Page MenuHomeFreeBSD

www/nginx: Add mod_security v3 support
ClosedPublic

Authored by joneum on Jul 29 2017, 12:18 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Mar 21, 1:10 PM
Unknown Object (File)
Dec 20 2023, 2:34 AM
Unknown Object (File)
Dec 13 2023, 10:13 PM
Unknown Object (File)
Dec 13 2023, 4:41 PM
Unknown Object (File)
Nov 29 2023, 8:19 PM
Unknown Object (File)
Nov 15 2023, 6:03 PM
Unknown Object (File)
Nov 9 2023, 9:35 PM
Unknown Object (File)
Nov 9 2023, 7:44 PM
Subscribers

Details

Summary
  • Add mod_security v3 support

This update adds support for mod_security version 3 to nginx.
ModSecurity v3 is the next version of ModSecurity currently
under development. It is developed as a library independent of
webservers and can be used from different connectors such
as the ModSecurity-nginx module used by this port

PR: 220353
Reported by: Marius Halden <marius.h@lden.org>
Approved by: xxx (mentor)
#Differential Revision: https://reviews.freebsd.org/Dxxxxx

Test Plan

~/dev/ports/www/nginx % portlint -AC
WARN: Makefile: HTTP_ACCESSKEY appears in PORT_OPTIONS:M, but is not listed in OPTIONS_DEFINE.
WARN: Makefile: HTTP_ACCESSKEY appears in PORT_OPTIONS:M, but is not listed in OPTIONS_DEFINE.
WARN: Makefile: [505]: is USE_HTTP_DAV a user-settable option? Consider using WITH_HTTP_DAV instead.
WARN: Makefile: [928]: is USE_HTTP_REWRITE a user-settable option? Consider using WITH_HTTP_REWRITE instead.
WARN: Makefile: [1133]: is USE_HTTP_SSL a user-settable option? Consider using WITH_HTTP_SSL instead.
WARN: Makefile: [462]: IGNORE messages should begin with a lowercase letter and end without a period.
WARN: Makefile: [309]: possible direct use of command "strip" found. use ${STRIP_CMD} instead.
WARN: Makefile: possible use of absolute pathname "/var".
WARN: Makefile: possible use of absolute pathname "/etc/make.conf".
WARN: Makefile: for new port, make $FreeBSD$ tag in comment section empty, to make SVN happy.
WARN: Makefile: new ports should not set PORTREVISION.
WARN: Makefile: new ports should not set PORTEPOCH.
WARN: Makefile: use of DISTFILES with single file discouraged. distribution filename should be set by DISTNAME and EXTRACT_SUFX.
WARN: Makefile: unless this is a master port, MAINTAINER has to be set by "=", not by "?=".
WARN: Makefile: unless this is a master port, COMMENT has to be set by "=", not by "?=".
WARN: Makefile: LIB_DEPENDS don't specify the ABI version number .3 in libmodsecurity.so.3 unless it is really necessary.
WARN: Makefile: LIB_DEPENDS the new format is libFOO.so (e.g., liblibmodsecurity.so.3.so).
WARN: Makefile: DISTFILES/DISTNAME affects WRKSRC. take caution when changing them.
0 fatal errors and 18 warnings found.

poudriere testport:

10.3-amd64
10.3-i386
11.1-amd64
11.1-i386
12.0-CURRENT r320266 amd64
12.0-CURRENT r320266 i386

Diff Detail

Repository
rP FreeBSD ports repository
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 10738
Build 11135: arc lint + arc unit

Event Timeline

www/nginx/Makefile
914

This is only needed once, maybe it could be put in the GH_TAGNAME directly.

915–917

could be using GH_TUPLE instead of all three variables.

switch to GH_TUPLE for www/mod_security-devel

add new Poudriere logs

The patch and logs look fine, but for completeness, do you also have a log with MODSECURITY_DEVEL turned on?

www/nginx/Makefile
231

"3rd party", not "3ds party"

www/nginx/Makefile
231

thx Rene :-)

This revision is now accepted and ready to land.Aug 4 2017, 8:00 AM
This revision was automatically updated to reflect the committed changes.