Update version/date in docs.

2026-01-10 02:04:36 +03:00 · 2007-10-17 23:21:33 +00:00
parent 5549ed2ed8
commit 05b8934eaf
5 changed files with 28 additions and 17 deletions
--- a/5
+++ b/5
@@ -1,3 +1,8 @@
+17 Oct 2007 - 2.1.4-rc2
+-----------------------
+
+ * Do not process subrequests in phase 2-4, but do hand off the request data.
+

 15 Oct 2007 - 2.1.4-rc1
 -----------------------
--- a/apache2/apache2_io.c
+++ b/apache2/apache2_io.c
@@ -40,6 +40,11 @@ apr_status_t input_filter(ap_filter_t *f, apr_bucket_brigade *bb_out,

    msr->r = f->r;

+    if (msr->phase < PHASE_REQUEST_BODY) {
+            msr_log(msr, 1, "Internal error: REQUEST_BODY phase incomplete for input filter in phase %d", msr->phase);
+            return APR_EGENERAL;
+    }
+
    if ((msr->if_status == IF_STATUS_COMPLETE)||(msr->if_status == IF_STATUS_NONE)) {
        if (msr->txcfg->debuglog_level >= 4) {
            msr_log(msr, 4, "Input filter: Input forwarding already complete, skipping (f %x, r %x).", f, f->r);
--- a/apache2/mod_security2.c
+++ b/apache2/mod_security2.c
@@ -860,17 +860,27 @@ static int hook_log_transaction(request_rec *r) {
 static void hook_insert_filter(request_rec *r) {
    modsec_rec *msr = NULL;

-    /* This function needs to run only once per transaction
+    /* Find the transaction context first. */
+    msr = retrieve_tx_context(r);
+    if (msr == NULL) return;
+
+    /* Add the input filter, but only if we need it to run. */
+    if (msr->if_status == IF_STATUS_WANTS_TO_RUN) {
+        if (msr->txcfg->debuglog_level >= 4) {
+            msr_log(msr, 4, "Hook insert_filter: Adding input forwarding filter %s(r %x).", (((r->main != NULL)||(r->prev != NULL)) ? "for subrequest " : ""), r);
+        }
+
+        ap_add_input_filter("MODSECURITY_IN", msr, r, r->connection);
+    }
+
+
+    /* The output filters only need to be added only once per transaction
     * (i.e. subrequests and redirects are excluded).
     */
    if ((r->main != NULL)||(r->prev != NULL)) {
        return;
    }

-    /* Find the transaction context first. */
-    msr = retrieve_tx_context(r);
-    if (msr == NULL) return;
-
    /* Only proceed to add the filter if the engine is enabled. */
    if (msr->txcfg->is_enabled == 0) {
        if (msr->txcfg->debuglog_level >= 4) {
@@ -880,15 +890,6 @@ static void hook_insert_filter(request_rec *r) {
        return;
    }

-    /* Add the input filter, but only if we need it to run. */
-    if (msr->if_status == IF_STATUS_WANTS_TO_RUN) {
-        if (msr->txcfg->debuglog_level >= 4) {
-            msr_log(msr, 4, "Hook insert_filter: Adding input forwarding filter (r %x).", r);
-        }
-
-        ap_add_input_filter("MODSECURITY_IN", msr, r, r->connection);
-    }
-
    /* We always add the output filter because that's where we need to
     * initiate our 3rd and 4th processing phases from. The filter is
     * smart enough not to buffer the data if it is not supposed to.
--- a/apache2/modsecurity.h
+++ b/apache2/modsecurity.h
@@ -48,7 +48,7 @@ typedef struct msc_string msc_string;
 #include "http_protocol.h"

 #define MODULE_NAME "ModSecurity"
-#define MODULE_RELEASE "2.1.4-rc1"
+#define MODULE_RELEASE "2.1.4-rc2"
 #define MODULE_NAME_FULL (MODULE_NAME " v" MODULE_RELEASE " (Apache 2.x)")

 #define PHASE_REQUEST_HEADERS       1
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -3,7 +3,7 @@
  <title>ModSecurity Reference Manual</title>

  <articleinfo>
-    <releaseinfo>Version 2.1.4-rc1 / (October 15, 2007)</releaseinfo>
+    <releaseinfo>Version 2.1.4-rc2 / (October 17, 2007)</releaseinfo>

    <copyright>
      <year>2004-2007</year>
@@ -4429,4 +4429,4 @@ SecRule XML "<emphasis role="bold">@validateSchema /path/to/apache2/conf/xml.xsd
      </section>
    </section>
  </section>
-</article>
+</article>