From 7fa4d11df32cf5ac78b681bdece2c779868ecd31 Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach-cyber.com>
Date: Thu, 3 Oct 2024 12:35:29 +0200
Subject: [PATCH 1/3] Fix for #3255 We don't have to generate a temp name
 ourselves, it'll be done in apr_global_mutex_create(). We don't have to
 provide a filename, apr_global_mutex_create() generates one automatically.
 Moreover, under Unix & Windows, the preferred mechanism won't use a file at
 all. apr_file_mktemp() cannot be used as it creates the file (at least on
 FreeBSD). Discussion in Apache mailing list:
 https://lists.apache.org/thread/ykb26kg4lgcqnldvxwd9p6hv16fy4z9l

---
 apache2/modsecurity.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h
index d1aa1d8346..b3976f9366 100644
--- a/apache2/modsecurity.h
+++ b/apache2/modsecurity.h
@@ -135,8 +135,6 @@ typedef struct msc_parm msc_parm;
 
 #define FATAL_ERROR "ModSecurity: Fatal error (memory allocation or unexpected internal error)!"
 
-#define GLOBAL_LOCK_TEMPLATE "/modsec-lock-tmp.XXXXXX"
-
 extern DSOLOCAL char *new_server_signature;
 extern DSOLOCAL char *real_server_signature;
 extern DSOLOCAL char *chroot_dir;
@@ -707,6 +705,8 @@ struct msc_parm {
 
 /* Reusable functions */
 int acquire_global_lock(apr_global_mutex_t **lock, apr_pool_t *mp);
+int msr_global_mutex_lock(modsec_rec* msr, apr_global_mutex_t* lock, const char* fct);
+int msr_global_mutex_unlock(modsec_rec* msr, apr_global_mutex_t* lock, const char* fct);
 
 /* Engine functions */
 

From ade685b8f93ef697fb8a51ff7598354fa90457a4 Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach-cyber.com>
Date: Thu, 3 Oct 2024 12:39:23 +0200
Subject: [PATCH 2/3] Fix for #3255 We don't have to generate a temp name
 ourselves, it'll be done in apr_global_mutex_create(). We don't have to
 provide a filename, apr_global_mutex_create() generates one automatically.
 Moreover, under Unix & Windows, the preferred mechanism won't use a file at
 all. apr_file_mktemp() cannot be used as it creates the file (at least on
 FreeBSD). Discussion in Apache mailing list:
 https://lists.apache.org/thread/ykb26kg4lgcqnldvxwd9p6hv16fy4z9l

---
 apache2/modsecurity.c | 25 +------------------------
 1 file changed, 1 insertion(+), 24 deletions(-)

diff --git a/apache2/modsecurity.c b/apache2/modsecurity.c
index 55150afe23..055f387f7b 100644
--- a/apache2/modsecurity.c
+++ b/apache2/modsecurity.c
@@ -123,30 +123,7 @@ msc_engine *modsecurity_create(apr_pool_t *mp, int processing_mode) {
 }
 
 int acquire_global_lock(apr_global_mutex_t **lock, apr_pool_t *mp) {
-    apr_status_t rc;
-    apr_file_t *lock_name;
-    const char *temp_dir;
-    const char *filename;
-
-    // get platform temp dir
-    rc = apr_temp_dir_get(&temp_dir, mp);
-    if (rc != APR_SUCCESS) {
-        ap_log_perror(APLOG_MARK, APLOG_ERR, 0, mp, "ModSecurity: Could not get temp dir");
-        return -1;
-    }
-
-    // use temp path template for lock files
-    char *path = apr_pstrcat(mp, temp_dir, GLOBAL_LOCK_TEMPLATE, NULL);
-
-    rc = apr_file_mktemp(&lock_name, path, 0, mp);
-    if (rc != APR_SUCCESS) {
-        ap_log_perror(APLOG_MARK, APLOG_ERR, 0, mp, " ModSecurity: Could not create temporary file for global lock");
-        return -1;
-    }
-    // below func always return APR_SUCCESS
-    apr_file_name_get(&filename, lock_name);
-
-    rc = apr_global_mutex_create(lock, filename, APR_LOCK_DEFAULT, mp);
+    apr_status_t rc = apr_global_mutex_create(lock, NULL, APR_LOCK_DEFAULT, mp);
     if (rc != APR_SUCCESS) {
         ap_log_perror(APLOG_MARK, APLOG_ERR, 0, mp, " ModSecurity: Could not create global mutex");
         return -1;

From b9ca2634e86c588b9a21e75cf1c132fa8bc25624 Mon Sep 17 00:00:00 2001
From: Marc Stern <sternmarc@hotmail.coms>
Date: Tue, 12 Nov 2024 17:42:06 +0100
Subject: [PATCH 3/3] removed irrelevant prototypes

---
 apache2/modsecurity.h | 2 --
 1 file changed, 2 deletions(-)

diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h
index b3976f9366..1537ff968c 100644
--- a/apache2/modsecurity.h
+++ b/apache2/modsecurity.h
@@ -705,8 +705,6 @@ struct msc_parm {
 
 /* Reusable functions */
 int acquire_global_lock(apr_global_mutex_t **lock, apr_pool_t *mp);
-int msr_global_mutex_lock(modsec_rec* msr, apr_global_mutex_t* lock, const char* fct);
-int msr_global_mutex_unlock(modsec_rec* msr, apr_global_mutex_t* lock, const char* fct);
 
 /* Engine functions */