github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring of IIS build scripts

Browse Source
This commit is contained in:
Victor Hora
2017-07-17 08:43:20 -03:00
committed by Felipe Zimmerle
parent 61bce8d9a9
commit 1e8b4669eb
7 changed files with 177 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
iis/build_dependencies.bat
View File

@@ -1,4 +1,4 @@
:: Those variable should be edited as needed.
:: Those variables should be edited as needed.
:: Use full paths.
:: General paths
@@ -6,20 +6,25 @@
@set OUTPUT_DIR=%cd%\dependencies\release_files
@set SOURCE_DIR=%USERPROFILE%\Downloads
:: Aditional paths.
@set PATH=%PATH%;c:\work\cmake-2.8.7-win32-x86\bin;"c:\program files\7-zip"
:: Dependencies
@set CMAKE=cmake-3.8.2-win32-x86.zip
@set PCRE=pcre-8.40.zip
@set ZLIB=zlib-1.2.11.tar.gz
@set LIBXML2=libxml2-2.9.4.tar.gz
@set LUA=lua-5.3.4.tar.gz
@set CURL=curl-7.54.1.zip
@set APACHE_SRC=httpd-2.4.27.tar.gz
@set APACHE_BIN32=httpd-2.4.27-win32-VC11.zip
@set APACHE_BIN64=httpd-2.4.27-win64-VC11.zip
@set YAJL=yajl-2.1.0.zip
@set SSDEEP=ssdeep-2.13.tar.gz
@set SSDEEP_BIN=ssdeep-2.13.zip
@set CMAKE_DIR=%WORK_DIR%\%CMAKE:~0,-4%\bin
:: Aditional paths.
@set PATH=%PATH%;%CMAKE_DIR%;"c:\program files\7-zip"
@set PCRE=pcre-8.33.zip
@set ZLIB=zlib-1.2.8.tar.gz
@set LIBXML2=libxml2-2.9.1.tar.gz
@set LUA=lua-5.1.5.tar.gz
@set CURL=curl-7.39.0.zip
@set APACHE_SRC=httpd-2.4.6.tar.gz
@set APACHE_BIN32=httpd-2.4.6-win32-VC11.zip
@set APACHE_BIN64=httpd-2.4.6-win64-VC11.zip
@set YAJL=lloyd-yajl-f4b2b1a.zip
@set SSDEEP=ssdeep-2.10.tar.gz
@set SSDEEP_BIN=ssdeep-2.10.zip
:: @set VCARGS32="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\vcvars32.bat"
:: @set VCARGS64="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\x86_amd64\vcvarsx86_amd64.bat"
@@ -45,6 +50,12 @@ call cl 2>&1 | findstr /C:"x64"
@if (%ERRORLEVEL%) == (0) set APACHE_BIN=%APACHE_BIN64%
@echo Starting with the depdendencies...
@echo # CMake. - %CMAKE%
@call dependencies/build_cmake.bat
@if NOT (%ERRORLEVEL%) == (0) goto build_failed_cmake
@cd "%CURRENT_DIR%"
@echo # Apache - %HTTPD%/%APACHE24_ZIP%
@call dependencies/build_apache.bat
@if NOT (%ERRORLEVEL%) == (0) goto build_failed_apache
@@ -129,6 +140,10 @@ call cl 2>&1 | findstr /C:"x64"
@echo Failed to setup %SSDEEP%...
@goto failed
:build_failed_cmake
@echo Failed to setup %CMAKE%...
@goto failed
:failed
@cd %CURRENT_DIR%
@exit /B 1

4
iis/build_modsecurity.bat
View File

@@ -15,7 +15,7 @@ set CURRENT_DIR=%cd%
cd ..\apache2
del *.obj *.dll *.lib
del libinjection\*.obj libinjection\*.dll libinjection\*.lib
NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\yajl-2.0.1 SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep CURL=..\iis\%DEPENDENCIES_DIR%\curl IIS_BUILD=yes
NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\%YAJL_DIR% SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep CURL=..\iis\%DEPENDENCIES_DIR%\curl IIS_BUILD=yes
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
@echo mlogc...
@@ -29,7 +29,7 @@ nmake -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEP
cd ..\iis
del *.obj *.dll *.lib
nmake -f Makefile.win clean
NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\yajl-2.0.1 SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep CURL=..\iis\%DEPENDENCIES_DIR%\curl
NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\%YAJL_DIR% SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep CURL=..\iis\%DEPENDENCIES_DIR%\curl
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
cd %CURRENT_DIR%

