diff options
| author |   Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-06-24 16:35:44 +0000 |
|---|---|---|
| committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-06-24 16:35:44 +0000 |
| commit | 22a78efd24f5de14bbadeb1619ecb3cb318aad65 (patch) | |
| tree | e47646747aa97dfb39c1ef3c2efae35d5b098792 /www-apache/mod_security | |
| parent | clamav bump (diff) | |
| download | historical-22a78efd24f5de14bbadeb1619ecb3cb318aad65.tar.gz historical-22a78efd24f5de14bbadeb1619ecb3cb318aad65.tar.bz2 historical-22a78efd24f5de14bbadeb1619ecb3cb318aad65.zip | |
Version bump to 2.7 RC2; add a new setting to the default config file for httpBL API key. Dropped sparc keyword due to libpcre's jit support.
Package-Manager: portage-2.2.0_alpha112/cvs/Linux x86_64
Diffstat (limited to 'www-apache/mod_security')
| -rw-r--r-- | www-apache/mod_security/ChangeLog | 12 | ||||
| -rw-r--r-- | www-apache/mod_security/Manifest | 19 | ||||
| -rw-r--r-- | www-apache/mod_security/files/2.5.10/99_mod_security.conf | 16 | ||||
| -rw-r--r-- | www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch | 26 | ||||
| -rw-r--r-- | www-apache/mod_security/files/modsecurity-2.7.conf | 15 | ||||
| -rw-r--r-- | www-apache/mod_security/mod_security-2.7.0_rc2.ebuild | 98 |
6 files changed, 135 insertions, 51 deletions
diff --git a/www-apache/mod_security/ChangeLog b/www-apache/mod_security/ChangeLog index d44b750fd7f0..0aeb69b8b2b0 100644 --- a/www-apache/mod_security/ChangeLog +++ b/www-apache/mod_security/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for www-apache/mod_security # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.75 2012/06/22 21:56:40 nativemad Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.76 2012/06/24 16:35:44 flameeyes Exp $ + +*mod_security-2.7.0_rc2 (24 Jun 2012) + + 24 Jun 2012; Diego E. Pettenò <flameeyes@gentoo.org> + +files/modsecurity-2.7.conf, +mod_security-2.7.0_rc2.ebuild, + -files/2.5.10/99_mod_security.conf, + -files/mod_security-2.5.10-as-needed.patch: + Version bump to 2.7 RC2; add a new setting to the default config file for + httpBL API key. Dropped sparc keyword due to libpcre's jit support. 22 Jun 2012; Andreas Schuerch <nativemad@gentoo.org> mod_security-2.6.6.ebuild: @@ -504,4 +513,3 @@ files/99_mod_security.conf, files/mod_security.conf: Initial version,e build written by dju` <dju @ elegiac.net>. Closes #32190. - diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest index ea2d2fe64fc7..daf58530da8e 100644 --- a/www-apache/mod_security/Manifest +++ b/www-apache/mod_security/Manifest @@ -1,19 +1,24 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -AUX 2.5.10/99_mod_security.conf 457 RMD160 8f0e24cdfa7a71487365b42fd194a87e5ce426a8 SHA1 2d3cf537fb777dca964a40de2f512245bf390641 SHA256 541fbaa2f62f501190cfef67bb760f2c4ef7aef7d260a544b3d8886aca6aea2d -AUX mod_security-2.5.10-as-needed.patch 1169 