Fix detection mode reopen file (#153)
* Fix Reopen file issue in detection mode * remove outdated comment * only expose the lock * move wafjson lock from modsec to global
This commit is contained in:
Yanshu
GitHub
Родитель
d3ebd65264
Коммит
fdf13f7c9c
|
|
@ -468,7 +468,7 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec *
|
|||
const char* scope = apr_table_get(r->notes, WAF_POLICY_SCOPE);
|
||||
const char* scope_name = apr_table_get(r->notes, WAF_POLICY_SCOPE_NAME);
|
||||
|
||||
send_waf_log(msr->modsecurity->wafjsonlog_lock, &msc_waf_log_fd, str1, r->useragent_ip ? r->useragent_ip : r->connection->client_ip, log_escape(msr->mp, r->uri), (!msr->allow_scope) ? dcfg->is_enabled : msr->allow_scope, r->hostname, r->log_id, r, dcfg->waf_policy_id, scope ? scope : "", scope_name ? scope_name : "");
|
||||
send_waf_log(wafjsonlog_lock, &msc_waf_log_fd, str1, r->useragent_ip ? r->useragent_ip : r->connection->client_ip, log_escape(msr->mp, r->uri), (!msr->allow_scope) ? dcfg->is_enabled : msr->allow_scope, r->hostname, r->log_id, r, dcfg->waf_policy_id, scope ? scope : "", scope_name ? scope_name : "");
|
||||
#endif
|
||||
|
||||
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
|
||||
|
|
|
|||
|
|
@ -96,6 +96,7 @@ TreeRoot DSOLOCAL *conn_write_state_suspicious_list = 0;
|
|||
char DSOLOCAL *msc_waf_resourceId = NULL;
|
||||
char DSOLOCAL *msc_waf_instanceId = NULL;
|
||||
sig_atomic_t DSOLOCAL msc_waf_log_reopen_requested = 1;
|
||||
struct waf_lock DSOLOCAL *wafjsonlog_lock = NULL;
|
||||
apr_file_t DSOLOCAL *msc_waf_log_fd = NULL;
|
||||
char DSOLOCAL msc_waf_log_path[WAF_LOG_PATH_LENGTH] = "";
|
||||
cmd_parms DSOLOCAL *msc_waf_log_cmd = NULL;
|
||||
|
|
|
|||
|
|
@ -206,10 +206,10 @@ int modsecurity_init(msc_engine *msce, apr_pool_t *mp) {
|
|||
/* Serial wafjson log mutext */
|
||||
set_lock_args(lock_args, WAFJSONLOG_LOCK_ID);
|
||||
|
||||
msce->wafjsonlog_lock = apr_pcalloc(mp, sizeof(struct waf_lock));
|
||||
rc = waf_create_lock(msce->wafjsonlog_lock, lock_args);
|
||||
wafjsonlog_lock = apr_pcalloc(mp, sizeof(struct waf_lock));
|
||||
rc = waf_create_lock(wafjsonlog_lock, lock_args);
|
||||
if (waf_lock_is_error(rc)) {
|
||||
//ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, "mod_security: Could not create modsec_wafjsonlog_lock");
|
||||
//ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, "mod_security: Could not create wafjsonlog_lock");
|
||||
//return HTTP_INTERNAL_SERVER_ERROR;
|
||||
return -1;
|
||||
}
|
||||
|
|
@ -271,13 +271,13 @@ void modsecurity_child_init(msc_engine *msce) {
|
|||
waf_create_lock(msce->auditlog_lock, lock_args);
|
||||
|
||||
#ifdef WAF_JSON_LOGGING_ENABLE
|
||||
if (msce->wafjsonlog_lock == NULL) {
|
||||
msce->wafjsonlog_lock = apr_pcalloc(msce->mp, sizeof(struct waf_lock));
|
||||
if (wafjsonlog_lock == NULL) {
|
||||
wafjsonlog_lock = apr_pcalloc(msce->mp, sizeof(struct waf_lock));
|
||||
}
|
||||
|
||||
set_lock_args(lock_args, WAFJSONLOG_LOCK_ID);
|
||||
|
||||
waf_create_lock(msce->wafjsonlog_lock, lock_args);
|
||||
waf_create_lock(wafjsonlog_lock, lock_args);
|
||||
|
||||
sigfillset (&block_mask);
|
||||
psa.sa_handler = modsecurity_handle_signals_for_reopen;
|
||||
|
|
|
|||
|
|
@ -176,6 +176,7 @@ extern DSOLOCAL int *unicode_map_table;
|
|||
extern DSOLOCAL char *msc_waf_resourceId;
|
||||
extern DSOLOCAL char *msc_waf_instanceId;
|
||||
extern DSOLOCAL sig_atomic_t msc_waf_log_reopen_requested;
|
||||
extern DSOLOCAL struct waf_lock *wafjsonlog_lock;;
|
||||
extern DSOLOCAL apr_file_t *msc_waf_log_fd;
|
||||
extern DSOLOCAL char msc_waf_log_path[WAF_LOG_PATH_LENGTH];
|
||||
extern DSOLOCAL cmd_parms *msc_waf_log_cmd;
|
||||
|
|
@ -698,9 +699,6 @@ struct error_message_t {
