summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDiego Elio Pettenò <flameeyes@gentoo.org>2011-03-28 21:58:59 +0000
committerDiego Elio Pettenò <flameeyes@gentoo.org>2011-03-28 21:58:59 +0000
commit68524a7a28ab447f8ccb7751782863d6be24c12a (patch)
treebcff3e64990f3f940dd853e104d4d1894a0f79bb /www-apache
parentVersion bump. (diff)
downloadhistorical-68524a7a28ab447f8ccb7751782863d6be24c12a.tar.gz
historical-68524a7a28ab447f8ccb7751782863d6be24c12a.tar.bz2
historical-68524a7a28ab447f8ccb7751782863d6be24c12a.zip
Cleanup ebuild, port to EAPI=3; add geoip USE flag to bring in dev-libs/geoip and set it up.
Package-Manager: portage-2.2.0_alpha29/cvs/Linux x86_64
Diffstat (limited to 'www-apache')
-rw-r--r--www-apache/mod_security/ChangeLog9
-rw-r--r--www-apache/mod_security/Manifest16
-rw-r--r--www-apache/mod_security/files/2.5.13/79_mod_security.conf16
-rw-r--r--www-apache/mod_security/files/modsecurity.conf (renamed from www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf)3
-rw-r--r--www-apache/mod_security/metadata.xml7
-rw-r--r--www-apache/mod_security/mod_security-2.5.13-r1.ebuild99
-rw-r--r--www-apache/mod_security/mod_security-2.5.13-r2.ebuild39
7 files changed, 49 insertions, 140 deletions
diff --git a/www-apache/mod_security/ChangeLog b/www-apache/mod_security/ChangeLog
index b8f2ccc51277..539e95c75d19 100644
--- a/www-apache/mod_security/ChangeLog
+++ b/www-apache/mod_security/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for www-apache/mod_security
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.50 2011/03/23 23:05:00 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.51 2011/03/28 21:58:58 flameeyes Exp $
+
+ 28 Mar 2011; Diego E. Pettenò <flameeyes@gentoo.org>
+ +files/modsecurity.conf, -files/2.5.13-r2/79_modsecurity.conf,
+ -files/2.5.13/79_mod_security.conf, -mod_security-2.5.13-r1.ebuild,
+ mod_security-2.5.13-r2.ebuild, metadata.xml:
+ Cleanup ebuild, port to EAPI=3; add geoip USE flag to bring in dev-libs/geoip
+ and set it up.
*mod_security-2.5.13-r2 (23 Mar 2011)
diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest
index 57e4adc6515b..b0ccd2c4df61 100644
--- a/www-apache/mod_security/Manifest
+++ b/www-apache/mod_security/Manifest
@@ -2,20 +2,18 @@
Hash: SHA1
AUX 2.5.10/99_mod_security.conf 457 RMD160 8f0e24cdfa7a71487365b42fd194a87e5ce426a8 SHA1 2d3cf537fb777dca964a40de2f512245bf390641 SHA256 541fbaa2f62f501190cfef67bb760f2c4ef7aef7d260a544b3d8886aca6aea2d
-AUX 2.5.13-r2/79_modsecurity.conf 166 RMD160 6eafb86894d50f7a2319b1c55acb04d1b8a79f45 SHA1 09ef3129d1abb6634bdf01607fa4b47e0a5e0650 SHA256 641a1eb86f9ee38b7b04e564c13b02f24833ffd7df494935d8a6917568ed1e6c
-AUX 2.5.13/79_mod_security.conf 472 RMD160 9fdc0d82806271b62d2265a934b4e3dcfec09d14 SHA1 cc7e75bc25c9d0ca293393875a3f799ec95f4d94 SHA256 4a228f2a1006745bcbd1cd12a0846f421783a837e3c0f9e2b0ef7b08efb8d1a9
AUX mod_security-2.5.10-as-needed.patch 1169 RMD160 56ea5b1de8673556a0cfff3db606824ccb092e92 SHA1 1417de57c5e3bce8bab6f37f6ef532be44140c6c SHA256 aa1086c66d10b40d4ae184dad1bf9fc18e2fc8c6c3474ad2537b1728a01bd8be
+AUX modsecurity.conf 276 RMD160 b8b303a210d05770d307ee60bfcf1400ec83d968 SHA1 35badbac9fe301c18cdda5abacf578e81f36d607 SHA256 00b6f23a10c142828fafeb0362f23846f95ce5d2129a7a3c053dc20554bd078a
