summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDiego Elio Pettenò <flameeyes@gentoo.org>2009-10-01 22:07:38 +0000
committerDiego Elio Pettenò <flameeyes@gentoo.org>2009-10-01 22:07:38 +0000
commit98d9837b9083eaac71f4765c8cd34854d9e39328 (patch)
treef7a465c3d862f7faed484c779ccbf92aaba74116 /www-apache
parentset KEYWORDS, IUSE (diff)
downloadgentoo-2-98d9837b9083eaac71f4765c8cd34854d9e39328.tar.gz
gentoo-2-98d9837b9083eaac71f4765c8cd34854d9e39328.tar.bz2
gentoo-2-98d9837b9083eaac71f4765c8cd34854d9e39328.zip
Version bump.
(Portage version: 2.2_rc42/cvs/Linux x86_64)
Diffstat (limited to 'www-apache')
-rw-r--r--www-apache/mod_security/ChangeLog8
-rw-r--r--www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch26
-rw-r--r--www-apache/mod_security/mod_security-2.5.10.ebuild111
3 files changed, 144 insertions, 1 deletions
diff --git a/www-apache/mod_security/ChangeLog b/www-apache/mod_security/ChangeLog
index 691d74787b1d..1097f708d06e 100644
--- a/www-apache/mod_security/ChangeLog
+++ b/www-apache/mod_security/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for www-apache/mod_security
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.27 2009/07/27 16:42:44 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.28 2009/10/01 22:07:37 flameeyes Exp $
+
+*mod_security-2.5.10 (01 Oct 2009)
+
+ 01 Oct 2009; Diego E. Pettenò <flameeyes@gentoo.org>
+ +mod_security-2.5.10.ebuild, +files/mod_security-2.5.10-as-needed.patch:
+ Version bump.
27 Jul 2009; Diego E. Pettenò <flameeyes@gentoo.org>
mod_security-2.5.9-r1.ebuild:
diff --git a/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch b/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch
new file mode 100644
index 000000000000..f664d35efb54
--- /dev/null
+++ b/www-apache/mod_security/files/mod_security-2.5.10-as-needed.patch
@@ -0,0 +1,26 @@
+diff -Naurp -Naurp modsecurity-apache_2.5.9.old/apache2/Makefile.in modsecurity-apache_2.5.9/apache2/Makefile.in
+--- modsecurity-apache_2.5.9.old/apache2/Makefile.in 2009-07-02 19:18:31.000000000 +0200
++++ modsecurity-apache_2.5.9/apache2/Makefile.in 2009-07-02 19:48:23.000000000 +0200
+@@ -52,11 +52,11 @@ APU_LIBS = @APU_LIBS@
+ APU_LINK_LD = @APU_LINK_LD@
+
+ CPPFLAGS = @CPPFLAGS@ $(PCRE_CFLAGS) $(LIBXML2_CFLAGS) $(LUA_CFLAGS)
+-LIBS = @LIBS@ $(PCRE_LIBS) $(LIBXML2_LIBS) $(LUA_LIBS)
++LIBS = @LIBS@ $(PCRE_LIBS) $(LIBXML2_LIBS) $(LUA_LIBS) $(APXS_LIBS) $(APR_LIBS) $(APR_LINK_LD) $(APU_LIBS) $(APU_LINK_LD)
+ LDFLAGS = @LDFLAGS@
+ CFLAGS = @CFLAGS@
+
+-COMPILE_APACHE_MOD = $(APXS_WRAPPER) -c $(CPPFLAGS) $(LDFLAGS) $(LIBS)
++COMPILE_APACHE_MOD = $(APXS_WRAPPER) -c $(CPPFLAGS) $(LDFLAGS)
+
+ INSTALL_MOD_SHARED = $(APXS_WRAPPER) -i
+
+@@ -93,7 +93,7 @@ mod_security2.la: $(MOD_SECURITY2_H) *.c
+ src="$$src $$f.c"; \
+ done; \
+ rm -f msc_test msc_test.o msc_test.lo msc_test.slo; \
+- $(COMPILE_APACHE_MOD) $(APXS_EXTRA_CFLAGS) $(MODSEC_APXS_EXTRA_CFLAGS) $$src
++ $(COMPILE_APACHE_MOD) $(APXS_EXTRA_CFLAGS) $(MODSEC_APXS_EXTRA_CFLAGS) $$src $(LIBS)
+
+ ### MLogC
+ mlogc:
diff --git a/www-apache/mod_security/mod_security-2.5.10.ebuild b/www-apache/mod_security/mod_security-2.5.10.ebuild
new file mode 100644
index 000000000000..6bd9f2d62fd7
--- /dev/null
+++ b/www-apache/mod_security/mod_security-2.5.10.ebuild
@@ -0,0 +1,111 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.10.ebuild,v 1.1 2009/10/01 22:07:37 flameeyes Exp $
+
+inherit apache-module autotools
+
+MY_P=${P/mod_security-/modsecurity-apache_}
+MY_P=${MY_P/_rc/-rc}
+
+DESCRIPTION="Web application firewall and Intrusion Detection System for Apache."
