diff --git a/CHANGES b/CHANGES
index 901b124f..a1c86788 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
DD mmm YYYY - 2.9.????? (To be released)
-----------------------
+ * OpenSSL dependency was removed on MS Windows builds. ModSecurity is now using
+ the Windows certificate storage.
+ [Gregg Smith, Steffen and ModSecurity team]
* Informs about external resources loaded/failed while reloading Apache.
[ModSecurity team]
* Adds missing 'ModSecurity:' prefix in some warnings messages.
diff --git a/apache2/Makefile.win b/apache2/Makefile.win
index 5699673d..05410b87 100644
--- a/apache2/Makefile.win
+++ b/apache2/Makefile.win
@@ -11,7 +11,7 @@ LIBS = $(APACHE)\lib\libhttpd.lib \
$(APACHE)\lib\libapr-1.lib \
$(APACHE)\lib\libaprutil-1.lib \
$(PCRE)\pcre.lib \
- $(CURL)\lib\libcurl_imp.lib \
+ $(CURL)\libcurl.lib \
$(LIBXML2)\win32\bin.msvc\libxml2.lib \
Ws2_32.lib \
"iphlpapi.lib"
@@ -32,6 +32,9 @@ INCLUDES = -I. -I.. \
-I$(PCRE)\include -I$(PCRE) \
-I$(LIBXML2)\include \
-I$(APACHE)\include
+
+# Enables support for SecRemoteRules and external resources.
+DEFS=$(DEFS) -DWITH_CURL -DWITH_REMOTE_RULES
# Lua is optional
!IF "$(LUA)" != ""
diff --git a/iis/Makefile.win b/iis/Makefile.win
index a7a0a6ad..8c2cdbd7 100644
--- a/iis/Makefile.win
+++ b/iis/Makefile.win
@@ -10,7 +10,7 @@
LIBS = $(APACHE)\lib\libapr-1.lib \
$(APACHE)\lib\libaprutil-1.lib \
$(PCRE)\pcre.lib \
- $(CURL)\lib\libcurl_imp.lib \
+ $(CURL)\libcurl.lib \
$(LIBXML2)\win32\bin.msvc\libxml2.lib \
"kernel32.lib" "user32.lib" "gdi32.lib" "winspool.lib" "comdlg32.lib" "advapi32.lib" "shell32.lib" "ole32.lib" \
"oleaut32.lib" "uuid.lib" "odbc32.lib" "odbccp32.lib" "ws2_32.lib" \
@@ -37,6 +37,8 @@ INCLUDES = -I. -I.. \
-I..\apache2 \
-I..\standalone
+# Enables support for SecRemoteRules and external resources.
+DEFS=$(DEFS) -DWITH_CURL -DWITH_REMOTE_RULES
# -I$(SSDEEP) \
# Lua is optional
diff --git a/iis/build_dependencies.bat b/iis/build_dependencies.bat
index c2db6696..fc0d6095 100644
--- a/iis/build_dependencies.bat
+++ b/iis/build_dependencies.bat
@@ -13,14 +13,13 @@
@set ZLIB=zlib-1.2.8.tar.gz
@set LIBXML2=libxml2-2.9.1.tar.gz
@set LUA=lua-5.1.5.tar.gz
-@set CURL=curl-7.33.0.zip
+@set CURL=curl-7.39.0.zip
@set APACHE_SRC=httpd-2.4.6.tar.gz
@set APACHE_BIN32=httpd-2.4.6-win32-VC11.zip
@set APACHE_BIN64=httpd-2.4.6-win64-VC11.zip
@set YAJL=lloyd-yajl-f4b2b1a.zip
@set SSDEEP=ssdeep-2.10.tar.gz
@set SSDEEP_BIN=ssdeep-2.10.zip
-@set OPENSSL=openssl-1.0.1j.tar.gz
:: @set VCARGS32="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\vcvars32.bat"
:: @set VCARGS64="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\x86_amd64\vcvarsx86_amd64.bat"
@@ -71,11 +70,6 @@ call cl 2>&1 | findstr /C:"x64"
@if NOT (%ERRORLEVEL%) == (0) goto build_failed_lua
@cd "%CURRENT_DIR%"
-@echo # openssl - %OPENSSL%
-@call dependencies/build_openssl.bat
-@if NOT (%ERRORLEVEL%) == (0) goto build_failed_openssl
-@cd "%CURRENT_DIR%"
-
@echo # curl - %CURL%
@call dependencies/build_curl.bat
@if NOT (%ERRORLEVEL%) == (0) goto build_failed_curl
@@ -127,10 +121,6 @@ call cl 2>&1 | findstr /C:"x64"
@echo Failed to setup %CURL%...
@goto failed
-:build_failed_openssl
-@echo Failed to setup %OPENSSL%...
