microsoft
diff --git a/‎.gitmodules‎
Lines changed: 0 additions & 4 deletions b/‎.gitmodules‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎apache2/apache2_config.c‎
Lines changed: 1 addition & 1 deletion b/‎apache2/apache2_config.c‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎apache2/apache2_util.c‎
Lines changed: 9 additions & 9 deletions b/‎apache2/apache2_util.c‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎apache2/libinjection/libinjection_sqli.c‎
Lines changed: 4 additions & 4 deletions b/‎apache2/libinjection/libinjection_sqli.c‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎apache2/mod_security2.c‎
Lines changed: 1 addition & 1 deletion b/‎apache2/mod_security2.c‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎apache2/modsecurity.h‎
Lines changed: 14 additions & 14 deletions b/‎apache2/modsecurity.h‎
Lines changed: 14 additions & 14 deletions
diff --git a/‎apache2/modsecurity_config.h‎
Lines changed: 1 addition & 1 deletion b/‎apache2/modsecurity_config.h‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎apache2/msc_json.h‎
Lines changed: 1 addition & 1 deletion b/‎apache2/msc_json.h‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎apache2/msc_logging.c‎
Lines changed: 11 additions & 11 deletions b/‎apache2/msc_logging.c‎
Lines changed: 11 additions & 11 deletions
diff --git a/‎apache2/msc_release.h‎
Lines changed: 3 additions & 3 deletions b/‎apache2/msc_release.h‎
Lines changed: 3 additions & 3 deletions
@@ -820,7 +820,7 @@ static const char *add_rule(cmd_parms *cmd, directory_config *dcfg, int type,
     }
 
 #ifndef ALLOW_ID_NOT_UNIQUE
-    /* Rules must have uniq ID */
+	/* Rules must have uniq ID */
     type_rule = (dcfg->tmp_chain_starter == NULL);
 #if defined(WITH_LUA)
             type_rule = (type != RULE_TYPE_LUA && type_rule);
 
@@ -200,7 +200,7 @@ char *get_env_var(request_rec *r, char *name) {
 static void get_field_value(const char* from, const char* to, const char* text, char* output) {
     char* first = strstr(text, from);
     int first_index = first - text;
-    char backslash[] = "\\";
+	char backslash[] = "\\";
 
     if (first != NULL ) {
         if ((first_index > 0 && strncmp((first-1), backslash, 2) != 0) || (first_index == 0)) {
@@ -332,16 +332,16 @@ static void send_waf_log(struct waf_lock* lock, apr_file_t* fd, const char* str1
     char waf_ruleset_type[50] = "";
     char waf_ruleset_version[50] = "";
     char waf_detail_message[1024] = "";
-    char waf_unique_id[100] = "";
+	char waf_unique_id[100] = "";
 
     get_field_value("[file ", "]", str1, waf_filename);
     get_field_value("[id ", "]", str1, waf_id);
     get_field_value("[line ", "]", str1, waf_line);
     get_field_value("[msg ", "]", str1, waf_message);
     get_field_value("[data ", "]", str1, waf_data);
-    get_field_value("[ver ", "]", str1, waf_ruleset_info);
-    get_field_value("[unique_id ", "]", unique_id, waf_unique_id);
-    get_ip_port(ip_port, waf_ip, waf_port);
+	get_field_value("[ver ", "]", str1, waf_ruleset_info);
+	get_field_value("[unique_id ", "]", unique_id, waf_unique_id);
+	get_ip_port(ip_port, waf_ip, waf_port);
     get_detail_message(str1, waf_detail_message); 
     get_short_filename(waf_filename);
     get_ruleset_type_version(waf_ruleset_info, waf_ruleset_type, waf_ruleset_version); 
@@ -438,8 +438,8 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec *
 
     /* Send message levels 1-3 to the Apache error log and 
      * add it to the message list in the audit log. */
-    char *unique_id = (char *)get_env_var(r, "UNIQUE_ID");
-    if (level <= 3) {
+	char *unique_id = (char *)get_env_var(r, "UNIQUE_ID");
+	if (level <= 3) {
         char *hostname = (char *)msr->hostname;
         char *requestheaderhostname = (char *)r->hostname;
 
