commit: facddf1c3e160f3013f0b7c46ca8f122e5bdcc86 Author: Tomáš Mózes <hydrapolic <AT> gmail <DOT> com> AuthorDate: Sat Oct 22 03:27:22 2022 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Sat Nov 19 03:23:40 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=facddf1c
www-apache/mod_security: add 2.9.6 Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com> Closes: https://github.com/gentoo/gentoo/pull/27885 Signed-off-by: Sam James <sam <AT> gentoo.org> www-apache/mod_security/Manifest | 1 + www-apache/mod_security/mod_security-2.9.6.ebuild | 125 ++++++++++++++++++++++ 2 files changed, 126 insertions(+) diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest index b6b9c755e5f7..174609a84b90 100644 --- a/www-apache/mod_security/Manifest +++ b/www-apache/mod_security/Manifest @@ -1 +1,2 @@ DIST modsecurity-2.9.5.tar.gz 4315037 BLAKE2B f6e607f344038c74fbbacbba6bbeb5953a7ab13b54d140924f4fe586a1506720d383285e7ce68dc9386f3532d298d53de55446f336c4b2f3e359bf8636bba0d0 SHA512 eef10afbce7407038b12d3c94213a17ecadf2db9a39f15006809848717f9a0d53d52f050957e13725e972191106c54eafb8915d564e5f0756a8a93c84048a4df +DIST modsecurity-2.9.6.tar.gz 4316582 BLAKE2B f344f8630218c401a3b0eb0de9f5f23d9d1f9f65bf5c4cff2d8d0ea3ebd27cf0202ce2199b1c6d923237ee49a3b151cce46a8de3563fa743cf119c8c25270af3 SHA512 54b3316950094b3951fcfdd82bbacd34dfa8f5500b9a772d3296f411711bad0dcad51068b25cb2c196fdc4b2e1095d54701370d25180c0c68cf0913bd7d4ea03 diff --git a/www-apache/mod_security/mod_security-2.9.6.ebuild b/www-apache/mod_security/mod_security-2.9.6.ebuild new file mode 100644 index 000000000000..b268a75af0c6 --- /dev/null +++ b/www-apache/mod_security/mod_security-2.9.6.ebuild @@ -0,0 +1,125 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +LUA_COMPAT=( lua5-{1..3} ) + +inherit autotools apache-module lua-single + +MY_PN=modsecurity +MY_P=${MY_PN}-${PV} + +DESCRIPTION="Application firewall and intrusion detection for Apache" +HOMEPAGE="https://github.com/SpiderLabs/ModSecurity"; +SRC_URI="https://github.com/SpiderLabs/ModSecurity/releases/download/v${PV}/${MY_P}.tar.gz"; + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="doc fuzzyhash geoip jit json lua mlogc" + +REQUIRED_USE="lua? ( ${LUA_REQUIRED_USE} )" + +COMMON_DEPEND="dev-libs/apr + dev-libs/apr-util[openssl] + dev-libs/libxml2 + dev-libs/libpcre[jit?] + virtual/libcrypt:= + fuzzyhash? ( app-crypt/ssdeep ) + json? ( dev-libs/yajl ) + lua? ( ${LUA_DEPS} ) + mlogc? ( net-misc/curl ) + www-servers/apache[apache2_modules_unique_id]" +BDEPEND="doc? ( app-doc/doxygen )" +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND} + geoip? ( dev-libs/geoip ) + mlogc? ( dev-lang/perl )" +PDEPEND=">=www-apache/modsecurity-crs-3.3.2" + +S="${WORKDIR}/${MY_P}" + +APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" +APACHE2_MOD_CONF="79_${PN}" +APACHE2_MOD_DEFINE="SECURITY" + +# Tests require symbols only defined within the Apache binary. +RESTRICT=test + +PATCHES=( + "${FILESDIR}"/${PN}-2.9.3-autoconf_lua_package_name.patch +) + +need_apache2 + +pkg_setup() { + _init_apache2 + _init_apache2_late + use lua && lua-single_pkg_setup +} + +src_prepare() { + default + eautoreconf +} + +src_configure() { + local myconf=( + --disable-static + --enable-request-early + --with-apxs="${APXS}" + --with-pic + $(use_with fuzzyhash ssdeep) + $(use_with json yajl) + $(use_enable mlogc) + $(use_with lua) + $(use_enable lua lua-cache) + $(use_enable jit pcre-jit) + $(use_enable doc docs) ) + + econf ${myconf[@]} +} + +src_compile() { + default +} + +src_install() { + apache-module_src_install + + dodoc CHANGES README.md modsecurity.conf-recommended unicode.mapping + + if use doc; then + dodoc -r doc/apache/html + fi + + if use mlogc; then + insinto /etc/ + newins mlogc/mlogc-default.conf mlogc.conf + dobin mlogc/mlogc + dobin mlogc/mlogc-batch-load.pl + newdoc mlogc/INSTALL INSTALL-mlogc + fi + + # Use /var/lib instead of /var/cache. This stuff is "persistent," + # and isn't a cached copy of something that we can recreate. + # Bug 605496. + keepdir /var/lib/modsecurity + fowners apache:apache /var/lib/modsecurity + fperms 0750 /var/lib/modsecurity + for dir in data tmp upload; do + keepdir "/var/lib/modsecurity/${dir}" + fowners apache:apache "/var/lib/modsecurity/${dir}" + fperms 0750 "/var/lib/modsecurity/${dir}" + done +} + +pkg_postinst() { + elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}" + elog "so that you can put your own configuration in (for example)" + elog "90_modsecurity_local.conf." + elog "" + elog "That would be the correct place for site-global security rules." + elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" +}
