All of the apr flags needed to compile APU_HAVE_CRYPTO check
in configure.ac aren't passed. While this works fine for 64-bit
machines (because _LARGEFILE64_SOURCE is already defined),
this does not work on 32-bit. This in-turn breaks the apr_off_t
definition in apr.h.
By passing along the apr --cflags and --cppflags to compile,
32-bit machines will allow WITH_APU_CRYPTO to be set if there's
support for it.
apr_crypto is not always available, configure scripts are looking for
it and setting WITH_APU_CRYPTO in case it is found. There were two
places where apr_crypto.h was included without validating if
WITH_APU_CRYPTO was set. This patch removes the inclusion from the
first place (it seems not to be mandatory) and add the check for
WITH_APU_CRYPTO in the second one. This fix issue #834.
As the this new Curl version supports well the Windows certificate storage,
removing the dependency on the OpenSSL. Also changing the build scripts to work
accordingly. As the cmake build of Curl is said to broken abandoning it in
favor of the nmake files. Thanks to Gregg Smith and Steffen.
Resources load mechanism as the SecRemoteRuels were not showing information
about the loaded rules while Apache was reloaded. This patch add such
information to reload in the same way that it was showing on restart.
As reported by Christian Folin and Walter Hop on our dev mailing list, Apache
mod_ssl was failing if a remote resource was utilized. That was happening
because Curl clean up was also cleaning up the OpenSSL data used by mod_ssl.
This patch moves Curl initialization to happens while ModSecurity is
initialized.
As reported by Rainer Jung, Curl may not be mandatory to build
ModSecurity core. This patch make it optional by:
- Concentrate all downloads using curl on msc_remote_rules.c
- Split Curl build definitions checks into: WITH_CURL, WITH_REMOTE_RULES
and WITH_CRYPTO.
- WITH_CURL: Contains Culr headers and binaries during the build time.
- WITH_REMOTE_RULES: Currently enabled if Curl is present.
- WITH_CRYPTO: Set if apr tool was compiled with crypto support.
- Renames msc_remote_grab_content to msc_remote_download_content
