Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id 1FCA37A234 for ; Sat, 24 Dec 2016 10:16:52 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id C5815855C7; Sat, 24 Dec 2016 10:16:51 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 567AE855A1 for ; Sat, 24 Dec 2016 10:16:51 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id zESdORAy7J4A for ; Sat, 24 Dec 2016 10:16:50 +0000 (UTC) Received: from cvs.NetBSD.org (unknown [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 7155284CEE for ; Sat, 24 Dec 2016 10:16:50 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 6AB4AFBA6; Sat, 24 Dec 2016 10:16:50 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1482574610253570" MIME-Version: 1.0 Date: Sat, 24 Dec 2016 10:16:50 +0000 From: "Joerg Sonnenberger" Subject: CVS commit: pkgsrc/security/ap-modsecurity2 To: pkgsrc-changes@NetBSD.org Reply-To: joerg@netbsd.org X-Mailer: log_accum Message-Id: <20161224101650.6AB4AFBA6@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk This is a multi-part message in MIME format. --_----------=_1482574610253570 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: joerg Date: Sat Dec 24 10:16:50 UTC 2016 Modified Files: pkgsrc/security/ap-modsecurity2: distinfo Added Files: pkgsrc/security/ap-modsecurity2/patches: patch-apache2_msc__crypt.c patch-apache2_msc__crypt.h Log Message: Fix conflict with NetBSD's hmac. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 pkgsrc/security/ap-modsecurity2/distinfo cvs rdiff -u -r0 -r1.1 \ pkgsrc/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.c \ pkgsrc/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1482574610253570 Content-Disposition: inline Content-Length: 12606 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/security/ap-modsecurity2/distinfo diff -u pkgsrc/security/ap-modsecurity2/distinfo:1.9 pkgsrc/security/ap-modsecurity2/distinfo:1.10 --- pkgsrc/security/ap-modsecurity2/distinfo:1.9 Wed Nov 4 01:17:41 2015 +++ pkgsrc/security/ap-modsecurity2/distinfo Sat Dec 24 10:16:50 2016 @@ -1,6 +1,8 @@ -$NetBSD: distinfo,v 1.9 2015/11/04 01:17:41 agc Exp $ +$NetBSD: distinfo,v 1.10 2016/12/24 10:16:50 joerg Exp $ SHA1 (modsecurity-apache_2.7.7.tar.gz) = 344c8c102d9800d48bd42eb683cd2ddd7c515be1 RMD160 (modsecurity-apache_2.7.7.tar.gz) = aa6eb85000d8bee86a5ec3cf6a03ac82a9e76dc6 SHA512 (modsecurity-apache_2.7.7.tar.gz) = 859f72580b6acaae5db180f98ee32ad2cb0f3ef24321d0c2df20ddd9fcfbc6c09c98b672012dc4931a6fd14f3c21c38ed31ab8900940382fcb48b37f30005a7d Size (modsecurity-apache_2.7.7.tar.gz) = 1003835 bytes +SHA1 (patch-apache2_msc__crypt.c) = 01bdb8291c83a8abbd1e990d96a768d9bec0ef89 +SHA1 (patch-apache2_msc__crypt.h) = dc83f494f81823deddf00dd005a632d085039664 Added files: Index: pkgsrc/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.c diff -u /dev/null pkgsrc/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.c:1.1 --- /dev/null Sat Dec 24 10:16:50 2016 +++ pkgsrc/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.c Sat Dec 24 10:16:50 2016 @@ -0,0 +1,151 @@ +$NetBSD: patch-apache2_msc__crypt.c,v 1.1 2016/12/24 10:16:50 joerg Exp $ + +Avoid conflict with NetBSD's hmac(3). + +--- apache2/msc_crypt.c.orig 2016-12-24 09:55:14.605925316 +0000 ++++ apache2/msc_crypt.c +@@ -182,7 +182,7 @@ char *getkey(apr_pool_t *mp) { + * + * \retval hex_digest The MAC + */ +-char *hmac(modsec_rec *msr, const char *key, int key_len, ++char *mschmac(modsec_rec *msr, const char *key, int key_len, + unsigned char *msg, int msglen) { + apr_sha1_ctx_t ctx; + unsigned char digest[APR_SHA1_DIGESTSIZE]; +@@ -1245,7 +1245,7 @@ char *do_hash_link(modsec_rec *msr, char + } + + if(msr->txcfg->crypto_key_add == HASH_KEYONLY) +- hash_value = hmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); ++ hash_value = mschmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); + + if(msr->txcfg->crypto_key_add == HASH_SESSIONID) { + if(msr->sessionid == NULL || strlen(msr->sessionid) == 0) { +@@ -1257,13 +1257,13 @@ char *do_hash_link(modsec_rec *msr, char + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "Session id is empty. Using REMOTE_IP"); + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); + } else { + const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->sessionid); + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "Using session id [%s]", msr->sessionid); + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); + } + } + +@@ -1274,7 +1274,7 @@ char *do_hash_link(modsec_rec *msr, char + const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->r->connection->remote_ip); + #endif + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); + } + } else { + return NULL; +@@ -1288,7 +1288,7 @@ char *do_hash_link(modsec_rec *msr, char + } + + if(msr->txcfg->crypto_key_add == HASH_KEYONLY) +- hash_value = hmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); ++ hash_value = mschmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); + + if(msr->txcfg->crypto_key_add == HASH_SESSIONID) { + if(msr->sessionid == NULL || strlen(msr->sessionid) == 0) { +@@ -1300,13 +1300,13 @@ char *do_hash_link(modsec_rec *msr, char + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "Session id is empty. Using REMOTE_IP"); + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); + } else { + const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->sessionid); + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "Using session id [%s]", msr->sessionid); + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); + } + } + +@@ -1317,7 +1317,7 @@ char *do_hash_link(modsec_rec *msr, char + const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->r->connection->remote_ip); + #endif + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) path_chunk+1, strlen((char*)path_chunk)-1); + } + } else { + return NULL; +@@ -1329,7 +1329,7 @@ char *do_hash_link(modsec_rec *msr, char + } + + if(msr->txcfg->crypto_key_add == HASH_KEYONLY) +- hash_value = hmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1); ++ hash_value = mschmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1); + + if(msr->txcfg->crypto_key_add == HASH_SESSIONID) { + if(msr->sessionid == NULL || strlen(msr->sessionid) == 0) { +@@ -1341,13 +1341,13 @@ char *do_hash_link(modsec_rec *msr, char + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "Session id is empty. Using REMOTE_IP"); + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1); + } else { + const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->sessionid); + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "Using session id [%s]", msr->sessionid); + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1); + } + } + +@@ -1358,7 +1358,7 @@ char *do_hash_link(modsec_rec *msr, char + const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->r->connection->remote_ip); + #endif + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) link+1, strlen((char*)link)-1); + } + + } +@@ -1383,7 +1383,7 @@ char *do_hash_link(modsec_rec *msr, char + } + + if(msr->txcfg->crypto_key_add == HASH_KEYONLY) +- hash_value = hmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link)); ++ hash_value = mschmac(msr, msr->txcfg->crypto_key, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link)); + + if(msr->txcfg->crypto_key_add == HASH_SESSIONID) { + if(msr->sessionid == NULL || strlen(msr->sessionid) == 0) { +@@ -1395,13 +1395,13 @@ char *do_hash_link(modsec_rec *msr, char + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "Session id is empty. Using REMOTE_IP"); + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link)); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link)); + } else { + const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->sessionid); + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "Using session id [%s]", msr->sessionid); + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link)); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link)); + } + } + +@@ -1412,7 +1412,7 @@ char *do_hash_link(modsec_rec *msr, char + const char *new_pwd = apr_psprintf(msr->mp,"%s%s", msr->txcfg->crypto_key, msr->r->connection->remote_ip); + #endif + msr->txcfg->crypto_key_len = strlen(new_pwd); +- hash_value = hmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link)); ++ hash_value = mschmac(msr, new_pwd, msr->txcfg->crypto_key_len, (unsigned char *) relative_link, strlen((char*)relative_link)); + } + + link = relative_uri; Index: pkgsrc/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.h diff -u /dev/null pkgsrc/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.h:1.1 --- /dev/null Sat Dec 24 10:16:50 2016 +++ pkgsrc/security/ap-modsecurity2/patches/patch-apache2_msc__crypt.h Sat Dec 24 10:16:50 2016 @@ -0,0 +1,15 @@ +$NetBSD: patch-apache2_msc__crypt.h,v 1.1 2016/12/24 10:16:50 joerg Exp $ + +Avoid conflict with NetBSD's hmac(3). + +--- apache2/msc_crypt.h.orig 2016-12-24 09:55:12.580528917 +0000 ++++ apache2/msc_crypt.h +@@ -27,7 +27,7 @@ + #define INT32_MAX (2147483647) + #endif + +-char DSOLOCAL *hmac(modsec_rec *msr, const char *key, int key_len, ++char DSOLOCAL *mschmac(modsec_rec *msr, const char *key, int key_len, + unsigned char *msg, int msglen); + char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link, + int type); --_----------=_1482574610253570--