Skip to content

Commit 42adb2e

Browse files
author
Felipe Zimmerle
committed
Adds ssdeep support in our build system
ssdeep will be used with the @fuzzyHash operator which is under development
1 parent 1c0e953 commit 42adb2e

File tree

7 files changed

+140
-27
lines changed

7 files changed

+140
-27
lines changed

apache2/Makefile.am

Lines changed: 18 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,8 @@ mod_security2_la_CFLAGS = @APR_CFLAGS@ \
4141
@LUA_CFLAGS@ \
4242
@MODSEC_EXTRA_CFLAGS@ \
4343
@PCRE_CFLAGS@ \
44-
@YAJL_CFLAGS@
44+
@YAJL_CFLAGS@ \
45+
@SSDEEP_CFLAGS@
4546

4647

4748
mod_security2_la_CPPFLAGS = @APR_CPPFLAGS@ \
@@ -63,7 +64,8 @@ mod_security2_la_LDFLAGS = -module -avoid-version \
6364
@LIBXML2_LDFLAGS@ \
6465
@LUA_LDFLAGS@ \
6566
@PCRE_LDFLAGS@ \
66-
@YAJL_LDFLAGS@
67+
@YAJL_LDFLAGS@ \
68+
@SSDEEP_LDFLAGS@
6769
endif
6870

6971
if HPUX
@@ -74,7 +76,8 @@ mod_security2_la_LDFLAGS = -module -avoid-version \
7476
@LIBXML2_LDFLAGS@ \
7577
@LUA_LDFLAGS@ \
7678
@PCRE_LDFLAGS@ \
77-
@YAJL_LDFLAGS@
79+
@YAJL_LDFLAGS@ \
80+
@SSDEEP_LDFLAGS@
7881
endif
7982

8083
if MACOSX
@@ -85,7 +88,8 @@ mod_security2_la_LDFLAGS = -module -avoid-version \
8588
@LIBXML2_LDFLAGS@ \
8689
@LUA_LDFLAGS@ \
8790
@PCRE_LDFLAGS@ \
88-
@YAJL_LDFLAGS@
91+
@YAJL_LDFLAGS@ \
92+
@SSDEEP_LDFLAGS@
8993
endif
9094

9195
if SOLARIS
@@ -96,7 +100,8 @@ mod_security2_la_LDFLAGS = -module -avoid-version \
96100
@LIBXML2_LDFLAGS@ \
97101
@LUA_LDFLAGS@ \
98102
@PCRE_LDFLAGS@ \
99-
@YAJL_LDFLAGS@
103+
@YAJL_LDFLAGS@ \
104+
@SSDEEP_LDFLAGS@
100105
endif
101106

102107
if LINUX
@@ -107,7 +112,8 @@ mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version -R @PCRE_LD_PATH
107112
@LIBXML2_LDFLAGS@ \
108113
@LUA_LDFLAGS@ \
109114
@PCRE_LDFLAGS@ \
110-
@YAJL_LDFLAGS@
115+
@YAJL_LDFLAGS@ \
116+
@SSDEEP_LDFLAGS@
111117
endif
112118

113119
if FREEBSD
@@ -118,7 +124,8 @@ mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
118124
@LIBXML2_LDFLAGS@ \
119125
@LUA_LDFLAGS@ \
120126
@PCRE_LDFLAGS@ \
121-
@YAJL_LDFLAGS@
127+
@YAJL_LDFLAGS@ \
128+
@SSDEEP_LDFLAGS@
122129
endif
123130

124131
if OPENBSD
@@ -129,7 +136,8 @@ mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
129136
@LIBXML2_LDFLAGS@ \
130137
@LUA_LDFLAGS@ \
131138
@PCRE_LDFLAGS@ \
132-
@YAJL_LDFLAGS@
139+
@YAJL_LDFLAGS@ \
140+
@SSDEEP_LDFLAGS@
133141
endif
134142

135143
if NETBSD
@@ -140,7 +148,8 @@ mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
140148
@LIBXML2_LDFLAGS@ \
141149
@LUA_LDFLAGS@ \
142150
@PCRE_LDFLAGS@ \
143-
@YAJL_LDFLAGS@
151+
@YAJL_LDFLAGS@ \
152+
@SSDEEP_LDFLAGS@
144153
endif
145154

