diff options
author | 2011-03-28 21:58:59 +0000 | |
---|---|---|
committer | 2011-03-28 21:58:59 +0000 | |
commit | 68524a7a28ab447f8ccb7751782863d6be24c12a (patch) | |
tree | bcff3e64990f3f940dd853e104d4d1894a0f79bb /www-apache | |
parent | Version bump. (diff) | |
download | historical-68524a7a28ab447f8ccb7751782863d6be24c12a.tar.gz historical-68524a7a28ab447f8ccb7751782863d6be24c12a.tar.bz2 historical-68524a7a28ab447f8ccb7751782863d6be24c12a.zip |
Cleanup ebuild, port to EAPI=3; add geoip USE flag to bring in dev-libs/geoip and set it up.
Package-Manager: portage-2.2.0_alpha29/cvs/Linux x86_64
Diffstat (limited to 'www-apache')
-rw-r--r-- | www-apache/mod_security/ChangeLog | 9 | ||||
-rw-r--r-- | www-apache/mod_security/Manifest | 16 | ||||
-rw-r--r-- | www-apache/mod_security/files/2.5.13/79_mod_security.conf | 16 | ||||
-rw-r--r-- | www-apache/mod_security/files/modsecurity.conf (renamed from www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf) | 3 | ||||
-rw-r--r-- | www-apache/mod_security/metadata.xml | 7 | ||||
-rw-r--r-- | www-apache/mod_security/mod_security-2.5.13-r1.ebuild | 99 | ||||
-rw-r--r-- | www-apache/mod_security/mod_security-2.5.13-r2.ebuild | 39 |
7 files changed, 49 insertions, 140 deletions
diff --git a/www-apache/mod_security/ChangeLog b/www-apache/mod_security/ChangeLog index b8f2ccc51277..539e95c75d19 100644 --- a/www-apache/mod_security/ChangeLog +++ b/www-apache/mod_security/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for www-apache/mod_security # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.50 2011/03/23 23:05:00 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.51 2011/03/28 21:58:58 flameeyes Exp $ + + 28 Mar 2011; Diego E. Pettenò <flameeyes@gentoo.org> + +files/modsecurity.conf, -files/2.5.13-r2/79_modsecurity.conf, + -files/2.5.13/79_mod_security.conf, -mod_security-2.5.13-r1.ebuild, + mod_security-2.5.13-r2.ebuild, metadata.xml: + Cleanup ebuild, port to EAPI=3; add geoip USE flag to bring in dev-libs/geoip + and set it up. *mod_security-2.5.13-r2 (23 Mar 2011) diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest index 57e4adc6515b..b0ccd2c4df61 100644 --- a/www-apache/mod_security/Manifest +++ b/www-apache/mod_security/Manifest @@ -2,20 +2,18 @@ Hash: SHA1 AUX 2.5.10/99_mod_security.conf 457 RMD160 8f0e24cdfa7a71487365b42fd194a87e5ce426a8 SHA1 2d3cf537fb777dca964a40de2f512245bf390641 SHA256 541fbaa2f62f501190cfef67bb760f2c4ef7aef7d260a544b3d8886aca6aea2d -AUX 2.5.13-r2/79_modsecurity.conf 166 RMD160 6eafb86894d50f7a2319b1c55acb04d1b8a79f45 SHA1 09ef3129d1abb6634bdf01607fa4b47e0a5e0650 SHA256 641a1eb86f9ee38b7b04e564c13b02f24833ffd7df494935d8a6917568ed1e6c -AUX 2.5.13/79_mod_security.conf 472 RMD160 9fdc0d82806271b62d2265a934b4e3dcfec09d14 SHA1 cc7e75bc25c9d0ca293393875a3f799ec95f4d94 SHA256 4a228f2a1006745bcbd1cd12a0846f421783a837e3c0f9e2b0ef7b08efb8d1a9 AUX mod_security-2.5.10-as-needed.patch 1169 RMD160 56ea5b1de8673556a0cfff3db606824ccb092e92 SHA1 1417de57c5e3bce8bab6f37f6ef532be44140c6c SHA256 aa1086c66d10b40d4ae184dad1bf9fc18e2fc8c6c3474ad2537b1728a01bd8be +AUX modsecurity.conf 276 RMD160 b8b303a210d05770d307ee60bfcf1400ec83d968 SHA1 35badbac9fe301c18cdda5abacf578e81f36d607 SHA256 