Renames Sec{Read|Write}StateLimits

Felipe Zimmerle · Felipe Zimmerle · commit efef989dddd0 · 2014-03-31T16:22:11.000-07:00
The Sec{Read|Write}StateLimits are filters related to the connections, when the
server did not know yet which vhost the request goes to. This means that once
those configrations are set it will be applied to entire server. This patch
just renames the Sec{Read|Write}StateLimits to SecConn{Read|Write}StateLimits
to make it more clear to the user. SecConnectionEngine was also renamed to
SecConnEngine.
diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c
@@ -1705,7 +1705,7 @@ char *parser_conn_limits_operator(apr_pool_t *mp, const char *p2,
     }
     else {
         return apr_psprintf(mp, "ModSecurity: Invalid operator for " \
-           "SecReadStateLimit: %s, expected operators: @ipMatch, @ipMatchF " \
+           "SecConnReadStateLimit: %s, expected operators: @ipMatch, @ipMatchF " \
            "or @ipMatchFromFile with or without !", p2);
     }
 
@@ -1726,7 +1726,7 @@ char *parser_conn_limits_operator(apr_pool_t *mp, const char *p2,
 
 
 /**
-* \brief Add SecReadStateLimit configuration option
+* \brief Add SecConnReadStateLimit configuration option
 *
 * \param cmd Pointer to configuration data
 * \param _dcfg Pointer to directory configuration
@@ -1747,7 +1747,7 @@ static const char *cmd_conn_read_state_limit(cmd_parms *cmd, void *_dcfg,
     limit = strtol(p1, NULL, 10);
     if ((limit == LONG_MAX) || (limit == LONG_MIN) || (limit <= 0)) {
         return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
-            "SecReadStateLimit: %s", p1);
+            "SecConnReadStateLimit: %s", p1);
     }
 
     if (p2 != NULL) {
@@ -1764,8 +1764,18 @@ static const char *cmd_conn_read_state_limit(cmd_parms *cmd, void *_dcfg,
     return NULL;
 }
 
+static const char *cmd_read_state_limit(cmd_parms *cmd, void *_dcfg,
+        const char *p1, const char *p2)
+{
+    ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, cmd->pool,
+            "SecReadStateLimit is depricated, use SecConnReadStateLimit " \
+            "instead.");
+
+    return cmd_conn_read_state_limit(cmd, _dcfg, p1, p2);
+}
+
 /**
-* \brief Add SecWriteStateLimit configuration option
+* \brief Add SecConnWriteStateLimit configuration option
 *
 * \param cmd Pointer to configuration data
 * \param _dcfg Pointer to directory configuration
@@ -1786,7 +1796,7 @@ static const char *cmd_conn_write_state_limit(cmd_parms *cmd, void *_dcfg,
     limit = strtol(p1, NULL, 10);
     if ((limit == LONG_MAX) || (limit == LONG_MIN) || (limit <= 0)) {
         return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
-            "SecWriteStateLimit: %s", p1);
+            "SecConnWriteStateLimit: %s", p1);
     }
 
     if (p2 != NULL) {
@@ -1802,6 +1812,16 @@ static const char *cmd_conn_write_state_limit(cmd_parms *cmd, void *_dcfg,
 
     return NULL;
 }
+static const char *cmd_write_state_limit(cmd_parms *cmd, void *_dcfg,
+        const char *p1, const char *p2)
+{
+    ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, cmd->pool,
+            "SecWriteStateLimit is depricated, use SecConnWriteStateLimit " \
+            "instead.");
+
+    return cmd_conn_write_state_limit(cmd, _dcfg, p1, p2);
+}
+
 
 
 static const char *cmd_request_body_inmemory_limit(cmd_parms *cmd, void *_dcfg,
@@ -2163,7 +2183,7 @@ static const char *cmd_sever_conn_filters_engine(cmd_parms *cmd, void *_dcfg,
     else
     {
         return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
-                "SecConnectionEngine: %s", p1);
+                "SecConnEngine: %s", p1);
     }
 
     return NULL;
@@ -3308,21 +3328,37 @@ const command_rec module_directives[] = {
     ),
 
     AP_INIT_TAKE12 (
-        "SecReadStateLimit",
+        "SecConnReadStateLimit",
         cmd_conn_read_state_limit,
         NULL,
         CMD_SCOPE_ANY,
         "maximum number of threads in READ_BUSY state per ip address"
     ),
 
     AP_INIT_TAKE12 (
-        "SecWriteStateLimit",
+        "SecReadStateLimit",
+        cmd_read_state_limit,
+        NULL,
+        CMD_SCOPE_ANY,
+        "maximum number of threads in READ_BUSY state per ip address"
+    ),
+
+    AP_INIT_TAKE12 (
+        "SecConnWriteStateLimit",
         cmd_conn_write_state_limit,
         NULL,
         CMD_SCOPE_ANY,
         "maximum number of threads in WRITE_BUSY state per ip address"
     ),
 
+    AP_INIT_TAKE12 (
+        "SecWriteStateLimit",
+        cmd_write_state_limit,
+        NULL,
+        CMD_SCOPE_ANY,
+        "maximum number of threads in WRITE_BUSY state per ip address"
+    ),
+
     AP_INIT_TAKE1 (
         "SecRequestBodyInMemoryLimit",
         cmd_request_body_inmemory_limit,
@@ -3438,7 +3474,7 @@ const command_rec module_directives[] = {
     ),
 
     AP_INIT_TAKE1 (
-        "SecConnectionEngine",
+        "SecConnEngine",
         cmd_sever_conn_filters_engine,
         NULL,
         CMD_SCOPE_ANY,
