ModSecurity status is using the server version informed by SecServerSignature #702
Description
If SecServerSignature is used, ModSecurity is sending the signature that was informed instead of the real one. It should send the real data.
[...] mod_security2.c(595): SecServerSignature: Changed server signature to "SpiderServer v0.1a".
[...] ModSecurity for Apache/2.8.0 (http://www.modsecurity.org/) configured.
[...] ModSecurity: APR compiled version="1.4.8"; loaded version="1.4.8"
[...] ModSecurity: PCRE compiled version="8.31 "; loaded version="8.31 2012-07-06"
[...] ModSecurity: LUA compiled version="Lua 5.1"
[...] ModSecurity: LIBXML compiled version="2.9.1"
[...] Original server signature: Apache/2.4.6 (Ubuntu)
[...] ModSecurity: StatusEngine call: "2.8.0,SpiderServer v0.1a,1.4.8/1.4.8,8.31/8.31 2012-07-06,Lua 5.1,2.9.1,798e0416216657906fdb5c17325fa2f7fd29d1f3"
[...] ModSecurity: StatusEngine call successfully sent. For more information visit: http://status.modsecurity.org/
Note: Just affect Apache.
Test case created at: https://github.com/SpiderLabs/ModSecurity/blob/serversignature_status/tests/regression/misc/20-status-engine.pl#L50-L72
Originally reported by: Linas