From 81e4e36b0eace2dd1e4717831cb751ac77e3f1d9 Mon Sep 17 00:00:00 2001 From: Jeff Trawick Date: Fri, 29 Oct 2004 14:45:24 +0000 Subject: [PATCH] add ap_log_cerror(); use it in a couple of places in core output filter so that the client IP address is recorded in the log git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105625 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ include/http_log.h | 52 ++++++++++++++++++++++++++++++++++++++-------- server/core.c | 10 ++++----- server/log.c | 28 ++++++++++++++++++++----- 4 files changed, 74 insertions(+), 19 deletions(-) diff --git a/CHANGES b/CHANGES index 4e89728f8b..74b2ee44d0 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev [Remove entries to the current 2.0 section below, when backported] + *) Add ap_log_cerror() for logging messages associated with particular + client connections. [Jeff Trawick] + *) core: Add a warning message if the request line read fails. [Paul Querna] diff --git a/include/http_log.h b/include/http_log.h index 8f20928ead..f358211cb5 100644 --- a/include/http_log.h +++ b/include/http_log.h @@ -116,8 +116,8 @@ int ap_open_logs(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s_main); /* - * The three primary logging functions, ap_log_error, ap_log_rerror, and - * ap_log_perror use a printf style format string to build the log message. + * The primary logging functions, ap_log_error, ap_log_rerror, ap_log_cerror, + * and ap_log_perror use a printf style format string to build the log message. * It is VERY IMPORTANT that you not include any raw data from the network, * such as the request-URI or request header fields, within the format * string. Doing so makes the server vulnerable to a denial-of-service @@ -126,8 +126,9 @@ int ap_open_logs(apr_pool_t *pconf, apr_pool_t *plog, */ /** - * One of the primary logging routines in Apache. This uses a printf-like - * format to log messages to the error_log. + * ap_log_error() - log messages which are not related to a particular + * request or connection. This uses a printf-like format to log messages + * to the error_log. * @param file The file in which this function is called * @param line The line number on which this function is called * @param level The level of this error message @@ -136,6 +137,10 @@ int ap_open_logs(apr_pool_t *pconf, apr_pool_t *plog, * @param fmt The format string * @param ... The arguments to use to fill out fmt. * @tip Use APLOG_MARK to fill out file and line + * @tip If a request_rec is available, use that with ap_log_rerror() + * in preference to calling this function. Otherwise, if a conn_rec is + * available, use that with ap_log_cerror() in preference to calling + * this function. * @warning It is VERY IMPORTANT that you not include any raw data from * the network, such as the request-URI or request header fields, within * the format string. Doing so makes the server vulnerable to a @@ -150,8 +155,9 @@ AP_DECLARE(void) ap_log_error(const char *file, int line, int level, __attribute__((format(printf,6,7))); /** - * The second of the primary logging routines in Apache. This uses - * a printf-like format to log messages to the error_log. + * ap_log_perror() - log messages which are not related to a particular + * request, connection, or virtual server. This uses a printf-like + * format to log messages to the error_log. * @param file The file in which this function is called * @param line The line number on which this function is called * @param level The level of this error message @@ -174,13 +180,14 @@ AP_DECLARE(void) ap_log_perror(const char *file, int line, int level, __attribute__((format(printf,6,7))); /** - * The last of the primary logging routines in Apache. This uses - * a printf-like format to log messages to the error_log. + * ap_log_rerror() - log messages which are related to a particular + * request. This uses a a printf-like format to log messages to the + * error_log. * @param file The file in which this function is called * @param line The line number on which this function is called * @param level The level of this error message * @param status The status code from the previous command - * @param s The request which we are logging for + * @param r The request which we are logging for * @param fmt The format string * @param ... The arguments to use to fill out fmt. * @tip Use APLOG_MARK to fill out file and line @@ -197,6 +204,33 @@ AP_DECLARE(void) ap_log_rerror(const char *file, int line, int level, const char *fmt, ...) __attribute__((format(printf,6,7))); +/** + * ap_log_cerror() - log messages which are related to a particular + * connection. This uses a a printf-like format to log messages to the + * error_log. + * @param file The file in which this function is called + * @param line The line