ju5t/modsec-712.patch

## modsec-712.patch
diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
index 3323fac..ce8b069 100644
--- a/apache2/msc_logging.c
+++ b/apache2/msc_logging.c
@@ -225,10 +225,20 @@ static char *construct_auditlog_filename(apr_pool_t *mp, const char *uniqueid) {
     char tstr[300];
     apr_size_t len;

+    /**
+     * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
+     * It also changes the return statement.
+     */
+    char *username;
+    apr_uid_t uid;
+    apr_gid_t gid;
+    apr_uid_current(&uid, &gid, mp);
+    apr_uid_name_get(&username, uid, mp);
+
     apr_time_exp_lt(&t, apr_time_now());

     apr_strftime(tstr, &len, 299, "/%Y%m%d/%Y%m%d-%H%M/%Y%m%d-%H%M%S", &t);
-    return apr_psprintf(mp, "%s-%s", tstr, uniqueid);
+    return apr_psprintf(mp, "/%s%s-%s", username, tstr, uniqueid);
 }

 /**
diff --git a/apache2/persist_dbm.c b/apache2/persist_dbm.c
index b698e79..8631ac9 100644
--- a/apache2/persist_dbm.c
+++ b/apache2/persist_dbm.c
@@ -101,6 +101,15 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec
     int expired = 0;
     int i;

+    /**
+     * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
+     */
+    char *username;
+    apr_uid_t uid;
+    apr_gid_t gid;
+    apr_uid_current(&uid, &gid, msr->mp);
+    apr_uid_name_get(&username, uid, msr->mp);
+
     if (msr->txcfg->data_dir == NULL) {
         msr_log(msr, 1, "collection_retrieve_ex: Unable to retrieve collection (name \"%s\", key \"%s\"). Use "
             "SecDataDir to define data directory first.", log_escape(msr->mp, col_name),
@@ -108,7 +117,7 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec
         goto cleanup;
     }

-    dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
+    dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL);

     if (msr->txcfg->debuglog_level >= 9) {
         msr_log(msr, 9, "collection_retrieve_ex: collection_retrieve_ex: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),
@@ -336,6 +345,15 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
     const apr_table_t *stored_col = NULL;
     const apr_table_t *orig_col = NULL;

+    /**
+     * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
+     */
+    char *username;
+    apr_uid_t uid;
+    apr_gid_t gid;
+    apr_uid_current(&uid, &gid, msr->mp);
+    apr_uid_name_get(&username, uid, msr->mp);
+
     var_name = (msc_string *)apr_table_get(col, "__name");
     if (var_name == NULL) {
         goto error;
@@ -354,7 +372,7 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
     }

     // ENH: lowercase the var name in the filename
-    dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL);
+    dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", var_name->value, NULL);

     if (msr->txcfg->debuglog_level >= 9) {
         msr_log(msr, 9, "collection_store: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, var_name->value),
@@ -585,6 +603,15 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
     apr_time_t now = apr_time_sec(msr->request_time);
     int i;

+    /**
+     * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
+     */
+    char *username;
+    apr_uid_t uid;
+    apr_gid_t gid;
+    apr_uid_current(&uid, &gid, msr->mp);
+    apr_uid_name_get(&username, uid, msr->mp);
+
     if (msr->txcfg->data_dir == NULL) {
         /* The user has been warned about this problem enough times already by now.
          * msr_log(msr, 1, "Unable to access collection file (name \"%s\"). Use SecDataDir to "
@@ -594,9 +621,9 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
     }

     if(strstr(col_name,"USER") || strstr(col_name,"SESSION") || strstr(col_name, "RESOURCE"))
-        dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", msr->txcfg->webappid, "_", col_name, NULL);
+        dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", msr->txcfg->webappid, "_", col_name, NULL);
     else
-        dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
+        dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL);

     if (msr->txcfg->debuglog_level >= 9) {
         msr_log(msr, 9, "collections_remove_stale: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),
	diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
	index 3323fac..ce8b069 100644
	--- a/apache2/msc_logging.c
	+++ b/apache2/msc_logging.c
	@@ -225,10 +225,20 @@ static char construct_auditlog_filename(apr_pool_t mp, const char *uniqueid) {
	char tstr[300];
	apr_size_t len;

