demus/mod_security-rpm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

don't link against redundant apr-util dependent libraries

Browse Source
This commit is contained in:
Joe Orton 2021-01-22 12:21:32 +00:00
parent a1358f8b3d
commit da6a79489c
4 changed files with 24 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
mod_security-2.9.3-apulibs.patch Normal file
View File

0
mod_security-2.9.3-modsecurity-2.9.3.patch Normal file
View File

14
mod_security.spec
View File

@ -10,7 +10,7 @@
Summary: Security module for the Apache HTTP Server Summary: Security module for the Apache HTTP Server
Name: mod_security Name: mod_security
Version: 2.9.3 Version: 2.9.3
Release: 7%{?dist} Release: 8%{?dist}
License: ASL 2.0 License: ASL 2.0
URL: http://www.modsecurity.org/ URL: http://www.modsecurity.org/
Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz Source: https://github.com/SpiderLabs/ModSecurity/releases/download/v%{version}/modsecurity-%{version}.tar.gz
@ -18,15 +18,16 @@ Source1: mod_security.conf
Source2: 10-mod_security.conf Source2: 10-mod_security.conf
Source3: modsecurity_localrules.conf Source3: modsecurity_localrules.conf
Patch0: modsecurity-2.9.3-lua-54.patch Patch0: modsecurity-2.9.3-lua-54.patch
Patch1: modsecurity-2.9.3-apulibs.patch
Requires: httpd httpd-mmn = %{_httpd_mmn} Requires: httpd httpd-mmn = %{_httpd_mmn}
%if 0%{?fedora} || 0%{?rhel} > 7 %if 0%{?fedora} || 0%{?rhel} > 7
# Ensure apache user exists for file ownership # Ensure apache user exists for file ownership
Requires(pre): httpd-filesystem Requires(pre): httpd-filesystem
%endif %endif
BuildRequires: gcc BuildRequires: gcc, make, autoconf, automake, libtool
BuildRequires: httpd-devel BuildRequires: httpd-devel
BuildRequires: make
BuildRequires: perl-generators BuildRequires: perl-generators
BuildRequires: pkgconfig(libcurl) BuildRequires: pkgconfig(libcurl)
BuildRequires: pkgconfig(libpcre) BuildRequires: pkgconfig(libpcre)
@ -63,10 +64,12 @@ This package contains the ModSecurity Audit Log Collector.
%autosetup -p1 -n modsecurity-%{version} %autosetup -p1 -n modsecurity-%{version}
%build %build
./autogen.sh
%configure --enable-pcre-match-limit=1000000 \ %configure --enable-pcre-match-limit=1000000 \
--enable-pcre-match-limit-recursion=1000000 \ --enable-pcre-match-limit-recursion=1000000 \
--with-apxs=%{_httpd_apxs} \ --with-apxs=%{_httpd_apxs} \
--with-yajl --with-yajl \
--disable-static
# remove rpath # remove rpath
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
@ -138,6 +141,9 @@ install -m0644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf
%endif %endif
%changelog %changelog
* Fri Jan 22 2021 Joe Orton <jorton@redhat.com> - 2.9.3-8
- don't link against redundant apr-util dependent libraries
* Sat Aug 08 2020 Othman Madjoudj <athmane@fedoraproject.org> - 2.9.3-7 * Sat Aug 08 2020 Othman Madjoudj <athmane@fedoraproject.org> - 2.9.3-7
- Add a patch to fix build with Lua 5.4 until we completely switch to mod_sec3 as default - Add a patch to fix build with Lua 5.4 until we completely switch to mod_sec3 as default

14
modsecurity-2.9.3-apulibs.patch Normal file
View File

@ -0,0 +1,14 @@
Strip redundant APR-util dependent libraries, it is sufficient to link against -laprutil-1.
--- modsecurity-2.9.3/build/find_apu.m4.apulibs
+++ modsecurity-2.9.3/build/find_apu.m4
@@ -59,7 +59,7 @@
APU_CFLAGS="`${APU_CONFIG} --includes`"
if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu CFLAGS: $APU_CFLAGS); fi
APU_LDFLAGS="`${APU_CONFIG} --ldflags`"
- APU_LDFLAGS="$APU_LDFLAGS `${APU_CONFIG} --libs`"
+ APU_LDFLAGS="$APU_LDFLAGS `${APU_CONFIG} --avoid-ldap --avoid-dbm --libs`"
if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LDFLAGS: $APU_LDFLAGS); fi
APU_LDADD="`${APU_CONFIG} --link-libtool`"
if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LDADD: $APU_LDADD); fi