Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 16 Apr 2016 18:10:46 +0000 (UTC)
From:      Olli Hauer <ohauer@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r413475 - in branches/2016Q2/www/mod_security: . files
Message-ID:  <201604161810.u3GIAk5x076094@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: ohauer
Date: Sat Apr 16 18:10:46 2016
New Revision: 413475
URL: https://svnweb.freebsd.org/changeset/ports/413475

Log:
  MFH: r413465
  
  - update to 2.9.1
  - install etc/apache2x/modules.d/280_mod_security.conf.sample
  - adjust README and pkg-message to reflect new module activation
  - adjust and sort pkg-plist
  
  Changes:
  - ModSecurity: update to 2.9.1
  - Add support for Lua 5.1 or higher (was 5.1 only)
  - pkg-plist: bring back mod_unique_id activation, fix deprecated @exec
  - README: point user to configuration files
  
  PR:		208144
  Submitted by:	Walter Hop (maintainer)
  
  Approved by:	ports-secteam (jason)

Added:
  branches/2016Q2/www/mod_security/files/280_mod_security.conf.sample.in
     - copied unchanged from r413465, head/www/mod_security/files/280_mod_security.conf.sample.in
Modified:
  branches/2016Q2/www/mod_security/Makefile
  branches/2016Q2/www/mod_security/distinfo
  branches/2016Q2/www/mod_security/files/README.in
  branches/2016Q2/www/mod_security/files/pkg-message.in
  branches/2016Q2/www/mod_security/pkg-plist
Directory Properties:
  branches/2016Q2/   (props changed)

Modified: branches/2016Q2/www/mod_security/Makefile
==============================================================================
--- branches/2016Q2/www/mod_security/Makefile	Sat Apr 16 18:08:55 2016	(r413474)
+++ branches/2016Q2/www/mod_security/Makefile	Sat Apr 16 18:10:46 2016	(r413475)
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	mod_security
-PORTVERSION=	2.9.0
+PORTVERSION=	2.9.1
 CATEGORIES=	www security
 MASTER_SITES=	http://www.modsecurity.org/tarball/${PORTVERSION}/
 PKGNAMEPREFIX=	${APACHE_PKGNAMEPREFIX}
@@ -34,18 +34,16 @@ DOCSDIR=	${PREFIX}/share/doc/${MODULENAM
 
 SUB_FILES+=	pkg-message
 SUB_FILES+=	README
-SUB_LIST+=	APACHEETCDIR="${APACHEETCDIR}"
-SUB_LIST+=	APACHEMODDIR="${APACHEMODDIR}"
-
-PLIST_SUB+=	APXS="${APXS}"
-PLIST_SUB+=	APACHEMODDIR="${APACHEMODDIR}"
+SUB_FILES+=	${APMOD_FILE}.sample
+APMOD_FILE=	280_${PORTNAME}.conf
+SUB_LIST+=	APMOD_FILE=${APMOD_FILE}
 
 OPTIONS_DEFINE=	DOCS FUZZYHASH LUA MLOGC
 OPTIONS_SUB=	yes
 
 LUA_CONFIGURE_ON=	--with-lua=${LOCALBASE}
 LUA_CONFIGURE_OFF+=	--without-lua
-LUA_USES=		lua:51
+LUA_USES=		lua:51+
 
 MLOGC_DESC=		Build ModSecurity Log Collector
 MLOGC_CONFIGURE_ON=	--disable-errors
@@ -79,4 +77,7 @@ post-install:
 	(cd ${WRKSRC} && ${COPYTREE_SHARE} doc ${STAGEDIR}${DOCSDIR})
 	${INSTALL_DATA} ${WRKDIR}/README ${STAGEDIR}${DOCSDIR}
 
+	@${MKDIR} ${STAGEDIR}${PREFIX}/${APACHEETCDIR}/modules.d
+	${INSTALL_DATA} ${WRKDIR}/${APMOD_FILE}.sample ${STAGEDIR}${PREFIX}/${APACHEETCDIR}/modules.d
+
 .include <bsd.port.mk>

Modified: branches/2016Q2/www/mod_security/distinfo
==============================================================================
--- branches/2016Q2/www/mod_security/distinfo	Sat Apr 16 18:08:55 2016	(r413474)
+++ branches/2016Q2/www/mod_security/distinfo	Sat Apr 16 18:10:46 2016	(r413475)
@@ -1,2 +1,2 @@
-SHA256 (modsecurity-2.9.0.tar.gz) = e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434
-SIZE (modsecurity-2.9.0.tar.gz) = 4246467
+SHA256 (modsecurity-2.9.1.tar.gz) = 958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24
+SIZE (modsecurity-2.9.1.tar.gz) = 4261212

