Skip to content

Commit a3dc602

Browse files
victorhoravictorhora
committed
ju5t patch to fix mpm-itk mod_ruid2 compatibility
1 parent d50650b commit a3dc602

File tree

2 files changed

+41
-5
lines changed

2 files changed

+41
-5
lines changed

apache2/msc_logging.c

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -230,10 +230,20 @@ static char *construct_auditlog_filename(apr_pool_t *mp, const char *uniqueid) {
230230
char tstr[300];
231231
apr_size_t len;
232232

233+
/**
234+
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
235+
* It also changes the return statement.
236+
*/
237+
char *username;
238+
apr_uid_t uid;
239+
apr_gid_t gid;
240+
apr_uid_current(&uid, &gid, mp);
241+
apr_uid_name_get(&username, uid, mp);
242+
233243
apr_time_exp_lt(&t, apr_time_now());
234244

235245
apr_strftime(tstr, &len, 299, "/%Y%m%d/%Y%m%d-%H%M/%Y%m%d-%H%M%S", &t);
236-
return apr_psprintf(mp, "%s-%s", tstr, uniqueid);
246+
return apr_psprintf(mp, "/%s%s-%s", username, tstr, uniqueid);
237247
}
238248

239249
/**

apache2/persist_dbm.c

Lines changed: 30 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -101,6 +101,14 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec
101101
int expired = 0;
102102
int i;
103103

104+
/**
105+
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
106+
*/
107+
char *username;
108+
apr_uid_t uid;
109+
apr_gid_t gid;
110+
apr_uid_current(&uid, &gid, msr->mp);
111+
apr_uid_name_get(&username, uid, msr->mp);
104112

105113
if (msr->txcfg->data_dir == NULL) {
106114
msr_log(msr, 1, "collection_retrieve_ex: Unable to retrieve collection (name \"%s\", key \"%s\"). Use "
@@ -109,7 +117,7 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec
109117
goto cleanup;
110118
}
111119

112-
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
120+
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL);
113121

114122
if (msr->txcfg->debuglog_level >= 9) {
115123
msr_log(msr, 9, "collection_retrieve_ex: collection_retrieve_ex: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),
@@ -374,6 +382,15 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
374382
const apr_table_t *stored_col = NULL;
375383
const apr_table_t *orig_col = NULL;
376384

385+
/**
386+
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
387+
*/
388+
char *username;
389+
apr_uid_t uid;
390+
apr_gid_t gid;
391+
apr_uid_current(&uid, &gid, msr->mp);
392+
apr_uid_name_get(&username, uid, msr->mp);
393+
377394
var_name = (msc_string *)apr_table_get(col, "__name");
378395
if (var_name == NULL) {
379396
goto error;
@@ -392,7 +409,7 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
392409
}
393410

394411
// ENH: lowercase the var name in the filename
395-
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL);
412+
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", var_name->value, NULL);
396413

397414
if (msr->txcfg->debuglog_level >= 9) {
398415
msr_log(msr, 9, "collection_store: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, var_name->value),
@@ -655,6 +672,15 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
655672
apr_time_t now = apr_time_sec(msr->request_time);
656673
int i;
657674

675+
/**
676+
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
677+
*/
678+
char *username;
679+
apr_uid_t uid;
680+
apr_gid_t gid;
681+
apr_uid_current(&uid, &gid, msr->mp);
682+
apr_uid_name_get(&username, uid, msr->mp);
683+
658684
if (msr->txcfg->data_dir == NULL) {
659685
/* The user has been warned about this problem enough times already by now.
660686
* msr_log(msr, 1, "Unable to access collection file (name \"%s\"). Use SecDataDir to "
@@ -664,9 +690,9 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
664690
}
665691

666692
if(strstr(col_name,"USER") || strstr(col_name,"SESSION") || strstr(col_name, "RESOURCE"))
667-
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", msr->txcfg->webappid, "_", col_name, NULL);
693+
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", msr->txcfg->webappid, "_", col_name, NULL);
668694
else
669-
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
695+
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL);
670696

671697
if (msr->txcfg->debuglog_level >= 9) {
672698
msr_log(msr, 9, "collections_remove_stale: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),

0 commit comments

Comments
 (0)