00b6f23a10c142828fafeb0362f23846f95ce5d2129a7a3c053dc20554bd078a DIST modsecurity-apache_2.5.12.tar.gz 1392209 RMD160 e7dae0754e5866c247083f1291bcd5cd08db87d5 SHA1 eb2068e5d31525fa53769dabd1a1c65896fd4e76 SHA256 168bb6591a0f9665169e0ed223a00d63a1c87e11d1e56388abcf431f30efaa84 DIST modsecurity-apache_2.5.13.tar.gz 1406635 RMD160 18d598462e7fedc02019f2612002bd0acbcb61fa SHA1 c498277a93de6c8ced2bd204d09c8a91a487fc1f SHA256 0d570fa602c5bbb231f467ace2abb35e4cd0647fd962d4bc21eac1a1efed8b6a EBUILD mod_security-2.5.12.ebuild 3780 RMD160 93051a495325ef39354c8f7cd0ecfd202a537db9 SHA1 8d638448793d19bd1e74b1017cdda5632a48664b SHA256 2eb168002097badb690bf895e1770171c98b0f3aaf60828e435c960ce4737fd7 -EBUILD mod_security-2.5.13-r1.ebuild 2317 RMD160 ccb2a826a38040f348f456f7c5d65fb9e0f6ec62 SHA1 323aa8e2a7eb662f786cfe6fc3e3c4b0d77221a4 SHA256 fd4c00d1cc92aa6afc2091b079f568ff0b994a92890af95c63770afe369945ee -EBUILD mod_security-2.5.13-r2.ebuild 2389 RMD160 02f4238e76ef5e7db210299ffa7bf7a93d91429b SHA1 e907e748552b69660ef84c0aed9e2dbcace623a2 SHA256 4259fb7d744e11a4f3a2473b71b101126c6e3cc6103afc259ef3abecca9fb61d -MISC ChangeLog 13574 RMD160 8fbea47831afecfbce48b8e541a565ced2fa307a SHA1 70cded818d706288a2d854ec8477a479f9acd3ca SHA256 0df4464c9c15099f34f9835798bd0d23ee64968a7a0508fc05c00818b5b5e022 -MISC metadata.xml 897 RMD160 31443d00b492a9e39bba6556c867c9c84775560e SHA1 e96370de59f922a1ed1b46920e82a16fff04bb54 SHA256 6acdb58a20b4004b0d571df0183e7090f8eb97f904028c84bcecece8cf64f547 +EBUILD mod_security-2.5.13-r2.ebuild 2858 RMD160 ba2e1eef13ffaba6d35d3aa25b117807129ae5bd SHA1 96626711783fd6151016dcc7989ffe188c2a94ab SHA256 213750542f3c51eb89889514e0803b9fa6507a3dc5de20a5ff65ac498e2f5986 +MISC ChangeLog 13910 RMD160 90c6b9167de3d36c85fe084ed75023fe9ebf812a SHA1 9437bc91bf0b6cfbeae2361143608e8fec4a4c01 SHA256 38ce6434eb87124b3598f45040a8bd05da8bf2c3d797dfd7d197029f0fa79e83 +MISC metadata.xml 1174 RMD160 5f3a8ef78cb446f3896ed0d8007b84b0843129b2 SHA1 907b58cdf35cb47dec20ef9adbcebdf0ad92c799 SHA256 d8912fd55c69fa4542e89395595171bed520638a2627fc7fee71e7e2bfbab4e6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) -iEYEARECAAYFAk2KfIoACgkQAiZjviIA2Xg8ngCghVw7PJtH83RsuNA79MZdnnin -VrAAoJFIiOY1P3fW1b7MLsLtNVTwi7r+ -=gi9g +iEYEARECAAYFAk2RBKcACgkQAiZjviIA2XhR8QCdF3WTvh2TeFLf4KKQM1YwgBY3 +XC0AoOUWBTovSWoXlzAR2JZ5/CGwWzw8 +=yqpX -----END PGP SIGNATURE----- diff --git a/www-apache/mod_security/files/2.5.13/79_mod_security.conf b/www-apache/mod_security/files/2.5.13/79_mod_security.conf deleted file mode 100644 index ba1fb64729a4..000000000000 --- a/www-apache/mod_security/files/2.5.13/79_mod_security.conf +++ /dev/null @@ -1,16 +0,0 @@ -<IfDefine SECURITY> -LoadModule security2_module modules/mod_security2.so - -SecDataDir /var/cache/mod_security - -# use Core Rule Set by default, but no optional or experimental rules -Include /etc/apache2/modules.d/mod_security/*.conf - -# Optionally use the other rules as well -# Include /etc/apache2/modules.d/mod_security/optional_rules/*.conf -# Include /etc/apache2/modules.d/mod_security/experimental_rules/*.conf - -</IfDefine> - -# -*- apache -*- -# vim: ts=4 filetype=apache diff --git a/www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf b/www-apache/mod_security/files/modsecurity.conf index 