pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/ap-modsecurity2 Fix conflict with NetBSD's hmac.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/1281b60175de
branches:  trunk
changeset: 356259:1281b60175de
user:      joerg <joerg%pkgsrc.org@localhost>
date:      Sat Dec 24 10:16:50 2016 +0000

description:
Fix conflict with NetBSD's hmac.

diffstat:

 security/ap-modsecurity2/distinfo                           |    4 +-
 security/ap-modsecurity2/patches/patch-apache2_msc__crypt.c |  151 ++++++++++++
 security/ap-modsecurity2/patches/patch-apache2_msc__crypt.h |   15 +
 3 files changed, 169 insertions(+), 1 deletions(-)

diffs (187 lines):

diff -r e8fe0a9ce98e -r 1281b60175de security/ap-modsecurity2/distinfo
--- a/security/ap-modsecurity2/distinfo Sat Dec 24 10:16:07 2016 +0000
+++ b/security/ap-modsecurity2/distinfo Sat Dec 24 10:16:50 2016 +0000
@@ -1,6 +1,8 @@
-$NetBSD: distinfo,v 1.9 2015/11/04 01:17:41 agc Exp $
+$NetBSD: distinfo,v 1.10 2016/12/24 10:16:50 joerg Exp $
 
 SHA1 (modsecurity-apache_2.7.7.tar.gz) = 344c8c102d9800d48bd42eb683cd2ddd7c515be1
 RMD160 (modsecurity-apache_2.7.7.tar.gz) = aa6eb85000d8bee86a5ec3cf6a03ac82a9e76dc6
 SHA512 (modsecurity-apache_2.7.7.tar.gz) = 859f72580b6acaae5db180f98ee32ad2cb0f3ef24321d0c2df20ddd9fcfbc6c09c98b672012dc4931a6fd14f3c21c38ed31ab8900940382fcb48b37f30005a7d
 Size (modsecurity-apache_2.7.7.tar.gz) = 1003835 bytes
+SHA1 (patch-apache2_msc__crypt.c) = 01bdb8291c83a8abbd1e990d96a768d9bec0ef89
+SHA1 (patch-apache2_msc__crypt.h) = dc83f494f81823deddf00dd005a632d085039664
diff -r e8fe0a9ce98e -r 1281b60175de security/ap-modsecurity2/patches/patch-apache2_msc__crypt.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.c       Sat Dec 24 10:16:50 2016 +0000
@@ -0,0 +1,151 @@
+$NetBSD: patch-apache2_msc__crypt.c,v 1.1 2016/12/24 10:16:50 joerg Exp $
+
+Avoid conflict with NetBSD's hmac(3).
+
+--- apache2/msc_crypt.c.orig   2016-12-24 09:55:14.605925316 +0000
++++ apache2/msc_crypt.c
+@@ -182,7 +182,7 @@ char *getkey(apr_pool_t *mp) {
+  *
+  * \retval hex_digest The MAC
+  */
+-char *hmac(modsec_rec *msr, const char *key, int key_len,
++char *mschmac(modsec_rec *msr, const char *key, int key_len,
+         unsigned char *msg, int msglen) {
+     apr_sha1_ctx_t ctx;
+     unsigned char digest[APR_SHA1_DIGESTSIZE];
+@@ -1245,7 +1245,7 @@ char *do_hash_link(modsec_rec *msr, char
+                 }
+ 
+             if(msr->txcfg->crypto_key_add == HASH_KEYONLY)
+-                hash_value =  hmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
++                hash_value =  mschmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
+ 
+             if(msr->txcfg->crypto_key_add == HASH_SESSIONID)  {
+                 if(msr->sessionid == NULL || strlen(msr->sessionid) == 0)   {
+@@ -1257,13 +1257,13 @@ char *do_hash_link(modsec_rec *msr, char
+                     if (msr->txcfg->debuglog_level >= 4)
+                         msr_log(msr, 4, "Session id is empty. Using REMOTE_IP");
+                     msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                    hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
++                    hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
+                 } else {
+                     const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->sessionid);
+                     if (msr->txcfg->debuglog_level >= 4)
+                         msr_log(msr, 4, "Using session id [%s]", msr->sessionid);
+                     msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                    hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
++                    hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
+                 }
+             }
+ 
+@@ -1274,7 +1274,7 @@ char *do_hash_link(modsec_rec *msr, char
+                 const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->r->connection->remote_ip);
+ #endif
+                 msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
++                hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
+             }
+         } else  {
+             return NULL;
+@@ -1288,7 +1288,7 @@ char *do_hash_link(modsec_rec *msr, char
+                 }
+ 
+                 if(msr->txcfg->crypto_key_add == HASH_KEYONLY)
+-                    hash_value =  hmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
++                    hash_value =  mschmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
+ 
+                 if(msr->txcfg->crypto_key_add == HASH_SESSIONID)  {
+                     if(msr->sessionid == NULL || strlen(msr->sessionid) == 0)   {
+@@ -1300,13 +1300,13 @@ char *do_hash_link(modsec_rec *msr, char
+                         if (msr->txcfg->debuglog_level >= 4)
+                             msr_log(msr, 4, "Session id is empty. Using REMOTE_IP");
+                         msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                        hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
++                        hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
+                     } else {
+                         const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->sessionid);
+                         if (msr->txcfg->debuglog_level >= 4)
+                             msr_log(msr, 4, "Using session id [%s]", msr->sessionid);
