[ { "path": ".editorconfig", "content": "# top-most EditorConfig file\nroot = true\n\n# Unix-style newlines with a newline ending every file\n[*]\nend_of_line = lf\nindent_style = space\n# Scripts without suffixes in the project root tend to indent by two spaces\nindent_size = 2\n\n# Most of the project files indent by four spaces\n[*/**]\nindent_size = 4\n\n# Test files indent by two spaces\n[test/**]\nindent_size = 2\n\n# The config parser file indents by both two and four spaces,\n# so we choose to indent by two spaces as a common denominator.\n[*.yy]\nindent_size = 2\n\n[{Makefile,Makefile.am}]\nindent_style = tab\n\n" }, { "path": ".github/ISSUE_TEMPLATE/bug-report-for-version-2-x.md", "content": "---\nname: Bug report for version 2.x\nabout: Create a report to help us improve\ntitle: ''\nlabels: '2.x'\nassignees: ''\n\n---\n\n**Describe the bug**\n\nA clear and concise description of what the bug is.\n\n**Logs and dumps**\n\nOutput of:\n 1. DebugLogs (level 9)\n 2. AuditLogs\n 3. Error logs\n 4. If there is a crash, the core dump file.\n\n_Notice:_ Be carefully to not leak any confidential information.\n\n**To Reproduce**\n\nSteps to reproduce the behavior:\n\nA **curl** command line that mimics the original request and reproduces the problem. Or a ModSecurity v3 test case.\n\n[e.g: curl \"modsec-full/ca/..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\/\\\\etc/\\\\passwd\" or [issue-394.json](https://github.com/SpiderLabs/ModSecurity/blob/v3/master/test/test-cases/regression/issue-394.json)]\n\n\n**Expected behavior**\n\nA clear and concise description of what you expected to happen.\n\n**Server (please complete the following information):**\n - ModSecurity version (and connector): [e.g. ModSecurity v3.0.1 with nginx-connector v1.0.0]\n - WebServer: [e.g. nginx-1.15.5]\n - OS (and distro): [e.g. Linux, archlinux]\n\n\n**Rule Set (please complete the following information):**\n - Running any public or commercial rule set? [e.g. SpiderLabs commercial rules]\n - What is the version number? [e.g. 2018-08-11]\n\n**Additional context**\n\nAdd any other context about the problem here.\n" }, { "path": ".github/ISSUE_TEMPLATE/bug-report-for-version-3-x.md", "content": "---\nname: Bug report for version 3.x\nabout: Create a report to help us improve. If you don't know a specific detail or\n piece of information leave it blank, if necessary we will help you to figure out.\ntitle: ''\nlabels: '3.x'\nassignees: ''\n\n---\n\n**Describe the bug**\n\nA clear and concise description of what the bug is.\n\n**Logs and dumps**\n\nOutput of:\n 1. DebugLogs (level 9)\n 2. AuditLogs\n 3. Error logs\n 4. If there is a crash, the core dump file.\n\n_Notice:_ Be careful to not leak any confidential information.\n\n**To Reproduce**\n\nSteps to reproduce the behavior:\n\nA **curl** command line that mimics the original request and reproduces the problem. Or a ModSecurity v3 test case.\n\n[e.g: curl \"modsec-full/ca/..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\/\\\\etc/\\\\passwd\" or [issue-394.json](https://github.com/SpiderLabs/ModSecurity/blob/v3/master/test/test-cases/regression/issue-394.json)]\n\n\n**Expected behavior**\n\nA clear and concise description of what you expected to happen.\n\n**Server (please complete the following information):**\n - ModSecurity version (and connector): [e.g. ModSecurity v3.0.8 with nginx-connector v1.0.3]\n - WebServer: [e.g. nginx-1.18.0]\n - OS (and distro): [e.g. Linux, archlinux]\n\n\n**Rule Set (please complete the following information):**\n - Running any public or commercial rule set? [e.g. SpiderLabs commercial rules]\n - What is the version number? [e.g. 2018-08-11]\n\n**Additional context**\n\nAdd any other context about the problem here.\n" }, { "path": ".github/PULL_REQUEST_TEMPLATE.md", "content": "\n\n\n## what\n\n\n\n## why\n\n\n\n## references\n\n\n" }, { "path": ".github/workflows/ci.yml", "content": "name: Quality Assurance\n\non:\n push:\n pull_request:\n\njobs:\n build-linux:\n name: Linux (${{ matrix.platform.label }}, ${{ matrix.compiler.label }}, ${{ matrix.configure.label }})\n runs-on: ${{ matrix.os }}\n strategy:\n matrix:\n os: [ubuntu-22.04]\n platform:\n - {label: \"x64\", arch: \"amd64\", configure: \"\"}\n - {label: \"x32\", arch: \"i386\", configure: \"PKG_CONFIG_PATH=/usr/lib/i386-linux-gnu/pkgconfig CFLAGS=-m32 CXXFLAGS=-m32 LDFLAGS=-m32\"}\n compiler:\n - {label: \"gcc\", cc: \"gcc\", cxx: \"g++\"}\n - {label: \"clang\", cc: \"clang\", cxx: \"clang++\"}\n configure:\n - {label: \"with parser generation\", opt: \"--enable-parser-generation\" }\n - {label: \"wo curl\", opt: \"--without-curl\" }\n - {label: \"wo lua\", opt: \"--without-lua\" }\n - {label: \"wo maxmind\", opt: \"--without-maxmind\" }\n - {label: \"wo libxml\", opt: \"--without-libxml\" }\n - {label: \"wo geoip\", opt: \"--without-geoip\" }\n - {label: \"wo ssdeep\", opt: \"--without-ssdeep\" }\n - {label: \"with lmdb\", opt: \"--with-lmdb\" }\n - {label: \"with pcre\", opt: \"--with-pcre\" }\n exclude:\n - platform: {label: \"x32\"}\n configure: {label: \"wo geoip\"}\n - platform: {label: \"x32\"}\n configure: {label: \"wo ssdeep\"}\n steps:\n - name: Setup Dependencies (common)\n run: |\n sudo dpkg --add-architecture ${{ matrix.platform.arch }}\n sudo apt-get update -y -qq\n sudo apt-get install -y libyajl-dev:${{ matrix.platform.arch }} \\\n libcurl4-openssl-dev:${{ matrix.platform.arch }} \\\n liblmdb-dev:${{ matrix.platform.arch }} \\\n liblua5.2-dev:${{ matrix.platform.arch }} \\\n libmaxminddb-dev:${{ matrix.platform.arch }} \\\n libpcre2-dev:${{ matrix.platform.arch }} \\\n pcre2-utils:${{ matrix.platform.arch }} \\\n bison flex\n - name: Setup Dependencies (x32)\n if: ${{ matrix.platform.label == 'x32' }}\n run: |\n sudo apt-get install g++-multilib\n sudo apt-get install -y libxml2-dev:${{ matrix.platform.arch }} \\\n libpcre3-dev:${{ matrix.platform.arch }}\n - name: Setup Dependencies (x64)\n if: ${{ matrix.platform.label == 'x64' }}\n run: |\n sudo apt-get install -y libgeoip-dev:${{ matrix.platform.arch }} \\\n libfuzzy-dev:${{ matrix.platform.arch }}\n - uses: actions/checkout@v4\n with:\n submodules: true\n fetch-depth: 0\n - name: build.sh\n run: ./build.sh\n - name: configure\n env:\n CC: ${{ matrix.compiler.cc }}\n CXX: ${{ matrix.compiler.cxx }}\n run: ./configure ${{ matrix.platform.configure }} ${{ matrix.configure.opt }} --enable-assertions=yes\n - uses: ammaraskar/gcc-problem-matcher@master\n - name: make\n run: make -j `nproc`\n - name: check\n run: make check\n\n build-macos:\n name: macOS (${{ matrix.configure.label }})\n runs-on: ${{ matrix.os }}\n strategy:\n matrix:\n os: [macos-14]\n configure:\n - {label: \"with parser generation\", opt: \"--enable-parser-generation\" }\n - {label: \"wo curl\", opt: \"--without-curl\" }\n - {label: \"wo lua\", opt: \"--without-lua\" }\n - {label: \"wo maxmind\", opt: \"--without-maxmind\" }\n - {label: \"wo libxml\", opt: \"--without-libxml\" }\n - {label: \"wo geoip\", opt: \"--without-geoip\" }\n - {label: \"wo ssdeep\", opt: \"--without-ssdeep\" }\n - {label: \"with lmdb\", opt: \"--with-lmdb\" }\n - {label: \"with pcre\", opt: \"--with-pcre\" }\n steps:\n - name: Setup Dependencies\n # curl, pcre2 not installed because they're already\n # included in the image\n run: |\n brew install autoconf \\\n automake \\\n libtool \\\n yajl \\\n lmdb \\\n lua \\\n libmaxminddb \\\n libxml2 \\\n ssdeep \\\n pcre \\\n bison \\\n flex\n - uses: actions/checkout@v4\n with:\n submodules: true\n fetch-depth: 0\n - name: Build GeoIP\n run: |\n git clone --depth 1 --no-checkout https://github.com/maxmind/geoip-api-c.git\n cd geoip-api-c\n git fetch --tags\n # Check out the last release, v1.6.12\n git checkout 4b526e7331ca1d692b74a0509ddcc725622ed31a\n autoreconf --install\n ./configure --disable-dependency-tracking --disable-silent-rules --prefix=/opt/homebrew\n make install\n - name: build.sh\n run: ./build.sh\n - name: configure\n run: ./configure ${{ matrix.configure.opt }} --enable-assertions=yes\n - uses: ammaraskar/gcc-problem-matcher@master\n - name: make\n run: make -j `sysctl -n hw.logicalcpu`\n - name: check\n run: make check\n\n build-windows:\n name: Windows (${{ matrix.platform.label }}, ${{ matrix.configure.label }})\n runs-on: ${{ matrix.os }}\n strategy:\n matrix:\n os: [windows-2022]\n platform:\n - {label: \"x64\", arch: \"x86_64\"}\n configuration: [Release]\n configure:\n - {label: \"full\", opt: \"\" }\n - {label: \"wo curl\", opt: \"-DWITH_CURL=OFF\" }\n - {label: \"wo lua\", opt: \"-DWITH_LUA=OFF\" }\n - {label: \"wo maxmind\", opt: \"-DWITH_MAXMIND=OFF\" }\n - {label: \"wo libxml\", opt: \"-DWITH_LIBXML2=OFF\" }\n - {label: \"with lmdb\", opt: \"-DWITH_LMDB=ON\" }\n steps:\n - uses: actions/checkout@v4\n with:\n submodules: true\n fetch-depth: 0\n - name: Install Conan\n run: |\n pip3 install conan --upgrade\n conan profile detect\n - uses: ammaraskar/msvc-problem-matcher@master\n - name: Build ${{ matrix.configuration }} ${{ matrix.platform.arch }} ${{ matrix.configure.label }}\n shell: cmd\n run: vcbuild.bat ${{ matrix.configuration }} ${{ matrix.platform.arch }} NO_ASAN \"${{ matrix.configure.opt }}\"\n - name: Set up test environment\n working-directory: build\\win32\\build\\${{ matrix.configuration }}\n env:\n BASE_DIR: ..\\..\\..\\..\n shell: cmd\n run: |\n copy unit_tests.exe %BASE_DIR%\\test\n copy regression_tests.exe %BASE_DIR%\\test\n copy libModSecurity.dll %BASE_DIR%\\test\n copy %BASE_DIR%\\unicode.mapping %BASE_DIR%\\test\n md \\tmp\n md \\bin\n copy \"C:\\Program Files\\Git\\usr\\bin\\echo.exe\" \\bin\n copy \"C:\\Program Files\\Git\\usr\\bin\\echo.exe\" \\bin\\echo\n - name: Disable tests that don't work on Windows\n working-directory: test\\test-cases\\regression\n shell: cmd\n run: |\n jq \"map(if .title == \\\"Test match variable (1/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\n jq \"map(if .title == \\\"Test match variable (2/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\n jq \"map(if .title == \\\"Test match variable (3/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\n jq \"map(if .title == \\\"Variable offset - FILES_NAMES\\\" then .enabled = 0 else . end)\" offset-variable.json > tmp.json && move /Y tmp.json offset-variable.json\n - name: Run tests\n working-directory: build\\win32\\build\n run: |\n ctest -C ${{ matrix.configuration }} --output-on-failure\n\n cppcheck:\n runs-on: [macos-14]\n steps:\n - name: Setup Dependencies\n run: |\n brew install autoconf \\\n automake \\\n libtool \\\n cppcheck\n - uses: actions/checkout@v4\n with:\n submodules: true\n fetch-depth: 0\n - name: configure\n run: |\n ./build.sh\n ./configure\n - name: cppcheck\n run: make check-static\n" }, { "path": ".github/workflows/ci_new.yml", "content": "name: Quality Assurance new\n\non:\n push:\n pull_request:\n\njobs:\n build-linux:\n name: Linux (${{ matrix.platform.label }}, ${{ matrix.compiler.label }}, ${{ matrix.configure.label }})\n\n # Ubuntu 24.04 does not provide native 32-bit (i386) installation images.\n # Only amd64 (x86_64) is officially supported. 32-bit has been removed from this matrix.\n runs-on: ubuntu-24.04\n\n strategy:\n fail-fast: false\n matrix:\n platform:\n - { label: \"x64\", arch: \"amd64\", configure: \"\" }\n\n compiler:\n - { label: \"gcc\", cc: \"gcc\", cxx: \"g++\" }\n - { label: \"clang\", cc: \"clang\", cxx: \"clang++\" }\n\n configure:\n - { label: \"with parser generation\", opt: \"--enable-parser-generation\" }\n - { label: \"without curl\", opt: \"--without-curl\" }\n - { label: \"without lua\", opt: \"--without-lua\" }\n - { label: \"without maxmind\", opt: \"--without-maxmind\" }\n - { label: \"without libxml\", opt: \"--without-libxml\" }\n - { label: \"without geoip\", opt: \"--without-geoip\" }\n - { label: \"without ssdeep\", opt: \"--without-ssdeep\" }\n - { label: \"with lmdb\", opt: \"--with-lmdb\" }\n - { label: \"with pcre2 (default)\", opt: \"\" }\n - { label: \"with pcre\", opt: \"--with-pcre\" }\n\n steps:\n - uses: actions/checkout@v6\n with:\n fetch-depth: 0\n submodules: recursive\n\n - name: Install dependencies\n run: |\n sudo apt-get update -y -qq\n sudo apt-get install -y \\\n libyajl-dev \\\n libcurl4-openssl-dev \\\n liblmdb-dev \\\n liblua5.2-dev \\\n libmaxminddb-dev \\\n libpcre2-dev \\\n libxml2-dev \\\n libfuzzy-dev \\\n pcre2-utils \\\n libpcre3-dev \\\n bison \\\n flex \\\n pkg-config\n\n\n - name: Run build preparation script\n run: ./build.sh\n\n - name: Configure\n env:\n CC: ${{ matrix.compiler.cc }}\n CXX: ${{ matrix.compiler.cxx }}\n run: ./configure ${{ matrix.platform.configure }} ${{ matrix.configure.opt }} --enable-assertions=yes\n\n - uses: ammaraskar/gcc-problem-matcher@master\n\n - name: Compile\n run: make -j \"$(nproc)\"\n\n - name: Run tests\n run: make check\n\n build-macos:\n name: macOS (${{ matrix.configure.label }})\n runs-on: macos-15\n\n strategy:\n fail-fast: false\n matrix:\n configure:\n - { label: \"with parser generation\", opt: \"--enable-parser-generation\" }\n - { label: \"without curl\", opt: \"--without-curl\" }\n - { label: \"without lua\", opt: \"--without-lua\" }\n - { label: \"without maxmind\", opt: \"--without-maxmind\" }\n - { label: \"without libxml\", opt: \"--without-libxml\" }\n - { label: \"without geoip\", opt: \"--without-geoip\" }\n - { label: \"without ssdeep\", opt: \"--without-ssdeep\" }\n - { label: \"with lmdb\", opt: \"--with-lmdb\" }\n - { label: \"with pcre2 (default)\", opt: \"\" }\n - { label: \"with pcre\", opt: \"--with-pcre\" }\n\n steps:\n - uses: actions/checkout@v6\n with:\n fetch-depth: 0\n submodules: recursive\n \n - name: Install dependencies\n # curl and pcre2 are typically already available in the macOS runner image\n run: |\n brew install autoconf \\\n automake \\\n libtool \\\n yajl \\\n lmdb \\\n lua \\\n libmaxminddb \\\n libxml2 \\\n ssdeep \\\n pcre \\\n bison \\\n flex\n\n - name: Run build preparation script\n run: ./build.sh\n\n - name: Configure\n run: ./configure ${{ matrix.configure.opt }} --enable-assertions=yes\n\n - uses: ammaraskar/gcc-problem-matcher@master\n\n - name: Compile\n run: make -j \"$(sysctl -n hw.logicalcpu)\"\n\n - name: Run tests\n run: make check\n\n build-windows:\n name: Windows (${{ matrix.platform.label }}, ${{ matrix.configure.label }})\n runs-on: windows-2025\n\n strategy:\n fail-fast: false\n matrix:\n platform:\n - { label: \"x64\", arch: \"x86_64\" }\n configuration: [Release]\n configure:\n - { label: \"full\", opt: \"\" }\n - { label: \"without curl\", opt: \"-DWITH_CURL=OFF\" }\n - { label: \"without lua\", opt: \"-DWITH_LUA=OFF\" }\n - { label: \"without maxmind\", opt: \"-DWITH_MAXMIND=OFF\" }\n - { label: \"without libxml\", opt: \"-DWITH_LIBXML2=OFF\" }\n - { label: \"with lmdb\", opt: \"-DWITH_LMDB=ON\" }\n\n steps:\n - uses: actions/checkout@v6\n with:\n fetch-depth: 0\n submodules: recursive\n\n - name: Install Conan package manager\n run: |\n pip3 install conan --upgrade\n conan profile detect\n\n - uses: ammaraskar/msvc-problem-matcher@master\n\n - name: Build project\n shell: cmd\n run: vcbuild.bat ${{ matrix.configuration }} ${{ matrix.platform.arch }} NO_ASAN \"${{ matrix.configure.opt }}\"\n\n - name: Prepare test environment\n working-directory: build\\win32\\build\\${{ matrix.configuration }}\n env:\n BASE_DIR: ..\\..\\..\\..\n shell: cmd\n run: |\n copy unit_tests.exe %BASE_DIR%\\test\n copy regression_tests.exe %BASE_DIR%\\test\n copy libModSecurity.dll %BASE_DIR%\\test\n copy %BASE_DIR%\\unicode.mapping %BASE_DIR%\\test\n md \\tmp\n md \\bin\n copy \"C:\\Program Files\\Git\\usr\\bin\\echo.exe\" \\bin\n copy \"C:\\Program Files\\Git\\usr\\bin\\echo.exe\" \\bin\\echo\n\n - name: Disable unsupported tests on Windows\n working-directory: test\\test-cases\\regression\n shell: cmd\n run: |\n jq \"map(if .title == \\\"Test match variable (1/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\n jq \"map(if .title == \\\"Test match variable (2/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\n jq \"map(if .title == \\\"Test match variable (3/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\n jq \"map(if .title == \\\"Variable offset - FILES_NAMES\\\" then .enabled = 0 else . end)\" offset-variable.json > tmp.json && move /Y tmp.json offset-variable.json\n\n - name: Run tests\n working-directory: build\\win32\\build\n run: ctest -C ${{ matrix.configuration }} --output-on-failure\n\n cppcheck:\n name: Static analysis (cppcheck)\n runs-on: macos-15\n\n steps:\n - uses: actions/checkout@v6\n with:\n fetch-depth: 0\n submodules: recursive\n\n - name: Install cppcheck\n run: |\n brew install autoconf automake libtool cppcheck libmaxminddb yajl lua lmdb ssdeep\n\n - name: Configure project\n run: |\n ./build.sh\n ./configure\n\n - name: Run cppcheck\n run: make check-static\n\n cppcheck-linux:\n name: Static analysis (cppcheck, Linux, debian:sid)\n runs-on: ubuntu-latest\n container: debian:sid\n\n steps:\n - name: Install basic tools\n run: |\n apt-get update\n apt-get install -y git\n\n - name: Mark repo as safe for git\n run: git config --global --add safe.directory $GITHUB_WORKSPACE\n \n - uses: actions/checkout@v6\n with:\n fetch-depth: 0\n submodules: recursive\n\n\n - name: Install dependencies (v2 style)\n run: |\n apt-get update\n apt-get install -y \\\n autoconf \\\n automake \\\n build-essential \\\n libtool \\\n pkg-config \\\n cppcheck \\\n libyajl-dev \\\n libcurl4-openssl-dev \\\n liblmdb-dev \\\n liblua5.2-dev \\\n libmaxminddb-dev \\\n libpcre2-dev \\\n libxml2-dev \\\n libfuzzy-dev \\\n pcre2-utils \\\n bison \\\n flex\n\n - name: Run build preparation script\n run: ./build.sh\n\n - name: Configure project\n run: ./configure\n\n - name: Run cppcheck\n run: make check-static\n" }, { "path": ".gitignore", "content": "*.o\n*.lo\n*.la\n**/Makefile\n**/Makefile.in\naclocal.m4\nar-lib\nautom4te.cache/\nbuild/libtool.m4\nbuild/ltoptions.m4\nbuild/ltsugar.m4\nbuild/ltversion.m4\nbuild/lt~obsolete.m4\nbuild/win32/build\nbuild/win32/CMakeUserPresets.json\ncompile\nconfig.guess\nconfig.log\nconfig.status\nconfig.sub\nconfig.h.in~\nconfigure\nconfigure~\ndepcomp\nmodsecurity.pc\n.deps\n.libs\n.dirstamp\nsrc/config.h\nsrc/config.h.in\nsrc/location.hh\nsrc/position.hh\nsrc/stack.hh\nsrc/stamp-h1\nsrc/headers.mk\n/test/rules_optimization\n/test/regression_tests\n/test/unit_tests\n/test-driver\n/test/massif.out.