Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: Apache Doxygen IIS Nginx (Mainline) Nginx (Stable)
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

Apache Doxygen IIS Nginx (Mainline) Nginx (Stable)
Mauro Faccenda
Print YAJL version on startup. Closing issue: #703
Felipe Zimmerle
Adds support to Python scripts on ModSecurity core.

Analog of what we have for Lua, Python support is now added by this commit.
This is very experimental.
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • Linux64 - Nginx (Mainline): regression [8086] failed -  stdio
  • Linux64 - Nginx (Stable): regression [8084] failed -  stdio
Felipe Zimmerle
Declares msre_var *rvar at the beggining of the function

Necessary to fix the build on Win8 VS 2011
  • FreeBSD - Apache: regression [8094] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
Declares msre_var *rvar at the beggining of the function

Necessary to fix the build on Win8 VS 2011
  • FreeBSD - Apache: regression [8094] failed -  stdio
  • Linux32 - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • Linux32 - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
FuzzyHash: if disable giving an run time error instead of config

FuzzyHash operator is optional and only installed if the headers for libfuzzy
was found in the system. Otherwise, the FuzzyHash operator is disable during
the compilation. After this commit, if some rules tries to use it, ModSecurity
will produce an runtime error not a config time error, allowing the web server
to procede normal with its operations.
  • FreeBSD - Apache: regression [8094] failed -  stdio
  • Linux32 - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • Linux32 - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
FuzzyHash: if disable giving an run time error instead of config

FuzzyHash operator is optional and only installed if the headers for libfuzzy
was found in the system. Otherwise, the FuzzyHash operator is disable during
the compilation. After this commit, if some rules tries to use it, ModSecurity
will produce an runtime error not a config time error, allowing the web server
to procede normal with its operations.
  • Linux32 - Apache: updating -  stdio
  • Linux64 - Apache: updating -  stdio
Felipe Zimmerle
Adds regression test to cover the @fuzzeHash operator

Added 30-fuzzyHash.t and the ssdeep hash files. Hash files was generated using
files from ModSecurity repository.
  • FreeBSD - Apache: regression [8094] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • Win8 - (VS 2011 32b) - IIS: build modsec failed -  stdiowarnings (1)
Felipe \"Zimmerle\" Costa
iis: Adds ssdeep support
  • FreeBSD - Apache: regression [8094] failed -  stdio
  • MacOSLeopard - Nginx (Stable): regression [8090] failed -  stdio
Felipe Zimmerle
Adds fuzzyHash operator

The fuzzyHash operator can be used to match files. In conjuntcion
with FILES_TMP_CONTENT collection it can scan uploaded files and
try to match it with a pre caculated list of know malicious content,
more details on how it works can be found on ssdeep website:
http://ssdeep.sourceforge.net/
  • FreeBSD - Apache: regression [8094] failed -  stdio
  • MacOSLeopard - Nginx (Stable): regression [8090] failed -  stdio
Felipe Zimmerle
Adds ssdeep support in our build system

ssdeep will be used with the @fuzzyHash operator which is under
development
  • FreeBSD - Apache: regression [8094] failed -  stdio
  • MacOSLeopard - Nginx (Stable): regression [8090] failed -  stdio
Felipe Zimmerle
Adds support to Python scripts on ModSecurity core.

Analog of what we have for Lua, Python support is now added by this commit.
This is very experimental.
Felipe Zimmerle
Adds support to Python scripts on ModSecurity core.

Analog of what we have for Lua, Python support is now added by this commit.
This is very experimental.
  • Linux32 - Apache: (ModSec) Compilation failed -  stdio
  • Linux64 - Apache: (ModSec) Compilation failed -  stdio
  • MacOSLeopard - Apache: (ModSec) Compilation failed -  stdiowarnings (2)
  • Win8 - (VS 2011 64b) - IIS: build modsec failed -  stdiowarnings (10)
  • Win8 - (VS 2012 32b) - IIS: build modsec failed -  stdio
  • Win8 - (VS 2012 64b) - IIS: build modsec failed -  stdiowarnings (10)
Felipe Zimmerle
Adds python build script.

