From 8d1c300644314d5011b647d589a7f51814e9d8d7 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 29 Sep 2025 15:09:23 +0000 Subject: [PATCH] sync with mod_md github * src/md_util.h: Include for APR 1.6+, or else define apr_cstr_casecmp to apr_natcasecmp as previously. by notroj git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1928839 13f79535-47bb-0310-9956-ffa450edef68 --- modules/md/md_acme.c | 4 ++-- modules/md/md_acme_authz.c | 6 +++--- modules/md/md_acmev2_drive.c | 2 +- modules/md/md_core.c | 4 ++-- modules/md/md_crypt.c | 16 ++++++++-------- modules/md/md_curl.c | 7 ++++--- modules/md/md_reg.c | 2 +- modules/md/md_store.c | 2 +- modules/md/md_util.c | 16 ++++++++-------- modules/md/md_util.h | 10 ++++++++++ modules/md/mod_md_config.c | 36 ++++++++++++++++++------------------ modules/md/mod_md_drive.c | 14 +++++++------- 12 files changed, 65 insertions(+), 54 deletions(-) diff --git a/modules/md/md_acme.c b/modules/md/md_acme.c index 33a7afa310a..099d3a450ee 100644 --- a/modules/md/md_acme.c +++ b/modules/md/md_acme.c @@ -81,7 +81,7 @@ static apr_status_t problem_status_get(const char *type) { } for(i = 0; i < (sizeof(Problems)/sizeof(Problems[0])); ++i) { - if (!apr_strnatcasecmp(type, Problems[i].type)) { + if (!apr_cstr_casecmp(type, Problems[i].type)) { return Problems[i].rv; } } @@ -100,7 +100,7 @@ int md_acme_problem_is_input_related(const char *problem) { } for(i = 0; i < (sizeof(Problems)/sizeof(Problems[0])); ++i) { - if (!apr_strnatcasecmp(problem, Problems[i].type)) { + if (!apr_cstr_casecmp(problem, Problems[i].type)) { return Problems[i].input_related; } } diff --git a/modules/md/md_acme_authz.c b/modules/md/md_acme_authz.c index c77dcdbaeb3..9d07052b90b 100644 --- a/modules/md/md_acme_authz.c +++ b/modules/md/md_acme_authz.c @@ -594,7 +594,7 @@ static apr_status_t find_type(void *baton, size_t index, md_json_t *json) cha_find_ctx *ctx = baton; const char *ctype = md_json_gets(json, MD_KEY_TYPE, NULL); - if (ctype && !apr_strnatcasecmp(ctx->type, ctype)) { + if (ctype && !apr_cstr_casecmp(ctx->type, ctype)) { ctx->accepted = cha_from_json(ctx->p, index, json); return 0; } @@ -644,7 +644,7 @@ apr_status_t md_acme_authz_respond(md_acme_authz_t *authz, md_acme_t *acme, md_s if (fctx.accepted) { for (j = 0; j < (int)CHA_TYPES_LEN; ++j) { - if (!apr_strnatcasecmp(CHA_TYPES[j].name, fctx.accepted->type)) { + if (!apr_cstr_casecmp(CHA_TYPES[j].name, fctx.accepted->type)) { md_result_activity_printf(result, "Setting up challenge '%s' for domain %s", fctx.accepted->type, authz->domain); rv = CHA_TYPES[j].setup(fctx.accepted, authz, acme, store, key_specs, @@ -702,7 +702,7 @@ apr_status_t md_acme_authz_teardown(struct md_store_t *store, const char *token, domain = strchr(challenge, ':'); *domain = '\0'; domain++; for (i = 0; i < (int)CHA_TYPES_LEN; ++i) { - if (!apr_strnatcasecmp(CHA_TYPES[i].name, challenge)) { + if (!apr_cstr_casecmp(CHA_TYPES[i].name, challenge)) { if (CHA_TYPES[i].teardown) { return CHA_TYPES[i].teardown(store, domain, md, env, p); } diff --git a/modules/md/md_acmev2_drive.c