Accepting request 556963 from home:kstreitova:branches:Apache:Modules

- update to 2.9.2 * release notes https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.2 * refresh apache2-mod_security2-no_rpath.diff * remove apache2-mod_security2-lua-5.3.patch that was applied upstream - remove outdated html pages and diagram (they can be accessed online at https://github.com/SpiderLabs/ModSecurity/wiki) * Reference-Manual.html.bz2 * ModSecurity-Frequently-Asked-Questions-FAQ.html.bz2 * modsecurity_diagram_apache_request_cycle.jpg - don't pack the whole doc directory as it contains also Makefiles or doxygen configuration files - disable mlogc as we don't pack it and it also can't be built for curl <=7.34 - add basic and regression test suite (but disabled for now) * add apache2-mod_security2_tests_conf.patch for apache2 configuration file used for tests that was trying to load mpm_worker_module (it's static for our apache2 package) * add "BuildRequires: perl-libwww-perl" needed for the test suite OBS-URL: https://build.opensuse.org/request/show/556963 OBS-URL: https://build.opensuse.org/package/show/Apache:Modules/apache2-mod_security2?expand=0&rev=75
2017-12-18 09:36:29 +00:00 · 2017-12-18 09:36:29 +00:00 · 8a706f0f57
commit 8a706f0f57
parent 57568dbaa7
11 changed files with 82 additions and 353 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -21,5 +21,3 @@
 *.xz filter=lfs diff=lfs merge=lfs -text
 *.zip filter=lfs diff=lfs merge=lfs -text
 *.zst filter=lfs diff=lfs merge=lfs -text
-## Specific LFS patterns
-modsecurity_diagram_apache_request_cycle.jpg filter=lfs diff=lfs merge=lfs -text
--- a/ModSecurity-Frequently-Asked-Questions-FAQ.html.bz2
+++ b/ModSecurity-Frequently-Asked-Questions-FAQ.html.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bab5e208e8c2aa4beeb799a4d05bceb3eb44846e75565b32b483fb5fb32023a7
-size 11838
--- a/Reference-Manual.html.bz2
+++ b/Reference-Manual.html.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:160af986e97bafad2cdbd58469115102068eff3b2f2f246f559adf7256d0dcf8
-size 60381
--- a/apache2-mod_security2-lua-5.3.patch
+++ b/apache2-mod_security2-lua-5.3.patch
@ -1,26 +0,0 @@
-From 422e22141b9f6cdd0496919093fcf51b02732b84 Mon Sep 17 00:00:00 2001
-From: Athmane Madjoudj <athmane@fedoraproject.org>
-Date: Fri, 13 Feb 2015 13:24:50 +0100
-Subject: [PATCH] Fix build issue with Lua >= 5.3
-
---
- apache2/msc_lua.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/apache2/msc_lua.c b/apache2/msc_lua.c
-index f4482ae..58206a7 100644
--- a/apache2/msc_lua.c
-+++ b/apache2/msc_lua.c
-@@ -111,8 +111,11 @@ char *lua_compile(msc_script **script, const char *filename, apr_pool_t *pool) {
-     dump.pool = pool;
-     dump.parts = apr_array_make(pool, 128, sizeof(msc_script_part *));
- 
-+#if LUA_VERSION_NUM >= 503
-+    lua_dump(L, dump_writer, &dump, 1);
-+#else
-     lua_dump(L, dump_writer, &dump);
-
-+#endif
-     (*script) = apr_pcalloc(pool, sizeof(msc_script));
-     (*script)->name = filename;
-     (*script)->parts = dump.parts;
--- a/apache2-mod_security2-no_rpath.diff
+++ b/apache2-mod_security2-no_rpath.diff
@ -1,33 +1,8 @@
--- ../modsecurity-2.9.0-o/apache2/Makefile.am	2015-02-12 20:08:30.000000000 +0100
-+++ ./apache2/Makefile.am	2015-02-14 18:55:11.762837073 +0100
-@@ -91,61 +91,61 @@
- 
- if MACOSX
- mod_security2_la_LDFLAGS = -module -avoid-version \
-     @APR_LDFLAGS@ \
-     @APU_LDFLAGS@ \
-     @APXS_LDFLAGS@ \
-     @CURL_LDFLAGS@ \
-     @LIBXML2_CFLAGS@ \
-     @LIBXML2_LDFLAGS@ \
-     @LUA_LDFLAGS@ \
-     @PCRE_LDFLAGS@ \
-     @YAJL_LDFLAGS@ \
-     @SSDEEP_LDFLAGS@
- endif
- 
- if SOLARIS
- mod_security2_la_LDFLAGS = -module -avoid-version \
-     @APR_LDFLAGS@ \
-     @APU_LDFLAGS@ \
-     @APXS_LDFLAGS@ \
-     @CURL_LDFLAGS@ \
-     @LIBXML2_CFLAGS@ \
-     @LIBXML2_LDFLAGS@ \
-     @LUA_LDFLAGS@ \
-     @PCRE_LDFLAGS@ \
-     @YAJL_LDFLAGS@ \
-     @SSDEEP_LDFLAGS@
+Index: apache2/Makefile.am
+===================================================================
+--- apache2/Makefile.am.orig
+++ apache2/Makefile.am
+@@ -118,7 +118,7 @@ mod_security2_la_LDFLAGS = -module -avoi
 endif
 
