On 24.08.2020 - 16:19:06, Stuart Henderson wrote: > On 2020/08/24 14:28, Matthias Pitzl wrote: > > Hello, > > > > This new port is needed for adding ModSecurity support to nginx. > > > > Excerpt from github: > > ModSecurity is an open source, cross platform web application firewall > > (WAF) > > engine for Apache, IIS and Nginx that is developed by Trustwave's > > SpiderLabs. > > It has a robust event-based programming language which provides protection > > from > > a range of attacks against web applications and allows for HTTP traffic > > monitoring, logging and real-time analys... > > > > I will send an updated diff for adding the libmodsecurity connector to nginx > > too. > > > > I've sent this port a few weeks ago but haven't got an OK or further > > feedback > > except from Stuart. > > > > Greetings, > > Matthias > > Diff below with the following: > > - omit SEPARATE_BUILD=no, it's the default > - -std=c++11 is used in build so base-gcc doesn't work > - some things are compiled with -O3 [...] $CFLAGS, remove -O3 > - regen plist > > ... also, this (not addressed in my diff) - there's "checking for PCRE > JIT... yes" - I think this it should not be enabling this, IIRC pcre's > jit isn't W^X friendly - looks like pcre maybe giving the wrong answer > when the autoconf check is testing for this.
Hi, The attached version contains the diff of Stuart. In addition I made a patch for configure which disables the PCRE JIT by disabling the whole check for it. A make test did not find any problems. Greetings, Matthias
security_libmodsecurity.tgz
Description: application/gzip