Not the final version just to test
  • Linux32 - Apache: (ModSec) Compilation failed -  stdio
  • Linux64 - Apache: (ModSec) Compilation failed -  stdio
  • MacOSLeopard - Apache: (ModSec) Compilation failed -  stdiowarnings (2)
  • Win8 - (VS 2011 64b) - IIS: build modsec failed -  stdiowarnings (10)
  • Win8 - (VS 2012 32b) - IIS: build modsec failed -  stdio
  • Win8 - (VS 2012 64b) - IIS: build modsec failed -  stdiowarnings (10)
Felipe \"Zimmerle\" Costa
iis: Adds ssdeep support
  • LinuxARM - Apache: (ModSec) Compilation failed -  stdio
  • Win8 - (VS 2011 32b) - IIS: build modsec failed -  stdiowarnings (1)
Felipe \"Zimmerle\" Costa
iis: Adds ssdeep support
  • LinuxARM - Apache: (ModSec) Compilation failed -  stdio
  • MacOSLeopard - Apache: (ModSec) configure failed -  stdio
  • Win8 - (VS 2011 64b) - IIS: build modsec failed -  stdiowarnings (808)
  • Win8 - (VS 2012 64b) - IIS: build modsec failed -  stdiowarnings (808)
Felipe Zimmerle
Adds fuzzyHash operator

The fuzzyHash operator can be used to match files. In conjuntcion
with FILES_TMP_CONTENT collection it can scan uploaded files and
try to match it with a pre caculated list of know malicious content,
more details on how it works can be found on ssdeep website:
http://ssdeep.sourceforge.net/
  • LinuxARM - Apache: (ModSec) Compilation failed -  stdio
  • MacOSLeopard - Apache: (ModSec) configure failed -  stdio
  • Win8 - (VS 2011 64b) - IIS: build modsec failed -  stdiowarnings (808)
  • Win8 - (VS 2012 64b) - IIS: build modsec failed -  stdiowarnings (808)
Felipe Zimmerle
Adds ssdeep support in our build system

ssdeep will be used with the @fuzzyHash operator which is under
development
  • LinuxARM - Apache: (ModSec) Compilation failed -  stdio
  • MacOSLeopard - Apache: (ModSec) configure failed -  stdio
  • Win8 - (VS 2011 64b) - IIS: build modsec failed -  stdiowarnings (808)
  • Win8 - (VS 2012 64b) - IIS: build modsec failed -  stdiowarnings (808)
Felipe Zimmerle
Adds collection FILES_TMP_CONTENT

The collection is filled with a key-value set where value is the content of
the file which was uploaded. This collection can be used with all supported
operators, however, SecTmpSaveUploadedFiles should be set to 'On' in order
to have this collection filled. Note that @inspectFile is now depending on
SecTmpSaveUploadedFiles. This is necessary to keep performance while such
functionalities where not used.
  • LinuxARM - Apache: (ModSec) Compilation failed -  stdio
  • MacOSLeopard - Apache: (ModSec) configure failed -  stdio
  • Win8 - (VS 2011 64b) - IIS: build modsec failed -  stdiowarnings (808)
  • Win8 - (VS 2012 64b) - IIS: build modsec failed -  stdiowarnings (808)
Felipe Zimmerle
Adds doxygen configuration files
  • FreeBSD - Apache: regression [8094] failed -  stdio
  • Linux32 - Apache: updating -  stdio
  • Linux32 - Nginx (Mainline): updating -  stdio
  • Linux64 - Nginx (Mainline): regression [8086] failed -  stdio
  • LinuxARM - Nginx (Mainline): updating -  stdio
  • Linux32 - Nginx (Stable): updating -  stdio
  • Linux64 - Nginx (Stable): updating -  stdio
  • LinuxARM - Nginx (Stable): regression [8087] failed -  stdio
Andrei Belov
Obtain port from r->connection->local_sockaddr.

This eliminates segfaults caused by unset (NULL) r->port_start
and non-NULL r->port_end. In fact, r->port_start is always NULL,
so it is useless to rely on this pointer.
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Andrei Belov
Removed unneeded and invalid initialization.
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
paulyang
Bugfix: add -P option in test script

Otherwise nginx's installation directory could not be specified.

Signed-off-by: paulyang <paulyang.inf@gmail.com>
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
niginx: cosmetics: Changes CRLF to LF
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
nginx: cosmetics: Removes trailing whitespace
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
nginx: cosmetics: Splits lines longer than 80 characters
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
nginx: copies the req body chain to be processed instead of move

Add a check for the definition MOVE_REQUEST_CHAIN_TO_MODSEC, whenever it is
set the chain will be moved into the brigade. If it was not set the chain
will be only copied. Moving was causing segfaults on the following
regression tests:

#15 - SecRequestBodyInMemoryLimit
#16 - SecRequestBodyInMemoryLimit (greater)
#19 - SecRequestBodyLimitAction ProcessPartial (multipart/greater - chunked)
(from: regression/config/10-request-directives.t)
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
nginx: better dealing with chunked request body
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
nginx: looking for segfaults on the regression test.