RMD160 56ea5b1de8673556a0cfff3db606824ccb092e92 SHA1 1417de57c5e3bce8bab6f37f6ef532be44140c6c SHA256 aa1086c66d10b40d4ae184dad1bf9fc18e2fc8c6c3474ad2537b1728a01bd8be +AUX modsecurity-2.7.conf 394 RMD160 582b35f85d880b992abe85914194067d9e294d50 SHA1 a5b1ce653c8838a91c183ce350c613a1b11e63fd SHA256 dba21b2c25146392aa0f2df66ca994d1c82222df26a842879fc3ca6a9096ae60 AUX modsecurity.conf 276 RMD160 b8b303a210d05770d307ee60bfcf1400ec83d968 SHA1 35badbac9fe301c18cdda5abacf578e81f36d607 SHA256 00b6f23a10c142828fafeb0362f23846f95ce5d2129a7a3c053dc20554bd078a DIST modsecurity-apache_2.6.3.tar.gz 780896 RMD160 102ce304bda05e6d0fd83ebeba27a88b5e0388fe SHA1 d21b8eab268f2614204323720159f7dfe3d9a205 SHA256 6ae9339623e582c965e6a188f7f61f540402a5af8c37cc7a8d22daa4565ca71b DIST modsecurity-apache_2.6.6.tar.gz 781984 RMD160 ac27b5d2da5a3b90b97714914592a8f7c3828b26 SHA1 18f3eba967d60abfe117e0e7866b68f763da711f SHA256 a0cb075d5898230d17da5805eb102d1bbba07fe0748dcc32920990c4711b7708 +DIST modsecurity-apache_2.7.0-rc2.tar.gz 812245 RMD160 f99421a47336bd87908d2315c600f0858b439873 SHA1 02f1becaca27284c09fc01fb3f580d86f590ef8e SHA256 7518afd6d2cdc55ab2b2ecf06c3a21f5b9f52790ae04e05c5644379224a97b45 EBUILD mod_security-2.6.3.ebuild 2493 RMD160 c01c5f1a78f2af14a5b8fdbe006d19294b1d56eb SHA1 e02bf7c58f6519e5d484573e78d0667356807504 SHA256 228a802db34c1b50f0218003c7e97e886ad096cff3e3cd23a6803e8d4ccbedfc EBUILD mod_security-2.6.6.ebuild 2451 RMD160 ef85bae530a055ce1b02db8c223ff6bd90611cfd SHA1 5215f305f892d02289adc98b86aa1569585b98e6 SHA256 a0449c6e2e9a479d2e1c84a166ab96a02fb4de74c3e994a51ed6537f19068737 -MISC ChangeLog 17844 RMD160 b85510470eecefb589cac855887379e3a198709c SHA1 862497f57cd4d9160aef8fb362a2517c53fad105 SHA256 762d66f9f39d78ad3380367ce408e9b788d08c817ae4fab0a40177302c7ac986 +EBUILD mod_security-2.7.0_rc2.ebuild 2585 RMD160 fc7fb27efc696b09d7984ac8cd587c4f3715f409 SHA1 c53bed449962e9315274ecc1da58152ed1a62463 SHA256 d74ba670b18e5307321c8d456cb3340667e8b6173546d5ab2cd1c341ea4d388d +MISC ChangeLog 18232 RMD160 cbc9b3f00c24ae0859a16d51aad8d80803dfadf0 SHA1 89c21f91e7448c5bdfd37a81650bbad54ad6c508 SHA256 6196f8d3a507eff52dd7f95aa3ef2d9d483cadfed1a16c41f23358495313c585 MISC metadata.xml 1314 RMD160 a5ef1462d8c1f9c3526d7eebd328f5aec6ac5396 SHA1 6047ee181f17636836d44bb8f907a3a4cd5448c7 SHA256 d9e91ba25184276208c7c8e5c6e513d0204c77c247d56c9627bd38f117539e0c -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.17 (GNU/Linux) +Version: GnuPG v2.0.19 (GNU/Linux) -iEYEARECAAYFAk/k6XgACgkQakKUmsHeVLKeDQCffBQPuXxZJA9Zet41lbi2TjDQ -31MAnA7h6MwGuqhLfzZeEnpS/bsTWbTD -=3MU/ +iQEcBAEBAgAGBQJP50H8AAoJEBzRPIrUMBNCBrsH/j9FFgK+j02o++QxigFtUMWA +US4FVnKdzRn8nYcJ9sfoBPTIH5aRtk+CrZf8BjpukEIDZ10K+KmfxZetE1g2kuSA +d5Eiu5GAW5hHtiNSpzXxYoEV52OpJ7K+9fTVE8w1n7Q58HUzG0Pw1K8YdxZ/ZKrC +dwyK+qWnIe6S9mUunYDPpcUZbvMMUmTsqqUaVaBrVuIVv3iP9ZKDmpAgOfaV9Sxd +Ub1AZXYqMa4FDtue2w7nyNF8K3YdQtqvUmWOItXO/w2zaSCI4SRH+OctWDJ1EnYF +HY+goiR9CeCJb0Bluxfq0p3LTjtw/8FgHuacCsEXE37dquS2AIWPNNXTHVMfdgU= +=1+fM -----END PGP SIGNATURE----- diff --git a/www-apache/mod_security/files/2.5.10/99_mod_security.conf b/www-apache/mod_security/files/2.5.10/99_mod_security.conf deleted file mode 100644 index d5ed8fa8b96d..000000000000 --- a/www-apache/mod_security/files/2.5.10/99_mod_security.conf +++ /dev/null @@ -1,16 +0,0 @@ -<IfDefine SECURITY> -LoadModule security2_module modules/mod_security2.so - -# this is only useful with either no core-rule-set, or with crs -# version 2.0.5 or later, as it doesn't set it. -SecDataDir /var/cache/mod_security - -# use Core Rule Set by default: -Include /etc/apache2/modules.d/mod_security/*.conf - -# Optionally use the other rules as well -# Include /etc/apache2/modules.d/mod_security/optional_rules/*.conf - -</IfDefine> - -# vim: ts=4 filetype=apache diff --git a/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch b/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch deleted file mode 100644 index f664d35efb54..000000000000 --- a/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -Naurp -Naurp modsecurity-apache_2.5.9.old/apache2/Makefile.in modsecurity-apache_2.5.9/apache2/Makefile.in ---- modsecurity-apache_2.5.9.old/apache2/Makefile.in 2009-07-02 19:18:31.000000000 +0200 -+++ modsecurity-apache_2.5.9/apache2/Makefile.in 2009-07-02 19:48:23.000000000 +0200 -@@ -52,11 +52,11 @@ APU_LIBS = @APU_LIBS@ - APU_LINK_LD = @APU_LINK_LD@ - - CPPFLAGS = @CPPFLAGS@ $(PCRE_CFLAGS) $(LIBXML2_CFLAGS) $(LUA_CFLAGS) --LIBS = @LIBS@ $(PCRE_LIBS) $(LIBXML2_LIBS) $(LUA_LIBS) -+LIBS = @LIBS@ $(PCRE_LIBS) $(LIBXML2_LIBS) $(LUA_LIBS) $(APXS_LIBS) $(APR_LIBS) $(APR_LINK_LD) $(APU_LIBS) $(APU_LINK_LD) - LDFLAGS = @LDFLAGS@ - CFLAGS = @CFLAGS@ - --COMPILE_APACHE_MOD = $(APXS_WRAPPER) -c $(CPPFLAGS) $(LDFLAGS) $(LIBS) -+COMPILE_APACHE_MOD = $(APXS_WRAPPER) -c $(CPPFLAGS) $(LDFLAGS) - - INSTALL_MOD_SHARED = $(APXS_WRAPPER) -i - -@@ -93,7 +93,7 @@ mod_security2.la: $(MOD_SECURITY2_H) *.c - src="$$src $$f.c"; \ - done; \ - rm -f msc_test msc_test.o msc_test.lo msc_test.slo; \ -- $(COMPILE_APACHE_MOD) $(APXS_EXTRA_CFLAGS) $(MODSEC_APXS_EXTRA_CFLAGS) $$src -+ $(COMPILE_APACHE_MOD) $(APXS_EXTRA_CFLAGS) $(MODSEC_APXS_EXTRA_CFLAGS) $$src $(LIBS) - - ### MLogC - mlogc: diff --git a/www-apache/mod_security/files/modsecurity-2.7.conf b/www-apache/mod_security/files/modsecurity-2.7.conf new file mode 100644 index 000000000000..43508bca635f --- /dev/null +++ b/www-apache/mod_security/files/modsecurity-2.7.conf @@ -0,0 +1,15 @@ +<IfDefine SECURITY> +LoadModule security2_module modules/mod_security2.so + +# Enable looking up geolocation data from MaxMind's GeoIP database +SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat + +SecDataDir /var/cache/modsecurity + +# Define here your http:BL API key if any +# see