fix: second pass changing names and main module

Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>

CHANGES

@@ -58,5 +58,5 @@ v1.0.1 - 2019-Dec-16
 v1.0.0 - 2017-Dec-20
 --------------------
 
- - First version of ModSecurity-nginx connector
+ - First version of Coraza-nginx connector
 

README.md

@@ -234,7 +234,7 @@ version of your libcoraza and the version of the nginx connector you are running
 ### Security issue
 
 Please do not publicly report any security issue. Instead, contact us at:
-security@coraza.org to report the issue. Once the problem is fixed we will provide you with credit for the discovery.
+security@coraza.io to report the issue. Once the problem is fixed we will provide you with credit for the discovery.
 
 
 ## Feature Request

ngx-modsec.stp

@@ -6,12 +6,12 @@ global rules_phase
 
 
 # Rules
-probe process("/usr/local/lib/libmodsecurity.so.3").function("evaluate@rule.cc*")
+probe process("/usr/local/lib/libcoraza.so.3").function("evaluate@rule.cc*")
 {
     begin_rule = gettimeofday_us();
 }
 
-probe process("/usr/local/lib/libmodsecurity.so.3").function("evaluate@rule.cc*").return
+probe process("/usr/local/lib/libcoraza.so.3").function("evaluate@rule.cc*").return
 {
     elapsed_rule = gettimeofday_us() - begin_rule
     rules[$this->m_ruleId] <<< elapsed_rule

src/ddebug.h

@@ -34,7 +34,7 @@
 
 #   if (NGX_HAVE_VARIADIC_MACROS)
 
-#       define dd(...) fprintf(stderr, "modsec *** %s: ", __func__); \
+#       define dd(...) fprintf(stderr, "coraza *** %s: ", __func__); \
             fprintf(stderr, __VA_ARGS__); \
             fprintf(stderr, " at %s line %d.\n", __FILE__, __LINE__)
 

src/ngx_http_coraza_body_filter.c

@@ -1,5 +1,5 @@
 /*
- * ModSecurity connector for nginx, http://www.modsecurity.org/
+ * Coraza connector for nginx, http://www.coraza.io/
  * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
  *
  * You may not use this file except in compliance with
@@ -9,7 +9,7 @@
  *
  * If any of the files related to licensing are missing or if you have any
  * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
+ * directly using the email address security@coraza.io.
  *
  */
 

src/ngx_http_coraza_common.h

@@ -1,5 +1,5 @@
 /*
- * ModSecurity connector for nginx, http://www.modsecurity.org/
+ * Coraza connector for nginx, http://www.coraza.io/
  * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
  *
  * You may not use this file except in compliance with
@@ -9,7 +9,7 @@
  *
  * If any of the files related to licensing are missing or if you have any
  * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
+ * directly using the email address security@coraza.io.
  *
  */
 
@@ -37,8 +37,8 @@
  *
  */
 
-#define CORAZA_NGINX_MAJOR "1"
-#define CORAZA_NGINX_MINOR "0"
+#define CORAZA_NGINX_MAJOR "0"
+#define CORAZA_NGINX_MINOR "1"
 #define CORAZA_NGINX_PATCHLEVEL "0"
 #define CORAZA_NGINX_TAG ""
 #define CORAZA_NGINX_TAG_NUM "100"
@@ -105,7 +105,7 @@ typedef struct {
 extern ngx_module_t ngx_http_coraza_module;
 
 /* ngx_http_coraza_module.c */
-int ngx_http_coraza_process_intervention (coraza_transaction_t transaction, ngx_http_request_t *r, ngx_int_t early_log);
+ngx_int_t ngx_http_coraza_process_intervention (coraza_transaction_t *transaction, ngx_http_request_t *r, ngx_int_t early_log);
 ngx_http_coraza_ctx_t *ngx_http_coraza_create_ctx(ngx_http_request_t *r);
 char *ngx_str_to_char(ngx_str_t a, ngx_pool_t *p);
 

src/ngx_http_coraza_header_filter.c

@@ -10,7 +10,7 @@
  *
  * If any of the files related to licensing are missing or if you have any
  * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
+ * directly using the email address security@coraza.io.
  *
  */
 
@@ -356,7 +356,7 @@ ngx_http_coraza_header_filter(ngx_http_request_t *r)
     }
 
 /* XXX: can it happen ?  already processed i mean */
-/* XXX: check behaviour on 'ModSecurity off' */
+/* XXX: check behaviour on 'Coraza off' */
 
