summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'www-apache/mod_security')
-rw-r--r--www-apache/mod_security/Manifest1
-rw-r--r--www-apache/mod_security/mod_security-2.9.3.ebuild115
2 files changed, 116 insertions, 0 deletions
diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest
index d53183b75678..77a67a321737 100644
--- a/www-apache/mod_security/Manifest
+++ b/www-apache/mod_security/Manifest
@@ -1 +1,2 @@
DIST modsecurity-2.9.1.tar.gz 4261212 BLAKE2B c47c7934d8da870e629c5733cc8c37452e4d90351269a14b99483188e8e3161891bd63bfd70e0723648c8daf51f1c33d900bd90ab0157332f826eab772f09f62 SHA512 374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269
+DIST modsecurity-2.9.3.tar.gz 4307670 BLAKE2B 337ea15cc8805af7ab43aed8aecf4c72ccc586d0d7e9d9b91f036a61baa70d1ac8b4ad8045a2bb7a13515912a15fba7d3cdb9670ae6730de43b1e44ee90ded6d SHA512 4e1ea5dd8edadf8f630e4fe92a200d3a8e78963fce3128b5975a1e1ecd0e8bf9ceecd9905c95f8c508932ccd837f1d8ae8bb2ba423307718c3c6a4ae9b783ddd
diff --git a/www-apache/mod_security/mod_security-2.9.3.ebuild b/www-apache/mod_security/mod_security-2.9.3.ebuild
new file mode 100644
index 000000000000..41cfb5afbc1e
--- /dev/null
+++ b/www-apache/mod_security/mod_security-2.9.3.ebuild
@@ -0,0 +1,115 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit apache-module
+
+MY_PN=modsecurity
+MY_P=${MY_PN}-${PV}
+
+DESCRIPTION="Application firewall and intrusion detection for Apache"
+HOMEPAGE="http://www.modsecurity.org/"
+SRC_URI="http://www.modsecurity.org/tarball/${PV}/${MY_P}.tar.gz"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="doc fuzzyhash geoip jit json lua mlogc"
+
+COMMON_DEPEND="dev-libs/apr
+ dev-libs/apr-util[openssl]
+ dev-libs/libxml2
+ dev-libs/libpcre[jit?]
+ fuzzyhash? ( app-crypt/ssdeep )
+ json? ( dev-libs/yajl )
+ lua? ( dev-lang/lua:0 )
+ mlogc? ( net-misc/curl )
+ www-servers/apache[apache2_modules_unique_id]"
+DEPEND="${COMMON_DEPEND}
+ doc? ( app-doc/doxygen )"
+RDEPEND="${COMMON_DEPEND}
+ geoip? ( dev-libs/geoip )
+ mlogc? ( dev-lang/perl )"
+PDEPEND=">=www-apache/modsecurity-crs-2.2.6-r1"
+
+S="${WORKDIR}/${MY_P}"
+
+APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
+APACHE2_MOD_CONF="79_${PN}"
+APACHE2_MOD_DEFINE="SECURITY"
+
+# Tests require symbols only defined within the Apache binary.
+RESTRICT=test
+
+need_apache2
+
+pkg_setup() {
+ _init_apache2
+ _init_apache2_late
+}
+
+src_configure() {
+ local myconf=(
+ --disable-static
+ --enable-request-early
+ --with-apxs="${APXS}"
+ --with-pic
+ $(use_with fuzzyhash ssdeep)
+ $(use_with json yajl)
+ $(use_enable mlogc)
+ $(use_with lua)
+ $(use_enable lua lua-cache)
+ $(use_enable jit pcre-jit) )
+
+ econf ${myconf[@]}
+}
+
+src_compile() {
+ default
+
+ # Building the docs is broken at the moment, see e.g.
+ # https://github.com/SpiderLabs/ModSecurity/issues/1322
+ if use doc; then
+ doxygen doc/doxygen-apache.conf || die 'failed to build documentation'
+ fi
+}
+
+src_install() {
+ apache-module_src_install
+
+ dodoc CHANGES README.md modsecurity.conf-recommended
+
+ if use doc; then
+ dodoc -r doc/apache/html
+ fi
+
+ if use mlogc; then
+ insinto /etc/
+ newins mlogc/mlogc-default.conf mlogc.conf
+ dobin mlogc/mlogc
+ dobin mlogc/mlogc-batch-load.pl
+ newdoc mlogc/INSTALL INSTALL-mlogc
+ fi
+
+ # Use /var/lib instead of /var/cache. This stuff is "persistent,"
+ # and isn't a cached copy of something that we can recreate.
+ # Bug 605496.
+ keepdir /var/lib/modsecurity
+ fowners apache:apache /var/lib/modsecurity
+ fperms 0750 /var/lib/modsecurity
+ for dir in data tmp upload; do
+ keepdir "/var/lib/modsecurity/${dir}"
+ fowners apache:apache "/var/lib/modsecurity/${dir}"
+ fperms 0750 "/var/lib/modsecurity/${dir}"
+ done
+}
+
+pkg_postinst() {
+ elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}"
+ elog "so that you can put your own configuration in (for example)"
+ elog "90_modsecurity_local.conf."
+ elog ""
+ elog "That would be the correct place for site-global security rules."
+ elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs"
+}