77a42bab1920..254ecf4094b8 100644 --- a/www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf +++ b/www-apache/mod_security/files/modsecurity.conf @@ -1,6 +1,9 @@ <IfDefine SECURITY> LoadModule security2_module modules/mod_security2.so +# Enable looking up geolocation data from MaxMind's GeoIP database +SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat + SecDataDir /var/cache/modsecurity </IfDefine> diff --git a/www-apache/mod_security/metadata.xml b/www-apache/mod_security/metadata.xml index 5088fa888ba7..11837ee42647 100644 --- a/www-apache/mod_security/metadata.xml +++ b/www-apache/mod_security/metadata.xml @@ -20,5 +20,12 @@ applications, including Rails-based web applications and Bugzilla. </flag> + + <flag name='geoip'> + Configure ModSecurity to query the GeoIP database from MaxMind, + provided by <pkg>dev-libs/geoip</pkg>. This flag only controls + the default configuration, as the GeoIP query code is part of + ModSecurity's source code. + </flag> </use> </pkgmetadata> diff --git a/www-apache/mod_security/mod_security-2.5.13-r1.ebuild b/www-apache/mod_security/mod_security-2.5.13-r1.ebuild deleted file mode 100644 index 67ead0a842fc..000000000000 --- a/www-apache/mod_security/mod_security-2.5.13-r1.ebuild +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r1.ebuild,v 1.2 2011/02/26 14:44:27 xarthisius Exp $ - -EAPI=2 - -inherit apache-module autotools - -MY_P=${P/mod_security-/modsecurity-apache_} -MY_P=${MY_P/_rc/-rc} - -DESCRIPTION="Web application firewall and Intrusion Detection System for Apache." -HOMEPAGE="http://www.modsecurity.org/" -SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~ppc ~sparc ~x86" -IUSE="lua" - -DEPEND="dev-libs/libxml2 - lua? ( >=dev-lang/lua-5.1 ) - www-servers/apache[apache2_modules_unique_id]" -RDEPEND="${DEPEND}" -PDEPEND="www-apache/modsecurity-crs" - -S="${WORKDIR}/${MY_P}" - -APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" -APACHE2_MOD_CONF="2.5.13/79_mod_security" -APACHE2_MOD_DEFINE="SECURITY" - -need_apache2 - -src_prepare() { - epatch "${FILESDIR}"/${PN}-2.5.10-as-needed.patch - - cd apache2 - eautoreconf -} - -src_configure() { - cd apache2 - - econf --with-apxs="${APXS}" \ - --without-curl \ - $(use_with lua) \ - || die "econf failed" -} - -src_compile() { - cd apache2 - - APXS_FLAGS= - for flag in ${CFLAGS}; do - APXS_FLAGS="${APXS_FLAGS} -Wc,${flag}" - done - - # Yes we need to prefix it _twice_ - for flag in ${LDFLAGS}; do - APXS_FLAGS="${APXS_FLAGS} -Wl,${flag}" - done - - emake \ - APXS_CFLAGS="${CFLAGS}" \ - APXS_LDFLAGS="${LDFLAGS}" \ - APXS_EXTRA_CFLAGS="${APXS_FLAGS}" \ - || die "emake failed" -} - -src_test() { - cd apache2 - emake test || die -} - -src_install() { - apache-module_src_install - - # install documentation - dodoc CHANGES || die - dohtml -r doc/* || die - - keepdir /var/cache/mod_security || die - fowners apache:apache /var/cache/mod_security || die - fperms 0770 /var/cache/mod_security || die -} - -pkg_postinst() { - if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then - ewarn "You still have the configuration file 99_mod_security.conf." - ewarn "Please make sure to remove that and keep only 79_mod_security.conf." - ewarn "" - fi - elog "The base configuration file has been renamed 