summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Makefile4
-rw-r--r--mod_log_post-0.1.0-httpd24.patch65
-rw-r--r--mod_log_post.spec89
3 files changed, 158 insertions, 0 deletions
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..1e65467
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,4 @@
+SRCDIR := $(shell pwd)
+NAME := $(shell basename $(SRCDIR))
+include ../common/Makefile
+
diff --git a/mod_log_post-0.1.0-httpd24.patch b/mod_log_post-0.1.0-httpd24.patch
new file mode 100644
index 0000000..583cb0b
--- /dev/null
+++ b/mod_log_post-0.1.0-httpd24.patch
@@ -0,0 +1,65 @@
+--- a/mod_log_post.c
++++ a/mod_log_post.c
+@@ -1045,7 +1045,7 @@ const char *get_variable(modsec_rec *msr, variable *v, int var_type) {
+ break;
+
+ case VAR_REMOTE_ADDR :
+- result = r->connection->remote_ip;
++ result = r->useragent_ip;
+ break;
+
+ case VAR_REMOTE_HOST :
+@@ -1108,7 +1108,7 @@ const char *get_variable(modsec_rec *msr, variable *v, int var_type) {
+ break;
+
+ case VAR_SERVER_SOFTWARE :
+- result = ap_get_server_version();
++ result = ap_get_server_banner();
+ break;
+
+ case VAR_API_VERSION :
+@@ -1973,7 +1973,7 @@ static int read_post_payload(modsec_rec *msr) {
+
+ folder = get_temp_folder(r->pool);
+
+- ctx->tmp_file_name = apr_psprintf(r->pool, "%s/%s-%s-request_body-XXXXXX", folder, current_filetime(r), r->connection->remote_ip);
++ ctx->tmp_file_name = apr_psprintf(r->pool, "%s/%s-%s-request_body-XXXXXX", folder, current_filetime(r), r->useragent_ip);
+ if (ctx->tmp_file_name == NULL) {
+ msr->_post_payload = NULL;
+ sec_debug_log(r, 1, "read_post_payload: Memory allocation failed");
+@@ -3064,7 +3064,7 @@ static char *construct_log_vcombinedus(request_rec *r, request_rec *origr) {
+ if (user_agent == NULL) user_agent = "-";
+
+ return apr_psprintf(r->pool, "%s %s %s %s [%s] \"%s\" %i %" APR_OFF_T_FMT " \"%s\" \"%s\" %s \"%s\"",
+- ap_get_server_name(r), r->connection->remote_ip, log_escape(r->pool, remote_user),
++ ap_get_server_name(r), r->useragent_ip, log_escape(r->pool, remote_user),
+ log_escape(r->pool, local_user), current_logtime(r),
+ ((origr->the_request == NULL) ? "" : log_escape(r->pool, origr->the_request)),
+ origr->status, r->bytes_sent, log_escape(r->pool, referer), log_escape(r->pool, user_agent),
+@@ -3477,7 +3477,7 @@ static void sec_debug_log(request_rec *r, int level, const char *text, ...) {
+ if (hostname != NULL) hostname = apr_psprintf(r->pool, " [hostname \"%s\"]", log_escape(r->pool, hostname));
+ else hostname = "";
+
+- ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server, "[client %s] mod_log_post: %s%s [uri \"%s\"]%s", r->connection->remote_ip, str1, hostname, log_escape(r->pool, r->unparsed_uri), unique_id);
++ ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server, "[client %s] mod_log_post: %s%s [uri \"%s\"]%s", r->useragent_ip, str1, hostname, log_escape(r->pool, r->unparsed_uri), unique_id);
+ }
+
+ va_end(ap);
+@@ -3592,7 +3592,7 @@ char *construct_put_filename(modsec_rec *msr) {
+
+ tmp_dir = get_temp_folder(msr->r->pool);
+
+- return apr_psprintf(msr->r->pool, "%s/%s-%s-%s", tmp_dir, current_filetime(msr->r), msr->r->connection->remote_ip, put_file_name);
++ return apr_psprintf(msr->r->pool, "%s/%s-%s-%s", tmp_dir, current_filetime(msr->r), msr->r->useragent_ip, put_file_name);
+ }
+
+ apr_status_t request_body_file_cleanup(void *data) {
+@@ -4546,7 +4546,7 @@ static int sec_init(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_r
+ }
+
+ #ifdef __SET_MUTEX_PERMS
+- rv = unixd_set_global_mutex_perms(modsec_auditlog_lock);
++ rv = ap_unixd_set_global_mutex_perms(modsec_auditlog_lock);
