Refactoring of IIS build scripts

iis/build_dependencies.bat

@@ -1,4 +1,4 @@
-:: Those variable should be edited as needed.
+:: Those variables should be edited as needed.
 :: Use full paths.
 
 :: General paths
@@ -6,20 +6,25 @@
 @set OUTPUT_DIR=%cd%\dependencies\release_files
 @set SOURCE_DIR=%USERPROFILE%\Downloads
 
-:: Aditional paths.
+:: Dependencies
-@set PATH=%PATH%;c:\work\cmake-2.8.7-win32-x86\bin;"c:\program files\7-zip"
+@set CMAKE=cmake-3.8.2-win32-x86.zip
+@set PCRE=pcre-8.40.zip
+@set ZLIB=zlib-1.2.11.tar.gz
+@set LIBXML2=libxml2-2.9.4.tar.gz
+@set LUA=lua-5.3.4.tar.gz
+@set CURL=curl-7.54.1.zip
+@set APACHE_SRC=httpd-2.4.27.tar.gz
+@set APACHE_BIN32=httpd-2.4.27-win32-VC11.zip
+@set APACHE_BIN64=httpd-2.4.27-win64-VC11.zip
+@set YAJL=yajl-2.1.0.zip
+@set SSDEEP=ssdeep-2.13.tar.gz
+@set SSDEEP_BIN=ssdeep-2.13.zip
+
+@set CMAKE_DIR=%WORK_DIR%\%CMAKE:~0,-4%\bin
+
+:: Aditional paths.
+@set PATH=%PATH%;%CMAKE_DIR%;"c:\program files\7-zip"
 
-@set PCRE=pcre-8.33.zip
-@set ZLIB=zlib-1.2.8.tar.gz
-@set LIBXML2=libxml2-2.9.1.tar.gz
-@set LUA=lua-5.1.5.tar.gz
-@set CURL=curl-7.39.0.zip
-@set APACHE_SRC=httpd-2.4.6.tar.gz
-@set APACHE_BIN32=httpd-2.4.6-win32-VC11.zip
-@set APACHE_BIN64=httpd-2.4.6-win64-VC11.zip
-@set YAJL=lloyd-yajl-f4b2b1a.zip
-@set SSDEEP=ssdeep-2.10.tar.gz
-@set SSDEEP_BIN=ssdeep-2.10.zip
 
 :: @set VCARGS32="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\vcvars32.bat"
 :: @set VCARGS64="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\x86_amd64\vcvarsx86_amd64.bat"
@@ -45,6 +50,12 @@ call cl 2>&1 | findstr /C:"x64"
 @if (%ERRORLEVEL%) == (0) set APACHE_BIN=%APACHE_BIN64%
 
 @echo Starting with the depdendencies...
+@echo # CMake. - %CMAKE%
+@call dependencies/build_cmake.bat
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed_cmake
+@cd "%CURRENT_DIR%"
+
+
 @echo # Apache - %HTTPD%/%APACHE24_ZIP%
 @call dependencies/build_apache.bat
 @if NOT (%ERRORLEVEL%) == (0) goto build_failed_apache
@@ -129,6 +140,10 @@ call cl 2>&1 | findstr /C:"x64"
 @echo Failed to setup %SSDEEP%...
 @goto failed
 
+:build_failed_cmake
+@echo Failed to setup %CMAKE%...
+@goto failed
+
 :failed
 @cd %CURRENT_DIR%
 @exit /B 1

iis/build_modsecurity.bat

@@ -15,7 +15,7 @@ set CURRENT_DIR=%cd%
 cd ..\apache2
 del *.obj *.dll *.lib
 del libinjection\*.obj libinjection\*.dll libinjection\*.lib
-NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\yajl-2.0.1 SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep CURL=..\iis\%DEPENDENCIES_DIR%\curl IIS_BUILD=yes
+NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\%YAJL_DIR% SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep CURL=..\iis\%DEPENDENCIES_DIR%\curl IIS_BUILD=yes
 @if NOT (%ERRORLEVEL%) == (0) goto build_failed
 