 if LINUX
@ -36,63 +11,11 @@
     @APR_LDFLAGS@ \
     @APU_LDFLAGS@ \
     @APXS_LDFLAGS@ \
-     @CURL_LDFLAGS@ \
-     @LIBXML2_CFLAGS@ \
-     @LIBXML2_LDFLAGS@ \
-     @LUA_LDFLAGS@ \
-     @PCRE_LDFLAGS@ \
-     @YAJL_LDFLAGS@ \
-     @SSDEEP_LDFLAGS@
- endif
- 
- if FREEBSD
- mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
-     @APR_LDFLAGS@ \
-     @APU_LDFLAGS@ \
-     @APXS_LDFLAGS@ \
-     @CURL_LDFLAGS@ \
-     @LIBXML2_CFLAGS@ \
-     @LIBXML2_LDFLAGS@ \
-     @LUA_LDFLAGS@ \
-     @PCRE_LDFLAGS@ \
-     @YAJL_LDFLAGS@ \
-     @SSDEEP_LDFLAGS@
- endif
- 
- if OPENBSD
- mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
-     @APR_LDFLAGS@ \
-     @APU_LDFLAGS@ \
--- ../modsecurity-2.9.0-o/apache2/Makefile.in	2015-02-12 20:08:45.000000000 +0100
-+++ ./apache2/Makefile.in	2015-02-14 18:54:58.781828724 +0100
-@@ -651,61 +651,61 @@
- 	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(pkglibdir)/$$f"; \
- 	done
- 
- clean-pkglibLTLIBRARIES:
- 	-test -z "$(pkglib_LTLIBRARIES)" || rm -f $(pkglib_LTLIBRARIES)
- 	@list='$(pkglib_LTLIBRARIES)'; \
- 	locs=`for p in $$list; do echo $$p; done | \
- 	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
- 	      sort -u`; \
- 	test -z "$$locs" || { \
- 	  echo rm -f $${locs}; \
- 	  rm -f $${locs}; \
- 	}
- libinjection/$(am__dirstamp):
- 	@$(MKDIR_P) libinjection
- 	@: > libinjection/$(am__dirstamp)
- libinjection/$(DEPDIR)/$(am__dirstamp):
- 	@$(MKDIR_P) libinjection/$(DEPDIR)
- 	@: > libinjection/$(DEPDIR)/$(am__dirstamp)
- libinjection/mod_security2_la-libinjection_html5.lo:  \
- 	libinjection/$(am__dirstamp) \
- 	libinjection/$(DEPDIR)/$(am__dirstamp)
- libinjection/mod_security2_la-libinjection_sqli.lo:  \
- 	libinjection/$(am__dirstamp) \
- 	libinjection/$(DEPDIR)/$(am__dirstamp)
- libinjection/mod_security2_la-libinjection_xss.lo:  \
- 	libinjection/$(am__dirstamp) \
+Index: apache2/Makefile.in
+===================================================================
+--- apache2/Makefile.in.orig
+++ apache2/Makefile.in
+@@ -691,7 +691,7 @@ libinjection/mod_security2_la-libinjecti
 	libinjection/$(DEPDIR)/$(am__dirstamp)
 