http://www.projecthoneypot.org/httpbl_api.php +#SecHttpBlKey xxxxxxxx +</IfDefine> + +# -*- apache -*- +# vim: ts=4 filetype=apache diff --git a/www-apache/mod_security/mod_security-2.7.0_rc2.ebuild b/www-apache/mod_security/mod_security-2.7.0_rc2.ebuild new file mode 100644 index 000000000000..e48d6dd63e7c --- /dev/null +++ b/www-apache/mod_security/mod_security-2.7.0_rc2.ebuild @@ -0,0 +1,98 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.7.0_rc2.ebuild,v 1.1 2012/06/24 16:35:44 flameeyes Exp $ + +EAPI=4 + +inherit apache-module + +MY_PN=modsecurity-apache +MY_PV=${PV/_rc/-rc} +MY_P=${MY_PN}_${MY_PV} + +DESCRIPTION="Web application firewall and Intrusion Detection System for Apache." +HOMEPAGE="http://www.modsecurity.org/" +SRC_URI="mirror://sourceforge/project/mod-security/${MY_PN}/${MY_PV}/${MY_P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="geoip curl lua jit" + +DEPEND=">=dev-libs/libxml2-2.7.8 + dev-libs/libpcre[jit?] + lua? ( >=dev-lang/lua-5.1 ) + curl? ( >=net-misc/curl-7.15.1 ) + www-servers/apache[apache2_modules_unique_id]" +RDEPEND="${DEPEND} + geoip? ( dev-libs/geoip )" +PDEPEND=">=www-apache/modsecurity-crs-2.2.5" + +S="${WORKDIR}/${MY_P}" + +APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" +APACHE2_MOD_DEFINE="SECURITY" + +# Tests require symbols only defined within the Apache binary. +RESTRICT=test + +need_apache2 + +src_prepare() { + cp "${FILESDIR}"/modsecurity-2.7.conf "${T}"/79_modsecurity.conf || die +} + +src_configure() { + econf \ + --enable-shared --disable-static \ + --with-apxs="${APXS}" \ + --enable-request-early \ + $(use_enable curl mlogc) \ + $(use_with lua) \ + $(use_enable jit pcre jit) \ + || die "econf failed" +} + +src_compile() { + if ! use geoip; then + sed -i -e '/SecGeoLookupDb/s:^:#:' \ + "${T}"/79_modsecurity.conf || die + fi + + emake || die +} + +src_test() { + emake check || die +} + +src_install() { + apache-module_src_install + + # install manually rather than by using the APACHE2_MOD_CONF + # variable since we have to edit it to set things up properly. + insinto "${APACHE_MODULES_CONFDIR}" + doins "${T}"/79_modsecurity.conf + + dodoc CHANGES NOTICE README.TXT README_WINDOWS.TXT + + dohtml -r doc/* + + keepdir /var/cache/modsecurity + fowners apache:apache /var/cache/modsecurity + fperms 0770 /var/cache/modsecurity +} + +pkg_postinst() { + if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then + ewarn "You still have the configuration file 99_mod_security.conf." + ewarn "Please make sure to remove that and keep only 79_modsecurity.conf." + ewarn "" + fi + elog "The base configuration file has been renamed 79_modsecurity.conf" + elog "so that you can put your own configuration as 90_modsecurity_local.conf or" + elog "equivalent." + elog "" + elog "That would be the correct place for site-global security rules." + elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" +} |