*\n/test/benchmark/benchmark\n/test/benchmark/owasp-v3/\n/test/test-cases/regression/*.trs\n/test/test-cases/regression/*.log\n/test-suite.log\nylwrap\nmissing\ninstall-sh\nlibtool\nltmain.sh\nexamples/simple_example_using_c/test\n/tools/rules-check/modsec-rules-check\nexamples/multiprocess_c/multi\nexamples/multithread/multithread\nexamples/reading_logs_via_rule_message/simple_request\nexamples/reading_logs_with_offset/read\nexamples/using_bodies_in_chunks/simple_request\n" }, { "path": ".gitmodules", "content": "[submodule \"test/test-cases/secrules-language-tests\"]\n\tpath = test/test-cases/secrules-language-tests\n\turl = https://github.com/owasp-modsecurity/secrules-language-tests\n[submodule \"others/libinjection\"]\n\tpath = others/libinjection\n\turl = https://github.com/libinjection/libinjection.git\n[submodule \"bindings/python\"]\n\tpath = bindings/python\n\turl = https://github.com/owasp-modsecurity/ModSecurity-Python-bindings.git\n[submodule \"others/mbedtls\"]\n\tpath = others/mbedtls\n\turl = https://github.com/Mbed-TLS/mbedtls.git\n" }, { "path": "AUTHORS", "content": "zimmerle = Felipe Zimmerle \nrbarnett = Ryan C. Barnett \ncsanders-git = Chaim Sanders \nvictorhora = Victor Hora \n" }, { "path": "CHANGES", "content": "v3.0.14 - 2025-Feb-25\n---------------------\n\n - [fix: fixed htmlEntityDecode methods]\n [PR from private repo - @theseion,@airween; fixed CVE-2025-27110]\n - fix: Added missing header to avoid build error with gcc-15\n [PR #3342 - @airween]\n - Fix for issue #3334: build not finding YAJL\n [PR #3335 - @RooHTaylor]\n - fix: add value checking to @validateByteRange\n [PR #3322 - @airween]\n - fix: build library on OSX without GeoIP brew package\n [PR #3319 - @theseion,@airween]\n - Update README.md\n [PR #3314 - @ElevationsRPG]\n - Fix: Add false positive cppcheck-suppress for compatibility with upda…\n [PR #3307 - @gberkes]\n - fix: align TIME_MON variable's behavior\n [PR #3306 - @M4tteoP,@theseion,@airween]\n - Fix m_requestHostName variable behavior\n [PR #3298 - @airween]\n - Add regression rules for test\n [PR #3291 - @hnakamur]\n - Fix modsecurity-regression-test-secremoterules.txt URL in example\n [PR #3287 - @hnakamur]\n - Use latest version of cppcheck (2.15.0) to analyze codebase\n [PR #3283 - @eduar-hte]\n - Replace usage of range-checked 'at' method when vector/string has already been size checked\n [PR #3280 - @eduar-hte]\n - chore: add 'log' action to rule 200005\n [PR #3266 - @airween]\n - docs: add a logo picture for github dark theme\n [PR #3264 - @xuruidong]\n - Leverage std::make_unique & std::make_shared to create objects in the heap\n [PR #3254 - @eduar-hte]\n - Simplified handling of RuleMessage by removing usage of std::shared_ptr\n [PR #3253 - @eduar-hte]\n - Simplified constructors, copy constructors & assignment operators\n [PR #3248 - @eduar-hte]\n\nv3.0.13 - 2024-Sep-03\n---------------------\n\n - Adjust reference to modsecurity::utils::string::VALID_HEX\n [PR #3243 - @eduar-hte]\n - Lua::run: Move logging of str parameter to higher log level.\n [PR #3240 - @frozenice]\n - Remove unnecessary heap allocated copies in Transformation actions\n [PR #3231 - @eduar-hte]\n - Removed multiple heap-allocated copies in Pm::init & parse_pm_content\n [PR #3233 - @eduar-hte]\n - Unit tests results should not be displayed in 'automake output' mode\n [PR #3232 - @eduar-hte]\n - Replace usage of std::ctime, which is not safe in\n multithread contexts\n [PR #3228 - @eduar-hte]\n - Removed unnecessary lock to call acmp_process_quick in Pm::evaluate\n [PR #3227 - @eduar-hte]\n - feat: Check if the MP header contains invalid character\n [PR #3225 - @airween]\n - Prevent concurrent access to data in InMemoryPerProcess'\n resolveXXX methods\n [PR #3216 - @eduar-hte]\n - Remove several string copies and unnecessary heap allocations\n [PR #3222 - @eduar-hte]\n - Creating a std::string with a null pointer\n is undefined behaviour\n [PR #3220 - @eduar-hte]\n - Simplifiy configuration to build using std C++17\n [PR #3219 - @eduar-hte]\n - Remove unnecessary dynamic casts\n [PR #3218 - @eduar-hte]\n - fix: Sonarcloud reported memleak fixes\n [PR #3114 - @airween]\n - V3/sonarcloud replace this declaration by a structured\n binding declaration\n [PR #3217 - @gberkes]\n - Do not assume ModSecurityIntervention argument to\n transaction::intervention has been initialized/cleaned\n [PR #3212 - @eduar-hte]\n - Refactor: used the init-statement to declare \"pos\" inside the\n if statement\n [PR #3214 - @gberkes]\n - Refactor: moved 3 #include directives to the top of the file.\n [PR #3213 - @gberkes]\n - Fix SecRemoteRules regression test not to depend on a\n specific error message\n [PR #3211 - @eduar-hte]\n - Fixed shared files deadlock in a multi-threaded Windows application\n [PR #3210 - @eduar-hte]\n - Add cleanup methods to complete C based ABI\n [PR #3209 - @eduar-hte]\n - Build on macOS with Apple silicon (arm64)\n [PR #3208 - @eduar-hte]\n - remove 'this throw' call in transaction\n [PR #3207 - @gberkes]\n - New API function: set hostname for log\n [PR #3203 - @airween]\n - Fixing typo in Dockerfile\n [PR #3189 - @bitbehz]\n - Simplify checkout of submodules in GitHub workflows (with support for git describe)\n [PR #3185 - @eduar-hte]\n - Update README.md: use submodule and use benchmark tool\n [PR #3182 - @airween]\n - Improve performance of VariableOrigin instances\n [PR #3164 - @eduar-hte]\n - Update libinjection & Mbed TLS\n [PR #3161 - @eduar-hte]\n - chore: add PR template (v3)\n [PR #3160 - @fzipi]\n - Update to seclang-scanner changes introduced by Windows support\n [PR #3146 - @eduar-hte]\n - GitHub build & quality assurance workflow updates\n [PR #3144 - @eduar-hte]\n - Add link to Rust bindings in README\n [PR #3141 - @rkrishn7]\n - Remove cppcheck suppressions with line numbers in test/cppcheck_suppressions.txt\n [PR #3134 - @eduar-hte]\n - Add support to build libModSecurity v3 on Windows\n [PR #3132 - @eduar-hte]\n - fix: update submodule url\n [PR #3128 - @fzipi]\n - fix(rbl): typo in rbl check selector\n [PR #3127 - @fzipi]\n - fix: Changed 'equal_range()' + loop by 'find()' in resolveFirst() methods\n [PR #3117 - @airween]\n - Deleted redundant code in 'ModSecurity::serverLog(...)'.\n [PR #3116 - @gberkes]\n - doc: Update CHANGES\n [PR #3101 - @airween]\n - Reduce the scope of variables in a for loop\n [PR #3098 - @devzero2000]\n - Clean up 'return' never will be executed.\n [PR #3096 - @gberkes]\n - fix: Replace obsolete macros\n [PR #3095 - @airween]\n - fix: Change 'SecEngineStatus' to Off by default\n [PR #3092 - @airween]\n - chore: update bug-report-for-version-3-x.md\n [PR #3086 - @fzipi]\n - test: Logical, syntax and cosmetic fixes on test cases\n [PR #3080 - @MirkoDziadzka, @airween]\n - Bump the C++ version from C++11 to C++17\n [PR #3079 - @MirkoDziadzka]\n - fix: makes uri decode platform independent\n [PR #3016 - @M4tteoP]\n\nv3.0.12 - 2024-Jan-30\n---------------------\n\n - Change REQUEST_FILENAME and REQUEST_BASENAME behavior\n [Issue #3048 - @martinhsv, @theMiddleBlue, @theseion, @M4tteoP, @airween]\n - Set the minimum security protocol version for SecRemoteRules\n [Issue security/code-scanning/2 - @airween]\n\nv3.0.11 - 2023-Dec-06\n---------------------\n\n - Add WRDE_NOCMD to wordexp call\n [Issue #3024 - @sahruldotid, @martinhsv]\n - Fix: validateDTD compile fails if when libxml2 not installed\n [Issue #3014 - @zangobot, @martinhsv]\n - Fix memory leak of validateDTD's dtd object\n [Issue #3008 - @martinhsv, @zimmerle]\n - Fix memory leaks in ValidateSchema\n [Issue #3005 - @martinhsv, @zimmerle]\n - Add support for expirevar action\n [Issue #1803, #3001 - @martinhsv]\n - Fix: lmdb regex match on non-null terminated string\n [Issue #2985 - @martinhsv]\n - Fix memory leaks in lmdb code (new'd strings)\n [Issue #2983 - @martinhsv]\n - Configure: add additional name to pcre2 pkg-config list\n [Issue #2939 - @agebhar1, @fzipi, @martinhsv]\n\nv3.0.10 - 2023-Jul-25\n---------------------\n\n - Fix: worst-case time in implementation of four transformations\n [Issue #2934 - @martinhsv]\n - Add TX synonym for MSC_PCRE_LIMITS_EXCEEDED\n [Issue #2901 - @airween]\n - Make MULTIPART_PART_HEADERS accessible to lua\n [Issue #2916 - @martinhsv]\n - Fix: Lua scripts cannot read whole collection at once\n [Issue #2900 - @udi-aharon, @airween, @martinhsv]\n - Fix: quoted Include config with wildcard\n [Issue #2905 - @wiseelf, @airween, @martinhsv]\n - Support isolated PCRE match limits\n [Issue #2736 - @brandonpayton, @martinhsv]\n - Fix: meta actions not applied if multiMatch in first rule of chain\n [Issue #2867, #2868 - @mlevogiannis, @martinhsv]\n - Fix: audit log may omit tags when multiMatch\n [Issue #2866 - @mlevogiannis]\n - Exclude CRLF from MULTIPART_PART_HEADER value\n [Issue #2870 - @airween, @martinhsv]\n - Configure: use AS_ECHO_N instead echo -n\n [Issue #2894 - @liudongmiao, @martinhsv]\n - Adjust position of memset from 2890\n [Issue #2891 - @mirkodziadzka-avi, @martinhsv]\n - Add test: empty lines in ipMatchFromFile test\n [Issue #2846 - @tomsommer]\n\n\nv3.0.9 - 2023-Apr-12\n--------------------\n\n - Fix: possible segfault on reload if duplicate ip+CIDR in ip match list\n [Issue #2877, #2890 - @tomsommer, @martinhsv]\n - Add some member variable inits in Transaction class (possible segfault)\n [Issue #2886 - @GNU-Plus-Windows-User, @airween, @mdounin, @martinhsv]\n - Resolve memory leak on reload (bison-generated variable)\n [Issue #2876 - @martinhsv]\n - Support equals sign in XPath expressions\n [Issue #2328 - @dennus, @martinhsv]\n - Encode two special chars in error.log output\n [Issue #2854 - @airween, @martinhsv]\n - Add JIT support for PCRE2\n [Issue #2791 - @wfjsw, @airween, @FireBurn, @martinhsv]\n - Support comments in ipMatchFromFile file via '#' token\n [Issue #2554 - @tomsommer, @martinhsv]\n - Use name package name libmaxminddb with pkg-config\n [Issue #2595, #2596 - @frankvanbever, @ffontaine, @arnout]\n - Fix: FILES_TMP_CONTENT collection key should use part name\n [Issue #2831 - @airween]\n - Use AS_HELP_STRING instead of obsolete AC_HELP_STRING macro\n [Issue #2806 - @hughmcmaster]\n - During configure, do not check for pcre if pcre2 specified\n [Issue #2750 - @dvershinin, @martinhsv]\n - Use pkg-config to find libxml2 first\n [Issue #2714 - @hughmcmaster]\n - Fix two rule-reload memory leak issues\n [Issue #2801 - @Abce, @martinhsv]\n - Correct whitespace handling for Include directive\n [Issue #2800 - @877509395, @martinhsv]\n\n\nv3.0.8 - 2022-Sep-07\n--------------------\n\n - Adjust parser activation rules in modsecurity.conf-recommended\n [Issue #2796 - @terjanq, @martinhsv]\n - Multipart parsing fixes and new MULTIPART_PART_HEADERS collection\n [Issue #2795 - @terjanq, @martinhsv]\n - Prevent LMDB related segfault\n [Issue #2755, #2761 - @dvershinin]\n - Fix msc_transaction_cleanup function comment typo\n [Issue #2788 - @lookat23]\n - Fix: MULTIPART_INVALID_PART connected to wrong internal variable\n [Issue #2785 - @martinhsv]\n - Restore Unique_id to include random portion after timestamp\n [Issue #2752, #2758 - @datkps11, @martinhsv]\n\nv3.0.7 - 2022-May-30\n--------------------\n\n - Move PCRE2 match block from member variable\n [@martinhsv]\n - Add SecArgumentsLimit, 200007 to modsecurity.conf-recommended\n [Issue #2738 - @jleproust, @martinhsv]\n - Fix memory leak when concurrent log includes REMOTE_USER\n [Issue #2727 - @liudongmiao]\n - Fix LMDB initialization issues\n [Issue #2688 - @ziollek, @martinhsv]\n - Fix initcol error message wording\n [Issue #2732 - @877509395, @martinhsv]\n - Tolerate other parameters after boundary in multipart C-T\n [Issue #1900 - @martinhsv]\n - Add DebugLog message for bad pattern in rx operator\n [Issue #2723 - @martinhsv]\n - Support PCRE2\n [Issue #2668 - @martinhsv]\n - Support SecRequestBodyNoFilesLimit\n [Issue #2670 - @airween, @martinhsv]\n - Fix misuses of LMDB API\n [Issue #2601, #2602 - @hyc]\n - Fix duplication typo in code comment\n [Issue #2677 - @gleydsonsoares]\n - Add ctl:auditEngine action support\n [Issue #2606 - @alekravch, @martinhsv]\n - Fix multiMatch msg, etc, population in audit log\n [Issue #2573 - @Sachin-M-Desai, @martinhsv]\n - Fix some name handling for ARGS_*NAMES: regex SecRuleUpdateTargetById, etc.\n [Issue #2627, #2648 - @lontchianicet, @victorserbu2709, @martinhsv]\n - Adjust confusing variable name in setRequestBody method\n [Issue #2635 - @Mesar-Ali, @martinhsv]\n - Multipart names/filenames may include single quote if double-quote enclosed\n [Issue #2352 - @martinhsv]\n - Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended\n [Issue #2647 - @theMiddleBlue, @airween, @877509395 ,@martinhsv]\n\n\nv3.0.6 - 2021-Nov-19\n--------------------\n\n - Support configurable limit on depth of JSON parsing\n [@theMiddleBlue, @martinhsv]\n\nv3.0.5 - 2021-Jul-07\n--------------------\n\n - Handle URI received with uri-fragment\n [@martinhsv]\n - Having ARGS_NAMES, variables proxied\n [@zimmerle, @martinhsv, @KaNikita]\n - Use explicit path for cross-compile environments.\n [Issue #2485 - @dtoubelis]\n - Fix: FILES variable does not use multipart part name for key\n [Issue #2377 - @martinhsv]\n - Replaces put with setenv in SetEnv action\n [Issue #2469 - @martinhsv, @WGH-, @zimmerle]\n - Regression: Mark the test as failed in case of segfault.\n [@zimmerle]\n - Regex key selection should not be case-sensitive\n [Issue #2296, #2107, #2297 - @michaelgranzow-avi, @victorhora,\n @airween, @martinhsv, @zimmerle]\n - Fix: Only delete Multipart tmp files after rules have run\n [Issue #2427 - @martinhsv]\n - Fixed MatchedVar on chained rules\n [Issue #2423, #2435, #2436 - @michaelgranzow-avi]\n - Add support for new operator rxGlobal\n [@martinhsv]\n - Fix maxminddb link on FreeBSD\n [Issue #2131 - @granalberto, @zimmerle]\n - Fix IP address logging in Section A\n [Issue #2300 - @inaratech, @zavazingo, @martinhsv]\n - Adds support to lua 5.4\n [@zimmerle]\n - GeoIP: switch to GEOIP_MEMORY_CACHE from GEOIP_INDEX_CACHE\n [Issues #2378, #2186 - @defanator]\n - rx: exit after full match (remove /g emulation); ensure capture\n groups occuring after unused groups still populate TX vars\n [Issue #2336 - @martinhsv]\n - Correct CHANGES file entry for #2234\n - Add support to test framework for audit log content verification\n and add regression tests for issues #2000, #2196\n - Support configurable limit on number of arguments processed\n [Issue #2234 - @jleproust, @martinhsv]\n - Multipart Content-Dispostion should allow field: filename*=\n [@martinhsv]\n - Fix rule-update-target for non-regex\n [Issue 2251 - @martinhsv]\n - Fix configure script when packaging for Buildroot\n [Issue 2235 - @frankvanbever]\n - modsecurity.pc.in: add Libs.private\n [Issue #1918, #2253 - @ffontaine, @Dridi, @victorhora] \n\nv3.0.4 - 2020-Jan-13\n--------------------\n\n - Fix: audit log data omitted when nolog,auditlog\n [@martinhsv]\n - Fix: ModSecurity 3.x inspectFile operator does not pass\n FILES_TMPNAMES parameter to lua engine\n [Issue #2204, #2205 - @kadirerdogan]\n - XML: Remove error messages from stderr\n [Issue #2010 - @JaiHarpalani, @zimmerle]\n - Filter comment or blank line for pmFromFile operator\n [Issue #1645 - @LeeShan87, @victorhora, @tdoubley]\n - Additional adjustment to Cookie header parsing\n [@martinhsv]\n - Restore chained rule part H logging to be more like 2.9 behaviour\n [Issue #2196 - @martinhsv]\n - Small fixes in log messages to help debugging the file upload\n [Issue #2130 - @airween]\n - Fix Cookie header parsing issues\n [Issue #2201 - @airween, @martinhsv]\n - Fix rules with nolog are logging to part H\n [Issue #2196 - @martinhsv]\n - Fix argument key-value pair parsing cases\n [Issue #1904 - @martinhsv]\n - Fix: audit log part for response body for JSON format to be E\n [Issue #2066 - @martinhsv, @zimmerle]\n - Make sure m_rulesMessages is filled after successfull match\n [Issue #2000, #2048 - @victorhora, @defanator]\n - Fix @pm lookup for possible matches on offset zero.\n [@zimmerle, @afoxdavidi, @martinhsv, @marshal09]\n - Regex lookup on the key name instead of COLLECTION:key\n [@rdiperri-yottaa, @danbiagini-work, @mmelo-yottaa, @zimmerle]\n - Missing throw in Operator::instantiate\n [Issue #2106 - @marduone]\n - Making block action execution dependent of the SecEngine status\n [Issue #2113, #2111 - @theMiddleBlue, @airween]\n - Making block action execution dependent of the SecEngine status\n [Issue #1960 - @theMiddleBlue, @zimmerle, @airween, @victorhora]\n - Having body limits to respect the rule engine state\n [@zimmerle]\n - Fix SecRuleUpdateTargetById does not match regular expressions\n [Issue #1872 - @zimmerle, @anush-cr, @victorhora, @j0k2r] \n - Adds missing check for runtime ctl:ruleRemoveByTag\n [Issue #2102, #2099 - @airween]\n - Adds a new operator verifySVNR that checks for Austrian social\n security numbers.\n [Issue #2063 - @Rufus125]\n - Fix variables output in debug logs\n [Issue #2057 - @jleproust]\n - Correct typo validade in log output\n [Issue #2059 - @nerrehmit]\n - fix/minor: Error encoding hexa decimal.\n [Issue #2068 - @tech-ozon-io]\n - Limit more log variables to 200 characters.\n [Issue #2073 - @jleproust]\n - parser: fix parsed file names\n [@zimmerle]\n - Allow empty anchored variable\n [Issue #2024 - @airween]\n - Fixed FILES_NAMES collection after the end of multipart parsing\n [Issue #2016 - @airween]\n - Fixed validateByteRange parsing method\n [Issue #2017 - @airween]\n - Removes a memory leak on the JSON parser\n [@zimmerle]\n - Enables LMDB on the regression tests.\n [Issue #2011, #2008 - @WGH-, @mdunc]\n - Fix: Extra whitespace in some configuration directives causing error\n [Issue #2006 - @porjo, @zimmerle]\n - Refactoring on Regex and SMatch classes.