 mod_security2.la: $(mod_security2_la_OBJECTS) $(mod_security2_la_DEPENDENCIES) $(EXTRA_mod_security2_la_DEPENDENCIES) 
@ -101,222 +24,34 @@
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
- 	-rm -f libinjection/*.$(OBJEXT)
- 	-rm -f libinjection/*.lo
- 
- distclean-compile:
- 	-rm -f *.tab.c
- 
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-acmp.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-apache2_config.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-apache2_io.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-apache2_util.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-mod_security2.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-modsecurity.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_crypt.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_geo.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_gsb.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_json.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_logging.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_lua.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_multipart.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_parsers.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_pcre.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_release.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_remote_rules.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_reqbody.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_status_engine.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_tree.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-msc_unicode.Plo@am__quote@
-diff -rNU 30 ../modsecurity-2.8.0-o/build/libtool.m4 ./build/libtool.m4
--- ../modsecurity-2.8.0-o/build/libtool.m4	2014-04-15 14:44:04.000000000 +0200
-+++ ./build/libtool.m4	2014-06-16 16:16:39.000000000 +0200
-@@ -4661,61 +4661,61 @@
-   if test "$with_gnu_ld" = yes; then
-     case $host_os in
-       aix*)
- 	# The AIX port of GNU ld has always aspired to compatibility
- 	# with the native linker.  However, as the warning in the GNU ld
- 	# block says, versions before 2.19.5* couldn't really create working
- 	# shared libraries, regardless of the interface used.
- 	case `$LD -v 2>&1` in
- 	  *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
- 	  *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;;
- 	  *\ \(GNU\ Binutils\)\ [[3-9]]*) ;;
- 	  *)
- 	    lt_use_gnu_ld_interface=yes
- 	    ;;
- 	esac
- 	;;
-       *)
- 	lt_use_gnu_ld_interface=yes
- 	;;
-     esac
-   fi
- 
-   if test "$lt_use_gnu_ld_interface" = yes; then
-     # If archive_cmds runs LD, not CC, wlarc should be empty
-     wlarc='${wl}'
- 
-     # Set some defaults for GNU ld with shared library support. These
+Index: build/libtool.m4
+===================================================================
+--- build/libtool.m4.orig
+++ build/libtool.m4
+@@ -5053,7 +5053,7 @@ dnl Note also adjust exclude_expsyms for
     # are reset later if shared libraries are not supported. Putting them
     # here allows them to be overridden if necessary.
     runpath_var=LD_RUN_PATH
-    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+-    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
 +    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
-     _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+     _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic'
     # ancient GNU ld didn't support --whole-archive et. al.
     if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
-       _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
-     else
-       _LT_TAGVAR(whole_archive_flag_spec, $1)=
-     fi
-     supports_anon_versioning=no
-     case `$LD -v 2>&1` in
-       *GNU\ gold*) supports_anon_versioning=yes ;;
-       *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
-       *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
-       *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
-       *\ 2.11.*) ;; # other 2.11 versions
-       *) supports_anon_versioning=yes ;;
-     esac
- 
-     # See if GNU ld supports shared libraries.
-     case $host_os in
-     aix[[3-9]]*)
-       # On AIX/PPC, the GNU linker is very broken
-       if test "$host_cpu" != ia64; then
- 	_LT_TAGVAR(ld_shlibs, $1)=no
- 	cat <<_LT_EOF 1>&2
- 
- *** Warning: the GNU linker, at least up to release 2.19, is reported
- *** to be unable to reliably create shared libraries on AIX.
- *** Therefore, libtool is disabling shared libraries support.  If you
- *** really care for shared libraries, you may want to install binutils
- *** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
-@@ -4897,61 +4897,61 @@
- _LT_EOF
-       elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
- 	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- 	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-       else
- 	_LT_TAGVAR(ld_shlibs, $1)=no
-       fi
-       ;;
- 
-     sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
-       case `$LD -v 2>&1` in
-         *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*)
- 	_LT_TAGVAR(ld_shlibs, $1)=no
- 	cat <<_LT_EOF 1>&2
- 
- *** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
- *** reliably create shared libraries on SCO systems.  Therefore, libtool
- *** is disabling shared libraries support.  We urge you to upgrade GNU
- *** binutils to release 2.16.91.0.3 or newer.  Another option is to modify
- *** your PATH or compiler configuration so that the native linker is
- *** used, and then restart.
- 
- _LT_EOF
- 	;;
- 	*)
- 	  # For security reasons, it is highly recommended that you always
- 	  # use absolute paths for naming shared libraries, and exclude the
+@@ -5322,7 +5322,7 @@ _LT_EOF
 	  # DT_RUNPATH tag from executables and libraries.  But doing so
 	  # requires that you compile everything twice, which is a pain.
 	  if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
 +	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
- 	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- 	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ 	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'
+ 	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
 	  else
- 	    _LT_TAGVAR(ld_shlibs, $1)=no
- 	  fi
- 	;;
-       esac
-       ;;
+@@ -6409,7 +6409,7 @@ if test yes != "$_lt_caught_CXX_error";
+         _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib'
+         _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib'
 