Copied: branches/2016Q2/www/mod_security/files/280_mod_security.conf.sample.in (from r413465, head/www/mod_security/files/280_mod_security.conf.sample.in)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2016Q2/www/mod_security/files/280_mod_security.conf.sample.in	Sat Apr 16 18:10:46 2016	(r413475, copy of r413465, head/www/mod_security/files/280_mod_security.conf.sample.in)
@@ -0,0 +1,25 @@
+## $FreeBSD$
+## vim: set filetype=apache:
+##
+## module file for mod_security
+##
+## PROVIDE: mod_security2
+## REQUIRE: mod_unique_id
+
+##
+## To enable ModSecurity in Apache, enable the modules
+##  mod_unique_id (in httpd.conf) and
+##  mod_security2 in this config file
+##
+## Additionally, load configuration and rules with an Include line from
+##  %%ETCDIR%%/*.conf
+##
+## Most users will use the signatures from the OWASP Core Rule Set (CRS).
+## For configuration instructions, see %%DOCSDIR%%/README.
+##
+
+## apache modules for mod_security
+#LoadModule unique_id_module %%APACHEMODDIR%%/mod_unique_id.so
+#LoadModule security2_module %%APACHEMODDIR%%/mod_security2.so
+#Include %%ETCDIR%%/*.conf
+

Modified: branches/2016Q2/www/mod_security/files/README.in
==============================================================================
--- branches/2016Q2/www/mod_security/files/README.in	Sat Apr 16 18:08:55 2016	(r413474)
+++ branches/2016Q2/www/mod_security/files/README.in	Sat Apr 16 18:10:46 2016	(r413475)
@@ -1,10 +1,14 @@
 Configuring ModSecurity on FreeBSD
 ----------------------------------
 
-To enable ModSecurity in Apache, add the following to your httpd.conf:
+To enable ModSecurity in Apache, follow the instructions in
 
-  LoadModule security2_module %%APACHEMODDIR%%/mod_security2.so
-  Include etc/modsecurity/*.conf
+ %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%%
+
+ModSecurity has various configuration options.
+To change them, edit the following file:
+
+ %%ETCDIR%%/modsecurity.conf
 
 Getting the Core Rule Set
 -------------------------
@@ -16,11 +20,13 @@ for all our ModSecurity related stuff, a
 under it.
 
   pkg install git
-  cd /usr/local/etc/modsecurity
+  cd %%ETCDIR%%
   git clone https://github.com/SpiderLabs/owasp-modsecurity-crs
   cp owasp-modsecurity-crs/modsecurity_crs_10_setup.conf.example \
     crs.conf
 
+The CRS has various config options. To change them, edit crs.conf.
+
 To activate the CRS base rules, add the following to your httpd.conf:
 
   Include etc/modsecurity/owasp-modsecurity-crs/base_rules/*.conf
@@ -78,6 +84,6 @@ exceptions.
 You probably want to keep the CRS updated from time to time. You can
 do this with Git:
 
-  cd /usr/local/etc/modsecurity/owasp-modsecurity-crs
+  cd %%ETCDIR%%/owasp-modsecurity-crs
   git pull
   apachectl restart

Modified: branches/2016Q2/www/mod_security/files/pkg-message.in
==============================================================================
--- branches/2016Q2/www/mod_security/files/pkg-message.in	Sat Apr 16 18:08:55 2016	(r413474)
+++ branches/2016Q2/www/mod_security/files/pkg-message.in	Sat Apr 16 18:10:46 2016	(r413475)
@@ -1,9 +1,8 @@
 
 You have installed ModSecurity.
-To enable ModSecurity in Apache, add the following to your httpd.conf:
+To enable ModSecurity in Apache, follow the instructions in 
 
-  LoadModule security2_module %%APACHEMODDIR%%/mod_security2.so
-  Include etc/modsecurity/*.conf
+ %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%%
 
 Most users will use the signatures from the OWASP Core Rule Set (CRS).
 For configuration instructions, see %%DOCSDIR%%/README.

Modified: branches/2016Q2/www/mod_security/pkg-plist
==============================================================================
--- branches/2016Q2/www/mod_security/pkg-plist	Sat Apr 16 18:08:55 2016	(r413474)
+++ branches/2016Q2/www/mod_security/pkg-plist	Sat Apr 16 18:10:46 2016	(r413475)
@@ -1,8 +1,8 @@
+%%MLOGC%%bin/mlogc
+%%MLOGC%%bin/mlogc-batch-load.pl
 bin/rules-updater.pl
-lib/mod_security2.so
-%%APACHEMODDIR%%/mod_security2.so
-@comment @exec %%APXS%% -e -n unique_id -a %%APACHEMODDIR%%/mod_unique_id.so
+@sample %%APACHEETCDIR%%/modules.d/280_mod_security.conf.sample
 @sample %%ETCDIR%%/modsecurity.conf.sample
 %%ETCDIR%%/unicode.mapping
-%%MLOGC%%bin/mlogc
-%%MLOGC%%bin/mlogc-batch-load.pl
+lib/%%AP_MODULE%%
+%%APACHEMODDIR%%/%%AP_MODULE%%



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201604161810.u3GIAk5x076094>