\n [@WGH-]\n - Fixed buffer overflow in Utils::Md5::hexdigest()\n [Issue #2002 - @defanator]\n - Implemented merge() method for ConfigInt, ConfigDouble, ConfigString\n [Issue #1990 - @defanator]\n - Adds initially support to the drop action.\n [@zimmerle]\n - Complete merging of particular rule properties\n [Issue #1978 - @defanator]\n - Replaces AC_CHECK_FILE with 'test -f'\n [Issue #1984 - @chuckwolber]\n - Fix inet addr handling on 64 bit big endian systems\n [Issue #1980 - @airween]\n - Fix tests on FreeBSD\n [Issue #1973 - @defanator]\n - Changes ENV test case to read the default MODSECURTIY env var\n [Issue #1969 - @zimmerle, @airween, @inittab]\n - Regression: Sets MODSECURITY env var during the tests execution\n [Issue #1969 - @zimmerle, @airween, @inittab]\n - Fix setenv action to strdup key=variable\n [@zimmerle]\n - Allow 0 length JSON requests.\n [Issue #1822 - @allanbomsft, @zimmerle, @victorhora, @marcstern]\n - Fix \"make dist\" target to include default configuration\n [Issue #1966 - @defanator]\n - Replaced log locking using mutex with fcntl lock\n [Issue #1949, #1927 - @Cloaked9000]\n - Correct the usage of modsecurity::Phases::NUMBER_OF_PHASES\n [Issue #1959 - @weliu]\n - Adds support to multiple ranges in ctl:ruleRemoveById\n [Issue #1956 - @theseion, @victorhora, @zimmerle]\n - Rule variable interpolation broken\n [Issue #1961 - @soonum, @zimmerle] \n - Make the boundary check less strict as per RFC2046\n [Issue #1943 - @victorhora, @allanbomsft]\n - Fix buffer size for utf8toUnicode transformation\n [Issue #1208 - @katef, @victorhora]\n\n\nv3.0.3 - 2018-Nov-05\n--------------------\n\n - Fix double macros bug\n [Issue #1943 - @supplient, @zimmerle]\n - Override the default status code if not suitable to redirect action\n [Issue #1850 - @zimmerle, @victorhora]\n - parser: Fix the support for CRLF configuration files\n [Issue #1945 - @zimmerle, @defanator, @kjakub]\n - Organizes the server logs\n [0xb7c36 and 0x5ac20 - @zimmerle, @steven-j-wojcik]\n - m_lineNumber in Rule not mapping with the correct line number in file\n [Issue #1844 - @zimmerle, @victorhora, @xizeng]\n - Using shared_ptr instead of unique_ptr on rules exceptions\n [Issue #1697 - @zimmerle, @brianp9906, @victorhora, @LeSwiss, @defanator]\n - Changes debuglogs schema to avoid unecessary str allocation\n [0xb2840 - @zimmerle]\n - Fix the SecUnicodeMapFile and SecUnicodeCodePage\n [0x3094d - @zimmerle, @victorhora]\n - Changes the timing to save the rule message\n [0xca270 - @zimmerle]\n - Fix crash in msc_rules_add_file() when using disruptive action in chain\n [Issue #1849 - @victorhora, @zimmerle, @rperper]\n - Fix memory leak in AuditLog::init()\n [Issue #1897 - @weliu]\n - Fix RulesProperties::appendRules()\n [Issue #1901 - @steven-j-wojcik]\n - Fix RULE lookup in chained rules\n [0x3077c - @zimmerle]\n - @ipMatch \"Could not add entry\" on slash/32 notation in 2.9.0\n [Issue #849 - @zimmerle, @dune73]\n - Using values after transformation at MATCHED_VARS\n [0x14316 - @zimmerle]\n - Adds support to UpdateActionById.\n [Issue #1800 - @zimmerle, @victorhora, @NisariAIT]\n - Add correct C function prototypes for msc_init and msc_create_rule_set\n [Issue #1922 - @steven-j-wojcik]\n - Allow LuaJIT 2.1 to be used\n [Issue #1909 - @victorhora, @mdunc]\n - Match m_id JSON log with RuleMessage and v2 format\n [Issue #1185 - @victorhora]\n - Adds support to setenv action.\n [Issue #1044 - @zimmerle]\n - Adds new transaction constructor that accepts the transaction id\n as parameter.\n [Issue #1627 - @defanator, @zimmerle]\n - Adds request IDs and URIs to the debug log\n [Issue #1627 - @defanator, @zimmerle]\n - Treating variables exception on load-time instead of run time.\n [0x028e0 and 0x275a1 - @zimmerle]\n - Fix: function m.setvar in Lua scripts and add testcases\n [Issue #1859 - @nowaits, @victorhora]\n - Fix SecResponseBodyAccess and ctl:requestBodyAccess directives\n [Issue #1531 - @victorhora, @defanator]\n - Fix OpenBSD build\n [Issue #1841 - @victorhora, @zimmerle, @juanfra684]\n - Fix parser to support GeoLookup with MaxMind\n [Issue #1884, #1895 - @victorhora, @everping]\n - parser: Fix simple quote setvar in the end of the line\n [Issue #1831 - @zimmerle, @csanders-git]\n - Fix pc file\n [Issue #1847 - @gquintard]\n - modsec_rules_check: uses the gnu `.la' instead of `.a' file\n [Issue #1853 - @ste7677, @victorhora, @zimmerle]\n - good practices: Initialize variables before use it\n [Issue #1889 - Marc Stern]\n - Fix utf-8 character encoding conversion\n [Issue #1794 - @tinselcity, @zimmerle]\n - Adds support for ctl:requestBodyProcessor=URLENCODED\n [Issue #1797 - @victorhora]\n - Add LUA compatibility for CentOS and try to use LuaJIT first if available\n [Issue #1622 - @victorhora, @dmitryzykov]\n - Allow LuaJIT to be used\n [Issue #1809 - @victorhora, @p0pr0ck5]\n - Implement support for Lua 5.1\n [Issue #1809 - @p0pr0ck5, @victorhora]\n - Variable names must match fully, not partially. Match should be case\n insensitive.\n [Issue #1818, #1820, #1810, #1808 - @michaelgranzow-avi, @victorhora,\n @theMiddleBlue, @airween, @zimmerle,\n @LeeShan87]\n - Improves the performance while loading the rules\n [Issue #1735 - @zimmerle, @p0pr0ck5, @victorhora]\n - Allow empty strings to be evaluated by regex::searchAll\n [Issue #1799, #1785 - @victorhora, @XuanHuyDuong, @zimmerle]\n - Adds basic pkg-config info\n [Issue #1790 - @gquintard, @zimmerle]\n - Fixed LMDB collection errors\n [Issue #1787 - @airween, @zimmerle]\n - Fixed false positive MULTIPART_UNMATCHED_BOUNDARY errors\n [Issue #1747, #1924 - @airween, @victorhora, @defanator, @zimmerle]\n - Fix ip tree lookup on netmask content\n [Issue #1793 - @tinselcity, @zimmerle]\n - Changes the behavior of the default sec actions\n [Issue #1629 - @mirkodziadzka-avi, @zimmerle, @victorhora]\n - Refactoring on {global,ip,resources,session,tx,user} collections\n [Issue #1754, #1778 - @LeeShan87, @zimmerle, @victorhora, @wwd5613,\n @sobigboy]\n - Fix race condition in UniqueId::uniqueId()\n [Issue #1786 - @weliu]\n - Fix memory leak in error message for msc_rules_merge C APIs\n [Issue #1765 - @weliu]\n - Return false in SharedFiles::open() when an error happens\n [Issue #1783 - @weliu]\n - Use rvalue reference in ModSecurity::serverLog\n [Issue #1769 - @weliu]\n - Build System: Fix when multiple lines for curl version.\n [Issue #1771 - @Artistan]\n - Checks if response body inspection is enabled before process it\n [Issue #1643 - @zoltan-fedor, @dennus, @defanator, @zimmerle]\n - Code Cleanup.\n [Issue #1757, #1755, #1756, #1761 - @p0pr0ck5]\n - Fix setvar parsing of quoted data\n [Issue #1733, #1759, #1775 - @victorhora, @JaiHarpalani, @defanator]\n - Fix LDFLAGS for unit tests.\n [Issue #1758 - @smlx]\n - Adds time stamp back to the audit logs\n [Issue #1762 - @Pjack, @zimmerle]\n - Disables skip counter if debug log is disabled\n [@zimmerle]\n - Cosmetics: Represents amount of skipped rules without decimal\n [Issue #1737 - @p0pr0ck5]\n - Add missing escapeSeqDecode, urlEncode and trimLeft/Right tfns to parser\n [Issue #1752 - @victorhora]\n - Fix STATUS var parsing and accept STATUS_LINE var for v2 backward comp.\n [Issue #1738 - @victorhora]\n - Fix memory leak in modsecurity::utils::expandEnv()\n [Issue #1750 - @defanator]\n - Initialize m_dtd member in ValidateDTD class as NULL\n [Issue #1751 - @airween]\n - Fix broken @detectxss operator regression test case\n [Issue #1739 - @p0pr0ck5]\n - Fix utils::string::ssplit() to handle delimiter in the end of string\n [Issue #1743, #1744 - @defanator]\n - Fix variable FILES_TMPNAMES \n [Issue #1646, #1610 - @victorhora, @zimmerle, @defanator]\n - Fix memory leak in Collections\n [Issue #1729, #1730 - @defanator]\n\n\nv3.0.2 - 2018-Apr-03\n--------------------\n\n - Fix lib version information while generating the .so file\n [@gl1f1v21, @zimmerle]\n\nv3.0.1 - 2018-Apr-02\n--------------------\n\n - Adds support for ctl:ruleRemoveByTag\n [@zimmerle, @weliu]\n - Fix SecUploadDir configuration merge\n [Issue #1720 - @zimmerle, @gjvanetten]\n - Include all prerequisites for \"make check\" into dist archive\n [Issue #1716 - @defanator]\n - Fix: Reverse logic of checking output in @inspectFile\n [Issue #1715 - @defanator]\n - Adds support to libMaxMind\n [Issue #1307 - @zimmerle, @defanator]\n - Adds capture action to detectXSS\n [Issue #1698 - @victorhora]\n - Temporarily accept invalid MULTIPART_SEMICOLON_MISSING operator\n [Issue #1701 - @victorhora]\n - Adds capture action to detectSQLi\n [Issue #1698 - @zimmerle]\n - Adds capture action to rbl\n [Issue #1698 - @zimmerle]\n - Adds capture action to verifyCC\n [Issue #1698 - @michaelgranzow-avi, @zimmerle]\n - Adds capture action to verifySSN\n [Issue #1698 - @zimmerle]\n - Adds capture action to verifyCPF\n [Issue #1698 - @zimmerle]\n - Prettier error messages for unsupported configurations (UX)\n [@victorhora]\n - Add missing verify*** transformation statements to parser\n [Issue #1006 and #1007 - @victorhora]\n - Fix a set of compilation warnings\n [Issue #1650 - @zimmerle, @JayCase]\n - Check for disruptive action on SecDefaultAction.\n [Issue #1614 - @zimmerle, @michaelgranzow-avi]\n - Fix block-block infinite loop.\n [Issue #1614 - @zimmerle, @michaelgranzow-avi]\n - Correction remove_by_tag and remove_by_msg logic.\n [Issue #1636 - @Minasu]\n - Fix LMDB compile error\n [Issue #1691 - @airween]\n - Fix msc_who_am_i() to return pointer to a valid C string\n [Issue #1640 - @defanator]\n - Added some cosmetics to autoconf related code\n [Issue #1652 - @airween]\n - Fix \"make dist\" target to include necessary headers for Lua\n [Issue #1678 - @defanator]\n - Fix \"include /foo/*.conf\" for single matched object in directory\n [Issue #1677 - @defanator, @zimmerle]\n - Add missing Base64 transformation statements to parser\n [Issue #1632 - @victorhora, @zimmerle]\n - Fixed resource load on ip match from file\n [#1674 - @zimmerle, @StefaanSeys]\n - Fixed examples compilation while using disable-shared\n [#1670 - @zimmerle, @ivanbaldo]\n - Fixed compilation issue while xml is disabled\n [0x243028 - @zimmerle]\n - Having LDADD and LDFLAGS organized on Makefile.am\n [0xd0e85e - @zimmerle]\n - Checking std::deque size before use it\n [0x217cbf - @zimmerle, Yaron Dayagi]\n - perf improvement: Added the concept of RunTimeString and removed\n all run time parser.\n [0x3eae51 0x0320e0 0xb5688f 0xfe47a9 0xfa9842 0x1affc3 0x079de4\n 0xc7c04f 0x5262ea 0x01974a 0xd5ee1e - @zimmerle]\n - perf improvement: Checks debuglog level before format debug msg\n [0x42ee9 - @zimmerle]\n - perf. improvement/rx: Only compute dynamic regex in case of macro\n [0x91ff3 - @zimmerle]\n - Fix uri on the benchmark utility\n [0x63bec - @zimmerle]\n - disable Lua on systems with liblua5.1\n [Issue #1639 - @victorhora, @defanator]\n\nv3.0.0 - 2017-Dec-13\n--------------------\n\n - Improvements on LUA build scripts and support for LUA 5.2.\n [Issue #1617 and #1622 - @victorhora, @zimmerle]\n - Fix compilation error with disable_debug_log flag\n [0xfd84e - Izik Abramov]\n - Improvements on the benchmark tool.\n [Issue #1615 - @zimmerle]\n - Fix lua headers on the build scripts\n [Issue #1621 - @Minasu]\n - Refactoring on the JSON parser.\n [Issue #1576, #1577 - Tobias Gutknecht, @zimmerle, @victorhora, @marcstern]\n - Adds support to WEBAPPID variable.\n [Issue #1027 - @zimmerle, @victorhora]\n - Adds support for SecWebAppId.\n [Issue #1442 - @zimmerle, @victorhora] \n - Adds support for SecRuleRemoveByTag.\n [Issue #1476 - @zimmerle, @victorhora]\n - Adds support for update target by message.\n [Issue #1474 - @zimmerle, @victorhora]\n - Adds support to SecRuleScript directive.\n [Issue #994 - @zimmerle]\n - Adds support for the exec action.\n [Issue #1050 - @zimmerle]\n - Adds support for transformations inside Lua engine\n [Issue #994 - @zimmerle]\n - Adds initial support for Lua engine.\n [Issue #994 - @zimmerle]\n - Adds support for @inspectFile operator.\n [Issue #999 - @zimmerle, @victorhora]\n - Adds support for RESOURCE variable collection.\n [Issue #1014 - @zimmerle, @victorhora]\n - Adds support for @fuzzyHash operator.\n [Issue #997 - @zimmerle]\n - Fix build on non x86 arch build\n [Issue #1598 - @athmane]\n - Fix memory issue while changing rule target dynamic\n [Issue #1590 - @zimmerle, @slabber]\n - Fix log while displaying the name of a dict selection by regex.\n [@zimmerle]\n - Setting http response code on the auditlog.\n [Issue #1592 - @zimmerle]\n - Refactoring on RuleMessage class, now accepting http code as parameter.\n [@zimmerle]\n - Having disruptive msgs as disruptive [instead of warnings] on audit log\n [Issue #1592 - @zimmerle, @nobodysz]\n - Parser: Pipes are no longer welcomed inside regex dict element selection.\n [Issue #1591 - @zimmerle, @slabber]\n - Avoids unicode initialization on every rules object\n [Issue #1563 - @zimmerle, @Tiki-God, @sethinsd, @Cloaked9000, @AnoopAlias,\n @intelbg]\n - Makes clear to the user whenever the audit log is empty due to missing\n JSON support.\n [Issue #1585 - @zimmerle]\n - Makes auditlog more verbose on debug logs\n [Issue: #1559 - @zimmerle]\n - Enable support for AuditLogFormat\n Issue: #1583, #1493 and #1453 - @victorhora]\n - Adds macro expansion for @rx operator\n [Issue: #1528, #1536 - @asterite3, @zimmerle]\n - Consideres under quoted variable while loading the rules.\n [Felipe Zimmerle/@zimmerle, Victor Hora/@victorhora]\n - Store the connection and url parameters in std::string\n [Issue: #1571 - @majordaw]\n - Eliminate some reorder and sign warnings\n [Issue: #1572 - Dávid Major/@majordaw]\n - Makes parallel logging to work when SELinux is enabled.\n [Issue: #1562 - David Buckle/@met3or]\n - Adds possibility to run the pm operator inside a mutex to avoid concurrent\n access while working on a thread environment. This option is a compilation\n flag.\n [Felipe Zimmerle/@zimmerle]\n\n\nv3.0.0-rc1 - 2017-Aug-28\n------------------------\n\n Very first public version.\n\n" }, { "path": "LICENSE", "content": " Apache License\n Version 2.0, January 2004\n http://www.apache.org/licenses/\n\n TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n 1. Definitions.\n\n \"License\" shall mean the terms and conditions for use, reproduction,\n and distribution as defined by Sections 1 through 9 of this document.\n\n \"Licensor\" shall mean the copyright owner or entity authorized by\n the copyright owner that is granting the License.\n\n \"Legal Entity\" shall mean the union of the acting entity and all\n other entities that control, are controlled by, or are under common\n control with that entity. For the purposes of this definition,\n \"control\" means (i) the power, direct or indirect, to cause the\n direction or management of such entity, whether by contract or\n otherwise, or (ii) ownership of fifty percent (50%) or more of the\n outstanding shares, or (iii) beneficial ownership of such entity.\n\n \"You\" (or \"Your\") shall mean an individual or Legal Entity\n exercising permissions granted by this License.\n\n \"Source\" form shall mean the preferred form for making modifications,\n including but not limited to software source code, documentation\n source, and configuration files.\n\n \"Object\" form shall mean any form resulting from mechanical\n transformation or translation of a Source form, including but\n not limited to compiled object code, generated documentation,\n and conversions to other media types.\n\n \"Work\" shall mean the work of authorship, whether in Source or\n Object form, made available under the License, as indicated by a\n copyright notice that is included in or attached to the work\n (an example is provided in the Appendix below).\n\n \"Derivative Works\" shall mean any work, whether in Source or Object\n form, that is based on (or derived from) the Work and for which the\n editorial revisions, annotations, elaborations, or other modifications\n represent, as a whole, an original work of authorship. For the purposes\n of this License, Derivative Works shall not include works that remain\n separable from, or merely link (or bind by name) to the interfaces of,\n the Work and Derivative Works thereof.\n\n \"Contribution\" shall mean any work of authorship, including\n the original version of the Work and any modifications or additions\n to that Work or Derivative Works thereof, that is intentionally\n submitted to Licensor for inclusion in the Work by the copyright owner\n or by an individual or Legal Entity authorized to submit on behalf of\n the copyright owner. For the purposes of this definition, \"submitted\"\n means any form of electronic, verbal, or written communication sent\n to the Licensor or its representatives, including but not limited to\n communication on electronic mailing lists, source code control systems,\n and issue tracking systems that are managed by, or on behalf of, the\n Licensor for the purpose of discussing and improving the Work, but\n excluding communication that is conspicuously marked or otherwise\n designated in writing by the copyright owner as \"Not a Contribution.\"\n\n \"Contributor\" shall mean Licensor and any individual or Legal Entity\n on behalf of whom a Contribution has been received by Licensor and\n subsequently incorporated within the Work.\n\n 2. Grant of Copyright License. Subject to the terms and conditions of\n this License, each Contributor hereby grants to You a perpetual,\n worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n copyright license to reproduce, prepare Derivative Works of,\n publicly display, publicly perform, sublicense, and distribute the\n Work and such Derivative Works in Source or Object form.\n\n 3. Grant of Patent License. Subject to the terms and conditions of\n this License, each Contributor hereby grants to You a perpetual,\n worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n (except as stated in this section) patent license to make, have made,\n use, offer to sell, sell, import, and otherwise transfer the Work,\n where such license applies only to those patent claims licensable\n by such Contributor that are necessarily infringed by their\n Contribution(s) alone or by combination of their Contribution(s)\n with the Work to which such Contribution(s) was submitted. If You\n institute patent litigation against any entity (including a\n cross-claim or counterclaim in a lawsuit) alleging that the Work\n or a Contribution incorporated within the Work constitutes direct\n or contributory patent infringement, then any patent licenses\n granted to You under this License for that Work shall terminate\n as of the date such litigation is filed.\n\n 4. Redistribution. You may reproduce and distribute copies of the\n Work or Derivative Works thereof in any medium, with or without\n modifications, and in Source or Object form, provided that You\n meet the following conditions:\n\n (a) You must give any other recipients of the Work or\n Derivative Works a copy of this License; and\n\n (b) You must cause any modified files to carry prominent notices\n stating that You changed the files; and\n\n (c) You must retain, in the Source form of any Derivative Works\n that You distribute, all copyright, patent, trademark, and\n attribution notices from the Source form of the Work,\n excluding those notices that do not pertain to any part of\n the Derivative Works; and\n\n (d) If the Work includes a \"NOTICE\" text file as part of its\n distribution, then any Derivative Works that You distribute must\n include a readable copy of the attribution notices contained\n within such NOTICE file, excluding those notices that do not\n pertain to any part of the Derivative Works, in at least one\n of the following places: within a NOTICE text file distributed\n as part of the Derivative Works; within the Source form or\n documentation, if provided along with the Derivative Works; or,\n within a display generated by the Derivative Works, if and\n wherever such third-party notices normally appear. The contents\n of the NOTICE file are for informational purposes only and\n do not modify the License. You may add Your own attribution\n notices within Derivative Works that You distribute, alongside\n or as an addendum to the NOTICE text from the Work, provided\n that such additional attribution notices cannot be construed\n as modifying the License.\n\n You may add Your own copyright statement to Your modifications and\n may provide additional or different license terms and conditions\n for use, reproduction, or distribution of Your modifications, or\n for any such Derivative Works as a whole, provided Your use,\n reproduction, and distribution of the Work otherwise complies with\n the conditions stated in this License.\n\n 5. Submission of Contributions. Unless You explicitly state otherwise,\n any Contribution intentionally submitted for inclusion in the Work\n by You to the Licensor shall be under the terms and conditions of\n this License, without any additional terms or conditions.\n Notwithstanding the above, nothing herein shall supersede or modify\n the terms of any separate license agreement you may have executed\n with Licensor regarding such Contributions.\n\n 6. Trademarks. This License does not grant permission to use the trade\n names, trademarks, service marks, or product names of the Licensor,\n except as required for reasonable and customary use in describing the\n origin of the Work and reproducing the content of the NOTICE file.\n\n 7. Disclaimer of Warranty. Unless required by applicable law or\n agreed to in writing, Licensor provides the Work (and each\n Contributor provides its Contributions) on an \"AS IS\" BASIS,\n WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n implied, including, without limitation, any warranties or conditions\n of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n PARTICULAR PURPOSE. You are solely responsible for determining the\n appropriateness of using or redistributing the Work and assume any\n risks associated with Your exercise of permissions under this License.\n\n 8. Limitation of Liability. In no event and under no legal theory,\n whether in tort (including negligence), contract, or otherwise,\n unless required by applicable law (such as deliberate and grossly\n negligent acts) or agreed to in writing, shall any Contributor be\n liable to You for damages, including any direct, indirect, special,\n incidental, or consequential damages of any character arising as a\n result of this License or out of the use or inability to use the\n Work (including but not limited to damages for loss of goodwill,\n work stoppage, computer failure or malfunction, or any and all\n other commercial damages or losses), even if such Contributor\n has been advised of the possibility of such damages.\n\n 9. Accepting Warranty or Additional Liability. While redistributing\n the Work or Derivative Works thereof, You may choose to offer,\n and charge a fee for, acceptance of support, warranty, indemnity,\n or other liability obligations and/or rights consistent with this\n License. However, in accepting such obligations, You may act only\n on Your own behalf and on Your sole responsibility, not on behalf\n of any other Contributor, and only if You agree to indemnify,\n defend, and hold each Contributor harmless for any liability\n incurred by, or claims asserted against, such Contributor by reason\n of your accepting any such warranty or additional liability.\n\n END OF TERMS AND CONDITIONS\n\n APPENDIX: How to apply the Apache License to your work.\n\n To apply the Apache License to your work, attach the following\n boilerplate notice, with the fields enclosed by brackets \"[]\"\n replaced with your own identifying information. (Don't include\n the brackets!) The text should be enclosed in the appropriate\n comment syntax for the file format. We also recommend that a\n file or class name and description of purpose be included on the\n same \"printed page\" as the copyright notice for easier\n identification within third-party archives.\n\n Copyright [yyyy] [name of copyright owner]\n\n Licensed under the Apache License, Version 2.0 (the \"License\");\n you may not use this file except in compliance with the License.\n You may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\n Unless required by applicable law or agreed to in writing, software\n distributed under the License is distributed on an \"AS IS\" BASIS,\n WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n See the License for the specific language governing permissions and\n limitations under the License.\n" }, { "path": "Makefile.am", "content": "\nif TEST_UTILITIES\nexport MAYBE_TEST = test\nendif\n\nif EXAMPLES\nexport MAYBE_EXAMPLES = examples\nendif\n\n\nSUBDIRS = \\\n\tothers \\\n\tsrc \\\n\tdoc \\\n\ttools \\\n\t$(MAYBE_EXAMPLES) \\\n\t$(MAYBE_TEST)\n\n\n\n# make clean\nCLEANFILES = \n\nACLOCAL_AMFLAGS = -I build\n\n# make maintainer-clean\nMAINTAINERCLEANFILES = \\\n\taclocal.m4 \\\n\tar-lib \\\n\tbuild/libtool.m4 \\\n\tbuild/lt~obsolete.m4 \\\n\tbuild/ltoptions.m4 \\\n\tbuild/ltsugar.m4 \\\n\tbuild/ltversion.m4 \\\n\tcoding-style.txt \\\n\tcompile \\\n\tconfig.guess \\\n\tconfig.sub \\\n\tconfigure \\\n\tcppcheck.txt \\\n\tdepcomp \\\n\tinstall-sh \\\n\tltmain.sh \\\n\tMakefile.in \\\n\tmissing \\\n\ttest/modsec-shared-collections \\\n\ttest/modsec-shared-collections-lock \\\n\ttest-suite-drd.log \\\n\ttest-suite-helgrind.log \\\n\ttest-suite-memcheck.log \\\n\tylwrap\n\nparser:\n\tcat src/parser/seclang-parser.hh | sed \"s/return \\*new (yyas_ ()) T (t)/return *new (yyas_ ()) T (std::move((T\\&)t))/g\" > src/parser/seclang-parser.hh.fix && mv src/parser/seclang-parser.hh.fix src/parser/seclang-parser.hh\n\n\n\ncppcheck:\n\t@cppcheck -U YYSTYPE -U MBEDTLS_MD5_ALT -U MBEDTLS_SHA1_ALT \\\n\t\t-D MS_CPPCHECK_DISABLED_FOR_PARSER -U YY_USER_INIT \\\n\t\t--suppressions-list=./test/cppcheck_suppressions.txt \\\n\t\t--inline-suppr \\\n\t\t--enable=warning,style,performance,portability,unusedFunction,missingInclude \\\n\t\t--inconclusive \\\n\t\t--template=\"warning: {file},{line},{severity},{id},{message}\" \\\n\t\t-I headers -I . -I $(top_srcdir)/others -I $(top_srcdir)/src -I $(top_srcdir)/others/mbedtls/include \\\n\t\t--error-exitcode=1 \\\n\t\t-i \"src/parser/seclang-parser.cc\" -i \"src/parser/seclang-scanner.cc\" \\\n\t\t-i others \\\n\t\t--std=c++17 \\\n\t\t--force --verbose .\n\n\ncheck-static: cppcheck\n\ncheck-style: check-coding-style\n\ncheck-coding-style:\n\t@cpplint.py \\\n\t\t$$(find . -name \"*.h\" -o -name \"*.cc\" | xargs) 2>&1 \\\n \t\t| egrep -v $$(echo -n \"catchall\" ; \\\n\t \t\tfor i in $$(cat test/coding_style_suppressions.txt); do echo -n \"|\"$$i; done) \\\n\t\t| sed 's/^\\./warning: ./g' > coding-style.txt\n\t-cat coding-style.txt\n\n\n@VALGRIND_CHECK_RULES@\nVALGRIND_SUPPRESSIONS_FILES = valgrind_suppressions.txt\n\nLOG_DRIVER = env $(SHELL) $(top_srcdir)/test/custom-test-driver\nAM_TESTS_ENVIRONMENT=AUTOMAKE_TESTS=true; export AUTOMAKE_TESTS;\nLOG_COMPILER=test/test-suite.sh\n\nTESTS=\ninclude test/test-suite.in\n\npkgconfigdir = $(libdir)/pkgconfig\npkgconfig_DATA = modsecurity.pc\nEXTRA_DIST = modsecurity.pc.in \\\n modsecurity.conf-recommended \\\n unicode.mapping\n\n" }, { "path": "README.md", "content": "\n\n \n \n \n\n\n![Quality Assurance](https://github.com/owasp-modsecurity/ModSecurity/workflows/Quality%20Assurance/badge.svg)\n[![Build Status](https://sonarcloud.io/api/project_badges/measure?project=owasp-modsecurity_ModSecurity&metric=alert_status)](https://sonarcloud.io/dashboard?id=owasp-modsecurity_ModSecurity)\n[![](https://sonarcloud.io/api/project_badges/measure?project=owasp-modsecurity_ModSecurity&metric=sqale_rating\n)](https://sonarcloud.io/dashboard?id=owasp-modsecurity_ModSecurity)\n[![](https://sonarcloud.io/api/project_badges/measure?project=owasp-modsecurity_ModSecurity&metric=reliability_rating\n)](https://sonarcloud.io/dashboard?id=owasp-modsecurity_ModSecurity)\n[![](https://sonarcloud.io/api/project_badges/measure?project=owasp-modsecurity_ModSecurity&metric=security_rating\n)](https://sonarcloud.io/dashboard?id=owasp-modsecurity_ModSecurity)\n[![](https://sonarcloud.io/api/project_badges/measure?project=owasp-modsecurity_ModSecurity&metric=vulnerabilities\n)](https://sonarcloud.io/dashboard?id=owasp-modsecurity_ModSecurity)\n\n\n\nLibmodsecurity is one component of the ModSecurity v3 project. The library\ncodebase serves as an interface to ModSecurity Connectors taking in web traffic\nand applying traditional ModSecurity processing. In general, it provides the\ncapability to load/interpret rules written in the ModSecurity SecRules format\nand apply them to HTTP content provided by your application via Connectors.\n\nIf you are looking for ModSecurity for Apache (aka ModSecurity v2.x), it is still under maintenance and available:\n[here](https://github.com/owasp-modsecurity/ModSecurity/tree/v2/master).\n\n### What is the difference between this project and the old ModSecurity (v2.x.x)?\n\n* All Apache dependencies have been removed\n* Higher performance\n* New features\n* New architecture\n\nLibmodsecurity is a complete rewrite of the ModSecurity platform. When it was first devised the ModSecurity project started as just an Apache module. Over time the project has been extended, due to popular demand, to support other platforms including (but not limited to) Nginx and IIS. In order to provide for the growing demand for additional platform support, it has became necessary to remove the Apache dependencies underlying this project, making it more platform independent.\n\nAs a result of this goal we have rearchitected Libmodsecurity such that it is no longer dependent on the Apache web server (both at compilation and during runtime). One side effect of this is that across all platforms users can expect increased performance. Additionally, we have taken this opportunity to lay the groundwork for some new features that users have been long seeking. For example we are looking to natively support auditlogs in the JSON format, along with a host of other functionality in future versions.\n\n\n### It is no longer just a module.\n\nThe 'ModSecurity' branch no longer contains the traditional module logic (for Nginx, Apache, and IIS) that has traditionally been packaged all together. Instead, this branch only contains the library portion (libmodsecurity) for this project. This library is consumed by what we have termed 'Connectors' these connectors will interface with your webserver and provide the library with a common format that it understands. Each of these connectors is maintained as a separate GitHub project. For instance, the Nginx connector is supplied by the ModSecurity-nginx project (https://github.com/owasp-modsecurity/ModSecurity-nginx).\n\nKeeping these connectors separated allows each project to have different release cycles, issues and development trees. Additionally, it means that when you install ModSecurity v3 you only get exactly what you need, no extras you won't be using.\n\n# Compilation\n\nBefore starting the compilation process, make sure that you have all the\ndependencies in place. Read the subsection “Dependencies” for further\ninformation.\n\nAfter the compilation make sure that there are no issues on your\nbuild/platform. We strongly recommend the utilization of the unit tests and\nregression tests. These test utilities are located under the subfolder ‘tests’.\n\nAs a dynamic library, don’t forget that libmodsecurity must be installed to a location (folder) where you OS will be looking for dynamic libraries.\n\n\n\n### Unix (Linux, MacOS, FreeBSD, …)\n\nOn unix the project uses autotools to help the compilation process. Please note that if you are working with `git`, don't forget to initialize and update the submodules. Here's a quick how-to:\n```shell\n$ git clone --recursive https://github.com/owasp-modsecurity/ModSecurity ModSecurity\n$ cd ModSecurity\n```\n\nYou can then start the build process:\n\n```shell\n$ ./build.sh\n$ ./configure\n$ make\n$ sudo make install\n```\n\nDetails on distribution specific builds can be found in our Wiki:\n[Compilation Recipes](https://github.com/owasp-modsecurity/ModSecurity/wiki/Compilation-recipes)\n\n### Windows\n\nWindows build information can be found [here](build/win32/README.md).\n\n## Dependencies\n\nThis library is written in C++ using the C++17 standards. It also uses Flex\nand Yacc to produce the “Sec Rules Language” parser. Other, mandatory dependencies include YAJL, as ModSecurity uses JSON for producing logs and its testing framework, libpcre (not yet mandatory) for processing regular expressions in SecRules, and libXML2 (not yet mandatory) which is used for parsing XML requests.\n\nAll others dependencies are related to operators specified within SecRules or configuration directives and may not be required for compilation. A short list of such dependencies is as follows:\n\n* libinjection is needed for the operator @detectXSS and @detectSQL\n* curl is needed for the directive SecRemoteRules.\n\nIf those libraries are missing ModSecurity will be compiled without the support for the operator @detectXSS and the configuration directive SecRemoteRules.\n\n# Library documentation\n\nThe library documentation is written within the code in Doxygen format. To generate this documentation, please use the doxygen utility with the provided configuration file, “doxygen.cfg”, located with the \"doc/\" subfolder. This will generate HTML formatted documentation including usage examples.\n\n# Library utilization\n\nThe library provides a C++ and C interface. Some resources are currently only\navailable via the C++ interface, for instance, the capability to create custom logging\nmechanism (see the regression test to check for how those logging mechanism works).\nThe objective is to have both APIs (C, C++) providing the same functionality,\nif you find an aspect of the API that is missing via a particular interface, please open an issue.\n\nInside the subfolder examples, there are simple examples on how to use the API.\nBelow some are illustrated:\n\n### Simple example using C++\n\n```c++\nusing ModSecurity::ModSecurity;\nusing ModSecurity::Rules;\nusing ModSecurity::Transaction;\n\nModSecurity *modsec;\nModSecurity::Rules *rules;\n\nmodsec = new ModSecurity();\n\nrules = new Rules();\n\nrules->loadFromUri(rules_file);\n\nTransaction *modsecTransaction = new Transaction(modsec, rules);\n\nmodsecTransaction->processConnection(\"127.0.0.1\");\nif (modsecTransaction->intervention()) {\n std::cout << \"There is an intervention\" << std::endl;\n}\n```\n\n### Simple example using C\n\n```c\n#include \"modsecurity/modsecurity.h\"\n#include \"modsecurity/transaction.h\"\n\n\nchar main_rule_uri[] = \"basic_rules.conf\";\n\nint main (int argc, char **argv)\n{\n ModSecurity *modsec = NULL;\n Transaction *transaction = NULL;\n Rules *rules = NULL;\n\n modsec = msc_init();\n\n rules = msc_create_rules_set();\n msc_rules_add_file(rules, main_rule_uri);\n\n transaction = msc_new_transaction(modsec, rules);\n\n msc_process_connection(transaction, \"127.0.0.1\");\n msc_process_uri(transaction, \"http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3&test=args&test=test\");\n msc_process_request_headers(transaction);\n msc_process_request_body(transaction);\n msc_process_response_headers(transaction);\n msc_process_response_body(transaction);\n\n return 0;\n}\n\n```\n\n# Contributing\n\nYou are more than welcome to contribute to this project and look forward to growing the community around this new version of ModSecurity. Areas of interest include: New\nfunctionalities, fixes, bug report, support for beginning users, or anything that you\nare willing to help with.\n\n## Providing patches\n\nWe prefer to have your patch within the GitHub infrastructure to facilitate our\nreview work, and our Q.A. integration. GitHub provides excellent\ndocumentation on how to perform “Pull Requests”, more information available\nhere: https://help.github.com/articles/using-pull-requests/\n\nPlease respect the coding style. Pull requests can include various commits, so\nprovide one fix or one piece of functionality per commit. Please do not change anything outside\nthe scope of your target work (e.g. coding style in a function that you have\npassed by). For further information about the coding style used in this\nproject, please check: https://www.chromium.org/blink/coding-style\n\nProvides explanative commit messages. Your first line should give the highlights of your\npatch, 3rd and on give a more detailed explanation/technical details about your\npatch. Patch explanation is valuable during the review process.