|
|||
struct msc_engine {
|
||||
apr_pool_t *mp;
|
||||
struct waf_lock *auditlog_lock;
|
||||
#ifdef WAF_JSON_LOGGING_ENABLE
|
||||
struct waf_lock *wafjsonlog_lock;
|
||||
#endif
|
||||
struct waf_lock *geo_lock;
|
||||
#ifdef GLOBAL_COLLECTION_LOCK
|
||||
struct waf_lock *dbm_lock;
|
||||
|
|
|
|||
|
|
@ -790,61 +790,56 @@ void modsecReportRemoteLoadedRules()
|
|||
#ifdef WAF_JSON_LOGGING_ENABLE
|
||||
void modsecReopenLogfileIfNeeded(request_rec *r)
|
||||
{
|
||||
modsec_rec *msr = NULL;
|
||||
int rc = 0;
|
||||
apr_file_t * fd = NULL;
|
||||
/* Find the transaction context first. */
|
||||
msr = retrieve_msr(r);
|
||||
|
||||
if (msr == NULL)
|
||||
if (wafjsonlog_lock == NULL)
|
||||
return;
|
||||
|
||||
if (msc_waf_log_reopen_requested){
|
||||
if (msr->modsecurity != NULL && msr->modsecurity->wafjsonlog_lock != NULL){
|
||||
rc = waf_get_exclusive_lock(msr->modsecurity->wafjsonlog_lock);
|
||||
if (waf_lock_is_error(rc)) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
|
||||
"ModSecurity not able to get lock for %s file", msc_waf_log_path);
|
||||
return;
|
||||
}
|
||||
rc = waf_get_exclusive_lock(wafjsonlog_lock);
|
||||
if (waf_lock_is_error(rc)) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
|
||||
"ModSecurity not able to get lock for %s file", msc_waf_log_path);
|
||||
return;
|
||||
}
|
||||
|
||||
rc = apr_file_open(&fd, msc_waf_log_path,
|
||||
APR_WRITE | APR_APPEND | APR_CREATE | APR_BINARY,
|
||||
CREATEMODE | APR_WREAD, msc_waf_log_cmd->pool);
|
||||
rc = apr_file_open(&fd, msc_waf_log_path,
|
||||
APR_WRITE | APR_APPEND | APR_CREATE | APR_BINARY,
|
||||
CREATEMODE | APR_WREAD, msc_waf_log_cmd->pool);
|
||||
|
||||
if (rc != APR_SUCCESS) {
|
||||
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "ModSecurity: " \
|
||||
"not able to reopen file: %s",
|
||||
msc_waf_log_path);
|
||||
if (rc != APR_SUCCESS) {
|
||||
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "ModSecurity: " \
|
||||
"not able to reopen file: %s",
|
||||
msc_waf_log_path);
|
||||
|
||||
rc = waf_free_exclusive_lock(msr->modsecurity->wafjsonlog_lock);
|
||||
rc = waf_free_exclusive_lock(wafjsonlog_lock);
|
||||
|
||||
if (waf_lock_is_error(rc)) {
|
||||
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "ModSecurity: " \
|
||||
"cannot release lock for file: %s",
|
||||
msc_waf_log_path);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
if (msc_waf_log_fd != NULL){
|
||||
rc = apr_file_close(msc_waf_log_fd);
|
||||
if (rc != APR_SUCCESS) {
|
||||
ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, NULL, "ModSecurity: " \
|
||||
"cannot close file: %s",
|
||||
msc_waf_log_path);
|
||||
}
|
||||
}
|
||||
|
||||
msc_waf_log_fd = fd;
|
||||
|
||||
rc = waf_free_exclusive_lock(msr->modsecurity->wafjsonlog_lock);
|
||||
if (waf_lock_is_error(rc)) {
|
||||
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "ModSecurity: " \
|
||||
"cannot release lock for file: %s",
|
||||
msc_waf_log_path);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
if (msc_waf_log_fd != NULL){
|
||||
rc = apr_file_close(msc_waf_log_fd);
|
||||
if (rc != APR_SUCCESS) {
|
||||
ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, NULL, "ModSecurity: " \
|
||||
"cannot close file: %s",
|
||||
msc_waf_log_path);
|
||||
}
|
||||
}
|
||||
|
||||
msc_waf_log_fd = fd;
|
||||
|
||||
rc = waf_free_exclusive_lock(wafjsonlog_lock);
|
||||
if (waf_lock_is_error(rc)) {
|
||||
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "ModSecurity: " \
|
||||
"cannot release lock for file: %s",
|
||||
msc_waf_log_path);
|
||||
}
|
||||
|
||||
msc_waf_log_reopen_requested = 0;
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче