1 |
flameeyes 09/10/26 10:26:14 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: mod_security-2.5.10-r1.ebuild |
5 |
Removed: mod_security-2.5.10.ebuild |
6 |
Log: |
7 |
Revision bump; install the proper ruleset; install a new config file. |
8 |
(Portage version: 2.2_rc46/cvs/Linux x86_64) |
9 |
|
10 |
Revision Changes Path |
11 |
1.30 www-apache/mod_security/ChangeLog |
12 |
|
13 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apache/mod_security/ChangeLog?rev=1.30&view=markup |
14 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apache/mod_security/ChangeLog?rev=1.30&content-type=text/plain |
15 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apache/mod_security/ChangeLog?r1=1.29&r2=1.30 |
16 |
|
17 |
Index: ChangeLog |
18 |
=================================================================== |
19 |
RCS file: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v |
20 |
retrieving revision 1.29 |
21 |
retrieving revision 1.30 |
22 |
diff -u -r1.29 -r1.30 |
23 |
--- ChangeLog 2 Oct 2009 10:46:58 -0000 1.29 |
24 |
+++ ChangeLog 26 Oct 2009 10:26:14 -0000 1.30 |
25 |
@@ -1,6 +1,13 @@ |
26 |
# ChangeLog for www-apache/mod_security |
27 |
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 |
28 |
-# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.29 2009/10/02 10:46:58 flameeyes Exp $ |
29 |
+# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.30 2009/10/26 10:26:14 flameeyes Exp $ |
30 |
+ |
31 |
+*mod_security-2.5.10-r1 (26 Oct 2009) |
32 |
+ |
33 |
+ 26 Oct 2009; Diego E. Pettenò <flameeyes@g.o> |
34 |
+ +files/2.5.10/99_mod_security.conf, -mod_security-2.5.10.ebuild, |
35 |
+ +mod_security-2.5.10-r1.ebuild: |
36 |
+ Revision bump; install the proper ruleset; install a new config file. |
37 |
|
38 |
02 Oct 2009; Diego E. Pettenò <flameeyes@g.o> |
39 |
mod_security-2.5.10.ebuild, |
40 |
|
41 |
|
42 |
|
43 |
1.1 www-apache/mod_security/mod_security-2.5.10-r1.ebuild |
44 |
|
45 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apache/mod_security/mod_security-2.5.10-r1.ebuild?rev=1.1&view=markup |
46 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apache/mod_security/mod_security-2.5.10-r1.ebuild?rev=1.1&content-type=text/plain |
47 |
|
48 |
Index: mod_security-2.5.10-r1.ebuild |
49 |
=================================================================== |
50 |
# Copyright 1999-2009 Gentoo Foundation |
51 |
# Distributed under the terms of the GNU General Public License v2 |
52 |
# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.10-r1.ebuild,v 1.1 2009/10/26 10:26:14 flameeyes Exp $ |
53 |
|
54 |
inherit apache-module autotools |
55 |
|
56 |
MY_P=${P/mod_security-/modsecurity-apache_} |
57 |
MY_P=${MY_P/_rc/-rc} |
58 |
|
59 |
DESCRIPTION="Web application firewall and Intrusion Detection System for Apache." |
60 |
HOMEPAGE="http://www.modsecurity.org/" |
61 |
SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz" |
62 |
|
63 |
LICENSE="GPL-2" |
64 |
SLOT="0" |
65 |
KEYWORDS="~amd64 ~mips ~ppc ~sparc ~x86" |
66 |
IUSE="lua perl" |
67 |
|
68 |
DEPEND="dev-libs/libxml2 |
69 |
perl? ( dev-perl/libwww-perl ) |
70 |
lua? ( >=dev-lang/lua-5.1 )" |
71 |
RDEPEND="${DEPEND}" |
72 |
|
73 |
S="${WORKDIR}/${MY_P}" |
74 |
|
75 |
APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" |
76 |
APACHE2_MOD_CONF="2.5.10/99_mod_security" |
77 |
APACHE2_MOD_DEFINE="SECURITY" |
78 |
|
79 |
need_apache2 |
80 |
|
81 |
src_unpack() { |
82 |
unpack ${A} |
83 |
|
84 |
cd "${S}"/apache2 |
85 |
|
86 |
epatch "${FILESDIR}"/${P}-broken-autotools.patch |
87 |
epatch "${FILESDIR}"/${P}-as-needed.patch |
88 |
|
89 |
eautoreconf |
90 |
} |
91 |
|
92 |
src_compile() { |
93 |
cd apache2 |
94 |
|
95 |
econf --with-apxs="${APXS}" \ |
96 |
--without-curl \ |
97 |
$(use_with lua) \ |
98 |
|| die "econf failed" |
99 |
|
100 |
APXS_FLAGS= |
101 |
for flag in ${CFLAGS}; do |
102 |
APXS_FLAGS="${APXS_FLAGS} -Wc,${flag}" |
103 |
done |
104 |
|
105 |
# Yes we need to prefix it _twice_ |
106 |
for flag in ${LDFLAGS}; do |
107 |
APXS_FLAGS="${APXS_FLAGS} -Wl,${flag}" |
108 |
done |
109 |
|
110 |
emake \ |
111 |
APXS_CFLAGS="${CFLAGS}" \ |
112 |
APXS_LDFLAGS="${LDFLAGS}" \ |
113 |
APXS_EXTRA_CFLAGS="${APXS_FLAGS}" \ |
114 |
|| die "emake failed" |
115 |
} |
116 |
|
117 |
src_test() { |
118 |
cd apache2 |
119 |
make test || die |
120 |
} |
121 |
|
122 |
src_install() { |
123 |
apache-module_src_install |
124 |
|
125 |
# install rules updater only if perl is enabled (optionally) |
126 |
if use perl; then |
127 |
newsbin tools/rules-updater.pl modsec-rules-updater || die |
128 |
fi |
129 |
|
130 |
# install documentation |
131 |
dodoc CHANGES || die |
132 |
newdoc rules/CHANGELOG CHANGES.crs || die |
133 |
newdoc rules/README README.crs || die |
134 |
dohtml -r doc/* || die |
135 |
|
136 |
# Prepare the core ruleset |
137 |
cd "${S}"/rules/ |
138 |
|
139 |
sed -i -e 's:logs/:/var/log/apache2/:g' *.conf || die |
140 |
|
141 |
insinto ${APACHE_MODULES_CONFDIR}/mod_security/ |
142 |
doins *.conf base_rules/* || die |
143 |
|
144 |
insinto ${APACHE_MODULES_CONFDIR}/mod_security/optional_rules |
145 |
doins optional_rules/* || die |
146 |
} |
147 |
|
148 |
pkg_postinst() { |
149 |
elog "Please note that the core rule set distributed with mod_security is quite" |
150 |
elog "draconic. If you're using this on a blog, a forum or another user-submitted" |
151 |
elog "web application where you might talk about standard Unix paths (such as /etc" |
152 |
elog "or /bin), you might want to disable at least rules 950005 and 950907" |
153 |
elog "(command injection) if you're sure it might not be a security risk." |
154 |
elog " " |
155 |
elog "To do that on the most limited case you might want to use something like" |
156 |
elog "the following code (this comes from a Typo weblog instance):" |
157 |
elog " " |
158 |
elog " <Location /comments>" |
159 |
elog " SecRuleRemoveById 950005 950907" |
160 |
elog " </Location>" |
161 |
elog " " |
162 |
} |