From 90594b8f52dc89ae6cc0bb5552f646941e2decfc Mon Sep 17 00:00:00 2001 From: Eli Flanagan Date: Thu, 12 Oct 2017 08:37:50 -0400 Subject: [PATCH] modsecurity: 2.9.0 -> 2.9.2 * Enable building on macOS * also fixes an issue where a system Lua install fooled the configure script into thinking it was enabled. --- .../security/modsecurity/Makefile.in.patch | 17 +++++++ pkgs/tools/security/modsecurity/default.nix | 46 +++++++++++-------- 2 files changed, 44 insertions(+), 19 deletions(-) create mode 100644 pkgs/tools/security/modsecurity/Makefile.in.patch diff --git a/pkgs/tools/security/modsecurity/Makefile.in.patch b/pkgs/tools/security/modsecurity/Makefile.in.patch new file mode 100644 index 000000000000..98384c754ce7 --- /dev/null +++ b/pkgs/tools/security/modsecurity/Makefile.in.patch @@ -0,0 +1,17 @@ +--- a/apache2/Makefile.in 2017-10-10 09:45:51.000000000 -0400 ++++ b/apache2/Makefile.in 2017-10-10 09:46:04.000000000 -0400 +@@ -1208,14 +1208,12 @@ + @LINUX_TRUE@ for m in $(pkglib_LTLIBRARIES); do \ + @LINUX_TRUE@ base=`echo $$m | sed 's/\..*//'`; \ + @LINUX_TRUE@ rm -f $(DESTDIR)$(pkglibdir)/$$base.*a; \ +-@LINUX_TRUE@ install -D -m444 $(DESTDIR)$(pkglibdir)/$$base.so $(DESTDIR)$(APXS_MODULES)/$$base.so; \ + @LINUX_TRUE@ done + @LINUX_FALSE@install-exec-hook: $(pkglib_LTLIBRARIES) + @LINUX_FALSE@ @echo "Removing unused static libraries..."; \ + @LINUX_FALSE@ for m in $(pkglib_LTLIBRARIES); do \ + @LINUX_FALSE@ base=`echo $$m | sed 's/\..*//'`; \ + @LINUX_FALSE@ rm -f $(DESTDIR)$(pkglibdir)/$$base.*a; \ +-@LINUX_FALSE@ cp -p $(DESTDIR)$(pkglibdir)/$$base.so $(DESTDIR)$(APXS_MODULES); \ + @LINUX_FALSE@ done + + # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/pkgs/tools/security/modsecurity/default.nix b/pkgs/tools/security/modsecurity/default.nix index a5e03eb3fe16..2c02a5dd4736 100644 --- a/pkgs/tools/security/modsecurity/default.nix +++ b/pkgs/tools/security/modsecurity/default.nix @@ -1,35 +1,43 @@ { stdenv, lib, fetchurl, pkgconfig -, curl, apacheHttpd, pcre, apr, aprutil, libxml2 }: +, curl, apacheHttpd, pcre, apr, aprutil, libxml2 +, luaSupport ? false, lua5 +}: with lib; +let luaValue = if luaSupport then lua5 else "no"; + optional = stdenv.lib.optional; +in + stdenv.mkDerivation rec { name = "modsecurity-${version}"; - version = "2.9.0"; + version = "2.9.2"; src = fetchurl { url = "https://www.modsecurity.org/tarball/${version}/${name}.tar.gz"; - sha256 = "e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434"; + sha256 = "41a8f73476ec891f3a9e8736b98b64ea5c2105f1ce15ea57a1f05b4bf2ffaeb5"; }; nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ curl apacheHttpd pcre apr aprutil libxml2 ]; - configureFlags = [ - "--enable-standalone-module" - "--enable-static" - "--with-curl=${curl.dev}" - "--with-apxs=${apacheHttpd.dev}/bin/apxs" - "--with-pcre=${pcre.dev}" - "--with-apr=${apr.dev}" - "--with-apu=${aprutil.dev}/bin/apu-1-config" - "--with-libxml=${libxml2.dev}" - ]; + buildInputs = [ curl apacheHttpd pcre apr aprutil libxml2 ] ++ + optional luaSupport lua5; + + configureFlags = '' + --enable-standalone-module + --enable-static + --with-curl=${curl.dev} + --with-apxs=${apacheHttpd.dev}/bin/apxs + --with-pcre=${pcre.dev} + --with-apr=${apr.dev} + --with-apu=${aprutil.dev}/bin/apu-1-config + --with-libxml=${libxml2.dev} + --with-lua=${luaValue} + ''; outputs = ["out" "nginx"]; - - preBuild = '' - substituteInPlace apache2/Makefile.in --replace "install -D " "# install -D" - ''; + # by default modsecurity's install script copies compiled output to httpd's modules folder + # this patch removes those lines + patches = [ ./Makefile.in.patch ]; postInstall = '' mkdir -p $nginx @@ -41,6 +49,6 @@ stdenv.mkDerivation rec { license = licenses.asl20; homepage = https://www.modsecurity.org/; maintainers = with maintainers; [offline]; - platforms = platforms.linux; + platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.darwin; }; }