From patchwork Fri Jan 10 14:00:16 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Frank Vanbever <frank.vanbever@essensium.com>
X-Patchwork-Id: 1221103
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
	smtp.mailfrom=busybox.net (client-ip=140.211.166.136;
	helo=silver.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=essensium.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=essensium.com header.i=@essensium.com
	header.a=rsa-sha256 header.s=google header.b=Eu3hzTjL;
	dkim-atps=neutral
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 47vPmL1XSyz9sPn
	for <incoming-buildroot@patchwork.ozlabs.org>;
	Sat, 11 Jan 2020 01:01:38 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id A327E220A2;
	Fri, 10 Jan 2020 14:01:36 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id PcgNvun+3R-E; Fri, 10 Jan 2020 14:01:33 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by silver.osuosl.org (Postfix) with ESMTP id 6C444220EF;
	Fri, 10 Jan 2020 14:01:33 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
	by ash.osuosl.org (Postfix) with ESMTP id DD3A61BF3C0
	for <buildroot@lists.busybox.net>;
	Fri, 10 Jan 2020 14:01:10 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by hemlock.osuosl.org (Postfix) with ESMTP id D99D187ED2
	for <buildroot@lists.busybox.net>;
	Fri, 10 Jan 2020 14:01:10 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id RG3UqX9YFkI8 for <buildroot@lists.busybox.net>;
	Fri, 10 Jan 2020 14:01:08 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com
	[209.85.221.54])
	by hemlock.osuosl.org (Postfix) with ESMTPS id 61ADC87C2C
	for <buildroot@buildroot.org>; Fri, 10 Jan 2020 14:01:08 +0000 (UTC)
Received: by mail-wr1-f54.google.com with SMTP id z3so1924737wru.3
	for <buildroot@buildroot.org>; Fri, 10 Jan 2020 06:01:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=essensium.com; s=google;
	h=from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=P3iVjEqLmE8NJ/gu2ziekpKayxv9ceABQ9Wq9IxTBA4=;
	b=Eu3hzTjL1IW5mn5zn38nmYDiDhH0l8tO1GbE9o5jfcQZw9qvxlIVV0e8JnHm2fDUcu
	vhbHVOdgTDhY+3QRzHIsqqwmFBxtAQoWi+3D0nUD158aPrFQXYUAnxgIbtw3d62dAVKf
	DF1b4/yeZPZSuH4UZKbpmvuUZfHWrFcIBz1mr9Ls4FU8G4/D2+PGxEkE6eQLthpzaX7F
	WssdIsQRyZjNVHN2Iv4lJv+jjD2Pt+SKp8u53XaBnsz0TJvS50QBG79PhBqpyG1K3Tm4
	zYrBO4ftkOz00vPBTLmqdxt6KvLQL3uV2aGGXgwNuqDfuvJGUZxTreoFUF1enF9OfeMk
	UtKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=P3iVjEqLmE8NJ/gu2ziekpKayxv9ceABQ9Wq9IxTBA4=;
	b=l48y+kN7cFhXtlTdRyJ1XxtISEU7b/Wt0mwk78lc+/kBBoyv9XSO5rAO3Tyl7Zc7DU
	i8l40gmxZHcPxwm+nZbnraXY5WkWac90E1MHGurvNEvMOl0hcxe1eG+krhMSOoxgL/J9
	29mFfcEmHgb45YFKCst69ICfq80TsUHhCbvolEB4g9ItHg6cdBMIiVwSS3J5fU/kpcJo
	dcJeVuZj81dL4lNqtKitZ/6O++gqbFeQPH5bGNVF3LvQlCotN5ka+nXz+mqp6e7jrCih
	224etN2CiycfOUMgXAKjD4P/CMwdonRx1EbNAtlRsWbrMmcL7Q6d5K+CrKcV9MiPQ3oi
	7iPg==
X-Gm-Message-State: APjAAAWzLRxn1LNddn01AU5Jv64IvN+qFVgQnwnLMzQC9Kfa3E91q+5O
	P2FHZRC7D8I7flvFOmvaVFCHjrtwqAPp8w==
X-Google-Smtp-Source: 
 APXvYqwCHe9qN6zNFrTpPdKC8p5VnqGVjuM/k5JH32js1BT0wiTjtBvUSv7FqgIHKtmGyUUHLbEtAg==
X-Received: by 2002:adf:ee82:: with SMTP id b2mr3976697wro.194.1578664866311;
	Fri, 10 Jan 2020 06:01:06 -0800 (PST)
Received: from wintermute.vanbever.me
	(252.43-242-81.adsl-dyn.isp.belgacom.be. [81.242.43.252])
	by smtp.gmail.com with ESMTPSA id
	z6sm2287979wrw.36.2020.01.10.06.01.05
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Fri, 10 Jan 2020 06:01:05 -0800 (PST)
From: Frank Vanbever <frank.vanbever@essensium.com>
To: buildroot@buildroot.org
Date: Fri, 10 Jan 2020 15:00:16 +0100
Message-Id: <20200110140017.15045-1-frank.vanbever@essensium.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Subject: [Buildroot] [PATCH 1/2] libmodescurity: new package
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Frank Vanbever <frank.vanbever@essensium.com>,
	Samuel Martin <s.martin49@gmail.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
---
 DEVELOPERS                                    |  3 +
 package/Config.in                             |  1 +
 ...-CANONICAL_HOST-cannot-be-determined.patch | 31 ++++++++++
 ...test-for-uClinux-in-configure-script.patch | 28 +++++++++