\n\n### Don’t know where to start?\n\nWithin our code there are various items marked as TODO or FIXME that may need\nyour attention. Check the list of items by performing a grep:\n\n```\n$ cd /path/to/modsecurity-nginx\n$ egrep -Rin \"TODO|FIXME\" -R *\n```\n\nA TODO list is also available as part of the Doxygen documentation.\n\n### Testing your patch\n\nAlong with the manual testing, we strongly recommend you to use the our\nregression tests and unit tests. If you have implemented an operator, don’t\nforget to create unit tests for it. If you implement anything else, it is encouraged that you develop complimentary regression tests for it.\n\nThe regression test and unit test utilities are native and do not demand any\nexternal tool or script, although you need to fetch the test cases from other\nrepositories, as they are shared with other versions of ModSecurity, those\nothers repositories git submodules. To fetch the submodules repository and run\nthe utilities, follow the commands listed below:\n\n```shell\n$ cd /path/to/your/ModSecurity\n$ git submodule update --init --recursive\n$ make check\n ```\n\n### Debugging\n\n\nBefore start the debugging process, make sure of where your bug is. The problem\ncould be on your connector or in libmodsecurity. In order to identify where the\nbug is, it is recommended that you develop a regression test that mimics the\nscenario where the bug is happening. If the bug is reproducible with the\nregression-test utility, then it will be far simpler to debug and ensure that it never occurs again. On Linux it is\nrecommended that anyone undertaking debugging utilize gdb and/or valgrind as needed.\n\nDuring the configuration/compilation time, you may want to disable the compiler\noptimization making your “back traces” populated with readable data. Use the\nCFLAGS to disable the compilation optimization parameters:\n\n```shell\n$ export CFLAGS=\"-g -O0\"\n$ ./build.sh\n$ ./configure --enable-assertions=yes\n$ make\n$ sudo make install\n```\n\"Assertions allow us to document assumptions and to spot violations early in the\ndevelopment process. What is more, assertions allow us to spot violations with a\nminimum of effort.\" https://dl.acm.org/doi/pdf/10.1145/240964.240969\n\nIt is recommended to use assertions where applicable, and to enable them with\n'--enable-assertions=yes' during the testing and debugging workflow.\n\n### Benchmarking\n\nThe source tree includes a Benchmark tool that can help measure library performance. The tool is located in the `test/benchmark/` directory. The build process also creates the binary here, so you will have the tool after the compilation is finished.\n\nTo run, just type:\n\n```shell\ncd test/benchmark\n$ ./benchmark\nDoing 1000000 transactions...\n\n```\n\nYou can also pass a lower value:\n\n```shell\n$ ./benchmark 1000\nDoing 1000 transactions...\n```\n\nTo measure the time:\n```shell\n$ time ./benchmark 1000\nDoing 1000 transactions...\n\nreal\t0m0.351s\nuser\t0m0.337s\nsys\t0m0.022s\n```\n\nThis is very fast because the benchmark uses the minimal `modsecurity.conf.default` configuration, which doesn't include too many rules:\n\n```shell\n$ cat basic_rules.conf\n\nInclude \"../../modsecurity.conf-recommended\"\n\n```\n\nTo measure with real rules, run one of the download scripts in the same directory:\n\n```shell\n$ ./download-owasp-v3-rules.sh\nCloning into 'owasp-v3'...\nremote: Enumerating objects: 33007, done.\nremote: Counting objects: 100% (2581/2581), done.\nremote: Compressing objects: 100% (907/907), done.\nremote: Total 33007 (delta 2151), reused 2004 (delta 1638), pack-reused 30426\nReceiving objects: 100% (33007/33007), 9.02 MiB | 16.21 MiB/s, done.\nResolving deltas: 100% (25927/25927), done.\nSwitched to a new branch 'tag3.0.2'\n/path/to/ModSecurity/test/benchmark\nDone.\n\n$ cat basic_rules.conf\n\nInclude \"../../modsecurity.conf-recommended\"\n\nInclude \"owasp-v3/crs-setup.conf.example\"\nInclude \"owasp-v3/rules/*.conf\"\n```\n\nNow the command will give much higher value.\n\n#### How the benchmark works\n\nThe tool is a straightforward wrapper application that utilizes the library. It creates a ModSecurity instance and a RuleSet instance, then runs a loop based on the specified number. Within this loop, it creates a Transaction object to emulate real HTTP transactions.\n\nEach transaction is an HTTP/1.1 GET request with some GET parameters. Common headers are added, followed by the response headers and an XML body. Between phases, the tool checks whether an intervention has occurred. All transactions are created with the same data.\n\nNote that the tool does not call the last phase (logging).\n\nPlease remember to reset `basic_rules.conf` if you want to try with a different ruleset.\n\n## Reporting Issues\n\nIf you are facing a configuration issue or something is not working as you\nexpected to be, please use the ModSecurity user’s mailing list. Issues on GitHub\nare also welcomed, but we prefer to have user ask questions on the mailing list first so that you can reach an entire community. Also don’t forget to look for existing issues before open a new one.\n\nIf you are going to open a new issue on GitHub, don’t forget to tell us the\nversion of your libmodsecurity and the version of a specific connector if there\nis one.\n\n\n### Security issue\n\nPlease do not make public any security issue. Contact us at:\nmodsecurity@owasp.org reporting the issue. Once the problem is fixed your\ncredit will be given.\n\n## Feature request\n\nWe are open to discussing any new feature request with the community via the mailing lists. You can alternativly,\nfeel free to open GitHub issues requesting new features. Before opening a\nnew issue, please check if there is one already opened on the same topic.\n\n## Bindings\n\nThe libModSecurity design allows the integration with bindings. There is an effort to avoid breaking API [binary] compatibility to make an easy integration with possible bindings. Currently, there are a few notable projects maintained by the community:\n * Python - https://github.com/actions-security/pymodsecurity\n * Rust - https://github.com/rkrishn7/rust-modsecurity\n * Varnish - https://github.com/xdecock/vmod-modsecurity\n\n## Packaging\n\nHaving our packages in distros on time is a desire that we have, so let us know\nif there is anything we can do to facilitate your work as a packager.\n\n## Sponsor Note\n\nDevelopment of ModSecurity is sponsored by Trustwave. Sponsorship will end July 1, 2024. Additional information can be found here https://www.trustwave.com/en-us/resources/security-resources/software-updates/end-of-sale-and-trustwave-support-for-modsecurity-web-application-firewall/\n" }, { "path": "SECURITY.md", "content": "# Security Policy\n\n## Supported Versions\n\nThe latest versions of both v2.9.x and v3.0.x are supported.\n\n## Reporting a Vulnerability\n\nFor information on how to report a security issue, please see https://github.com/owasp-modsecurity/ModSecurity#security-issue\n" }, { "path": "build/.empty", "content": "" }, { "path": "build/ax_cxx_compile_stdcxx.m4", "content": "# ===========================================================================\n# https://www.gnu.org/software/autoconf-archive/ax_cxx_compile_stdcxx.html\n# ===========================================================================\n#\n# SYNOPSIS\n#\n# AX_CXX_COMPILE_STDCXX(VERSION, [ext|noext], [mandatory|optional])\n#\n# DESCRIPTION\n#\n# Check for baseline language coverage in the compiler for the specified\n# version of the C++ standard. If necessary, add switches to CXX and\n# CXXCPP to enable support. VERSION may be '11', '14', '17', or '20' for\n# the respective C++ standard version.\n#\n# The second argument, if specified, indicates whether you insist on an\n# extended mode (e.g. -std=gnu++11) or a strict conformance mode (e.g.\n# -std=c++11). If neither is specified, you get whatever works, with\n# preference for no added switch, and then for an extended mode.\n#\n# The third argument, if specified 'mandatory' or if left unspecified,\n# indicates that baseline support for the specified C++ standard is\n# required and that the macro should error out if no mode with that\n# support is found. If specified 'optional', then configuration proceeds\n# regardless, after defining HAVE_CXX${VERSION} if and only if a\n# supporting mode is found.\n#\n# LICENSE\n#\n# Copyright (c) 2008 Benjamin Kosnik \n# Copyright (c) 2012 Zack Weinberg \n# Copyright (c) 2013 Roy Stogner \n# Copyright (c) 2014, 2015 Google Inc.; contributed by Alexey Sokolov \n# Copyright (c) 2015 Paul Norman \n# Copyright (c) 2015 Moritz Klammler \n# Copyright (c) 2016, 2018 Krzesimir Nowak \n# Copyright (c) 2019 Enji Cooper \n# Copyright (c) 2020 Jason Merrill \n# Copyright (c) 2021 Jörn Heusipp \n#\n# Copying and distribution of this file, with or without modification, are\n# permitted in any medium without royalty provided the copyright notice\n# and this notice are preserved. This file is offered as-is, without any\n# warranty.\n\n#serial 18\n\ndnl This macro is based on the code from the AX_CXX_COMPILE_STDCXX_11 macro\ndnl (serial version number 13).\n\nAC_DEFUN([AX_CXX_COMPILE_STDCXX], [dnl\n m4_if([$1], [11], [ax_cxx_compile_alternatives=\"11 0x\"],\n [$1], [14], [ax_cxx_compile_alternatives=\"14 1y\"],\n [$1], [17], [ax_cxx_compile_alternatives=\"17 1z\"],\n [$1], [20], [ax_cxx_compile_alternatives=\"20\"],\n [m4_fatal([invalid first argument `$1' to AX_CXX_COMPILE_STDCXX])])dnl\n m4_if([$2], [], [],\n [$2], [ext], [],\n [$2], [noext], [],\n [m4_fatal([invalid second argument `$2' to AX_CXX_COMPILE_STDCXX])])dnl\n m4_if([$3], [], [ax_cxx_compile_cxx$1_required=true],\n [$3], [mandatory], [ax_cxx_compile_cxx$1_required=true],\n [$3], [optional], [ax_cxx_compile_cxx$1_required=false],\n [m4_fatal([invalid third argument `$3' to AX_CXX_COMPILE_STDCXX])])\n AC_LANG_PUSH([C++])dnl\n ac_success=no\n\n m4_if([$2], [], [dnl\n AC_CACHE_CHECK(whether $CXX supports C++$1 features by default,\n\t\t ax_cv_cxx_compile_cxx$1,\n [AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXX_COMPILE_STDCXX_testbody_$1])],\n [ax_cv_cxx_compile_cxx$1=yes],\n [ax_cv_cxx_compile_cxx$1=no])])\n if test x$ax_cv_cxx_compile_cxx$1 = xyes; then\n ac_success=yes\n fi])\n\n m4_if([$2], [noext], [], [dnl\n if test x$ac_success = xno; then\n for alternative in ${ax_cxx_compile_alternatives}; do\n switch=\"-std=gnu++${alternative}\"\n cachevar=AS_TR_SH([ax_cv_cxx_compile_cxx$1_$switch])\n AC_CACHE_CHECK(whether $CXX supports C++$1 features with $switch,\n $cachevar,\n [ac_save_CXX=\"$CXX\"\n CXX=\"$CXX $switch\"\n AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXX_COMPILE_STDCXX_testbody_$1])],\n [eval $cachevar=yes],\n [eval $cachevar=no])\n CXX=\"$ac_save_CXX\"])\n if eval test x\\$$cachevar = xyes; then\n CXX=\"$CXX $switch\"\n if test -n \"$CXXCPP\" ; then\n CXXCPP=\"$CXXCPP $switch\"\n fi\n ac_success=yes\n break\n fi\n done\n fi])\n\n m4_if([$2], [ext], [], [dnl\n if test x$ac_success = xno; then\n dnl HP's aCC needs +std=c++11 according to:\n dnl http://h21007.www2.hp.com/portal/download/files/unprot/aCxx/PDF_Release_Notes/769149-001.pdf\n dnl Cray's crayCC needs \"-h std=c++11\"\n dnl MSVC needs -std:c++NN for C++17 and later (default is C++14)\n for alternative in ${ax_cxx_compile_alternatives}; do\n for switch in -std=c++${alternative} +std=c++${alternative} \"-h std=c++${alternative}\" MSVC; do\n if test x\"$switch\" = xMSVC; then\n dnl AS_TR_SH maps both `:` and `=` to `_` so -std:c++17 would collide\n dnl with -std=c++17. We suffix the cache variable name with _MSVC to\n dnl avoid this.\n switch=-std:c++${alternative}\n cachevar=AS_TR_SH([ax_cv_cxx_compile_cxx$1_${switch}_MSVC])\n else\n cachevar=AS_TR_SH([ax_cv_cxx_compile_cxx$1_$switch])\n fi\n AC_CACHE_CHECK(whether $CXX supports C++$1 features with $switch,\n $cachevar,\n [ac_save_CXX=\"$CXX\"\n CXX=\"$CXX $switch\"\n AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXX_COMPILE_STDCXX_testbody_$1])],\n [eval $cachevar=yes],\n [eval $cachevar=no])\n CXX=\"$ac_save_CXX\"])\n if eval test x\\$$cachevar = xyes; then\n CXX=\"$CXX $switch\"\n if test -n \"$CXXCPP\" ; then\n CXXCPP=\"$CXXCPP $switch\"\n fi\n ac_success=yes\n break\n fi\n done\n if test x$ac_success = xyes; then\n break\n fi\n done\n fi])\n AC_LANG_POP([C++])\n if test x$ax_cxx_compile_cxx$1_required = xtrue; then\n if test x$ac_success = xno; then\n AC_MSG_ERROR([*** A compiler with support for C++$1 language features is required.])\n fi\n fi\n if test x$ac_success = xno; then\n HAVE_CXX$1=0\n AC_MSG_NOTICE([No compiler with C++$1 support was found])\n else\n HAVE_CXX$1=1\n AC_DEFINE(HAVE_CXX$1,1,\n [define if the compiler supports basic C++$1 syntax])\n fi\n AC_SUBST(HAVE_CXX$1)\n])\n\n\ndnl Test body for checking C++11 support\n\nm4_define([_AX_CXX_COMPILE_STDCXX_testbody_11],\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_11\n)\n\ndnl Test body for checking C++14 support\n\nm4_define([_AX_CXX_COMPILE_STDCXX_testbody_14],\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_11\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_14\n)\n\ndnl Test body for checking C++17 support\n\nm4_define([_AX_CXX_COMPILE_STDCXX_testbody_17],\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_11\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_14\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_17\n)\n\ndnl Test body for checking C++20 support\n\nm4_define([_AX_CXX_COMPILE_STDCXX_testbody_20],\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_11\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_14\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_17\n _AX_CXX_COMPILE_STDCXX_testbody_new_in_20\n)\n\n\ndnl Tests for new features in C++11\n\nm4_define([_AX_CXX_COMPILE_STDCXX_testbody_new_in_11], [[\n\n// If the compiler admits that it is not ready for C++11, why torture it?\n// Hopefully, this will speed up the test.\n\n#ifndef __cplusplus\n\n#error \"This is not a C++ compiler\"\n\n// MSVC always sets __cplusplus to 199711L in older versions; newer versions\n// only set it correctly if /Zc:__cplusplus is specified as well as a\n// /std:c++NN switch:\n// https://devblogs.microsoft.com/cppblog/msvc-now-correctly-reports-__cplusplus/\n#elif __cplusplus < 201103L && !defined _MSC_VER\n\n#error \"This is not a C++11 compiler\"\n\n#else\n\nnamespace cxx11\n{\n\n namespace test_static_assert\n {\n\n template \n struct check\n {\n static_assert(sizeof(int) <= sizeof(T), \"not big enough\");\n };\n\n }\n\n namespace test_final_override\n {\n\n struct Base\n {\n virtual ~Base() {}\n virtual void f() {}\n };\n\n struct Derived : public Base\n {\n virtual ~Derived() override {}\n virtual void f() override {}\n };\n\n }\n\n namespace test_double_right_angle_brackets\n {\n\n template < typename T >\n struct check {};\n\n typedef check single_type;\n typedef check> double_type;\n typedef check>> triple_type;\n typedef check>>> quadruple_type;\n\n }\n\n namespace test_decltype\n {\n\n int\n f()\n {\n int a = 1;\n decltype(a) b = 2;\n return a + b;\n }\n\n }\n\n namespace test_type_deduction\n {\n\n template < typename T1, typename T2 >\n struct is_same\n {\n static const bool value = false;\n };\n\n template < typename T >\n struct is_same\n {\n static const bool value = true;\n };\n\n template < typename T1, typename T2 >\n auto\n add(T1 a1, T2 a2) -> decltype(a1 + a2)\n {\n return a1 + a2;\n }\n\n int\n test(const int c, volatile int v)\n {\n static_assert(is_same::value == true, \"\");\n static_assert(is_same::value == false, \"\");\n static_assert(is_same::value == false, \"\");\n auto ac = c;\n auto av = v;\n auto sumi = ac + av + 'x';\n auto sumf = ac + av + 1.0;\n static_assert(is_same::value == true, \"\");\n static_assert(is_same::value == true, \"\");\n static_assert(is_same::value == true, \"\");\n static_assert(is_same::value == false, \"\");\n static_assert(is_same::value == true, \"\");\n return (sumf > 0.0) ? sumi : add(c, v);\n }\n\n }\n\n namespace test_noexcept\n {\n\n int f() { return 0; }\n int g() noexcept { return 0; }\n\n static_assert(noexcept(f()) == false, \"\");\n static_assert(noexcept(g()) == true, \"\");\n\n }\n\n namespace test_constexpr\n {\n\n template < typename CharT >\n unsigned long constexpr\n strlen_c_r(const CharT *const s, const unsigned long acc) noexcept\n {\n return *s ? strlen_c_r(s + 1, acc + 1) : acc;\n }\n\n template < typename CharT >\n unsigned long constexpr\n strlen_c(const CharT *const s) noexcept\n {\n return strlen_c_r(s, 0UL);\n }\n\n static_assert(strlen_c(\"\") == 0UL, \"\");\n static_assert(strlen_c(\"1\") == 1UL, \"\");\n static_assert(strlen_c(\"example\") == 7UL, \"\");\n static_assert(strlen_c(\"another\\0example\") == 7UL, \"\");\n\n }\n\n namespace test_rvalue_references\n {\n\n template < int N >\n struct answer\n {\n static constexpr int value = N;\n };\n\n answer<1> f(int&) { return answer<1>(); }\n answer<2> f(const int&) { return answer<2>(); }\n answer<3> f(int&&) { return answer<3>(); }\n\n void\n test()\n {\n int i = 0;\n const int c = 0;\n static_assert(decltype(f(i))::value == 1, \"\");\n static_assert(decltype(f(c))::value == 2, \"\");\n static_assert(decltype(f(0))::value == 3, \"\");\n }\n\n }\n\n namespace test_uniform_initialization\n {\n\n struct test\n {\n static const int zero {};\n static const int one {1};\n };\n\n static_assert(test::zero == 0, \"\");\n static_assert(test::one == 1, \"\");\n\n }\n\n namespace test_lambdas\n {\n\n void\n test1()\n {\n auto lambda1 = [](){};\n auto lambda2 = lambda1;\n lambda1();\n lambda2();\n }\n\n int\n test2()\n {\n auto a = [](int i, int j){ return i + j; }(1, 2);\n auto b = []() -> int { return '0'; }();\n auto c = [=](){ return a + b; }();\n auto d = [&](){ return c; }();\n auto e = [a, &b](int x) mutable {\n const auto identity = [](int y){ return y; };\n for (auto i = 0; i < a; ++i)\n a += b--;\n return x + identity(a + b);\n }(0);\n return a + b + c + d + e;\n }\n\n int\n test3()\n {\n const auto nullary = [](){ return 0; };\n const auto unary = [](int x){ return x; };\n using nullary_t = decltype(nullary);\n using unary_t = decltype(unary);\n const auto higher1st = [](nullary_t f){ return f(); };\n const auto higher2nd = [unary](nullary_t f1){\n return [unary, f1](unary_t f2){ return f2(unary(f1())); };\n };\n return higher1st(nullary) + higher2nd(nullary)(unary);\n }\n\n }\n\n namespace test_variadic_templates\n {\n\n template \n struct sum;\n\n template \n struct sum\n {\n static constexpr auto value = N0 + sum::value;\n };\n\n template <>\n struct sum<>\n {\n static constexpr auto value = 0;\n };\n\n static_assert(sum<>::value == 0, \"\");\n static_assert(sum<1>::value == 1, \"\");\n static_assert(sum<23>::value == 23, \"\");\n static_assert(sum<1, 2>::value == 3, \"\");\n static_assert(sum<5, 5, 11>::value == 21, \"\");\n static_assert(sum<2, 3, 5, 7, 11, 13>::value == 41, \"\");\n\n }\n\n // http://stackoverflow.com/questions/13728184/template-aliases-and-sfinae\n // Clang 3.1 fails with headers of libstd++ 4.8.3 when using std::function\n // because of this.