If nginx segfaults it will return, warning that the test failed.
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
nginx refactoring

Refactoring on the nginx module, including:
- Better handling larger posts;
- Now using nginx echo module during the regression tests.
- Better interacting with neginx chain rules
- Separation of the request handling and content filters.
- Better handling nginx sessions and resource counts to allow a
  more efficient garbage collector.
- Handling both http/1.0 and 1.1, including keep-alive.
- Tests are now capable to test nginx as a proxy or end-server.
- Tested agains nginx 1.6 and 1.7.
  • Linux32 - Apache: regression [8082] failed -  stdio
  • Linux64 - Apache: regression [8085] failed -  stdio
  • LinuxARM - Apache: regression [8088] failed -  stdio
  • MacOSLeopard - Apache: regression [8091] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
Automake: Using ../ instead of $(top_srcdir)

After enable `subdir-objects', the variable $(top_srcdir) was not being
resolved, a directory labeled "$(top_srcdir)" was created instead.
  • Linux32 - Nginx (Mainline): regression [8083] failed -  stdio
Felipe Zimmerle
Adds automake subdir-objects option

As of Automake 1.4, it starts to warning about the lack of utilization
of `subdir-objects' option, which will be default in the further
releases. Avoiding break stuff we are patching ModSecurity to support
such option when it still an option (Issue #760).
  • Linux32 - Nginx (Mainline): regression [8083] failed -  stdio
Felipe Zimmerle
Automake: Using ../ instead of $(top_srcdir)

After enable `subdir-objects', the variable $(top_srcdir) was not being
resolved, a directory labeled "$(top_srcdir)" was created instead.
  • Linux32 - Apache: updating -  stdio
  • LinuxARM - Apache: updating -  stdio
  • Win8 - (VS 2012 64b) - IIS: updating -  stdio
  • Linux32 - Nginx (Mainline): updating -  stdio
  • Linux64 - Nginx (Mainline): regression [8086] failed -  stdio
  • LinuxARM - Nginx (Mainline): regression [8089] failed -  stdio
  • Linux32 - Nginx (Stable): regression [8081] failed -  stdio
  • Linux64 - Nginx (Stable): updating -  stdio
Felipe Zimmerle
Adds automake subdir-objects option

As of Automake 1.4, it starts to warning about the lack of utilization
of `subdir-objects' option, which will be default in the further
releases. Avoiding break stuff we are patching ModSecurity to support
such option when it still an option (Issue #760).
  • Linux32 - Apache: updating -  stdio
  • LinuxARM - Apache: updating -  stdio
  • Win8 - (VS 2012 64b) - IIS: updating -  stdio
  • Linux32 - Nginx (Mainline): updating -  stdio
  • Linux64 - Nginx (Mainline): regression [8086] failed -  stdio
  • LinuxARM - Nginx (Mainline): regression [8089] failed -  stdio
  • Linux32 - Nginx (Stable): regression [8081] failed -  stdio
  • Linux64 - Nginx (Stable): updating -  stdio
Andrei Belov
Obtain port from r->connection->local_sockaddr.

This eliminates segfaults caused by unset (NULL) r->port_start
and non-NULL r->port_end. In fact, r->port_start is always NULL,
so it is useless to rely on this pointer.
  • Linux64 - Apache: regression [8085] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Andrei Belov
Removed unneeded and invalid initialization.
  • Linux64 - Apache: regression [8085] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
paulyang
Bugfix: add -P option in test script

Otherwise nginx's installation directory could not be specified.

Signed-off-by: paulyang <paulyang.inf@gmail.com>
  • Linux64 - Apache: regression [8085] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
niginx: cosmetics: Changes CRLF to LF
  • Linux64 - Apache: regression [8085] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
nginx: cosmetics: Removes trailing whitespace
  • Linux64 - Apache: regression [8085] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
nginx: cosmetics: Splits lines longer than 80 characters
  • Linux64 - Apache: regression [8085] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio
Felipe Zimmerle
Regression: Accept different ports on FULL_REQUEST unit test.

FULL_REQUEST unit test was expecting only for the default regression test
suite port. Now it is expecting for [0-9]+.
  • Linux64 - Apache: regression [8085] failed -  stdio
  • FreeBSD - Nginx (Mainline): (nginx) Compilation failed -  stdio
  • FreeBSD - Nginx (Stable): (nginx) Compilation failed -  stdio