[packages/nginx] Switch modsecurity to connector (https://github.com/SpiderLabs/ModSecurity-nginx) in form of dynamic
arekm
arekm at pld-linux.org
Wed Jul 5 13:38:26 CEST 2023
commit 38261c9fdb8b2c4d9cccdb4d848fc1b633cb854d
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Wed Jul 5 12:42:41 2023 +0200
Switch modsecurity to connector (https://github.com/SpiderLabs/ModSecurity-nginx) in form of dynamic module and enable build of it by default
nginx-modsecurity-xheaders.patch | 83 ----------------------------------------
1 file changed, 83 deletions(-)
---
diff --git a/nginx-modsecurity-xheaders.patch b/nginx-modsecurity-xheaders.patch
deleted file mode 100644
index 1391d17..0000000
--- a/nginx-modsecurity-xheaders.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-diff -ruNp modsecurity-2.9.0.orig/nginx/modsecurity/ngx_http_modsecurity.c modsecurity-2.9.0/nginx/modsecurity/ngx_http_modsecurity.c
---- modsecurity-2.9.0.orig/nginx/modsecurity/ngx_http_modsecurity.c 2015-02-12 20:08:31.000000000 +0100
-+++ modsecurity-2.9.0/nginx/modsecurity/ngx_http_modsecurity.c 2015-07-31 23:34:31.601688075 +0200
-@@ -28,6 +28,7 @@
-
- typedef struct {
- ngx_flag_t enable;
-+ ngx_flag_t x_headers;
- directory_config *config;
-
- ngx_str_t *file;
-@@ -83,6 +84,12 @@ static ngx_command_t ngx_http_modsecuri
- NGX_HTTP_LOC_CONF_OFFSET,
- offsetof(ngx_http_modsecurity_loc_conf_t, enable),
- NULL },
-+ { ngx_string("ModSecurityXHeaders"),
-+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_SIF_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_TAKE1,
-+ ngx_conf_set_flag_slot,
-+ NGX_HTTP_LOC_CONF_OFFSET,
-+ offsetof(ngx_http_modsecurity_loc_conf_t, x_headers),
-+ NULL },
- ngx_null_command
- };
-
-@@ -432,7 +439,11 @@ ngx_http_modsecurity_save_headers_in_vis
- }
-
- ngx_strlow(h->lowcase_key, h->key.data, h->key.len);
-+ h->lowcase_key[h->key.len] = '\0';
-
-+ if (!ngx_strcmp(h->lowcase_key, "host"))
-+ return 1;
-+
- h->hash = ngx_hash_key(h->lowcase_key, h->key.len);
-
- cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
-@@ -737,8 +748,10 @@ ngx_http_modsecurity_save_headers_out_vi
- ngx_table_elt_t *h, he;
- ngx_http_upstream_header_t *hh;
- ngx_http_upstream_main_conf_t *umcf;
-+ ngx_table_elt_t *tmp_header;
-
- umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module);
-+ ngx_http_modsecurity_loc_conf_t *conf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity);
-
- h = &he;
-
-@@ -755,6 +768,19 @@ ngx_http_modsecurity_save_headers_out_vi
-
- ngx_strlow(h->lowcase_key, h->key.data, h->key.len);
-
-+ if (conf->x_headers) {
-+ h->lowcase_key[h->key.len] = '\0';
-+ if (h->lowcase_key[0] == 'x' &&
-+ h->lowcase_key[1] == '-') {
-+
-+ tmp_header = ngx_list_push(&r->headers_out.headers);
-+ tmp_header->key = h->key;
-+ tmp_header->value = h->value;
-+ tmp_header->hash = 1;
-+ return 1;
-+ }
-+ }
-+
- h->hash = ngx_hash_key(h->lowcase_key, h->key.len);
-
- hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
-@@ -810,6 +836,7 @@ ngx_http_modsecurity_create_loc_conf(ngx
-
- conf->config = NGX_CONF_UNSET_PTR;
- conf->enable = NGX_CONF_UNSET;
-+ conf->x_headers = NGX_CONF_UNSET;
-
- return conf;
- }
-@@ -823,6 +850,7 @@ ngx_http_modsecurity_merge_loc_conf(ngx_
- ngx_http_modsecurity_loc_conf_t *conf = child;
-
- ngx_conf_merge_value(conf->enable, prev->enable, 0);
-+ ngx_conf_merge_value(conf->x_headers, prev->x_headers, 0);
- ngx_conf_merge_ptr_value(conf->config, prev->config, NULL);
-
- if (conf->enable && conf->config == NULL) {
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/nginx.git/commitdiff/38261c9fdb8b2c4d9cccdb4d848fc1b633cb854d
More information about the pld-cvs-commit
mailing list