github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Centralized function compatible with Linux & Windows (also with mpm-itk & mod_ruid2) to get username

Browse Source
This commit is contained in:
Marc Stern 2023-08-11 17:17:59 +02:00
parent 11f85b82e1
commit c7b28f0e13
3 changed files with 821 additions and 841 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apache2/msc_util.c
View File

@ -2843,3 +2843,14 @@ char* strtok_r(
}
#endif
// Function compatible with Linux & Windows, also with mpm-itk & mod_ruid2
char* get_username(apr_pool_t* mp) {
char* username;
apr_uid_t uid;
apr_gid_t gid;
int rc = apr_uid_current(&uid, &gid, mp);
if (rc != APR_SUCCESS) return "apache";
rc = apr_uid_name_get(&username, uid, mp);
if (rc != APR_SUCCESS) return "apache";
return username;
}

2
apache2/msc_util.h
View File

@ -159,6 +159,8 @@ int DSOLOCAL tree_contains_ip(apr_pool_t *mp, TreeRoot *rtree,
int DSOLOCAL ip_tree_from_param(apr_pool_t *pool,
char *param, TreeRoot **rtree, char **error_msg);
char DSOLOCAL *get_username(apr_pool_t* mp);
#ifdef WITH_CURL
int ip_tree_from_uri(TreeRoot **rtree, char *uri,
apr_pool_t *mp, char **error_msg);

41
apache2/persist_dbm.c
View File

@ -100,18 +100,7 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec
apr_table_entry_t *te;
int expired = 0;
int i;
/**
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
*/
char *userinfo;
apr_uid_t uid;
apr_gid_t gid;
apr_uid_current(&uid, &gid, msr->mp);
rc = apr_uid_name_get(&userinfo, uid, msr->mp);
if (rc != APR_SUCCESS) {
userinfo = apr_psprintf(msr->mp, "%u", uid);
}
char *userinfo = get_username(msr->mp);
if (msr->txcfg->data_dir == NULL) {
msr_log(msr, 1, "collection_retrieve_ex: Unable to retrieve collection (name \"%s\", key \"%s\"). Use "
@ -345,7 +334,7 @@ cleanup:
apr_sdbm_close(dbm);
#ifdef GLOBAL_COLLECTION_LOCK
apr_global_mutex_unlock(msr->modsecurity->dbm_lock);
#endif
ÿnd
}
return NULL;
@ -384,18 +373,7 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
int i;
const apr_table_t *stored_col = NULL;
const apr_table_t *orig_col = NULL;
/**
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
*/
char *userinfo;
apr_uid_t uid;
apr_gid_t gid;
apr_uid_current(&uid, &gid, msr->mp);
rc = apr_uid_name_get(&userinfo, uid, msr->mp);
if (rc != APR_SUCCESS) {
userinfo = apr_psprintf(msr->mp, "%u", uid);
}
char *userinfo = get_username(msr->mp);
var_name = (msc_string *)apr_table_get(col, "__name");
if (var_name == NULL) {
@ -677,18 +655,7 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
char **keys;
apr_time_t now = apr_time_sec(msr->request_time);
int i;
/**
* This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
*/
char *userinfo;
apr_uid_t uid;
apr_gid_t gid;
apr_uid_current(&uid, &gid, msr->mp);
rc = apr_uid_name_get(&userinfo, uid, msr->mp);
if (rc != APR_SUCCESS) {
userinfo = apr_psprintf(msr->mp, "%u", uid);
}
char *userinfo = get_username(msr->mp);
if (msr->txcfg->data_dir == NULL) {
/* The user has been warned about this problem enough times already by now.