##
##  apache-security.spec -- OpenPKG RPM Package Specification
##  Copyright (c) 2000-2010 OpenPKG Foundation e.V. <http://openpkg.net/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package version
%define       V_major  2.5
%define       V_minor  12
%define       V_rules  1.6.1

#   package information
Name:         apache-security
Summary:      Apache Extension: Security
URL:          http://www.modsecurity.org/
Vendor:       Breach Security, Inc.
Packager:     OpenPKG Foundation e.V.
Distribution: OpenPKG Community
Class:        EVAL
Group:        Web
License:      Open Source
Version:      %{V_major}.%{V_minor}
Release:      20100206

#   list of sources
Source0:      http://www.modsecurity.org/download/modsecurity-apache_%{V_major}.%{V_minor}.tar.gz
Source1:      http://www.modsecurity.org/download/modsecurity-core-rules_%{V_major}-%{V_rules}.tar.gz
Source2:      apache-security.conf
Patch0:       apache-security.patch

#   build information
BuildPreReq:  OpenPKG, openpkg >= 20100101, make
PreReq:       OpenPKG, openpkg >= 20100101
BuildPreReq:  apache, apr, libxml, pcre, curl, lua
PreReq:       apache, apr, libxml, pcre, curl, lua

%description
    This is the Security extension module for the Apache HTTP webserver.

%track
    prog apache-security:module = {
        version   = %{V_major}.%{V_minor}
        url       = http://www.modsecurity.org/download/direct.html
        regex     = modsecurity-apache_(%{V_major}(\.\d+)+)\.tar\.gz
    }
    prog apache-security:rules = {
        version   = %{V_rules}
        url       = http://www.modsecurity.org/download/direct.html
        regex     = modsecurity-core-rules_%{V_major}-(\d+(\.\d+)+)\.tar\.gz
    }

%prep
    %setup -q -n modsecurity-apache_%{V_major}.%{V_minor}
    ( cd rules
      %{l_gzip} -dc %{SOURCE modsecurity-core-rules_%{V_major}-%{V_rules}.tar.gz} | %{l_tar} xf -

      #   remove config rule set of the ModSecurity core rule set as
      #   we handle those setting in our default configuration file
      #   'apache-security.conf' already
      rm -f modsecurity_crs_10_config.conf
    ) || exit $?
    %patch -p0

%build
    #   build module
    ( cd apache2
      CC="%{l_cc}" \
      CFLAGS="%{l_cflags -O}" \
      CPPFLAGS="%{l_cppflags}" \
      LDFLAGS="%{l_ldflags}" \
      ./configure \
          --prefix=%{l_prefix} \
          --with-apxs=%{l_prefix}/sbin/apxs \
          --with-pcre=%{l_prefix} \
          --with-apr=%{l_prefix} \
          --with-apu=%{l_prefix} \
          --with-libxml=%{l_prefix} \
          --with-lua=%{l_prefix} \
          --with-curl=%{l_prefix}
      %{l_make} %{l_mflags}
    ) || exit $?

%install
    #   install module
    rm -rf $RPM_BUILD_ROOT
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d \
        $RPM_BUILD_ROOT%{l_prefix}/libexec/apache
    %{l_shtool} install -c -m 755 \
        apache2/.libs/mod_security2.so \
        $RPM_BUILD_ROOT%{l_prefix}/libexec/apache/mod_security.so
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE apache-security.conf} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d/

    #   install core rule sets
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/apache-security
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        rules/modsecurity_crs_*.conf \
        $RPM_BUILD_ROOT%{l_prefix}/etc/apache-security/

    #   create directories for logs and data storages
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/var/apache-security/{data,log,tmp,upload}

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%config %{l_prefix}/etc/apache/apache.d/apache-security.conf' \
        '%config %{l_prefix}/etc/apache-security/*' \
        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/data' \
        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/tmp' \
        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/upload'

%files -f files

%clean

%post
    #   after upgrade, restart service
    [ $1 -eq 2 ] || exit 0
    eval `%{l_rc} apache status 2>/dev/null`
    [ ".$apache_active" = .yes ] && %{l_rc} apache restart
    exit 0