From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1695947-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits))
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id 026AA1581F3
for <garchives@archives.gentoo.org>; Sun, 1 Dec 2024 12:12:48 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id E1890E0829;
Sun, 1 Dec 2024 12:12:46 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits))
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id C49FBE082F
for <gentoo-commits@lists.gentoo.org>; Sun, 1 Dec 2024 12:12:45 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(No client certificate requested)
by smtp.gentoo.org (Postfix) with ESMTPS id DADF1342F93
for <gentoo-commits@lists.gentoo.org>; Sun, 1 Dec 2024 12:12:44 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
by oystercatcher.gentoo.org (Postfix) with ESMTP id 40C5817CC
for <gentoo-commits@lists.gentoo.org>; Sun, 1 Dec 2024 12:12:43 +0000 (UTC)
From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" <sam@gentoo.org>
Message-ID: <1733054805.7b148743444421207e067d25ebda49b07f21e96c.sam@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: www-apache/mod_security/
X-VCS-Repository: repo/gentoo
X-VCS-Files: www-apache/mod_security/Manifest www-apache/mod_security/metadata.xml www-apache/mod_security/mod_security-2.9.8.ebuild
X-VCS-Directories: www-apache/mod_security/
X-VCS-Committer: sam
X-VCS-Committer-Name: Sam James
X-VCS-Revision: 7b148743444421207e067d25ebda49b07f21e96c
X-VCS-Branch: master
Date: Sun, 1 Dec 2024 12:12:43 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 5243ba01-3504-4c78-bec3-ef0f6b4f7c0c
X-Archives-Hash: ec90917bb344dd6eb8f3360fd299026e
commit: 7b148743444421207e067d25ebda49b07f21e96c
Author: Tomáš Mózes <hydrapolic <AT> gmail <DOT> com>
AuthorDate: Sat Oct 19 05:58:31 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Dec 1 12:06:45 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7b148743
www-apache/mod_security: add 2.9.8
Project owner changed from Trustwave to OWASP:
https://owasp.org/blog/2024/01/09/ModSecurity
Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/39039
Signed-off-by: Sam James <sam <AT> gentoo.org>
www-apache/mod_security/Manifest | 1 +
www-apache/mod_security/metadata.xml | 2 +-
www-apache/mod_security/mod_security-2.9.8.ebuild | 131 ++++++++++++++++++++++
3 files changed, 133 insertions(+), 1 deletion(-)
diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest
index fbf1cffc7c4f..8d5e87be1090 100644
--- a/www-apache/mod_security/Manifest
+++ b/www-apache/mod_security/Manifest
@@ -1 +1,2 @@
DIST modsecurity-2.9.7.tar.gz 4320766 BLAKE2B 2e0c62ae4f6fcef0b41bf1f74ab5acbae485e728f35bf621a96e622d86e2256c7e052d3a452ff49a4c4cb824243e71a706f9a5868bb3f77e37191a1dfe1b371b SHA512 a333d142f0dedf332a3cccca8267ccf9193cd4ad5a026b3cdbe0713dd1f3edde33739eae8baced2c63409cc0b220001e0a226ea032874a97c08e4065eb1fbdd5
+DIST modsecurity-v2.9.8.tar.gz 4341347 BLAKE2B 27563e06bbf86c8c84f851b20c3e281798fbcb3056abe6097493cca510b58a13f059bd510b5c7c1f75cd3347872ba2a93db2ed93d67c094637ae532860135812 SHA512 73d7965e501db0d59e25398360cb33fa34ddd6095e0dbc2df50ace7bbb5b4ad554fbc9b324cc117a82c67ad144b8477a8d55081eaee5d5a8ad692a42761fd367
diff --git a/www-apache/mod_security/metadata.xml b/www-apache/mod_security/metadata.xml
index b17d41d2886d..b68c6fe191ce 100644
--- a/www-apache/mod_security/metadata.xml
+++ b/www-apache/mod_security/metadata.xml
@@ -34,6 +34,6 @@
</use>
<upstream>
- <remote-id type="github">SpiderLabs/ModSecurity</remote-id>
+ <remote-id type="github">owasp-modsecurity/ModSecurity</remote-id>
</upstream>
</pkgmetadata>
diff --git a/www-apache/mod_security/mod_security-2.9.8.ebuild b/www-apache/mod_security/mod_security-2.9.8.ebuild
new file mode 100644
index 000000000000..4138f6a327b8
--- /dev/null
+++ b/www-apache/mod_security/mod_security-2.9.8.ebuild
@@ -0,0 +1,131 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-{1..3} )
+
+inherit autotools apache-module lua-single
+
+MY_PN=modsecurity
+MY_P=${MY_PN}-v${PV}
+
+DESCRIPTION="Application firewall and intrusion detection for Apache"
+HOMEPAGE="https://github.com/owasp-modsecurity/ModSecurity"
+SRC_URI="https://github.com/owasp-modsecurity/ModSecurity/releases/download/v${PV}/${MY_P}.tar.gz"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="doc fuzzyhash geoip jit json lua mlogc pcre2"
+
+REQUIRED_USE="lua? ( ${LUA_REQUIRED_USE} )"
+
+DEPEND="dev-libs/apr:1=
+ dev-libs/apr-util:1[openssl]
+ dev-libs/expat
+ dev-libs/libxml2
+ dev-libs/libpcre[jit?]