146155
if LINUX

build/find_ssdeep.m4

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
dnl Check for SSDEEP Libraries
2+
dnl CHECK_SSDEEP(ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND])
3+
dnl Sets:
4+
dnl SSDEEP_CFLAGS
5+
dnl SSDEEP_LDFLAGS
6+
7+
AC_DEFUN([CHECK_SSDEEP],
8+
[dnl
9+
10+
SSDEEP_CFLAGS=""
11+
SSDEEP_LDFLAGS=""
12+
SSDEEP_LDADD=""
13+
14+
AC_ARG_WITH(
15+
ssdeep,
16+
[AC_HELP_STRING([--with-ssdeep=PATH],[Path to ssdeep prefix])]
17+
,, with_ssdeep=yes)
18+
19+
AS_CASE(["${with_ssdeep}"],
20+
[no], [test_paths=],
21+
[yes], [test_paths="/usr/lib /usr/local/lib /usr/local/libfuzzy /usr/local/fuzzy /usr/local /opt/libfuzzy /opt/fuzzy /opt /usr"])
22+
[test_paths="${with_ssdeep}"],
23+
24+
AS_IF([test "x${test_paths}" != "x"], [
25+
AC_MSG_CHECKING([for ssdeep path])
26+
27+
SSDEEP_LIB_NAME="fuzzy"
28+
SSDEEP_LIB_FILENAME="lib$SSDEEP_LIB_NAME.so"
29+
30+
if test -z "$withssdeep" -o "$withssdeep" = "yes"; then
31+
for i in ${test_paths}; do
32+
if test -f "$i/$SSDEEP_LIB_FILENAME"; then
33+
SSDEEP_LIB_DIR="$i"
34+
fi
35+
done
36+
else
37+
if test -f "$withssdeep/$SSDEEP_LIB_FILENAME"; then
38+
SSDEEP_LIB_DIR="$withssdeep"
39+
else
40+
if test -f "$withssdeep/.libs/$SSDEEP_LIB_FILENAME"; then
41+
SSDEEP_LIB_DIR="$withssdeep/.libs/"
42+
fi
43+
fi
44+
fi
45+
46+
SSDEEP_LDFLAGS="-l$SSDEEP_LIB_NAME"
47+
SSDEEP_LDADD="-l$SSDEEP_LIB_NAME"
48+
49+
if test -z "$withssdeep" -o "$withssdeep" = "yes"; then
50+
for i in /usr/include /usr/local/include; do
51+
if test -f "$i/$SSDEEP_LIB_NAME.h"; then
52+
SSDEEP_CFLAGS="-I$i"
53+
fi
54+
done
55+
else
56+
if test -f "$withssdeep/../$SSDEEP_LIB_NAME.h"; then
57+
SSDEEP_CFLAGS="-I$withssdeep/../"
58+
else
59+
if test -f "$withssdeep/$SSDEEP_LIB_NAME.h"; then
60+
SSDEEP_CFLAGS="-I$withssdeep"
61+
fi
62+
fi
63+
fi
64+
65+
])
66+
67+
if test -z "${SSDEEP_CFLAGS}"; then
68+
AC_MSG_RESULT([no])
69+
SSDEEP_LDFLAGS=""
70+
SSDEEP_LDADD=""
71+
#ifelse([$2], , AC_MSG_NOTICE([optional ssdeep library not found]), $2)
72+
else
73+
SSDEEP_CFLAGS="-DWITH_SSDEEP ${SSDEEP_CFLAGS}"
74+
AC_MSG_RESULT([${SSDEEP_LDFLAGS} ${SSDEEP_CFLAGS}])
75+
#AC_MSG_NOTICE([using ssdeep: ${SSDEEP_CFLAGS} ${SSDEEP_LDFLAGS}])
76+
#ifelse([$1], , , $1)
77+
fi
78+
79+
AC_SUBST(SSDEEP_LDFLAGS)
80+
AC_SUBST(SSDEEP_LDADD)
81+
AC_SUBST(SSDEEP_CFLAGS)
82+
83+
84+
])

configure.ac

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -701,6 +701,8 @@ fi
701701
# Check for YAJL libs (for JSON body processor)
702702
CHECK_YAJL()
703703
#AC_SEARCH_LIBS([yajl_alloc], [yajl])
704+
CHECK_SSDEEP()
705+
AC_SEARCH_LIBS([fuzzy_hash_buf], [fuzzy])
704706