DIST modsecurity-apache_2.5.12.tar.gz 1392209 RMD160 e7dae0754e5866c247083f1291bcd5cd08db87d5 SHA1 eb2068e5d31525fa53769dabd1a1c65896fd4e76 SHA256 168bb6591a0f9665169e0ed223a00d63a1c87e11d1e56388abcf431f30efaa84
DIST modsecurity-apache_2.5.13.tar.gz 1406635 RMD160 18d598462e7fedc02019f2612002bd0acbcb61fa SHA1 c498277a93de6c8ced2bd204d09c8a91a487fc1f SHA256 0d570fa602c5bbb231f467ace2abb35e4cd0647fd962d4bc21eac1a1efed8b6a
EBUILD mod_security-2.5.12.ebuild 3780 RMD160 93051a495325ef39354c8f7cd0ecfd202a537db9 SHA1 8d638448793d19bd1e74b1017cdda5632a48664b SHA256 2eb168002097badb690bf895e1770171c98b0f3aaf60828e435c960ce4737fd7
-EBUILD mod_security-2.5.13-r1.ebuild 2317 RMD160 ccb2a826a38040f348f456f7c5d65fb9e0f6ec62 SHA1 323aa8e2a7eb662f786cfe6fc3e3c4b0d77221a4 SHA256 fd4c00d1cc92aa6afc2091b079f568ff0b994a92890af95c63770afe369945ee
-EBUILD mod_security-2.5.13-r2.ebuild 2389 RMD160 02f4238e76ef5e7db210299ffa7bf7a93d91429b SHA1 e907e748552b69660ef84c0aed9e2dbcace623a2 SHA256 4259fb7d744e11a4f3a2473b71b101126c6e3cc6103afc259ef3abecca9fb61d
-MISC ChangeLog 13574 RMD160 8fbea47831afecfbce48b8e541a565ced2fa307a SHA1 70cded818d706288a2d854ec8477a479f9acd3ca SHA256 0df4464c9c15099f34f9835798bd0d23ee64968a7a0508fc05c00818b5b5e022
-MISC metadata.xml 897 RMD160 31443d00b492a9e39bba6556c867c9c84775560e SHA1 e96370de59f922a1ed1b46920e82a16fff04bb54 SHA256 6acdb58a20b4004b0d571df0183e7090f8eb97f904028c84bcecece8cf64f547
+EBUILD mod_security-2.5.13-r2.ebuild 2858 RMD160 ba2e1eef13ffaba6d35d3aa25b117807129ae5bd SHA1 96626711783fd6151016dcc7989ffe188c2a94ab SHA256 213750542f3c51eb89889514e0803b9fa6507a3dc5de20a5ff65ac498e2f5986
+MISC ChangeLog 13910 RMD160 90c6b9167de3d36c85fe084ed75023fe9ebf812a SHA1 9437bc91bf0b6cfbeae2361143608e8fec4a4c01 SHA256 38ce6434eb87124b3598f45040a8bd05da8bf2c3d797dfd7d197029f0fa79e83
+MISC metadata.xml 1174 RMD160 5f3a8ef78cb446f3896ed0d8007b84b0843129b2 SHA1 907b58cdf35cb47dec20ef9adbcebdf0ad92c799 SHA256 d8912fd55c69fa4542e89395595171bed520638a2627fc7fee71e7e2bfbab4e6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
-iEYEARECAAYFAk2KfIoACgkQAiZjviIA2Xg8ngCghVw7PJtH83RsuNA79MZdnnin
-VrAAoJFIiOY1P3fW1b7MLsLtNVTwi7r+
-=gi9g
+iEYEARECAAYFAk2RBKcACgkQAiZjviIA2XhR8QCdF3WTvh2TeFLf4KKQM1YwgBY3
+XC0AoOUWBTovSWoXlzAR2JZ5/CGwWzw8
+=yqpX
-----END PGP SIGNATURE-----
diff --git a/www-apache/mod_security/files/2.5.13/79_mod_security.conf b/www-apache/mod_security/files/2.5.13/79_mod_security.conf
deleted file mode 100644
index ba1fb64729a4..000000000000
--- a/www-apache/mod_security/files/2.5.13/79_mod_security.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-<IfDefine SECURITY>
-LoadModule security2_module modules/mod_security2.so
-
-SecDataDir /var/cache/mod_security
-
-# use Core Rule Set by default, but no optional or experimental rules
-Include /etc/apache2/modules.d/mod_security/*.conf
-
-# Optionally use the other rules as well
-# Include /etc/apache2/modules.d/mod_security/optional_rules/*.conf
-# Include /etc/apache2/modules.d/mod_security/experimental_rules/*.conf
-
-</IfDefine>
-
-# -*- apache -*-
-# vim: ts=4 filetype=apache