 @echo mlogc...
@@ -29,7 +29,7 @@ nmake -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEP
 cd ..\iis
 del *.obj *.dll *.lib
 nmake -f Makefile.win clean
-NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\yajl-2.0.1 SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep CURL=..\iis\%DEPENDENCIES_DIR%\curl
+NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\%YAJL_DIR% SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep CURL=..\iis\%DEPENDENCIES_DIR%\curl
 @if NOT (%ERRORLEVEL%) == (0) goto build_failed
 
 cd %CURRENT_DIR%

iis/dependencies/build_cmake.bat

@@ -0,0 +1,20 @@
+@cd "%WORK_DIR%"
+
+@if NOT EXIST "%SOURCE_DIR%\%CMAKE%" goto file_not_found
+
+
+@7z.exe x "%SOURCE_DIR%\%CMAKE%"
+@if NOT (%ERRORLEVEL%) == (0) goto something_went_wrong
+
+@exit /B 0
+
+:file_not_found
+@echo File not found: %SOURCE_DIR%\%CMAKE%
+@goto failed
+
+:something_went_wrong
+@echo Something went wrong while unzip CMake files.
+@goto failed
+
+:failed
+@exit /B 1

iis/dependencies/build_pcre.bat

@@ -1,3 +1,5 @@
+::@if NOT (%ERRORLEVEL%) == (1) Echo "Patch successfull... For more info on patch see: https://vcs.pcre.org/pcre/code/trunk/CMakeLists.txt?r1=1659&r2=1677&view=patch"
+
 cd "%WORK_DIR%"
 
 @if NOT EXIST "%SOURCE_DIR%\%APACHE_BIN%" goto file_not_found_bin
@@ -7,7 +9,15 @@ set PCRE_DIR=%PCRE:~0,-4%
 
 move "%PCRE_DIR%" "pcre"
 
+@if "%PCRE_DIR%" == "pcre-8.40" (
+	Echo. && Echo "PCRE 8.40 found... patching with patch-pcre-8.40.vbs..." 
+	cscript /B /Nologo ../patch-pcre-8.40.vbs
+)
+
 cd "pcre"
+cat CMakeLists.txt | sed "s/PCRE_STATIC_RUNTIME OFF CACHE BOOL/PCRE_STATIC_RUNTIME/g" > CMakeLists.txt.ops
+move CMakeLists.txt CMakeLists.txt.old
+move CMakeLists.txt.ops CMakeLists.txt
 CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True
 @if NOT (%ERRORLEVEL%) == (0) goto build_failed
 NMAKE
@@ -17,6 +27,7 @@ cd "%WORK%"
 copy /y "%WORK_DIR%\pcre\pcre.dll" "%OUTPUT_DIR%"
 copy /y "%WORK_DIR%\pcre\pcre.pdb" "%OUTPUT_DIR%"
 copy /y "%WORK_DIR%\pcre\pcre.lib" "%OUTPUT_DIR%"
+copy /y "%WORK_DIR%\pcre\pcre.h.generic" "%WORK_DIR%\pcre\pcre.h"
 echo "a"
 @exit /B 0
 

iis/dependencies/build_yajl.bat

@@ -20,10 +20,10 @@ nmake
 
 cd "%WORK%"
 
-copy /y "%WORK_DIR%\yajl\build\yajl-2.0.1\lib\yajl.dll" "%OUTPUT_DIR%"
+copy /y "%WORK_DIR%\yajl\build\%YAJL_DIR%\lib\yajl.dll" "%OUTPUT_DIR%"
-copy /y "%WORK_DIR%\yajl\build\yajl-2.0.1\lib\yajl.pdb" "%OUTPUT_DIR%"
+:: copy /y "%WORK_DIR%\yajl\build\%YAJL_DIR%\lib\yajl.pdb" "%OUTPUT_DIR%"
-copy /y "%WORK_DIR%\yajl\build\yajl-2.0.1\lib\yajl.lib" "%OUTPUT_DIR%"
+copy /y "%WORK_DIR%\yajl\build\%YAJL_DIR%\lib\yajl.lib" "%OUTPUT_DIR%"
-copy /y "%WORK_DIR%\yajl\build\yajl-2.0.1\lib\yajl_s.lib" "%OUTPUT_DIR%"
+copy /y "%WORK_DIR%\yajl\build\%YAJL_DIR%\lib\yajl_s.lib" "%OUTPUT_DIR%"
 
 @exit /B 0
 

iis/dependencies/howto.txt

@@ -1,44 +1,52 @@
-WARNING!
+The build process for ModSecurityIIS for Windows was a relatively complicated process. Understanding it required advanced knowledge of Windows and Unix environments.
+So the build process was refactored to make it easier for users to create their own builds with the automated batch scripts.
 