@@ -469,7 +469,7 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec *
 
             if (rc != APR_SUCCESS) {
                 #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
-                    ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
+                	ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
                             "ModSecurity not able to reopen %s file", WAF_LOG_UTIL_FILE);
                 #else
                         ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
@@ -484,7 +484,7 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec *
 #endif
 
 #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
-    ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
+	ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
             "[client %s] ModSecurity: %s%s [uri \"%s\"]%s%s", r->useragent_ip ? r->useragent_ip : r->connection->client_ip, str1,
             hostname, log_escape(msr->mp, r->uri), unique_id, requestheaderhostname);
 #else
 
@@ -1444,7 +1444,7 @@ int libinjection_sqli_fold(struct libinjection_sqli_state * sf)
                 )
             {
                 if (pos > LIBINJECTION_SQLI_MAX_TOKENS) {
-            st_copy(&(sf->tokenvec[1]), &(sf->tokenvec[LIBINJECTION_SQLI_MAX_TOKENS]));
+		    st_copy(&(sf->tokenvec[1]), &(sf->tokenvec[LIBINJECTION_SQLI_MAX_TOKENS]));
                     pos = 2;
                     left = 0;
                 } else {
@@ -1521,9 +1521,9 @@ int libinjection_sqli_fold(struct libinjection_sqli_state * sf)
             continue;
         } else if (sf->tokenvec[left].type == TYPE_SEMICOLON &&
                    sf->tokenvec[left+1].type == TYPE_FUNCTION &&
-           (sf->tokenvec[left+1].val[0] == 'I' ||
-            sf->tokenvec[left+1].val[0] == 'i' ) &&
-           (sf->tokenvec[left+1].val[1] == 'F' ||
+		   (sf->tokenvec[left+1].val[0] == 'I' ||
+		    sf->tokenvec[left+1].val[0] == 'i' ) &&
+		   (sf->tokenvec[left+1].val[1] == 'F' ||
                     sf->tokenvec[left+1].val[1] == 'f' )) {
             /* IF is normally a function, except in Transact-SQL where it can be used as a
              * standalone control flow operator, e.g. ; IF 1=1 ...
 
@@ -294,7 +294,7 @@ int perform_interception(modsec_rec *msr) {
                     csd = ap_get_module_config(msr->r->connection->conn_config, &core_module);
                 }
 #else
-        csd = ap_get_module_config(msr->r->connection->conn_config, &core_module);
+		csd = ap_get_module_config(msr->r->connection->conn_config, &core_module);
 #endif
                 if (csd) {
                     if (apr_socket_close(csd) == APR_SUCCESS) {
 
@@ -231,8 +231,8 @@ extern DSOLOCAL char *msc_waf_lock_group;
 #define STATUS_ENGINE_ENABLED           1
 #define STATUS_ENGINE_DISABLED          0
 
-#define REMOTE_RULES_ABORT_ON_FAIL    0
-#define REMOTE_RULES_WARN_ON_FAIL    1
+#define REMOTE_RULES_ABORT_ON_FAIL	0
+#define REMOTE_RULES_WARN_ON_FAIL	1
 
 #define HASH_DISABLED             0
 #define HASH_ENABLED              1
@@ -412,8 +412,8 @@ struct modsec_rec {
 
     apr_size_t           msc_reqbody_no_files_length;
 
-    char        *msc_full_request_buffer;
-    int            msc_full_request_length;
+    char		*msc_full_request_buffer;
+    int			msc_full_request_length;
 
     char                *multipart_filename;
     char                *multipart_name;
@@ -439,15 +439,15 @@ struct modsec_rec {
 
