otherwise configure fails to find pcre2 when /bin/sh does not point to bash:
configure: using pcre v8.45
./configure: 16601: test: xno: unexpected operator
./configure: 16601: test: xno: unexpected operator
checking for libpcre2 config script... no
configure: *** pcre2 library not found.
configure: error: pcre2 library is required
Signed-off-by: Lars Wendler <polynomial-c@gmx.de>
Debian is taking steps to remove xml2-config in favour of pkg-config.
This means ModSecurity will build without libxml2 support by default
on Debian, Ubuntu and other distributions tracking Debian packages.
This patch modifies build/find_xml.m4 to check for libxml2 via
pkg-config, falling back to xml2-config if necessary.
Macros like "find_curl" are using "verbose_output" variable but because some
of them are called before we define the variable we are seeing errors like
./configure: line 13855: test: : integer expression expected
This commit will fix the problem by moving the "verbose_output" declaration
up to the beginning so that the variable is available for every macro.
Remove compile-time setting for generating audit logs
as JSON, creating a new config option (SecAuditLogFormat).
sec_audit_logger is now a wrapper for sec_audit_logger_json
or sec_audit_logger_native. This has the disadvantage of
making the audit log generation code harder to maintain,
but the logger function itself now is no longer pepper
with binary branches.
All of the apr flags needed to compile APU_HAVE_CRYPTO check
in configure.ac aren't passed. While this works fine for 64-bit
machines (because _LARGEFILE64_SOURCE is already defined),
this does not work on 32-bit. This in-turn breaks the apr_off_t
definition in apr.h.
By passing along the apr --cflags and --cppflags to compile,
32-bit machines will allow WITH_APU_CRYPTO to be set if there's
support for it.
As reported by Rainer Jung, Curl may not be mandatory to build
ModSecurity core. This patch make it optional by:
- Concentrate all downloads using curl on msc_remote_rules.c
- Split Curl build definitions checks into: WITH_CURL, WITH_REMOTE_RULES
and WITH_CRYPTO.
- WITH_CURL: Contains Culr headers and binaries during the build time.
- WITH_REMOTE_RULES: Currently enabled if Curl is present.
- WITH_CRYPTO: Set if apr tool was compiled with crypto support.
- Renames msc_remote_grab_content to msc_remote_download_content
As of Automake 1.4, it starts to warning about the lack of utilization
of `subdir-objects' option, which will be default in the further
releases. Avoiding break stuff we are patching ModSecurity to support
such option when it still an option (Issue #760).
Now searching for yajl using find_yajl.m4 macro file instead
of using pkg-config directly. If YAJL was not found or if it
was disabled in the configure phase, the code will be compiled
without JSON support.
The nginx config file was looking for depedencies by its own,
by doing that it was ignoring the options that were passed to
configure script. This commit deletes this config file and adds
a meta-config which is populated by configure whenever the
standalone-module is enabled.