705707
AC_CONFIG_FILES([Makefile])
706708
AC_CONFIG_FILES([tools/Makefile])

ext/Makefile.am

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,8 @@ EXT_CFLAGS = -I../apache2 \
44
@APU_CFLAGS@ \
55
@APXS_CFLAGS@ \
66
@LIBXML2_CFLAGS@ \
7-
@LUA_CFLAGS@
7+
@LUA_CFLAGS@ \
8+
@SSDEEP_CFLAGS@
89

910
EXT_CPPFLAGS = @APR_CPPFLAGS@ \
1011
@LIBXML2_CPPFLAGS@
@@ -13,13 +14,14 @@ EXT_LIBADD = @APR_LDADD@ \
1314
@APU_LDADD@ \
1415
@LIBXML2_LDADD@ \
1516
@LUA_LDADD@
16-
17+
1718
EXT_LDFLAGS = -no-undefined -module -avoid-version \
1819
@APR_LDFLAGS@ \
1920
@APU_LDFLAGS@ \
2021
@APXS_LDFLAGS@ \
2122
@LIBXML2_LDFLAGS@ \
22-
@LUA_LDFLAGS@
23+
@LUA_LDFLAGS@ \
24+
@SSDEEP_LDFLAGS@
2325

2426
pkglibdir = $(prefix)/lib
2527

nginx/modsecurity/config.in

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,8 @@ CFLAGS="$CFLAGS \
88
@LUA_CFLAGS@ \
99
@MODSEC_EXTRA_CFLAGS@ \
1010
@PCRE_CFLAGS@ \
11-
@YAJL_CFLAGS@"
11+
@YAJL_CFLAGS@ \
12+
@SSDEEP_CFLAGS@"
1213

1314

1415
CORE_LIBS="$CORE_LIBS \
@@ -20,7 +21,8 @@ CORE_LIBS="$CORE_LIBS \
2021
@LUA_LDADD@ \
2122
@PCRE_LDADD@ \
2223
@APXS_LIBS@ \
23-
@YAJL_LIBS@"
24+
@YAJL_LIBS@ \
25+
@SSDEEP_LDFLAGS@"
2426

2527
ngx_addon_name=ngx_http_modsecurity
2628

standalone/Makefile.am

Lines changed: 21 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,8 @@ standalone_la_CFLAGS = -DVERSION_NGINX \
5151
@LUA_CFLAGS@ \
5252
@MODSEC_EXTRA_CFLAGS@ \
5353
@PCRE_CFLAGS@ \
54-
@YAJL_CFLAGS@
54+
@YAJL_CFLAGS@ \
55+
@SSDEEP_CFLAGS@
5556

5657
standalone_la_CPPFLAGS = @APR_CPPFLAGS@ \
5758
@LIBXML2_CPPFLAGS@ \
@@ -62,7 +63,8 @@ standalone_la_LIBADD = @APR_LDADD@ \
6263
@LIBXML2_LDADD@ \
6364
@LUA_LDADD@ \
6465
@PCRE_LDADD@ \
65-
@YAJL_LDADD@
66+
@YAJL_LDADD@ \
67+
@SSDEEP_CFLAGS@
6668

6769
if AIX
6870
standalone_la_LDFLAGS = -module -avoid-version \
@@ -72,7 +74,8 @@ standalone_la_LDFLAGS = -module -avoid-version \
7274
@LIBXML2_LDFLAGS@ \
7375
@LUA_LDFLAGS@ \
7476
@PCRE_LDFLAGS@ \
75-
@YAJL_LDFLAGS@
77+
@YAJL_LDFLAGS@ \
78+
@SSDEEP_LDFLAGS@
7679
endif
7780

7881
if HPUX
@@ -83,7 +86,8 @@ standalone_la_LDFLAGS = -module -avoid-version \
8386
@LIBXML2_LDFLAGS@ \
8487
@LUA_LDFLAGS@ \
8588
@PCRE_LDFLAGS@ \
86-
@YAJL_LDFLAGS@
89+
@YAJL_LDFLAGS@ \
90+
@SSDEEP_LDFLAGS@
8791
endif
8892