     if (ctx && ctx->processed)
     {
@@ -376,8 +376,8 @@ ngx_http_coraza_header_filter(ngx_http_request_t *r)
     ctx->processed = 1;
     /*
      *
-     * Assuming ModSecurity module is running immediately before the
-     * ngx_http_header_filter, we will be able to populate ModSecurity with
+     * Assuming Coraza module is running immediately before the
+     * ngx_http_header_filter, we will be able to populate Coraza with
      * headers from the headers_out structure.
      *
      * As ngx_http_header_filter place a direct call to the
@@ -452,13 +452,13 @@ ngx_http_coraza_header_filter(ngx_http_request_t *r)
     /*
      * Proxies will not like this... but it is necessary to unset
      * the content length in order to manipulate the content of
-     * response body in ModSecurity.
+     * response body in Coraza.
      *
-     * This header may arrive at the client before ModSecurity had
+     * This header may arrive at the client before Coraza had
      * a change to make any modification. That is why it is necessary
      * to set this to -1 here.
      *
-     * We need to have some kind of flag the decide if ModSecurity
+     * We need to have some kind of flag the decide if Coraza
      * will make a modification or not. If not, keep the content and
      * make the proxy servers happy.
      *

src/ngx_http_coraza_log.c

@@ -1,5 +1,5 @@
 /*
- * ModSecurity connector for nginx, http://www.modsecurity.org/
+ * Coraza connector for nginx, http://www.coraza.io/
  * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
  *
  * You may not use this file except in compliance with
@@ -9,7 +9,7 @@
  *
  * If any of the files related to licensing are missing or if you have any
  * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
+ * directly using the email address security@coraza.io.
  *
  */
 

src/ngx_http_coraza_module.c

@@ -1,9 +1,9 @@
 /*
  * Coraza connector for nginx, http://www.coraza.io/
  *
- * Based on ModSecurity's connector.
+ * Based on Coraza's connector.
  * 
- * ModSecurity nginx connector
+ * Coraza nginx connector
  * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
  * 
  * Coraza nginx connector
@@ -43,13 +43,13 @@ static void ngx_http_coraza_cleanup_rules(void *data);
  * ngx_string's are not null-terminated in common case, so we need to convert
  * them into null-terminated ones before passing to CORAZA
  */
-ngx_inline char *ngx_str_to_char(ngx_str_t a, ngx_pool_t *p)
+ngx_inline ngx_int_t ngx_str_to_char(ngx_str_t a, char* res, ngx_pool_t *p)
 {
-	char *str = NULL;
+	char *res = NULL;
 
 	if (a.len == 0)
 	{
-		return NULL;
+		return NGX_OK;
 	}
 
 	str = ngx_pnalloc(p, a.len + 1);
@@ -65,13 +65,14 @@ ngx_inline char *ngx_str_to_char(ngx_str_t a, ngx_pool_t *p)
 	return str;
 }
 
-ngx_inline int
-ngx_http_coraza_process_intervention(coraza_transaction_t transaction, ngx_http_request_t *r, ngx_int_t early_log)
+ngx_inline ngx_int_t
+ngx_http_coraza_process_intervention(coraza_transaction_t *transaction, ngx_http_request_t *r, ngx_int_t early_log)
 {
 	char *log = NULL;
 	coraza_intervention_t *intervention;
 	ngx_http_coraza_ctx_t *ctx = NULL;
-
+	ngx_table_elt_t *location = NULL;
+
 	dd("processing intervention");
 
 	ctx = ngx_http_get_module_ctx(r, ngx_http_coraza_module);
@@ -84,7 +85,7 @@ ngx_http_coraza_process_intervention(coraza_transaction_t transaction, ngx_http_
 	if (intervention == NULL)
 	{
 		dd("nothing to do");
-		return 0;
+		return NGX_OK;
 	}
 
 	log = intervention->log;
@@ -107,7 +108,7 @@ ngx_http_coraza_process_intervention(coraza_transaction_t transaction, ngx_http_
 		if (r->header_sent)
 		{
 			dd("Headers are already sent. Cannot perform the redirection at this point.");
-			return -1;
+			return NGX_ERROR;
 		}
 
 		/**
@@ -122,12 +123,8 @@ ngx_http_coraza_process_intervention(coraza_transaction_t transaction, ngx_http_
 		 *
 		 */
 		ngx_http_clear_location(r);
-		ngx_str_t a = ngx_string("");
+		ngx_str_t a = ngx_string(intervention->url);
 
-		a.data = (unsigned char *)intervention->url;
-		a.len = strlen(intervention->url);
-
-		ngx_table_elt_t *location = NULL;
 		location = ngx_list_push(&r->headers_out.headers);
 		ngx_str_set(&location->key, "Location");
 		location->value = a;
@@ -157,12 +154,12 @@ ngx_http_coraza_process_intervention(coraza_transaction_t transaction, ngx_http_
 		if (r->header_sent)
 		{
 			dd("Headers are already sent. Cannot perform the redirection at this point.");
-			return -1;
+			return NGX_ERROR;
 		}
 		dd("intervention -- returning code: %d", intervention.status);
 		return intervention->status;
 	}
-	return 0;
+	return NGX_OK;
 }
 
 void ngx_http_coraza_cleanup(void *data)
@@ -230,24 +227,18 @@ ngx_conf_set_rules(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
 	int res;
 	char *rules;
 	ngx_str_t *value;
-	const char *error;
+	char *error;
 	ngx_http_coraza_conf_t *mcf = conf;
 	ngx_http_coraza_main_conf_t *mmcf;
 
 	value = cf->args->elts;
-	rules = ngx_str_to_char(value[1], cf->pool);
-
-	if (rules == (char *)-1)
-	{
-		return NGX_CONF_ERROR;
-	}
 