diff --git a/www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf b/www-apache/mod_security/files/modsecurity.conf
index 77a42bab1920..254ecf4094b8 100644
--- a/www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf
+++ b/www-apache/mod_security/files/modsecurity.conf
@@ -1,6 +1,9 @@
<IfDefine SECURITY>
LoadModule security2_module modules/mod_security2.so
+# Enable looking up geolocation data from MaxMind's GeoIP database
+SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat
+
SecDataDir /var/cache/modsecurity
</IfDefine>
diff --git a/www-apache/mod_security/metadata.xml b/www-apache/mod_security/metadata.xml
index 5088fa888ba7..11837ee42647 100644
--- a/www-apache/mod_security/metadata.xml
+++ b/www-apache/mod_security/metadata.xml
@@ -20,5 +20,12 @@
applications, including Rails-based web applications and
Bugzilla.
</flag>
+
+ <flag name='geoip'>
+ Configure ModSecurity to query the GeoIP database from MaxMind,
+ provided by <pkg>dev-libs/geoip</pkg>. This flag only controls
+ the default configuration, as the GeoIP query code is part of
+ ModSecurity's source code.
+ </flag>
</use>
</pkgmetadata>
diff --git a/www-apache/mod_security/mod_security-2.5.13-r1.ebuild b/www-apache/mod_security/mod_security-2.5.13-r1.ebuild
deleted file mode 100644
index 67ead0a842fc..000000000000
--- a/www-apache/mod_security/mod_security-2.5.13-r1.ebuild
+++ /dev/null
@@ -1,99 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r1.ebuild,v 1.2 2011/02/26 14:44:27 xarthisius Exp $
-
-EAPI=2
-
-inherit apache-module autotools
-
-MY_P=${P/mod_security-/modsecurity-apache_}
-MY_P=${MY_P/_rc/-rc}
-
-DESCRIPTION="Web application firewall and Intrusion Detection System for Apache."
-HOMEPAGE="http://www.modsecurity.org/"
-SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~ppc ~sparc ~x86"
-IUSE="lua"
-
-DEPEND="dev-libs/libxml2
- lua? ( >=dev-lang/lua-5.1 )
- www-servers/apache[apache2_modules_unique_id]"
-RDEPEND="${DEPEND}"
-PDEPEND="www-apache/modsecurity-crs"
-
-S="${WORKDIR}/${MY_P}"
-
-APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
-APACHE2_MOD_CONF="2.5.13/79_mod_security"
-APACHE2_MOD_DEFINE="SECURITY"
-
-need_apache2
-
-src_prepare() {
- epatch "${FILESDIR}"/${PN}-2.5.10-as-needed.patch
-
- cd apache2
- eautoreconf
-}
-
-src_configure() {
- cd apache2
-
- econf --with-apxs="${APXS}" \
- --without-curl \
- $(use_with lua) \
- || die "econf failed"
-}
-
-src_compile() {
- cd apache2
-
- APXS_FLAGS=
- for flag in ${CFLAGS}; do
- APXS_FLAGS="${APXS_FLAGS} -Wc,${flag}"
- done
-
- # Yes we need to prefix it _twice_
- for flag in ${LDFLAGS}; do
- APXS_FLAGS="${APXS_FLAGS} -Wl,${flag}"
- done
-
- emake \
- APXS_CFLAGS="${CFLAGS}" \
- APXS_LDFLAGS="${LDFLAGS}" \
- APXS_EXTRA_CFLAGS="${APXS_FLAGS}" \
- || die "emake failed"
-}
-
-src_test() {
- cd apache2
- emake test || die
-}
-
-src_install() {
- apache-module_src_install
-
- # install documentation
- dodoc CHANGES || die
- dohtml -r doc/* || die
-
- keepdir /var/cache/mod_security || die
- fowners apache:apache /var/cache/mod_security || die
- fperms 0770 /var/cache/mod_security || die
-}
-
-pkg_postinst() {
- if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then
- ewarn "You still have the configuration file 99_mod_security.conf."
