From dc81e4f85282663a93faba5e35d506af9b614830 Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <fcosta@trustwave.com>
Date: Fri, 28 Nov 2014 13:39:46 -0800
Subject: [PATCH] Informs problems and successfully loaded external resources
 during reload

Resources load mechanism as the SecRemoteRuels were not showing information
about the loaded rules while Apache was reloaded. This patch add such
information to reload in the same way that it was showing on restart.
---
 CHANGES                 |  2 ++
 apache2/mod_security2.c | 21 ++++++++++++++-------
 apache2/re_operators.c  |  7 ++++++-
 3 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/CHANGES b/CHANGES
index 39b655b3..901b124f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,8 @@
 DD mmm YYYY - 2.9.????? (To be released)
 -----------------------
 
+ * Informs about external resources loaded/failed while reloading Apache.
+   [ModSecurity team]
  * Adds missing 'ModSecurity:' prefix in some warnings messages.
    [Walter Hop and ModSecurity team]
  * Refactoring external resources download warn messages. Holding the message
diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c
index fa5e05ec..7f69b8fc 100644
--- a/apache2/mod_security2.c
+++ b/apache2/mod_security2.c
@@ -762,14 +762,15 @@ static int hook_post_config(apr_pool_t *mp, apr_pool_t *mp_log, apr_pool_t *mp_t
                     "it by set SecStatusEngine to On.");
         }
 #endif
+    }
 
-        if (remote_rules_fail_message != NULL)
-        {
-            ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "ModSecurity: " \
-                    "Problems loading external resources: %s",
-                    remote_rules_fail_message);
-        }
-
+    /**
+     * Checking if it is not the first time that we are in this very function.
+     * We want to show the messages below during the start and the reload.
+     *
+     */
+    if (first_time != 1)
+    {
 #ifdef WITH_REMOTE_RULES
         if (remote_rules_server != NULL)
         {
@@ -789,6 +790,12 @@ static int hook_post_config(apr_pool_t *mp, apr_pool_t *mp_log, apr_pool_t *mp_t
             }
         }
 #endif
+        if (remote_rules_fail_message != NULL)
+        {
+            ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "ModSecurity: " \
+                "Problems loading external resources: %s",
+                remote_rules_fail_message);
+        }
     }
 
     srand((unsigned int)(time(NULL) * getpid()));
diff --git a/apache2/re_operators.c b/apache2/re_operators.c
index 33ce83cf..5040176f 100644
--- a/apache2/re_operators.c
+++ b/apache2/re_operators.c
@@ -1293,7 +1293,12 @@ static int msre_op_pmFromFile_param_init(msre_rule *rule, char **error_msg) {
 
             res = msc_remote_download_content(rule->ruleset->mp, fn, NULL,
                     &chunk, error_msg);
-            if (res == -1)
+            if (res == -2)
+            {
+                /* If download failed but SecRemoteRulesFailAction is set to Warn. */
+                return 1;
+            }
+            else if (res < 0)
             {
                 return 0;
             }