20
iis/dependencies/build_cmake.bat Normal file
View File

@@ -0,0 +1,20 @@
@cd "%WORK_DIR%"
@if NOT EXIST "%SOURCE_DIR%\%CMAKE%" goto file_not_found
@7z.exe x "%SOURCE_DIR%\%CMAKE%"
@if NOT (%ERRORLEVEL%) == (0) goto something_went_wrong
@exit /B 0
:file_not_found
@echo File not found: %SOURCE_DIR%\%CMAKE%
@goto failed
:something_went_wrong
@echo Something went wrong while unzip CMake files.
@goto failed
:failed
@exit /B 1

65
iis/dependencies/build_pcre.bat
View File

@@ -1,32 +1,43 @@
cd "%WORK_DIR%"
@if NOT EXIST "%SOURCE_DIR%\%APACHE_BIN%" goto file_not_found_bin
7z.exe x "%SOURCE_DIR%\%PCRE%"
set PCRE_DIR=%PCRE:~0,-4%
::@if NOT (%ERRORLEVEL%) == (1) Echo "Patch successfull... For more info on patch see: https://vcs.pcre.org/pcre/code/trunk/CMakeLists.txt?r1=1659&r2=1677&view=patch"
cd "%WORK_DIR%"
@if NOT EXIST "%SOURCE_DIR%\%APACHE_BIN%" goto file_not_found_bin
7z.exe x "%SOURCE_DIR%\%PCRE%"
set PCRE_DIR=%PCRE:~0,-4%
move "%PCRE_DIR%" "pcre"
@if "%PCRE_DIR%" == "pcre-8.40" (
Echo. && Echo "PCRE 8.40 found... patching with patch-pcre-8.40.vbs..."
cscript /B /Nologo ../patch-pcre-8.40.vbs
)
cd "pcre"
CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
NMAKE
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
cd "%WORK%"
cat CMakeLists.txt | sed "s/PCRE_STATIC_RUNTIME OFF CACHE BOOL/PCRE_STATIC_RUNTIME/g" > CMakeLists.txt.ops
move CMakeLists.txt CMakeLists.txt.old
move CMakeLists.txt.ops CMakeLists.txt
CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
NMAKE
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
cd "%WORK%"
copy /y "%WORK_DIR%\pcre\pcre.dll" "%OUTPUT_DIR%"
copy /y "%WORK_DIR%\pcre\pcre.pdb" "%OUTPUT_DIR%"
copy /y "%WORK_DIR%\pcre\pcre.lib" "%OUTPUT_DIR%"
echo "a"
@exit /B 0
:file_not_found_bin
@echo File not found: "%SOURCE_DIR%\%PCRE%"
@goto failed
:build_failed
@echo Problems during the building phase
@goto failed
:failed
@exit /B 1
copy /y "%WORK_DIR%\pcre\pcre.h.generic" "%WORK_DIR%\pcre\pcre.h"
echo "a"
@exit /B 0
:file_not_found_bin
@echo File not found: "%SOURCE_DIR%\%PCRE%"
@goto failed
:build_failed
@echo Problems during the building phase
@goto failed
:failed
@exit /B 1

8
iis/dependencies/build_yajl.bat
View File

@@ -20,10 +20,10 @@ nmake
cd "%WORK%"
copy /y "%WORK_DIR%\yajl\build\yajl-2.0.1\lib\yajl.dll" "%OUTPUT_DIR%"
copy /y "%WORK_DIR%\yajl\build\yajl-2.0.1\lib\yajl.pdb" "%OUTPUT_DIR%"
copy /y "%WORK_DIR%\yajl\build\yajl-2.0.1\lib\yajl.lib" "%OUTPUT_DIR%"
copy /y "%WORK_DIR%\yajl\build\yajl-2.0.1\lib\yajl_s.lib" "%OUTPUT_DIR%"
copy /y "%WORK_DIR%\yajl\build\%YAJL_DIR%\lib\yajl.dll" "%OUTPUT_DIR%"
:: copy /y "%WORK_DIR%\yajl\build\%YAJL_DIR%\lib\yajl.pdb" "%OUTPUT_DIR%"
copy /y "%WORK_DIR%\yajl\build\%YAJL_DIR%\lib\yajl.lib" "%OUTPUT_DIR%"
copy /y "%WORK_DIR%\yajl\build\%YAJL_DIR%\lib\yajl_s.lib" "%OUTPUT_DIR%"
@exit /B 0

