Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
bunkerweb/src/variables/remote_user.cc
Théophile Diot cfc32af85c Squashed 'src/deps/src/modsecurity/' changes from ccc2d9b536..bbde9381cb 
bbde9381cb Change release version to v3.0.11
35969946ca Merge pull request #3024 from martinhsv/v3/master
4c7a9bd312 Add WRDE_NOCMD to wordexp call
5b094c0ce9 Merge pull request #3014 from martinhsv/v3/master
c11b28292d Fix: validateDTD compile fails if when libxml2 not installed
cb4d7ae371 Adjust some copyright dates
0311da9f1b Merge pull request #3008 from martinhsv/v3/master
beaa452302 Fix memory leak of validateDTD's dtd object
a9edee3dbe const-ify some references in test folder
de2d053d6e Remove unneeded cppcheck suppression
36adc58ea3 const-ify some references (satisfy cppcheck)
b9836bcaa4 Merge pull request #3005 from martinhsv/v3/master
b180de53bf Fix memory leaks in ValidateSchema
fd67c6eb1d Remove unneeded heap allocation in AnchoredSetVariable::set
dc6cce5f0c refactoring and remove dead code in lmdb
3951ba0e48 CHANGES entry for previous PR
2fcd373107 Merge pull request #3001 from SpiderLabs/v3/dev/action_expirevar
c63b5bea1d Change linux workflow to Ubuntu 22.04
34809d8064 Add expirevar support for lmdb
118e1b3a44 Support expirevar for in-memory collection
135d1fa42b Merge pull request #2985 from martinhsv/v3/master
af45ccd53f Fix: lmdb regex match on non-null-terminated string
375519d5f2 Merge pull request #2983 from martinhsv/v3/master
dc2e38e242 Fix memory leaks in lmdb code (new'd strings)
8594cb8a7d Correct json for one regression test file
60f802e480 Merge pull request #2939 from martinhsv/v3/master
31cbd7309a Configure: add additional name to pcre2 pkg-config list
cbe2d61174 CHANGES: Preparing for next version

git-subtree-dir: src/deps/src/modsecurity
git-subtree-split: bbde9381cbccb49ea73f6194b08b478adc53f3bc
2023-12-07 14:46:12 +01:00

90 lines
2.2 KiB
C++
Raw Blame History

/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2023 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "src/variables/remote_user.h"
#include <time.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <iostream>
#include <string>
#include <vector>
#include <list>
#include <utility>
#include <memory>
#include "modsecurity/transaction.h"
#include "src/utils/base64.h"
namespace modsecurity {
namespace variables {
void RemoteUser::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
size_t pos;
std::string base64;
VariableValue *var;
std::string header;
std::vector<const VariableValue *> *l2 = \
new std::vector<const VariableValue *>();
transaction->m_variableRequestHeaders.resolve("authorization", l2);
if (l2->size() < 1) {
goto clear;
}
header = std::string(l2->at(0)->getValue());
if (header.compare(0, 6, "Basic ") == 0) {
base64 = std::string(header, 6, header.length());
}
base64 = Utils::Base64::decode(base64);
pos = base64.find(":");
if (pos == std::string::npos) {
goto clear;
}
transaction->m_variableRemoteUser.assign(std::string(base64, 0, pos));
var = new VariableValue(&l2->at(0)->getKeyWithCollection(),
&transaction->m_variableRemoteUser);
for (const auto &i : l2->at(0)->getOrigin()) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
origin->m_offset = i->m_offset;
origin->m_length = i->m_length;
var->addOrigin(std::move(origin));
}
l->push_back(var);
clear:
for (auto &a : *l2) {
delete a;
}
l2->clear();
delete l2;
}
} // namespace variables
} // namespace modsecurity
Reference in a new issue View git blame Copy permalink