Use the context to decide whether ModSecurity is enabled or not

Currently, the connector decides whether ModSecurity is enabled or not
based on the configuration directive in the request's location conf.
In case of an internal redirect and if ModSecurity is not enabled in the
internal redirect's location conf, the log handler will not run and the
transaction of the original request will not be logged.

This commit extends the current behavior of the header and body filters,
which assume that a null context means that ModSecurity is disabled, to
the pre access and log handlers. As a result, the connector will always
decide based on the original request whether ModSecurity is enabled or not.

Author: mlevogiannis

Diff for: src/ngx_http_modsecurity_body_filter.c

@@ -53,6 +53,7 @@ ngx_http_modsecurity_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
     dd("body filter, recovering ctx: %p", ctx);
 
     if (ctx == NULL) {
+        dd("ModSecurity not enabled or an error occured");
         return ngx_http_next_body_filter(r, in);
     }
 

Diff for: src/ngx_http_modsecurity_header_filter.c

@@ -426,7 +426,7 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r)
 
     if (ctx == NULL)
     {
-        dd("something really bad happened or ModSecurity is disabled. going to the next filter.");
+        dd("ModSecurity not enabled or an error occured");
         return ngx_http_next_header_filter(r);
     }
 

Diff for: src/ngx_http_modsecurity_log.c

@@ -39,17 +39,9 @@ ngx_http_modsecurity_log_handler(ngx_http_request_t *r)
 {
     ngx_pool_t                   *old_pool;
     ngx_http_modsecurity_ctx_t   *ctx;
-    ngx_http_modsecurity_conf_t  *mcf;
 
     dd("catching a new _log_ phase handler");
 
-    mcf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity_module);
-    if (mcf == NULL || mcf->enable != 1)
-    {
-        dd("ModSecurity not enabled... returning");
-        return NGX_OK;
-    }
-
     /*
     if (r->method != NGX_HTTP_GET &&
         r->method != NGX_HTTP_POST && r->method != NGX_HTTP_HEAD) {
@@ -63,8 +55,8 @@ ngx_http_modsecurity_log_handler(ngx_http_request_t *r)
     dd("recovering ctx: %p", ctx);
 
     if (ctx == NULL) {
-        dd("something really bad happened here. returning NGX_ERROR");
-        return NGX_ERROR;
+        dd("ModSecurity not enabled or an error occured");
+        return NGX_OK;
     }
 
     dd("calling msc_process_logging for %p", ctx);

Diff for: src/ngx_http_modsecurity_pre_access.c

@@ -46,16 +46,9 @@ ngx_http_modsecurity_pre_access_handler(ngx_http_request_t *r)
 #if 1
     ngx_pool_t                   *old_pool;
     ngx_http_modsecurity_ctx_t   *ctx;
-    ngx_http_modsecurity_conf_t  *mcf;
 
     dd("catching a new _preaccess_ phase handler");
 
-    mcf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity_module);
-    if (mcf == NULL || mcf->enable != 1)
-    {
-        dd("ModSecurity not enabled... returning");
-        return NGX_DECLINED;
-    }
     /*
      * FIXME:
      * In order to perform some tests, let's accept everything.
@@ -74,8 +67,8 @@ ngx_http_modsecurity_pre_access_handler(ngx_http_request_t *r)
 
     if (ctx == NULL)
     {
-        dd("ctx is null; Nothing we can do, returning an error.");
-        return NGX_HTTP_INTERNAL_SERVER_ERROR;
+        dd("ModSecurity not enabled or an error occured");
+        return NGX_DECLINED;
     }
 
     if (ctx->request_body_processed) {