Skip to content

Commit 655c4d4

Browse files
robertpirobertpi
authored
Correct raw string and add logs (#251)
1 parent 1054161 commit 655c4d4

File tree

1 file changed

+18
-11
lines changed

1 file changed

+18
-11
lines changed

src/security/library.cpp

Lines changed: 18 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -375,18 +375,18 @@ namespace datadog::nginx::security {
375375
class FinalizedConfigSettings {
376376
static constexpr ngx_uint_t kDefaultWafTimeoutUsec = 1000000; // 100 ms
377377
static constexpr std::string_view kDefaultObfuscationKeyRegex =
378-
R"((?i)pass|pw(?:or)?d|secret|(?:api|private|public|access)[_-]?key"
379-
R"|token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)|bearer"
380-
R"|authorization|jsessionid|phpsessid|asp\.net[_-]sessionid|sid|jwt)";
378+
R"((?i)pass|pw(?:or)?d|secret|(?:api|private|public|access)[_-]?key)"
379+
R"(|token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)|bearer)"
380+
R"(|authorization|jsessionid|phpsessid|asp\.net[_-]sessionid|sid|jwt)";
381381
static constexpr std::string_view kDefaultObfuscationValueRegex =
382-
R"((?i)(?:p(?:ass)?w(?:or)?d|pass(?:[_-]?phrase)?|secret(?:[_-]?key)?"
383-
R"|(?:(?:api|private|public|access)[_-]?)key(?:[_-]?id)?
384-
R"|(?:(?:auth|access|id|refresh)[_-]?)?token|consumer[_-]?(?:id|key|secret)
385-
R"|sign(?:ed|ature)?|auth(?:entication|orization)?|jsessionid|phpsessid|
386-
R"asp\.net(?:[_-]|-)sessionid|sid|jwt)(?:\s*=([^;&]+)|"\s*:\s*("[^"]+"|\d+))
387-
R"|bearer\s+([a-z0-9\._\-]+)|token\s*:\s*([a-z0-9]{13})|gh[opsu]_([0-9a-zA-Z]{36})
388-
R"|ey[I-L][\w=-]+\.(ey[I-L][\w=-]+(?:\.[\w.+\/=-]+)?)|[\-]{5}BEGIN[a-z\s]+
389-
R"PRIVATE\sKEY[\-]{5}([^\-]+)[\-]{5}END[a-z\s]+PRIVATE\sKEY|ssh-rsa\s*([a-z0-9\/\.+]{100,}))";
382+
R"((?i)(?:p(?:ass)?w(?:or)?d|pass(?:[_-]?phrase)?|secret(?:[_-]?key)?)"
383+
R"(|(?:(?:api|private|public|access)[_-]?)key(?:[_-]?id)?)"
384+
R"(|(?:(?:auth|access|id|refresh)[_-]?)?token|consumer[_-]?(?:id|key|secret))"
385+
R"(|sign(?:ed|ature)?|auth(?:entication|orization)?|jsessionid|phpsessid|)"
386+
R"(asp\.net(?:[_-]|-)sessionid|sid|jwt)(?:\s*=([^;&]+)|"\s*:\s*("[^"]+"|\d+)))"
387+
R"(|bearer\s+([a-z0-9\._\-]+)|token\s*:\s*([a-z0-9]{13})|gh[opsu]_([0-9a-zA-Z]{36}))"
388+
R"(|ey[I-L][\w=-]+\.(ey[I-L][\w=-]+(?:\.[\w.+\/=-]+)?)|[\-]{5}BEGIN[a-z\s]+)"
389+
R"(PRIVATE\sKEY[\-]{5}([^\-]+)[\-]{5}END[a-z\s]+PRIVATE\sKEY|ssh-rsa\s*([a-z0-9\/\.+]{100,}))";
390390

391391
public:
392392
enum class enable_status : std::uint8_t {
@@ -559,6 +559,10 @@ FinalizedConfigSettings::FinalizedConfigSettings(
559559
.value_or(std::string{kDefaultObfuscationKeyRegex});
560560
}
561561

562+
ngx_str_t key_regex = ngx_stringv(obfuscation_key_regex_);
563+
ngx_log_debug(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
564+
"obfuscation_key_regex_: %V", &key_regex);
565+
562566
if (ngx_conf.appsec_obfuscation_value_regex.data != nullptr) {
563567
obfuscation_value_regex_ =
564568
to_string_view(ngx_conf.appsec_obfuscation_value_regex);
@@ -568,6 +572,9 @@ FinalizedConfigSettings::FinalizedConfigSettings(
568572
evs, "DD_APPSEC_OBFUSCATION_PARAMETER_VALUE_REGEXP"sv)
569573
.value_or(std::string{kDefaultObfuscationValueRegex});
570574
}
575+
ngx_str_t value_regex = ngx_stringv(obfuscation_value_regex_);
576+
ngx_log_debug(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
577+
"obfuscation_value_regex_: %V", &value_regex);
571578

572579
if (ngx_conf.appsec_max_saved_output_data != NGX_CONF_UNSET_SIZE) {
573580
appsec_max_saved_output_data_.emplace(

0 commit comments

Comments
 (0)