Commit 382eb2ca authored by Jeff Trawick's avatar Jeff Trawick
Browse files

add ap_log_cerror(); use it in a couple of places in core output filter

so that the client IP address is recorded in the log


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105625 13f79535-47bb-0310-9956-ffa450edef68
parent e850634d
Loading
Loading
Loading
Loading
+3 −0
Original line number Diff line number Diff line
@@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev
  [Remove entries to the current 2.0 section below, when backported]
  *) Add ap_log_cerror() for logging messages associated with particular
     client connections.  [Jeff Trawick]
  *) core: Add a warning message if the request line read fails.
     [Paul Querna]
+43 −9
Original line number Diff line number Diff line
@@ -116,8 +116,8 @@ int ap_open_logs(apr_pool_t *pconf, apr_pool_t *plog,
                 apr_pool_t *ptemp, server_rec *s_main);

/* 
 * The three primary logging functions, ap_log_error, ap_log_rerror, and 
 * ap_log_perror use a printf style format string to build the log message.  
 * The primary logging functions, ap_log_error, ap_log_rerror, ap_log_cerror,
 * and ap_log_perror use a printf style format string to build the log message.  
 * It is VERY IMPORTANT that you not include any raw data from the network, 
 * such as the request-URI or request header fields, within the format 
 * string.  Doing so makes the server vulnerable to a denial-of-service 
@@ -126,8 +126,9 @@ int ap_open_logs(apr_pool_t *pconf, apr_pool_t *plog,
 */

/**
 * One of the primary logging routines in Apache.  This uses a printf-like
 * format to log messages to the error_log.
 * ap_log_error() - log messages which are not related to a particular
 * request or connection.  This uses a printf-like format to log messages
 * to the error_log.
 * @param file The file in which this function is called
 * @param line The line number on which this function is called
 * @param level The level of this error message
@@ -136,6 +137,10 @@ int ap_open_logs(apr_pool_t *pconf, apr_pool_t *plog,
 * @param fmt The format string
 * @param ... The arguments to use to fill out fmt.
 * @tip Use APLOG_MARK to fill out file and line
 * @tip If a request_rec is available, use that with ap_log_rerror()
 * in preference to calling this function.  Otherwise, if a conn_rec is
 * available, use that with ap_log_cerror() in preference to calling
 * this function.
 * @warning It is VERY IMPORTANT that you not include any raw data from 
 * the network, such as the request-URI or request header fields, within 
 * the format string.  Doing so makes the server vulnerable to a 
@@ -150,8 +155,9 @@ AP_DECLARE(void) ap_log_error(const char *file, int line, int level,
			    __attribute__((format(printf,6,7)));

/**
 * The second of the primary logging routines in Apache.  This uses 
 * a printf-like format to log messages to the error_log.
 * ap_log_perror() - log messages which are not related to a particular
 * request, connection, or virtual server.  This uses a printf-like
 * format to log messages to the error_log.
 * @param file The file in which this function is called
 * @param line The line number on which this function is called
 * @param level The level of this error message
@@ -174,13 +180,14 @@ AP_DECLARE(void) ap_log_perror(const char *file, int line, int level,
			    __attribute__((format(printf,6,7)));

/**
 * The last of the primary logging routines in Apache.  This uses 
 * a printf-like format to log messages to the error_log.
 * ap_log_rerror() - log messages which are related to a particular
 * request.  This uses a a printf-like format to log messages to the
 * error_log.
 * @param file The file in which this function is called
 * @param line The line number on which this function is called
 * @param level The level of this error message
 * @param status The status code from the previous command
 * @param s The request which we are logging for
 * @param r The request which we are logging for
 * @param fmt The format string
 * @param ... The arguments to use to fill out fmt.
 * @tip Use APLOG_MARK to fill out file and line
@@ -197,6 +204,33 @@ AP_DECLARE(void) ap_log_rerror(const char *file, int line, int level,
                               const char *fmt, ...)
			    __attribute__((format(printf,6,7)));

/**
 * ap_log_cerror() - log messages which are related to a particular
 * connection.  This uses a a printf-like format to log messages to the
 * error_log.
 * @param file The file in which this function is called
 * @param line The line number on which this function is called
 * @param level The level of this error message
 * @param status The status code from the previous command
 * @param c The connection which we are logging for
 * @param fmt The format string
 * @param ... The arguments to use to fill out fmt.
 * @tip Use APLOG_MARK to fill out file and line
 * @tip If a request_rec is available, use that with ap_log_rerror()
 * in preference to calling this function.
 * @warning It is VERY IMPORTANT that you not include any raw data from 
 * the network, such as the request-URI or request header fields, within 
 * the format string.  Doing so makes the server vulnerable to a 
 * denial-of-service attack and other messy behavior.  Instead, use a 
 * simple format string like "%s", followed by the string containing the 
 * untrusted data.
 * @deffunc void ap_log_cerror(const char *file, int line, int level, apr_status_t status, conn_rec *c, const char *fmt, ...)
 */
AP_DECLARE(void) ap_log_cerror(const char *file, int line, int level, 
                               apr_status_t status, const conn_rec *c, 
                               const char *fmt, ...)
			    __attribute__((format(printf,6,7)));

