Hello, The following patch adds a new port for libmodsecurity of https://www.modsecurity.org/.
https://github.com/SpiderLabs/ModSecurity: Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity SecRules format and apply them to HTTP content provided by your application via Connectors. This port is required for adding ModSecurity to nginx: https://github.com/SpiderLabs/ModSecurity-nginx Built and tested on amd64: ============================================================================ Testsuite summary for modsecurity 3.0 ============================================================================ # TOTAL: 4292 # PASS: 4287 # SKIP: 5 # XFAIL: 0 # FAIL: 0 # XPASS: 0 # ERROR: 0 ============================================================================ Cheers, Matthias -------------------------------------------------------------------------------- --- /dev/null Tue Jul 21 10:33:18 2020 +++ security/libmodsecurity/Makefile Tue Jul 21 10:32:11 2020 @@ -0,0 +1,47 @@ +# $OpenBSD$ +# +COMMENT = Intrusion detection and prevention engine + +V = 3.0.4 +DISTNAME = modsecurity-v$V +PKGNAME = libmodsecurity-$V + +SHARED_LIBS += modsecurity 3.3 # 3.3 + +CATEGORIES = security + +HOMEPAGE = https://www.modsecurity.org + +WANTLIB += ${COMPILER_LIBCXX} c crypto curl iconv lzma m +WANTLIB += maxminddb nghttp2 pcre ssl xml2 z yajl + +MASTER_SITES = https://github.com/SpiderLabs/ModSecurity/releases/download/v$V/ + +PERMIT_PACKAGE = Yes + +COMPILER = base-clang ports-gcc base-gcc + +LIB_DEPENDS = converters/libiconv \ + devel/libyajl \ + devel/pcre \ + net/curl \ + net/libmaxminddb \ + textproc/libxml \ + www/nghttp2 + +USE_GMAKE = yes +CONFIGURE_STYLE = gnu +SEPARATE_BUILD = no + +CONFIGURE_ARGS = --libdir=${LOCALBASE}/modsecurity/lib \ + --without-lmdb \ + --without-ssdeep \ + --without-lua + +post-install: + @mv ${WRKINST}${LOCALBASE}/modsecurity/lib/pkgconfig/modsecurity.pc \ + ${WRKINST}${LOCALBASE}/lib/pkgconfig/ + ${INSTALL_DATA_DIR} ${PREFIX}/share/modsecurity/ + ${INSTALL_DATA} ${WRKSRC}/unicode.mapping ${PREFIX}/share/modsecurity/ + +.include <bsd.port.mk> --- /dev/null Tue Jul 21 10:33:18 2020 +++ security/libmodsecurity/distinfo Tue Jul 21 09:07:56 2020 @@ -0,0 +1,2 @@ +SHA256 (modsecurity-v3.0.4.tar.gz) = tCMRd92AtOB2sijlfUmGcBE7adRFurhtsl9lNGwk2yI= +SIZE (modsecurity-v3.0.4.tar.gz) = 2806291 --- /dev/null Tue Jul 21 10:33:18 2020 +++ security/libmodsecurity/pkg/DESCR Tue Jul 21 09:07:56 2020 @@ -0,0 +1,9 @@ +ModSecurity is an embeddable web application firewall. It provides +protection from a range of attacks against web applications and allows +for HTTP traffic monitoring and real-time analysis with no changes to +existing infrastructure. + +It is also an open source project that aims to make the web application +firewall technology available to everyone. + +WWW: https://www.modsecurity.org/ --- /dev/null Tue Jul 21 10:33:18 2020 +++ security/libmodsecurity/pkg/PLIST Tue Jul 21 09:35:14 2020 @@ -0,0 +1,31 @@ +@comment $OpenBSD: PLIST,v$ +@bin bin/modsec-rules-check +include/modsecurity/ +include/modsecurity/actions/ +include/modsecurity/actions/action.h +include/modsecurity/anchored_set_variable.h +include/modsecurity/anchored_variable.h +include/modsecurity/audit_log.h +include/modsecurity/collection/ +include/modsecurity/collection/collection.h +include/modsecurity/collection/collections.h +include/modsecurity/debug_log.h +include/modsecurity/intervention.h +include/modsecurity/modsecurity.h +include/modsecurity/reading_logs_via_rule_message.h +include/modsecurity/rule.h +include/modsecurity/rule_message.h +include/modsecurity/rules.h +include/modsecurity/rules_exceptions.h +include/modsecurity/rules_properties.h +include/modsecurity/transaction.h +include/modsecurity/variable_origin.h +include/modsecurity/variable_value.h +lib/pkgconfig/modsecurity.pc +modsecurity/ +modsecurity/lib/ +@static-lib modsecurity/lib/libmodsecurity.a +modsecurity/lib/libmodsecurity.la +share/modsecurity/ +share/modsecurity/unicode.mapping +@lib modsecurity/lib/libmodsecurity.so.${LIBmodsecurity_VERSION} Index: security/Makefile =================================================================== RCS file: /mount/cvsdev/openbsd/cvs/ports/security/Makefile,v retrieving revision 1.575 diff -u -p -u -r1.575 Makefile --- security/Makefile 21 Apr 2020 20:42:00 -0000 1.575 +++ security/Makefile 21 Jul 2020 07:10:00 -0000 @@ -122,6 +122,7 @@ SUBDIR += libident SUBDIR += libksba SUBDIR += libmcrypt + SUBDIR += libmodsecurity SUBDIR += libnettle SUBDIR += libnipper SUBDIR += libotr
