github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixed noauditlog. See #451.

Browse Source
This commit is contained in:
brectanus 2008-01-25 05:52:49 +00:00
parent 52ccced72b
commit 4c6dccada2
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apache2/modsecurity.c
View File

@ -333,6 +333,10 @@ static int is_response_status_relevant(modsec_rec *msr, int status) {
apr_status_t rc;
char buf[32];
/* ENH: Setting is_relevant here will cause an audit even if noauditlog
* was set for the last rule that matched. Is this what we want?
*/
if ((msr->txcfg->auditlog_relevant_regex == NULL)
||(msr->txcfg->auditlog_relevant_regex == NOT_SET_P))
{

11
apache2/re.c
View File

@ -1585,8 +1585,11 @@ static void msre_perform_disruptive_actions(modsec_rec *msr, msre_rule *rule,
}
}
/* If "noauditlog" was used do not mark the transaction for audit logging. */
if (actionset->auditlog == 1) {
/* If "noauditlog" used do not mark the transaction for audit logging. */
if (actionset->auditlog == 0) {
msr->is_relevant = 0;
}
else {
msr->is_relevant++;
}
@ -1598,8 +1601,8 @@ static void msre_perform_disruptive_actions(modsec_rec *msr, msre_rule *rule,
|| (msr->modsecurity->processing_mode == MODSEC_OFFLINE)
|| (actionset->intercept_action == ACTION_NONE))
{
/* If "nolog" was used log at a higher level. */
msc_alert(msr, (actionset->log == 0 ? 4 : 2), actionset,
/* If "no(audit)?log" was used log at a higher level. */
msc_alert(msr, ((actionset->log == 0) || (actionset->auditlog == 0) ? 4 : 2), actionset,
"Warning.", message);
return;
}