78
iis/dependencies/howto.txt
View File

@@ -1,44 +1,52 @@
WARNING!
The build process for ModSecurityIIS for Windows was a relatively complicated process. Understanding it required advanced knowledge of Windows and Unix environments.
So the build process was refactored to make it easier for users to create their own builds with the automated batch scripts.
Building ModSecurityIIS on Windows is a relatively complicated process. Understanding it requires advanced knowledge of Windows and Unix environments.
Using the same versions of libraries as listed below is strongly recommended.
* build_release.bat -> The main build script that calls all the others to have a working release
* build_msi.bat -> Creates the MSI self-installer for easy deploy / removal / distribution
* build_dependencies.bat -> Sets (and downloads if needed) all required dependencies
* build_modsecurity.bat -> Builds ModSecurity (requires all depenedencies being set)
* download_files.bat -> Downloads all required dependencies to the default Downloads folder
** This script is disabled by default. If you want to enable it, uncomment the "@call download_files.bat" line on build_dependencies.bat
The dependencies folder also includes a set o batch scripts which sets each dependency
on its own. These scripts are called by the build_dependencies.bat script.
Using the same versions of libraries as listed below is recommended.
--------------------------------------
Compilation Prerequisites:
* Windows 7 x86_x64 (Should work on newer versions of Windows too)
* Vistual Studio 2013 Express (Other versions should work, but you need to set the correct path for vcvars.bat scripts)
* IIS enabled/installed
* 7-Zip
--------------------------------------
Tested on:
Windows 7 x64
Vistual Studio 2010 Ultimate SP1
IIS enabled/installed
The latest versions of ModSecurity dependencies known to work well are the following:
cmake-3.8.2-win32-x86
pcre-8.40 (patch required and included on file "patch-pcre-8.40.vbs")
zlib-1.2.11
libxml2-2.9.4
lua-5.3.4
curl-7.54.1
httpd-2.4.27 (bin-VC11)
yajl-2.1.0
ssdeep-2.13
cmake 2.8.7
curl 7.24.0
apache 2.2.22 or apache 2.4.3
libxml2 2.7.7
lua 5.1.5
pcre 8.30
zlib 1.2.7
7-Zip
--------------------------------------
1. Create working directory c:\work and drop directory c:\drop
2. Sync SVN ModSecurity branch to c:\work\mod_security
3. Copy files from c:\work\mod_security\iis\winbuild to c:\work
4. Download and install cmake (unpack to c:\work\cmake-2.8.7-win32-x86)
5. Download and install 7-Zip
6. Adjust paths in c:\work\init.bat accordingly if needed
7. Download curl, apache, libxml2, lua, pcre and zlib, place them in zip files in c:\work
1. Create working directory (e.g. c:\work) and drop the latest clone from ModSecurity's 2.x Github (https://github.com/SpiderLabs/ModSecurity/archive/v2/master.zip)
2. Make sure the prerequisites mentioned above are all set
3. If you haven't download the dependency files before, uncomment the "@call download_files.bat" line on build_dependencies.bat to have them downloaded prior
4. Open a command prompt (cmd.exe) and head to the "iis" folder inside ModSecurity tree working directory (e.g. cd c:\work\ModSecurity\iis)
5. If you need to modify anything (e.g. paths, versions etc), carefully edit the batch files.
6. Run build_release.bat
7. When done, the binaries, lib and pdb files should appear under c:\work\ModSecurity\iis\release\x86 (32-bit) and c:\work\ModSecurity\iis\release\amd64 (64-bit)
* At this point, if you had a previous installation of ModSecurity and would like to test you can place the x86 files to "C:\Windows\SysWOW64\inetsrv" and x64 files to "C:\Windows\System32\inetsrv"
curl-7.24.0.zip
httpd-2.2.22-win32-src.zip or (httpd-2.4.3.zip (source) and httpd-2.4.3-win32.zip + httpd-2.4.3-win64.zip (binaries))
libxml2-2.7.7.zip
lua-5.1.5.zip
pcre-8.30.zip
zlib-1.2.7.zip
8. If all went well, you can build the MSI installer by running the build_msi.bat script.
Modify c:\work\build.bat accordingly (if other versions were used)
8. Open cmd.exe window, go to c:\work and run buildall.bat
9. When done, the binaries, lib and pdb files should appear under c:\drop\x86 (32-bit) and c:\drop\amd64 (64-bit)
10. Open the VS ModSecurity IIS installer project
11. Copy new binaries to the installer's x86 and amd64 directories
12. Build installer from within VS
* The built installable package places the files to the correct folders, automatically configures the ModSecurity IIS native module and configures web.config to enable ModSecurity for all IIS sites.

