From c04a4edb4befdec0639dfc222c09bf124c3857fd Mon Sep 17 00:00:00 2001 From: brenosilva Date: Fri, 11 Mar 2011 18:48:58 +0000 Subject: [PATCH] MODSEC-144 --- apache2/mod_security2.c | 33 ++++++++++++++++++++++++++------- apache2/modsecurity.c | 17 +++++++++++++---- 2 files changed, 39 insertions(+), 11 deletions(-) diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c index 83c58ece..e654a1a2 100644 --- a/apache2/mod_security2.c +++ b/apache2/mod_security2.c @@ -34,6 +34,8 @@ #include "ap_mpm.h" #include "scoreboard.h" +#include "apr_version.h" + /* ModSecurity structure */ msc_engine DSOLOCAL *modsecurity = NULL; @@ -829,8 +831,13 @@ static int hook_request_late(request_rec *r) { /** * Invoked every time Apache has something to write to the error log. */ +#if APR_MAJOR_VERSION > 1 +static void hook_error_log(const char *file, int line, int module_index, int level, apr_status_t status, + const server_rec *s, const request_rec *r, apr_pool_t *mp, const char *fmt) +#else static void hook_error_log(const char *file, int line, int level, apr_status_t status, - const server_rec *s, const request_rec *r, apr_pool_t *mp, const char *fmt) + const server_rec *s, const request_rec *r, apr_pool_t *mp, const char *fmt) +#endif { modsec_rec *msr = NULL; error_message *em = NULL; @@ -1150,6 +1157,9 @@ static int hook_connection_early(conn_rec *conn) int i, j; unsigned long int ip_count = 0; worker_score *ws_record = NULL; +#if APR_MAJOR_VERSION > 1 + ap_sb_handle_t *sbh = NULL; +#endif if(sb != NULL && conn_read_state_limit > 0) { @@ -1161,7 +1171,16 @@ static int hook_connection_early(conn_rec *conn) for (i = 0; i < server_limit; ++i) { for (j = 0; j < thread_limit; ++j) { +#if APR_MAJOR_VERSION > 1 + sbh = conn->sbh; + if (sbh == NULL) { + return DECLINED; + } + + ws_record = ap_get_scoreboard_worker(sbh); +#else ws_record = ap_get_scoreboard_worker(i, j); +#endif if(ws_record == NULL) return DECLINED; @@ -1194,9 +1213,9 @@ static int hook_connection_early(conn_rec *conn) * register new variables. */ static void modsec_register_variable(const char *name, unsigned int type, - unsigned int argc_min, unsigned int argc_max, - void *fn_validate, void *fn_generate, - unsigned int is_cacheable, unsigned int availability) { + unsigned int argc_min, unsigned int argc_max, + void *fn_validate, void *fn_generate, + unsigned int is_cacheable, unsigned int availability) { if (modsecurity != NULL) { msre_engine_variable_register(modsecurity->msre, name, type, argc_min, argc_max, (fn_var_validate_t)fn_validate, (fn_var_generate_t)fn_generate, is_cacheable, availability); } @@ -1210,9 +1229,9 @@ static void modsec_register_variable(const char *name, unsigned int type, * register new request body processors. */ static void modsec_register_reqbody_processor(const char *name, - void *fn_init, - void *fn_process, - void *fn_complete) + void *fn_init, + void *fn_process, + void *fn_complete) { if (modsecurity != NULL) { diff --git a/apache2/modsecurity.c b/apache2/modsecurity.c index 755a7f33..9d72ec43 100644 --- a/apache2/modsecurity.c +++ b/apache2/modsecurity.c @@ -24,6 +24,7 @@ #include "msc_parsers.h" #include "msc_util.h" #include "msc_xml.h" +#include "apr_version.h" /** * Format an alert message. @@ -124,26 +125,34 @@ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) { return -1; } - #ifdef __SET_MUTEX_PERMS +#ifdef __SET_MUTEX_PERMS +#if APR_MAJOR_VERSION > 1 + rc = ap_unixd_set_global_mutex_perms(msce->auditlog_lock); +#else rc = unixd_set_global_mutex_perms(msce->auditlog_lock); +#endif if (rc != APR_SUCCESS) { // ap_log_error(APLOG_MARK, APLOG_ERR, rc, s, "mod_security: Could not set permissions on modsec_auditlog_lock; check User and Group directives"); // return HTTP_INTERNAL_SERVER_ERROR; return -1; } - #endif +#endif /* SET_MUTEX_PERMS */ rc = apr_global_mutex_create(&msce->geo_lock, NULL, APR_LOCK_DEFAULT, mp); if (rc != APR_SUCCESS) { return -1; } - #ifdef __SET_MUTEX_PERMS +#ifdef __SET_MUTEX_PERMS +#if APR_MAJOR_VERSION > 1 + rc = ap_unixd_set_global_mutex_perms(msce->geo_lock); +#else rc = unixd_set_global_mutex_perms(msce->geo_lock); +#endif if (rc != APR_SUCCESS) { return -1; } - #endif +#endif /* SET_MUTEX_PERMS */ return 1;