From 53cc0c7d26d4fb7923019ca56a05b068ec8195b5 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Mon, 10 Apr 2017 12:25:49 +0200 Subject: [PATCH 1/5] {dis|en}able-collection-delete-problem-logging: Option to disable logging of collection delete problem in audit log when log level < 9 in audit log [Issue #576 - Marc Stern] --- CHANGES | 3 +++ apache2/persist_dbm.c | 14 ++++++++++---- configure.ac | 17 ++++++++++++++++- 3 files changed, 29 insertions(+), 5 deletions(-) diff --git a/CHANGES b/CHANGES index 9765bb2a2a..366fb9563d 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,9 @@ DD MMM YYYY - 2.9.2 - To be released ------------------------------------ + * {dis|en}able-collection-delete-problem-logging: Option to disable logging of + collection delete problem in audit log when log level < 9 in audit log. + [Issue #576 - Marc Stern] * {dis|en}able-filename-logging: Option to disable logging of filename in audit log. [Issue #1065 - Marc Stern] diff --git a/apache2/persist_dbm.c b/apache2/persist_dbm.c index 76c3820baf..691925e286 100644 --- a/apache2/persist_dbm.c +++ b/apache2/persist_dbm.c @@ -217,10 +217,13 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec rc = apr_sdbm_delete(dbm, key); if (rc != APR_SUCCESS) { - msr_log(msr, 1, "collection_retrieve_ex: Failed deleting collection (name \"%s\", " +#ifdef NO_LOG_COLL_CONCUR_ACCESS + if (msr->txcfg->debuglog_level >= 9) +#endif + msr_log(msr, 1, "collection_retrieve_ex: Failed deleting collection (name \"%s\", " "key \"%s\"): %s", log_escape(msr->mp, col_name), log_escape_ex(msr->mp, col_key, col_key_len), get_apr_error(msr->mp, rc)); - msr->msc_sdbm_delete_error = 1; + msr->msc_sdbm_delete_error = 1; goto cleanup; } @@ -678,10 +681,13 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) { if (expiry_time <= now) { rc = apr_sdbm_delete(dbm, key); if (rc != APR_SUCCESS) { - msr_log(msr, 1, "collections_remove_stale: Failed deleting collection (name \"%s\", " +#ifdef NO_LOG_COLL_CONCUR_ACCESS + if (msr->txcfg->debuglog_level >= 9) +#endif + msr_log(msr, 1, "collections_remove_stale: Failed deleting collection (name \"%s\", " "key \"%s\"): %s", log_escape(msr->mp, col_name), log_escape_ex(msr->mp, key.dptr, key.dsize - 1), get_apr_error(msr->mp, rc)); - msr->msc_sdbm_delete_error = 1; + msr->msc_sdbm_delete_error = 1; goto error; } diff --git a/configure.ac b/configure.ac index e7e5098afd..4239a4b242 100644 --- a/configure.ac +++ b/configure.ac @@ -442,6 +442,21 @@ AC_ARG_ENABLE(filename-logging, log_filename='' ]) +# Disable logging of problem when deleting collection +AC_ARG_ENABLE(collection-delete-problem-logging, + AS_HELP_STRING([--enable-collection-delete-problem-logging], + [Enable logging of collection delete problem in audit log when log level < 9. This is the default]), +[ + if test "$enableval" != "no"; then + log_collection-delete-problem= + else + log_collection-delete-problem-logging="-DLOG_NO_COLL_DELET_PB" + fi +], +[ + log_collection-delete-problem-logging='' +]) + # Ignore configure errors AC_ARG_ENABLE(errors, AS_HELP_STRING([--disable-errors], @@ -692,7 +707,7 @@ else fi fi -MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename" +MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_collection-delete-problem-logging" APXS_WRAPPER=build/apxs-wrapper APXS_EXTRA_CFLAGS="" From 4f1d1c1bf3d3969db67f1e5cad65a7cd0195ba19 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Mon, 10 Apr 2017 12:27:56 +0200 Subject: [PATCH 2/5] typo --- CHANGES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 