diff options
author | Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-06-24 16:35:44 +0000 |
---|---|---|
committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-06-24 16:35:44 +0000 |
commit | f7ee621301d62f9da4bd00d63a691fd10fa0620e (patch) | |
tree | 17d8e8b9a54b87e3b9e663e2097b479633e4f44f /www-apache/mod_security | |
parent | clamav bump (diff) | |
download | gentoo-2-f7ee621301d62f9da4bd00d63a691fd10fa0620e.tar.gz gentoo-2-f7ee621301d62f9da4bd00d63a691fd10fa0620e.tar.bz2 gentoo-2-f7ee621301d62f9da4bd00d63a691fd10fa0620e.zip |
Version bump to 2.7 RC2; add a new setting to the default config file for httpBL API key. Dropped sparc keyword due to libpcre's jit support.
(Portage version: 2.2.0_alpha112/cvs/Linux x86_64)
Diffstat (limited to 'www-apache/mod_security')
5 files changed, 123 insertions, 44 deletions
diff --git a/www-apache/mod_security/ChangeLog b/www-apache/mod_security/ChangeLog index d44b750fd7f0..0aeb69b8b2b0 100644 --- a/www-apache/mod_security/ChangeLog +++ b/www-apache/mod_security/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for www-apache/mod_security # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.75 2012/06/22 21:56:40 nativemad Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.76 2012/06/24 16:35:44 flameeyes Exp $ + +*mod_security-2.7.0_rc2 (24 Jun 2012) + + 24 Jun 2012; Diego E. Pettenò <flameeyes@gentoo.org> + +files/modsecurity-2.7.conf, +mod_security-2.7.0_rc2.ebuild, + -files/2.5.10/99_mod_security.conf, + -files/mod_security-2.5.10-as-needed.patch: + Version bump to 2.7 RC2; add a new setting to the default config file for + httpBL API key. Dropped sparc keyword due to libpcre's jit support. 22 Jun 2012; Andreas Schuerch <nativemad@gentoo.org> mod_security-2.6.6.ebuild: @@ -504,4 +513,3 @@ files/99_mod_security.conf, files/mod_security.conf: Initial version,e build written by dju` <dju @ elegiac.net>. Closes #32190. - diff --git a/www-apache/mod_security/files/2.5.10/99_mod_security.conf b/www-apache/mod_security/files/2.5.10/99_mod_security.conf deleted file mode 100644 index d5ed8fa8b96d..000000000000 --- a/www-apache/mod_security/files/2.5.10/99_mod_security.conf +++ /dev/null @@ -1,16 +0,0 @@ -<IfDefine SECURITY> -LoadModule security2_module modules/mod_security2.so - -# this is only useful with either no core-rule-set, or with crs -# version 2.0.5 or later, as it doesn't set it. -SecDataDir /var/cache/mod_security - -# use Core Rule Set by default: -Include /etc/apache2/modules.d/mod_security/*.conf - -# Optionally use the other rules as well -# Include /etc/apache2/modules.d/mod_security/optional_rules/*.conf - -</IfDefine> - -# vim: ts=4 filetype=apache diff --git a/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch b/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch deleted file mode 100644 index f664d35efb54..000000000000 --- a/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -Naurp -Naurp modsecurity-apache_2.5.9.old/apache2/Makefile.in modsecurity-apache_2.5.9/apache2/Makefile.in ---- modsecurity-apache_2.5.9.old/apache2/Makefile.in 2009-07-02 19:18:31.000000000 +0200 -+++ modsecurity-apache_2.5.9/apache2/Makefile.in 2009-07-02 19:48:23.000000000 +0200 -@@ -52,11 +52,11 @@ APU_LIBS = @APU_LIBS@ - APU_LINK_LD = @APU_LINK_LD@ - - CPPFLAGS = @CPPFLAGS@ $(PCRE_CFLAGS) $(LIBXML2_CFLAGS) $(LUA_CFLAGS) --LIBS = @LIBS@ $(PCRE_LIBS) $(LIBXML2_LIBS) $(LUA_LIBS) -+LIBS = @LIBS@ $(PCRE_LIBS) $(LIBXML2_LIBS) $(LUA_LIBS) $(APXS_LIBS) $(APR_LIBS) $(APR_LINK_LD) $(APU_LIBS) $(APU_LINK_LD) - LDFLAGS = @LDFLAGS@ - CFLAGS = @CFLAGS@ - --COMPILE_APACHE_MOD = $(APXS_WRAPPER) -c $(CPPFLAGS) $(LDFLAGS) $(LIBS) -+COMPILE_APACHE_MOD = $(APXS_WRAPPER) -c $(CPPFLAGS) $(LDFLAGS) - - INSTALL_MOD_SHARED = $(APXS_WRAPPER) -i - -@@ -93,7 +93,7 @@ mod_security2.la: $(MOD_SECURITY2_H) *.c - src="$$src $$f.c"; \ - done; \ - rm -f msc_test msc_test.o msc_test.lo msc_test.slo; \ -- $(COMPILE_APACHE_MOD) $(APXS_EXTRA_CFLAGS) $(MODSEC_APXS_EXTRA_CFLAGS) $$src -+ $(COMPILE_APACHE_MOD) $(APXS_EXTRA_CFLAGS) $(MODSEC_APXS_EXTRA_CFLAGS) $$src $(LIBS) - - ### MLogC - mlogc: diff --git a/www-apache/mod_security/files/modsecurity-2.7.conf b/www-apache/mod_security/files/modsecurity-2.7.conf new file mode 100644 index 000000000000..43508bca635f --- /dev/null +++ b/www-apache/mod_security/files/modsecurity-2.7.conf @@ -0,0 +1,15 @@ +<IfDefine SECURITY> +LoadModule security2_module modules/mod_security2.so + +# Enable looking up geolocation data from MaxMind's GeoIP database +SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat + +SecDataDir /var/cache/modsecurity + +# Define here your http:BL API key if any +# see http://www.projecthoneypot.org/httpbl_api.php +#SecHttpBlKey xxxxxxxx +</IfDefine> + +# -*- apache -*- +# vim: ts=4 filetype=apache diff --git a/www-apache/mod_security/mod_security-2.7.0_rc2.ebuild b/www-apache/mod_security/mod_security-2.7.0_rc2.ebuild new file mode 100644 index 000000000000..e48d6dd63e7c --- /dev/null +++ b/www-apache/mod_security/mod_security-2.7.0_rc2.ebuild @@ -0,0 +1,98 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.7.0_rc2.ebuild,v 1.1 2012/06/24 16:35:44 flameeyes Exp $ + +EAPI=4 + +inherit apache-module + +MY_PN=modsecurity-apache +MY_PV=${PV/_rc/-rc} +MY_P=${MY_PN}_${MY_PV} + +DESCRIPTION="Web application firewall and Intrusion Detection System for Apache." +HOMEPAGE="http://www.modsecurity.org/" +SRC_URI="mirror://sourceforge/project/mod-security/${MY_PN}/${MY_PV}/${MY_P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="geoip curl lua jit" + +DEPEND=">=dev-libs/libxml2-2.7.8 + dev-libs/libpcre[jit?] + lua? ( >=dev-lang/lua-5.1 ) + curl? ( >=net-misc/curl-7.15.1 ) + www-servers/apache[apache2_modules_unique_id]" +RDEPEND="${DEPEND} + geoip? ( dev-libs/geoip )" +PDEPEND=">=www-apache/modsecurity-crs-2.2.5" + +S="${WORKDIR}/${MY_P}" + +APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" +APACHE2_MOD_DEFINE="SECURITY" + +# Tests require symbols only defined within the Apache binary. +RESTRICT=test + +need_apache2 + +src_prepare() { + cp "${FILESDIR}"/modsecurity-2.7.conf "${T}"/79_modsecurity.conf || die +} + +src_configure() { + econf \ + --enable-shared --disable-static \ + --with-apxs="${APXS}" \ + --enable-request-early \ + $(use_enable curl mlogc) \ + $(use_with lua) \ + $(use_enable jit pcre jit) \ + || die "econf failed" +} + +src_compile() { + if ! use geoip; then + sed -i -e '/SecGeoLookupDb/s:^:#:' \ + "${T}"/79_modsecurity.conf || die + fi + + emake || die +} + +src_test() { + emake check || die +} + +src_install() { + apache-module_src_install + + # install manually rather than by using the APACHE2_MOD_CONF + # variable since we have to edit it to set things up properly. + insinto "${APACHE_MODULES_CONFDIR}" + doins "${T}"/79_modsecurity.conf + + dodoc CHANGES NOTICE README.TXT README_WINDOWS.TXT + + dohtml -r doc/* + + keepdir /var/cache/modsecurity + fowners apache:apache /var/cache/modsecurity + fperms 0770 /var/cache/modsecurity +} + +pkg_postinst() { + if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then + ewarn "You still have the configuration file 99_mod_security.conf." + ewarn "Please make sure to remove that and keep only 79_modsecurity.conf." + ewarn "" + fi + elog "The base configuration file has been renamed 79_modsecurity.conf" + elog "so that you can put your own configuration as 90_modsecurity_local.conf or" + elog "equivalent." + elog "" + elog "That would be the correct place for site-global security rules." + elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" +} |