-     sunos4*)
-       _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
-       wlarc=
-       _LT_TAGVAR(hardcode_direct, $1)=yes
-       _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-       ;;
- 
-     *)
-       if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
- 	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
- 	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-       else
- 	_LT_TAGVAR(ld_shlibs, $1)=no
-       fi
-       ;;
-     esac
- 
-     if test "$_LT_TAGVAR(ld_shlibs, $1)" = no; then
-       runpath_var=
-       _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-       _LT_TAGVAR(export_dynamic_flag_spec, $1)=
-@@ -5907,61 +5907,61 @@
-   else
-     $as_unset lt_cv_path_LD
-   fi
-   test -z "${LDCXX+set}" || LD=$LDCXX
-   CC=${CXX-"c++"}
-   CFLAGS=$CXXFLAGS
-   compiler=$CC
-   _LT_TAGVAR(compiler, $1)=$CC
-   _LT_CC_BASENAME([$compiler])
- 
-   if test -n "$compiler"; then
-     # We don't want -fno-exception when compiling C++ code, so set the
-     # no_builtin_flag separately
-     if test "$GXX" = yes; then
-       _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
-     else
-       _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
-     fi
- 
-     if test "$GXX" = yes; then
-       # Set up default GNU C++ configuration
- 
-       LT_PATH_LD
- 
-       # Check if GNU C++ uses GNU ld as the underlying linker, since the
-       # archiving commands below assume that GNU ld is being used.
-       if test "$with_gnu_ld" = yes; then
-         _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
-         _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
- 
-        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+-        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir'
 +        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
-         _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+         _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic'
 
         # If archive_cmds runs LD, not CC, wlarc should be empty
-         # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
-         #     investigate it a little bit more. (MM)
-         wlarc='${wl}'
- 
-         # ancient GNU ld didn't support --whole-archive et. al.
-         if eval "`$CC -print-prog-name=ld` --help 2>&1" |
- 	  $GREP 'no-whole-archive' > /dev/null; then
-           _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
-         else
-           _LT_TAGVAR(whole_archive_flag_spec, $1)=
-         fi
-       else
-         with_gnu_ld=no
-         wlarc=
- 
-         # A generic and very simple default shared library creation
-         # command for GNU C++ for the case where it uses the native
-         # linker, instead of GNU ld.  If possible, this setting should
-         # overridden to take advantage of the native linker features on
-         # the platform it is being used on.
-         _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
-       fi
- 
-       # Commands to make compiler produce verbose output that lists
-       # what "hidden" libraries, object files and flags are used when
-       # linking a shared library.
-       output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
--- a/apache2-mod_security2.changes
+++ b/apache2-mod_security2.changes
@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Mon Oct  2 11:02:58 UTC 2017 - kstreitova@suse.com
+
+- update to 2.9.2
+  * release notes
+    https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.2
+  * refresh apache2-mod_security2-no_rpath.diff
+  * remove apache2-mod_security2-lua-5.3.patch that was applied
+    upstream
+- remove outdated html pages and diagram (they can be accessed
+  online at https://github.com/SpiderLabs/ModSecurity/wiki)
+  * Reference-Manual.html.bz2
+  * ModSecurity-Frequently-Asked-Questions-FAQ.html.bz2
+  * modsecurity_diagram_apache_request_cycle.jpg
+- don't pack the whole doc directory as it contains also Makefiles
+  or doxygen configuration files
+- disable mlogc as we don't pack it and it also can't be built for
+  curl <=7.34
+- add basic and regression test suite (but disabled for now)
+  * add apache2-mod_security2_tests_conf.patch for apache2
+    configuration file used for tests that was trying to load
+    mpm_worker_module (it's static for our apache2 package)
+  * add "BuildRequires: perl-libwww-perl" needed for the test suite
+
 -------------------------------------------------------------------
 Wed Jun 21 10:16:28 UTC 2017 - dimstar@opensuse.org

