From 46c6cb2759327d94e619454dbe61f1e7639dd607 Mon Sep 17 00:00:00 2001 From: Armin Abfalterer Date: Tue, 12 Mar 2019 16:29:43 +0100 Subject: [PATCH] use uid if user name is not available --- apache2/msc_logging.c | 10 +++++++--- apache2/persist_dbm.c | 29 +++++++++++++++++++---------- 2 files changed, 26 insertions(+), 13 deletions(-) diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c index d50f709e97..d1a867c35d 100644 --- a/apache2/msc_logging.c +++ b/apache2/msc_logging.c @@ -234,16 +234,20 @@ static char *construct_auditlog_filename(apr_pool_t *mp, const char *uniqueid) { * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations * It also changes the return statement. */ - char *username; + char *userinfo; + apr_status_t rc; apr_uid_t uid; apr_gid_t gid; apr_uid_current(&uid, &gid, mp); - apr_uid_name_get(&username, uid, mp); + rc = apr_uid_name_get(&userinfo, uid, mp); + if (rc != APR_SUCCESS) { + userinfo = apr_psprintf(mp, "%u", uid); + } apr_time_exp_lt(&t, apr_time_now()); apr_strftime(tstr, &len, 299, "/%Y%m%d/%Y%m%d-%H%M/%Y%m%d-%H%M%S", &t); - return apr_psprintf(mp, "/%s%s-%s", username, tstr, uniqueid); + return apr_psprintf(mp, "/%s%s-%s", userinfo, tstr, uniqueid); } /** diff --git a/apache2/persist_dbm.c b/apache2/persist_dbm.c index efbbf6ebd9..e4f8036f6f 100644 --- a/apache2/persist_dbm.c +++ b/apache2/persist_dbm.c @@ -104,11 +104,14 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec /** * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations */ - char *username; + char *userinfo; apr_uid_t uid; apr_gid_t gid; apr_uid_current(&uid, &gid, msr->mp); - apr_uid_name_get(&username, uid, msr->mp); + rc = apr_uid_name_get(&userinfo, uid, msr->mp); + if (rc != APR_SUCCESS) { + userinfo = apr_psprintf(msr->mp, "%u", uid); + } if (msr->txcfg->data_dir == NULL) { msr_log(msr, 1, "collection_retrieve_ex: Unable to retrieve collection (name \"%s\", key \"%s\"). Use " @@ -117,7 +120,7 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec goto cleanup; } - dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL); + dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", userinfo, "-", col_name, NULL); if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "collection_retrieve_ex: collection_retrieve_ex: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name), @@ -385,11 +388,14 @@ int collection_store(modsec_rec *msr, apr_table_t *col) { /** * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations */ - char *username; + char *userinfo; apr_uid_t uid; apr_gid_t gid; apr_uid_current(&uid, &gid, msr->mp); - apr_uid_name_get(&username, uid, msr->mp); + rc = apr_uid_name_get(&userinfo, uid, msr->mp); + if (rc != APR_SUCCESS) { + userinfo = apr_psprintf(msr->mp, "%u", uid); + } var_name = (msc_string *)apr_table_get(col, "__name"); if (var_name == NULL) { @@ -409,7 +415,7 @@ int collection_store(modsec_rec *msr, apr_table_t *col) { } // ENH: lowercase the var name in the filename - dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", var_name->value, NULL); + dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", userinfo, "-", var_name->value, NULL); if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "collection_store: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, var_name->value), @@ -675,11 +681,14 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) { /** * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations */ - char *username; + char *userinfo; apr_uid_t uid; apr_gid_t gid; apr_uid_current(&uid, &gid, msr->mp); - apr_uid_name_get(&username, uid, msr->mp); + rc = apr_uid_name_get(&userinfo, uid, msr->mp); + if (rc != APR_SUCCESS) { + userinfo = apr_psprintf(msr->mp, "%u", uid); + } if (msr->txcfg->data_dir == NULL) { /* The user has been warned about this problem enough times already by now. @@ -690,9 +699,9 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) { } if(strstr(col_name,"USER") || strstr(col_name,"SESSION") || strstr(col_name, "RESOURCE")) - dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", msr->txcfg->webappid, "_", col_name, NULL); + dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", userinfo, "-", msr->txcfg->webappid, "_", col_name, NULL); else - dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL); + dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", userinfo, "-", col_name, NULL); if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "collections_remove_stale: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),