FreeBSD Bugzilla – Attachment 169078 Details for
Bug 208144
[maintainer update] [patch] www/mod_security: update to 2.9.1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
mod_security rework v1
PR_208144.diff (text/plain), 5.49 KB, created by
Olli Hauer
on 2016-04-07 18:52:14 UTC
(
hide
)
Description:
mod_security rework v1
Filename:
MIME Type:
Creator:
Olli Hauer
Created:
2016-04-07 18:52:14 UTC
Size:
5.49 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 412672) >+++ Makefile (working copy) >@@ -1,7 +1,7 @@ > # $FreeBSD$ > > PORTNAME= mod_security >-PORTVERSION= 2.9.0 >+PORTVERSION= 2.9.1 > CATEGORIES= www security > MASTER_SITES= http://www.modsecurity.org/tarball/${PORTVERSION}/ > PKGNAMEPREFIX= ${APACHE_PKGNAMEPREFIX} >@@ -34,18 +34,16 @@ > > SUB_FILES+= pkg-message > SUB_FILES+= README >-SUB_LIST+= APACHEETCDIR="${APACHEETCDIR}" >-SUB_LIST+= APACHEMODDIR="${APACHEMODDIR}" >+SUB_FILES+= ${APMOD_FILE}.sample >+APMOD_FILE= 280_${PORTNAME}.conf >+SUB_LIST+= APMOD_FILE=${APMOD_FILE} > >-PLIST_SUB+= APXS="${APXS}" >-PLIST_SUB+= APACHEMODDIR="${APACHEMODDIR}" >- > OPTIONS_DEFINE= DOCS FUZZYHASH LUA MLOGC > OPTIONS_SUB= yes > > LUA_CONFIGURE_ON= --with-lua=${LOCALBASE} > LUA_CONFIGURE_OFF+= --without-lua >-LUA_USES= lua:51 >+LUA_USES= lua:51+ > > MLOGC_DESC= Build ModSecurity Log Collector > MLOGC_CONFIGURE_ON= --disable-errors >@@ -79,4 +77,7 @@ > (cd ${WRKSRC} && ${COPYTREE_SHARE} doc ${STAGEDIR}${DOCSDIR}) > ${INSTALL_DATA} ${WRKDIR}/README ${STAGEDIR}${DOCSDIR} > >+ @${MKDIR} ${STAGEDIR}${PREFIX}/${APACHEETCDIR}/modules.d >+ ${INSTALL_DATA} ${WRKDIR}/${APMOD_FILE}.sample ${STAGEDIR}${PREFIX}/${APACHEETCDIR}/modules.d >+ > .include <bsd.port.mk> >Index: distinfo >=================================================================== >--- distinfo (revision 412672) >+++ distinfo (working copy) >@@ -1,2 +1,2 @@ >-SHA256 (modsecurity-2.9.0.tar.gz) = e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434 >-SIZE (modsecurity-2.9.0.tar.gz) = 4246467 >+SHA256 (modsecurity-2.9.1.tar.gz) = 958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 >+SIZE (modsecurity-2.9.1.tar.gz) = 4261212 >Index: files/280_mod_security.conf.sample.in >=================================================================== >--- files/280_mod_security.conf.sample.in (revision 0) >+++ files/280_mod_security.conf.sample.in (working copy) >@@ -0,0 +1,25 @@ >+## $FreeBSD$ >+## vim: set filetype=apache: >+## >+## module file for mod_security >+## >+## PROVIDE: mod_security2 >+## REQUIRE: mod_unique_id >+ >+## >+## To enable ModSecurity in Apache, enable the modules >+## mod_unique_id (in httpd.conf) and >+## mod_security2 in this config file >+## >+## Additional load the rules with an Include line from >+## %%ETCDIR%%/*.conf >+## >+## Most users will use the signatures from the OWASP Core Rule Set (CRS). >+## For configuration instructions, see %%DOCSDIR%%/README. >+## >+ >+## apache modules for mod_security >+#LoadModule unique_id_module %%APACHEMODDIR%%/mod_unique_id.so >+#LoadModule security2_module %%APACHEMODDIR%%/mod_security2.so >+#Include %%ETCDIR%%/*.conf >+ > >Property changes on: files/280_mod_security.conf.sample.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:keywords >## -0,0 +1 ## >+FreeBSD=%H >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/README.in >=================================================================== >--- files/README.in (revision 412672) >+++ files/README.in (working copy) >@@ -3,9 +3,13 @@ > > To enable ModSecurity in Apache, add the following to your httpd.conf: > >+ LoadModule unique_id_module %%APACHEMODDIR%%/mod_unique_id.so > LoadModule security2_module %%APACHEMODDIR%%/mod_security2.so >- Include etc/modsecurity/*.conf >+ Include %%ETCDIR%%/*.conf > >+ModSecurity has various configuration options. >+To change them, edit modsecurity/modsecurity.conf. >+ > Getting the Core Rule Set > ------------------------- > >@@ -16,11 +20,13 @@ > under it. > > pkg install git >- cd /usr/local/etc/modsecurity >+ cd %%ETCDIR%% > git clone https://github.com/SpiderLabs/owasp-modsecurity-crs > cp owasp-modsecurity-crs/modsecurity_crs_10_setup.conf.example \ > crs.conf > >+The CRS has various config options. To change them, edit crs.conf. >+ > To activate the CRS base rules, add the following to your httpd.conf: > > Include etc/modsecurity/owasp-modsecurity-crs/base_rules/*.conf >@@ -78,6 +84,6 @@ > You probably want to keep the CRS updated from time to time. You can > do this with Git: > >- cd /usr/local/etc/modsecurity/owasp-modsecurity-crs >+ cd %%ETCDIR%%/owasp-modsecurity-crs > git pull > apachectl restart >Index: files/pkg-message.in >=================================================================== >--- files/pkg-message.in (revision 412672) >+++ files/pkg-message.in (working copy) >@@ -1,9 +1,8 @@ > > You have installed ModSecurity. >-To enable ModSecurity in Apache, add the following to your httpd.conf: >+To enable ModSecurity in Apache, follow the instructions in > >- LoadModule security2_module %%APACHEMODDIR%%/mod_security2.so >- Include etc/modsecurity/*.conf >+ %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% > > Most users will use the signatures from the OWASP Core Rule Set (CRS). > For configuration instructions, see %%DOCSDIR%%/README. >Index: pkg-plist >=================================================================== >--- pkg-plist (revision 412672) >+++ pkg-plist (working copy) >@@ -1,8 +1,8 @@ >+%%MLOGC%%bin/mlogc >+%%MLOGC%%bin/mlogc-batch-load.pl > bin/rules-updater.pl >-lib/mod_security2.so >-%%APACHEMODDIR%%/mod_security2.so >-@comment @exec %%APXS%% -e -n unique_id -a %%APACHEMODDIR%%/mod_unique_id.so >+@sample %%APACHEETCDIR%%/modules.d/280_mod_security.conf.sample > @sample %%ETCDIR%%/modsecurity.conf.sample > %%ETCDIR%%/unicode.mapping >-%%MLOGC%%bin/mlogc >-%%MLOGC%%bin/mlogc-batch-load.pl >+lib/%%AP_MODULE%% >+%%APACHEMODDIR%%/%%AP_MODULE%%
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=169078">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 208144
:
168395
|
168396
|
168797
|
168798
| 169078 |
169368