Open fizzyduck opened 3 years ago
Hello, the goal here is to have a fsm with state tracking, i'll need to get back in the middle of the code to be honnest, was coded overnight as a proof of concept, and, i was never sure anybody would use it.
i've just updated the code to compile correctly on varnish 7.
that being said, it might be some left over that are not needed anymore.
the only advantage i see is to only accept certain calls in certain vcl method, it might be useful if the user writing the vcl tries to run methods in bad locations, so it will mainly help have a more defensive vmod.
let me know if this helps. that being said, wrote this a long time ago, i'll need to re-understand the logic
Hello, the goal here is to have a fsm with state tracking, i'll need to get back in the middle of the code to be honnest, was coded overnight as a proof of concept, and, i was never sure anybody would use it.
It is a brilliant idea, you should not give it up.
The libModSecurity design allows the integration with bindings. There is an effort to avoid breaking API [binary] compatibility to make an easy integration with possible bindings. Currently, there are two notable projects maintained by the community:
Python - https://github.com/actions-security/pymodsecurity Varnish - https://github.com/xdecock/vmod-modsecurity
@xdecock Would you mind explaining what the unimplemented constants below refer to? Some wider context would be really helpful.
https://github.com/xdecock/vmod-modsecurity/blob/9378bffe1b8214423625cfc5eb874b1ec523be04/src/vmod_sec.c#L31