From 3bf5450b6ddc8cb36003e520d7fa41e5cc3841ec Mon Sep 17 00:00:00 2001
From: Eneas U de Queiroz <cote2004-github@yahoo.com>
Date: Thu, 9 May 2019 15:21:04 -0300
Subject: [PATCH] libevhtp: update to 1.2.18, add maintainer

Versions earlier than 1.2.15 had security vulnerabilities, especially
related to the bundled oniguruma.  Now libevhtp uses a system-provided
library instead.  The API changed as well, requiring patches to
seafile-server.

Adds @cotequeiroz Eneas U de Queiroz as maintainer.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
---
 libs/libevhtp/Makefile                        |  19 ++-
 .../patches/010-strcmp-endianness-fix.patch   |  49 -------
 .../020-openssl-1.1-compatibility.patch       | 132 ------------------
 .../libevhtp/patches/021-openssl-thread.patch |  45 ------
 libs/libevhtp/patches/030-uclibc.patch        |  12 --
 libs/libevhtp/patches/040-oniguruma.patch     |   7 -
 6 files changed, 14 insertions(+), 250 deletions(-)
 delete mode 100644 libs/libevhtp/patches/010-strcmp-endianness-fix.patch
 delete mode 100644 libs/libevhtp/patches/020-openssl-1.1-compatibility.patch
 delete mode 100644 libs/libevhtp/patches/021-openssl-thread.patch
 delete mode 100644 libs/libevhtp/patches/030-uclibc.patch
 delete mode 100644 libs/libevhtp/patches/040-oniguruma.patch

diff --git a/libs/libevhtp/Makefile b/libs/libevhtp/Makefile
index 4dc85d672..6e2313aab 100644
--- a/libs/libevhtp/Makefile
+++ b/libs/libevhtp/Makefile
@@ -11,21 +11,24 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libevhtp
-PKG_VERSION:=1.2.0
-PKG_RELEASE:=2
+PKG_VERSION:=1.2.18
+PKG_RELEASE:=1
 # This package is building a static library, used by seafile-server
 # Every time the built library changes (metadata changes are exempt),
 # seafile-server needs a release bump to ensure the update is used.
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/criticalstack/libevhtp/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=d8d98072693f5f68ccd74d327dedfa2f6add4446ac2799689c2f58dd480aa301
+PKG_HASH:=316ede0d672be3ae6fe489d4ac1c8c53a1db7d4fe05edaff3c7c853933e02795
 
-PKG_MAINTAINER:=
+PKG_MAINTAINER:=Eneas U de Queiroz <cote2004-github@yahoo.com>
 PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
 
 CMAKE_INSTALL:=1
+CMAKE_OPTIONS += \
+	-DLIB_INSTALL_DIR="$(STAGING_DIR)/usr/lib" \
+	-DINCLUDE_INSTALL_DIR="$(STAGING_DIR)/usr/include"
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
@@ -35,7 +38,7 @@ define Package/libevhtp
     CATEGORY:=Libraries
     TITLE:=A more flexible replacement for libevent's httpd API
     URL:=https://github.com/criticalstack/libevhtp
-    DEPENDS:=+libevent2 +libevent2-openssl +libevent2-pthreads
+    DEPENDS:=+libevent2 +libevent2-openssl +libevent2-pthreads +oniguruma
 endef
 
 define Package/libevhtp/description
@@ -44,4 +47,10 @@ define Package/libevhtp/description
    meaning the developer never thought of it being used for creating a full-fledged HTTP service.
 endef
 
