ModSecurity is an open source intrusion detection and prevention engine for

web applications (or a web application firewall). Operating as an Apache Web
server module or standalone, the purpose of ModSecurity is to increase web
application security, protecting web applications from known and unknown
attacks.

This is the 2.x branch of modsecurity and only supports Apache 2.x

8 files changed, 161 insertions, 0 deletions

diff --git a/security/ap-modsecurity2/DESCR b/security/ap-modsecurity2/DESCR
new file mode 100644
index 00000000000..45467f1c8ae
--- /dev/null
+++ b/security/ap-modsecurity2/DESCR
@@ -0,0 +1,5 @@
+ModSecurity is an open source intrusion detection and prevention engine for
+web applications (or a web application firewall). Operating as an Apache Web
+server module or standalone, the purpose of ModSecurity is to increase web
+application security, protecting web applications from known and unknown
+attacks.
diff --git a/security/ap-modsecurity2/MESSAGE b/security/ap-modsecurity2/MESSAGE
new file mode 100644
index 00000000000..9cbfda6f2cf
--- /dev/null
+++ b/security/ap-modsecurity2/MESSAGE
@@ -0,0 +1,21 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1.1.1 2006/11/05 14:33:37 adrianp Exp $
+
+In order to use this module in your Apache installation, you will need
+to add the following to your httpd.conf file:
+
+  LoadModule security2_module lib/httpd/mod_security2.so
+
+In addition to this you will need to specify mod_security configuration
+directives in your httpd.conf.  This can be achieved by adding the
+following to your httpd.conf:
+
+  <IfModule mod_security2.c>
+      Include ${PKG_SYSCONFDIR}/httpd/modsecurity.conf
+  </IfModule>
+
+Example configuration files for modsecurity are available:
+
+  ${PREFIX}/share/examples/ap-security/
+
+===========================================================================
diff --git a/security/ap-modsecurity2/MESSAGE.xml b/security/ap-modsecurity2/MESSAGE.xml
new file mode 100644
index 00000000000..c214312f8ed
--- /dev/null
+++ b/security/ap-modsecurity2/MESSAGE.xml
@@ -0,0 +1,9 @@
+===========================================================================
+$NetBSD: MESSAGE.xml,v 1.1.1.1 2006/11/05 14:33:37 adrianp Exp $
+
+In order to use the XML support in your Apache installation, you will need
+to add the following to your httpd.conf file:
+
+  LoadFile ${PREFIX}/lib/libxml2.so
+
+===========================================================================
diff --git a/security/ap-modsecurity2/Makefile b/security/ap-modsecurity2/Makefile
new file mode 100644
index 00000000000..5909a1e42c6
--- /dev/null
+++ b/security/ap-modsecurity2/Makefile
@@ -0,0 +1,49 @@
+# $NetBSD: Makefile,v 1.1.1.1 2006/11/05 14:33:37 adrianp Exp $
+
+DISTNAME=	modsecurity-apache_2.0.3
+PKGNAME=	${APACHE_PKG_PREFIX}-modsecurity-2.0.3
+CATEGORIES=	www security
+MASTER_SITES=	http://www.modsecurity.org/download/
+
+MAINTAINER=	adrianp@NetBSD.org
+HOMEPAGE=	http://www.modsecurity.org/
+COMMENT=	Intrusion detection and prevention engine for web applications
+
+.include "../../mk/apache.mk"
+.include "options.mk"
+
+PKG_APACHE_ACCEPTED=	apache2
+BUILD_DIRS=		apache2
+EGDIR=			${PREFIX}/share/examples/ap-security
+CONF_FILES=		${EGDIR}/modsecurity.conf-minimal \
+			${PKG_SYSCONFDIR}/httpd/modsecurity.conf
+MESSAGE_SRC+=		${WRKDIR}/.MESSAGE_SRC
+
+SUBST_CLASSES=		make
+SUBST_STAGE.make=	post-patch
+SUBST_FILES.make=	apache2/Makefile
+SUBST_SED.make=         -e "s|@PREFIX@|${PREFIX}|g"
+SUBST_MESSAGE.make=	Fixing Makefiles.
+
+.if !empty(PKG_OPTIONS:Mxml)
+SUBST_SED.make+=	-e "s|@XMLINC@|-I${BUILDLINK_PREFIX.libxml2}/include/libxml2|g"
+SUBST_SED.make+=	-e "s|@XMLDEFS@|-DWITH_LIBXML2|g"
+.else
+SUBST_SED.make+=	-e "s|@XMLINC@||g"
+SUBST_SED.make+=	-e "s|@XMLDEFS@||g"
+.endif
+
+post-build:
+	${CP} ${PKGDIR:Q}/MESSAGE ${WRKDIR:Q}/.MESSAGE_SRC
+.if !empty(PKG_OPTIONS:Mxml)
+	${CP} ${PKGDIR:Q}/MESSAGE.xml ${WRKDIR:Q}/.MESSAGE_SRC.xml
+.endif
+
+post-install:
+	${INSTALL_DATA_DIR} ${EGDIR}
+	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/ap-security
+
