diff options
| author |   Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-06-17 18:22:35 +0000 |
|---|---|---|
| committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-06-17 18:22:35 +0000 |
| commit | cc2f3081ea8885532f8ac33f668a1019f91d61e5 (patch) | |
| tree | 4eea70e7fa2e92272fc8a0d94705f34dc0239690 /www-apache/modsecurity-crs | |
| parent | Version bump to 3.3_alpha1 (with no keywords). This version is using gtk+:3. (diff) | |
| download | historical-cc2f3081ea8885532f8ac33f668a1019f91d61e5.tar.gz historical-cc2f3081ea8885532f8ac33f668a1019f91d61e5.tar.bz2 historical-cc2f3081ea8885532f8ac33f668a1019f91d61e5.zip | |
Add lua and geoip USE flag to install the scripts and enable/disable the related rules. Thanks to Matt McAdoo for the report.
Package-Manager: portage-2.2.0_alpha110/cvs/Linux x86_64
Diffstat (limited to 'www-apache/modsecurity-crs')
| -rw-r--r-- | www-apache/modsecurity-crs/ChangeLog | 7 | ||||
| -rw-r--r-- | www-apache/modsecurity-crs/Manifest | 18 | ||||
| -rw-r--r-- | www-apache/modsecurity-crs/modsecurity-crs-2.2.5.ebuild | 67 |
3 files changed, 71 insertions, 21 deletions
diff --git a/www-apache/modsecurity-crs/ChangeLog b/www-apache/modsecurity-crs/ChangeLog index b6187e09237b..b89172b96899 100644 --- a/www-apache/modsecurity-crs/ChangeLog +++ b/www-apache/modsecurity-crs/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for www-apache/modsecurity-crs # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v 1.21 2012/06/16 18:00:11 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v 1.22 2012/06/17 18:22:35 flameeyes Exp $ + + 17 Jun 2012; Diego E. Pettenò <flameeyes@gentoo.org> + modsecurity-crs-2.2.5.ebuild: + Add lua and geoip USE flag to install the scripts and enable/disable the + related rules. Thanks to Matt McAdoo for the report. *modsecurity-crs-2.2.5 (16 Jun 2012) diff --git a/www-apache/modsecurity-crs/Manifest b/www-apache/modsecurity-crs/Manifest index 188abbbf4f16..978edbe95e69 100644 --- a/www-apache/modsecurity-crs/Manifest +++ b/www-apache/modsecurity-crs/Manifest @@ -8,17 +8,17 @@ DIST modsecurity-crs_2.2.5.tar.gz 295400 RMD160 61d61bc5b9cebd666a66da65ca7d1b36 EBUILD modsecurity-crs-2.1.2.ebuild 2113 RMD160 38e3ec68256f80326f992a8ee5c0444f2928ff00 SHA1 76d42bdb021da80385705050173ff22be1308fdd SHA256 f07fc795b1a9d85f61d4c7c017e277a32fb28242be4e5d3d581f26406816c0ef EBUILD modsecurity-crs-2.2.3.ebuild 2122 RMD160 9f9c386d93dac79850f8b04899f2d14a4940ddd0 SHA1 bd4e32f74d33f9b0bb64a919b1ad2e6017339fc2 SHA256 38b92180b4d203d1bf9c1c33edbd5e40aeff0a1c1a3d37fc3b70ce6ed79f9bcb EBUILD modsecurity-crs-2.2.4.ebuild 2119 RMD160 04a6bb1a362c465711459a5ef833f6cd69a5c097 SHA1 e43b9f64e8984f0c73ace2096f89af11844e9c24 SHA256 32b8bfa7ac324af76f09a3436f7e3c7cf7796320c0fe206bbf7ba5ffbbc27583 -EBUILD modsecurity-crs-2.2.5.ebuild 2123 RMD160 6cea5c8a5b6970c23a2fa470fde4de256f30ad75 SHA1 edaf97499a63eea9abdd8d217be7b8935c0ca58a SHA256 46500b68bfc39b072280e94a3194add4be4210dee2a1fe83d724c9c6fcf974ac -MISC ChangeLog 3428 RMD160 83ab7fbe2cf4a5818b5a238ba2dccffcc57bad2c SHA1 5ec8f246b04d0d29dda66a9a8f1ad1f74ed25960 SHA256 16d152cb95bc58ed774f61b6f9134e18ae7e6d5591a1b14a5eb9aaa32e2ba915 +EBUILD modsecurity-crs-2.2.5.ebuild 3851 RMD160 0a225674fa3f08f78fabf228d1d8cc82110b9985 SHA1 80e27e0408054d16aa9c041cf51443c32d949dc1 SHA256 ec867737773976324ceb342fa5c5b152534a087fd7a8ac06e2991d6636bc0108 +MISC ChangeLog 3647 RMD160 09c7d1d2f94efcc0a3f6df86eb162cf9e3a9e494 SHA1 b2b49d2ab36a7149e1885cfd2c467c2f036e217e SHA256 a9d326cf23f8e29e191106bde2c844994707171be53d47f9291f3504e000c893 MISC metadata.xml 267 RMD160 511ac4eac08cf7c7598b7f0dd2c2a7b54b2a6d17 SHA1 7cfd482a8ab9b30e3e424c19cfef49ccc93013c8 SHA256 0c11886362b779764fbeda77806037b3625b1c11375b7ecc1b7ad3e20ec6a1ac -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) -iQEcBAEBAgAGBQJP3MndAAoJEBzRPIrUMBNCwmYIAIPwefxCUr1R51XtfxjHlMrq -BUf7P19UY8UaKsRqkineWzykUh7EmDAWxa27n+pkgJJ0+wEJETgqY1S8v+5SeQo2 -xcC79xoXVgHnQ1izbZGtibJzk+FdvCTktrbo+69vvwURNLhMsUjV0RphF5LliRny -d+ivN8n/Y03aolEKyOmu703fYAYKUkTv9vKWkDwaxAUgKNefZaDX4mFjLTctSIHZ -DFm+bdV6ipreWUqa+fhpqrBJ4DQHhB4avlgW/CiLaZ5QQ8Z2OC5UMhNcS1tGqYSg -MUfoDGCdYXAe6EwbTEbRjMSYNW15moNMn+eo/rhogqqo+T4iJPJQ4rtdsDGwjDU= -=KgYI +iQEcBAEBAgAGBQJP3iCHAAoJEBzRPIrUMBNCPT4H/R7bdQj6qdlZBDIW3WHZ/EhS +R5ODRZ+seC/eR9RCSxt/h8y6x+VQ3V8mo2zkHo7zTGVd7d2XYHaxsDvxzgZ79FyR +tKixH98cTuZUirDDoC4FyUenPRNF6ZENjtt9e1sFR6MtcHOrjh21fKY/iq7aeDqJ +R0txk2EXlwhSOe252lhvQ3EOqc/31+3y9PxevMa0XsbgkQL04C8rlmpoCk8eoN8h +lCpAd10Kn0w6H5ifQ13kjTsYRhayPC15uvtakrNlPHv9qLjeOcWr8A1Y8M/OTJSr +aENDsPt911ChJ+hcsdXieRzXBIbKho+84Ayseag7KDI6rqk1h7Brlw+3T8vBo04= +=Ro+c -----END PGP SIGNATURE----- diff --git a/www-apache/modsecurity-crs/modsecurity-crs-2.2.5.ebuild b/www-apache/modsecurity-crs/modsecurity-crs-2.2.5.ebuild index 7c8d5d803165..19e866f63f7a 100644 --- a/www-apache/modsecurity-crs/modsecurity-crs-2.2.5.ebuild +++ b/www-apache/modsecurity-crs/modsecurity-crs-2.2.5.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.2.5.ebuild,v 1.1 2012/06/16 18:00:11 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.2.5.ebuild,v 1.2 2012/06/17 18:22:35 flameeyes Exp $ EAPI=4 @@ -11,24 +11,69 @@ SRC_URI="mirror://sourceforge/mod-security/${PN}_${PV}.tar.gz" LICENSE="Apache-2.0" SLOT="0" KEYWORDS="~amd64 ~ppc ~sparc ~x86" -IUSE="" +IUSE="lua geoip" -RDEPEND=">=www-apache/mod_security-2.5.13-r1" +RDEPEND=">=www-apache/mod_security-2.5.13-r1[lua?,geoip?]" DEPEND="" S="${WORKDIR}/${PN}_${PV}" RULESDIR=/etc/modsecurity +LUADIR=/usr/share/${PN}/lua + +src_prepare() { + if ! use lua; then + # comment out this since it's in the same file as another one we want to keep + sed -i -e "/id:'96000[456]'/s:^:#:" \ + experimental_rules/modsecurity_crs_61_ip_forensics.conf || die + + # remove these that rely on the presence of the lua files + rm \ + experimental_rules/modsecurity_crs_16_scanner_integration.conf \ + experimental_rules/modsecurity_crs_40_appsensor_detection_point_2.1_request_exception.conf \ + experimental_rules/modsecurity_crs_41_advanced_filters.conf \ + experimental_rules/modsecurity_crs_55_response_profiling.conf \ + experimental_rules/modsecurity_crs_56_pvi_checks.conf \ + || die + else + # fix up the path to the scripts; there seems to be no + # consistency at all on how the rules are loaded. + sed -i \ + -e "s:/etc/apache2/modsecurity-crs/lua/:${LUADIR}/:" \ + -e "s:profile_page_scripts.lua:${LUADIR}/\0:" \ + -e "s:/usr/local/apache/conf/crs/lua/:${LUADIR}/:" \ + -e "s:/usr/local/apache/conf/modsec_current/base_rules/:${LUADIR}/:" \ + -e "s:/etc/apache2/modsecurity-crs/lua/:${LUADIR}/:" \ + -e "s:\.\./lua/:${LUADIR}/:" \ + *_rules/*.conf || die + + # fix up the shebang on the scripts + sed -i -e "s:/opt/local/bin/lua:/usr/bin/lua:" \ + lua/*.lua || die + fi + + sed -i \ + -e '/SecGeoLookupDb/s:^:#:' \ + -e '/SecGeoLookupDb/a# Gentoo already defines it in 79_modsecurity.conf' \ + experimental_rules/modsecurity_crs_61_ip_forensics.conf || die + + if ! use geoip; then + if use lua; then + # only comment this out as the file is going to be used for other things + sed -i -e "/id:'960007'/,+1 s:^:#:" \ + experimental_rules/modsecurity_crs_61_ip_forensics.conf || die + else + rm experimental_rules/modsecurity_crs_61_ip_forensics.conf || die + fi + fi +} src_install() { - insinto "${RULESDIR}"/base_rules - doins base_rules/* - - insinto "${RULESDIR}"/optional_rules - doins optional_rules/* + insinto "${RULESDIR}" + doins -r base_rules optional_rules experimental_rules - insinto "${RULESDIR}"/experimental_rules - doins experimental_rules/* + insinto "${LUADIR}" + doins lua/*.lua dodoc CHANGELOG README @@ -37,7 +82,7 @@ src_install() { <IfDefine SECURITY> EOF - cat modsecurity_crs_10_config.conf.example + cat modsecurity_crs_10_setup.conf.example cat - <<EOF |