Update to 2.5.9

 * Fixed PDF XSS issue where a non-GET request for a PDF file would crash the
   Apache httpd process.  Discovered by Steve Grubb at Red Hat.

 * Removed an invalid "Internal error: Issuing "%s" for unspecified error."
   message that was logged when denying with nolog/noauditlog set and
   causing the request to be audited.

 * Fixed parsing multipart content with a missing part header name which
   would crash Apache.  Discovered by "Internet Security Auditors"
   (isecauditors.com).

 * Added ability to specify the config script directly using --with-apr
   and --with-apu.

 * Updated copyright year to 2009.

 * Added macro expansion for append/prepend action.

 * Fixed race condition in concurrent updates of persistent counters.  Updates
   are now atomic.

 * Cleaned up build, adding an option for verbose configure output and making
   the mlogc build more portable.

4 files changed, 39 insertions, 11 deletions

diff --git a/security/ap-modsecurity2/Makefile b/security/ap-modsecurity2/Makefile
index cc4c5ca326e..9de3bf19730 100644
--- a/security/ap-modsecurity2/Makefile
+++ b/security/ap-modsecurity2/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2009/02/23 22:01:11 adrianp Exp $
+# $NetBSD: Makefile,v 1.13 2009/03/14 13:45:38 adrianp Exp $
 
-DISTNAME=	modsecurity-apache_2.5.7
+DISTNAME=	modsecurity-apache_2.5.9
 PKGNAME=	${APACHE_PKG_PREFIX}-${DISTNAME:S/apache_//}
-PKGREVISION=	1
 CATEGORIES=	www security
 MASTER_SITES=	http://www.modsecurity.org/download/
 
@@ -23,10 +22,14 @@ USE_LANGUAGES+=		c++ c
 
 CONFIGURE_ARGS+=	--with-apxs=${PREFIX}/sbin/apxs
 CONFIGURE_ARGS+=	--with-pcre=${PREFIX}
-CONFIGURE_ARGS+=	--with-apr=${PREFIX}
-CONFIGURE_ARGS+=	--with-apu=${PREFIX}
 CONFIGURE_ARGS+=        --with-libxml=${PREFIX}
 
+SUBST_CLASSES+=		config
+SUBST_STAGE.config=	post-patch
+SUBST_FILES.config=	configure
+SUBST_SED.config=       -e "s|@@PREFIX@@|${PREFIX}|g"
+SUBST_MESSAGE.config=   Fixing configuration files.
+
 EGDIR=			${PREFIX}/share/examples/ap-modsecurity
 CONF_FILES=		${EGDIR}/modsecurity.conf-minimal \
 			${PKG_SYSCONFDIR}/httpd/modsecurity.conf
diff --git a/security/ap-modsecurity2/PLIST b/security/ap-modsecurity2/PLIST
index 1c9918cdab5..82e55ae4e72 100644
--- a/security/ap-modsecurity2/PLIST
+++ b/security/ap-modsecurity2/PLIST
@@ -1,11 +1,10 @@
-@comment $NetBSD: PLIST,v 1.4 2008/10/12 12:50:17 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.5 2009/03/14 13:45:38 adrianp Exp $
 lib/httpd/mod_security2.so
 share/doc/ap-modsecurity/apache_request_cycle-modsecurity.jpg
 share/doc/ap-modsecurity/breach-logo-small.gif
 share/doc/ap-modsecurity/html-multipage/actions.html
 share/doc/ap-modsecurity/html-multipage/ar01s11.html
 share/doc/ap-modsecurity/html-multipage/ar01s12.html
-share/doc/ap-modsecurity/html-multipage/ar01s13.html
 share/doc/ap-modsecurity/html-multipage/configuration-directives.html
 share/doc/ap-modsecurity/html-multipage/installation.html
 share/doc/ap-modsecurity/html-multipage/introduction.html
@@ -26,6 +25,9 @@ share/doc/ap-modsecurity/index.html
 share/doc/ap-modsecurity/modsecurity2-apache-reference.html
 share/doc/ap-modsecurity/modsecurity2-apache-reference.pdf
 share/doc/ap-modsecurity/modsecurity2-apache-reference.xml
+share/doc/ap-modsecurity/modsecurity2-data-formats.html
+share/doc/ap-modsecurity/modsecurity2-data-formats.pdf
+share/doc/ap-modsecurity/modsecurity2-data-formats.xml
 share/doc/ap-modsecurity/modsecurity.gif
 share/doc/ap-modsecurity/modsecurity-reference.css
 share/examples/ap-modsecurity/modsecurity.conf-minimal
diff --git a/security/ap-modsecurity2/distinfo b/security/ap-modsecurity2/distinfo
index 332ebc332f1..4e41638bba8 100644
--- a/security/ap-modsecurity2/distinfo
+++ b/security/ap-modsecurity2/distinfo
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.5 2008/10/12 12:50:17 adrianp Exp $
+$NetBSD: distinfo,v 1.6 2009/03/14 13:45:38 adrianp Exp $
 
-SHA1 (modsecurity-apache_2.5.7.tar.gz) = 29a4f8f376dbc1ab3b05c943a1a3c1e4a9e8196a
-RMD160 (modsecurity-apache_2.5.7.tar.gz) = 063f68123bc8b70a4abc457c3794d751ab1ebede
-Size (modsecurity-apache_2.5.7.tar.gz) = 1117167 bytes
+SHA1 (modsecurity-apache_2.5.9.tar.gz) = 875919332a918956371fe8e2f7e46d88081857cf
+RMD160 (modsecurity-apache_2.5.9.tar.gz) = adab10e5eab50f0d114e3ccb47c343e744119c8f
+Size (modsecurity-apache_2.5.9.tar.gz) = 1252295 bytes
+SHA1 (patch-aa) = 19642ee3f22bd502208ee868cf24fb050bd2c56d
diff --git a/security/ap-modsecurity2/patches/patch-aa b/security/ap-modsecurity2/patches/patch-aa
new file mode 100644
index 00000000000..b5a531d110a
--- /dev/null
+++ b/security/ap-modsecurity2/patches/patch-aa
@@ -0,0 +1,22 @@
+$NetBSD: patch-aa,v 1.6 2009/03/14 13:45:38 adrianp Exp $
+
+--- configure.orig	2009-03-12 06:15:45.000000000 +0000
++++ configure
+@@ -5479,7 +5479,7 @@ fi
+ 
+ if test -z "${with_apr}"; then
+         if test -z "${apr_path}"; then
+-        test_paths="/usr/local/apr /usr/local /usr"
++        test_paths="@@PREFIX@@ /usr/local/apr /usr/local /usr"
+     else
+         test_paths="${apr_path}"
+     fi
+@@ -5562,7 +5562,7 @@ fi
+ 
+ if test -z "${with_apu}"; then
+         if test -z "${apu_path}"; then
+-        test_paths="/usr/local/apr-util /usr/local/apu /usr/local/apr /usr/local /usr"
++        test_paths="@@PREFIX@@ /usr/local/apr-util /usr/local/apu /usr/local/apr /usr/local /usr"
+     else
+         test_paths="${apu_path}"
+     fi