-@goto failed
-
:build_failed_yajl
@echo Failed to setup %YAJL%...
@goto failed
diff --git a/iis/build_release.bat b/iis/build_release.bat
index 98984727..68bc5871 100644
--- a/iis/build_release.bat
+++ b/iis/build_release.bat
@@ -35,8 +35,6 @@ copy "%OUTPUT_DIR%\pcre.dll" "%AMD64%"
copy "%OUTPUT_DIR%\zlib1.dll" "%AMD64%"
copy "%OUTPUT_DIR%\yajl.dll" "%AMD64%"
copy "%OUTPUT_DIR%\fuzzy.dll" "%AMD64%"
-copy "%OUTPUT_DIR%\libeay32.dll" "%AMD64%"
-copy "%OUTPUT_DIR%\ssleay32.dll" "%AMD64%"
set SSDEEP_ARCH="x86"
call build_dependencies.bat %VCARGS32%
@@ -56,8 +54,6 @@ copy "%OUTPUT_DIR%\pcre.dll" "%X86%"
copy "%OUTPUT_DIR%\zlib1.dll" "%X86%"
copy "%OUTPUT_DIR%\yajl.dll" "%X86%"
copy "%OUTPUT_DIR%\fuzzy.dll" "%X86%"
-copy "%OUTPUT_DIR%\libeay32.dll" "%X86%"
-copy "%OUTPUT_DIR%\ssleay32.dll" "%X86%"
:: copy %OUTPUT_DIR%\Installer.exe %RELEASE_DIR%
diff --git a/iis/dependencies/build_curl.bat b/iis/dependencies/build_curl.bat
index 8d0bbcd3..6d66a1d1 100644
--- a/iis/dependencies/build_curl.bat
+++ b/iis/dependencies/build_curl.bat
@@ -1,39 +1,41 @@
-cd "%WORK_DIR%"
-
-@if NOT EXIST "%SOURCE_DIR%\%CURL%" goto file_not_found_bin
+cd "%WORK_DIR%"
+@if NOT EXIST "%SOURCE_DIR%\%CURL%" goto file_not_found_bin
echo "7z..."
-7z.exe x "%SOURCE_DIR%\%CURL%"
+7z.exe x "%SOURCE_DIR%\%CURL%"
echo "Timeout..."
timeout 5
echo "Curl..."
-set CURL_DIR=%CURL:~0,-4%
+set CURL_DIR=%CURL:~0,-4%
echo "Move..."
-move "%CURL_DIR%" "curl"
+move "%CURL_DIR%" "curl"
echo "Cd..."
-:: copy /y CMakeLists.txt "curl"
-CD "curl"
-echo "Cmake..."
-CMAKE -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=True -DCURL_ZLIB=True -DUSE_SSLEAY=dll -DUSE_OPENSSL=dll -DOPENSSL_ROOT_DIR=%WORK_DIR%/openssl_inst
-@if NOT (%ERRORLEVEL%) == (0) goto build_failed
-:: "%WORK_DIR%\fart.exe" -r -C "%WORK_DIR%\curl\include\curl\curlbuild.h" LLU ULL
-NMAKE
-@if NOT (%ERRORLEVEL%) == (0) goto build_failed
-cd "%WORK_DIR%"
-
-copy /y "%WORK_DIR%\curl\lib\libcurl.dll" "%OUTPUT_DIR%"
-copy /y "%WORK_DIR%\curl\lib\libcurl.pdb" "%OUTPUT_DIR%"
-copy /y "%WORK_DIR%\curl\lib\libcurl_imp.lib" "%OUTPUT_DIR%"
-
-exit /B 0
-
-:file_not_found_bin
-@echo File not found: "%SOURCE_DIR%\%CURL%"
-@goto failed
-
-:build_failed
-@echo Problems during the building phase
-@goto failed
-
-:failed
-@exit /B 1
-
+CD "curl\winbuild"
+
+@set ARCH=x86
+@call cl 2>&1 | findstr /C:"x64"
+@if (%ERRORLEVEL%) == (0) set ARCH=x64
+
+nmake /f Makefile.vc mode=dll ENABLE_WINSSL=yes MACHINE=%ARCH% WITH_ZLIB=dll
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+
+cd "%WORK_DIR%"
+
+copy /y "%WORK_DIR%\curl\builds\libcurl-vc-%ARCH%-release-dll-zlib-dll-ipv6-sspi-winssl-obj-lib\libcurl.dll" "%OUTPUT_DIR%"
+copy /y "%WORK_DIR%\curl\builds\libcurl-vc-%ARCH%-release-dll-zlib-dll-ipv6-sspi-winssl-obj-lib\libcurl.lib" "%OUTPUT_DIR%"
+copy /y "%WORK_DIR%\curl\builds\libcurl-vc-%ARCH%-release-dll-zlib-dll-ipv6-sspi-winssl-obj-lib\libcurl.lib" "%WORK_DIR%\curl\libcurl.lib"
+
+exit /B 0
+
+:file_not_found_bin
+@echo File not found: "%SOURCE_DIR%\%CURL%"
+@goto failed
+
+:build_failed
+@echo Problems during the building phase
+@goto failed
+
+:failed
+@exit /B 1
+
+
+->
diff --git a/iis/dependencies/build_openssl.bat b/iis/dependencies/build_openssl.bat
deleted file mode 100644
index a8fe3043..00000000
--- a/iis/dependencies/build_openssl.bat
+++ /dev/null
@@ -1,83 +0,0 @@
-::set WORK_DIR=C:\buildbot\win-local_-_Release\build\ModSecurity\iis\dependencies\build_dir
-::set SOURCE_DIR=C:\Users\fcosta\Downloads
-::set OPENSSL=openssl-1.0.1j.tar.gz
-::set OUTPUT_DIR=C:\buildbot\win-local_-_Release\build\ModSecurity\iis\release_files
-
-cd "%WORK_DIR%"
-@if NOT EXIST "%SOURCE_DIR%\%OPENSSL%" goto file_not_found_bin
-
-echo "7z..."