\n namespace test_template_alias_sfinae\n {\n\n struct foo {};\n\n template\n using member = typename T::member_type;\n\n template\n void func(...) {}\n\n template\n void func(member*) {}\n\n void test();\n\n void test() { func(0); }\n\n }\n\n} // namespace cxx11\n\n#endif // __cplusplus >= 201103L\n\n]])\n\n\ndnl Tests for new features in C++14\n\nm4_define([_AX_CXX_COMPILE_STDCXX_testbody_new_in_14], [[\n\n// If the compiler admits that it is not ready for C++14, why torture it?\n// Hopefully, this will speed up the test.\n\n#ifndef __cplusplus\n\n#error \"This is not a C++ compiler\"\n\n#elif __cplusplus < 201402L && !defined _MSC_VER\n\n#error \"This is not a C++14 compiler\"\n\n#else\n\nnamespace cxx14\n{\n\n namespace test_polymorphic_lambdas\n {\n\n int\n test()\n {\n const auto lambda = [](auto&&... args){\n const auto istiny = [](auto x){\n return (sizeof(x) == 1UL) ? 1 : 0;\n };\n const int aretiny[] = { istiny(args)... };\n return aretiny[0];\n };\n return lambda(1, 1L, 1.0f, '1');\n }\n\n }\n\n namespace test_binary_literals\n {\n\n constexpr auto ivii = 0b0000000000101010;\n static_assert(ivii == 42, \"wrong value\");\n\n }\n\n namespace test_generalized_constexpr\n {\n\n template < typename CharT >\n constexpr unsigned long\n strlen_c(const CharT *const s) noexcept\n {\n auto length = 0UL;\n for (auto p = s; *p; ++p)\n ++length;\n return length;\n }\n\n static_assert(strlen_c(\"\") == 0UL, \"\");\n static_assert(strlen_c(\"x\") == 1UL, \"\");\n static_assert(strlen_c(\"test\") == 4UL, \"\");\n static_assert(strlen_c(\"another\\0test\") == 7UL, \"\");\n\n }\n\n namespace test_lambda_init_capture\n {\n\n int\n test()\n {\n auto x = 0;\n const auto lambda1 = [a = x](int b){ return a + b; };\n const auto lambda2 = [a = lambda1(x)](){ return a; };\n return lambda2();\n }\n\n }\n\n namespace test_digit_separators\n {\n\n constexpr auto ten_million = 100'000'000;\n static_assert(ten_million == 100000000, \"\");\n\n }\n\n namespace test_return_type_deduction\n {\n\n auto f(int& x) { return x; }\n decltype(auto) g(int& x) { return x; }\n\n template < typename T1, typename T2 >\n struct is_same\n {\n static constexpr auto value = false;\n };\n\n template < typename T >\n struct is_same\n {\n static constexpr auto value = true;\n };\n\n int\n test()\n {\n auto x = 0;\n static_assert(is_same::value, \"\");\n static_assert(is_same::value, \"\");\n return x;\n }\n\n }\n\n} // namespace cxx14\n\n#endif // __cplusplus >= 201402L\n\n]])\n\n\ndnl Tests for new features in C++17\n\nm4_define([_AX_CXX_COMPILE_STDCXX_testbody_new_in_17], [[\n\n// If the compiler admits that it is not ready for C++17, why torture it?\n// Hopefully, this will speed up the test.\n\n#ifndef __cplusplus\n\n#error \"This is not a C++ compiler\"\n\n#elif __cplusplus < 201703L && !defined _MSC_VER\n\n#error \"This is not a C++17 compiler\"\n\n#else\n\n#include \n#include \n#include \n\nnamespace cxx17\n{\n\n namespace test_constexpr_lambdas\n {\n\n constexpr int foo = [](){return 42;}();\n\n }\n\n namespace test::nested_namespace::definitions\n {\n\n }\n\n namespace test_fold_expression\n {\n\n template\n int multiply(Args... args)\n {\n return (args * ... * 1);\n }\n\n template\n bool all(Args... args)\n {\n return (args && ...);\n }\n\n }\n\n namespace test_extended_static_assert\n {\n\n static_assert (true);\n\n }\n\n namespace test_auto_brace_init_list\n {\n\n auto foo = {5};\n auto bar {5};\n\n static_assert(std::is_same, decltype(foo)>::value);\n static_assert(std::is_same::value);\n }\n\n namespace test_typename_in_template_template_parameter\n {\n\n template typename X> struct D;\n\n }\n\n namespace test_fallthrough_nodiscard_maybe_unused_attributes\n {\n\n int f1()\n {\n return 42;\n }\n\n [[nodiscard]] int f2()\n {\n [[maybe_unused]] auto unused = f1();\n\n switch (f1())\n {\n case 17:\n f1();\n [[fallthrough]];\n case 42:\n f1();\n }\n return f1();\n }\n\n }\n\n namespace test_extended_aggregate_initialization\n {\n\n struct base1\n {\n int b1, b2 = 42;\n };\n\n struct base2\n {\n base2() {\n b3 = 42;\n }\n int b3;\n };\n\n struct derived : base1, base2\n {\n int d;\n };\n\n derived d1 {{1, 2}, {}, 4}; // full initialization\n derived d2 {{}, {}, 4}; // value-initialized bases\n\n }\n\n namespace test_general_range_based_for_loop\n {\n\n struct iter\n {\n int i;\n\n int& operator* ()\n {\n return i;\n }\n\n const int& operator* () const\n {\n return i;\n }\n\n iter& operator++()\n {\n ++i;\n return *this;\n }\n };\n\n struct sentinel\n {\n int i;\n };\n\n bool operator== (const iter& i, const sentinel& s)\n {\n return i.i == s.i;\n }\n\n bool operator!= (const iter& i, const sentinel& s)\n {\n return !(i == s);\n }\n\n struct range\n {\n iter begin() const\n {\n return {0};\n }\n\n sentinel end() const\n {\n return {5};\n }\n };\n\n void f()\n {\n range r {};\n\n for (auto i : r)\n {\n [[maybe_unused]] auto v = i;\n }\n }\n\n }\n\n namespace test_lambda_capture_asterisk_this_by_value\n {\n\n struct t\n {\n int i;\n int foo()\n {\n return [*this]()\n {\n return i;\n }();\n }\n };\n\n }\n\n namespace test_enum_class_construction\n {\n\n enum class byte : unsigned char\n {};\n\n byte foo {42};\n\n }\n\n namespace test_constexpr_if\n {\n\n template \n int f ()\n {\n if constexpr(cond)\n {\n return 13;\n }\n else\n {\n return 42;\n }\n }\n\n }\n\n namespace test_selection_statement_with_initializer\n {\n\n int f()\n {\n return 13;\n }\n\n int f2()\n {\n if (auto i = f(); i > 0)\n {\n return 3;\n }\n\n switch (auto i = f(); i + 4)\n {\n case 17:\n return 2;\n\n default:\n return 1;\n }\n }\n\n }\n\n namespace test_template_argument_deduction_for_class_templates\n {\n\n template \n struct pair\n {\n pair (T1 p1, T2 p2)\n : m1 {p1},\n m2 {p2}\n {}\n\n T1 m1;\n T2 m2;\n };\n\n void f()\n {\n [[maybe_unused]] auto p = pair{13, 42u};\n }\n\n }\n\n namespace test_non_type_auto_template_parameters\n {\n\n template \n struct B\n {};\n\n B<5> b1;\n B<'a'> b2;\n\n }\n\n namespace test_structured_bindings\n {\n\n int arr[2] = { 1, 2 };\n std::pair pr = { 1, 2 };\n\n auto f1() -> int(&)[2]\n {\n return arr;\n }\n\n auto f2() -> std::pair&\n {\n return pr;\n }\n\n struct S\n {\n int x1 : 2;\n volatile double y1;\n };\n\n S f3()\n {\n return {};\n }\n\n auto [ x1, y1 ] = f1();\n auto& [ xr1, yr1 ] = f1();\n auto [ x2, y2 ] = f2();\n auto& [ xr2, yr2 ] = f2();\n const auto [ x3, y3 ] = f3();\n\n }\n\n namespace test_exception_spec_type_system\n {\n\n struct Good {};\n struct Bad {};\n\n void g1() noexcept;\n void g2();\n\n template\n Bad\n f(T*, T*);\n\n template\n Good\n f(T1*, T2*);\n\n static_assert (std::is_same_v);\n\n }\n\n namespace test_inline_variables\n {\n\n template void f(T)\n {}\n\n template inline T g(T)\n {\n return T{};\n }\n\n template<> inline void f<>(int)\n {}\n\n template<> int g<>(int)\n {\n return 5;\n }\n\n }\n\n} // namespace cxx17\n\n#endif // __cplusplus < 201703L && !defined _MSC_VER\n\n]])\n\n\ndnl Tests for new features in C++20\n\nm4_define([_AX_CXX_COMPILE_STDCXX_testbody_new_in_20], [[\n\n#ifndef __cplusplus\n\n#error \"This is not a C++ compiler\"\n\n#elif __cplusplus < 202002L && !defined _MSC_VER\n\n#error \"This is not a C++20 compiler\"\n\n#else\n\n#include \n\nnamespace cxx20\n{\n\n// As C++20 supports feature test macros in the standard, there is no\n// immediate need to actually test for feature availability on the\n// Autoconf side.\n\n} // namespace cxx20\n\n#endif // __cplusplus < 202002L && !defined _MSC_VER\n\n]])\n" }, { "path": "build/ax_prog_doxygen.m4", "content": "# ===========================================================================\n# http://www.gnu.org/software/autoconf-archive/ax_prog_doxygen.html\n# ===========================================================================\n#\n# SYNOPSIS\n#\n# DX_INIT_DOXYGEN(PROJECT-NAME, DOXYFILE-PATH, [OUTPUT-DIR])\n# DX_DOXYGEN_FEATURE(ON|OFF)\n# DX_DOT_FEATURE(ON|OFF)\n# DX_HTML_FEATURE(ON|OFF)\n# DX_CHM_FEATURE(ON|OFF)\n# DX_CHI_FEATURE(ON|OFF)\n# DX_MAN_FEATURE(ON|OFF)\n# DX_RTF_FEATURE(ON|OFF)\n# DX_XML_FEATURE(ON|OFF)\n# DX_PDF_FEATURE(ON|OFF)\n# DX_PS_FEATURE(ON|OFF)\n#\n# DESCRIPTION\n#\n# The DX_*_FEATURE macros control the default setting for the given\n# Doxygen feature. Supported features are 'DOXYGEN' itself, 'DOT' for\n# generating graphics, 'HTML' for plain HTML, 'CHM' for compressed HTML\n# help (for MS users), 'CHI' for generating a seperate .chi file by the\n# .chm file, and 'MAN', 'RTF', 'XML', 'PDF' and 'PS' for the appropriate\n# output formats. The environment variable DOXYGEN_PAPER_SIZE may be\n# specified to override the default 'a4wide' paper size.\n#\n# By default, HTML, PDF and PS documentation is generated as this seems to\n# be the most popular and portable combination. MAN pages created by\n# Doxygen are usually problematic, though by picking an appropriate subset\n# and doing some massaging they might be better than nothing. CHM and RTF\n# are specific for MS (note that you can't generate both HTML and CHM at\n# the same time). The XML is rather useless unless you apply specialized\n# post-processing to it.\n#\n# The macros mainly control the default state of the feature. The use can\n# override the default by specifying --enable or --disable. The macros\n# ensure that contradictory flags are not given (e.g.,\n# --enable-doxygen-html and --enable-doxygen-chm,\n# --enable-doxygen-anything with --disable-doxygen, etc.) Finally, each\n# feature will be automatically disabled (with a warning) if the required\n# programs are missing.\n#\n# Once all the feature defaults have been specified, call DX_INIT_DOXYGEN\n# with the following parameters: a one-word name for the project for use\n# as a filename base etc., an optional configuration file name (the\n# default is 'Doxyfile', the same as Doxygen's default), and an optional\n# output directory name (the default is 'doxygen-doc').\n#\n# Automake Support\n#\n# The following is a template aminclude.am file for use with Automake.\n# Make targets and variables values are controlled by the various\n# DX_COND_* conditionals set by autoconf.\n#\n# The provided targets are:\n#\n# doxygen-doc: Generate all doxygen documentation.\n#\n# doxygen-run: Run doxygen, which will generate some of the\n# documentation (HTML, CHM, CHI, MAN, RTF, XML)\n# but will not do the post processing required\n# for the rest of it (PS, PDF, and some MAN).\n#\n# doxygen-man: Rename some doxygen generated man pages.\n#\n# doxygen-ps: Generate doxygen PostScript documentation.\n#\n# doxygen-pdf: Generate doxygen PDF documentation.\n#\n# Note that by default these are not integrated into the automake targets.\n# If doxygen is used to generate man pages, you can achieve this\n# integration by setting man3_MANS to the list of man pages generated and\n# then adding the dependency:\n#\n# $(man3_MANS): doxygen-doc\n#\n# This will cause make to run doxygen and generate all the documentation.\n#\n# The following variable is intended for use in Makefile.am:\n#\n# DX_CLEANFILES = everything to clean.\n#\n# Then add this variable to MOSTLYCLEANFILES.\n#\n# ----- begin aminclude.am -------------------------------------\n#\n# ## --------------------------------- ##\n# ## Format-independent Doxygen rules. ##\n# ## --------------------------------- ##\n#\n# if DX_COND_doc\n#\n# ## ------------------------------- ##\n# ## Rules specific for HTML output. ##\n# ## ------------------------------- ##\n#\n# if DX_COND_html\n#\n# DX_CLEAN_HTML = @DX_DOCDIR@/html\n#\n# endif DX_COND_html\n#\n# ## ------------------------------ ##\n# ## Rules specific for CHM output. ##\n# ## ------------------------------ ##\n#\n# if DX_COND_chm\n#\n# DX_CLEAN_CHM = @DX_DOCDIR@/chm\n#\n# if DX_COND_chi\n#\n# DX_CLEAN_CHI = @DX_DOCDIR@/@PACKAGE@.chi\n#\n# endif DX_COND_chi\n#\n# endif DX_COND_chm\n#\n# ## ------------------------------ ##\n# ## Rules specific for MAN output. ##\n# ## ------------------------------ ##\n#\n# if DX_COND_man\n#\n# DX_CLEAN_MAN = @DX_DOCDIR@/man\n#\n# endif DX_COND_man\n#\n# ## ------------------------------ ##\n# ## Rules specific for RTF output. ##\n# ## ------------------------------ ##\n#\n# if DX_COND_rtf\n#\n# DX_CLEAN_RTF = @DX_DOCDIR@/rtf\n#\n# endif DX_COND_rtf\n#\n# ## ------------------------------ ##\n# ## Rules specific for XML output. ##\n# ## ------------------------------ ##\n#\n# if DX_COND_xml\n#\n# DX_CLEAN_XML = @DX_DOCDIR@/xml\n#\n# endif DX_COND_xml\n#\n# ## ----------------------------- ##\n# ## Rules specific for PS output. ##\n# ## ----------------------------- ##\n#\n# if DX_COND_ps\n#\n# DX_CLEAN_PS = @DX_DOCDIR@/@PACKAGE@.ps\n#\n# DX_PS_GOAL = doxygen-ps\n#\n# doxygen-ps: @DX_DOCDIR@/@PACKAGE@.ps\n#\n# @DX_DOCDIR@/@PACKAGE@.ps: @DX_DOCDIR@/@PACKAGE@.tag\n# cd @DX_DOCDIR@/latex; \\\n# rm -f *.aux *.toc *.idx *.ind *.ilg *.log *.out; \\\n# $(DX_LATEX) refman.tex; \\\n# $(MAKEINDEX_PATH) refman.idx; \\\n# $(DX_LATEX) refman.tex; \\\n# countdown=5; \\\n# while $(DX_EGREP) 'Rerun (LaTeX|to get cross-references right)' \\\n# refman.log > /dev/null 2>&1 \\\n# && test $$countdown -gt 0; do \\\n# $(DX_LATEX) refman.tex; \\\n# countdown=`expr $$countdown - 1`; \\\n# done; \\\n# $(DX_DVIPS) -o ../@PACKAGE@.ps refman.dvi\n#\n# endif DX_COND_ps\n#\n# ## ------------------------------ ##\n# ## Rules specific for PDF output. ##\n# ## ------------------------------ ##\n#\n# if DX_COND_pdf\n#\n# DX_CLEAN_PDF = @DX_DOCDIR@/@PACKAGE@.pdf\n#\n# DX_PDF_GOAL = doxygen-pdf\n#\n# doxygen-pdf: @DX_DOCDIR@/@PACKAGE@.pdf\n#\n# @DX_DOCDIR@/@PACKAGE@.pdf: @DX_DOCDIR@/@PACKAGE@.tag\n# cd @DX_DOCDIR@/latex; \\\n# rm -f *.aux *.toc *.idx *.ind *.ilg *.log *.out; \\\n# $(DX_PDFLATEX) refman.tex; \\\n# $(DX_MAKEINDEX) refman.idx; \\\n# $(DX_PDFLATEX) refman.tex; \\\n# countdown=5; \\\n# while $(DX_EGREP) 'Rerun (LaTeX|to get cross-references right)' \\\n# refman.log > /dev/null 2>&1 \\\n# && test $$countdown -gt 0; do \\\n# $(DX_PDFLATEX) refman.tex; \\\n# countdown=`expr $$countdown - 1`; \\\n# done; \\\n# mv refman.pdf ../@PACKAGE@.pdf\n#\n# endif DX_COND_pdf\n#\n# ## ------------------------------------------------- ##\n# ## Rules specific for LaTeX (shared for PS and PDF). ##\n# ## ------------------------------------------------- ##\n#\n# if DX_COND_latex\n#\n# DX_CLEAN_LATEX = @DX_DOCDIR@/latex\n#\n# endif DX_COND_latex\n#\n# .PHONY: doxygen-run doxygen-doc $(DX_PS_GOAL) $(DX_PDF_GOAL)\n#\n# .INTERMEDIATE: doxygen-run $(DX_PS_GOAL) $(DX_PDF_GOAL)\n#\n# doxygen-run: @DX_DOCDIR@/@PACKAGE@.tag\n#\n# doxygen-doc: doxygen-run $(DX_PS_GOAL) $(DX_PDF_GOAL)\n#\n# @DX_DOCDIR@/@PACKAGE@.tag: $(DX_CONFIG) $(pkginclude_HEADERS)\n# rm -rf @DX_DOCDIR@\n# $(DX_ENV) $(DX_DOXYGEN) $(srcdir)/$(DX_CONFIG)\n# echo Timestamp >$@\n#\n# DX_CLEANFILES = \\\n# @DX_DOCDIR@/@PACKAGE@.tag \\\n# -r \\\n# $(DX_CLEAN_HTML) \\\n# $(DX_CLEAN_CHM) \\\n# $(DX_CLEAN_CHI) \\\n# $(DX_CLEAN_MAN) \\\n# $(DX_CLEAN_RTF) \\\n# $(DX_CLEAN_XML) \\\n# $(DX_CLEAN_PS) \\\n# $(DX_CLEAN_PDF) \\\n# $(DX_CLEAN_LATEX)\n#\n# endif DX_COND_doc\n#\n# ----- end aminclude.am ---------------------------------------\n#\n# LICENSE\n#\n# Copyright (c) 2009 Oren Ben-Kiki \n#\n# Copying and distribution of this file, with or without modification, are\n# permitted in any medium without royalty provided the copyright notice\n# and this notice are preserved. This file is offered as-is, without any\n# warranty.\n\n#serial 13\n\n## ----------##\n## Defaults. ##\n## ----------##\n\nDX_ENV=\"\"\nAC_DEFUN([DX_FEATURE_doc], ON)\nAC_DEFUN([DX_FEATURE_dot], OFF)\nAC_DEFUN([DX_FEATURE_man], OFF)\nAC_DEFUN([DX_FEATURE_html], ON)\nAC_DEFUN([DX_FEATURE_chm], OFF)\nAC_DEFUN([DX_FEATURE_chi], OFF)\nAC_DEFUN([DX_FEATURE_rtf], OFF)\nAC_DEFUN([DX_FEATURE_xml], OFF)\nAC_DEFUN([DX_FEATURE_pdf], ON)\nAC_DEFUN([DX_FEATURE_ps], ON)\n\n## --------------- ##\n## Private macros. ##\n## --------------- ##\n\n# DX_ENV_APPEND(VARIABLE, VALUE)\n# ------------------------------\n# Append VARIABLE=\"VALUE\" to DX_ENV for invoking doxygen.\nAC_DEFUN([DX_ENV_APPEND], [AC_SUBST([DX_ENV], [\"$DX_ENV $1='$2'\"])])\n\n# DX_DIRNAME_EXPR\n# ---------------\n# Expand into a shell expression prints the directory part of a path.\nAC_DEFUN([DX_DIRNAME_EXPR],\n [[expr \".$1\" : '\\(\\.\\)[^/]*$' \\| \"x$1\" : 'x\\(.*\\)/[^/]*$']])\n\n# DX_IF_FEATURE(FEATURE, IF-ON, IF-OFF)\n# -------------------------------------\n# Expands according to the M4 (static) status of the feature.\nAC_DEFUN([DX_IF_FEATURE], [ifelse(DX_FEATURE_$1, ON, [$2], [$3])])\n\n# DX_REQUIRE_PROG(VARIABLE, PROGRAM)\n# ----------------------------------\n# Require the specified program to be found for the DX_CURRENT_FEATURE to work.\nAC_DEFUN([DX_REQUIRE_PROG], [\nAC_PATH_TOOL([$1], [$2])\nif test \"$DX_FLAG_[]DX_CURRENT_FEATURE$$1\" = 1; then\n AC_MSG_WARN([$2 not found - will not DX_CURRENT_DESCRIPTION])\n AC_SUBST(DX_FLAG_[]DX_CURRENT_FEATURE, 0)\nfi\n])\n\n# DX_TEST_FEATURE(FEATURE)\n# ------------------------\n# Expand to a shell expression testing whether the feature is active.