 543 apr_file_t *auditlog_fd; 544 apr_file_t *auditlog2_fd; 545 546 /* For the new-style audit log only, the path where 547 * audit log entries will be stored 548 */ 549 char *auditlog_storage_dir; 550 551 /* A list of parts to include in the new-style audit log 552 * entry. By default, it contains 'ABCFHZ'. Have a look at 553 * the AUDITLOG_PART_* constants above to decipher the 554 * meaning. 555 */ 556 char *auditlog_parts; 557 558 /* A regular expression that determines if a response 559 * status is treated as relevant. 560 */ 561 msc_regex_t *auditlog_relevant_regex; 562 563 /* Upload */ 564 const char *tmp_dir; 565 const char *upload_dir; 566 int upload_keep_files; 567 int upload_validates_files; 568 int upload_filemode; /* int only so NOT_SET works */ 569 int upload_file_limit; 570 571 /* Used only in the configuration phase. */ 572 msre_rule *tmp_chain_starter; 573 msre_actionset *tmp_default_actionset; 574 apr_table_t *tmp_rule_placeholders; 575 576 /* Misc */ 577 const char *data_dir; 578 const char *webappid; 579 const char *sensor_id; 580 const char *httpBlkey; 581 582 /* Content injection. */ 583 int content_injection_enabled; 584 585 /* Stream Inspection */ 586 int stream_inbody_inspection; 587 int stream_outbody_inspection; 588 589 /* Geo Lookup */ 590 geo_db *geo; 591 592 /* Gsb Lookup */ 593 gsb_db *gsb; 594 595 /* Unicode map */ 596 unicode_map *u_map; 597 598 /* Cache */ 599 int cache_trans; 600 int cache_trans_incremental; 601 apr_size_t cache_trans_min; 602 apr_size_t cache_trans_max; 603 apr_size_t cache_trans_maxitems; 604 605 /* Array to hold signatures of components, which will 606 * appear in the ModSecurity signature in the audit log. 607 */ 608 apr_array_header_t *component_signatures; 609 610 /* Request character encoding. */ 611 const char *request_encoding; 612 613 int disable_backend_compression; 614 615 /* Collection timeout */ 616 int col_timeout; 617 618 /* hash of ids */ 619 apr_hash_t *rule_id_htab; 620 621 /* Hash */ 622 apr_array_header_t *hash_method; 623 const char *crypto_key; 624 int crypto_key_len; 625 const char *crypto_param_name; 626 int hash_is_enabled; 627 int hash_enforcement; 628 int crypto_key_add; 629 int crypto_hash_href_rx; 630 int crypto_hash_faction_rx; 631 int crypto_hash_location_rx; 632 int crypto_hash_iframesrc_rx; 633 int crypto_hash_framesrc_rx; 634 int crypto_hash_href_pm; 635 int crypto_hash_faction_pm; 636 int crypto_hash_location_pm; 637 int crypto_hash_iframesrc_pm; 638 int crypto_hash_framesrc_pm; 639 640 /* xml */ 641 int xml_external_entity; 642 643 /* This will be used whenever ModSecurity will be ready 644 * to ask the server for newer rules. 645 */ 646 #if 0 647 msc_remote_rules_server *remote_rules; 648 int remote_timeout; 649 #endif 650 }; 651 652 struct error_message_t { 653 const char *file; 654 int line; 655 int level; 656 apr_status_t status; 657 const char *message; 658 }; 659 660 struct msc_engine { 661 apr_pool_t *mp; 662 apr_global_mutex_t *auditlog_lock; 663 apr_global_mutex_t *geo_lock; 664 #ifdef GLOBAL_COLLECTION_LOCK 665 apr_global_mutex_t *dbm_lock; 666 #endif 667 msre_engine *msre; 668 unsigned int processing_mode; 669 }; 670 671 struct msc_data_chunk { 672 char *data; 673 apr_size_t length; 674 unsigned int is_permanent; 675 }; 676 677 struct msc_arg { 678 const char *name; 679 unsigned int name_len; 680 unsigned int name_origin_offset; 681 unsigned int name_origin_len; 682 const char *value; 683 unsigned int value_len; 684 unsigned int value_origin_offset; 685 unsigned int value_origin_len; 686 const char *origin; 687 }; 688 689 struct msc_string { 690 char *name; 691 unsigned int name_len; 692 char *value; 693 unsigned int value_len; 694 }; 695 696 struct msc_parm { 697 char *value; 698 int pad_1; 699 int pad_2; 700 }; 701 702 /* Engine functions */ 703 704 msc_engine DSOLOCAL *modsecurity_create(apr_pool_t *mp, int processing_mode); 705 706 int DSOLOCAL modsecurity_init(msc_engine *msce, apr_pool_t *mp); 707 708 void DSOLOCAL modsecurity_child_init(msc_engine *msce); 709 710 void DSOLOCAL modsecurity_shutdown(msc_engine *msce); 711 712 apr_status_t DSOLOCAL modsecurity_tx_init(modsec_rec *msr); 713 714 apr_status_t DSOLOCAL modsecurity_process_phase(modsec_rec *msr, unsigned int phase); 715 716 717 /* Request body functions */ 718 719 apr_status_t DSOLOCAL modsecurity_request_body_start(modsec_rec *msr, char **error_msg); 720 721 apr_status_t DSOLOCAL modsecurity_request_body_store(modsec_rec *msr, 722 const char *data, apr_size_t length, char **error_msg); 723 724 apr_status_t DSOLOCAL modsecurity_request_body_end(modsec_rec *msr, char **error_msg); 725 726 apr_status_t DSOLOCAL modsecurity_request_body_to_stream(modsec_rec *msr, const char *buffer, int buflen, char **error_msg); 727 728 apr_status_t DSOLOCAL modsecurity_request_body_retrieve_start(modsec_rec *msr, char **error_msg); 729 730 apr_status_t DSOLOCAL modsecurity_request_body_retrieve_end(modsec_rec *msr); 731 732 /* Retrieves up to nbytes bytes of the request body. Returns 1 on 733 * success, 0 when there is no more data, or -1 on error. On return 734 * nbytes will contain the number of bytes stored in the buffer. 735 */ 736 apr_status_t DSOLOCAL modsecurity_request_body_retrieve(modsec_rec *msr, msc_data_chunk **chunk, 737 long int nbytes, char **error_msg); 738 739 void DSOLOCAL msc_add(modsec_rec *msr, int level, msre_actionset *actionset, 740 const char *action_message, const char *rule_message); 741 742 const char DSOLOCAL *msc_alert_message(modsec_rec *msr, msre_actionset *actionset, const char *action_message, 743 const char *rule_message); 744 745 void DSOLOCAL msc_alert(modsec_rec *msr, int level, msre_actionset *actionset, const char *action_message, 746 const char *rule_message); 747 748 apr_status_t DSOLOCAL modsecurity_request_body_clear(modsec_rec *msr, char **error_msg); 749 750 #endif 751