-@7z.exe x "%SOURCE_DIR%\%OPENSSL%" -so | 7z.exe x -aoa -si -ttar
-
-echo "Timeout..."
-timeout 5
-
-echo "OpenSSL..."
-set OPENSSL_DIR=%OPENSSL:~0,-7%
-
-echo "Move..."
-move "%OPENSSL_DIR%" "openssl"
-
-echo "Cd..."
-cd "openssl"
-
-
-@set ARCH=x86
-@call cl 2>&1 | findstr /C:"x64"
-@if (%ERRORLEVEL%) == (0) set ARCH=x64
-
-echo "Starting to build"
-
-if "%ARCH%" == "x64" ( goto first ) else ( goto second )
-goto end
-
-:first
- echo "Building x64"
- perl Configure VC-WIN64A --prefix=%WORK_DIR%/openssl_inst
- @if NOT (%ERRORLEVEL%) == (0) goto build_failed
- call ms\do_win64a
- @if NOT (%ERRORLEVEL%) == (0) goto build_failed
- nmake -f ms\ntdll.mak
- @if NOT (%ERRORLEVEL%) == (0) goto build_failed
- nmake -f ms\ntdll.mak install
- @if NOT (%ERRORLEVEL%) == (0) goto build_failed
-
- copy /y "%WORK_DIR%\openssl\out32dll\libeay32.dll" "%OUTPUT_DIR%"
- copy /y "%WORK_DIR%\openssl\out32dll\ssleay32.dll" "%OUTPUT_DIR%"
- copy /y "%WORK_DIR%\openssl\out32dll\libeay32.lib" "%OUTPUT_DIR%"
- copy /y "%WORK_DIR%\openssl\out32dll\ssleay32.lib" "%OUTPUT_DIR%"
- goto end
-
-:second
- echo "Building x86"
- perl Configure VC-WIN32 no-asm --prefix=%WORK_DIR%/openssl_inst
- @if NOT (%ERRORLEVEL%) == (0) goto build_failed
- :: call ms\do_nasm
- call ms\do_ms
- @if NOT (%ERRORLEVEL%) == (0) goto build_failed
- nmake -f ms\ntdll.mak
- @if NOT (%ERRORLEVEL%) == (0) goto build_failed
- nmake -f ms\ntdll.mak install
- @if NOT (%ERRORLEVEL%) == (0) goto build_failed
-
- copy /y "%WORK_DIR%\openssl\out32dll\libeay32.dll" "%OUTPUT_DIR%"
- copy /y "%WORK_DIR%\openssl\out32dll\ssleay32.dll" "%OUTPUT_DIR%"
- copy /y "%WORK_DIR%\openssl\out32dll\libeay32.lib" "%OUTPUT_DIR%"
- copy /y "%WORK_DIR%\openssl\out32dll\ssleay32.lib" "%OUTPUT_DIR%"
- goto end
-
-
-:end
-exit /B 0
-
-:file_not_found_bin
-@echo File not found: "%SOURCE_DIR%\%OPENSSL%"
-@goto failed
-
-:: :build_failed
-:: @echo Problems during the building phase
-:: @goto failed
-
-:failed
-@exit /B 1
-
diff --git a/iis/installer.wxs b/iis/installer.wxs
index 695d1eec..4c192fbe 100644
--- a/iis/installer.wxs
+++ b/iis/installer.wxs
@@ -86,16 +86,6 @@
-
-
-
-
-
-
-
-
-
-
@@ -336,9 +326,9 @@
-
+
-
+
@@ -380,9 +370,6 @@
-
-
-
@@ -399,9 +386,6 @@
-
-
-
@@ -429,9 +413,6 @@
-
-
-
diff --git a/iis/mlogc.vcxproj b/iis/mlogc.vcxproj
index b8b56454..162c76ff 100644
--- a/iis/mlogc.vcxproj
+++ b/iis/mlogc.vcxproj
@@ -81,7 +81,7 @@
Console
- kernel32.lib;IPHLPAPI.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;ws2_32.lib;%(AdditionalDependencies);dependencies\build_dir\apache24\lib\libapr-1.lib;dependencies\build_dir\apache24\lib\libaprutil-1.lib;dependencies\build_dir\pcre\pcre.lib;dependencies\build_dir\libxml2\win32\bin.msvc\libxml2.lib;dependencies\build_dir\yajl\build\yajl-2.0.1\lib\yajl.lib;dependencies\build_dir\curl\lib\libcurl_imp.lib;