\nAC_DEFUN([DX_TEST_FEATURE], [test \"$DX_FLAG_$1\" = 1])\n\n# DX_CHECK_DEPEND(REQUIRED_FEATURE, REQUIRED_STATE)\n# -------------------------------------------------\n# Verify that a required features has the right state before trying to turn on\n# the DX_CURRENT_FEATURE.\nAC_DEFUN([DX_CHECK_DEPEND], [\ntest \"$DX_FLAG_$1\" = \"$2\" \\\n|| AC_MSG_ERROR([doxygen-DX_CURRENT_FEATURE ifelse([$2], 1,\n requires, contradicts) doxygen-DX_CURRENT_FEATURE])\n])\n\n# DX_CLEAR_DEPEND(FEATURE, REQUIRED_FEATURE, REQUIRED_STATE)\n# ----------------------------------------------------------\n# Turn off the DX_CURRENT_FEATURE if the required feature is off.\nAC_DEFUN([DX_CLEAR_DEPEND], [\ntest \"$DX_FLAG_$1\" = \"$2\" || AC_SUBST(DX_FLAG_[]DX_CURRENT_FEATURE, 0)\n])\n\n# DX_FEATURE_ARG(FEATURE, DESCRIPTION,\n# CHECK_DEPEND, CLEAR_DEPEND,\n# REQUIRE, DO-IF-ON, DO-IF-OFF)\n# --------------------------------------------\n# Parse the command-line option controlling a feature. CHECK_DEPEND is called\n# if the user explicitly turns the feature on (and invokes DX_CHECK_DEPEND),\n# otherwise CLEAR_DEPEND is called to turn off the default state if a required\n# feature is disabled (using DX_CLEAR_DEPEND). REQUIRE performs additional\n# requirement tests (DX_REQUIRE_PROG). Finally, an automake flag is set and\n# DO-IF-ON or DO-IF-OFF are called according to the final state of the feature.\nAC_DEFUN([DX_ARG_ABLE], [\n AC_DEFUN([DX_CURRENT_FEATURE], [$1])\n AC_DEFUN([DX_CURRENT_DESCRIPTION], [$2])\n AC_ARG_ENABLE(doxygen-$1,\n [AS_HELP_STRING(DX_IF_FEATURE([$1], [--disable-doxygen-$1],\n [--enable-doxygen-$1]),\n DX_IF_FEATURE([$1], [don't $2], [$2]))],\n [\ncase \"$enableval\" in\n#(\ny|Y|yes|Yes|YES)\n AC_SUBST([DX_FLAG_$1], 1)\n $3\n;; #(\nn|N|no|No|NO)\n AC_SUBST([DX_FLAG_$1], 0)\n;; #(\n*)\n AC_MSG_ERROR([invalid value '$enableval' given to doxygen-$1])\n;;\nesac\n], [\nAC_SUBST([DX_FLAG_$1], [DX_IF_FEATURE([$1], 1, 0)])\n$4\n])\nif DX_TEST_FEATURE([$1]); then\n $5\n :\nfi\nAM_CONDITIONAL(DX_COND_$1, DX_TEST_FEATURE([$1]))\nif DX_TEST_FEATURE([$1]); then\n $6\n :\nelse\n $7\n :\nfi\n])\n\n## -------------- ##\n## Public macros. ##\n## -------------- ##\n\n# DX_XXX_FEATURE(DEFAULT_STATE)\n# -----------------------------\nAC_DEFUN([DX_DOXYGEN_FEATURE], [AC_DEFUN([DX_FEATURE_doc], [$1])])\nAC_DEFUN([DX_DOT_FEATURE], [AC_DEFUN([DX_FEATURE_dot], [$1])])\nAC_DEFUN([DX_MAN_FEATURE], [AC_DEFUN([DX_FEATURE_man], [$1])])\nAC_DEFUN([DX_HTML_FEATURE], [AC_DEFUN([DX_FEATURE_html], [$1])])\nAC_DEFUN([DX_CHM_FEATURE], [AC_DEFUN([DX_FEATURE_chm], [$1])])\nAC_DEFUN([DX_CHI_FEATURE], [AC_DEFUN([DX_FEATURE_chi], [$1])])\nAC_DEFUN([DX_RTF_FEATURE], [AC_DEFUN([DX_FEATURE_rtf], [$1])])\nAC_DEFUN([DX_XML_FEATURE], [AC_DEFUN([DX_FEATURE_xml], [$1])])\nAC_DEFUN([DX_XML_FEATURE], [AC_DEFUN([DX_FEATURE_xml], [$1])])\nAC_DEFUN([DX_PDF_FEATURE], [AC_DEFUN([DX_FEATURE_pdf], [$1])])\nAC_DEFUN([DX_PS_FEATURE], [AC_DEFUN([DX_FEATURE_ps], [$1])])\n\n# DX_INIT_DOXYGEN(PROJECT, [CONFIG-FILE], [OUTPUT-DOC-DIR])\n# ---------------------------------------------------------\n# PROJECT also serves as the base name for the documentation files.\n# The default CONFIG-FILE is \"Doxyfile\" and OUTPUT-DOC-DIR is \"doxygen-doc\".\nAC_DEFUN([DX_INIT_DOXYGEN], [\n\n# Files:\nAC_SUBST([DX_PROJECT], [$1])\nAC_SUBST([DX_CONFIG], [ifelse([$2], [], Doxyfile, [$2])])\nAC_SUBST([DX_DOCDIR], [ifelse([$3], [], doxygen-doc, [$3])])\n\n# Environment variables used inside doxygen.cfg:\nDX_ENV_APPEND(SRCDIR, $srcdir)\nDX_ENV_APPEND(PROJECT, $DX_PROJECT)\nDX_ENV_APPEND(DOCDIR, $DX_DOCDIR)\nDX_ENV_APPEND(VERSION, $PACKAGE_VERSION)\n\n# Doxygen itself:\nDX_ARG_ABLE(doc, [generate any doxygen documentation],\n [],\n [],\n [DX_REQUIRE_PROG([DX_DOXYGEN], doxygen)\n DX_REQUIRE_PROG([DX_PERL], perl)],\n [DX_ENV_APPEND(PERL_PATH, $DX_PERL)])\n\n# Dot for graphics:\nDX_ARG_ABLE(dot, [generate graphics for doxygen documentation],\n [DX_CHECK_DEPEND(doc, 1)],\n [DX_CLEAR_DEPEND(doc, 1)],\n [DX_REQUIRE_PROG([DX_DOT], dot)],\n [DX_ENV_APPEND(HAVE_DOT, YES)\n DX_ENV_APPEND(DOT_PATH, [`DX_DIRNAME_EXPR($DX_DOT)`])],\n [DX_ENV_APPEND(HAVE_DOT, NO)])\n\n# Man pages generation:\nDX_ARG_ABLE(man, [generate doxygen manual pages],\n [DX_CHECK_DEPEND(doc, 1)],\n [DX_CLEAR_DEPEND(doc, 1)],\n [],\n [DX_ENV_APPEND(GENERATE_MAN, YES)],\n [DX_ENV_APPEND(GENERATE_MAN, NO)])\n\n# RTF file generation:\nDX_ARG_ABLE(rtf, [generate doxygen RTF documentation],\n [DX_CHECK_DEPEND(doc, 1)],\n [DX_CLEAR_DEPEND(doc, 1)],\n [],\n [DX_ENV_APPEND(GENERATE_RTF, YES)],\n [DX_ENV_APPEND(GENERATE_RTF, NO)])\n\n# XML file generation:\nDX_ARG_ABLE(xml, [generate doxygen XML documentation],\n [DX_CHECK_DEPEND(doc, 1)],\n [DX_CLEAR_DEPEND(doc, 1)],\n [],\n [DX_ENV_APPEND(GENERATE_XML, YES)],\n [DX_ENV_APPEND(GENERATE_XML, NO)])\n\n# (Compressed) HTML help generation:\nDX_ARG_ABLE(chm, [generate doxygen compressed HTML help documentation],\n [DX_CHECK_DEPEND(doc, 1)],\n [DX_CLEAR_DEPEND(doc, 1)],\n [DX_REQUIRE_PROG([DX_HHC], hhc)],\n [DX_ENV_APPEND(HHC_PATH, $DX_HHC)\n DX_ENV_APPEND(GENERATE_HTML, YES)\n DX_ENV_APPEND(GENERATE_HTMLHELP, YES)],\n [DX_ENV_APPEND(GENERATE_HTMLHELP, NO)])\n\n# Seperate CHI file generation.\nDX_ARG_ABLE(chi, [generate doxygen seperate compressed HTML help index file],\n [DX_CHECK_DEPEND(chm, 1)],\n [DX_CLEAR_DEPEND(chm, 1)],\n [],\n [DX_ENV_APPEND(GENERATE_CHI, YES)],\n [DX_ENV_APPEND(GENERATE_CHI, NO)])\n\n# Plain HTML pages generation:\nDX_ARG_ABLE(html, [generate doxygen plain HTML documentation],\n [DX_CHECK_DEPEND(doc, 1) DX_CHECK_DEPEND(chm, 0)],\n [DX_CLEAR_DEPEND(doc, 1) DX_CLEAR_DEPEND(chm, 0)],\n [],\n [DX_ENV_APPEND(GENERATE_HTML, YES)],\n [DX_TEST_FEATURE(chm) || DX_ENV_APPEND(GENERATE_HTML, NO)])\n\n# PostScript file generation:\nDX_ARG_ABLE(ps, [generate doxygen PostScript documentation],\n [DX_CHECK_DEPEND(doc, 1)],\n [DX_CLEAR_DEPEND(doc, 1)],\n [DX_REQUIRE_PROG([DX_LATEX], latex)\n DX_REQUIRE_PROG([DX_MAKEINDEX], makeindex)\n DX_REQUIRE_PROG([DX_DVIPS], dvips)\n DX_REQUIRE_PROG([DX_EGREP], egrep)])\n\n# PDF file generation:\nDX_ARG_ABLE(pdf, [generate doxygen PDF documentation],\n [DX_CHECK_DEPEND(doc, 1)],\n [DX_CLEAR_DEPEND(doc, 1)],\n [DX_REQUIRE_PROG([DX_PDFLATEX], pdflatex)\n DX_REQUIRE_PROG([DX_MAKEINDEX], makeindex)\n DX_REQUIRE_PROG([DX_EGREP], egrep)])\n\n# LaTeX generation for PS and/or PDF:\nAM_CONDITIONAL(DX_COND_latex, DX_TEST_FEATURE(ps) || DX_TEST_FEATURE(pdf))\nif DX_TEST_FEATURE(ps) || DX_TEST_FEATURE(pdf); then\n DX_ENV_APPEND(GENERATE_LATEX, YES)\nelse\n DX_ENV_APPEND(GENERATE_LATEX, NO)\nfi\n\n# Paper size for PS and/or PDF:\nAC_ARG_VAR(DOXYGEN_PAPER_SIZE,\n [a4wide (default), a4, letter, legal or executive])\ncase \"$DOXYGEN_PAPER_SIZE\" in\n#(\n\"\")\n AC_SUBST(DOXYGEN_PAPER_SIZE, \"\")\n;; #(\na4wide|a4|letter|legal|executive)\n DX_ENV_APPEND(PAPER_SIZE, $DOXYGEN_PAPER_SIZE)\n;; #(\n*)\n AC_MSG_ERROR([unknown DOXYGEN_PAPER_SIZE='$DOXYGEN_PAPER_SIZE'])\n;;\nesac\n\n#For debugging:\n#echo DX_FLAG_doc=$DX_FLAG_doc\n#echo DX_FLAG_dot=$DX_FLAG_dot\n#echo DX_FLAG_man=$DX_FLAG_man\n#echo DX_FLAG_html=$DX_FLAG_html\n#echo DX_FLAG_chm=$DX_FLAG_chm\n#echo DX_FLAG_chi=$DX_FLAG_chi\n#echo DX_FLAG_rtf=$DX_FLAG_rtf\n#echo DX_FLAG_xml=$DX_FLAG_xml\n#echo DX_FLAG_pdf=$DX_FLAG_pdf\n#echo DX_FLAG_ps=$DX_FLAG_ps\n#echo DX_ENV=$DX_ENV\n])\n" }, { "path": "build/ax_valgrind_check.m4", "content": "# ===========================================================================\n# http://www.gnu.org/software/autoconf-archive/ax_valgrind_check.html\n# ===========================================================================\n#\n# SYNOPSIS\n#\n# AX_VALGRIND_DFLT(memcheck|helgrind|drd|sgcheck, on|off)\n# AX_VALGRIND_CHECK()\n#\n# DESCRIPTION\n#\n# AX_VALGRIND_CHECK checks whether Valgrind is present and, if so, allows\n# running `make check` under a variety of Valgrind tools to check for\n# memory and threading errors.\n#\n# Defines VALGRIND_CHECK_RULES which should be substituted in your\n# Makefile; and $enable_valgrind which can be used in subsequent configure\n# output. VALGRIND_ENABLED is defined and substituted, and corresponds to\n# the value of the --enable-valgrind option, which defaults to being\n# enabled if Valgrind is installed and disabled otherwise. Individual\n# Valgrind tools can be disabled via --disable-valgrind-, the\n# default is configurable via the AX_VALGRIND_DFLT command or is to use\n# all commands not disabled via AX_VALGRIND_DFLT. All AX_VALGRIND_DFLT\n# calls must be made before the call to AX_VALGRIND_CHECK.\n#\n# If unit tests are written using a shell script and automake's\n# LOG_COMPILER system, the $(VALGRIND) variable can be used within the\n# shell scripts to enable Valgrind, as described here:\n#\n# https://www.gnu.org/software/gnulib/manual/html_node/Running-self_002dtests-under-valgrind.html\n#\n# Usage example:\n#\n# configure.ac:\n#\n# AX_VALGRIND_DFLT([sgcheck], [off])\n# AX_VALGRIND_CHECK\n#\n# Makefile.am:\n#\n# @VALGRIND_CHECK_RULES@\n# VALGRIND_SUPPRESSIONS_FILES = my-project.supp\n# EXTRA_DIST = my-project.supp\n#\n# This results in a \"check-valgrind\" rule being added to any Makefile.am\n# which includes \"@VALGRIND_CHECK_RULES@\" (assuming the module has been\n# configured with --enable-valgrind). Running `make check-valgrind` in\n# that directory will run the module's test suite (`make check`) once for\n# each of the available Valgrind tools (out of memcheck, helgrind and drd)\n# while the sgcheck will be skipped unless enabled again on the\n# commandline with --enable-valgrind-sgcheck. The results for each check\n# will be output to test-suite-$toolname.log. The target will succeed if\n# there are zero errors and fail otherwise.\n#\n# Alternatively, a \"check-valgrind-$TOOL\" rule will be added, for $TOOL in\n# memcheck, helgrind, drd and sgcheck. These are useful because often only\n# some of those tools can be ran cleanly on a codebase.\n#\n# The macro supports running with and without libtool.\n#\n# LICENSE\n#\n# Copyright (c) 2014, 2015, 2016 Philip Withnall \n#\n# Copying and distribution of this file, with or without modification, are\n# permitted in any medium without royalty provided the copyright notice\n# and this notice are preserved. This file is offered as-is, without any\n# warranty.\n\n#serial 13\n\ndnl Configured tools\nm4_define([valgrind_tool_list], [[memcheck], [helgrind], [drd], [sgcheck]])\nm4_set_add_all([valgrind_exp_tool_set], [sgcheck])\nm4_foreach([vgtool], [valgrind_tool_list],\n [m4_define([en_dflt_valgrind_]vgtool, [on])])\n\nAC_DEFUN([AX_VALGRIND_DFLT],[\n\tm4_define([en_dflt_valgrind_$1], [$2])\n])dnl\n\nAC_DEFUN([AX_VALGRIND_CHECK],[\n\tdnl Check for --enable-valgrind\n\tAC_ARG_ENABLE([valgrind],\n\t [AS_HELP_STRING([--enable-valgrind], [Whether to enable Valgrind on the unit tests])],\n\t [enable_valgrind=$enableval],[enable_valgrind=])\n\n\tAS_IF([test \"$enable_valgrind\" != \"no\"],[\n\t\t# Check for Valgrind.\n\t\tAC_CHECK_PROG([VALGRIND],[valgrind],[valgrind])\n\t\tAS_IF([test \"$VALGRIND\" = \"\"],[\n\t\t\tAS_IF([test \"$enable_valgrind\" = \"yes\"],[\n\t\t\t\tAC_MSG_ERROR([Could not find valgrind; either install it or reconfigure with --disable-valgrind])\n\t\t\t],[\n\t\t\t\tenable_valgrind=no\n\t\t\t])\n\t\t],[\n\t\t\tenable_valgrind=yes\n\t\t])\n\t])\n\n\tAM_CONDITIONAL([VALGRIND_ENABLED],[test \"$enable_valgrind\" = \"yes\"])\n\tAC_SUBST([VALGRIND_ENABLED],[$enable_valgrind])\n\n\t# Check for Valgrind tools we care about.\n\t[valgrind_enabled_tools=]\n\tm4_foreach([vgtool],[valgrind_tool_list],[\n\t\tAC_ARG_ENABLE([valgrind-]vgtool,\n\t\t m4_if(m4_defn([en_dflt_valgrind_]vgtool),[off],dnl\n[AS_HELP_STRING([--enable-valgrind-]vgtool, [Whether to use ]vgtool[ during the Valgrind tests])],dnl\n[AS_HELP_STRING([--disable-valgrind-]vgtool, [Whether to skip ]vgtool[ during the Valgrind tests])]),\n\t\t [enable_valgrind_]vgtool[=$enableval],\n\t\t [enable_valgrind_]vgtool[=])\n\t\tAS_IF([test \"$enable_valgrind\" = \"no\"],[\n\t\t\tenable_valgrind_]vgtool[=no],\n\t\t [test \"$enable_valgrind_]vgtool[\" ]dnl\nm4_if(m4_defn([en_dflt_valgrind_]vgtool), [off], [= \"yes\"], [!= \"no\"]),[\n\t\t\tAC_CACHE_CHECK([for Valgrind tool ]vgtool,\n\t\t\t [ax_cv_valgrind_tool_]vgtool,[\n\t\t\t\tax_cv_valgrind_tool_]vgtool[=no\n\t\t\t\tm4_set_contains([valgrind_exp_tool_set],vgtool,\n\t\t\t\t [m4_define([vgtoolx],[exp-]vgtool)],\n\t\t\t\t [m4_define([vgtoolx],vgtool)])\n\t\t\t\tAS_IF([`$VALGRIND --tool=]vgtoolx[ --help >/dev/null 2>&1`],[\n\t\t\t\t\tax_cv_valgrind_tool_]vgtool[=yes\n\t\t\t\t])\n\t\t\t])\n\t\t\tAS_IF([test \"$ax_cv_valgrind_tool_]vgtool[\" = \"no\"],[\n\t\t\t\tAS_IF([test \"$enable_valgrind_]vgtool[\" = \"yes\"],[\n\t\t\t\t\tAC_MSG_ERROR([Valgrind does not support ]vgtool[; reconfigure with --disable-valgrind-]vgtool)\n\t\t\t\t],[\n\t\t\t\t\tenable_valgrind_]vgtool[=no\n\t\t\t\t])\n\t\t\t],[\n\t\t\t\tenable_valgrind_]vgtool[=yes\n\t\t\t])\n\t\t])\n\t\tAS_IF([test \"$enable_valgrind_]vgtool[\" = \"yes\"],[\n\t\t\tvalgrind_enabled_tools=\"$valgrind_enabled_tools ]m4_bpatsubst(vgtool,[^exp-])[\"\n\t\t])\n\t\tAC_SUBST([ENABLE_VALGRIND_]vgtool,[$enable_valgrind_]vgtool)\n\t])\n\tAC_SUBST([valgrind_tools],[\"]m4_join([ ], valgrind_tool_list)[\"])\n\tAC_SUBST([valgrind_enabled_tools],[$valgrind_enabled_tools])\n\n[VALGRIND_CHECK_RULES='\n# Valgrind check\n#\n# Optional:\n# - VALGRIND_SUPPRESSIONS_FILES: Space-separated list of Valgrind suppressions\n# files to load. (Default: empty)\n# - VALGRIND_FLAGS: General flags to pass to all Valgrind tools.\n# (Default: --num-callers=30)\n# - VALGRIND_$toolname_FLAGS: Flags to pass to Valgrind $toolname (one of:\n# memcheck, helgrind, drd, sgcheck). (Default: various)\n\n# Optional variables\nVALGRIND_SUPPRESSIONS ?= $(addprefix --suppressions=,$(VALGRIND_SUPPRESSIONS_FILES))\nVALGRIND_FLAGS ?= --num-callers=30\nVALGRIND_memcheck_FLAGS ?= --leak-check=full --show-reachable=no\nVALGRIND_helgrind_FLAGS ?= --history-level=approx\nVALGRIND_drd_FLAGS ?=\nVALGRIND_sgcheck_FLAGS ?=\n\n# Internal use\nvalgrind_log_files = $(addprefix test-suite-,$(addsuffix .log,$(valgrind_tools)))\n\nvalgrind_memcheck_flags = --tool=memcheck $(VALGRIND_memcheck_FLAGS)\nvalgrind_helgrind_flags = --tool=helgrind $(VALGRIND_helgrind_FLAGS)\nvalgrind_drd_flags = --tool=drd $(VALGRIND_drd_FLAGS)\nvalgrind_sgcheck_flags = --tool=exp-sgcheck $(VALGRIND_sgcheck_FLAGS)\n\nvalgrind_quiet = $(valgrind_quiet_$(V))\nvalgrind_quiet_ = $(valgrind_quiet_$(AM_DEFAULT_VERBOSITY))\nvalgrind_quiet_0 = --quiet\nvalgrind_v_use = $(valgrind_v_use_$(V))\nvalgrind_v_use_ = $(valgrind_v_use_$(AM_DEFAULT_VERBOSITY))\nvalgrind_v_use_0 = @echo \" USE \" $(patsubst check-valgrind-%,%,$''@):;\n\n# Support running with and without libtool.\nifneq ($(LIBTOOL),)\nvalgrind_lt = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=execute\nelse\nvalgrind_lt =\nendif\n\n# Use recursive makes in order to ignore errors during check\ncheck-valgrind:\nifeq ($(VALGRIND_ENABLED),yes)\n\t-$(A''M_V_at)$(foreach tool,$(valgrind_enabled_tools), \\\n\t\t$(MAKE) $(AM_MAKEFLAGS) -k check-valgrind-$(tool); \\\n\t)\nelse\n\t@echo \"Need to reconfigure with --enable-valgrind\"\nendif\n\n# Valgrind running\nVALGRIND_TESTS_ENVIRONMENT = \\\n\t$(TESTS_ENVIRONMENT) \\\n\tenv VALGRIND=$(VALGRIND) \\\n\tG_SLICE=always-malloc,debug-blocks \\\n\tG_DEBUG=fatal-warnings,fatal-criticals,gc-friendly\n\nVALGRIND_LOG_COMPILER = test/test-suite.sh $(VALGRIND_SUPPRESSIONS) $(VALGRIND_FLAGS)\n#\t$(valgrind_lt) \\\n#\t$(VALGRIND) $(VALGRIND_SUPPRESSIONS) --error-exitcode=1 $(VALGRIND_FLAGS)\n\ndefine valgrind_tool_rule =\ncheck-valgrind-$(1):\nifeq ($$(VALGRIND_ENABLED)-$$(ENABLE_VALGRIND_$(1)),yes-yes)\n\t$$(valgrind_v_use)$$(MAKE) check-TESTS \\\n\t\tTESTS_ENVIRONMENT=\"$$(VALGRIND_TESTS_ENVIRONMENT)\" \\\n\t\tLOG_COMPILER=\"$$(VALGRIND_LOG_COMPILER)\" \\\n\t\tLOG_FLAGS=\"$$(valgrind_$(1)_flags)\" \\\n\t\tTEST_SUITE_LOG=test-suite-$(1).log\nelse ifeq ($$(VALGRIND_ENABLED),yes)\n\t@echo \"Need to reconfigure with --enable-valgrind-$(1)\"\nelse\n\t@echo \"Need to reconfigure with --enable-valgrind\"\nendif\nendef\n\n$(foreach tool,$(valgrind_tools),$(eval $(call valgrind_tool_rule,$(tool))))\n\nA''M_DISTCHECK_CONFIGURE_FLAGS ?=\nA''M_DISTCHECK_CONFIGURE_FLAGS += --disable-valgrind\n\nMOSTLYCLEANFILES ?=\nMOSTLYCLEANFILES += $(valgrind_log_files)\n\n.PHONY: check-valgrind $(add-prefix check-valgrind-,$(valgrind_tools))\n']\n\n\tAC_SUBST([VALGRIND_CHECK_RULES])\n\tm4_ifdef([_AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE([VALGRIND_CHECK_RULES])])\n])\n" }, { "path": "build/curl.m4", "content": "dnl Check for CURL Libraries\ndnl Sets:\ndnl CURL_CFLAGS\ndnl CURL_LDADD\ndnl CURL_LDFLAGS\ndnl CURL_VERSION\ndnl CURL_DISPLAY\ndnl CURL_FOUND\n\nAC_DEFUN([CHECK_CURL], [\nMSC_CHECK_LIB([CURL], [libcurl], [curl/curl.h], [curl], [-DWITH_CURL], [7.15.1])\n\n# Post-processing: TLSv1.2 version check\nif test \"x${CURL_FOUND}\" = \"x1\" && test -n \"${CURL_VERSION}\"; then\n AC_MSG_CHECKING([if libcurl supports TLSv1.2])\n _msc_curl_tlsv2_ver=`echo 7.34.0 | awk -F. '{print (\\$ 1 * 1000000) + (\\$ 2 * 1000) + \\$ 3}'`\n _msc_curl_ver=`echo ${CURL_VERSION} | awk -F. '{print (\\$ 1 * 1000000) + (\\$ 2 * 1000) + \\$ 3}'`\n if test \"${_msc_curl_tlsv2_ver}\" -le \"${_msc_curl_ver}\" 2>/dev/null; then\n AC_MSG_RESULT([yes])\n CURL_CFLAGS=\"${CURL_CFLAGS} -DWITH_CURL_SSLVERSION_TLSv1_2\"\n else\n AC_MSG_RESULT([no])\n fi\n\n # Check/warn if GnuTLS is used\n AC_MSG_CHECKING([if libcurl is linked with gnutls])\n _msc_curl_uses_gnutls=`echo ${CURL_LDADD} | grep gnutls | wc -l`\n if test \"$_msc_curl_uses_gnutls\" -ne 0; then\n AC_MSG_RESULT([yes])\n AC_MSG_NOTICE([NOTE: curl linked with gnutls may be buggy, openssl recommended])\n else\n AC_MSG_RESULT([no])\n fi\nfi\n\n]) # AC_DEFUN [CHECK_CURL]\n" }, { "path": "build/libgeoip.m4", "content": "dnl Check for GeoIP Libraries\ndnl Sets:\ndnl GEOIP_CFLAGS\ndnl GEOIP_LDADD\ndnl GEOIP_LDFLAGS\ndnl GEOIP_VERSION\ndnl GEOIP_DISPLAY\ndnl GEOIP_FOUND\n\nAC_DEFUN([PROG_GEOIP], [\nMSC_CHECK_LIB([GEOIP], [geoip2 geoip GeoIP], [GeoIPCity.h], [GeoIP], [-DWITH_GEOIP])\n]) # AC_DEFUN [PROG_GEOIP]\n" }, { "path": "build/libmaxmind.m4", "content": "dnl Check for MaxMind Libraries\ndnl Sets:\ndnl MAXMIND_CFLAGS\ndnl MAXMIND_LDADD\ndnl MAXMIND_LDFLAGS\ndnl MAXMIND_VERSION\ndnl MAXMIND_DISPLAY\ndnl MAXMIND_FOUND\n\nAC_DEFUN([PROG_MAXMIND], [\nMSC_CHECK_LIB([MAXMIND], [libmaxminddb], [maxminddb.h], [maxminddb], [-DWITH_MAXMIND])\n]) # AC_DEFUN [PROG_MAXMIND]\n" }, { "path": "build/libxml.m4", "content": "dnl Check for LIBXML2 Libraries\ndnl Sets:\ndnl LIBXML2_CFLAGS\ndnl LIBXML2_LDADD\ndnl LIBXML2_LDFLAGS\ndnl LIBXML2_VERSION\ndnl LIBXML2_DISPLAY\ndnl LIBXML2_FOUND\n\nAC_DEFUN([CHECK_LIBXML2], [\nMSC_CHECK_LIB([LIBXML2], [libxml-2.0], [libxml/parser.h], [xml2], [-DWITH_LIBXML2], [2.6.29], [libxml])\n]) # AC_DEFUN [CHECK_LIBXML2]\n" }, { "path": "build/lmdb.m4", "content": "dnl Check for LMDB Libraries\ndnl LMDB is disabled by default; only enabled when --with-lmdb is given.