 package/libmodsecurity/Config.in              | 14 +++++
 package/libmodsecurity/libmodsecurity.hash    |  4 ++
 package/libmodsecurity/libmodsecurity.mk      | 59 +++++++++++++++++++
 7 files changed, 140 insertions(+)
 create mode 100644 package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch
 create mode 100644 package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch
 create mode 100644 package/libmodsecurity/Config.in
 create mode 100644 package/libmodsecurity/libmodsecurity.hash
 create mode 100644 package/libmodsecurity/libmodsecurity.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index 80843dd1a1..534f4d746c 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -955,6 +955,9 @@ F:	package/ucl/
 F:	package/upx/
 F:	package/zxing-cpp/
 
+N:	Frank Vanbever <frank.vanbever@essensium.com>
+F:	package/libmodsecurity/
+
 N:	Gaël Portay <gael.portay@collabora.com>
 F:	package/qt5/qt5virtualkeyboard/
 F:	package/qt5/qt5webengine/
diff --git a/package/Config.in b/package/Config.in
index 873a592d64..190cc4217c 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2032,6 +2032,7 @@ menu "Networking applications"
 	source "package/leafnode2/Config.in"
 	source "package/lft/Config.in"
 	source "package/lftp/Config.in"
+	source "package/libmodsecurity/Config.in"
 	source "package/lighttpd/Config.in"
 	source "package/linknx/Config.in"
 	source "package/links/Config.in"
diff --git a/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch
new file mode 100644
index 0000000000..d725d136ff
--- /dev/null
+++ b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch
@@ -0,0 +1,31 @@
+From 0832208360aab69fbaec76225db67801840a33fe Mon Sep 17 00:00:00 2001
+From: Frank Vanbever <frank.vanbever@essensium.com>
+Date: Fri, 10 Jan 2020 11:14:43 +0100
+Subject: [PATCH] Fail when CANONICAL_HOST cannot be determined
+
+When the CANONICAL_HOST is unknown the configure script exits
+with exit code 0 even though no makefile was produced.
+
+patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235
+
+Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 95e48843..5e6971f4 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -193,7 +193,7 @@ case $host in
+     ;;
+        *)
+     echo "Unknown CANONICAL_HOST $host"
+-    exit
++    exit 1
+     ;;
+ esac
+ 
+-- 
+2.20.1
+
diff --git a/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch b/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch
new file mode 100644
index 0000000000..73022f31f2
--- /dev/null
+++ b/package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch
@@ -0,0 +1,28 @@
+From 13c505e30474c919ed9ae552e459769c456da21e Mon Sep 17 00:00:00 2001
+From: Frank Vanbever <frank.vanbever@essensium.com>
+Date: Fri, 10 Jan 2020 11:24:43 +0100
+Subject: [PATCH] test for uClinux in configure script
+
+patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235
+
+Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5e6971f4..51d38071 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -156,7 +156,7 @@ case $host in
+     AC_DEFINE([MACOSX], [1], [Define if the operating system is Macintosh OSX])
+     PLATFORM="MacOSX"
+     ;;
+-  *-*-linux*)
++  *-*-linux* | *-*uclinux*)
+     echo "Checking platform... Identified as Linux"
+     AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX])
+     PLATFORM="Linux"
+-- 
+2.20.1
+
diff --git a/package/libmodsecurity/Config.in b/package/libmodsecurity/Config.in
new file mode 100644
index 0000000000..ddd4170945
--- /dev/null
+++ b/package/libmodsecurity/Config.in
@@ -0,0 +1,14 @@
+config BR2_PACKAGE_LIBMODSECURITY
+	bool "libmodsecurity"
+	select BR2_PACKAGE_PCRE
+	help
+	  Libmodsecurity is one component of the ModSecurity
+	  v3 project. The library codebase serves as an
+	  interface to ModSecurity Connectors taking in web
+	  traffic and applying traditional ModSecurity
+	  processing. In general, it provides the capability
+	  to load/interpret rules written in the ModSecurity
+	  SecRules format and apply them to HTTP content
+	  provided by your application via Connectors.