     /* performance measurement */
     apr_time_t       request_time;
-    apr_time_t         time_phase1;
-    apr_time_t         time_phase2;
-    apr_time_t         time_phase3;
-    apr_time_t         time_phase4;
-    apr_time_t         time_phase5;
-    apr_time_t         time_storage_read;
-    apr_time_t         time_storage_write;
-    apr_time_t         time_logging;
-    apr_time_t         time_gc;
+    apr_time_t		 time_phase1;
+    apr_time_t		 time_phase2;
+    apr_time_t		 time_phase3;
+    apr_time_t		 time_phase4;
+    apr_time_t		 time_phase5;
+    apr_time_t		 time_storage_read;
+    apr_time_t		 time_storage_write;
+    apr_time_t		 time_logging;
+    apr_time_t		 time_gc;
     apr_table_t      *perf_rules;
 
     apr_array_header_t  *matched_rules;
@@ -670,7 +670,7 @@ struct directory_config {
     int                 xml_external_entity;
 #ifdef MEMORY_DATABASE_ENABLE
     /* AGMDB */
-    directory_config    *root_config;
+    directory_config	*root_config;
     int                 db_option;
     void                *agmdb_handles;    
 #endif
 
@@ -2,7 +2,7 @@
  * so this is here to prevent that by removing them.
  */
 
-#ifndef    WIN32
+#ifndef	WIN32
 
 /* Undefine all these so there are no conflicts */
 #undef PACKAGE
 
@@ -54,7 +54,7 @@ int DSOLOCAL json_complete(modsec_rec *msr, char **error_msg);
 apr_status_t DSOLOCAL json_cleanup(modsec_rec *msr);
 
 int DSOLOCAL json_process_chunk(modsec_rec *msr, const char *buf,
-        unsigned int size, char **error_msg);
+		unsigned int size, char **error_msg);
 
 #endif
 #endif
@@ -735,7 +735,7 @@ void sec_audit_logger_json(modsec_rec *msr) {
 
     /* Lock the mutex, but only if we are using serial format. */
     if (msr->txcfg->auditlog_type != AUDITLOG_CONCURRENT) {
-        rc = waf_get_exclusive_lock(msr->modsecurity->auditlog_lock);
+	    rc = waf_get_exclusive_lock(msr->modsecurity->auditlog_lock);
         if (waf_lock_is_error(rc)) {
             msr_log(msr, 1, "Audit log: Failed to lock global mutex: %s",
                 get_apr_error(msr->mp, rc));
@@ -1279,7 +1279,7 @@ void sec_audit_logger_json(modsec_rec *msr) {
             yajl_gen_map_close(g); // sanitized args map is finished
         }
 #ifdef LOG_NO_SERVER_CONTEXT
-    }
+	}
 #endif
 
         /* Web application info. */
@@ -1447,7 +1447,7 @@ void sec_audit_logger_json(modsec_rec *msr) {
     if (msr->txcfg->auditlog_type != AUDITLOG_CONCURRENT) {
 
         /* Unlock the mutex we used to serialise access to the audit log file. */
-        rc = waf_free_exclusive_lock(msr->modsecurity->auditlog_lock);
+	    rc = waf_free_exclusive_lock(msr->modsecurity->auditlog_lock);
         if (waf_lock_is_error(rc)) {
             msr_log(msr, 1, "Audit log: Failed to unlock global mutex: %s",
                     get_apr_error(msr->mp, rc));
@@ -1622,7 +1622,7 @@ void sec_audit_logger_native(modsec_rec *msr) {
 
     /* Lock the mutex, but only if we are using serial format. */
     if (msr->txcfg->auditlog_type != AUDITLOG_CONCURRENT) {
-        rc = waf_get_exclusive_lock(msr->modsecurity->auditlog_lock);
+	    rc = waf_get_exclusive_lock(msr->modsecurity->auditlog_lock);
         if (waf_lock_is_error(rc)) {
             msr_log(msr, 1, "Audit log: Failed to lock global mutex: %s",
                 get_apr_error(msr->mp, rc));
@@ -1991,16 +1991,16 @@ void sec_audit_logger_native(modsec_rec *msr) {
 
         /* Apache-Handler */
 #ifdef LOG_NO_HANDLER
-    if (msr->txcfg->debuglog_level >= 9)
+	if (msr->txcfg->debuglog_level >= 9)
 #endif
-    if (msr->r->handler != NULL) {
+	if (msr->r->handler != NULL) {
             text = apr_psprintf(msr->mp, "Apache-Handler: %s\n", msr->r->handler);
             sec_auditlog_write(msr, text, strlen(text));
         }
 
