From ce21d6b4dc29d9f3fa4d9883ed488bd3f93d41fc Mon Sep 17 00:00:00 2001 From: Andrei Belov Date: Tue, 3 Jun 2014 17:30:04 +0400 Subject: [PATCH] Explicitly set log object to r->connection->log in preaccess phase handler. This change fixes a number of scenarios when ModSecurity's log entries may be written to the wrong file descriptors. In particular, there was an issue with almost any configuration using nginx cache features (proxy_cache, fastcgi_cache, etc) when garbage from ModSecurity logs has been sent to the control socket used for communication between nginx master process and auxiliary processes (workers, cache manager, cache loader). Described behavior was observed with nginx/1.7.0, modsecurity/2.8.0 and OWASP CRS v2.2.9. --- nginx/modsecurity/ngx_http_modsecurity.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c index adefcfc5..c967413f 100644 --- a/nginx/modsecurity/ngx_http_modsecurity.c +++ b/nginx/modsecurity/ngx_http_modsecurity.c @@ -1143,6 +1143,8 @@ ngx_http_modsecurity_handler(ngx_http_request_t *r) { ngx_http_modsecurity_ctx_t *ctx = NULL; ngx_http_modsecurity_loc_conf_t *cf = NULL; + modsecSetLogHook(r->connection->log, modsecLog); + ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSec: Catching a new access phase handler. Count: %d", r->main->count);