b/modules/md/md_acmev2_drive.c index de58c7247ca..5b5f9515f4d 100644 --- a/modules/md/md_acmev2_drive.c +++ b/modules/md/md_acmev2_drive.c @@ -109,7 +109,7 @@ static apr_status_t ad_setup_order(md_proto_driver_t *d, md_result_t *result, in int i; for (i = 0; !profile && i < ad->acme->api.v2.profiles->nelts; ++i) { const char *s = APR_ARRAY_IDX(ad->acme->api.v2.profiles, i, const char*); - if (!apr_strnatcasecmp(s, ad->profile)) + if (!apr_cstr_casecmp(s, ad->profile)) profile = s; } } diff --git a/modules/md/md_core.c b/modules/md/md_core.c index 95b289d2d48..d47c4463287 100644 --- a/modules/md/md_core.c +++ b/modules/md/md_core.c @@ -430,7 +430,7 @@ const char *md_get_ca_name_from_url(apr_pool_t *p, const char *url) unsigned int i; for (i = 0; i < sizeof(KNOWN_CAs)/sizeof(KNOWN_CAs[0]); ++i) { - if (!apr_strnatcasecmp(KNOWN_CAs[i].url, url)) { + if (!apr_cstr_casecmp(KNOWN_CAs[i].url, url)) { return KNOWN_CAs[i].name; } } @@ -448,7 +448,7 @@ apr_status_t md_get_ca_url_from_name(const char **purl, apr_pool_t *p, const cha *purl = NULL; for (i = 0; i < sizeof(KNOWN_CAs)/sizeof(KNOWN_CAs[0]); ++i) { - if (!apr_strnatcasecmp(KNOWN_CAs[i].name, name)) { + if (!apr_cstr_casecmp(KNOWN_CAs[i].name, name)) { *purl = KNOWN_CAs[i].url; goto leave; } diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c index c5a6dd6f9eb..23a6fd11886 100644 --- a/modules/md/md_crypt.c +++ b/modules/md/md_crypt.c @@ -338,7 +338,7 @@ int md_pkeys_spec_contains_ec(md_pkeys_spec_t *pks, const char *curve) for (i = 0; i < pks->specs->nelts; ++i) { spec = APR_ARRAY_IDX(pks->specs, i, md_pkey_spec_t*); if (MD_PKEY_TYPE_EC == spec->type - && !apr_strnatcasecmp(curve, spec->params.ec.curve)) return 1; + && !apr_cstr_casecmp(curve, spec->params.ec.curve)) return 1; } return 0; } @@ -428,10 +428,10 @@ md_pkey_spec_t *md_pkey_spec_from_json(struct md_json_t *json, apr_pool_t *p) if (spec) { s = md_json_gets(json, MD_KEY_TYPE, NULL); - if (!s || !apr_strnatcasecmp("Default", s)) { + if (!s || !apr_cstr_casecmp("Default", s)) { spec->type = MD_PKEY_TYPE_DEFAULT; } - else if (!apr_strnatcasecmp("RSA", s)) { + else if (!apr_cstr_casecmp("RSA", s)) { spec->type = MD_PKEY_TYPE_RSA; l = md_json_getl(json, MD_KEY_BITS, NULL); if (l >= MD_PKEY_RSA_BITS_MIN) { @@ -441,7 +441,7 @@ md_pkey_spec_t *md_pkey_spec_from_json(struct md_json_t *json, apr_pool_t *p) spec->params.rsa.bits = MD_PKEY_RSA_BITS_DEF; } } - else if (!apr_strnatcasecmp("EC", s)) { + else if (!apr_cstr_casecmp("EC", s)) { spec->type = MD_PKEY_TYPE_EC; s = md_json_gets(json, MD_KEY_CURVE, NULL); if (s) { @@ -861,26 +861,26 @@ static apr_status_t gen_ec(md_pkey_t **ppkey, apr_pool_t *p, const char *curve) curve_nid = EC_curve_nist2nid(curve); /* In case this fails, try some names from other standards, like SECG */ #ifdef NID_secp384r1 - if (NID_undef == curve_nid && !apr_strnatcasecmp("secp384r1", curve)) { + if (NID_undef == curve_nid && !apr_cstr_casecmp("secp384r1", curve)) { curve_nid = NID_secp384r1; curve = EC_curve_nid2nist(curve_nid); } #endif #ifdef NID_X9_62_prime256v1 - if (NID_undef == curve_nid && !apr_strnatcasecmp("secp256r1", curve)) { + if (NID_undef == curve_nid && !apr_cstr_casecmp("secp256r1", curve)) { curve_nid = NID_X9_62_prime256v1; curve = EC_curve_nid2nist(curve_nid); } #endif #ifdef NID_X9_62_prime192v1 - if (NID_undef == curve_nid && !apr_strnatcasecmp("secp192r1", curve)) { + if (NID_undef == curve_nid && !apr_cstr_casecmp("secp192r1", curve)) { curve_nid = NID_X9_62_prime192v1; curve = EC_curve_nid2nist(curve_nid); } #endif #if defined(NID_X25519) && (!defined(LIBRESSL_VERSION_NUMBER) || \ LIBRESSL_VERSION_NUMBER >= 0x3070000fL) - if (NID_undef == curve_nid && !apr_strnatcasecmp("X25519", curve)) { + if (NID_undef == curve_nid && !apr_cstr_casecmp("X25519", curve)) { curve_nid = NID_X25519; curve = EC_curve_nid2nist(curve_nid); } diff --git a/modules/md/md_curl.c b/modules/md/md_curl.c index 3a39f437f9f..e6a37176e98 100644 --- a/modules/md/md_curl.c +++ b/modules/md/md_curl.c @@ -22,6 +22,7 @@ #include #include +#include "md.h" #include "md_http.h" #include "md_log.h" #include "md_util.h" @@ -275,13 +276,13 @@ static apr_status_t internals_setup(md_http_request_t *req) internals->response->body = apr_brigade_create(req->pool, req->bucket_alloc); curl_easy_setopt(curl, CURLOPT_URL, req->url); - if (!apr_strnatcasecmp("GET", req->method)) { + if (!apr_cstr_casecmp("GET", req->method)) { /* nop */ } - else if (!apr_strnatcasecmp("HEAD", req->method)) { + else if (!apr_cstr_casecmp("HEAD", req->method)) { curl_easy_setopt(curl, CURLOPT_NOBODY, 1L); } - else if (!apr_strnatcasecmp("POST", req->method)) { + else if (!apr_cstr_casecmp("POST", req->method)) { curl_easy_setopt(curl, CURLOPT_POST, 1L); } else { diff --git a/modules/md/md_reg.c b/modules/md/md_reg.c index 5da2f6dd4bc..36d1944b879 100644 --- a/modules/md/md_reg.c +++ b/modules/md/md_reg.c @@ -111,7 +111,7 @@ apr_status_t md_reg_create(md_reg_t **preg, apr_pool_t *p, struct md_store_t *st reg->can_http = 1; reg->can_https = 1; reg->proxy_url = proxy_url? apr_pstrdup(p, proxy_url) : NULL; - reg->ca_file = (ca_file && apr_strnatcasecmp("none", ca_file))? + reg->ca_file = (ca_file && apr_cstr_casecmp("none", ca_file))? apr_pstrdup(p, ca_file) : NULL; reg->min_delay = min_delay; reg->retry_failover = retry_failover; diff --git a/modules/md/md_store.c b/modules/md/md_store.c index 59dbd676e9c..1ba42946e51 100644 --- a/modules/md/md_store.c +++ b/modules/md/md_store.c @@ -260,7 +260,7 @@ static const char *pk_filename(const char *keyname, const char *base, apr_pool_t /* We also run on various filesystems with difference upper/lower preserve matching * rules. Normalize the names we use, since private key specifications are basically * user input. */ - s = (keyname && apr_strnatcasecmp("rsa", keyname))? + s = (keyname && apr_cstr_casecmp("rsa", keyname))? apr_pstrcat(p, base, ".", keyname, ".pem", NULL) : apr_pstrcat(p, base, ".pem", NULL); for (t = s; *t; t++ ) diff --git a/modules/md/md_util.c b/modules/md/md_util.c index 95ecc27b7af..759995cba86 100644 --- a/modules/md/md_util.c +++ b/modules/md/md_util.c @@ -256,7 +256,7 @@ int md_array_str_index(const apr_array_header_t *array, const char *s, for (i = start; i < array->nelts; i++) { const char *p = APR_ARRAY_IDX(array, i, const char *); if ((case_sensitive && !strcmp(p, s)) - || (!case_sensitive && !apr_strnatcasecmp(p, s))) { + || (!case_sensitive && !apr_cstr_casecmp(p, s))) { return i; } } @@ -278,7 +278,7 @@ int md_array_str_eq(const struct apr_array_header_t *a1, s1 = APR_ARRAY_IDX(a1, i, const char *); s2 = APR_ARRAY_IDX(a2, i, const char *); if ((case_sensitive && strcmp(s1, s2)) - || (!case_sensitive && apr_strnatcasecmp(s1, s2))) { + || (!case_sensitive && apr_cstr_casecmp(s1, s2))) { return 0; } } @@ -325,7 +325,7 @@ apr_array_header_t *md_array_str_remove(apr_pool_t *p, apr_array_header_t *src, const char *s = APR_ARRAY_IDX(src, i, const char *); if (!exclude || (case_sensitive && strcmp(exclude, s)) - || (!case_sensitive && apr_strnatcasecmp(exclude, s))) { + || (!case_sensitive && apr_cstr_casecmp(exclude, s))) { APR_ARRAY_PUSH(dest, const char *) = apr_pstrdup(p, s); } } @@ -859,10 +859,10 @@ int md_dns_matches(const char *pattern, const char *domain) { const char *s; - if (!apr_strnatcasecmp(pattern, domain)) return 1; + if (!apr_cstr_casecmp(pattern, domain)) return 1; if (pattern[0] == '*' && pattern[1] == '.') { s = strchr(domain, '.'); - if (s && !apr_strnatcasecmp(pattern+1, s)) return 1; + if (s && !apr_cstr_casecmp(pattern+1, s)) return 1; } return 0; } @@ -1026,8 +1026,8 @@ apr_status_t md_util_abs_http_uri_check(apr_pool_t *p, const char *uri, const ch *perr = "missing uri scheme"; return APR_EINVAL; } - if (apr_strnatcasecmp("http", uri_parsed.scheme) - && apr_strnatcasecmp("https", uri_parsed.scheme)) { + if (apr_cstr_casecmp("http", uri_parsed.scheme) + && apr_cstr_casecmp("https", uri_parsed.scheme)) { *perr = "uri scheme must be http or https"; return APR_EINVAL; } @@ -1509,7 +1509,7 @@ static int find_url(void *baton, const char *key, const char *value) { find_ctx *outer = baton; - if (!apr_strnatcasecmp("link", key)) { + if (!apr_cstr_casecmp("link", key)) { link_ctx ctx; memset(&ctx, 0, sizeof(ctx)); diff --git a/modules/md/md_util.h b/modules/md/md_util.h index d9747888e89..51bad5ba8ea 100644 --- a/modules/md/md_util.h +++ b/modules/md/md_util.h @@ -20,6 +20,16 @@ #include #include +#include + +#if APR_VERSION_AT_LEAST(1,6,0) +#include +#else +/* Define a (poor) backwards-compatibility entry point for + * apr_cstr_casecmp() from APR 1.6. */ +#define apr_cstr_casecmp apr_natcasecmp +#endif + struct apr_array_header_t; struct apr_table_t; diff --git a/modules/md/mod_md_config.c b/modules/md/mod_md_config.c index 70632b22ef8..73292ef94f4 100644 --- a/modules/md/mod_md_config.c +++ b/modules/md/mod_md_config.c @@ -296,7 +296,7 @@ void *md_config_merge_svr(apr_pool_t *pool, void *basev, void *addv) static int inside_section(cmd_parms *cmd, const char *section) { ap_directive_t *d; for (d = cmd->directive->parent; d; d = d->parent) { - if (!ap_cstr_casecmp(d->directive, section)) { + if (!apr_cstr_casecmp(d->directive, section)) { return 1; } } @@ -341,10 +341,10 @@ static const char *md_conf_check_location(cmd_parms *cmd, int flags) static const char *set_on_off(int *pvalue, const char *s, apr_pool_t *p) { - if (!apr_strnatcasecmp("off", s)) { + if (!apr_cstr_casecmp("off", s)) { *pvalue = 0; } - else if (!apr_strnatcasecmp("on", s)) { + else if (!apr_cstr_casecmp("on", s)) { *pvalue = 1; } else { @@ -364,11 +364,11 @@ static void add_domain_name(apr_array_header_t *domains, const char *name, apr_p static const char *set_transitive(int *ptransitive, const char *value) { - if (!apr_strnatcasecmp("auto", value)) { + if (!apr_cstr_casecmp("auto", value)) { *ptransitive = 1; return NULL; } - else if (!apr_strnatcasecmp("manual", value)) { + else if (!apr_cstr_casecmp("manual", value)) { *ptransitive = 0; return NULL; } @@ -573,13 +573,13 @@ static const char *md_config_set_renew_mode(cmd_parms *cmd, void *dc, const char md_renew_mode_t renew_mode; (void)dc; - if (!apr_strnatcasecmp("auto", value) || !apr_strnatcasecmp("automatic", value)) { + if (!apr_cstr_casecmp("auto", value) || !apr_cstr_casecmp("automatic", value)) { renew_mode = MD_RENEW_AUTO; } - else if (!apr_strnatcasecmp("always", value)) { + else if (!apr_cstr_casecmp("always", value)) { renew_mode = MD_RENEW_ALWAYS; } - else if (!apr_strnatcasecmp("manual", value) || !apr_strnatcasecmp("stick", value)) { + else if (!apr_cstr_casecmp("manual", value) || !apr_cstr_casecmp("stick", value)) { renew_mode = MD_RENEW_MANUAL; } else { @@ -739,10 +739,10 @@ static const char *md_config_set_store_locks(cmd_parms *cmd, void *dc, const cha if (err) { return err; } - else if (!apr_strnatcasecmp("off", s)) { + else if (!apr_cstr_casecmp("off", s)) { use_store_locks = 0; } - else if (!apr_strnatcasecmp("on", s)) { + else if (!apr_cstr_casecmp("on", s)) { use_store_locks = 1; } else { @@ -767,10 +767,10 @@ static const char *md_config_set_match_mode(cmd_parms *cmd, void *dc, const char if (err) { return err; } - else if (!apr_strnatcasecmp("all", s)) { + else if (!apr_cstr_casecmp("all", s)) { config->mc->match_mode = MD_MATCH_ALL; } - else if (!apr_strnatcasecmp("servernames", s)) { + else if (!apr_cstr_casecmp("servernames", s)) { config->mc->match_mode = MD_MATCH_SERVERNAMES; } else { @@ -788,13 +788,13 @@ static const char *md_config_set_require_https(cmd_parms *cmd, void *dc, const c return err; } (void)dc; - if (!apr_strnatcasecmp("off", value)) { + if (!apr_cstr_casecmp("off", value)) { config->require_https = MD_REQUIRE_OFF; } - else if (!apr_strnatcasecmp(MD_KEY_TEMPORARY, value)) { + else if (!apr_cstr_casecmp(MD_KEY_TEMPORARY, value)) { config->require_https = MD_REQUIRE_TEMPORARY; } - else if (!apr_strnatcasecmp(MD_KEY_PERMANENT, value)) { + else if (!apr_cstr_casecmp(MD_KEY_PERMANENT, value)) { config->require_https = MD_REQUIRE_PERMANENT; } else { @@ -979,7 +979,7 @@ static const char *md_config_set_pkeys(cmd_parms *cmd, void *dc, config->pks = md_pkeys_spec_make(cmd->pool); for (i = 0; i < argc; ++i) { ptype = argv[i]; - if (!apr_strnatcasecmp("Default", ptype)) { + if (!apr_cstr_casecmp("Default", ptype)) { if (argc > 1) { return "'Default' allows no other parameter"; } @@ -1004,7 +1004,7 @@ static const char *md_config_set_pkeys(cmd_parms *cmd, void *dc, } md_pkeys_spec_add_rsa(config->pks, (unsigned int)bits); } - else if (!apr_strnatcasecmp("RSA", ptype)) { + else if (!apr_cstr_casecmp("RSA", ptype)) { if (i+1 >= argc || !isdigit(argv[i+1][0])) { bits = MD_PKEY_RSA_BITS_DEF; } @@ -1240,7 +1240,7 @@ static const char *md_config_set_eab(cmd_parms *cmd, void *dc, return err; } if (!hmac) { - if (!apr_strnatcasecmp("None", keyid)) { + if (!apr_cstr_casecmp("None", keyid)) { keyid = "none"; } else { diff --git a/modules/md/mod_md_drive.c b/modules/md/mod_md_drive.c index 9dfa93a290c..90ebdc30a3b 100644 --- a/modules/md/mod_md_drive.c +++ b/modules/md/mod_md_drive.c @@ -121,21 +121,21 @@ static void process_drive_job(md_renew_ctx_t *dctx, md_job_t *job, apr_pool_t *p "certificate(s)", job->mdomain); } else if (!renew_at || renew_at <= now) { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO(10512) + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO() "md(%s): need to renew now", job->mdomain); } else { apr_time_t ari_renew_at = 0; char ts[APR_RFC822_DATE_LEN]; - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO(10513) + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO() "md(%s): ARI is %senabled", job->mdomain, md->ari_renewals? "" : "not "); if (md->ari_renewals) ari_renew_at = md_reg_ari_renew_at(&ari_explain_url, dctx->mc->reg, md, dctx->mc->env, result, ptemp); if (!ari_renew_at || (ari_renew_at > renew_at)) { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO(10514) + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO() "md(%s): %sup for configured renewal in %s", job->mdomain, (ari_renew_at || !md->ari_renewals) ? "" : "no ARI available, ", @@ -146,13 +146,13 @@ static void process_drive_job(md_renew_ctx_t *dctx, md_job_t *job, apr_pool_t *p long secs = (long)apr_time_sec(ari_renew_at - now); apr_rfc822_date(ts, ari_renew_at); if (ari_explain_url) { - ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, dctx->s, APLOGNO(10515) + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, dctx->s, APLOGNO() "md(%s): CA advises renew via ARI at %s" ", for explanation see %s", job->mdomain, ts, ari_explain_url); } else - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO(10516) + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO() "md(%s): CA advises renew via ARI at %s", job->mdomain, ts); if (secs < MD_SECS_PER_DAY) { /* earlier than regular run */ @@ -162,13 +162,13 @@ static void process_drive_job(md_renew_ctx_t *dctx, md_job_t *job, apr_pool_t *p } /* ARI says we should renew *now* */ if (ari_explain_url) { - ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, dctx->s, APLOGNO(10517) + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, dctx->s, APLOGNO() "md(%s): CA advises renew via ARI now" ", for explanation see %s", job->mdomain, ari_explain_url); } else - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO(10518) + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, dctx->s, APLOGNO() "md(%s): CA advises renew via ARI now", job->mdomain); } -- 2.47.3