From f58692418f1dc13c61339a1476240a77b7e6cfdc Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach.be>
Date: Thu, 27 Apr 2017 17:16:28 +0200
Subject: [PATCH 1/3] Option to disable logging of log producer in audit log
 when log level < 9. [Issue #1069 - Marc Stern]

---
 CHANGES               |  3 +++
 apache2/msc_logging.c |  6 ++++++
 configure.ac          | 17 ++++++++++++++++-
 3 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index f255f7866f..542e2536e0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
 DD MMM YYYY - 2.9.2 - To be released
 ------------------------------------
 
+ * {dis|en}able-dechunk-logging: Option to disable logging of
+   dechunking in audit log when log level < 9.
+   [Issue #1068 - Marc Stern]
  * {dis|en}able-handler-logging: Option to disable logging of Apache handler
    in audit log
    [Issue #1070, #1381 - Marc Stern]
diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
index 39fcdd719b..18ce5b1261 100644
--- a/apache2/msc_logging.c
+++ b/apache2/msc_logging.c
@@ -1174,6 +1174,9 @@ void sec_audit_logger_json(modsec_rec *msr) {
             yajl_kv_bool(g, "response_body_dechunked", 1);
         }
 
+#ifdef LOG_NO_PRODUCER
+        if (msr->txcfg->debuglog_level >= 9) {
+#endif
         sec_auditlog_write_producer_header_json(msr, g);
 
         /* Server */
@@ -1323,6 +1326,9 @@ void sec_audit_logger_json(modsec_rec *msr) {
         }
     }
 
+#ifdef LOG_NO_PRODUCER
+        }
+#endif
     yajl_gen_map_close(g); // audit_data top-level key is finished
 
     /* AUDITLOG_PART_UPLOADS */
diff --git a/configure.ac b/configure.ac
index fb0fa5d9f6..77b921574f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -487,6 +487,21 @@ AC_ARG_ENABLE(handler-logging,
   log_handler=''
 ])
 
+# Disable logging of log producer
+AC_ARG_ENABLE(log-producer-logging,
+              AS_HELP_STRING([--enable-log-producer-logging],
+                             [Enable logging of log producer in audit log when log level < 9. This is the default]),
+[
+  if test "$enableval" != "no"; then
+    log_producer=
+  else
+    log_producer="-DLOG_NO_PRODUCER"
+  fi
+],
+[
+  log_producer=''
+])
+
 # Ignore configure errors
 AC_ARG_ENABLE(errors,
               AS_HELP_STRING([--disable-errors],
@@ -737,7 +752,7 @@ else
   fi
 fi
 
-MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename $log_server $log_collection_delete_problem"
+MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename $log_server $log_collection_delete_problem $log_producer"
 
 APXS_WRAPPER=build/apxs-wrapper
 APXS_EXTRA_CFLAGS=""

From 6139df87c41f0fbbd0e40fcd4b92b8ee4f41b051 Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach.be>
Date: Wed, 3 May 2017 15:16:49 +0200
Subject: [PATCH 2/3] Fixed CHANGES (PR# and text) Added conditional logging of
 multi-line logging on top of JSON Didn't include "Web application info" in
 the conditional logging

---
 CHANGES               |  6 +++---
 apache2/msc_logging.c | 14 ++++++++++----
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/CHANGES b/CHANGES
index 542e2536e0..74abd34ef0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,9 +1,9 @@
 DD MMM YYYY - 2.9.2 - To be released
 ------------------------------------
 
- * {dis|en}able-dechunk-logging: Option to disable logging of
-   dechunking in audit log when log level < 9.
-   [Issue #1068 - Marc Stern]
+ * {dis|en}able-log-producer-logging: Option to disable logging of
+   log producer in audit log.
+   [Issue #1069 - Marc Stern]
  * {dis|en}able-handler-logging: Option to disable logging of Apache handler
    in audit log
    [Issue #1070, #1381 - Marc Stern]
diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
index 18ce5b1261..86b348552a 100644
--- a/apache2/msc_logging.c
+++ b/apache2/msc_logging.c
@@ -1271,6 +1271,9 @@ void sec_audit_logger_json(modsec_rec *msr) {
         if (been_opened == 1) {
             yajl_gen_map_close(g); // sanitized args map is finished
         }
+#ifdef LOG_NO_PRODUCER
+		}
+#endif
 
         /* Web application info. */
         if ( ((msr->txcfg->webappid != NULL)&&(strcmp(msr->txcfg->webappid, "default") != 0))
@@ -1326,9 +1329,6 @@ void sec_audit_logger_json(modsec_rec *msr) {
         }
     }
 
-#ifdef LOG_NO_PRODUCER
-        }
-#endif
     yajl_gen_map_close(g); // audit_data top-level key is finished
 
     /* AUDITLOG_PART_UPLOADS */
@@ -2013,6 +2013,9 @@ void sec_audit_logger_native(modsec_rec *msr) {
             sec_auditlog_write(msr, text, strlen(text));
         }
 