--- a/apache2-mod_security2.spec
+++ b/apache2-mod_security2.spec
@ -19,10 +19,8 @@
 %define modname       mod_security2
 %define tarballname   modsecurity-%{version}
 %define usrsharedir %{_datadir}/%{name}
-%define refman Reference-Manual.html
-%define faq ModSecurity-Frequently-Asked-Questions-FAQ.html
 Name:           apache2-mod_security2
-Version:        2.9.0
+Version:        2.9.2
 Release:        0
 Summary:        ModSecurity Open Source Web Application Firewall
 License:        Apache-2.0
@ -31,15 +29,11 @@ Url:            http://www.modsecurity.org/
 Source:         https://www.modsecurity.org/tarball/%{version}/%{tarballname}.tar.gz
 Source1:        https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master//SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz
 Source2:        mod_security2.conf
-Source3:        %{refman}.bz2
-Source4:        %{faq}.bz2
-Source5:        modsecurity_diagram_apache_request_cycle.jpg
 Source6:        README-SUSE-mod_security2.txt
 Source7:        empty.conf
 Patch0:         apache2-mod_security2-no_rpath.diff
 Patch1:         modsecurity-fixes.patch
-# https://github.com/SpiderLabs/ModSecurity/pull/837
-Patch2:         apache2-mod_security2-lua-5.3.patch
+Patch2:         apache2-mod_security2_tests_conf.patch
 BuildRequires:  apache-rpm-macros
 BuildRequires:  apache2-devel
 BuildRequires:  apache2-prefork
@ -51,11 +45,11 @@ BuildRequires:  libtool
 BuildRequires:  libxml2-devel
 BuildRequires:  lua-devel
 BuildRequires:  pcre-devel
+BuildRequires:  perl-libwww-perl
 BuildRequires:  pkgconfig
 Requires:       %{apache_mmn}
 Requires:       %{apache_suse_maintenance_mmn}
 Requires:       apache2
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build

 %description
 ModSecurity(TM) is an open source intrusion detection and prevention
@ -71,22 +65,20 @@ ruleset. Please have a look at http://www.modsecurity.org/ for more details.
 %setup -q -n %{tarballname}
 %setup -q -D -T -a 1 -n %{tarballname}
 mv -v SpiderLabs* rules
-bzip2 -dc %{SOURCE3} > %{_sourcedir}/%{refman} && touch -r %{SOURCE3} %{_sourcedir}/%{refman}
-bzip2 -dc %{SOURCE4} > %{_sourcedir}/%{faq} && touch -r %{SOURCE4} %{_sourcedir}/%{faq}
 %patch0
 %patch1 -p1
 %patch2 -p1

 %build
-# aclocal only works with never distributions,
+# aclocal only works with newer distributions
 %if 0%{?suse_version} >= 1310
 aclocal
-# on older versions only autoconf is called.
+# on older versions only autoconf is called
 %else
 autoreconf -fi
 %endif
 automake
-%configure --with-apxs=%{apache_apxs} --enable-request-early --enable-htaccess-config
+%configure --with-apxs=%{apache_apxs} --enable-request-early --enable-htaccess-config --disable-mlogc
 CFLAGS="%{optflags}" make %{?_smp_mflags}

