V4|BddlZddlZddlZddlmZddlmZddlmZddl m Z m Z m Z ddl mZmZddlmZddlmZdd lmZd d lmZd d lmZd d lmZddlmZmZddlm Z m!Z!d dl"m#Z#ej$e%Z&dZ'dZ(Gdde)Z*de+fdZ,dZ-de+fdZ.dZ/dS)N)CancelledError)Version)Path)BACKUP_EXTENSION CheckRunErroratomic_rewrite)MODSECIndex) web_server)APACHE) GenericPanel)map_components_versions_to_tags) HostingPanel)CorazaModSecurity)safe_update_configgraceful_restart)is_apache2nginx_enableduse_coraza4cpanel)is_force_use_corazazD/var/lib/cloudlinux-app-version-detector/components_versions.sqlite3ztags_matching.jsonceZdZdS)NotSupportedWebserverErrorN)__name__ __module__ __qualname__X/opt/imunify360/venv/lib/python3.11/site-packages/im360/subsys/waf_rules_configurator.pyrr$sDrrreturncKt}tststrdS|d{V}t |t r |tkS|tkrdS tj d{V}tj d{V}n=#t$rt$r&}td|Yd}~dSd}~wwxYw|tdkod|vS)zApache >= 2.4 is supported and security2_module installed. - litespeed is not supported - nginx is not supported Apache is expected to be running, otherwise False is returned In case of any error, False is returned also TNFz-Error occurs while getting Apache version: %sz2.4ssecurity2_module)rrrrget_web_server isinstancer r r apache_versionapache_modulesr Exceptionloggererrorr)hp webserverversionmodulesexcs ris_webserver_supportedr-(sS B  " $ $    t''))))))))I"l###F""Fu"133333333"133333333   DcJJJuuuuu genn $ G)<)GGs2B88C2 C--C2cRKtd{Vstdt}t|}t |t }t|}|o| |k}|sf|r0t||drt ddSdSt||d{Vrt ddSdSt ddS)zO Update modsec config file with enabled tags for specific directories. NzkWAF rules configurator supports only apache webserver with version >= 2.4 or apache2nginx and ModSecurity 2F)backupz2App specific rules config was successfully updatedz-WAF Rules Set Config was successfully updatedz*WAF Rules Set Config is already up to date)r-rrrget_app_specific_waf_configr"r _rules_configexists read_textrr&infor)panel config_path is_coraza new_config is_uptodates rupdate_waf_rules_configr:Lso()) ) ) ) ) ) ) ( ?   NNEu88::;;K 5"344Iy))J F!6!6!8!8J!F  B  Mk:eDDD  H   ( Z@@@@@@@@ M KLLLLL M M  @AAAAArr7c tjtjt t }t|d5}tj |}dddn #1swxYwYtt||S)Nzutf-8)encoding) ospathjoinr files_pathr MAPPING_FILEopenjsonloadrCOMPONENTS_VERSION_DB)r7 mapping_pathftagss rr1r1rs7<< 0 8 8,GGL lW - - -y|| *tY  sA//A36A3c|K t}n#t$rYdSwxYwtj|t zr_tj|t z| td{VdS#t$rt dYdSwxYwdS)uI In case if Agent starts and config backup is present — then it is required to restore it: original .conf files must be replaced by the backup file and then WS restart command must be applied. In this case we assume that backed up configuration file is correct and none config checks are performed. Nz2Web server failed to start with a backed up config) rr0NotImplementedErrorr=r>isfilerrenamerrr& exception)r6s rtry_restore_config_from_backuprN{s"nn@@BB  w~~k$4455 + 00+>>> "$$ $ $ $ $ $ $ $ $ $      D        s % 33;B$B98B9)0rCloggingr=asynciorpackaging.versionrpathlibrdefence360agent.utilsrrr im360.filesr r defence360agent.subsysr im360.subsys.panels.baser !im360.subsys.panels.generic.panelr modsec_app_version_detectorrpanels.hosting_panelrpanels.coraza_modsecurityr!defence360agent.subsys.web_serverrr im360.utilsrr int_configr getLoggerrr&rErAr%rboolr-r:r1rNrrrr`s  """"""%%%%%% &%%%%%%%------++++++::::::HHHHHH......888888CBBBBBBB++++++  8 $ $K$         !Hd!H!H!H!HH#B#B#BLTr