+ net-misc/curl
+ sys-apps/util-linux
+ sys-libs/gdbm:=
+ virtual/libcrypt:=
+ fuzzyhash? ( app-crypt/ssdeep )
+ json? ( dev-libs/yajl )
+ lua? ( ${LUA_DEPS} )
+ mlogc? ( net-misc/curl )
+ pcre2? ( dev-libs/libpcre2:= )
+ www-servers/apache[apache2_modules_unique_id]"
+BDEPEND="doc? ( app-text/doxygen )"
+RDEPEND="${DEPEND}
+ geoip? ( dev-libs/geoip )
+ mlogc? ( dev-lang/perl )"
+PDEPEND=">=www-apache/modsecurity-crs-3.3.2"
+
+S="${WORKDIR}/${MY_P}"
+
+APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
+APACHE2_MOD_CONF="79_${PN}"
+APACHE2_MOD_DEFINE="SECURITY"
+
+# Tests require symbols only defined within the Apache binary.
+RESTRICT=test
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.9.3-autoconf_lua_package_name.patch
+)
+
+need_apache2
+
+pkg_setup() {
+ _init_apache2
+ _init_apache2_late
+ use lua && lua-single_pkg_setup
+}
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_configure() {
+ local myconf=(
+ --disable-static
+ --enable-request-early
+ --with-apxs="${APXS}"
+ --with-pic
+ $(use_enable doc docs)
+ $(use_enable jit pcre-jit)
+ $(use_enable lua lua-cache)
+ $(use_enable mlogc)
+ $(use_with fuzzyhash ssdeep)
+ $(use_with json yajl)
+ $(use_with lua)
+ $(use_with pcre2)
+ )
+
+ econf ${myconf[@]}
+}
+
+src_compile() {
+ default
+}
+
+src_install() {
+ apache-module_src_install
+
+ dodoc CHANGES README.md modsecurity.conf-recommended unicode.mapping
+
+ if use doc; then
+ dodoc -r doc/apache/html
+ fi
+
+ if use mlogc; then
+ insinto /etc/
+ newins mlogc/mlogc-default.conf mlogc.conf
+ dobin mlogc/mlogc
+ dobin mlogc/mlogc-batch-load.pl
+ newdoc mlogc/INSTALL INSTALL-mlogc
+ fi
+
+ # Use /var/lib instead of /var/cache. This stuff is "persistent,"
+ # and isn't a cached copy of something that we can recreate.
+ # Bug 605496.
+ keepdir /var/lib/modsecurity
+ fowners apache:apache /var/lib/modsecurity
+ fperms 0750 /var/lib/modsecurity
+ for dir in data tmp upload; do
+ keepdir "/var/lib/modsecurity/${dir}"
+ fowners apache:apache "/var/lib/modsecurity/${dir}"
+ fperms 0750 "/var/lib/modsecurity/${dir}"
+ done
+}
+
+pkg_postinst() {
+ elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}"
+ elog "so that you can put your own configuration in (for example)"
+ elog "90_modsecurity_local.conf."
+ elog ""
+ elog "That would be the correct place for site-global security rules."
+ elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs"
+}