Closed RekGRpth closed 3 years ago
diff --git a/naxsi_src/naxsi.h b/naxsi_src/naxsi.h index 0f61d95..53df1bd 100644 --- a/naxsi_src/naxsi.h +++ b/naxsi_src/naxsi.h @@ -326,7 +326,6 @@ typedef struct ngx_array_t* raw_body_rules; ngx_array_t* locations; /*ngx_http_naxsi_loc_conf_t*/ - ngx_log_t* log; } ngx_http_naxsi_main_conf_t; @@ -388,6 +387,7 @@ typedef struct libinjection dynamic flags */ ngx_uint_t flag_libinjection_xss_h; ngx_uint_t flag_libinjection_sql_h; + ngx_log_t* log; } ngx_http_naxsi_loc_conf_t; @@ -471,6 +471,7 @@ typedef struct ngx_http_nx_json_s #define TOP_MAIN_BASIC_RULE_T "MainRule" #define TOP_LIBINJECTION_SQL_T "LibInjectionSql" #define TOP_LIBINJECTION_XSS_T "LibInjectionXss" +#define TOP_NAXSI_LOGFILE_T "NaxsiLogFile" /* nginx-style names */ #define TOP_DENIED_URL_N "denied_url" @@ -484,6 +485,7 @@ typedef struct ngx_http_nx_json_s #define TOP_MAIN_BASIC_RULE_N "main_rule" #define TOP_LIBINJECTION_SQL_N "libinjection_sql" #define TOP_LIBINJECTION_XSS_N "libinjection_xss" +#define TOP_NAXSI_LOGFILE_N "naxsi_log" /*possible 'tokens' in rule */ #define ID_T "id:" diff --git a/naxsi_src/naxsi_runtime.c b/naxsi_src/naxsi_runtime.c index 28e0b29..6a5dea2 100644 --- a/naxsi_src/naxsi_runtime.c +++ b/naxsi_src/naxsi_runtime.c @@ -1262,7 +1262,7 @@ ngx_http_output_forbidden_page(ngx_http_request_ctx_t* ctx, ngx_http_request_t* if (!ctx->json_log) { for (i = 0; i < ostr->nelts; i++) { ngx_log_error( - NGX_LOG_ERR, r->connection->log, 0, "NAXSI_FMT: %s", ((ngx_str_t*)ostr->elts)[i].data); + NGX_LOG_ERR, cf->log ? cf->log : r->connection->log, 0, "NAXSI_FMT: %s", ((ngx_str_t*)ostr->elts)[i].data); } } else { const char* hex = "0123456789abcdef"; diff --git a/naxsi_src/naxsi_skeleton.c b/naxsi_src/naxsi_skeleton.c index 19486c9..90d4fbc 100644 --- a/naxsi_src/naxsi_skeleton.c +++ b/naxsi_src/naxsi_skeleton.c @@ -60,6 +60,11 @@ ngx_http_naxsi_create_main_conf(ngx_conf_t* cf); void ngx_http_naxsi_payload_handler(ngx_http_request_t* r); +static char *ngx_http_naxsi_log_loc_conf(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { + ngx_http_naxsi_loc_conf_t *alcf = conf; + return ngx_log_set_log(cf, &alcf->log); +} + /* command handled by the module */ static ngx_command_t ngx_http_naxsi_commands[] = { /* BasicRule (in main) */ @@ -225,6 +230,22 @@ static ngx_command_t ngx_http_naxsi_commands[] = { 0, NULL }, + /* NaxsiLogfile */ + { ngx_string(TOP_NAXSI_LOGFILE_T), + NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF | NGX_HTTP_LMT_CONF | NGX_CONF_1MORE, + ngx_http_naxsi_log_loc_conf, + NGX_HTTP_LOC_CONF_OFFSET, + 0, + NULL }, + + /* NaxsiLogfile - nginx style*/ + { ngx_string(TOP_NAXSI_LOGFILE_N), + NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF | NGX_HTTP_LMT_CONF | NGX_CONF_1MORE, + ngx_http_naxsi_log_loc_conf, + NGX_HTTP_LOC_CONF_OFFSET, + 0, + NULL }, + ngx_null_command }; @@ -363,6 +384,8 @@ ngx_http_naxsi_merge_loc_conf(ngx_conf_t* cf, void* parent, void* child) conf->flag_libinjection_xss_h = prev->flag_libinjection_xss_h; if (conf->flag_libinjection_sql_h == 0) conf->flag_libinjection_sql_h = prev->flag_libinjection_sql_h; + if (conf->log == NULL) + conf->log = prev->log; return NGX_CONF_OK; } diff --git a/naxsi_src/naxsi_utils.c b/naxsi_src/naxsi_utils.c index 445c487..e3d6f18 100644 --- a/naxsi_src/naxsi_utils.c +++ b/naxsi_src/naxsi_utils.c @@ -892,6 +892,7 @@ naxsi_log_offending(ngx_str_t* name, naxsi_match_zone_t zone, ngx_int_t target_name) { + ngx_http_naxsi_loc_conf_t* cf; ngx_str_t tmp_uri, tmp_val, tmp_name; ngx_str_t empty = ngx_string(""); @@ -925,8 +926,9 @@ naxsi_log_offending(ngx_str_t* name, ngx_escape_uri(tmp_name.data, name->data, name->len, NGX_ESCAPE_URI_COMPONENT); } + cf = ngx_http_get_module_loc_conf(req, ngx_http_naxsi_module); ngx_log_error(NGX_LOG_ERR, - req->connection->log, + cf->log ? cf->log : req->connection->log, 0, "NAXSI_EXLOG: " "ip=%V&server=%V&uri=%V&id=%d&zone=%s%s&var_name=%V&content=%V",
Can you please submit a PR?
https://github.com/nbs-system/naxsi/pull/563