Besides the bug fixes this release also includes modification on the build system that counts on QA mechanisms such as coding style checker and static analysis. All ports and all platforms had some changes that may reduce the possibility of errors while trying to compile the project. Regression tests and unit tests are now more independent of platform or utilities versions. There is a new installer for MS Windows. Libinjection was updated. For more information about the fixed bugs or to report a new one, have a look at our Issues.
Organizes all Makefile.am - 1cde4d2
Now using one file per line (sorted). This is the better way to handle it, since it reduces the possibility of merge conflicts.
nginx: generates config file using configure input. - 351b9cc
The nginx config file was looking for depedencies by its own, by doing that it was ignoring the options that were passed to configure script. This commit deletes this config file and adds a meta-config which is populated by configure whenever the standalone-module is enabled.
nginx: adds lua support - da16d9e
iis: Cosmetics fixies on sqli. - 5046c83
This is needed to get it compiled with VS2011 on Windows8
Regression tests: makes configuration compatible with 2.2 and 2.4 (try 2) - ae252ee
nginx: Trying apxs and apxs2 while compiling nginx module - 65d9272
nginx: Trying apxs and apxs2 while compiling nginx module - 35fd75d
macos: Using glibtoolize instead of libtoolize - 751a9f4
regression-tests: makes configuration compatible with 2.2 and 2.4 - 6fc4cac
Regression test: get it working with apache 2.4 - e9813cd
Changes in httpd.conf.in to get it working with apache 2.4
Code cosmetics. - 7366f35
Changed to reduce the number of possible fails during Build Bot compilation.
iis: Waiting for 5 seconds before move curl directory - 9bf2959
Redefines unixd_set_global_mutex_perms on tests - f70f6f4
Avoding conflicts with the standalone implementation
test: Avoids conflict of fuctions definition - cef7285
test: Makes the unit tests to work again - cc982ae
The unit tests was not working due to lack update. This patch adds the necessary stuff to have it work again.
iis: Avoids directory link while building - ad330a4
Build scripts was creating links allowing the project to be loaded into Visual Studio without care about the dependencies versions. Sometimes windows refuse to delete those links leading the script to fail. This patch moves the sources directories instead of create links to it.
QA: Avoids the utilization of 3rd filedescriptor - 69c5cca
No need to use a 3rd description on the quality check scripts. Stderr is now redirected to stdout and filtered as needed.
Supports WarningCountingShellCommand in cppcheck and vera - baaf502
WarningCountingShellCommand allow us to have some measurements on the buildbot waterfall.
Adds verbose quality check - 3889434
Vera++ and ccpcheck are not outputing to the stderr instead stdout allowing the buildbot to extract some numbers about it.
Adds support for coding style and quality check - b77e901
Initial effort to get the code on shape. This will be executed by the buildbots as soon as they get ready for it.
iis: Using base_rules instead of activated_rules - 7b15370
iis: New improvements on the Wix installer - 2ea5a74
iis: Removes the installer helper dependency - 1a12648
Now using appcmd directly with WiX instead of calling the installer helper.
iis: Remove readme.html - 550d5aa
This HTML is about "Creating a Native Module for IIS7" not straight related to ModSecurity itself.
iis: Adds batch script to compile Wix - a2c5fc8
This batch script can be used to generate our msi installer.
iis: Adds Wix installer resources - 3604763
This is all about cosmetic changes.
iis: Fix inet_pton build problem - a420214
There is a function named inet_pton on windows API, with different signature. This patch just override the windows function and point the inet_pton to our implementation.
iis: Adds Wix installer xml file.c - b32cb7d
This commit adds the Wix template to our git repository.
iis: build_modsecurity.bat fixies - 7e03e3f
This commit enable a cleanup on the mod_security build directory avoiding symbols with different architectures.
iis: Adds release script - 9477118
iis: fixies the Installer.cpp coding style - 79875b1
iis: Removes AppWizard remade file - 91738f9
Apparently the AppWizard was used to generate part of this Installer, the ReadMe.txt created by the AppWizard was removed by this commit
iss: Removes pre-compiled headers - adfbeb8
No need to use the pre-compiled headers in InstallerHelper, removing it, in order to keep the project lean.
iis: Moves installer to InstallerHelper - 6adf256
To organize the folder the Installer application was renamed to installer helper. It is not the real installer, it is just an helper which is executed during the installation phase.
iss: Removes fart dependencies - 8c3b8d8
This commit removes the dependency of the fart.exe utility. The utility was responsible to rename contents inside some dependencies build files. Those modifications are not longer needed.
iss: Better err handling in build scripts. - 192599b
Now checking for errors in every step of the build phase
iis: Moves build_module.bat to build_modsecurity.bat - e25c6b2
The build_modsecurity.bat is now on the iis sub-directory, not in the dependencies anymore. Its content was also changed fixing all the paths.
iis: Fix mlogc build on windows - 9b7663f
The libcurl path was not pointing to the correct directory
iss: Removes Post-Build event. - 28bbde1
There was a copy on Post-Build event using a hard coded path. This patch removes this Post-Build event.
iis: Relative paths on the VS project file - 368617d
There are a ModSecurityIIS solution and project files, those were using hard coded paths to meet the dependencies. As consequence of the last update in our build scripts, now we are able to built the dependencies and load it to our Visual Studio project using relative paths.
iis: Identifies arch before unzip apache - cf5de78
Currently we need the Apache binary which could be used in 32 or 64 bits. This patch makes usage of 'cl' to identify which architecture is set.
iis: Renamves winbuild to dependencies - 1447766
Since the directory becomes all about dependencies there is no need to call it winbuild anymore.
iis: Removes unnecessary files from winbuild dir - 9f8cbf6
Those .mak files seems to be part of an old build system. Since the script are now working fine, this commit removes all those .mac files and also a CMakeList.txt and the Makefile.win.
iis: Improves the iis build system - b277e53
Now checking for common errors while building. Refactoring on the build scripts, now there is this build_dependencies.bat script on the iis sub-folder. By calling this script all the dependencies should be build under the winbuild/. This commit also removes build scripts that were not needed anymore.
iis: Fixes the vcxproj file - a946a16
Versions of the dependencies were changed, as long as the version of the Visual Studio, now 12.
iis: Removes unecessary files from the build system - 26738d2
The following files were removed:
iss: Changes httpd version 2.4.6 - 0a772cb
Apache version was changed to 2.4.6 to sync with the current apache lounge version.
iis: Changes the version of the dependencies - 3e6fb41
Removes standalone/Makefile.in - e3c19d5
Makefile.in is recommended to be in the repository whenever it is edit manually, in our case the automatically generated Makefile.in is ok.
Fix #154, Uses addn instead of apr_table_setn - 1734221
The headers are represented in the format of an apr_table, which is able to handle elements with the same key, however the function apr_table_setn checks if the key exists before add the element, if so it replaces the old value with the new one. This was making our implementation to just keep the last added Cookie. The apr_table_addn function, which is now used, just add a new item without check for olders one.
libinjection sync - a5f175d
libinjection sync - fcb6dc1
libinjection sync - f52242a
Bugfix: missing string terminator while mounting the charset (nginx) - ff19dcd
The charset in headers is mounted using ngx_snprintf which does not place the string terminator. This patch adds the terminator at the end of the string. The size was correctly allocated, just missing the terminator.
libinjection sync - 1121720
Fix Chunked string case sensitive issue - CVE-2013-5705 - f8d441c
Fix Chuncked string case sensitive issue - 16a815a
Fixed fd leackage after reload - e0993fc
libinjection sync - 2268626
Fix logical disjunction and conjunction issues - 7e0a9ec