##
##  apache-security.spec -- OpenPKG RPM Package Specification
##  Copyright (c) 2000-2007 OpenPKG Foundation e.V. <http://openpkg.net/>
##  Copyright (c) 2000-2007 Ralf S. Engelschall <http://engelschall.com/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package version
%define       V_module 2.1.4
%define       V_rules  2.1-1.5.1

#   package information
Name:         apache-security
Summary:      Apache Extension: Security
URL:          http://www.modsecurity.org/
Vendor:       Breach Security, Inc.
Packager:     OpenPKG Foundation e.V.
Distribution: OpenPKG Community
Class:        EVAL
Group:        Web
License:      Open Source
Version:      %{V_module}
Release:      20071210

#   list of sources
Source0:      http://www.modsecurity.org/download/modsecurity-apache_%{V_module}.tar.gz
Source1:      http://www.modsecurity.org/download/modsecurity-core-rules_%{V_rules}.tar.gz
Source2:      apache-security.conf
Patch0:       apache-security.patch

#   build information
Prefix:       %{l_prefix}
BuildRoot:    %{l_buildroot}
BuildPreReq:  OpenPKG, openpkg >= 20060823, make
PreReq:       OpenPKG, openpkg >= 20060823
BuildPreReq:  apache, libxml
PreReq:       apache, libxml
AutoReq:      no
AutoReqProv:  no

%description
    This is the Security extension module for the Apache HTTP webserver.

%track
    prog apache-security:module = {
        version   = %{V_module}
        url       = http://www.modsecurity.org/download/direct.html
        regex     = modsecurity-apache_(\d+\.\d+\.\d+)\.tar\.gz
    }
    prog apache-security:rules = {
        version   = %{V_rules}
        url       = http://www.modsecurity.org/download/direct.html
        regex     = modsecurity-core-rules_(\d+\.\d+(\.\d+)?-\d+\.\d+(\.\d+)?)\.tar\.gz
    }

%prep
    %setup -q -n modsecurity-apache_%{V_module}
    ( cd rules
      %{l_gzip} -dc %{SOURCE modsecurity-core-rules_%{V_rules}.tar.gz} | %{l_tar} xf -

      #   remove config rule set of the ModSecurity core rule set as
      #   we handle those setting in our default configuration file
      #   'apache-security.conf' already
      rm -f modsecurity_crs_10_config.conf
    ) || exit $?
    %patch -p0

%build
    #   build module
    ( cd apache2
      %{l_make} %{l_mflags} \
          top_dir=%{l_prefix}/share/apache \
          DEFS="-DWITH_LIBXML2" \
          INCLUDES="%{l_cppflags libxml2}" \
          EXTRA_LDFLAGS="%{l_ldflags} -lxml2"
    ) || exit $?

%install
    #   install module
    rm -rf $RPM_BUILD_ROOT
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d \
        $RPM_BUILD_ROOT%{l_prefix}/libexec/apache
    %{l_shtool} install -c -m 755 \
        apache2/.libs/mod_security2.so \
        $RPM_BUILD_ROOT%{l_prefix}/libexec/apache/mod_security.so
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE apache-security.conf} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d/

    #   install core rule sets
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/apache-security
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        rules/modsecurity_crs_*.conf \
        $RPM_BUILD_ROOT%{l_prefix}/etc/apache-security/

    #   create directories for logs and data storages
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/var/apache-security/{data,log,tmp,upload}

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%config %{l_prefix}/etc/apache/apache.d/apache-security.conf' \
        '%config %{l_prefix}/etc/apache-security/*' \
        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/data' \
        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/tmp' \
        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/upload'

%files -f files

%clean
    rm -rf $RPM_BUILD_ROOT

%post
    #   after upgrade, restart service
    [ $1 -eq 2 ] || exit 0
    eval `%{l_rc} apache status 2>/dev/null`
    [ ".$apache_active" = .yes ] && %{l_rc} apache restart
    exit 0