Adds support for the exec action

Author: Felipe Zimmerle

CHANGES

@@ -2,6 +2,8 @@
 v3.0.????? - ?
 ---------------------------
 
+ - Adds support for the exec action.
+   [Issue #1050 - @zimmerle]
  - Adds support for transformations inside Lua engine
    [Issue #994 - @zimmerle]
  - Adds initial support for Lua engine.

Makefile.am

@@ -287,4 +287,5 @@ TESTS+=test/test-cases/regression/misc-variable-under-quotes.json
 TESTS+=test/test-cases/regression/operator-fuzzyhash.json
 TESTS+=test/test-cases/regression/collection-resource.json
 TESTS+=test/test-cases/regression/operator-inpectFile.json
+TESTS+=test/test-cases/regression/action-exec.json
 

src/Makefile.am

@@ -121,6 +121,7 @@ ACTIONS = \
 	actions/disruptive/deny.cc \
 	actions/disruptive/redirect.cc \
 	actions/disruptive/pass.cc \
+	actions/exec.cc \
 	actions/init_col.cc \
 	actions/log.cc \
 	actions/log_data.cc \
@@ -273,6 +274,7 @@ libmodsecurity_la_SOURCES = \
 	macro_expansion.cc \
 	rule.cc \
 	rule_message.cc \
+	rule_script.cc \
 	unique_id.cc \
 	rules_exceptions.cc \
 	${BODY_PROCESSORS} \

src/actions/exec.cc

@@ -0,0 +1,61 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "src/actions/exec.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/actions/action.h"
+#include "modsecurity/transaction.h"
+#include "modsecurity/rule.h"
+#include "src/macro_expansion.h"
+#include "src/utils/system.h"
+#include "src/engine/lua.h"
+
+
+namespace modsecurity {
+namespace actions {
+
+
+bool Exec::init(std::string *error) {
+    std::string err;
+
+    m_script = utils::find_resource(m_parser_payload, "", &err);
+
+    if (m_script.size() == 0) {
+        error->assign("exec: Script not found: " + err);
+        return false;
+    }
+
+    if (engine::Lua::isCompatible(m_script, &m_lua, &err) == false) {
+        error->assign("exec: " + err);
+        return false;
+    }
+
+    return true;
+}
+
+
+bool Exec::evaluate(Rule *rule, Transaction *t) {
+    t->debug(8, "Running script... " + m_script);
+
+    m_lua.run(t);
+    return true;
+}
+
+
+}  // namespace actions
+}  // namespace modsecurity

src/actions/exec.h

@@ -0,0 +1,51 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "modsecurity/actions/action.h"
+#include "src/engine/lua.h"
+
+#ifndef SRC_ACTIONS_EXEC_H_
+#define SRC_ACTIONS_EXEC_H_
+
+class Transaction;
+
+namespace modsecurity {
+class Transaction;
+namespace actions {
+
+
+class Exec : public Action {
+ public:
+    explicit Exec(std::string action)
+        : Action(action),
+        m_script("") { }
+
+    ~Exec() { }
+
+    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool init(std::string *error) override;
+
+ private:
+    std::string m_script;
+    engine::Lua m_lua;
+};
+
+
+}  // namespace actions
+}  // namespace modsecurity
+
+#endif  // SRC_ACTIONS_EXEC_H_