/**
 * Convert stderr to the error log
 * @param s The current server
+5 −5
Original line number Diff line number Diff line
@@ -4261,8 +4261,8 @@ static apr_status_t core_output_filter(ap_filter_t *f, apr_bucket_brigade *b)
                        rv = apr_bucket_read(bucket, &buf, &len,
                                             APR_BLOCK_READ);
                        if (rv != APR_SUCCESS) {
                            ap_log_error(APLOG_MARK, APLOG_ERR, rv,
                                         c->base_server, "core_output_filter:"
                            ap_log_cerror(APLOG_MARK, APLOG_ERR, rv,
                                          c, "core_output_filter:"
                                          " Error reading from bucket.");
                            return HTTP_INTERNAL_SERVER_ERROR;
                        }
@@ -4367,7 +4367,7 @@ static apr_status_t core_output_filter(ap_filter_t *f, apr_bucket_brigade *b)
        }

        if (rv != APR_SUCCESS) {
            ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server,
            ap_log_cerror(APLOG_MARK, APLOG_INFO, rv, c,
                          "core_output_filter: writing data to the network");

            if (more)
+23 −5
Original line number Diff line number Diff line
@@ -358,6 +358,7 @@ AP_DECLARE(void) ap_error_log2stderr(server_rec *s) {

static void log_error_core(const char *file, int line, int level,
                           apr_status_t status, const server_rec *s,
                           const conn_rec *c,
                           const request_rec *r, apr_pool_t *pool,
                           const char *fmt, va_list args)
{
@@ -370,6 +371,10 @@ static void log_error_core(const char *file, int line, int level,
    const char *referer;
    int level_and_mask = level & APLOG_LEVELMASK;

    if (r && r->connection) {
        c = r->connection;
    }

    if (s == NULL) {
        /*
         * If we are doing stderr logging (startup), don't log messages that are
@@ -472,14 +477,14 @@ static void log_error_core(const char *file, int line, int level,
    }
#endif /* TPF */

    if (r && r->connection) {
    if (c) {
        /* XXX: TODO: add a method of selecting whether logged client
         * addresses are in dotted quad or resolved form... dotted
         * quad is the most secure, which is why I'm implementing it
         * first. -djg
         */
        len += apr_snprintf(errstr + len, MAX_STRING_LEN - len,
                            "[client %s] ", r->connection->remote_ip);
                            "[client %s] ", c->remote_ip);
    }
    if (status != 0) {
        if (status < APR_OS_START_EAIERR) {
@@ -558,7 +563,7 @@ AP_DECLARE(void) ap_log_error(const char *file, int line, int level,
    va_list args;

    va_start(args, fmt);
    log_error_core(file, line, level, status, s, NULL, NULL, fmt, args);
    log_error_core(file, line, level, status, s, NULL, NULL, NULL, fmt, args);
    va_end(args);
}

@@ -569,7 +574,7 @@ AP_DECLARE(void) ap_log_perror(const char *file, int line, int level,
    va_list args;

    va_start(args, fmt);
    log_error_core(file, line, level, status, NULL, NULL, p, fmt, args);
    log_error_core(file, line, level, status, NULL, NULL, NULL, p, fmt, args);
    va_end(args);
}

@@ -580,7 +585,8 @@ AP_DECLARE(void) ap_log_rerror(const char *file, int line, int level,
    va_list args;

    va_start(args, fmt);
    log_error_core(file, line, level, status, r->server, r, NULL, fmt, args);
    log_error_core(file, line, level, status, r->server, NULL, r, NULL, fmt,
                   args);

    /*
     * IF APLOG_TOCLIENT is set,
@@ -601,6 +607,18 @@ AP_DECLARE(void) ap_log_rerror(const char *file, int line, int level,
    va_end(args);
}

AP_DECLARE(void) ap_log_cerror(const char *file, int line, int level,
                               apr_status_t status, const conn_rec *c,
                               const char *fmt, ...)
{
    va_list args;

    va_start(args, fmt);
    log_error_core(file, line, level, status, c->base_server, c, NULL, NULL,
                   fmt, args);
    va_end(args);
}

AP_DECLARE(void) ap_log_pid(apr_pool_t *p, const char *filename)
{
    apr_file_t *pid_file = NULL;