Name:         mod_security_crs
Version:      3.2.2
Release:      2
Summary:      Rules of ModSecurity
License:      ASL 2.0
URL:          https://coreruleset.org/ 
Source:       https://github.com/coreruleset/coreruleset/archive/v%{version}.tar.gz
# https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/1362/commits/63ac8a0294b469dade3837a9ae417d822e112a95
Patch0:       CVE-2019-11389.patch
BuildArch:    noarch
Requires:     mod_security >= 2.8.0
Obsoletes:    mod_security_crs-extras < 3.0.0

%description
The base rules are provided for mod_security by this package.

%prep
%autosetup -n coreruleset-%{version} -p1

%build

%install

install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/
install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules
install -d %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules

mv rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
mv rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf

install -m0644 rules/* %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules/
mv crs-setup.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/crs-setup.conf

for f in `ls %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules/` ; do
    ln -s %{_datarootdir}/mod_modsecurity_crs/rules/$f %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f;
done

%files
%doc CHANGES README.md LICENSE
%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/{activated_rules/*,crs-setup.conf}
%{_datarootdir}/mod_modsecurity_crs

%changelog
* Wed Dec 27 2023 yaoxin <yao_xin001@hoperun.com> - 3.2.2-2
- Fix CVE-2019-11389

* Mon Sep 26 2022 liangqifeng<liangqifeng@ncti-gba.cn> - 3.2.2-1
- update to fix CVE-2022-39955~CVE-2022-39958

* Tue Apr 28 2020 wangerfeng<wangerfeng5g@huawei.com> - 3.0.0-8
- Package init