79_mod_security.conf" - elog "so that you can put your own configuration as 80_mod_security_local.conf or" - elog "equivalent." - elog "" - elog "That would be the correct place for site-global security rules." -} diff --git a/www-apache/mod_security/mod_security-2.5.13-r2.ebuild b/www-apache/mod_security/mod_security-2.5.13-r2.ebuild index 065f4e41bc67..8608e48053ec 100644 --- a/www-apache/mod_security/mod_security-2.5.13-r2.ebuild +++ b/www-apache/mod_security/mod_security-2.5.13-r2.ebuild @@ -1,13 +1,12 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r2.ebuild,v 1.1 2011/03/23 23:05:00 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r2.ebuild,v 1.2 2011/03/28 21:58:58 flameeyes Exp $ -EAPI=2 +EAPI=3 inherit apache-module autotools -MY_P=${P/mod_security-/modsecurity-apache_} -MY_P=${MY_P/_rc/-rc} +MY_P=modsecurity-apache_${PV/_rc/-rc} DESCRIPTION="Web application firewall and Intrusion Detection System for Apache." HOMEPAGE="http://www.modsecurity.org/" @@ -16,23 +15,25 @@ SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz" LICENSE="GPL-2" SLOT="0" KEYWORDS="~amd64 ~ppc ~sparc ~x86" -IUSE="lua" +IUSE="lua geoip" DEPEND="dev-libs/libxml2 lua? ( >=dev-lang/lua-5.1 ) www-servers/apache[apache2_modules_unique_id]" -RDEPEND="${DEPEND}" +RDEPEND="${DEPEND} + geoip? ( dev-libs/geoip )" PDEPEND="www-apache/modsecurity-crs" S="${WORKDIR}/${MY_P}" APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" -APACHE2_MOD_CONF="2.5.13-r2/79_modsecurity" APACHE2_MOD_DEFINE="SECURITY" need_apache2 src_prepare() { + cp "${FILESDIR}"/modsecurity.conf "${T}"/79_modsecurity.conf || die + epatch "${FILESDIR}"/${PN}-2.5.10-as-needed.patch cd apache2 @@ -49,7 +50,10 @@ src_configure() { } src_compile() { - cd apache2 + if ! use geoip; then + sed -i -e '/SecGeoLookupDb/s:^:#:' \ + "${T}"/79_modsecurity.conf || die + fi APXS_FLAGS= for flag in ${CFLAGS}; do @@ -61,7 +65,7 @@ src_compile() { APXS_FLAGS="${APXS_FLAGS} -Wl,${flag}" done - emake \ + emake -C apache2 \ APXS_CFLAGS="${CFLAGS}" \ APXS_LDFLAGS="${LDFLAGS}" \ APXS_EXTRA_CFLAGS="${APXS_FLAGS}" \ @@ -69,16 +73,21 @@ src_compile() { } src_test() { - cd apache2 - emake test || die + emake -C apache2 test || die } src_install() { apache-module_src_install - # install documentation - dodoc CHANGES || die - dohtml -r doc/* || die + # install manually rather than by using the APACHE2_MOD_CONF + # variable since we have to edit it to set things up properly. + insinto "${APACHE_MODULES_CONFDIR}" + doins "${T}"/79_modsecurity.conf + + # install documentation; don't install index.html as it references + # the PDF and split-pages versions of the same documentation. + dodoc CHANGES + dohtml "${S}"/doc/*.{css,gif,jpg} "${S}"/doc/modsecurity2*.html keepdir /var/cache/modsecurity || die fowners apache:apache /var/cache/modsecurity || die @@ -88,7 +97,7 @@ src_install() { pkg_postinst() { if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then ewarn "You still have the configuration file 99_mod_security.conf." - ewarn "Please make sure to remove that and keep only 79_mod_security.conf." + ewarn "Please make sure to remove that and keep only 79_modsecurity.conf." ewarn "" fi elog "The base configuration file has been renamed 79_modsecurity.conf" |