Added MODSEC_BUILD variable. See #38.

CHANGES

@@ -1,6 +1,9 @@
 ?? ??? 2007 - 2.5.0-trunk
 -------------------------
 
+ * Added MODSEC_BUILD variable that contains the numeric build value based
+   on the ModSecurity version.
+
  * Enhanced debug logging.
 
  * Cleaned up and clarified some documentation.

apache2/mod_security2.c

@@ -24,6 +24,14 @@
 
 msc_engine DSOLOCAL *modsecurity = NULL;
 
+modsec_build_type_rec DSOLOCAL modsec_build_type[] = {
+    { "dev", 1 },     /* Development build */
+    { "rc", 3 },      /* Release Candidate build */
+    { "", 9 },        /* Production build */
+    { "breach", 9 },  /* Breach build */
+    { "trunk", 9 },   /* Trunk build */
+    { NULL, -1 }      /* terminator */
+};
 
 /* Global module variables; these are used for the Apache-specific functionality */
 
@@ -495,11 +503,11 @@ static int hook_post_config(apr_pool_t *mp, apr_pool_t *mp_log, apr_pool_t *mp_t
     if (first_time) {
         if (new_server_signature != NULL) {
             ap_log_error(APLOG_MARK, APLOG_NOTICE | APLOG_NOERRNO, 0, s,
-                "ModSecurity for Apache %s configured - %s", MODULE_RELEASE, real_server_signature);
+                "ModSecurity for Apache %s (build %s) configured - %s", MODULE_RELEASE, modsec_build(mp_temp), real_server_signature);
         }
         else {
             ap_log_error(APLOG_MARK, APLOG_NOTICE | APLOG_NOERRNO, 0, s,
-                "ModSecurity for Apache %s configured", MODULE_RELEASE);
+                "ModSecurity for Apache %s (build %s) configured", MODULE_RELEASE, modsec_build(mp_temp));
         }
     }
 

apache2/modsecurity.h

@@ -49,9 +49,23 @@ typedef struct msc_string msc_string;
 #include "http_log.h"
 #include "http_protocol.h"
 
+typedef struct modsec_build_type_rec {
+    const char * name;
+    int          val;
+} modsec_build_type_rec;
+extern DSOLOCAL modsec_build_type_rec modsec_build_type[];
+
+#define MODSEC_VERSION_MAJOR       "2"
+#define MODSEC_VERSION_MINOR       "5"
+#define MODSEC_VERSION_MAINT       "0"
+#define MODSEC_VERSION_TYPE        "trunk"
+#define MODSEC_VERSION_RELEASE     "99"
+
 #define MODULE_NAME "ModSecurity"
-#define MODULE_RELEASE "2.5.0-trunk"
-#define MODULE_NAME_FULL (MODULE_NAME " v" MODULE_RELEASE " (Apache 2.x)")
+#define MODULE_RELEASE \
+  MODSEC_VERSION_MAJOR "." MODSEC_VERSION_MINOR "." MODSEC_VERSION_MAINT \
+  "-" MODSEC_VERSION_TYPE MODSEC_VERSION_RELEASE
+#define MODULE_NAME_FULL MODULE_NAME " v" MODULE_RELEASE " (Apache 2.x)"
 
 #define PHASE_REQUEST_HEADERS       1
 #define PHASE_REQUEST_BODY          2
@@ -61,8 +75,8 @@ typedef struct msc_string msc_string;
 #define PHASE_FIRST                 PHASE_REQUEST_HEADERS
 #define PHASE_LAST                  PHASE_LOGGING
 
-#define NOT_SET     -1
-#define NOT_SET_P (void *)-1
+#define NOT_SET                    -1
+#define NOT_SET_P          (void *)-1
 
 #define CREATEMODE ( APR_UREAD | APR_UWRITE | APR_GREAD )
 #define CREATEMODE_DIR ( APR_UREAD | APR_UWRITE | APR_UEXECUTE | APR_GREAD | APR_GEXECUTE )

apache2/msc_util.c

@@ -999,3 +999,22 @@ int normalise_path_inplace(unsigned char *input, int input_len, int win) {
 
     return count;
 }
+
+char *modsec_build(apr_pool_t *mp) {
+    int build_type = 0;
+    int i;
+
+    for (i = 0; modsec_build_type[i].name != NULL; i++) {
+        if (strcmp(MODSEC_VERSION_TYPE, modsec_build_type[i].name) == 0) {
+            build_type = modsec_build_type[i].val;
+            break;
+        }
+    }
+
+    return apr_psprintf(mp, "%02i%02i%02i%1i%02i",
+                            atoi(MODSEC_VERSION_MAJOR),
+                            atoi(MODSEC_VERSION_MINOR),
+                            atoi(MODSEC_VERSION_MAINT),
+                            build_type,
+                            atoi(MODSEC_VERSION_RELEASE));
+}

apache2/msc_util.h

@@ -72,4 +72,6 @@ int DSOLOCAL html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input,
 
 int DSOLOCAL ansi_c_sequences_decode_inplace(unsigned char *input, int len);
 
+char DSOLOCAL *modsec_build(apr_pool_t *mp);
+
 #endif

apache2/re_variables.c

@@ -1020,6 +1020,14 @@ static int var_files_combined_size_generate(modsec_rec *msr, msre_var *var, msre
     return 1;
 }
 
+/* MODSEC_BUILD */
+
+static int var_modsec_build_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
+    apr_table_t *vartab, apr_pool_t *mptmp)
+{
+    return var_simple_generate(var, vartab, mptmp, modsec_build(mptmp));
+}
+
 /* TIME */
 
 static int var_time_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
@@ -2020,6 +2028,17 @@ void msre_engine_register_default_variables(msre_engine *engine) {
         PHASE_REQUEST_BODY
     );
 
+    /* MODSEC_BUILD */
+    msre_engine_variable_register(engine,
+        "MODSEC_BUILD",
+        VAR_SIMPLE,
+        0, 0,
+        NULL,
+        var_modsec_build_generate,
+        VAR_CACHE,
+        PHASE_REQUEST_HEADERS
+    );
+
     /* TIME */
     msre_engine_variable_register(engine,
         "TIME",

doc/modsecurity2-apache-reference.xml

@@ -3,7 +3,7 @@
   <title>ModSecurity Reference Manual</title>
 
   <articleinfo>
-    <releaseinfo>Version 2.5.0-trunk / (July 27, 2007)</releaseinfo>
+    <releaseinfo>Version 2.5.0-trunk / (Aug 8, 2007)</releaseinfo>
 
     <copyright>
       <year>2004-2007</year>
@@ -2188,6 +2188,17 @@ SecRule <emphasis role="bold">ENV:tag</emphasis> "suspicious"</programlisting>
 SecRule GEO:COUNTRY_CODE "!@streq UK"</programlisting>
     </section>
 
+    <section>
+      <title><literal moreinfo="none">MODSEC_BUILD</literal></title>
+
+      <para>This variable holds the ModSecurity build number. This variable is
+      intended to be used to check the build number prior to using a feature
+      that is available only in a certain build. Example:</para>
+
+      <programlisting format="linespecific">SecRule <emphasis role="bold">MODSEC_BUILD</emphasis> "!@ge 02050102" skip:1
+SecRule ARGS "@pm some key words" deny,status:500</programlisting>
+    </section>
+
     <section>
       <title><literal moreinfo="none">PATH_INFO</literal></title>