Merge 2.5 changes.

apache2/apache2_util.c

@@ -240,7 +240,7 @@ void internal_log(request_rec *r, directory_config *dcfg, modsec_rec *msr,
     char str1[1024] = "";
     char str2[1256] = "";
 
-    /* Find the logging FD and look up the logging level in the configuration. */
+    /* Find the logging FD and determine the logging level from configuration. */
     if (dcfg != NULL) {
         if ((dcfg->debuglog_fd != NULL)&&(dcfg->debuglog_fd != NOT_SET_P)) {
             debuglog_fd = dcfg->debuglog_fd;

apache2/mlogc-src/mlogc-batch-load.pl.in

@@ -1,7 +1,7 @@
 #!@PERL@
 #
 # ModSecurity for Apache 2.x, http://www.modsecurity.org/
-# Copyright (c) 2004-2009 Breach Security, Inc. (http://www.breach.com/)
+# Copyright (c) 2004-2008 Breach Security, Inc. (http://www.breach.com/)
 #
 # This product is released under the terms of the General Public Licence,
 # version 2 (GPLv2). Please refer to the file LICENSE (included with this

apache2/pdf_protect.c

@@ -365,7 +365,6 @@ apr_status_t pdfp_output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
  */
 int pdfp_check(modsec_rec *msr) {
     const char *token = NULL;
-    directory_config *cfg = NULL;
     char *uri = NULL;
     char *p = NULL;
 
@@ -426,10 +425,12 @@ int pdfp_check(modsec_rec *msr) {
 
     /* Ignore request methods other than GET and HEAD if
      * configured to do so.
+     *
+     * TODO: Code here is only GET, not GET|HEAD as comment states
      */
-    if ((msr->r->method_number != M_GET)&&(cfg->pdfp_only_get != 0)) {
+    if ((msr->r->method_number != M_GET)&&(msr->txcfg->pdfp_only_get != 0)) {
         if (msr->txcfg->debuglog_level >= 4) {
-            msr_log(msr, 4, "PdfProtect: Not intercepting a GET/HEAD request "
+            msr_log(msr, 4, "PdfProtect: Not intercepting request "
             "(method=%s/%d).", log_escape_nq(msr->mp, msr->r->method), msr->r->method_number);
         }