366fb9563d..83d7da77fa 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,7 @@ DD MMM YYYY - 2.9.2 - To be released ------------------------------------ * {dis|en}able-collection-delete-problem-logging: Option to disable logging of - collection delete problem in audit log when log level < 9 in audit log. + collection delete problem in audit log when log level < 9. [Issue #576 - Marc Stern] * {dis|en}able-filename-logging: Option to disable logging of filename in audit log. From 46245912aa44292962555ae1b2a15ed1a59d875f Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Mon, 10 Apr 2017 12:35:52 +0200 Subject: [PATCH 3/5] changed define name --- apache2/persist_dbm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apache2/persist_dbm.c b/apache2/persist_dbm.c index 691925e286..7f8b6f104c 100644 --- a/apache2/persist_dbm.c +++ b/apache2/persist_dbm.c @@ -217,7 +217,7 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec rc = apr_sdbm_delete(dbm, key); if (rc != APR_SUCCESS) { -#ifdef NO_LOG_COLL_CONCUR_ACCESS +#ifdef LOG_NO_COLL_DELET_PB if (msr->txcfg->debuglog_level >= 9) #endif msr_log(msr, 1, "collection_retrieve_ex: Failed deleting collection (name \"%s\", " @@ -681,7 +681,7 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) { if (expiry_time <= now) { rc = apr_sdbm_delete(dbm, key); if (rc != APR_SUCCESS) { -#ifdef NO_LOG_COLL_CONCUR_ACCESS +#ifdef LOG_NO_COLL_DELET_PB if (msr->txcfg->debuglog_level >= 9) #endif msr_log(msr, 1, "collections_remove_stale: Failed deleting collection (name \"%s\", " From ae21a301641cb6154f710b46cd2a0d722e55003e Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Mon, 10 Apr 2017 12:52:33 +0200 Subject: [PATCH 4/5] typos --- configure.ac | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 4239a4b242..7fa66090ce 100644 --- a/configure.ac +++ b/configure.ac @@ -450,11 +450,11 @@ AC_ARG_ENABLE(collection-delete-problem-logging, if test "$enableval" != "no"; then log_collection-delete-problem= else - log_collection-delete-problem-logging="-DLOG_NO_COLL_DELET_PB" + log_collection-delete-problem="-DLOG_NO_COLL_DELET_PB" fi ], [ - log_collection-delete-problem-logging='' + log_collection-delete-problem='' ]) # Ignore configure errors @@ -707,7 +707,7 @@ else fi fi -MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_collection-delete-problem-logging" +MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename $log_collection-delete-problem" APXS_WRAPPER=build/apxs-wrapper APXS_EXTRA_CFLAGS="" From 88c472dfc9a19d7fa22f73b545f34ecb62921570 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Tue, 11 Apr 2017 09:03:57 +0200 Subject: [PATCH 5/5] fixed syntax --- configure.ac | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 7fa66090ce..f65363f43d 100644 --- a/configure.ac +++ b/configure.ac @@ -448,13 +448,13 @@ AC_ARG_ENABLE(collection-delete-problem-logging, [Enable logging of collection delete problem in audit log when log level < 9. This is the default]), [ if test "$enableval" != "no"; then - log_collection-delete-problem= + log_collection_delete_problem= else - log_collection-delete-problem="-DLOG_NO_COLL_DELET_PB" + log_collection_delete_problem="-DLOG_NO_COLL_DELET_PB" fi ], [ - log_collection-delete-problem='' + log_collection_delete_problem='' ]) # Ignore configure errors @@ -707,7 +707,7 @@ else fi fi -MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename $log_collection-delete-problem" +MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename $log_collection_delete_problem" APXS_WRAPPER=build/apxs-wrapper APXS_EXTRA_CFLAGS=""