 %install
@ -99,11 +91,8 @@ install -d -m 0755 %{buildroot}%{apache_sysconfdir}/mod_security2.d
 install -D -m 0644 %{SOURCE6} %{buildroot}%{apache_sysconfdir}/mod_security2.d
 install -D -m 0644 %{SOURCE7} %{buildroot}%{apache_sysconfdir}/mod_security2.d
 cp -a %{SOURCE6} doc
-install -m 0644 %{_sourcedir}/%{faq} %{_sourcedir}/%{refman} doc
-install -m 0644 %{SOURCE5} doc
 install -d -m 0755 %{buildroot}/%{usrsharedir}
 install -d -m 0755 %{buildroot}/%{usrsharedir}/tools
-install -d -m 0755 %{buildroot}/%{usrsharedir}
 rm -f rules/.gitignore rules/LICENSE
 cp -a rules/util/README %{buildroot}/%{usrsharedir}/tools/README-rules-updater.txt
 cp -a tools/rules-updater.pl tools/rules-updater-example.conf %{buildroot}/%{usrsharedir}/tools
@ -117,7 +106,11 @@ rm -f %{buildroot}/%{usrsharedir}/rules/INSTALL %{buildroot}/%{usrsharedir}/rule
 mv %{buildroot}/%{usrsharedir}/rules/modsecurity_crs_10_setup.conf.example \
  %{buildroot}/%{usrsharedir}/rules/modsecurity_crs_10_setup.conf

-%check
+# Temporarily disable test suite as there are some failures that need to be solved
+#%check
+#make test
+#make test-regression
+
 set +x
 mkdir -p %{apache_test_module_dir}
 cp %{SOURCE2} %{apache_test_module_dir}/%{modname}-test.conf
@ -128,15 +121,15 @@ sed -i 's:%{_sysconfdir}/apache2:%{buildroot}%{_sysconfdir}/apache2:' %{apache_t
 set -x

 %files
-%defattr(-, root, root, 0755)
 %{apache_libexecdir}/%{modname}.so
 %config(noreplace) %{apache_sysconfdir}/conf.d/%{modname}.conf
 %dir %{apache_sysconfdir}/mod_security2.d
 %{apache_sysconfdir}/mod_security2.d/README-SUSE-mod_security2.txt
 %{apache_sysconfdir}/mod_security2.d/empty.conf
-%dir %{usrsharedir}
-%doc README.TXT CHANGES LICENSE NOTICE authors.txt
 %{usrsharedir}
-%doc doc/* rules/util/regression-tests
+%doc README.TXT CHANGES LICENSE NOTICE authors.txt
+%doc doc/README.txt
+%doc doc/README-SUSE-mod_security2.txt
+%doc rules/util/regression-tests

 %changelog
--- a/apache2-mod_security2_tests_conf.patch
+++ b/apache2-mod_security2_tests_conf.patch
@ -0,0 +1,14 @@
+Index: modsecurity-2.9.2/tests/regression/server_root/conf/httpd.conf.in
+===================================================================
+--- modsecurity-2.9.2.orig/tests/regression/server_root/conf/httpd.conf.in
+++ modsecurity-2.9.2/tests/regression/server_root/conf/httpd.conf.in
+@@ -14,9 +14,6 @@ LoadModule security2_module @MSC_BASE_DI
+     <IfModule !mod_unixd.c>
+         LoadModule unixd_module @APXS_LIBEXECDIR@/mod_unixd.so
+     </IfModule>
+-    <IfModule !mpm_worker_module>
+-	LoadModule mpm_worker_module @APXS_LIBEXECDIR@/mod_mpm_worker.so
+-    </IfModule>
+     LoadModule access_compat_module @APXS_LIBEXECDIR@/mod_access_compat.so
+     LoadModule authn_core_module @APXS_LIBEXECDIR@/mod_authn_core.so
+     LoadModule authz_core_module @APXS_LIBEXECDIR@/mod_authz_core.so
--- a/modsecurity-2.9.0.tar.gz
+++ b/modsecurity-2.9.0.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434
-size 4246467
--- a/modsecurity-2.9.2.tar.gz
+++ b/modsecurity-2.9.2.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:41a8f73476ec891f3a9e8736b98b64ea5c2105f1ce15ea57a1f05b4bf2ffaeb5
+size 4298993
--- a/modsecurity_diagram_apache_request_cycle.jpg
+++ b/modsecurity_diagram_apache_request_cycle.jpg
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4366e727c511bccbf56ec646dd0961c65c8054fdc235ab26e06e3faf08052f6d
-size 46799