+HOMEPAGE="http://www.modsecurity.org/"
+SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~mips ~ppc ~sparc ~x86"
+IUSE="lua perl"
+
+DEPEND="dev-libs/libxml2
+ perl? ( dev-perl/libwww-perl )
+ lua? ( >=dev-lang/lua-5.1 )"
+RDEPEND="${DEPEND}"
+
+S="${WORKDIR}/${MY_P}"
+
+APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
+APACHE2_MOD_CONF="2.1.2/99_mod_security"
+APACHE2_MOD_DEFINE="SECURITY"
+
+need_apache2
+
+src_unpack() {
+ unpack ${A}
+
+ cd "${S}"/apache2
+
+ epatch "${FILESDIR}"/${P}-as-needed.patch
+
+ eautoreconf
+}
+
+src_compile() {
+ cd apache2
+
+ econf --with-apxs="${APXS}" \
+ --without-curl \
+ $(use_with lua) \
+ || die "econf failed"
+
+ APXS_FLAGS=
+ for flag in ${CFLAGS}; do
+ APXS_FLAGS="${APXS_FLAGS} -Wc,${flag}"
+ done
+
+ # Yes we need to prefix it _twice_
+ for flag in ${LDFLAGS}; do
+ APXS_FLAGS="${APXS_FLAGS} -Wl,${flag}"
+ done
+
+ emake \
+ APXS_CFLAGS="${CFLAGS}" \
+ APXS_LDFLAGS="${LDFLAGS}" \
+ APXS_EXTRA_CFLAGS="${APXS_FLAGS}" \
+ || die "emake failed"
+}
+
+src_test() {
+ cd apache2
+ make test || die
+}
+
+src_install() {
+ apache-module_src_install
+
+ # install rules updater only if perl is enabled (optionally)
+ if use perl; then
+ newsbin tools/rules-updater.pl modsec-rules-updater || die
+ fi
+
+ # install documentation
+ dodoc CHANGES || die
+ newdoc rules/CHANGELOG CHANGES.crs || die
+ newdoc rules/README README.crs || die
+ dohtml -r doc/* || die
+
+ # Prepare the core ruleset
+ cd "${S}"/rules/
+
+ sed -i -e 's:logs/:/var/log/apache2/:g' *.conf || die
+
+ insinto ${APACHE_MODULES_CONFDIR}/mod_security/
+ for i in *.conf; do
+ newins ${i} ${i/modsecurity_crs_/} || die
+ done
+}
+
+pkg_postinst() {
+ elog "Please note that the core rule set distributed with mod_security is quite"
+ elog "draconic. If you're using this on a blog, a forum or another user-submitted"
+ elog "web application where you might talk about standard Unix paths (such as /etc"
+ elog "or /bin), you might want to disable at least rules 950005 and 950907"
+ elog "(command injection) if you're sure it might not be a security risk."
+ elog " "
+ elog "To do that on the most limited case you might want to use something like"
+ elog "the following code (this comes from a Typo weblog instance):"
+ elog " "
+ elog " <Location /comments>"
+ elog " SecRuleRemoveById 950005 950907"
+ elog " </Location>"
+ elog " "
+}