summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Orlitzky <mjo@gentoo.org>2017-05-14 09:44:51 -0400
committerMichael Orlitzky <mjo@gentoo.org>2017-05-14 09:45:18 -0400
commit83490af9b1465bb7cd3cf2c2f5bdc1e630a7b566 (patch)
treea9cefb9983ef786c4a2c1f3bf4372655452bab14 /www-apache
parentwww-apache/mod_security: new revision with updated default configuration. (diff)
downloadgentoo-83490af9b1465bb7cd3cf2c2f5bdc1e630a7b566.tar.gz
gentoo-83490af9b1465bb7cd3cf2c2f5bdc1e630a7b566.tar.bz2
gentoo-83490af9b1465bb7cd3cf2c2f5bdc1e630a7b566.zip
www-apache/modsecurity-crs: new version 3.0.2.
This new version is a companion to the new mod_security-2.9.1. The rule numbering (and loading?) upstream has been completely rewritten, so the ebuild was too: it's a lot simpler now. I based the new ebuild off of the one posted to bug 615750 by Graham E, so thanks are due to him. The "geoip" and "lua" USE flags were dropped in the hopes that the new rule-loading system is smart enough to do the right thing. If not, this may need a revision to disable any rules that won't work with the installed version of mod_security. Gentoo-Bug: 615750 Package-Manager: Portage-2.3.3, Repoman-2.3.1
Diffstat (limited to 'www-apache')
-rw-r--r--www-apache/modsecurity-crs/Manifest1
-rw-r--r--www-apache/modsecurity-crs/files/80_mod_security-crs.conf8
-rw-r--r--www-apache/modsecurity-crs/modsecurity-crs-3.0.2.ebuild52
3 files changed, 61 insertions, 0 deletions
diff --git a/www-apache/modsecurity-crs/Manifest b/www-apache/modsecurity-crs/Manifest
index 543075cf1780..2881284ee80d 100644
--- a/www-apache/modsecurity-crs/Manifest
+++ b/www-apache/modsecurity-crs/Manifest
@@ -1,3 +1,4 @@
DIST modsecurity-crs-2.2.6.tar.gz 291070 SHA256 1c837fc7ace28f732b5034c90a17635e31fe3c9a45425c079fd1fd6bae01b790 SHA512 0e6c2735814dd24ba2329bc756e382b0430937a703d492b2ac00f95af6598903961b43013e99cd49240fe6b7a5439a7b1b3e79c3b7a48828465252dafd586165 WHIRLPOOL d8c85f8e6db07ecbc5a9a680e843f485d87294c71ceeb84aa83e562441ea78db477f9850431ded67371fbe455438fb89fedb5d3070e524abebe53b3c9a039f72
DIST modsecurity-crs-2.2.7.tar.gz 294137 SHA256 54bc74815d6e6c3b476aec673a48e3ce08ee82b76bfe941408efab757aa8a0f7 SHA512 d0d3dac1b391c8ab730cc16546c9508d93c85dd674b2750d12fff99c17e5575b36bea0cf00e06fdd20c2db5dfdbdc3fd7bbaa26502988617632acfde1ee88927 WHIRLPOOL fc72bdbd5c79dffa0b2c65893cb8cdab0708705ce48ca3d49115339a5b4ff8cbe7cc42bcb49abd966243a2e48cb2af290ea125c6de4b185eb8b1c20e7eb66057
DIST modsecurity-crs-2.2.9.tar.gz 279898 SHA256 203669540abf864d40e892acf2ea02ec4ab47f9769747d28d79b6c2a501e3dfc SHA512 fc95cfff9d4ba9a4478c704e5d16e4054e514eb3ffb6343706840aad76607f997b4cc4b8b148adc5cb83743ea7996328d35b8556115de29d6a0e034b67591a09 WHIRLPOOL 8e741a5430905e061ba024e8ae2b5bd08ae19e6ae30d9ca8a0160c9f73afee7bfe57caf73ba7eecebc00e34141f5d46cb1378793a89c8c56966139c10f70c30a
+DIST modsecurity-crs-3.0.2.tar.gz 156751 SHA256 c1fd6b2c2ab8992357b588d9e615ae9e2c34e622206339d93a7817f0da50e67f SHA512 ae8fe9a0f00a57708c8680cb76882214e4f5ff647e13087aaf1bfc7382cefb38d2f3a88eb1f210031b553f56d3e44c12dbdc68f8b0d09fb4a9e2f15a70d885aa WHIRLPOOL 9282a709b0e933143ba80597d7d996b2f1a958ab01986e4a9ef0056f92ee5848e81c2548f20cbe5b1cb13379c0909fdfbd239c8712b1655ee7c8934132aaa74b
diff --git a/www-apache/modsecurity-crs/files/80_mod_security-crs.conf b/www-apache/modsecurity-crs/files/80_mod_security-crs.conf
new file mode 100644
index 000000000000..c6b767a3cf24
--- /dev/null
+++ b/www-apache/modsecurity-crs/files/80_mod_security-crs.conf
@@ -0,0 +1,8 @@
+<IfDefine SECURITY>
+ # Add your custom CRS configuration here. A copy of upstream's
+ # crs-setup.conf.example is includes with the documentation of
+ # modsecurity-crs.
+
+ # Include the rules AFTER your custom configuration.
+ Include /usr/share/modsecurity-crs/rules/*.conf
+</IfDefine>
diff --git a/www-apache/modsecurity-crs/modsecurity-crs-3.0.2.ebuild b/www-apache/modsecurity-crs/modsecurity-crs-3.0.2.ebuild
new file mode 100644
index 000000000000..77271b211900
--- /dev/null
+++ b/www-apache/modsecurity-crs/modsecurity-crs-3.0.2.ebuild
@@ -0,0 +1,52 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+DESCRIPTION="Core Rule Set for ModSecurity"
+HOMEPAGE="https://modsecurity.org/crs/"
+SRC_URI="https://github.com/SpiderLabs/owasp-${PN}/archive/v${PV}.tar.gz
+ -> ${P}.tar.gz"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE=""
+
+DEPEND=""
+RDEPEND=">=www-apache/mod_security-2.9.1"
+
+S="${WORKDIR}/owasp-${P}"
+
+src_install() {
+ insinto "/usr/share/${PN}"
+ doins -r rules
+
+ dodoc CHANGES CONTRIBUTORS KNOWN_BUGS README.md crs-setup.conf.example \
+ id_renumbering/{IDNUMBERING,IdNumbering.csv}
+
+ # I don't think it's worth pulling in apache-module.eclass just for
+ # this path...
+ insinto /etc/apache2/modules.d
+ doins "${FILESDIR}/80_mod_security-crs.conf"
+}
+
+pkg_postinst() {
+ einfo "The CRS configuration file has been installed to"
+ einfo
+ einfo " ${ROOT}etc/apache2/modules.d/80_mod_security-crs.conf"
+ einfo
+ einfo "The CRS rules have been renumbered as of version 3.0.0."
+ einfo "If your configuration refers to any rules based on their"
+ einfo "number, then you will need to update your configuration"
+ einfo "to reflect the new numbering system. You can find more"
+ einfo "information in"
+ einfo
+ einfo " ${ROOT}usr/share/doc/${PF}/IDNUMBERING"
+ einfo
+ einfo "and a CSV file containing the old -> new rule number"
+ einfo "mapping was installed as"
+ einfo
+ einfo " ${ROOT}usr/share/doc/${PF}/IdNumbering.csv"
+ einfo
+}