From cfc1554ac0a1265355f57b94699bdaa73d192c1e Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Fri, 16 Nov 2018 08:19:58 +0000 Subject: [PATCH] Remove unused patches. --- ...nges-the-default-SSL-algo-to-TLS-1.2.patch | 28 ------- ...2.7.3-fix-mem-leak-and-cve-2013-2765.patch | 23 ------ mod_security-fix-build-with-libxml29.patch | 82 ------------------- modsecurity-2.9.0-fix-lua53-build.patch | 16 ---- 4 files changed, 149 deletions(-) delete mode 100644 0001-mlogc-Changes-the-default-SSL-algo-to-TLS-1.2.patch delete mode 100644 mod_security-2.7.3-fix-mem-leak-and-cve-2013-2765.patch delete mode 100644 mod_security-fix-build-with-libxml29.patch delete mode 100644 modsecurity-2.9.0-fix-lua53-build.patch diff --git a/0001-mlogc-Changes-the-default-SSL-algo-to-TLS-1.2.patch b/0001-mlogc-Changes-the-default-SSL-algo-to-TLS-1.2.patch deleted file mode 100644 index 3f8a93f..0000000 --- a/0001-mlogc-Changes-the-default-SSL-algo-to-TLS-1.2.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 84f2299f6b3b56cf5342ad378c3641be548bf79c Mon Sep 17 00:00:00 2001 -From: Felipe Zimmerle -Date: Mon, 3 Nov 2014 10:13:21 -0800 -Subject: [PATCH] mlogc: Changes the default SSL algo to TLS 1.2 - -As reported by Josh Amishav-Zlatin, mlogc was making usage of SSLv3 instead of -TLS 1.2. Servers should not answer SSLv3 after poodle. ---- - mlogc/mlogc.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/mlogc/mlogc.c b/mlogc/mlogc.c -index 4163230..c4b2a23 100644 ---- a/mlogc/mlogc.c -+++ b/mlogc/mlogc.c -@@ -1218,8 +1218,8 @@ static void logc_init(void) - curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE); - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); -- /* SSLv3 works better overall as some servers have issues with TLS */ -- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3); -+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); -+ - curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 15); - curl_easy_setopt(curl, CURLOPT_NOSIGNAL, TRUE); - curl_easy_setopt(curl, CURLOPT_HEADER, TRUE); --- -1.9.1 \ No newline at end of file diff --git a/mod_security-2.7.3-fix-mem-leak-and-cve-2013-2765.patch b/mod_security-2.7.3-fix-mem-leak-and-cve-2013-2765.patch deleted file mode 100644 index 3913668..0000000 --- a/mod_security-2.7.3-fix-mem-leak-and-cve-2013-2765.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff -ru modsecurity-apache_2.7.3.orig/apache2/msc_reqbody.c modsecurity-apache_2.7.3/apache2/msc_reqbody.c ---- modsecurity-apache_2.7.3.orig/apache2/msc_reqbody.c 2013-03-24 08:12:29.000000000 +0100 -+++ modsecurity-apache_2.7.3/apache2/msc_reqbody.c 2013-05-28 14:48:39.063673996 +0100 -@@ -170,6 +170,7 @@ - - /* Would storing this chunk mean going over the limit? */ - if ((msr->msc_reqbody_spilltodisk) -+ && (msr->txcfg->reqbody_buffering != REQUEST_BODY_FORCEBUF_ON) - && (msr->msc_reqbody_length + length > (apr_size_t)msr->txcfg->reqbody_inmemory_limit)) - { - msc_data_chunk **chunks; -diff -ru modsecurity-apache_2.7.3.orig/apache2/re_operators.c modsecurity-apache_2.7.3/apache2/re_operators.c ---- modsecurity-apache_2.7.3.orig/apache2/re_operators.c 2013-03-24 08:12:29.000000000 +0100 -+++ modsecurity-apache_2.7.3/apache2/re_operators.c 2013-05-28 14:49:30.448696404 +0100 -@@ -369,7 +369,7 @@ - /* rsub */ - - static char *param_remove_escape(msre_rule *rule, char *str, int len) { -- char *parm = apr_palloc(rule->ruleset->mp, len); -+ char *parm = apr_pcalloc(rule->ruleset->mp, len); - char *ret = parm; - - for(;*str!