+
+	  https://github.com/SpiderLabs/ModSecurity
diff --git a/package/libmodsecurity/libmodsecurity.hash b/package/libmodsecurity/libmodsecurity.hash
new file mode 100644
index 0000000000..29c0a079fe
--- /dev/null
+++ b/package/libmodsecurity/libmodsecurity.hash
@@ -0,0 +1,4 @@
+# From https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.3/modsecurity-v3.0.3.tar.gz.sha256
+sha256 8aa1300105d8cc23315a5e54421192bc617a66246ad004bd89e67c232208d0f4  modsecurity-v3.0.3.tar.gz
+# Localy calculated
+sha256 c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4  LICENSE
diff --git a/package/libmodsecurity/libmodsecurity.mk b/package/libmodsecurity/libmodsecurity.mk
new file mode 100644
index 0000000000..991402057d
--- /dev/null
+++ b/package/libmodsecurity/libmodsecurity.mk
@@ -0,0 +1,59 @@
+################################################################################
+#
+# libmodsecurity
+#
+################################################################################
+
+LIBMODSECURITY_VERSION = 3.0.3
+LIBMODSECURITY_SOURCE = modsecurity-v$(LIBMODSECURITY_VERSION).tar.gz
+LIBMODSECURITY_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/$(LIBMODSECURITY_VERSION)
+LIBMODSECURITY_INSTALL_STAGING = YES
+LIBMODSECURITY_LICENSE = Apache-2.0
+LIBMODSECURITY_LICENSE_FILES = LICENSE
+LIBMODSECURITY_AUTORECONF = YES
+LIBMODSECURITY_CONF_ENV = \
+	ac_cv_file_others_libinjection_src_libinjection_html5_c=yes # Necessary to work around AC_CHECK_FILE cross-compile limitation
+
+LIBMODSECURITY_DEPENDENCIES = pcre
+LIBMODSECURITY_CONF_OPTS =  --disable-examples
+
+ifeq ($(BR2_PACKAGE_LIBXML2),y)
+LIBMODSECURITY_DEPENDENCIES += libxml2
+LIBMODSECURITY_CONF_OPTS += --with-libxml="$(STAGING_DIR)"
+else
+LIBMODSECURITY_CONF_OPTS += --with-libxml="no"
+endif
+
+ifeq ($(BR2_PACKAGE_LIBCURL),y)
+LIBMODSECURITY_DEPENDENCIES += libcurl
+LIBMODSECURITY_CONF_OPTS += --with-curl="$(STAGING_DIR)"
+else
+LIBMODSECURITY_CONF_OPTS += --with-curl="no"
+endif
+
+ifeq ($(BR2_PACKAGE_YAJL),y)
+LIBMODSECURITY_DEPENDENCIES += yajl
+else
+LIBMODSECURITY_CONF_OPTS += --with-yajl="no"
+endif
+
+ifeq ($(BR2_PACKAGE_GEOIP),y)
+LIBMODSECURITY_DEPENDENCIES += geoip
+else
+LIBMODSECURITY_CONF_OPTS += --with-geoip="no"
+endif
+
+ifeq ($(BR2_PACKAGE_LIBMAXMINDDB),y)
+LIBMODSECURITY_DEPENDENCIES += libmaxminddb
+else
+LIBMODSECURITY_CONF_OPTS += --with-maxmind="no"
+endif
+
+ifeq ($(BR2_PACKAGE_LUA),y)
+LIBMODSECURITY_DEPENDENCIES += lua
+LIBMODSECURITY_CONF_OPTS += --with-lua="$(STAGING_DIR)"
+else
+LIBMODSECURITY_CONF_OPTS += --with-lua="no"
+endif
+
+$(eval $(autotools-package))