From 74229fe9f145578948cde5597c3945ff662372e9 Mon Sep 17 00:00:00 2001
From: Chris Moerz <freebsd@ny-central.org>
Date: Fri, 3 Nov 2023 09:18:27 +0100
Subject: security/sshguard: fix logging of entries with hostnames

With work from martin@lispworks.com

PR:		272249
Reported by:	martin@lispworks.com
Approved by:	kevinz5000@gmail.com (maintainer)

(cherry picked from commit efda5c514648db7c2bbacaa7a57dfa946dd9f054)
---
 security/sshguard/Makefile                                    |  3 +--
 security/sshguard/distinfo                                    |  6 +++---
 .../sshguard/files/patch-src_blocker_sshguard__whitelist.c    | 11 -----------
 security/sshguard/files/patch-src_parser_attack__scanner.l    | 11 +++++++++++
 4 files changed, 15 insertions(+), 16 deletions(-)
 delete mode 100644 security/sshguard/files/patch-src_blocker_sshguard__whitelist.c
 create mode 100644 security/sshguard/files/patch-src_parser_attack__scanner.l

diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile
index c1ec357278cd..c3d163ba6cab 100644
--- a/security/sshguard/Makefile
+++ b/security/sshguard/Makefile
@@ -1,6 +1,5 @@
 PORTNAME=	sshguard
-PORTVERSION=	2.4.2
-PORTREVISION=	2
+PORTVERSION=	2.4.3
 PORTEPOCH=	1
 CATEGORIES=	security
 MASTER_SITES=	SF/sshguard/sshguard/${PORTVERSION}
diff --git a/security/sshguard/distinfo b/security/sshguard/distinfo
index df01aba97817..f0d1d8cc34ad 100644
--- a/security/sshguard/distinfo
+++ b/security/sshguard/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1622991099
-SHA256 (sshguard-2.4.2.tar.gz) = 2770b776e5ea70a9bedfec4fd84d57400afa927f0f7522870d2dcbbe1ace37e8
-SIZE (sshguard-2.4.2.tar.gz) = 835431
+TIMESTAMP = 1698823793
+SHA256 (sshguard-2.4.3.tar.gz) = 64029deff6de90fdeefb1f497d414f0e4045076693a91da1a70eb7595e97efeb
+SIZE (sshguard-2.4.3.tar.gz) = 1118756
diff --git a/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c b/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c
deleted file mode 100644
index 6e468872f458..000000000000
--- a/security/sshguard/files/patch-src_blocker_sshguard__whitelist.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/blocker/sshguard_whitelist.c.orig	2020-12-31 17:06:03 UTC
-+++ src/blocker/sshguard_whitelist.c
-@@ -275,7 +275,7 @@ int whitelist_add_block6(const char *restrict address,
-     bitlen = masklen % 8;
-     bitmask = 0xFF << (8 - bitlen);
-     ab.address.ip6.mask.s6_addr[bytelen] = bitmask;
--    memset(& ab.address.ip6.mask.s6_addr[bytelen+1], 0x00, sizeof(ab.address.ip6.mask.s6_addr) - bytelen);
-+    memset(& ab.address.ip6.mask.s6_addr[bytelen+1], 0x00, sizeof(ab.address.ip6.mask.s6_addr) - bytelen - 1);
- 
-     if (! list_contains(& whitelist, &ab)) {
-         list_append(& whitelist, &ab);
diff --git a/security/sshguard/files/patch-src_parser_attack__scanner.l b/security/sshguard/files/patch-src_parser_attack__scanner.l
new file mode 100644
index 000000000000..b8e1abb51e74
--- /dev/null
+++ b/security/sshguard/files/patch-src_parser_attack__scanner.l
@@ -0,0 +1,11 @@
+--- src/parser/attack_scanner.l.orig	2021-03-01 01:01:21 UTC
++++ src/parser/attack_scanner.l
+@@ -247,7 +247,7 @@ HTTP_LOGIN_200OK_BAD       .*({WORDPRESS_LOGIN}|{TYPO3
+ 
+  /* cyrus-imap login error */
+ "badlogin: "[^\[]*"["                                           { BEGIN(cyrusimap_loginerr); return CYRUSIMAP_SASL_LOGINERR_PREF; }
+-<cyrusimap_loginerr>"] ".*"SASL".*"failed".?$                   { BEGIN(INITIAL); return CYRUSIMAP_SASL_LOGINERR_SUFF; }
++<cyrusimap_loginerr>"] ".*"SASL".*"fail".*$                   { BEGIN(INITIAL); return CYRUSIMAP_SASL_LOGINERR_SUFF; }
+ 
+  /* postfix */
+ "warning: "({WORD}|{HOSTADDR})"["                               { BEGIN(postfix_loginerr); return POSTFIX_SASL_LOGINERR_PREF; }
-- 
cgit v1.2.3