-Building ModSecurityIIS on Windows is a relatively complicated process. Understanding it requires advanced knowledge of Windows and Unix environments.
+* build_release.bat -> The main build script that calls all the others to have a working release
-Using the same versions of libraries as listed below is strongly recommended.
+* build_msi.bat -> Creates the MSI self-installer for easy deploy / removal / distribution
+
+* build_dependencies.bat -> Sets (and downloads if needed) all required dependencies
+* build_modsecurity.bat -> Builds ModSecurity (requires all depenedencies being set)
+
+* download_files.bat -> Downloads all required dependencies to the default Downloads folder
+** This script is disabled by default. If you want to enable it, uncomment the "@call download_files.bat" line on build_dependencies.bat
+
+The dependencies folder also includes a set o batch scripts which sets each dependency
+on its own. These scripts are called by the build_dependencies.bat script.
+
+Using the same versions of libraries as listed below is  recommended.
+--------------------------------------
+Compilation Prerequisites:
+
+* Windows 7 x86_x64 (Should work on newer versions of Windows too)
+* Vistual Studio 2013 Express (Other versions should work, but you need to set the correct path for vcvars.bat scripts)
+* IIS enabled/installed
+* 7-Zip
 
 --------------------------------------
-Tested on:
 
-Windows 7 x64
+The latest versions of ModSecurity dependencies known to work well are the following:
-Vistual Studio 2010 Ultimate SP1
+
-IIS enabled/installed
+cmake-3.8.2-win32-x86
+pcre-8.40 (patch required and included on file "patch-pcre-8.40.vbs")
+zlib-1.2.11
+libxml2-2.9.4
+lua-5.3.4
+curl-7.54.1
+httpd-2.4.27 (bin-VC11)
+yajl-2.1.0
+ssdeep-2.13
 
-cmake 2.8.7
-curl 7.24.0
-apache 2.2.22 or apache 2.4.3
-libxml2 2.7.7
-lua 5.1.5
-pcre 8.30
-zlib 1.2.7
-7-Zip
 --------------------------------------
 
-1. Create working directory c:\work and drop directory c:\drop
+1. Create working directory (e.g. c:\work) and drop the latest clone from ModSecurity's 2.x Github (https://github.com/SpiderLabs/ModSecurity/archive/v2/master.zip)
-2. Sync SVN ModSecurity branch to c:\work\mod_security
+2. Make sure the prerequisites mentioned above are all set
-3. Copy files from c:\work\mod_security\iis\winbuild to c:\work
+3. If you haven't download the dependency files before, uncomment the "@call download_files.bat" line on build_dependencies.bat to have them downloaded prior
-4. Download and install cmake (unpack to c:\work\cmake-2.8.7-win32-x86)
+4. Open a command prompt (cmd.exe) and head to the "iis" folder inside ModSecurity tree working directory (e.g. cd c:\work\ModSecurity\iis)
-5. Download and install 7-Zip
+5. If you need to modify anything (e.g. paths, versions etc), carefully edit the batch files.
-6. Adjust paths in c:\work\init.bat accordingly if needed
+6. Run build_release.bat
-7. Download curl, apache, libxml2, lua, pcre and zlib, place them in zip files in c:\work
+7. When done, the binaries, lib and pdb files should appear under c:\work\ModSecurity\iis\release\x86 (32-bit) and c:\work\ModSecurity\iis\release\amd64 (64-bit)
+* At this point, if you had a previous installation of ModSecurity and would like to test you can place the x86 files to "C:\Windows\SysWOW64\inetsrv" and x64 files to "C:\Windows\System32\inetsrv" 
 
-curl-7.24.0.zip
+8. If all went well, you can build the MSI installer by running the build_msi.bat script.
-httpd-2.2.22-win32-src.zip or (httpd-2.4.3.zip (source) and httpd-2.4.3-win32.zip + httpd-2.4.3-win64.zip (binaries))
-libxml2-2.7.7.zip
-lua-5.1.5.zip
-pcre-8.30.zip
-zlib-1.2.7.zip
 