41
iis/download_files.bat Normal file
View File

@@ -0,0 +1,41 @@
::@set CMAKE=cmake-3.8.2-win32-x86.zip
::@set PCRE=pcre-8.40.zip
::@set ZLIB=zlib-1.2.11.tar.gz
::@set LIBXML2=libxml2-2.9.4.tar.gz
::@set LUA=lua-5.3.4.tar.gz
::@set CURL=curl-7.54.1.zip
::@set APACHE_SRC=httpd-2.4.27.tar.gz
::@set APACHE_BIN32=httpd-2.4.27-win32-VC11.zip
::@set APACHE_BIN64=httpd-2.4.27-win64-VC11.zip
::@set YAJL=yajl-2.1.0.zip
::@set SSDEEP=ssdeep-2.13.tar.gz
::@set SSDEEP_BIN=ssdeep-2.13.zip
:: BITSAdmin refuses to download YAJL from GitHub URL
:: @set YAJL_URL=https://github.com/lloyd/yajl/archive/%YAJL:~-9%
@set YAJL_URL=http://http.debian.net/debian/pool/main/y/yajl/yajl_2.1.0.orig.tar.gz
@set CMAKE_URL=https://cmake.org/files/v3.8/%CMAKE%
@set PCRE_URL=https://ftp.pcre.org/pub/pcre/%PCRE%
@set ZLIB_URL=https://zlib.net/%ZLIB%
@set LIBXML2_URL=http://xmlsoft.org/sources/%LIBXML2%
@set LUA_URL=https://www.lua.org/ftp/%LUA%
@set CURL_URL=http://curl.askapache.com/download/%CURL%
@set APACHE_SRC_URL=https://www.apache.org/dist/httpd/%APACHE_SRC%
@set APACHE_BIN_URL=https://www.apachelounge.com/download/VC11/binaries
@set SSDEEP_URL=https://downloads.sourceforge.net/project/ssdeep/ssdeep-2.13
bitsadmin.exe /transfer "Downloading dependencies..." %CMAKE_URL% %SOURCE_DIR%\%CMAKE% %PCRE_URL% %SOURCE_DIR%\%PCRE% %ZLIB_URL% %SOURCE_DIR%\%ZLIB% %LIBXML2_URL% %SOURCE_DIR%\%LIBXML2% %LUA_URL% %SOURCE_DIR%\%LUA% %CURL_URL% %SOURCE_DIR%\%CURL% %APACHE_SRC_URL% %SOURCE_DIR%\%APACHE_SRC% %APACHE_BIN_URL%/%APACHE_BIN32% %SOURCE_DIR%\%APACHE_BIN32% %APACHE_BIN_URL%/%APACHE_BIN64% %SOURCE_DIR%\%APACHE_BIN64% %YAJL_URL% %SOURCE_DIR%\%YAJL% %SSDEEP_URL%/%SSDEEP% %SOURCE_DIR%\%SSDEEP% %SSDEEP_URL%/%SSDEEP_BIN% %SOURCE_DIR%\%SSDEEP_BIN%
@if NOT (%ERRORLEVEL%) == (0) goto :failed_to_download
@exit /B 0
:failed_to_download
@echo. && echo Failed to download dependency files... Try again or manually download the files to %SOURCE_DIR% and comment "@call download_files.bat" from build_dependencies.bat
@goto failed
:failed
@exit /B 1