='\0';str++) { diff --git a/mod_security-fix-build-with-libxml29.patch b/mod_security-fix-build-with-libxml29.patch deleted file mode 100644 index f857e46..0000000 --- a/mod_security-fix-build-with-libxml29.patch +++ /dev/null @@ -1,82 +0,0 @@ ---- apache2/msc_crypt.c.orig 2012-10-18 10:42:43.381000000 +0100 -+++ apache2/msc_crypt.c 2012-10-18 10:46:52.442000000 +0100 -@@ -1079,6 +1079,70 @@ - - htmlDocContentDumpFormatOutput(output_buf, msr->crypto_html_tree, NULL, 0); - -+#ifdef LIBXML2_NEW_BUFFER -+ -+ if (output_buf->conv == NULL || (output_buf->conv && xmlOutputBufferGetSize(output_buf) == 0)) { -+ -+ if(output_buf->buffer == NULL || xmlOutputBufferGetSize(output_buf) == 0) { -+ xmlOutputBufferClose(output_buf); -+ xmlFreeDoc(msr->crypto_html_tree); -+ msr->of_stream_changed = 0; -+ return -1; -+ } -+ -+ if(msr->stream_output_data != NULL) { -+ free(msr->stream_output_data); -+ msr->stream_output_data = NULL; -+ } -+ -+ msr->stream_output_length = xmlOutputBufferGetSize(output_buf); -+ msr->stream_output_data = (char *)malloc(msr->stream_output_length+1); -+ -+ if (msr->stream_output_data == NULL) { -+ xmlOutputBufferClose(output_buf); -+ xmlFreeDoc(msr->crypto_html_tree); -+ return -1; -+ } -+ -+ memset(msr->stream_output_data, 0x0, msr->stream_output_length+1); -+ memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); -+ -+ if (msr->txcfg->debuglog_level >= 4) -+ msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf)); -+ -+ } else { -+ -+ if(output_buf->conv == NULL || xmlOutputBufferGetSize(output_buf) == 0) { -+ xmlOutputBufferClose(output_buf); -+ xmlFreeDoc(msr->crypto_html_tree); -+ msr->of_stream_changed = 0; -+ return -1; -+ } -+ -+ if(msr->stream_output_data != NULL) { -+ free(msr->stream_output_data); -+ msr->stream_output_data = NULL; -+ } -+ -+ msr->stream_output_length = xmlOutputBufferGetSize(output_buf); -+ msr->stream_output_data = (char *)malloc(msr->stream_output_length+1); -+ -+ if (msr->stream_output_data == NULL) { -+ xmlOutputBufferClose(output_buf); -+ xmlFreeDoc(msr->crypto_html_tree); -+ return -1; -+ } -+ -+ memset(msr->stream_output_data, 0x0, msr->stream_output_length+1); -+ memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); -+ -+ if (msr->txcfg->debuglog_level >= 4) -+ msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf)); -+ -+ } -+ -+#else -+ - if (output_buf->conv == NULL || (output_buf->conv && output_buf->conv->use == 0)) { - - if(output_buf->buffer == NULL || output_buf->buffer->use == 0) { -@@ -1139,6 +1203,8 @@ - - } - -+#endif -+ - xmlOutputBufferClose(output_buf); - - content_value = (char*)apr_psprintf(msr->mp, "%"APR_SIZE_T_FMT, msr->stream_output_length); diff --git a/modsecurity-2.9.0-fix-lua53-build.patch b/modsecurity-2.9.0-fix-lua53-build.patch deleted file mode 100644 index cc8d4ea..0000000 --- a/modsecurity-2.9.0-fix-lua53-build.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff -ru modsecurity-2.9.0.orig/apache2/msc_lua.c modsecurity-2.9.0/apache2/msc_lua.c ---- modsecurity-2.9.0.orig/apache2/msc_lua.c 2015-02-12 20:08:30.000000000 +0100 -+++ modsecurity-2.9.0/apache2/msc_lua.c 2015-02-13 13:07:42.976716385 +0100 -@@ -111,8 +111,11 @@ - dump.pool = pool; - dump.parts = apr_array_make(pool, 128, sizeof(msc_script_part *)); - -+#if LUA_VERSION_NUM >= 503 -+ lua_dump(L, dump_writer, &dump, 1); -+#else - lua_dump(L, dump_writer, &dump); -- -+#endif - (*script) = apr_pcalloc(pool, sizeof(msc_script)); - (*script)->name = filename; - (*script)->parts = dump.parts;