[Buildroot] [PATCH 1/2] libmodescurity: new package
Peter Korsgaard
peter at korsgaard.com
Fri Jan 10 15:19:57 UTC 2020
>>>>> "Frank" == Frank Vanbever <frank.vanbever at essensium.com> writes:
Thanks for the patch! A few comments:
s|libmodescurity|package/libmodsecurity| in the subject.
> Signed-off-by: Frank Vanbever <frank.vanbever at essensium.com>
> ---
> DEVELOPERS | 3 +
> package/Config.in | 1 +
> ...-CANONICAL_HOST-cannot-be-determined.patch | 31 ++++++++++
> ...test-for-uClinux-in-configure-script.patch | 28 +++++++++
> package/libmodsecurity/Config.in | 14 +++++
> package/libmodsecurity/libmodsecurity.hash | 4 ++
> package/libmodsecurity/libmodsecurity.mk | 59 +++++++++++++++++++
> 7 files changed, 140 insertions(+)
> create mode 100644 package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch
> create mode 100644 package/libmodsecurity/0002-test-for-uClinux-in-configure-script.patch
> create mode 100644 package/libmodsecurity/Config.in
> create mode 100644 package/libmodsecurity/libmodsecurity.hash
> create mode 100644 package/libmodsecurity/libmodsecurity.mk
> diff --git a/DEVELOPERS b/DEVELOPERS
> index 80843dd1a1..534f4d746c 100644
> --- a/DEVELOPERS
> +++ b/DEVELOPERS
> @@ -955,6 +955,9 @@ F: package/ucl/
> F: package/upx/
> F: package/zxing-cpp/
> +N: Frank Vanbever <frank.vanbever at essensium.com>
> +F: package/libmodsecurity/
> +
> N: Gaël Portay <gael.portay at collabora.com>
> F: package/qt5/qt5virtualkeyboard/
> F: package/qt5/qt5webengine/
> diff --git a/package/Config.in b/package/Config.in
> index 873a592d64..190cc4217c 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -2032,6 +2032,7 @@ menu "Networking applications"
> source "package/leafnode2/Config.in"
> source "package/lft/Config.in"
> source "package/lftp/Config.in"
> + source "package/libmodsecurity/Config.in"
Isn't libmodsecurity a library? If so, then a better location would be
Libraries -> Networking or Libraries -> Security
> source "package/lighttpd/Config.in"
> source "package/linknx/Config.in"
> source "package/links/Config.in"
> diff --git a/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch
> new file mode 100644
> index 0000000000..d725d136ff
> --- /dev/null
> +++ b/package/libmodsecurity/0001-Fail-when-CANONICAL_HOST-cannot-be-determined.patch
> @@ -0,0 +1,31 @@
> +From 0832208360aab69fbaec76225db67801840a33fe Mon Sep 17 00:00:00 2001
> +From: Frank Vanbever <frank.vanbever at essensium.com>
> +Date: Fri, 10 Jan 2020 11:14:43 +0100
> +Subject: [PATCH] Fail when CANONICAL_HOST cannot be determined
> +
> +When the CANONICAL_HOST is unknown the configure script exits
> +with exit code 0 even though no makefile was produced.
> +
> +patch was submitted upstream: https://github.com/SpiderLabs/ModSecurity/pull/2235
> +
> +Signed-off-by: Frank Vanbever <frank.vanbever at essensium.com>
> +---
> + configure.ac | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/configure.ac b/configure.ac
> +index 95e48843..5e6971f4 100644
> +--- a/configure.ac
> ++++ b/configure.ac
> +@@ -193,7 +193,7 @@ case $host in
> + ;;
> + *)
> + echo "Unknown CANONICAL_HOST $host"
> +- exit
> ++ exit 1
What is the use of this patch in Buildroot? I mean, it looks correct but
we should ensure the configure script can correctly detect
CANONICAL_HOST (whatever that is), so this should never trigger?
> +++ b/package/libmodsecurity/libmodsecurity.mk
> @@ -0,0 +1,59 @@
> +################################################################################
> +#
> +# libmodsecurity
> +#
> +################################################################################
> +
> +LIBMODSECURITY_VERSION = 3.0.3
> +LIBMODSECURITY_SOURCE = modsecurity-v$(LIBMODSECURITY_VERSION).tar.gz
> +LIBMODSECURITY_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/$(LIBMODSECURITY_VERSION)
> +LIBMODSECURITY_INSTALL_STAGING = YES
> +LIBMODSECURITY_LICENSE = Apache-2.0
> +LIBMODSECURITY_LICENSE_FILES = LICENSE
> +LIBMODSECURITY_AUTORECONF = YES
Please add a comment about why this is done, E.G.
0002-test-for-uClinux-in-configure-script.patch
> +LIBMODSECURITY_CONF_ENV = \
> + ac_cv_file_others_libinjection_src_libinjection_html5_c=yes # Necessary to work around AC_CHECK_FILE cross-compile limitation
> +
> +LIBMODSECURITY_DEPENDENCIES = pcre
> +LIBMODSECURITY_CONF_OPTS = --disable-examples
One space too many after =
> +
> +ifeq ($(BR2_PACKAGE_LIBXML2),y)
> +LIBMODSECURITY_DEPENDENCIES += libxml2
> +LIBMODSECURITY_CONF_OPTS += --with-libxml="$(STAGING_DIR)"
> +else
> +LIBMODSECURITY_CONF_OPTS += --with-libxml="no"
Is the more standard --without-libxml not supported?
> +ifeq ($(BR2_PACKAGE_LUA),y)
> +LIBMODSECURITY_DEPENDENCIES += lua
Does this work both with lua 5.1 and 5.3?
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list