+	${INSTALL_DATA} ${WRKSRC}/modsecurity.conf-minimal ${EGDIR}
+	cd ${WRKSRC}/doc && ${PAX} -rw . ${PREFIX}/share/doc/ap-security
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/ap-modsecurity2/PLIST b/security/ap-modsecurity2/PLIST
new file mode 100644
index 00000000000..b16287e13a0
--- /dev/null
+++ b/security/ap-modsecurity2/PLIST
@@ -0,0 +1,25 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2006/11/05 14:33:37 adrianp Exp $
+lib/httpd/mod_security2.so
+share/doc/ap-security/breach-logo-small.gif
+share/doc/ap-security/html-multipage/01-introduction.html
+share/doc/ap-security/html-multipage/02-installation.html
+share/doc/ap-security/html-multipage/03-configuration-directives.html
+share/doc/ap-security/html-multipage/04-processing-phases.html
+share/doc/ap-security/html-multipage/05-variables.html
+share/doc/ap-security/html-multipage/06-transformation-functions.html
+share/doc/ap-security/html-multipage/07-actions.html
+share/doc/ap-security/html-multipage/08-operators.html
+share/doc/ap-security/html-multipage/breach-logo-small.gif
+share/doc/ap-security/html-multipage/index.html
+share/doc/ap-security/html-multipage/modsecurity-reference.css
+share/doc/ap-security/html-multipage/modsecurity.gif
+share/doc/ap-security/index.html
+share/doc/ap-security/modsecurity2-apache-reference.html
+share/doc/ap-security/modsecurity2-apache-reference.pdf
+share/doc/ap-security/modsecurity2-apache-reference.xml
+share/doc/ap-security/modsecurity.gif
+share/doc/ap-security/modsecurity-reference.css
+share/examples/ap-security/modsecurity.conf-minimal
+@dirrm share/doc/ap-security/html-multipage
+@dirrm share/doc/ap-security
+@dirrm share/examples/ap-security
diff --git a/security/ap-modsecurity2/distinfo b/security/ap-modsecurity2/distinfo
new file mode 100644
index 00000000000..0063a4aca98
--- /dev/null
+++ b/security/ap-modsecurity2/distinfo
@@ -0,0 +1,6 @@
+$NetBSD: distinfo,v 1.1.1.1 2006/11/05 14:33:37 adrianp Exp $
+
+SHA1 (modsecurity-apache_2.0.3.tar.gz) = c3bd2ac77cd6a31dfd0fac9fe32547b8dda1d6b1
+RMD160 (modsecurity-apache_2.0.3.tar.gz) = 65c35729ee2a13537adfa4c67a4d6956e119c110
+Size (modsecurity-apache_2.0.3.tar.gz) = 302451 bytes
+SHA1 (patch-aa) = d532ec1523fdcd4b3297d3f3bac4dec26642a709
diff --git a/security/ap-modsecurity2/options.mk b/security/ap-modsecurity2/options.mk
new file mode 100644
index 00000000000..873d06e8a29
--- /dev/null
+++ b/security/ap-modsecurity2/options.mk
@@ -0,0 +1,16 @@
+# $NetBSD: options.mk,v 1.1.1.1 2006/11/05 14:33:37 adrianp Exp $
+
+PKG_OPTIONS_VAR=	PKG_OPTIONS.ap-modsecurity2
+
+PKG_SUPPORTED_OPTIONS=	xml
+PKG_SUGGESTED_OPTIONS=	xml
+
+.include "../../mk/bsd.options.mk"
+
+###
+### Brink in support for libxml2
+###
+.if !empty(PKG_OPTIONS:Mxml)
+.  include "../../textproc/libxml2/buildlink3.mk"
+MESSAGE_SRC+=		${WRKDIR}/.MESSAGE_SRC.xml
+.endif
diff --git a/security/ap-modsecurity2/patches/patch-aa b/security/ap-modsecurity2/patches/patch-aa
new file mode 100644
index 00000000000..72131e77523
--- /dev/null
+++ b/security/ap-modsecurity2/patches/patch-aa
@@ -0,0 +1,30 @@
+$NetBSD: patch-aa,v 1.1.1.1 2006/11/05 14:33:37 adrianp Exp $
+
+--- apache2/Makefile.orig	2006-10-24 18:35:09.000000000 +0100
++++ apache2/Makefile
+@@ -1,7 +1,7 @@
+ builddir     = .
+ 
+ #top_dir      = /usr/share/apache2
+-top_dir      = /home/ivanr/apache22
++top_dir      = @PREFIX@/share/httpd
+ 
+ top_srcdir   = ${top_dir}
+ top_builddir = ${top_dir}
+@@ -11,13 +11,13 @@ include ${top_builddir}/build/special.mk
+ APXS      = apxs
+ APACHECTL = apachectl
+ 
+-INCLUDES = -I /usr/include/libxml2
+-DEFS = -DWITH_LIBXML2
++INCLUDES += -I@PREFIX@/include/httpd @XMLINC@
++DEFS += @XMLDEFS@
+ #LIBS = -Lmy/lib/dir -lmylib
+ 
+-CFLAGS = -g -Wuninitialized -std=c99 -Wall -Wmissing-prototypes -Wshadow -Wunused-variable -Wunused-value -Wchar-subscripts -Wsign-compare
++#CFLAGS = -g -Wuninitialized -std=c99 -Wall -Wmissing-prototypes -Wshadow -Wunused-variable -Wunused-value -Wchar-subscripts -Wsign-compare
+ 
+ all: local-shared-build
+ 
+ clean:
+ 	-rm -f *.o *.lo *.slo *.la *~ .libs