2021-12-07 22:43:30 +00:00
|
|
|
{ lib, stdenv, fetchFromGitHub
|
|
|
|
, autoreconfHook, bison, flex, pkg-config
|
2022-06-14 20:41:57 +00:00
|
|
|
, curl, geoip, libmaxminddb, libxml2, lmdb, lua, pcre, pcre2, ssdeep, yajl
|
2022-02-14 23:11:06 +00:00
|
|
|
, nixosTests
|
2021-12-07 22:43:30 +00:00
|
|
|
}:
|
2017-12-11 22:23:02 +00:00
|
|
|
|
|
|
|
stdenv.mkDerivation rec {
|
2019-08-15 12:41:18 +00:00
|
|
|
pname = "libmodsecurity";
|
2022-09-08 15:06:18 +00:00
|
|
|
version = "3.0.8";
|
2017-12-11 22:23:02 +00:00
|
|
|
|
|
|
|
src = fetchFromGitHub {
|
|
|
|
owner = "SpiderLabs";
|
|
|
|
repo = "ModSecurity";
|
2017-12-17 10:04:11 +00:00
|
|
|
rev = "v${version}";
|
2022-09-08 15:06:18 +00:00
|
|
|
sha256 = "sha256-Xqg7Y6i5pG1WGDLE7Zry+6ZN5o1LpmpOwEL67LlzIDk=";
|
2021-12-07 22:43:30 +00:00
|
|
|
fetchSubmodules = true;
|
2017-12-11 22:23:02 +00:00
|
|
|
};
|
|
|
|
|
2021-12-07 22:43:30 +00:00
|
|
|
nativeBuildInputs = [ autoreconfHook bison flex pkg-config ];
|
2022-06-14 20:41:57 +00:00
|
|
|
buildInputs = [ curl geoip libmaxminddb libxml2 lmdb lua pcre pcre2 ssdeep yajl ];
|
2017-12-11 22:23:02 +00:00
|
|
|
|
2021-12-07 22:43:30 +00:00
|
|
|
outputs = [ "out" "dev" ];
|
2017-12-11 22:23:02 +00:00
|
|
|
|
|
|
|
configureFlags = [
|
2021-12-07 22:43:30 +00:00
|
|
|
"--enable-parser-generation"
|
2022-06-14 20:41:57 +00:00
|
|
|
"--disable-doxygen-doc"
|
2017-12-11 22:23:02 +00:00
|
|
|
"--with-curl=${curl.dev}"
|
|
|
|
"--with-libxml=${libxml2.dev}"
|
2021-12-07 22:43:30 +00:00
|
|
|
"--with-lmdb=${lmdb.out}"
|
|
|
|
"--with-maxmind=${libmaxminddb}"
|
2017-12-11 22:23:02 +00:00
|
|
|
"--with-pcre=${pcre.dev}"
|
2022-06-14 20:41:57 +00:00
|
|
|
"--with-pcre2=${pcre2.out}"
|
2021-12-07 22:43:30 +00:00
|
|
|
"--with-ssdeep=${ssdeep}"
|
2017-12-11 22:23:02 +00:00
|
|
|
];
|
|
|
|
|
2021-12-07 22:43:30 +00:00
|
|
|
postPatch = ''
|
|
|
|
substituteInPlace build/lmdb.m4 \
|
|
|
|
--replace "\''${path}/include/lmdb.h" "${lmdb.dev}/include/lmdb.h" \
|
|
|
|
--replace "lmdb_inc_path=\"\''${path}/include\"" "lmdb_inc_path=\"${lmdb.dev}/include\""
|
2022-06-14 20:41:57 +00:00
|
|
|
substituteInPlace build/pcre2.m4 \
|
|
|
|
--replace "/usr/local/pcre2" "${pcre2.out}/lib" \
|
|
|
|
--replace "\''${path}/include/pcre2.h" "${pcre2.dev}/include/pcre2.h" \
|
|
|
|
--replace "pcre2_inc_path=\"\''${path}/include\"" "pcre2_inc_path=\"${pcre2.dev}/include\""
|
2021-12-07 22:43:30 +00:00
|
|
|
substituteInPlace build/ssdeep.m4 \
|
|
|
|
--replace "/usr/local/libfuzzy" "${ssdeep}/lib" \
|
|
|
|
--replace "\''${path}/include/fuzzy.h" "${ssdeep}/include/fuzzy.h" \
|
|
|
|
--replace "ssdeep_inc_path=\"\''${path}/include\"" "ssdeep_inc_path=\"${ssdeep}/include\""
|
|
|
|
substituteInPlace modsecurity.conf-recommended \
|
|
|
|
--replace "SecUnicodeMapFile unicode.mapping 20127" "SecUnicodeMapFile $out/share/modsecurity/unicode.mapping 20127"
|
|
|
|
'';
|
|
|
|
|
|
|
|
postInstall = ''
|
|
|
|
mkdir -p $out/share/modsecurity
|
|
|
|
cp ${src}/{AUTHORS,CHANGES,LICENSE,README.md,modsecurity.conf-recommended,unicode.mapping} $out/share/modsecurity
|
|
|
|
'';
|
|
|
|
|
2019-05-21 18:31:29 +00:00
|
|
|
enableParallelBuilding = true;
|
|
|
|
|
2022-02-14 23:11:06 +00:00
|
|
|
passthru.tests = {
|
|
|
|
nginx-modsecurity = nixosTests.nginx-modsecurity;
|
|
|
|
};
|
|
|
|
|
2021-01-11 07:54:33 +00:00
|
|
|
meta = with lib; {
|
2021-12-07 22:43:30 +00:00
|
|
|
homepage = "https://github.com/SpiderLabs/ModSecurity";
|
2017-12-11 22:23:02 +00:00
|
|
|
description = ''
|
2017-12-17 10:04:11 +00:00
|
|
|
ModSecurity v3 library component.
|
2017-12-11 22:23:02 +00:00
|
|
|
'';
|
|
|
|
longDescription = ''
|
|
|
|
Libmodsecurity is one component of the ModSecurity v3 project. The
|
|
|
|
library codebase serves as an interface to ModSecurity Connectors taking
|
|
|
|
in web traffic and applying traditional ModSecurity processing. In
|
|
|
|
general, it provides the capability to load/interpret rules written in
|
|
|
|
the ModSecurity SecRules format and apply them to HTTP content provided
|
|
|
|
by your application via Connectors.
|
|
|
|
'';
|
|
|
|
license = licenses.asl20;
|
|
|
|
platforms = platforms.all;
|
|
|
|
maintainers = with maintainers; [ izorkin ];
|
|
|
|
};
|
|
|
|
}
|