mod_reqin_log/mod_reqin_log.spec

%global spec_version 1.0.19

Name:           mod_reqin_log
Version:        %{spec_version}
Release:        1%{?dist}
Summary:        Apache HTTPD module for logging HTTP requests as JSON to Unix socket

License:        Apache-2.0
URL:            https://github.com/example/mod_reqin_log
Vendor:         Developer <dev@example.com>
BuildArch:      x86_64

Requires:       httpd

%description
Apache HTTPD module for logging HTTP requests as JSON to Unix socket.
Features non-blocking I/O with automatic reconnection, configurable headers
with truncation support, and built-in sensitive headers blacklist.

%prep
# No source extraction needed - binaries are pre-built

%build
# No build needed - binaries are pre-built

%install
mkdir -p %{buildroot}/%{_libdir}/httpd/modules
mkdir -p %{buildroot}/%{_sysconfdir}/httpd/conf.d
mkdir -p %{buildroot}/%{_docdir}/%{name}

install -m 755 %{_pkgroot}/%{_libdir}/httpd/modules/mod_reqin_log.so %{buildroot}/%{_libdir}/httpd/modules/
install -m 644 %{_pkgroot}/%{_sysconfdir}/httpd/conf.d/mod_reqin_log.conf %{buildroot}/%{_sysconfdir}/httpd/conf.d/

%files
%{_libdir}/httpd/modules/mod_reqin_log.so
%config(noreplace) %{_sysconfdir}/httpd/conf.d/mod_reqin_log.conf
%doc %{_docdir}/%{name}

%changelog
* Thu Mar 05 2026 Developer <dev@example.com> - 1.0.19
- FEATURE: Add client_headers JSON field - ordered list of all header names
  as received from the client, preserving original order and case
- DOC: Update architecture.yml with client_headers field and example_full

* Thu Mar 05 2026 Developer <dev@example.com> - 1.0.18
- FIX: JsonSockLogMaxHeaders now counts configured headers (by position in list)
  regardless of their presence in the request, matching the documented behavior

* Thu Mar 05 2026 Developer <dev@example.com> - 1.0.17
- CONFIG: Extend default JsonSockLogHeaders list (User-Agent, Referer, X-Forwarded-For,
  Sec-CH-UA*, Sec-Fetch-*, Accept, Accept-Language, Accept-Encoding)
- CONFIG: Raise DEFAULT_MAX_HEADERS from 10 to 25
- DOC: Update architecture.yml and conf/mod_reqin_log.conf accordingly

* Thu Mar 05 2026 Developer <dev@example.com> - 1.0.16
- FIX: Skip subrequests and internal redirects to log only the original client request
- DOC: Document subrequest/redirect filtering in architecture.yml

* Thu Mar 05 2026 Developer <dev@example.com> - 1.0.15
- FIX: timestamp field now uses r->request_time (request reception time) instead of apr_time_now()
- DOC: Remove unparsed_uri and fragment fields from architecture.yml (not logged)
- DOC: Update timestamp description and example_full in architecture.yml

* Mon Mar 02 2026 Developer <dev@example.com> - 1.0.14
- REFACTOR: Harmonize JSON field construction - all fields now end with comma
- FIX: Remove duplicate comma between query and host fields
- FIX: Fix buffer corruption in dynbuf_append (copy null terminator)
- PACKAGING: Config file marked as %config(noreplace)
- CHANGE: Remove unparsed_uri, fragment, content_length fields

* Mon Mar 02 2026 Developer <dev@example.com> - 1.0.13
- FIX: Correct JSON string length parameters for query and fragment fields
- FIX: Add null-termination after buffer reallocation in dynbuf_append
- CHANGE: Remove unparsed_uri, fragment, and content_length fields from JSON output
- TEST: Update unit tests to match dynbuf_append fix

* Mon Mar 02 2026 Developer <dev@example.com> - 1.0.9
- CHANGE: Remove req_id field from JSON output
- FEATURE: Add query and fragment fields (URI components)

* Mon Mar 02 2026 Developer <dev@example.com> - 1.0.8
- FEATURE: Add req_id, scheme, unparsed_uri, args, keepalives, content_length fields to JSON output
- FIX: Change socket type from SOCK_STREAM to SOCK_DGRAM per architecture.yml

* Sun Mar 01 2026 Developer <dev@example.com> - 1.0.6
- BUILD: Fix RPM package paths in Dockerfile.package (el8, el9, el10 directories)
- BUILD: Fix Makefile RPM extraction with separate volume mounts
- BUILD: Remove unused scripts (build.sh, test.sh)
- BUILD: Remove Python integration tests (not automated in CI)
- DOCS: Update README.md and architecture.yml for RPM-only packaging
- CLEANUP: Remove DEB and el7 references

* Sat Feb 28 2026 Developer <dev@example.com> - 1.0.2
- SECURITY: Add input sanitization for method, path, host, and http_version fields
- SECURITY: Add Host header truncation (256 chars max) to prevent log injection
- IMPROVEMENT: Add LOG_THROTTLED macro for consistent error reporting
- IMPROVEMENT: Improve socket state double-check pattern
- IMPROVEMENT: Fix const qualifier warnings in get_header() function
- IMPROVEMENT: Add flags field to module definition
- IMPROVEMENT: Add -Wno-error=format-security to Makefile
- TEST: Add 4 new unit tests for input sanitization
- DOC: Clarify timestamp precision
- DOC: Update README and architecture.yml
- BUILD: Update package version to 1.0.2

* Fri Feb 27 2026 Developer <dev@example.com> - 1.0.1
- FIX: Fix socket reconnection logic
- FIX: Improve error logging to prevent error_log flooding
- IMPROVEMENT: Add built-in sensitive headers blacklist
- IMPROVEMENT: Add thread-safe socket FD access via mutex
- TEST: Add comprehensive unit tests
- TEST: Add integration tests for socket loss and recovery
- DOC: Add comprehensive README with configuration examples
- DOC: Add architecture.yml documenting module design decisions

* Thu Feb 26 2026 Developer <dev@example.com> - 1.0.0
- Initial release
- Apache HTTPD 2.4 module for logging HTTP requests as JSON to Unix socket
- Non-blocking I/O with automatic reconnection
- Configurable headers with truncation support
- Compatible with prefork, worker, and event MPMs
- Built-in sensitive headers blacklist
- Throttled error reporting to prevent log flooding