number on which this function is called + * @param level The level of this error message + * @param status The status code from the previous command + * @param c The connection which we are logging for + * @param fmt The format string + * @param ... The arguments to use to fill out fmt. + * @tip Use APLOG_MARK to fill out file and line + * @tip If a request_rec is available, use that with ap_log_rerror() + * in preference to calling this function. + * @warning It is VERY IMPORTANT that you not include any raw data from + * the network, such as the request-URI or request header fields, within + * the format string. Doing so makes the server vulnerable to a + * denial-of-service attack and other messy behavior. Instead, use a + * simple format string like "%s", followed by the string containing the + * untrusted data. + * @deffunc void ap_log_cerror(const char *file, int line, int level, apr_status_t status, conn_rec *c, const char *fmt, ...) + */ +AP_DECLARE(void) ap_log_cerror(const char *file, int line, int level, + apr_status_t status, const conn_rec *c, + const char *fmt, ...) + __attribute__((format(printf,6,7))); + /** * Convert stderr to the error log * @param s The current server diff --git a/server/core.c b/server/core.c index 1fe2cce3c5..df61a38afd 100644 --- a/server/core.c +++ b/server/core.c @@ -4261,9 +4261,9 @@ static apr_status_t core_output_filter(ap_filter_t *f, apr_bucket_brigade *b) rv = apr_bucket_read(bucket, &buf, &len, APR_BLOCK_READ); if (rv != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_ERR, rv, - c->base_server, "core_output_filter:" - " Error reading from bucket."); + ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, + c, "core_output_filter:" + " Error reading from bucket."); return HTTP_INTERNAL_SERVER_ERROR; } } @@ -4367,8 +4367,8 @@ static apr_status_t core_output_filter(ap_filter_t *f, apr_bucket_brigade *b) } if (rv != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server, - "core_output_filter: writing data to the network"); + ap_log_cerror(APLOG_MARK, APLOG_INFO, rv, c, + "core_output_filter: writing data to the network"); if (more) apr_brigade_destroy(more); diff --git a/server/log.c b/server/log.c index 4324944f9b..423fae7135 100644 --- a/server/log.c +++ b/server/log.c @@ -358,6 +358,7 @@ AP_DECLARE(void) ap_error_log2stderr(server_rec *s) { static void log_error_core(const char *file, int line, int level, apr_status_t status, const server_rec *s, + const conn_rec *c, const request_rec *r, apr_pool_t *pool, const char *fmt, va_list args) { @@ -370,6 +371,10 @@ static void log_error_core(const char *file, int line, int level, const char *referer; int level_and_mask = level & APLOG_LEVELMASK; + if (r && r->connection) { + c = r->connection; + } + if (s == NULL) { /* * If we are doing stderr logging (startup), don't log messages that are @@ -472,14 +477,14 @@ static void log_error_core(const char *file, int line, int level, } #endif /* TPF */ - if (r && r->connection) { + if (c) { /* XXX: TODO: add a method of selecting whether logged client * addresses are in dotted quad or resolved form... dotted * quad is the most secure, which is why I'm implementing it * first. -djg */ len += apr_snprintf(errstr + len, MAX_STRING_LEN - len, - "[client %s] ", r->connection->remote_ip); + "[client %s] ", c->remote_ip); } if (status != 0) { if (status < APR_OS_START_EAIERR) { @@ -558,7 +563,7 @@ AP_DECLARE(void) ap_log_error(const char *file, int line, int level, va_list args; va_start(args, fmt); - log_error_core(file, line, level, status, s, NULL, NULL, fmt, args); + log_error_core(file, line, level, status, s, NULL, NULL, NULL, fmt, args); va_end(args); } @@ -569,7 +574,7 @@ AP_DECLARE(void) ap_log_perror(const char *file, int line, int level, va_list args; va_start(args, fmt); - log_error_core(file, line, level, status, NULL, NULL, p, fmt, args); + log_error_core(file, line, level, status, NULL, NULL, NULL, p, fmt, args); va_end(args); } @@ -580,7 +585,8 @@ AP_DECLARE(void) ap_log_rerror(const char *file, int line, int level, va_list args; va_start(args, fmt); - log_error_core(file, line, level, status, r->server, r, NULL, fmt, args); + log_error_core(file, line, level, status, r->server, NULL, r, NULL, fmt, + args); /* * IF APLOG_TOCLIENT is set, @@ -601,6 +607,18 @@ AP_DECLARE(void) ap_log_rerror(const char *file, int line, int level, va_end(args); } +AP_DECLARE(void) ap_log_cerror(const char *file, int line, int level, + apr_status_t status, const conn_rec *c, + const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + log_error_core(file, line, level, status, c->base_server, c, NULL, NULL, + fmt, args); + va_end(args); +} + AP_DECLARE(void) ap_log_pid(apr_pool_t *p, const char *filename) { apr_file_t *pid_file = NULL; -- 2.50.1