+ if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, "mod_log_post: Could not set permissions on modsec_auditlog_lock; check User and Group directives");
+ return HTTP_INTERNAL_SERVER_ERROR;
diff --git a/mod_log_post.spec b/mod_log_post.spec
new file mode 100644
index 0000000..b7ca990
--- /dev/null
+++ b/mod_log_post.spec
@@ -0,0 +1,89 @@
+# /usr/sbin/apxs with httpd < 2.4 and defined as /usr/bin/apxs with httpd >= 2.4
+%{!?_httpd_apxs: %{expand: %%global _httpd_apxs %%{_sbindir}/apxs}}
+%{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo missing-httpd-devel)}}
+%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %%{_sysconfdir}/httpd/conf.d}}
+# /etc/httpd/conf.d with httpd < 2.4 and defined as /etc/httpd/conf.modules.d with httpd >= 2.4
+%{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}}
+
+Summary: Module for the Apache web server to log all HTTP POST messages
+Summary(de): Modul für den Apache Webserver zur Protokollierung von HTTP POST
+Name: mod_log_post
+Version: 0.1.0
+Release: 5%{?dist}
+Group: System Environment/Daemons
+License: GPLv2 with exceptions
+URL: http://ftp.robert-scheck.de/linux/%{name}/
+Source: http://ftp.robert-scheck.de/linux/%{name}/%{name}-%{version}.tar.gz
+BuildRequires: httpd-devel >= 2.0.39
+Requires: httpd-mmn = %{_httpd_mmn}
+Patch0: mod_log_post-0.1.0-httpd24.patch
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+%description
+mod_log_post can be used for logging all HTTP POST messages. The module
+is based on mod_security but in difference it never returns any error
+messages to the visitors of your websites. Logging of POST data can be
+very useful for debugging purposes or analyses. As the module is loaded
+and run after the SSL decryption, it even can log POST data transmitted
+before via SSL to the Apache web server.
+
+%description -l de
+mod_log_post kann verwendet werden, um POST von HTTP zu protokollieren.
+Das Modul basiert auf mod_security, im Unterschied dazu jedoch liefert
+es niemals eine Fehlermeldung an den Besucher einer Webseite aus. Das
+Protokollieren von POST-Daten kann bei der Fehlersuche bzw. Analyse sehr
+hilfreich sein. Nachdem das Modul nach der SSL-Entschlüsselung geladen
+und ausgeführt wird, kann es auch POST-Daten mitschreiben, die mittels
+SSL an den Apache Webserver übermittelt worden sind.
+
+%prep
+%setup -q
+%patch0 -p1 -b .httpd24
+
+%build
+%configure --with-apxs=%{_httpd_apxs}
+make %{?_smp_mflags}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make DESTDIR=$RPM_BUILD_ROOT install
+
+%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
+# Adapt for 2.4-style module configuration
+mkdir -p $RPM_BUILD_ROOT%{_httpd_modconfdir}
+sed -n /^LoadModule/p $RPM_BUILD_ROOT%{_httpd_confdir}/log_post.conf \
+ >> $RPM_BUILD_ROOT%{_httpd_modconfdir}/10-log_post.conf
+sed -i /^LoadModule/d $RPM_BUILD_ROOT%{_httpd_confdir}/log_post.conf
+%endif
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(-,root,root,-)
+%doc ChangeLog COPYING LICENSING_EXCEPTION README
+%{_libdir}/httpd/modules/%{name}.so
+%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
+%config(noreplace) %{_httpd_modconfdir}/10-log_post.conf
+%endif
+%config(noreplace) %{_httpd_confdir}/log_post.conf
+
+%changelog
+* Mon Apr 16 2012 Remi Collet <RPMS@FamilleCollet.com> - 0.1.0-5
+- rebuild for remi repo and httpd 2.4
+
+* Mon Apr 16 2012 Joe Orton <jorton@redhat.com> - 0.1.0-5
+- update for httpd 2.4 (patch by Jan Kaluza, #809714)
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.0-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Fri May 22 2009 Robert Scheck <robert@fedoraproject.org> 0.1.0-1
+- Upgrade to 0.1.0
+- Initial spec file for Fedora and Red Hat Enterprise Linux
generated by cgit (git 2.34.1) at 2024-11-02 10:30:42 +0000