From b964b09c4dc6b699a8e85230aa898009dff42f36 Mon Sep 17 00:00:00 2001
From: Athmane Madjoudj <athmane@fedoraproject.org>
Date: Fri, 18 Apr 2014 17:06:31 +0100
Subject: [PATCH] Fix m_strcasestr not defined in old mod_security branch issue
 (RHBZ #1089343)

---
 ...8-fix-m_strcasestr-issue-rhbz1089343.patch | 38 +++++++++++++++++++
 mod_security.spec                             |  7 +++-
 2 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 mod_security-2.6.8-fix-m_strcasestr-issue-rhbz1089343.patch

diff --git a/mod_security-2.6.8-fix-m_strcasestr-issue-rhbz1089343.patch b/mod_security-2.6.8-fix-m_strcasestr-issue-rhbz1089343.patch
new file mode 100644
index 0000000..19b429c
--- /dev/null
+++ b/mod_security-2.6.8-fix-m_strcasestr-issue-rhbz1089343.patch
@@ -0,0 +1,38 @@
+diff -ru modsecurity-apache_2.6.8/apache2/msc_util.c modsecurity-apache_2.6.8-patched/apache2/msc_util.c
+--- modsecurity-apache_2.6.8/apache2/msc_util.c	2012-09-25 14:05:00.000000000 +0100
++++ modsecurity-apache_2.6.8-patched/apache2/msc_util.c	2014-04-18 16:11:02.765000000 +0100
+@@ -368,6 +368,24 @@
+     return d;
+ }
+ 
++char *m_strcasestr(const char *haystack, const char *needle) {
++    char aux, lower_aux;
++    int length;
++
++    if ((aux = *needle++) != 0) {
++        aux = (char)tolower((unsigned char)aux);
++        length = strlen(needle);
++        do {
++            do {
++                if ((lower_aux = *haystack++) == 0)
++                    return NULL;
++            } while ((char)tolower((unsigned char)lower_aux) != aux);
++        } while (strncasecmp(haystack, needle, length) != 0);
++        haystack--;
++    }
++    return ((char *)haystack);
++}
++
+ /**
+  *
+  */
+diff -ru modsecurity-apache_2.6.8/apache2/msc_util.h modsecurity-apache_2.6.8-patched/apache2/msc_util.h
+--- modsecurity-apache_2.6.8/apache2/msc_util.h	2012-09-25 14:05:00.000000000 +0100
++++ modsecurity-apache_2.6.8-patched/apache2/msc_util.h	2014-04-18 16:09:40.007000000 +0100
+@@ -111,4 +111,6 @@
+ 
+ char DSOLOCAL *format_all_performance_variables(modsec_rec *msr, apr_pool_t *mp);
+ 
++char DSOLOCAL *m_strcasestr(const char *haystack, const char *needle);
++
+ #endif
diff --git a/mod_security.spec b/mod_security.spec
index 1e95448..6b7966c 100644
--- a/mod_security.spec
+++ b/mod_security.spec
@@ -8,7 +8,7 @@
 Summary: Security module for the Apache HTTP Server
 Name: mod_security 
 Version: 2.6.8
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: ASL 2.0
 URL: http://www.modsecurity.org/
 Group: System Environment/Daemons
@@ -18,6 +18,7 @@ Patch0: mod_security-fix-cve-2012-4528.patch
 Patch1: mod_security-2.6.8-rhbz947842.patch
 Patch2: mod_security-2.6.8_fix_cve-2013-2765.patch
 Patch3: mod_security-2.7.6-fix_chunked_string_case_sensitive_issue-cve-2013-5705.patch
+Patch4: mod_security-2.6.8-fix-m_strcasestr-issue-rhbz1089343.patch
 Requires: httpd httpd-mmn = %{_httpd_mmn}
 BuildRequires: httpd-devel libxml2-devel pcre-devel curl-devel lua-devel
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -41,6 +42,7 @@ This package contains the ModSecurity Audit Log Collector.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 %build
 %configure --enable-pcre-match-limit=1000000 \
@@ -108,6 +110,9 @@ rm -rf %{buildroot}
 %attr(0755,root,root) %{_bindir}/mlogc-batch-load
 
 %changelog
+* Fri Apr 18 2014 Athmane Madjoudj <athmane@fedoraproject.org> 2.6.8-6
+- Fix m_strcasestr not defined in old mod_security branch issue (RHBZ #1089343)
+
 * Tue Apr 01 2014 Athmane Madjoudj <athmane@fedoraproject.org>  2.6.8-5
 - Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906)