+define Package/InstallDev
+	$(INSTALL_DIR) $(1)/usr/{lib,include}
+	$(CP) $(PKG_INSTALL_DIR)/usr/include/. $(1)/usr/include/
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/. $(1)/usr/lib/
+endef
+
 $(eval $(call BuildPackage,libevhtp))
diff --git a/libs/libevhtp/patches/010-strcmp-endianness-fix.patch b/libs/libevhtp/patches/010-strcmp-endianness-fix.patch
deleted file mode 100644
index 072b76b0a..000000000
--- a/libs/libevhtp/patches/010-strcmp-endianness-fix.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-diff -rupN libevhtp-1.2.9.orig/htparse/htparse.c libevhtp-1.2.9/htparse/htparse.c
---- libevhtp-1.2.9.orig/htparse/htparse.c	2014-03-23 12:50:50.000000000 +0100
-+++ libevhtp-1.2.9/htparse/htparse.c	2014-12-09 01:12:22.242001241 +0100
-@@ -197,6 +197,7 @@ static const char * method_strmap[] = {
- 
- #define _MIN_READ(a, b) ((a) < (b) ? (a) : (b))
- 
-+#if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
- #define _str3_cmp(m, c0, c1, c2, c3) \
-     *(uint32_t *)m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)
- 
-@@ -226,6 +227,37 @@ static const char * method_strmap[] = {
-     *(uint32_t *)m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)        \
-     && ((uint32_t *)m)[1] == ((c7 << 24) | (c6 << 16) | (c5 << 8) | c4) \
-     && m[8] == c8
-+#elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
-+#define _str3_cmp(m, c0, c1, c2, c3) \
-+    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3)
-+
-+#define _str3Ocmp(m, c0, c1, c2, c3) \
-+    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3)
-+
-+#define _str4cmp(m, c0, c1, c2, c3) \
-+    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3)
-+
-+#define _str5cmp(m, c0, c1, c2, c3, c4)                          \
-+    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \
-+    && m[4] == c4
-+
-+#define _str6cmp(m, c0, c1, c2, c3, c4, c5)                      \
-+    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \
-+    && (((uint32_t *)m)[1] & 0xffff0000) == ((c4 << 24) | c5 << 16)
-+
-+#define _str7_cmp(m, c0, c1, c2, c3, c4, c5, c6, c7)             \
-+    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \
-+    && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7)
-+
-+#define _str8cmp(m, c0, c1, c2, c3, c4, c5, c6, c7)              \
-+    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \
-+    && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7)
-+
-+#define _str9cmp(m, c0, c1, c2, c3, c4, c5, c6, c7, c8)                 \
-+    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3)        \
-+    && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7) \
-+    && m[8] == c8
-+#endif
- 
- #define __HTPARSE_GENHOOK(__n)                                                    \
-     static inline int hook_ ## __n ## _run(htparser * p, htparse_hooks * hooks) { \
diff --git a/libs/libevhtp/patches/020-openssl-1.1-compatibility.patch b/libs/libevhtp/patches/020-openssl-1.1-compatibility.patch
deleted file mode 100644
index 70410e319..000000000
--- a/libs/libevhtp/patches/020-openssl-1.1-compatibility.patch
+++ /dev/null
@@ -1,132 +0,0 @@
---- a/evhtp.c
-+++ b/evhtp.c
-@@ -1817,16 +1817,15 @@ _evhtp_ssl_thread_lock(int mode, int typ
- #endif
- static void
- _evhtp_ssl_delete_scache_ent(evhtp_ssl_ctx_t * ctx, evhtp_ssl_sess_t * sess) {
--    evhtp_t         * htp;
--    evhtp_ssl_cfg_t * cfg;
--    unsigned char   * sid;
--    unsigned int      slen;
-+    evhtp_t          * htp;
-+    evhtp_ssl_cfg_t  * cfg;
-+    evhtp_ssl_data_t * sid;
-+    unsigned int       slen;
- 
-     htp  = (evhtp_t *)SSL_CTX_get_app_data(ctx);
-     cfg  = htp->ssl_cfg;
- 
--    sid  = sess->session_id;
--    slen = sess->session_id_length;
-+    sid = (evhtp_ssl_data_t *)SSL_SESSION_get_id(sess, &slen);