+                         msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                        hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
++                        hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
+                     }
+                 }
+ 
+@@ -1317,7 +1317,7 @@ char *do_hash_link(modsec_rec *msr, char
+                     const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->r->connection->remote_ip);
+ #endif
+                     msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                    hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
++                    hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1);
+                 }
+             } else  {
+                 return NULL;
+@@ -1329,7 +1329,7 @@ char *do_hash_link(modsec_rec *msr, char
+                 }
+ 
+             if(msr->txcfg->crypto_key_add == HASH_KEYONLY)
+-                hash_value = hmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1);
++                hash_value = mschmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1);
+ 
+             if(msr->txcfg->crypto_key_add == HASH_SESSIONID)  {
+                 if(msr->sessionid == NULL || strlen(msr->sessionid) == 0)   {
+@@ -1341,13 +1341,13 @@ char *do_hash_link(modsec_rec *msr, char
+                     if (msr->txcfg->debuglog_level >= 4)
+                         msr_log(msr, 4, "Session id is empty. Using REMOTE_IP");
+                     msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                    hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1);
++                    hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1);
+                 } else  {
+                     const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->sessionid);
+                     if (msr->txcfg->debuglog_level >= 4)
+                         msr_log(msr, 4, "Using session id [%s]", msr->sessionid);
+                     msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                    hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1);
++                    hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1);
+                 }
+             }
+ 
+@@ -1358,7 +1358,7 @@ char *do_hash_link(modsec_rec *msr, char
+                 const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->r->connection->remote_ip);
+ #endif
+                 msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1);
++                hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1);
+             }
+ 
+         }
+@@ -1383,7 +1383,7 @@ char *do_hash_link(modsec_rec *msr, char
+                 }
+ 
+             if(msr->txcfg->crypto_key_add == HASH_KEYONLY)
+-                hash_value = hmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link));
++                hash_value = mschmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link));
+ 
+             if(msr->txcfg->crypto_key_add == HASH_SESSIONID)  {
+                 if(msr->sessionid == NULL || strlen(msr->sessionid) == 0)   {
+@@ -1395,13 +1395,13 @@ char *do_hash_link(modsec_rec *msr, char
+                     if (msr->txcfg->debuglog_level >= 4)
+                         msr_log(msr, 4, "Session id is empty. Using REMOTE_IP");
+                     msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                    hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link));
++                    hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link));
+                 } else {
+                     const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->sessionid);
+                     if (msr->txcfg->debuglog_level >= 4)
+                         msr_log(msr, 4, "Using session id [%s]", msr->sessionid);
+                     msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                    hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link));
++                    hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link));
+                 }
+             }
+ 
+@@ -1412,7 +1412,7 @@ char *do_hash_link(modsec_rec *msr, char
+                 const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->r->connection->remote_ip);
+ #endif
+                 msr->txcfg->crypto_key_len = strlen(new_pwd);
+-                hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link));
++                hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link));
+             }
+ 
+         link = relative_uri;
diff -r e8fe0a9ce98e -r 1281b60175de security/ap-modsecurity2/patches/patch-apache2_msc__crypt.h
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.h       Sat Dec 24 10:16:50 2016 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-apache2_msc__crypt.h,v 1.1 2016/12/24 10:16:50 joerg Exp $
+
+Avoid conflict with NetBSD's hmac(3).
+
+--- apache2/msc_crypt.h.orig   2016-12-24 09:55:12.580528917 +0000
++++ apache2/msc_crypt.h
+@@ -27,7 +27,7 @@
+ #define INT32_MAX      (2147483647)
+ #endif
+ 
+-char DSOLOCAL *hmac(modsec_rec *msr, const char *key, int key_len,
++char DSOLOCAL *mschmac(modsec_rec *msr, const char *key, int key_len,
+                      unsigned char *msg, int msglen);
+ char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link,
+                       int type);



Home | Main Index | Thread Index | Old Index