+#ifdef LOG_NO_PRODUCER
+        if (msr->txcfg->debuglog_level >= 9) {
+#endif
         sec_auditlog_write_producer_header(msr);
 
         /* Server */
@@ -2082,7 +2085,10 @@ void sec_audit_logger_native(modsec_rec *msr) {
             }
         }
 
-        /* Web application info. */
+#ifdef LOG_NO_PRODUCER
+	    }
+#endif
+		/* Web application info. */
         if ( ((msr->txcfg->webappid != NULL)&&(strcmp(msr->txcfg->webappid, "default") != 0))
             || (msr->sessionid != NULL) || (msr->userid != NULL))
         {

From a5c354814fad4e599b7fa4f1b9e776c0e54a8b28 Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach.be>
Date: Fri, 5 May 2017 08:50:07 +0200
Subject: [PATCH 3/3] {dis|en}able-server-context-logging: Option to disable
 logging of server info (log producer, sanitized objects, ...) in audit log.
 [Issue #1069 - Marc Stern]

---
 CHANGES               |  4 ++--
 apache2/msc_logging.c | 12 ++++++------
 configure.ac          | 16 ++++++++--------
 3 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/CHANGES b/CHANGES
index 74abd34ef0..c16a28c3e4 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,8 +1,8 @@
 DD MMM YYYY - 2.9.2 - To be released
 ------------------------------------
 
- * {dis|en}able-log-producer-logging: Option to disable logging of
-   log producer in audit log.
+ * {dis|en}able-server-context-logging: Option to disable logging of
+   server info (log producer, sanitized objects, ...) in audit log.
    [Issue #1069 - Marc Stern]
  * {dis|en}able-handler-logging: Option to disable logging of Apache handler
    in audit log
diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
index 86b348552a..b41b5ddc03 100644
--- a/apache2/msc_logging.c
+++ b/apache2/msc_logging.c
@@ -1174,7 +1174,7 @@ void sec_audit_logger_json(modsec_rec *msr) {
             yajl_kv_bool(g, "response_body_dechunked", 1);
         }
 
-#ifdef LOG_NO_PRODUCER
+#ifdef LOG_NO_SERVER_CONTEXT
         if (msr->txcfg->debuglog_level >= 9) {
 #endif
         sec_auditlog_write_producer_header_json(msr, g);
@@ -1271,7 +1271,7 @@ void sec_audit_logger_json(modsec_rec *msr) {
         if (been_opened == 1) {
             yajl_gen_map_close(g); // sanitized args map is finished
         }
-#ifdef LOG_NO_PRODUCER
+#ifdef LOG_NO_SERVER_CONTEXT
 		}
 #endif
 
@@ -2013,7 +2013,7 @@ void sec_audit_logger_native(modsec_rec *msr) {
             sec_auditlog_write(msr, text, strlen(text));
         }
 
-#ifdef LOG_NO_PRODUCER
+#ifdef LOG_NO_SERVER_CONTEXT
         if (msr->txcfg->debuglog_level >= 9) {
 #endif
         sec_auditlog_write_producer_header(msr);
@@ -2084,10 +2084,10 @@ void sec_audit_logger_native(modsec_rec *msr) {
                 sec_auditlog_write(msr, text, strlen(text));
             }
         }
-
-#ifdef LOG_NO_PRODUCER
-	    }
+#ifdef LOG_NO_SERVER_CONTEXT
+		}
 #endif
+
 		/* Web application info. */
         if ( ((msr->txcfg->webappid != NULL)&&(strcmp(msr->txcfg->webappid, "default") != 0))
             || (msr->sessionid != NULL) || (msr->userid != NULL))
diff --git a/configure.ac b/configure.ac
index 77b921574f..a17881965f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -487,19 +487,19 @@ AC_ARG_ENABLE(handler-logging,
   log_handler=''
 ])
 
-# Disable logging of log producer
-AC_ARG_ENABLE(log-producer-logging,
-              AS_HELP_STRING([--enable-log-producer-logging],
-                             [Enable logging of log producer in audit log when log level < 9. This is the default]),
+# Disable logging of server context
+AC_ARG_ENABLE(server-context-logging,
+              AS_HELP_STRING([--enable-server-context-logging],
+                             [Enable logging of server info (log producer, sanitized objects, ...) in audit log when log level < 9. This is the default]),
 [
   if test "$enableval" != "no"; then
-    log_producer=
+    log_server_context=
   else
-    log_producer="-DLOG_NO_PRODUCER"
+    log_server_context="-DLOG_NO_SERVER_CONTEXT"
   fi
 ],
 [
-  log_producer=''
+  log_server_context=''
 ])
 
 # Ignore configure errors
@@ -752,7 +752,7 @@ else
   fi
 fi
 
-MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename $log_server $log_collection_delete_problem $log_producer"
+MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $pcre_jit $request_early $htaccess_config $lua_cache $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api $cpu_type $unique_id $log_filename $log_server $log_collection_delete_problem $log_server_context"
 
 APXS_WRAPPER=build/apxs-wrapper
 APXS_EXTRA_CFLAGS=""