Option to disable logging of log producer in audit log when log level…

… < 9. [Issue owasp-modsecurity#1069 - Marc Stern]
marcstern · Apr 10, 2017 · 4e4974c · 4e4974c
1 parent c1c91e2
commit 4e4974c
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 1 deletion.
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,9 @@
 DD MMM YYYY - 2.9.2 - To be released
 ------------------------------------
 
+ * {dis|en}able-log-producer-logging: Option to disable logging of
+   log producer in audit log when log level < 9.
+   [Issue #1069 - Marc Stern]
  * {dis|en}able-filename-logging: Option to disable logging of filename
    in audit log.
    [Issue #1065 - Marc Stern]

diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
@@ -363,6 +363,9 @@ static void sec_auditlog_write_producer_header(modsec_rec *msr) {
     char *text = NULL;
     int i;
 
+#ifdef LOG_NO_PRODUCER
+	if (msr->txcfg->debuglog_level < 9) return;
+#endif
     /* Try to write everything in one go. */
     if (msr->txcfg->component_signatures->nelts == 0) {
         text = apr_psprintf(msr->mp, "Producer: %s.\n", MODSEC_MODULE_NAME_FULL);

diff --git a/configure.ac b/configure.ac
@@ -442,6 +442,21 @@ AC_ARG_ENABLE(filename-logging,
   log_filename=''
 ])
 
+# Disable logging of log producer
+AC_ARG_ENABLE(log-producer-logging,
+              AS_HELP_STRING([--enable-log-producer-logging],
+                             [Enable logging of log producer in audit log when log level < 9. This is the default]),
+[
+  if test "$enableval" != "no"; then
+    log_producer=
+  else
+    log_producer="-DLOG_NO_PRODUCER"
+  fi
+],
+[
+  log_producer=''
+])
+
 # Ignore configure errors
 AC_ARG_ENABLE(errors,
               AS_HELP_STRING([--disable-errors],
@@ -692,7 +707,7 @@ else
   fi
 fi
 
-MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename"
+MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename $log_producer"
 
 APXS_WRAPPER=build/apxs-wrapper
 APXS_EXTRA_CFLAGS=""