-	res = coraza_rules_add(mcf->waf, rules, (char **)&error);
+	res = coraza_rules_add(mcf->waf, (char *)value[1].data, &error);
 
 	if (res < 0)
 	{
 		dd("Failed to load the rules: '%s' - reason: '%s'", rules, error);
-		return strdup(error);
+		return NGX_CONF_ERROR;
 	}
 
 	mmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_coraza_module);
@@ -262,24 +253,18 @@ ngx_conf_set_rules_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
 	int res;
 	char *rules_set;
 	ngx_str_t *value;
-	const char *error;
+	char **error;
 	ngx_http_coraza_conf_t *mcf = conf;
 	ngx_http_coraza_main_conf_t *mmcf;
 
 	value = cf->args->elts;
-	rules_set = ngx_str_to_char(value[1], cf->pool);
-
-	if (rules_set == (char *)-1)
-	{
-		return NGX_CONF_ERROR;
-	}
 
-	res = coraza_rules_add(mcf->waf, rules_set, (char **)&error);
+	res = coraza_rules_add(mcf->waf, (char *)value[1].data, &error);
 
 	if (res < 0)
 	{
 		dd("Failed to load the rules from: '%s' - reason: '%s'", rules_set, error);
-		return strdup(error);
+		return NGX_CONF_ERROR;
 	}
 
 	mmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_coraza_module);
@@ -573,13 +558,12 @@ ngx_http_coraza_merge_conf(ngx_conf_t *cf, void *parent, void *child)
 	ngx_http_coraza_conf_t *c = child;
 #if defined(CORAZA_DDEBUG) && (CORAZA_DDEBUG)
 	ngx_http_core_loc_conf_t *clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
+	dd("merging loc config [%s] - parent: '%p' child: '%p'",
+		ngx_str_to_char(clcf->name, cf->pool), parent,
+		child);
 #endif
 	int rules;
-	const char *error = NULL;
-
-	dd("merging loc config [%s] - parent: '%p' child: '%p'",
-	   ngx_str_to_char(clcf->name, cf->pool), parent,
-	   child);
+	char **error = NULL;
 
 	dd("                  state - parent: '%d' child: '%d'",
 	   (int)c->enable, (int)p->enable);
@@ -592,20 +576,20 @@ ngx_http_coraza_merge_conf(ngx_conf_t *cf, void *parent, void *child)
 
 #if defined(CORAZA_DDEBUG) && (CORAZA_DDEBUG)
 	dd("PARENT RULES");
-	msc_rules_dump(p->rules_set);
+	coraza_rules_dump(p->rules_set);
 	dd("CHILD RULES");
-	msc_rules_dump(c->rules_set);
+	coraza_rules_dump(c->rules_set);
 #endif
-	rules = coraza_rules_merge(c->waf, p->waf, (char **)&error);
+	rules = coraza_rules_merge(c->waf, p->waf, &error);
 
 	if (rules < 0)
 	{
-		return strdup(error);
+		return error;
 	}
 
 #if defined(CORAZA_DDEBUG) && (CORAZA_DDEBUG)
 	dd("NEW CHILD RULES");
-	msc_rules_dump(c->rules_set);
+	coraza_rules_dump(c->rules_set);
 #endif
 	return NGX_CONF_OK;
 }

src/ngx_http_coraza_rewrite.c

@@ -1,5 +1,5 @@
 /*
- * ModSecurity connector for nginx, http://www.modsecurity.org/
+ * Coraza connector for nginx, http://www.coraza.io/
  * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
  *
  * You may not use this file except in compliance with
@@ -9,7 +9,7 @@
  *
  * If any of the files related to licensing are missing or if you have any
  * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
+ * directly using the email address security@coraza.io.
  *
  */
 
@@ -149,7 +149,7 @@ ngx_http_coraza_rewrite_handler(ngx_http_request_t *r)
         }
 
         /**
-         * Since incoming request headers are already in place, lets send it to ModSecurity
+         * Since incoming request headers are already in place, lets send it to Coraza
          *
          */
         ngx_list_part_t *part = &r->headers_in.headers.part;
@@ -170,7 +170,7 @@ ngx_http_coraza_rewrite_handler(ngx_http_request_t *r)
              * By using u_char (utf8_t) I believe nginx is hoping to deal
              * with utf8 strings.
              * Casting those into to unsigned char * in order to pass
-             * it to ModSecurity, it will handle with those later.
+             * it to Coraza, it will handle with those later.
              *
              */
 
@@ -183,7 +183,7 @@ ngx_http_coraza_rewrite_handler(ngx_http_request_t *r)
         }
 
         /**
-         * Since ModSecurity already knew about all headers, i guess it is safe
+         * Since Coraza already knew about all headers, i guess it is safe
          * to process this information.
          */