- 
-     if (cfg->scache_del) {
-         (cfg->scache_del)(htp, sid, slen);
-@@ -1837,14 +1836,17 @@ static int
- _evhtp_ssl_add_scache_ent(evhtp_ssl_t * ssl, evhtp_ssl_sess_t * sess) {
-     evhtp_connection_t * connection;
-     evhtp_ssl_cfg_t    * cfg;
--    unsigned char      * sid;
-+    evhtp_ssl_data_t   * sid;
-     int                  slen;
- 
-     connection = (evhtp_connection_t *)SSL_get_app_data(ssl);
--    cfg        = connection->htp->ssl_cfg;
-+    if (connection->htp == NULL)
-+    {
-+    	return 0;	/* We cannot get the ssl_cfg */
-+    }
- 
--    sid        = sess->session_id;
--    slen       = sess->session_id_length;
-+    cfg	= connection->htp->ssl_cfg;
-+    sid = (evhtp_ssl_data_t *)SSL_SESSION_get_id(sess, &slen);
- 
-     SSL_set_timeout(sess, cfg->scache_timeout);
- 
-@@ -1856,7 +1858,7 @@ _evhtp_ssl_add_scache_ent(evhtp_ssl_t *
- }
- 
- static evhtp_ssl_sess_t *
--_evhtp_ssl_get_scache_ent(evhtp_ssl_t * ssl, unsigned char * sid, int sid_len, int * copy) {
-+_evhtp_ssl_get_scache_ent(evhtp_ssl_t * ssl, evhtp_ssl_data_t * sid, int sid_len, int * copy) {
-     evhtp_connection_t * connection;
-     evhtp_ssl_cfg_t    * cfg;
-     evhtp_ssl_sess_t   * sess;
-@@ -1898,12 +1900,12 @@ _evhtp_ssl_servername(evhtp_ssl_t * ssl,
-         connection->vhost_via_sni = 1;
- 
-         SSL_set_SSL_CTX(ssl, evhtp_vhost->ssl_ctx);
--        SSL_set_options(ssl, SSL_CTX_get_options(ssl->ctx));
-+        SSL_set_options(ssl, SSL_CTX_get_options(SSL_get_SSL_CTX(ssl)));
- 
-         if ((SSL_get_verify_mode(ssl) == SSL_VERIFY_NONE) ||
-             (SSL_num_renegotiations(ssl) == 0)) {
--            SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ssl->ctx),
--                           SSL_CTX_get_verify_callback(ssl->ctx));
-+            SSL_set_verify(ssl, SSL_CTX_get_verify_mode(SSL_get_SSL_CTX(ssl)),
-+                           SSL_CTX_get_verify_callback(SSL_get_SSL_CTX(ssl)));
-         }
- 
-         return SSL_TLSEXT_ERR_OK;
-@@ -3197,15 +3199,21 @@ evhtp_ssl_init(evhtp_t * htp, evhtp_ssl_
-         return -1;
-     }
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-     SSL_library_init();
-     SSL_load_error_strings();
-+#endif
-     RAND_poll();
- 
-     STACK_OF(SSL_COMP) * comp_methods = SSL_COMP_get_compression_methods();
-     sk_SSL_COMP_zero(comp_methods);
- 
-     htp->ssl_cfg = cfg;
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-     htp->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
-+#else
-+    htp->ssl_ctx = SSL_CTX_new(TLS_server_method());
-+#endif
- 
- #if OPENSSL_VERSION_NUMBER >= 0x10000000L
-     SSL_CTX_set_options(htp->ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
-@@ -3242,7 +3250,11 @@ evhtp_ssl_init(evhtp_t * htp, evhtp_ssl_
-     SSL_CTX_set_verify(htp->ssl_ctx, cfg->verify_peer, cfg->x509_verify_cb);
- 
-     if (cfg->x509_chk_issued_cb != NULL) {
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-         htp->ssl_ctx->cert_store->check_issued = cfg->x509_chk_issued_cb;
-+#else
-+	X509_STORE_set_check_issued(SSL_CTX_get_cert_store(htp->ssl_ctx), cfg->x509_chk_issued_cb);
-+#endif
-     }
- 
-     if (cfg->verify_depth) {
---- a/evhtp.h
-+++ b/evhtp.h
-@@ -34,6 +34,11 @@ typedef SSL                       evhtp_
- typedef SSL_CTX                   evhtp_ssl_ctx_t;
- typedef X509                      evhtp_x509_t;
- typedef X509_STORE_CTX            evhtp_x509_store_ctx_t;
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+typedef unsigned char             evhtp_ssl_data_t;
-+#else
-+typedef const unsigned char       evhtp_ssl_data_t;
-+#endif
- #else
- typedef void                      evhtp_ssl_sess_t;
- typedef void                      evhtp_ssl_t;
