From 5f98d8008ee99e3d254561e8f13f307df30c46fc Mon Sep 17 00:00:00 2001 From: Breno Silva Date: Tue, 30 Oct 2012 18:14:55 -0400 Subject: [PATCH] Change names of HMAC feature to HASH --- apache2/msc_crypt.c | 46 ++++++++++++++++++++++----------------------- apache2/msc_crypt.h | 11 +++-------- 2 files changed, 26 insertions(+), 31 deletions(-) diff --git a/apache2/msc_crypt.c b/apache2/msc_crypt.c index b0f1863c..eaff19ba 100644 --- a/apache2/msc_crypt.c +++ b/apache2/msc_crypt.c @@ -625,7 +625,7 @@ int do_hash_method(modsec_rec *msr, char *link, int type) { * \retval 0 No element was changed * \retval -1 On fail */ -int encrypt_response_body_links(modsec_rec *msr) { +int hash_response_body_links(modsec_rec *msr) { int lsize = 0, fsize = 0, lcount = 0, fcount = 0, i; int isize = 0, icount = 0, frsize = 0, frcount = 0; xmlXPathContextPtr xpathCtx = NULL; @@ -639,7 +639,7 @@ int encrypt_response_body_links(modsec_rec *msr) { if (msr->crypto_html_tree == NULL) { if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "encrypt_response_body_links: Cannot parse NULL html tree"); + msr_log(msr, 4, "hash_response_body_links: Cannot parse NULL html tree"); return -1; } @@ -652,7 +652,7 @@ int encrypt_response_body_links(modsec_rec *msr) { xpathCtx = xmlXPathNewContext(msr->crypto_html_tree); if(xpathCtx == NULL) { if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "encrypt_response_body_links: Unable to create Xpath context."); + msr_log(msr, 4, "hash_response_body_links: Unable to create Xpath context."); goto ctx_error; } @@ -664,7 +664,7 @@ int encrypt_response_body_links(modsec_rec *msr) { if(xpathObj == NULL) { if (msr->txcfg->debuglog_level >= 4) msr_log(msr, 4, - "encrypt_response_body_links: Unable to evaluate xpath expression."); + "hash_response_body_links: Unable to evaluate xpath expression."); goto obj_error; } @@ -728,7 +728,7 @@ int encrypt_response_body_links(modsec_rec *msr) { if(xpathObj == NULL) { if (msr->txcfg->debuglog_level >= 4) msr_log(msr, 4, - "encrypt_response_body_links: Unable to evaluate xpath expression."); + "hash_response_body_links: Unable to evaluate xpath expression."); goto obj_error; } @@ -804,7 +804,7 @@ int encrypt_response_body_links(modsec_rec *msr) { if(xpathObj == NULL) { if (msr->txcfg->debuglog_level >= 4) msr_log(msr, 4, - "encrypt_response_body_links: Unable to evaluate xpath expression."); + "hash_response_body_links: Unable to evaluate xpath expression."); goto obj_error; } @@ -869,7 +869,7 @@ int encrypt_response_body_links(modsec_rec *msr) { if(xpathObj == NULL) { if (msr->txcfg->debuglog_level >= 4) msr_log(msr, 4, - "encrypt_response_body_links: Unable to evaluate xpath expression."); + "hash_response_body_links: Unable to evaluate xpath expression."); goto obj_error; } @@ -933,10 +933,10 @@ int encrypt_response_body_links(modsec_rec *msr) { xmlXPathFreeContext(xpathCtx); if (msr->txcfg->debuglog_level >= 4) { - msr_log(msr, 4, "encrypt_response_body_links: Processed [%d] iframe src, [%d] encrypted.",isize, icount); - msr_log(msr, 4, "encrypt_response_body_links: Processed [%d] frame src, [%d] encrypted.",frsize, frcount); - msr_log(msr, 4, "encrypt_response_body_links: Processed [%d] form actions, [%d] encrypted.",fsize, fcount); - msr_log(msr, 4, "encrypt_response_body_links: Processed [%d] links, [%d] encrypted.",lsize, lcount); + msr_log(msr, 4, "hash_response_body_links: Processed [%d] iframe src, [%d] hashed.",isize, icount); + msr_log(msr, 4, "hash_response_body_links: Processed [%d] frame src, [%d] hashed.",frsize, frcount); + msr_log(msr, 4, "hash_response_body_links: Processed [%d] form actions, [%d] hashed.",fsize, fcount); + msr_log(msr, 4, "hash_response_body_links: Processed [%d] links, [%d] hashed.",lsize, lcount); } if(msr->of_stream_changed == 0) { @@ -965,12 +965,12 @@ ctx_error: * \brief Inject the new response body * * \param msr ModSecurity transaction resource - * \param elts Number of encrypted elements + * \param elts Number of hashed elements * * \retval 1 On success * \retval -1 On fail */ -int inject_encrypted_response_body(modsec_rec *msr, int elts) { +int inject_hashed_response_body(modsec_rec *msr, int elts) { xmlOutputBufferPtr output_buf = NULL; xmlCharEncodingHandlerPtr handler = NULL; char *p = NULL; @@ -984,7 +984,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { if (msr->crypto_html_tree == NULL) { if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Cannot parse NULL html tree"); + msr_log(msr, 4, "inject_hashed_response_body: Cannot parse NULL html tree"); return -1; } @@ -1011,7 +1011,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { } if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Detected encoding type [%s].", encoding); + msr_log(msr, 4, "inject_hashed_response_body: Detected encoding type [%s].", encoding); if (handler == NULL) handler = xmlFindCharEncodingHandler("UTF-8"); @@ -1032,12 +1032,12 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { apr_table_set(msr->r->err_headers_out,"Content-Type",new_ct); if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Using content-type [%s].", handler->name); + msr_log(msr, 4, "inject_hashed_response_body: Using content-type [%s].", handler->name); output_buf = xmlAllocOutputBuffer(handler); if (output_buf == NULL) { if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Unable to allocate memory buffer."); + msr_log(msr, 4, "inject_hashed_response_body: Unable to allocate memory buffer."); xmlFreeDoc(msr->crypto_html_tree); return -1; } @@ -1073,7 +1073,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf)); + msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf)); } else { @@ -1102,7 +1102,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf)); + msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", xmlOutputBufferGetSize(output_buf)); } @@ -1135,7 +1135,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { memcpy(msr->stream_output_data, output_buf->buffer->content, msr->stream_output_length); if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", output_buf->buffer->use); + msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", output_buf->buffer->use); } else { @@ -1164,7 +1164,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { memcpy(msr->stream_output_data, output_buf->conv->content, msr->stream_output_length); if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", output_buf->conv->use); + msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", output_buf->conv->use); } @@ -1176,13 +1176,13 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { apr_table_unset(msr->r->headers_out,"Content-Length"); if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Setting new content value %s", content_value); + msr_log(msr, 4, "inject_hashed_response_body: Setting new content value %s", content_value); apr_table_set(msr->r->headers_out, "Content-Length", content_value); xmlFreeDoc(msr->crypto_html_tree); if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_encrypted_response_body: Stream buffer [%"APR_SIZE_T_FMT"]. Done",msr->stream_output_length); + msr_log(msr, 4, "inject_hashed_response_body: Stream buffer [%"APR_SIZE_T_FMT"]. Done",msr->stream_output_length); return 1; } diff --git a/apache2/msc_crypt.h b/apache2/msc_crypt.h index 94bb9931..54a6dc7f 100644 --- a/apache2/msc_crypt.h +++ b/apache2/msc_crypt.h @@ -27,11 +27,6 @@ #define INT32_MAX (2147483647) #endif -#define N16BITS_MASK 65536L -#define N16BITS_MAX 0xFFFF -#define N15BITS_MASK 0x7FFF -#define N31BITS_MASK 0x7FFFFFFF - char DSOLOCAL *hmac(modsec_rec *msr, const char *key, int key_len, unsigned char *msg, int msglen); char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link, @@ -39,9 +34,9 @@ char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link, char DSOLOCAL *getkey(apr_pool_t *mp); int DSOLOCAL init_response_body_html_parser(modsec_rec *msr); -int DSOLOCAL encrypt_response_body_links(modsec_rec *msr); -int DSOLOCAL inject_encrypted_response_body(modsec_rec *msr, int elts); -int DSOLOCAL do_encryption_method(modsec_rec *msr, char *link, int type); +int DSOLOCAL hash_response_body_links(modsec_rec *msr); +int DSOLOCAL inject_hashed_response_body(modsec_rec *msr, int elts); +int DSOLOCAL do_hash_method(modsec_rec *msr, char *link, int type); int DSOLOCAL modify_response_header(modsec_rec *msr); char DSOLOCAL *normalize_path(modsec_rec *msr, char *input); #endif