         /* Stopwatch; left in for compatibility reasons */
 #ifdef LOG_NO_STOPWATCH
-    if (msr->txcfg->debuglog_level >= 9) {
+	if (msr->txcfg->debuglog_level >= 9) {
 #endif
         text = apr_psprintf(msr->mp, "Stopwatch: %" APR_TIME_T_FMT " %" APR_TIME_T_FMT " (- - -)\n",
             msr->request_time, (now - msr->request_time));
@@ -2022,7 +2022,7 @@ void sec_audit_logger_native(modsec_rec *msr) {
         /* ENH Only write this when the output was chunked. */
         /* ENH Add info when request body was decompressed, dechunked too. */
 #ifdef LOG_NO_DECHUNK
-    if (msr->txcfg->debuglog_level >= 9)
+	if (msr->txcfg->debuglog_level >= 9)
 #endif
         if (wrote_response_body) {
             text = apr_psprintf(msr->mp, "Response-Body-Transformed: Dechunked\n");
@@ -2101,10 +2101,10 @@ void sec_audit_logger_native(modsec_rec *msr) {
             }
         }
 #ifdef LOG_NO_SERVER_CONTEXT
-    }
+	}
 #endif
 
-    /* Web application info. */
+	/* Web application info. */
         if ( ((msr->txcfg->webappid != NULL)&&(strcmp(msr->txcfg->webappid, "default") != 0))
             || (msr->sessionid != NULL) || (msr->userid != NULL))
         {
@@ -2227,7 +2227,7 @@ void sec_audit_logger_native(modsec_rec *msr) {
         sec_auditlog_write(msr, "\n", 1);
 
         /* Unlock the mutex we used to serialise access to the audit log file. */
-        rc = waf_free_exclusive_lock(msr->modsecurity->auditlog_lock);
+	    rc = waf_free_exclusive_lock(msr->modsecurity->auditlog_lock);
         if (waf_lock_is_error(rc)) {
             msr_log(msr, 1, "Audit log: Failed to unlock global mutex: %s",
                     get_apr_error(msr->mp, rc));
 
@@ -49,13 +49,13 @@
   MODSEC_VERSION_SUFFIX
 
 /* Apache Module Defines */
-#ifdef    VERSION_IIS
+#ifdef	VERSION_IIS
 #define MODSEC_MODULE_NAME "ModSecurity for IIS (STABLE)"
 #else
-#ifdef    VERSION_NGINX
+#ifdef	VERSION_NGINX
 #define MODSEC_MODULE_NAME "ModSecurity for nginx (STABLE)"
 #else
-#ifdef    VERSION_STANDALONE
+#ifdef	VERSION_STANDALONE
 #define MODSEC_MODULE_NAME "ModSecurity Standalone (STABLE)"
 #else
 #define MODSEC_MODULE_NAME "ModSecurity for Apache"
Original file line number	Diff line number	Diff line change
`@@ -820,7 +820,7 @@ static const char add_rule(cmd_parms cmd, directory_config *dcfg, int type,`
`820`	`820`	`}`
`821`	`821`
`822`	`822`	`#ifndef ALLOW_ID_NOT_UNIQUE`
`823`		`- /* Rules must have uniq ID */`
	`823`	`+ /* Rules must have uniq ID */`
`824`	`824`	`type_rule = (dcfg->tmp_chain_starter == NULL);`
`825`	`825`	`#if defined(WITH_LUA)`
`826`	`826`	`type_rule = (type != RULE_TYPE_LUA && type_rule);`
Original file line number	Diff line number	Diff line change
`@@ -294,7 +294,7 @@ int perform_interception(modsec_rec *msr) {`
`294`	`294`	`csd = ap_get_module_config(msr->r->connection->conn_config, &core_module);`
`295`	`295`	`}`
`296`	`296`	`#else`
`297`		`- csd = ap_get_module_config(msr->r->connection->conn_config, &core_module);`
	`297`	`+ csd = ap_get_module_config(msr->r->connection->conn_config, &core_module);`
`298`	`298`	`#endif`
`299`	`299`	`if (csd) {`
`300`	`300`	`if (apr_socket_close(csd) == APR_SUCCESS) {`