Restore r->write_event_handler after reading request body

.travis.yml

@@ -16,8 +16,8 @@ addons:
     - liblmdb-dev
 
 env:
-  - VER_NGINX=1.13.10
-  - VER_NGINX=1.12.2
+  - VER_NGINX=1.15.5
+  - VER_NGINX=1.14.0
 
 before_script:
   - cd ..
@@ -33,7 +33,7 @@ before_script:
   - cd ..
   - wget http://nginx.org/download/nginx-${VER_NGINX}.tar.gz && tar -xf nginx-${VER_NGINX}.tar.gz
   - cd nginx-${VER_NGINX}
-  - ./configure --add-module=../ModSecurity-nginx
+  - ./configure --with-http_auth_request_module --add-module=../ModSecurity-nginx
   - make
   - sudo make install
   - cd ..

src/ngx_http_modsecurity_pre_access.c

@@ -34,6 +34,7 @@ ngx_http_modsecurity_request_read(ngx_http_request_t *r)
     if (ctx->waiting_more_body)
     {
         ctx->waiting_more_body = 0;
+        r->write_event_handler = ngx_http_core_run_phases;
         ngx_http_core_run_phases(r);
     }
 }
@@ -131,6 +132,8 @@ ngx_http_modsecurity_pre_access_handler(ngx_http_request_t *r)
 
         dd("request body is ready to be processed");
 
+        r->write_event_handler = ngx_http_core_run_phases;
+
         ngx_chain_t *chain = r->request_body->bufs;
 
         /**

tests/modsecurity-request-body.t

@@ -22,7 +22,7 @@ use Test::Nginx;
 select STDERR; $| = 1;
 select STDOUT; $| = 1;
 
-my $t = Test::Nginx->new()->has(qw/http/);
+my $t = Test::Nginx->new()->has(qw/http auth_request/);
 
 $t->write_file_expand('nginx.conf', <<'EOF');
 
@@ -41,6 +41,7 @@ http {
         server_name  localhost;
 
         modsecurity on;
+        client_header_buffer_size 1024;
 
         location /bodyaccess {
             modsecurity_rules '
@@ -82,14 +83,28 @@ http {
             ';
             proxy_pass http://127.0.0.1:8081;
         }
+
+        location = /auth {
+            return 200;
+        }
+
+        location = /useauth {
+            modsecurity on;
+            modsecurity_rules '
+                SecRuleEngine On
+                SecRequestBodyAccess On
+            ';
+            auth_request /auth;
+            proxy_pass http://127.0.0.1:8081;
+        }
     }
 }
 EOF
 
 $t->run_daemon(\&http_daemon);
 $t->run()->waitforsocket('127.0.0.1:' . port(8081));
 
-$t->plan(32);
+$t->plan(36);
 
 ###############################################################################
 
@@ -104,6 +119,33 @@ like(http_req_body($method, '/bodylimitprocesspartial', 'BODY' x 32 . 'BAD BODY'
 like(http_req_body($method, '/bodylimitprocesspartial', 'BODY' x 30 . 'BAD BODY' x 32), qr/403 Forbidden/, "$method request body limit process partial, block");
 }
 
+like(http_req_body('POST', '/useauth', 'BODY' x 16), qr/TEST-OK-IF-YOU-SEE-THIS/, "POST with auth_request (request size < client_header_buffer_size)");
+like(http_req_body('POST', '/useauth', 'BODY' x 257), qr/TEST-OK-IF-YOU-SEE-THIS/, "POST with auth_request (request size > client_header_buffer_size)");
+
+like(
+        http(
+                'POST /useauth HTTP/1.0' . CRLF
+                . 'Content-Length: 1028' . CRLF . CRLF
+                . 'BODY' x 256,
+                sleep => 0.1,
+                body => 'BODY'
+        ),
+        qr/TEST-OK-IF-YOU-SEE-THIS/,
+        'POST with auth_request (request size > client_header_buffer_size), no preread'
+);
+
+like(
+        http(
+                'POST /useauth HTTP/1.0' . CRLF
+                . 'Content-Length: 64' . CRLF . CRLF
+                . 'BODY' x 15,
+                sleep => 0.1,
+                body => 'BODY'
+        ),
+        qr/TEST-OK-IF-YOU-SEE-THIS/,
+        'POST with auth_request (request size < client_header_buffer_size), no preread'
+);
+
 ###############################################################################
 
 sub http_daemon {