- ewarn "Please make sure to remove that and keep only 79_mod_security.conf."
- ewarn ""
- fi
- elog "The base configuration file has been renamed 79_mod_security.conf"
- elog "so that you can put your own configuration as 80_mod_security_local.conf or"
- elog "equivalent."
- elog ""
- elog "That would be the correct place for site-global security rules."
-}
diff --git a/www-apache/mod_security/mod_security-2.5.13-r2.ebuild b/www-apache/mod_security/mod_security-2.5.13-r2.ebuild
index 065f4e41bc67..8608e48053ec 100644
--- a/www-apache/mod_security/mod_security-2.5.13-r2.ebuild
+++ b/www-apache/mod_security/mod_security-2.5.13-r2.ebuild
@@ -1,13 +1,12 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r2.ebuild,v 1.1 2011/03/23 23:05:00 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r2.ebuild,v 1.2 2011/03/28 21:58:58 flameeyes Exp $
-EAPI=2
+EAPI=3
inherit apache-module autotools
-MY_P=${P/mod_security-/modsecurity-apache_}
-MY_P=${MY_P/_rc/-rc}
+MY_P=modsecurity-apache_${PV/_rc/-rc}
DESCRIPTION="Web application firewall and Intrusion Detection System for Apache."
HOMEPAGE="http://www.modsecurity.org/"
@@ -16,23 +15,25 @@ SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~ppc ~sparc ~x86"
-IUSE="lua"
+IUSE="lua geoip"
DEPEND="dev-libs/libxml2
lua? ( >=dev-lang/lua-5.1 )
www-servers/apache[apache2_modules_unique_id]"
-RDEPEND="${DEPEND}"
+RDEPEND="${DEPEND}
+ geoip? ( dev-libs/geoip )"
PDEPEND="www-apache/modsecurity-crs"
S="${WORKDIR}/${MY_P}"
APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
-APACHE2_MOD_CONF="2.5.13-r2/79_modsecurity"
APACHE2_MOD_DEFINE="SECURITY"
need_apache2
src_prepare() {
+ cp "${FILESDIR}"/modsecurity.conf "${T}"/79_modsecurity.conf || die
+
epatch "${FILESDIR}"/${PN}-2.5.10-as-needed.patch
cd apache2
@@ -49,7 +50,10 @@ src_configure() {
}
src_compile() {
- cd apache2
+ if ! use geoip; then
+ sed -i -e '/SecGeoLookupDb/s:^:#:' \
+ "${T}"/79_modsecurity.conf || die
+ fi
APXS_FLAGS=
for flag in ${CFLAGS}; do
@@ -61,7 +65,7 @@ src_compile() {
APXS_FLAGS="${APXS_FLAGS} -Wl,${flag}"
done
- emake \
+ emake -C apache2 \
APXS_CFLAGS="${CFLAGS}" \
APXS_LDFLAGS="${LDFLAGS}" \
APXS_EXTRA_CFLAGS="${APXS_FLAGS}" \
@@ -69,16 +73,21 @@ src_compile() {
}
src_test() {
- cd apache2
- emake test || die
+ emake -C apache2 test || die
}
src_install() {
apache-module_src_install
- # install documentation
- dodoc CHANGES || die
- dohtml -r doc/* || die
+ # install manually rather than by using the APACHE2_MOD_CONF
+ # variable since we have to edit it to set things up properly.
+ insinto "${APACHE_MODULES_CONFDIR}"
+ doins "${T}"/79_modsecurity.conf
+
+ # install documentation; don't install index.html as it references
+ # the PDF and split-pages versions of the same documentation.
+ dodoc CHANGES
+ dohtml "${S}"/doc/*.{css,gif,jpg} "${S}"/doc/modsecurity2*.html
keepdir /var/cache/modsecurity || die
fowners apache:apache /var/cache/modsecurity || die
@@ -88,7 +97,7 @@ src_install() {
pkg_postinst() {
if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then
ewarn "You still have the configuration file 99_mod_security.conf."
- ewarn "Please make sure to remove that and keep only 79_mod_security.conf."
+ ewarn "Please make sure to remove that and keep only 79_modsecurity.conf."
ewarn ""
fi
elog "The base configuration file has been renamed 79_modsecurity.conf"