-@@ -157,9 +162,9 @@ typedef int (*evhtp_headers_iterator)(ev
- typedef int (*evhtp_ssl_verify_cb)(int pre_verify, evhtp_x509_store_ctx_t * ctx);
- typedef int (*evhtp_ssl_chk_issued_cb)(evhtp_x509_store_ctx_t * ctx, evhtp_x509_t * x, evhtp_x509_t * issuer);
- 
--typedef int (*evhtp_ssl_scache_add)(evhtp_connection_t * connection, unsigned char * sid, int sid_len, evhtp_ssl_sess_t * sess);
--typedef void (*evhtp_ssl_scache_del)(evhtp_t * htp, unsigned char * sid, int sid_len);
--typedef evhtp_ssl_sess_t * (*evhtp_ssl_scache_get)(evhtp_connection_t * connection, unsigned char * sid, int sid_len);
-+typedef int (*evhtp_ssl_scache_add)(evhtp_connection_t * connection, evhtp_ssl_data_t * sid, int sid_len, evhtp_ssl_sess_t * sess);
-+typedef void (*evhtp_ssl_scache_del)(evhtp_t * htp, evhtp_ssl_data_t * sid, int sid_len);
-+typedef evhtp_ssl_sess_t * (*evhtp_ssl_scache_get)(evhtp_connection_t * connection, evhtp_ssl_data_t * sid, int sid_len);
- typedef void * (*evhtp_ssl_scache_init)(evhtp_t *);
- 
- #define EVHTP_VERSION           "1.2.0"
diff --git a/libs/libevhtp/patches/021-openssl-thread.patch b/libs/libevhtp/patches/021-openssl-thread.patch
deleted file mode 100644
index 4c370a1b9..000000000
--- a/libs/libevhtp/patches/021-openssl-thread.patch
+++ /dev/null
@@ -1,45 +0,0 @@
---- a/evhtp.c
-+++ b/evhtp.c
-@@ -1797,10 +1797,10 @@ _evhtp_accept_cb(evserv_t * serv, int fd, struct sockaddr * s, int sl, void * ar
- }
- 
- #ifndef EVHTP_DISABLE_SSL
--#ifndef EVHTP_DISABLE_EVTHR
--static unsigned long
--_evhtp_ssl_get_thread_id(void) {
--    return (unsigned long)pthread_self();
-+#if !defined(EVHTP_DISABLE_EVTHR) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
-+static void
-+_evhtp_ssl_get_thread_id(CRYPTO_THREADID *id) {
-+    CRYPTO_THREADID_set_numeric(id, (unsigned long)pthread_self());
- }
- 
- static void
-@@ -3050,7 +3050,9 @@ evhtp_use_threads(evhtp_t * htp, evhtp_thread_init_cb init_cb, int nthreads, voi
-     htp->thread_init_cbarg = arg;
- 
- #ifndef EVHTP_DISABLE_SSL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-     evhtp_ssl_use_threads();
-+#endif
- #endif
- 
-     if (!(htp->thr_pool = evthr_pool_new(nthreads, _evhtp_thread_init, htp))) {
-@@ -3161,7 +3163,7 @@ evhtp_set_post_accept_cb(evhtp_t * htp, evhtp_post_accept_cb cb, void * arg) {
- }
- 
- #ifndef EVHTP_DISABLE_SSL
--#ifndef EVHTP_DISABLE_EVTHR
-+#if !defined(EVHTP_DISABLE_EVTHR) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
- int
- evhtp_ssl_use_threads(void) {
-     int i;
-@@ -3179,7 +3181,7 @@ evhtp_ssl_use_threads(void) {
-         pthread_mutex_init(&(ssl_locks[i]), NULL);
-     }
- 
--    CRYPTO_set_id_callback(_evhtp_ssl_get_thread_id);
-+    CRYPTO_THREADID_set_callback(_evhtp_ssl_get_thread_id);
-     CRYPTO_set_locking_callback(_evhtp_ssl_thread_lock);
- 
-     return 0;
diff --git a/libs/libevhtp/patches/030-uclibc.patch b/libs/libevhtp/patches/030-uclibc.patch
deleted file mode 100644
index ae247fc80..000000000
--- a/libs/libevhtp/patches/030-uclibc.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/test_proxy.c
-+++ b/test_proxy.c
-@@ -5,6 +5,9 @@
- #include <errno.h>
- #include <evhtp.h>
- 
-+#ifndef SIGTERM
-+#define SIGTERM	15
-+#endif
- 
- int
- make_request(evbase_t         * evbase,
diff --git a/libs/libevhtp/patches/040-oniguruma.patch b/libs/libevhtp/patches/040-oniguruma.patch
deleted file mode 100644
index 5d457ab70..000000000
--- a/libs/libevhtp/patches/040-oniguruma.patch
+++ /dev/null
@@ -1,7 +0,0 @@
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -241,3 +241,4 @@ endif()
- install (FILES evhtp.h DESTINATION include)
- install (FILES htparse/htparse.h DESTINATION include)
- install (FILES evthr/evthr.h DESTINATION include)
-+install (FILES oniguruma/onigposix.h DESTINATION include)