8993
if MACOSX
@@ -94,7 +98,8 @@ standalone_la_LDFLAGS = -module -avoid-version \
9498
@LIBXML2_LDFLAGS@ \
9599
@LUA_LDFLAGS@ \
96100
@PCRE_LDFLAGS@ \
97-
@YAJL_LDFLAGS@
101+
@YAJL_LDFLAGS@ \
102+
@SSDEEP_LDFLAGS@
98103
endif
99104

100105
if SOLARIS
@@ -105,7 +110,8 @@ standalone_la_LDFLAGS = -module -avoid-version \
105110
@LIBXML2_LDFLAGS@ \
106111
@LUA_LDFLAGS@ \
107112
@PCRE_LDFLAGS@ \
108-
@YAJL_LDFLAGS@
113+
@YAJL_LDFLAGS@ \
114+
@SSDEEP_LDFLAGS@
109115
endif
110116

111117
if LINUX
@@ -116,7 +122,8 @@ standalone_la_LDFLAGS = -no-undefined -module -avoid-version \
116122
@LIBXML2_LDFLAGS@ \
117123
@LUA_LDFLAGS@ \
118124
@PCRE_LDFLAGS@ \
119-
@YAJL_LDFLAGS@
125+
@YAJL_LDFLAGS@ \
126+
@SSDEEP_LDFLAGS@
120127
endif
121128

122129
if FREEBSD
@@ -127,7 +134,8 @@ standalone_la_LDFLAGS = -no-undefined -module -avoid-version \
127134
@LIBXML2_LDFLAGS@ \
128135
@LUA_LDFLAGS@ \
129136
@PCRE_LDFLAGS@ \
130-
@YAJL_LDFLAGS@
137+
@YAJL_LDFLAGS@ \
138+
@SSDEEP_LDFLAGS@
131139
endif
132140

133141
if OPENBSD
@@ -138,7 +146,8 @@ standalone_la_LDFLAGS = -no-undefined -module -avoid-version \
138146
@LIBXML2_LDFLAGS@ \
139147
@LUA_LDFLAGS@ \
140148
@PCRE_LDFLAGS@ \
141-
@YAJL_LDFLAGS@
149+
@YAJL_LDFLAGS@ \
150+
@SSDEEP_LDFLAGS@
142151
endif
143152

144153
if NETBSD
@@ -149,5 +158,7 @@ standalone_la_LDFLAGS = -no-undefined -module -avoid-version \
149158
@LIBXML2_LDFLAGS@ \
150159
@LUA_LDFLAGS@ \
151160
@PCRE_LDFLAGS@ \
152-
@YAJL_LDFLAGS@
161+
@YAJL_LDFLAGS@ \
162+
@SSDEEP_LDFLAGS@
153163
endif
164+

tests/Makefile.am

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,8 @@ msc_test_CFLAGS = @APR_CFLAGS@ \
3636
@LUA_CFLAGS@ \
3737
@MODSEC_EXTRA_CFLAGS@ \
3838
@PCRE_CFLAGS@ \
39-
@YAJL_CFLAGS@
39+
@YAJL_CFLAGS@ \
40+
@SSDEEP_CFLAGS@
4041

4142
msc_test_CPPFLAGS = -I$(top_srcdir)/apache2 \
4243
@APR_CPPFLAGS@ \
@@ -48,15 +49,17 @@ msc_test_LDADD = @APR_LDADD@ \
4849
@LIBXML2_LDADD@ \
4950
@LUA_LDADD@ \
5051
@PCRE_LDADD@ \
51-
@YAJL_LDADD@
52+
@YAJL_LDADD@ \
53+
@SSDEEP_CFLAGS@
5254

5355
msc_test_LDFLAGS = @APR_LDFLAGS@ \
5456
@APU_LDFLAGS@ \
5557
@APXS_LDFLAGS@ \
5658
@LIBXML2_LDFLAGS@ \
5759
@LUA_LDFLAGS@ \
5860
@PCRE_LDFLAGS@ \
59-
@YAJL_LDFLAGS@
61+
@YAJL_LDFLAGS@ \
62+
@SSDEEP_LDFLAGS@
6063

6164
check_SCRIPTS = run-unit-tests.pl
6265
TESTS = $(check_SCRIPTS)

0 commit comments

Comments
 (0)