-Modify c:\work\build.bat accordingly (if other versions were used)
+* The built installable package places the files to the correct folders, automatically configures the ModSecurity IIS native module and configures web.config to enable ModSecurity for all IIS sites.
-
-8. Open cmd.exe window, go to c:\work and run buildall.bat
-9. When done, the binaries, lib and pdb files should appear under c:\drop\x86 (32-bit) and c:\drop\amd64 (64-bit)
-10. Open the VS ModSecurity IIS installer project
-11. Copy new binaries to the installer's x86 and amd64 directories
-12. Build installer from within VS

iis/download_files.bat

@@ -0,0 +1,41 @@
+
+::@set CMAKE=cmake-3.8.2-win32-x86.zip
+::@set PCRE=pcre-8.40.zip
+::@set ZLIB=zlib-1.2.11.tar.gz
+::@set LIBXML2=libxml2-2.9.4.tar.gz
+::@set LUA=lua-5.3.4.tar.gz
+::@set CURL=curl-7.54.1.zip
+::@set APACHE_SRC=httpd-2.4.27.tar.gz
+::@set APACHE_BIN32=httpd-2.4.27-win32-VC11.zip
+::@set APACHE_BIN64=httpd-2.4.27-win64-VC11.zip
+::@set YAJL=yajl-2.1.0.zip
+::@set SSDEEP=ssdeep-2.13.tar.gz
+::@set SSDEEP_BIN=ssdeep-2.13.zip
+
+:: BITSAdmin refuses to download YAJL from GitHub URL
+:: @set YAJL_URL=https://github.com/lloyd/yajl/archive/%YAJL:~-9%
+@set YAJL_URL=http://http.debian.net/debian/pool/main/y/yajl/yajl_2.1.0.orig.tar.gz
+
+@set CMAKE_URL=https://cmake.org/files/v3.8/%CMAKE%  
+@set PCRE_URL=https://ftp.pcre.org/pub/pcre/%PCRE% 
+@set ZLIB_URL=https://zlib.net/%ZLIB%
+@set LIBXML2_URL=http://xmlsoft.org/sources/%LIBXML2% 
+@set LUA_URL=https://www.lua.org/ftp/%LUA% 
+@set CURL_URL=http://curl.askapache.com/download/%CURL% 
+@set APACHE_SRC_URL=https://www.apache.org/dist/httpd/%APACHE_SRC%
+@set APACHE_BIN_URL=https://www.apachelounge.com/download/VC11/binaries
+@set SSDEEP_URL=https://downloads.sourceforge.net/project/ssdeep/ssdeep-2.13
+
+bitsadmin.exe /transfer "Downloading dependencies..." %CMAKE_URL% %SOURCE_DIR%\%CMAKE% %PCRE_URL% %SOURCE_DIR%\%PCRE% %ZLIB_URL% %SOURCE_DIR%\%ZLIB% %LIBXML2_URL% %SOURCE_DIR%\%LIBXML2% %LUA_URL% %SOURCE_DIR%\%LUA% %CURL_URL% %SOURCE_DIR%\%CURL% %APACHE_SRC_URL% %SOURCE_DIR%\%APACHE_SRC% %APACHE_BIN_URL%/%APACHE_BIN32% %SOURCE_DIR%\%APACHE_BIN32% %APACHE_BIN_URL%/%APACHE_BIN64% %SOURCE_DIR%\%APACHE_BIN64% %YAJL_URL% %SOURCE_DIR%\%YAJL% %SSDEEP_URL%/%SSDEEP% %SOURCE_DIR%\%SSDEEP% %SSDEEP_URL%/%SSDEEP_BIN% %SOURCE_DIR%\%SSDEEP_BIN%
+
+
+@if NOT (%ERRORLEVEL%) == (0) goto :failed_to_download
+@exit /B 0
+
+:failed_to_download
+@echo. && echo Failed to download dependency files... Try again or manually download the files to %SOURCE_DIR% and comment "@call download_files.bat" from build_dependencies.bat
+@goto failed
+
+:failed
+@exit /B 1
+