+ kernel32.lib;IPHLPAPI.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;ws2_32.lib;%(AdditionalDependencies);dependencies\build_dir\apache24\lib\libapr-1.lib;dependencies\build_dir\apache24\lib\libaprutil-1.lib;dependencies\build_dir\pcre\pcre.lib;dependencies\build_dir\libxml2\win32\bin.msvc\libxml2.lib;dependencies\build_dir\yajl\build\yajl-2.0.1\lib\yajl.lib;dependencies\build_dir\curl\builds\libcurl-vc-x64-release-dll-zlib-dll-ipv6-sspi-winssl-obj-lib\libcurl.lib;
false
@@ -95,7 +95,7 @@
Console
- kernel32.lib;IPHLPAPI.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;ws2_32.lib;%(AdditionalDependencies);dependencies\build_dir\apache24\lib\libapr-1.lib;dependencies\build_dir\apache24\lib\libaprutil-1.lib;dependencies\build_dir\pcre\pcre.lib;dependencies\build_dir\libxml2\win32\bin.msvc\libxml2.lib;dependencies\build_dir\yajl\build\yajl-2.0.1\lib\yajl.lib;dependencies\build_dir\curl\lib\libcurl_imp.lib;
+ kernel32.lib;IPHLPAPI.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;ws2_32.lib;%(AdditionalDependencies);dependencies\build_dir\apache24\lib\libapr-1.lib;dependencies\build_dir\apache24\lib\libaprutil-1.lib;dependencies\build_dir\pcre\pcre.lib;dependencies\build_dir\libxml2\win32\bin.msvc\libxml2.lib;dependencies\build_dir\yajl\build\yajl-2.0.1\lib\yajl.lib;dependencies\build_dir\curl\builds\libcurl-vc-x64-release-dll-zlib-dll-ipv6-sspi-winssl-obj-lib\libcurl.lib;
false
@@ -109,7 +109,7 @@
Console
- kernel32.lib;IPHLPAPI.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;ws2_32.lib;%(AdditionalDependencies);dependencies\build_dir\apache24\lib\libapr-1.lib;dependencies\build_dir\apache24\lib\libaprutil-1.lib;dependencies\build_dir\pcre\pcre.lib;dependencies\build_dir\libxml2\win32\bin.msvc\libxml2.lib;dependencies\build_dir\yajl\build\yajl-2.0.1\lib\yajl.lib;dependencies\build_dir\curl\lib\libcurl_imp.lib;
+ kernel32.lib;IPHLPAPI.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;ws2_32.lib;%(AdditionalDependencies);dependencies\build_dir\apache24\lib\libapr-1.lib;dependencies\build_dir\apache24\lib\libaprutil-1.lib;dependencies\build_dir\pcre\pcre.lib;dependencies\build_dir\libxml2\win32\bin.msvc\libxml2.lib;dependencies\build_dir\yajl\build\yajl-2.0.1\lib\yajl.lib;dependencies\build_dir\curl\builds\libcurl-vc-x64-release-dll-zlib-dll-ipv6-sspi-winssl-obj-lib\libcurl.lib;
false
@@ -121,4 +121,4 @@
-
\ No newline at end of file
+
diff --git a/mlogc/Makefile.win b/mlogc/Makefile.win
index ebb59d8a..12b555fa 100755
--- a/mlogc/Makefile.win
+++ b/mlogc/Makefile.win
@@ -14,7 +14,7 @@ CURL = %CURL%
LIBS = $(BASE)\lib\libapr-1.lib \
$(BASE)\lib\libaprutil-1.lib \
$(PCRE)\pcre.lib \
- $(CURL)\lib\libcurl_imp.lib \
+ $(CURL)\libcurl.lib \
wsock32.lib
###########################################################################