	+ /**
	+ * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
	+ * It also changes the return statement.
	+ */
	+ char *username;
	+ apr_uid_t uid;
	+ apr_gid_t gid;
	+ apr_uid_current(&uid, &gid, mp);
	+ apr_uid_name_get(&username, uid, mp);
	+
	apr_time_exp_lt(&t, apr_time_now());

	apr_strftime(tstr, &len, 299, "/%Y%m%d/%Y%m%d-%H%M/%Y%m%d-%H%M%S", &t);
	- return apr_psprintf(mp, "%s-%s", tstr, uniqueid);
	+ return apr_psprintf(mp, "/%s%s-%s", username, tstr, uniqueid);
	}

	/**
	diff --git a/apache2/persist_dbm.c b/apache2/persist_dbm.c
	index b698e79..8631ac9 100644
	--- a/apache2/persist_dbm.c
	+++ b/apache2/persist_dbm.c
	@@ -101,6 +101,15 @@ static apr_table_t collection_retrieve_ex(apr_sdbm_t existing_dbm, modsec_rec
	int expired = 0;
	int i;

	+ /**
	+ * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
	+ */
	+ char *username;
	+ apr_uid_t uid;
	+ apr_gid_t gid;
	+ apr_uid_current(&uid, &gid, msr->mp);
	+ apr_uid_name_get(&username, uid, msr->mp);
	+
	if (msr->txcfg->data_dir == NULL) {
	msr_log(msr, 1, "collection_retrieve_ex: Unable to retrieve collection (name \"%s\", key \"%s\"). Use "
	"SecDataDir to define data directory first.", log_escape(msr->mp, col_name),
	@@ -108,7 +117,7 @@ static apr_table_t collection_retrieve_ex(apr_sdbm_t existing_dbm, modsec_rec
	goto cleanup;
	}

	- dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
	+ dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL);

	if (msr->txcfg->debuglog_level >= 9) {
	msr_log(msr, 9, "collection_retrieve_ex: collection_retrieve_ex: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),
	@@ -336,6 +345,15 @@ int collection_store(modsec_rec msr, apr_table_t col) {
	const apr_table_t *stored_col = NULL;
	const apr_table_t *orig_col = NULL;

	+ /**
	+ * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
	+ */
	+ char *username;
	+ apr_uid_t uid;
	+ apr_gid_t gid;
	+ apr_uid_current(&uid, &gid, msr->mp);
	+ apr_uid_name_get(&username, uid, msr->mp);
	+
	var_name = (msc_string *)apr_table_get(col, "__name");
	if (var_name == NULL) {
	goto error;
	@@ -354,7 +372,7 @@ int collection_store(modsec_rec msr, apr_table_t col) {
	}

	// ENH: lowercase the var name in the filename
	- dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL);
	+ dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", var_name->value, NULL);

	if (msr->txcfg->debuglog_level >= 9) {
	msr_log(msr, 9, "collection_store: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, var_name->value),
	@@ -585,6 +603,15 @@ int collections_remove_stale(modsec_rec msr, const char col_name) {
	apr_time_t now = apr_time_sec(msr->request_time);
	int i;

	+ /**
	+ * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations
	+ */
	+ char *username;
	+ apr_uid_t uid;
	+ apr_gid_t gid;
	+ apr_uid_current(&uid, &gid, msr->mp);
	+ apr_uid_name_get(&username, uid, msr->mp);
	+
	if (msr->txcfg->data_dir == NULL) {
	/* The user has been warned about this problem enough times already by now.
	* msr_log(msr, 1, "Unable to access collection file (name \"%s\"). Use SecDataDir to "
	@@ -594,9 +621,9 @@ int collections_remove_stale(modsec_rec msr, const char col_name) {
	}

	if(strstr(col_name,"USER") \|\| strstr(col_name,"SESSION") \|\| strstr(col_name, "RESOURCE"))
	- dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", msr->txcfg->webappid, "_", col_name, NULL);
	+ dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", msr->txcfg->webappid, "_", col_name, NULL);
	else
	- dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
	+ dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", username, "-", col_name, NULL);

	if (msr->txcfg->debuglog_level >= 9) {
	msr_log(msr, 9, "collections_remove_stale: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),