diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c index 140401e2..1fa8669b 100644 --- a/apache2/apache2_config.c +++ b/apache2/apache2_config.c @@ -1705,7 +1705,7 @@ char *parser_conn_limits_operator(apr_pool_t *mp, const char *p2, } else { return apr_psprintf(mp, "ModSecurity: Invalid operator for " \ - "SecReadStateLimit: %s, expected operators: @ipMatch, @ipMatchF " \ + "SecConnReadStateLimit: %s, expected operators: @ipMatch, @ipMatchF " \ "or @ipMatchFromFile with or without !", p2); } @@ -1726,7 +1726,7 @@ char *parser_conn_limits_operator(apr_pool_t *mp, const char *p2, /** -* \brief Add SecReadStateLimit configuration option +* \brief Add SecConnReadStateLimit configuration option * * \param cmd Pointer to configuration data * \param _dcfg Pointer to directory configuration @@ -1747,7 +1747,7 @@ static const char *cmd_conn_read_state_limit(cmd_parms *cmd, void *_dcfg, limit = strtol(p1, NULL, 10); if ((limit == LONG_MAX) || (limit == LONG_MIN) || (limit <= 0)) { return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \ - "SecReadStateLimit: %s", p1); + "SecConnReadStateLimit: %s", p1); } if (p2 != NULL) { @@ -1764,8 +1764,18 @@ static const char *cmd_conn_read_state_limit(cmd_parms *cmd, void *_dcfg, return NULL; } +static const char *cmd_read_state_limit(cmd_parms *cmd, void *_dcfg, + const char *p1, const char *p2) +{ + ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, cmd->pool, + "SecReadStateLimit is depricated, use SecConnReadStateLimit " \ + "instead."); + + return cmd_conn_read_state_limit(cmd, _dcfg, p1, p2); +} + /** -* \brief Add SecWriteStateLimit configuration option +* \brief Add SecConnWriteStateLimit configuration option * * \param cmd Pointer to configuration data * \param _dcfg Pointer to directory configuration @@ -1786,7 +1796,7 @@ static const char *cmd_conn_write_state_limit(cmd_parms *cmd, void *_dcfg, limit = strtol(p1, NULL, 10); if ((limit == LONG_MAX) || (limit == LONG_MIN) || (limit <= 0)) { return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \ - "SecWriteStateLimit: %s", p1); + "SecConnWriteStateLimit: %s", p1); } if (p2 != NULL) { @@ -1802,6 +1812,16 @@ static const char *cmd_conn_write_state_limit(cmd_parms *cmd, void *_dcfg, return NULL; } +static const char *cmd_write_state_limit(cmd_parms *cmd, void *_dcfg, + const char *p1, const char *p2) +{ + ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, cmd->pool, + "SecWriteStateLimit is depricated, use SecConnWriteStateLimit " \ + "instead."); + + return cmd_conn_write_state_limit(cmd, _dcfg, p1, p2); +} + static const char *cmd_request_body_inmemory_limit(cmd_parms *cmd, void *_dcfg, @@ -2163,7 +2183,7 @@ static const char *cmd_sever_conn_filters_engine(cmd_parms *cmd, void *_dcfg, else { return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \ - "SecConnectionEngine: %s", p1); + "SecConnEngine: %s", p1); } return NULL; @@ -3308,7 +3328,7 @@ const command_rec module_directives[] = { ), AP_INIT_TAKE12 ( - "SecReadStateLimit", + "SecConnReadStateLimit", cmd_conn_read_state_limit, NULL, CMD_SCOPE_ANY, @@ -3316,13 +3336,29 @@ const command_rec module_directives[] = { ), AP_INIT_TAKE12 ( - "SecWriteStateLimit", + "SecReadStateLimit", + cmd_read_state_limit, + NULL, + CMD_SCOPE_ANY, + "maximum number of threads in READ_BUSY state per ip address" + ), + + AP_INIT_TAKE12 ( + "SecConnWriteStateLimit", cmd_conn_write_state_limit, NULL, CMD_SCOPE_ANY, "maximum number of threads in WRITE_BUSY state per ip address" ), + AP_INIT_TAKE12 ( + "SecWriteStateLimit", + cmd_write_state_limit, + NULL, + CMD_SCOPE_ANY, + "maximum number of threads in WRITE_BUSY state per ip address" + ), + AP_INIT_TAKE1 ( "SecRequestBodyInMemoryLimit", cmd_request_body_inmemory_limit, @@ -3438,7 +3474,7 @@ const command_rec module_directives[] = { ), AP_INIT_TAKE1 ( - "SecConnectionEngine", + "SecConnEngine", cmd_sever_conn_filters_engine, NULL, CMD_SCOPE_ANY,