Adds SecRemoteRules as an build option

SecRemoteRules adds a new dependency to libcurl. Before only mlogc was depending on libcurl. SecRemoteRules also depends on the apr-tools with crypto support, which (as reported by our buildbots) is not default in some environments such as: MacOS X. This commit disable SecRemoteRules support if apr-tools was not compiled with crypto support.
2025-09-29 11:16:33 +03:00 · 2014-11-12 11:44:45 -03:00
parent 38b9924705
commit c54bb746c6
5 changed files with 41 additions and 15 deletions
--- a/apache2/apache2_config.c
+++ b/apache2/apache2_config.c
@@ -2217,7 +2217,7 @@ static const char *cmd_remote_rules_fail(cmd_parms *cmd, void *_dcfg, const char
 {
    directory_config *dcfg = (directory_config *)_dcfg;
    if (dcfg == NULL) return NULL;
-
+#ifdef WITH_REMOTE_RULES_SUPPORT
    if (strncasecmp(p1, "warn", 4) == 0)
    {
        remote_rules_fail_action = REMOTE_RULES_WARN_ON_FAIL;
@@ -2231,6 +2231,10 @@ static const char *cmd_remote_rules_fail(cmd_parms *cmd, void *_dcfg, const char
        return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for " \
                "SecRemoteRulesFailAction, expected: Abort or Warn.");
    }
+#else
+    return apr_psprintf(cmd->pool, "ModSecurity: " \
+        "SecRemoteRules: ModSecurity was not compiled with such functionality.");
+#endif

    return NULL;
 }
@@ -2242,6 +2246,7 @@ static const char *cmd_remote_rules(cmd_parms *cmd, void *_dcfg, const char *p1,
    directory_config *dcfg = (directory_config *)_dcfg;
    if (dcfg == NULL) return NULL;

+#ifdef WITH_REMOTE_RULES_SUPPORT
    // FIXME: make it https only.
    // if (strncasecmp(p1, "https", 5) != 0) {
    if (strncasecmp(p2, "http", 4) != 0) {
@@ -2274,6 +2279,10 @@ static const char *cmd_remote_rules(cmd_parms *cmd, void *_dcfg, const char *p1,
    {
        return error_msg;
    }
+#else
+    return apr_psprintf(cmd->pool, "ModSecurity:  " \
+        "SecRemoteRules: ModSecurity was not compiled with such functionality.");
+#endif

    return NULL;
 }