\ndnl Sets:\ndnl LMDB_CFLAGS\ndnl LMDB_LDADD\ndnl LMDB_LDFLAGS\ndnl LMDB_VERSION\ndnl LMDB_DISPLAY\ndnl LMDB_FOUND\n\nAC_DEFUN([PROG_LMDB], [\n\n# LMDB is opt-in: auto-detect finds it but we only activate when\n# --with-lmdb or --with-lmdb=PATH is given explicitly.\nMSC_CHECK_LIB([LMDB], [lmdb], [lmdb.h], [lmdb], [-DWITH_LMDB])\n\n# If LMDB was found by auto-detection (no explicit --with-lmdb) treat it\n# as disabled since LMDB is opt-in.\n_msc_lmdb_with_val=\"$with_lmdb\"\nif test \"x${_msc_lmdb_with_val}\" = \"x\" && test \"x${LMDB_FOUND}\" = \"x1\"; then\n LMDB_FOUND=2\n LMDB_CFLAGS=\"\"\n LMDB_LDADD=\"\"\n LMDB_LDFLAGS=\"\"\n LMDB_DISPLAY=\"\"\n AC_MSG_NOTICE([LMDB is disabled by default. Use --with-lmdb to enable.])\nfi\n\n]) # AC_DEFUN [PROG_LMDB]\n" }, { "path": "build/lua.m4", "content": "dnl Check for LUA Libraries\ndnl Sets:\ndnl LUA_CFLAGS\ndnl LUA_LDADD\ndnl LUA_LDFLAGS\ndnl LUA_DISPLAY\ndnl LUA_FOUND\n\nAC_DEFUN([CHECK_LUA], [\nMSC_CHECK_LIB([LUA], [lua54 lua5.4 lua-5.4 lua53 lua5.3 lua-5.3 lua52 lua5.2 lua-5.2 lua51 lua5.1 lua-5.1 luajit lua], [lua.h], [lua5.4 lua5.3 lua5.2 lua5.1 luajit-5.1 lua], [-DWITH_LUA])\n\n# Post-processing: detect Lua version and add version-specific defines\nif test \"x${LUA_FOUND}\" = \"x1\"; then\n\n # Use version already detected by MSC_CHECK_LIB (from pkg-config) if available\n if test -n \"${LUA_VERSION}\" && test \"x${LUA_VERSION}\" != \"xunknown\"; then\n case ${LUA_VERSION} in\n 5.1*) LUA_CFLAGS=\"-DWITH_LUA_5_1 ${LUA_CFLAGS}\" ;;\n 5.2*) LUA_CFLAGS=\"-DWITH_LUA_5_2 ${LUA_CFLAGS}\" ;;\n 5.3*) LUA_CFLAGS=\"-DWITH_LUA_5_3 ${LUA_CFLAGS}\" ;;\n 5.4*) LUA_CFLAGS=\"-DWITH_LUA_5_4 ${LUA_CFLAGS}\" ;;\n 2.0*) LUA_CFLAGS=\"-DWITH_LUA_5_1 ${LUA_CFLAGS}\" ;;\n 2.1*) LUA_CFLAGS=\"-DWITH_LUA_5_1 -DWITH_LUA_JIT_2_1 ${LUA_CFLAGS}\" ;;\n esac\n AC_MSG_NOTICE([LUA version: ${LUA_VERSION}])\n fi\n\n # If no version detected yet, try compile tests\n if test -z \"${LUA_VERSION}\" || test \"x${LUA_VERSION}\" = \"xunknown\"; then\n LUA_VERSION=\"\"\n _msc_save_CFLAGS=$CFLAGS\n CFLAGS=\"${LUA_CFLAGS} ${CFLAGS}\"\n\n AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include ]],\n [[ #if (LUA_VERSION_NUM == 504)\n return 0;\n #else\n #error not 5.4\n #endif ]])],\n [ _msc_lua_ver=504 ], [ _msc_lua_ver=\"\" ])\n\n if test -z \"$_msc_lua_ver\"; then\n AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include ]],\n [[ #if (LUA_VERSION_NUM == 503)\n return 0;\n #else\n #error not 5.3\n #endif ]])],\n [ _msc_lua_ver=503 ], [ _msc_lua_ver=\"\" ])\n fi\n\n if test -z \"$_msc_lua_ver\"; then\n AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include ]],\n [[ #if (LUA_VERSION_NUM == 502)\n return 0;\n #else\n #error not 5.2\n #endif ]])],\n [ _msc_lua_ver=502 ], [ _msc_lua_ver=\"\" ])\n fi\n\n if test -z \"$_msc_lua_ver\"; then\n AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include ]],\n [[ #if (LUA_VERSION_NUM == 501)\n return 0;\n #else\n #error not 5.1\n #endif ]])],\n [ _msc_lua_ver=501 ], [ _msc_lua_ver=\"\" ])\n fi\n\n CFLAGS=$_msc_save_CFLAGS\n\n case $_msc_lua_ver in\n 501) LUA_CFLAGS=\"-DWITH_LUA_5_1 ${LUA_CFLAGS}\" ;;\n 502) LUA_CFLAGS=\"-DWITH_LUA_5_2 ${LUA_CFLAGS}\" ;;\n 503) LUA_CFLAGS=\"-DWITH_LUA_5_3 ${LUA_CFLAGS}\" ;;\n 504) LUA_CFLAGS=\"-DWITH_LUA_5_4 ${LUA_CFLAGS}\" ;;\n esac\n if test -n \"$_msc_lua_ver\"; then\n AC_MSG_NOTICE([LUA version from compile test: $_msc_lua_ver])\n fi\n fi\n\n LUA_DISPLAY=\"${LUA_LDADD} ${LUA_LDFLAGS}, ${LUA_CFLAGS}\"\nfi\n\n]) # AC_DEFUN [CHECK_LUA]\n" }, { "path": "build/msc_find_lib.m4", "content": "dnl MSC_CHECK_LIB: Generic library detection macro\ndnl\ndnl MSC_CHECK_LIB(NAME, PKG_NAMES, HEADER, LIB_NAMES, EXTRA_CFLAGS,\ndnl [MIN_VERSION], [WITH_NAME])\ndnl\ndnl Detects a library via pkg-config first, then falls back to manual\ndnl file-system scanning. Preserves the --with-LIB=PATH|yes|no interface.\ndnl\ndnl Sets and AC_SUBSTs:\ndnl ${NAME}_CFLAGS, ${NAME}_LDADD, ${NAME}_LDFLAGS,\ndnl ${NAME}_VERSION, ${NAME}_DISPLAY, ${NAME}_FOUND (0/1/2)\ndnl\ndnl NAME - Variable prefix (e.g., YAJL, CURL, LIBXML2)\ndnl PKG_NAMES - Space-separated pkg-config names to try\ndnl HEADER - Header file to look for (e.g., yajl/yajl_parse.h)\ndnl LIB_NAMES - Space-separated library names for -l flags\ndnl EXTRA_CFLAGS - Additional CFLAGS when found (e.g., -DWITH_YAJL)\ndnl MIN_VERSION - Optional minimum version for pkg-config check\ndnl WITH_NAME - Optional --with-X name if different from lowercased NAME\n\nAC_DEFUN([MSC_CHECK_LIB], [\nm4_pushdef([_MSC_NAME], [$1])dnl\nm4_pushdef([_MSC_PKG_NAMES], [$2])dnl\nm4_pushdef([_MSC_HEADER], [$3])dnl\nm4_pushdef([_MSC_LIB_NAMES], [$4])dnl\nm4_pushdef([_MSC_EXTRA_CFLAGS], [$5])dnl\nm4_pushdef([_MSC_MIN_VERSION], [$6])dnl\nm4_pushdef([_MSC_WITH_NAME], [m4_default([$7], m4_tolower([$1]))])dnl\nm4_pushdef([_MSC_POSSIBLE_PATHS], [/usr/local /usr /opt /opt/local /usr/lib /usr/local/lib /usr/lib64])dnl\nm4_pushdef([_MSC_POSSIBLE_EXTENSIONS], [so la sl dll dylib])dnl\n\n# Initialize variables\n$1_VERSION=\"\"\n$1_CFLAGS=\"\"\n$1_LDADD=\"\"\n$1_LDFLAGS=\"\"\n$1_DISPLAY=\"\"\n$1_FOUND=0\n_msc_[]m4_tolower($1)[]_mandatory=\"\"\n_msc_[]m4_tolower($1)[]_disabled=\"\"\n\nAC_ARG_WITH(\n _MSC_WITH_NAME,\n [AS_HELP_STRING([--with-]_MSC_WITH_NAME[=PATH],\n [Path to ]_MSC_NAME[ prefix. Use 'no' to disable.])])\n\n# Get the value of the --with flag\n_msc_with_val=\"$with_[]m4_translit(_MSC_WITH_NAME, [-], [_])\"\n\nif test \"x${_msc_with_val}\" = \"xno\"; then\n AC_MSG_NOTICE([$1 support disabled via --without-]_MSC_WITH_NAME)\n _msc_[]m4_tolower($1)[]_disabled=yes\nelif test \"x${_msc_with_val}\" = \"xyes\"; then\n _msc_[]m4_tolower($1)[]_mandatory=yes\n AC_MSG_NOTICE([$1 support marked as mandatory])\n # Try pkg-config\n _MSC_TRY_PKG_CONFIG([$1], [_MSC_PKG_NAMES], [_MSC_MIN_VERSION])\n if test -z \"${$1_VERSION}\"; then\n _MSC_TRY_MANUAL([$1], [_MSC_HEADER], [_MSC_LIB_NAMES])\n fi\nelif test \"x${_msc_with_val}\" = \"x\"; then\n # Auto-detect\n AC_MSG_NOTICE([Auto-detecting $1...])\n _MSC_TRY_PKG_CONFIG([$1], [_MSC_PKG_NAMES], [_MSC_MIN_VERSION])\n if test -z \"${$1_VERSION}\"; then\n _MSC_TRY_MANUAL([$1], [_MSC_HEADER], [_MSC_LIB_NAMES])\n fi\nelse\n # Specific path provided\n _msc_[]m4_tolower($1)[]_mandatory=yes\n _MSC_TRY_PKG_CONFIG_AT([$1], [_MSC_PKG_NAMES], [_MSC_MIN_VERSION], [${_msc_with_val}])\n if test -z \"${$1_VERSION}\"; then\n _MSC_CHECK_AT([$1], [_MSC_HEADER], [_MSC_LIB_NAMES], [${_msc_with_val}])\n fi\nfi\n\n# Evaluate results\nif test -n \"${$1_LDADD}\" || test -n \"${$1_VERSION}\"; then\n $1_FOUND=1\n AC_MSG_NOTICE([using $1 v${$1_VERSION}])\n $1_CFLAGS=\"_MSC_EXTRA_CFLAGS ${$1_CFLAGS}\"\n if test -z \"${$1_DISPLAY}\"; then\n $1_DISPLAY=\"${$1_LDADD}, ${$1_CFLAGS}\"\n fi\n AC_SUBST($1_VERSION)\n AC_SUBST($1_LDADD)\n AC_SUBST($1_LDFLAGS)\n AC_SUBST($1_CFLAGS)\n AC_SUBST($1_DISPLAY)\nelif test -n \"${_msc_[]m4_tolower($1)[]_disabled}\"; then\n $1_FOUND=2\nelif test -n \"${_msc_[]m4_tolower($1)[]_mandatory}\"; then\n AC_MSG_ERROR([$1 was explicitly requested but not found])\nelse\n AC_MSG_NOTICE([$1 library not found])\n $1_FOUND=0\nfi\n\nAC_SUBST($1_FOUND)\n\nm4_popdef([_MSC_POSSIBLE_EXTENSIONS])dnl\nm4_popdef([_MSC_POSSIBLE_PATHS])dnl\nm4_popdef([_MSC_WITH_NAME])dnl\nm4_popdef([_MSC_MIN_VERSION])dnl\nm4_popdef([_MSC_EXTRA_CFLAGS])dnl\nm4_popdef([_MSC_LIB_NAMES])dnl\nm4_popdef([_MSC_HEADER])dnl\nm4_popdef([_MSC_PKG_NAMES])dnl\nm4_popdef([_MSC_NAME])dnl\n]) # MSC_CHECK_LIB\n\n\ndnl _MSC_TRY_PKG_CONFIG(NAME, PKG_NAMES, MIN_VERSION)\ndnl Try to find the library via pkg-config\nAC_DEFUN([_MSC_TRY_PKG_CONFIG], [\nif test -n \"${PKG_CONFIG}\"; then\n _msc_pkg_name=\"\"\n for _msc_p in $2; do\n if test -n \"$3\"; then\n if ${PKG_CONFIG} --exists \"${_msc_p} >= $3\" 2>/dev/null; then\n _msc_pkg_name=\"${_msc_p}\"\n break\n fi\n else\n if ${PKG_CONFIG} --exists \"${_msc_p}\" 2>/dev/null; then\n _msc_pkg_name=\"${_msc_p}\"\n break\n fi\n fi\n done\n if test -n \"${_msc_pkg_name}\"; then\n $1_VERSION=\"`${PKG_CONFIG} ${_msc_pkg_name} --modversion`\"\n $1_CFLAGS=\"`${PKG_CONFIG} ${_msc_pkg_name} --cflags`\"\n $1_LDADD=\"`${PKG_CONFIG} ${_msc_pkg_name} --libs-only-l`\"\n $1_LDFLAGS=\"`${PKG_CONFIG} ${_msc_pkg_name} --libs-only-L --libs-only-other`\"\n $1_DISPLAY=\"${$1_LDADD}, ${$1_CFLAGS}\"\n AC_MSG_NOTICE([$1 found via pkg-config: ${_msc_pkg_name} v${$1_VERSION}])\n fi\nfi\n]) # _MSC_TRY_PKG_CONFIG\n\n\ndnl _MSC_TRY_PKG_CONFIG_AT(NAME, PKG_NAMES, MIN_VERSION, PATH)\ndnl Try pkg-config with PKG_CONFIG_PATH set to a specific location\nAC_DEFUN([_MSC_TRY_PKG_CONFIG_AT], [\nif test -n \"${PKG_CONFIG}\"; then\n _msc_save_pkg_config_path=\"${PKG_CONFIG_PATH}\"\n PKG_CONFIG_PATH=\"$4/lib/pkgconfig:$4/lib64/pkgconfig:$4/share/pkgconfig:${PKG_CONFIG_PATH}\"\n export PKG_CONFIG_PATH\n _MSC_TRY_PKG_CONFIG([$1], [$2], [$3])\n PKG_CONFIG_PATH=\"${_msc_save_pkg_config_path}\"\n export PKG_CONFIG_PATH\nfi\n]) # _MSC_TRY_PKG_CONFIG_AT\n\n\ndnl _MSC_TRY_MANUAL(NAME, HEADER, LIB_NAMES)\ndnl Try to find the library by scanning common paths\nAC_DEFUN([_MSC_TRY_MANUAL], [\nfor _msc_search_path in /usr/local /usr /opt /opt/local /usr/lib /usr/local/lib /usr/lib64; do\n _MSC_CHECK_AT([$1], [$2], [$3], [${_msc_search_path}])\n if test -n \"${$1_VERSION}\"; then\n break\n fi\n # Also check if LDADD was set (version may not always be detected manually)\n if test -n \"${$1_LDADD}\"; then\n break\n fi\ndone\n]) # _MSC_TRY_MANUAL\n\n\ndnl _MSC_CHECK_AT(NAME, HEADER, LIB_NAMES, PATH)\ndnl Check for a library at a specific path\nAC_DEFUN([_MSC_CHECK_AT], [\n_msc_check_lib_path=\"\"\n_msc_check_lib_name=\"\"\n_msc_check_lib_file=\"\"\n_msc_check_inc_path=\"\"\n\n# Search for library files\nfor _msc_ext in so la sl dll dylib; do\n for _msc_ln in $3; do\n for _msc_try_path in \\\n \"$4/lib${_msc_ln}.${_msc_ext}\" \\\n \"$4/lib/lib${_msc_ln}.${_msc_ext}\" \\\n \"$4/lib64/lib${_msc_ln}.${_msc_ext}\" \\\n \"$4/lib/x86_64-linux-gnu/lib${_msc_ln}.${_msc_ext}\" \\\n \"$4/lib/i386-linux-gnu/lib${_msc_ln}.${_msc_ext}\"; do\n if test -e \"${_msc_try_path}\"; then\n _msc_check_lib_path=\"`dirname ${_msc_try_path}`\"\n _msc_check_lib_name=\"${_msc_ln}\"\n _msc_check_lib_file=\"${_msc_try_path}\"\n break 3\n fi\n done\n done\ndone\n\n# Search for header file\n_msc_header_base=\"`basename $2`\"\n_msc_header_dir=\"`dirname $2`\"\nif test \"${_msc_header_dir}\" = \".\"; then\n # Simple header name (e.g., \"lmdb.h\")\n if test -e \"$4/include/$2\"; then\n _msc_check_inc_path=\"$4/include\"\n elif test -e \"$4/$2\"; then\n _msc_check_inc_path=\"$4\"\n fi\nelse\n # Header with subdirectory (e.g., \"yajl/yajl_parse.h\")\n if test -e \"$4/include/$2\"; then\n _msc_check_inc_path=\"$4/include\"\n elif test -e \"$4/$2\"; then\n _msc_check_inc_path=\"$4\"\n fi\nfi\n\nif test -n \"${_msc_check_lib_path}\" && test -n \"${_msc_check_inc_path}\"; then\n AC_MSG_NOTICE([$1 headers found at: ${_msc_check_inc_path}])\n AC_MSG_NOTICE([$1 library found at: ${_msc_check_lib_file}])\n $1_CFLAGS=\"-I${_msc_check_inc_path}\"\n $1_LDADD=\"-l${_msc_check_lib_name}\"\n $1_LDFLAGS=\"-L${_msc_check_lib_path}\"\n $1_DISPLAY=\"${_msc_check_lib_file}, ${_msc_check_inc_path}\"\n # Version is unknown from manual detection\n if test -z \"${$1_VERSION}\"; then\n $1_VERSION=\"unknown\"\n fi\nfi\n]) # _MSC_CHECK_AT\n\n\ndnl MSC_STATUS_LIB(DISPLAY_NAME, VAR_PREFIX)\ndnl Print a status line for the configure summary\nAC_DEFUN([MSC_STATUS_LIB], [\nif test \"x${$2_FOUND}\" = \"x0\"; then\n echo \" + $1 ....not found\"\nfi\nif test \"x${$2_FOUND}\" = \"x1\"; then\n AS_ECHO_N([\" + $1 ....found \"])\n if ! test \"x${$2_VERSION}\" = \"x\"; then\n echo \"v${$2_VERSION}\"\n else\n echo \"\"\n fi\n echo \" ${$2_DISPLAY}\"\nfi\nif test \"x${$2_FOUND}\" = \"x2\"; then\n echo \" + $1 ....disabled\"\nfi\n]) # MSC_STATUS_LIB\n\n\ndnl MSC_ARG_ENABLE_BOOL(NAME, HELP_TEXT, DEFAULT, VARIABLE)\ndnl Wrapper for boolean AC_ARG_ENABLE options\nAC_DEFUN([MSC_ARG_ENABLE_BOOL], [\nAC_ARG_ENABLE($1,\n [AS_HELP_STRING([--enable-$1],[$2])],\n [case \"${enableval}\" in\n yes) $4=true ;;\n no) $4=false ;;\n *) AC_MSG_ERROR([bad value ${enableval} for --enable-$1]) ;;\n esac],\n [$4=$3])\n]) # MSC_ARG_ENABLE_BOOL\n" }, { "path": "build/pcre.m4", "content": "dnl Check for PCRE Libraries\ndnl Sets:\ndnl PCRE_CFLAGS\ndnl PCRE_LDADD\ndnl PCRE_LDFLAGS\ndnl PCRE_VERSION\ndnl PCRE_FOUND\n\nPCRE_CONFIG=\"\"\nPCRE_VERSION=\"\"\nPCRE_CPPFLAGS=\"\"\nPCRE_CFLAGS=\"\"\nPCRE_LDFLAGS=\"\"\nPCRE_LDADD=\"\"\nPCRE_LD_PATH=\"\"\n\nAC_DEFUN([CHECK_PCRE], [\nMSC_CHECK_LIB([PCRE], [libpcre], [pcre.h], [pcre], [-DWITH_PCRE])\n\n# Post-processing: JIT detection\nif test \"x${PCRE_FOUND}\" = \"x1\" && test -n \"${PCRE_VERSION}\"; then\n AC_MSG_CHECKING([for PCRE JIT])\n _msc_save_CFLAGS=$CFLAGS\n _msc_save_LDFLAGS=$LDFLAGS\n _msc_save_LIBS=$LIBS\n CFLAGS=\"${PCRE_CFLAGS} ${CFLAGS}\"\n LDFLAGS=\"${PCRE_LDADD} ${LDFLAGS}\"\n LIBS=\"${PCRE_LDADD} ${LIBS}\"\n AC_LINK_IFELSE(\n [AC_LANG_PROGRAM([[ #include ]],\n [[ pcre_jit_exec(NULL, NULL, NULL, 0, 0, 0, NULL, 0, NULL); ]])],\n [ _msc_pcre_jit_available=yes ],\n [:]\n )\n if test \"x$_msc_pcre_jit_available\" = \"xyes\"; then\n AC_MSG_RESULT([yes])\n PCRE_CFLAGS=\"${PCRE_CFLAGS} -DPCRE_HAVE_JIT\"\n else\n AC_MSG_RESULT([no])\n fi\n CFLAGS=$_msc_save_CFLAGS\n LDFLAGS=$_msc_save_LDFLAGS\n LIBS=$_msc_save_LIBS\nfi\n\nAC_SUBST(PCRE_CONFIG)\nAC_SUBST(PCRE_CPPFLAGS)\nAC_SUBST(PCRE_LD_PATH)\n\n]) # AC_DEFUN [CHECK_PCRE]\n" }, { "path": "build/pcre2.m4", "content": "dnl Check for PCRE2 Libraries\ndnl PCRE2 is enabled by default (mandatory unless --with-pcre is used).\ndnl Sets:\ndnl PCRE2_CFLAGS\ndnl PCRE2_LDADD\ndnl PCRE2_LDFLAGS\ndnl PCRE2_VERSION\ndnl PCRE2_DISPLAY\ndnl PCRE2_FOUND\n\nAC_DEFUN([PROG_PCRE2], [\nMSC_CHECK_LIB([PCRE2], [libpcre2-8 pcre2-8 pcre2], [pcre2.h], [pcre2-8], [])\n]) # AC_DEFUN [PROG_PCRE2]\n" }, { "path": "build/release.sh", "content": "#!/bin/bash\n\ngit clean -xfdi\ngit submodule foreach --recursive git clean -xfdi\n\nVERSION=`git describe --tags`\nDIR_NAME=\"modsecurity-$VERSION\"\nTAR_NAME=\"modsecurity-$VERSION.tar.gz\"\n\nMY_DIR=${PWD##*/}\n./build.sh\n\ncd ..\ntar --transform \"s/^$MY_DIR/$DIR_NAME/\" -cvzf $TAR_NAME --exclude .git $MY_DIR\n\nsha256sum $TAR_NAME > $TAR_NAME.sha256\ngpg --detach-sign -a $TAR_NAME\n\ncd -\necho $TAR_NAME \": done.\"\n\n" }, { "path": "build/ssdeep.m4", "content": "dnl Check for SSDEEP Libraries\ndnl Sets:\ndnl SSDEEP_CFLAGS\ndnl SSDEEP_LDADD\ndnl SSDEEP_LDFLAGS\ndnl SSDEEP_DISPLAY\ndnl SSDEEP_FOUND\n\nAC_DEFUN([CHECK_SSDEEP], [\nMSC_CHECK_LIB([SSDEEP], [fuzzy], [fuzzy.h], [fuzzy], [-DWITH_SSDEEP])\n]) # AC_DEFUN [CHECK_SSDEEP]\n" }, { "path": "build/win32/CMakeLists.txt", "content": "cmake_minimum_required(VERSION 3.24)\n\nset(BASE_DIR ${CMAKE_CURRENT_LIST_DIR}/../..)\n\noption(WITH_LMDB \"Include LMDB support\" OFF)\noption(WITH_LUA \"Include LUA support\" ON)\noption(WITH_LIBXML2 \"Include LibXML2 support\" ON)\noption(WITH_MAXMIND \"Include MaxMind support\" ON)\noption(WITH_CURL \"Include CURL support\" ON)\n\noption(USE_ASAN \"Build with Address Sanitizer\" OFF)\n\n# common compiler settings\n\n# NOTE: MBEDTLS_CONFIG_FILE is not only required to compile the mbedtls subset in others, but also\n# when their headers are included while compiling libModSecurity\nadd_compile_definitions(WIN32 _CRT_SECURE_NO_WARNINGS MBEDTLS_CONFIG_FILE=\"mbedtls/mbedtls_config.h\")\n\n# set standards conformance preprocessor & compiler to align with cross-compiled codebase\n# NOTE: otherwise visual c++'s default compiler/preprocessor behaviour generates C4067 warnings\n# (unexpected tokens following preprocessor directive - expected a newline)\nadd_compile_options(/Zc:preprocessor /permissive-)\n\nif(USE_ASAN)\n add_compile_options(/fsanitize=address)\n add_link_options(/INFERASANLIBS /INCREMENTAL:no)\nendif()\n\n# libinjection\n\nproject(libinjection C)\n\nset(LIBINJECTION_DIR ${BASE_DIR}/others/libinjection)\n\nadd_library(libinjection STATIC ${LIBINJECTION_DIR}/src/libinjection_sqli.c ${LIBINJECTION_DIR}/src/libinjection_xss.c ${LIBINJECTION_DIR}/src/libinjection_html5.c)\n\n# get libinjection version with git describe\nexecute_process(\n COMMAND git describe\n WORKING_DIRECTORY ${LIBINJECTION_DIR}\n OUTPUT_VARIABLE LIBINJECTION_VERSION\n OUTPUT_STRIP_TRAILING_WHITESPACE\n)\n\nmessage(\"-- Detecting libinjection version - ${LIBINJECTION_VERSION}\")\n\ntarget_compile_definitions(libinjection PRIVATE LIBINJECTION_VERSION=\"${LIBINJECTION_VERSION}\")\n\n# mbedtls (mbedcrypto)\n\nproject(mbedcrypto C)\n\nset(MBEDTLS_DIR ${BASE_DIR}/others/mbedtls)\n\nadd_library(mbedcrypto STATIC ${MBEDTLS_DIR}/library/base64.c ${MBEDTLS_DIR}/library/sha1.c ${MBEDTLS_DIR}/library/md5.c ${MBEDTLS_DIR}/library/platform_util.c ${MBEDTLS_DIR}/library/constant_time.c)\n\ntarget_include_directories(mbedcrypto PRIVATE ${MBEDTLS_DIR}/include)\n\n# get mbedtls version with git describe\nexecute_process(\n COMMAND git describe\n WORKING_DIRECTORY ${MBEDTLS_DIR}\n OUTPUT_VARIABLE MBEDTLS_VERSION\n OUTPUT_STRIP_TRAILING_WHITESPACE\n)\n\nmessage(\"-- Detecting Mbed TLS version - ${MBEDTLS_VERSION}\")\n\n#\n# libModSecurity\n#\n\nproject(libModSecurity\n VERSION\n 3.0.12\n LANGUAGES\n CXX\n)\n\nset(CMAKE_CXX_STANDARD 17)\nset(CMAKE_CXX_STANDARD_REQUIRED On)\nset(CMAKE_CXX_EXTENSIONS Off)\n\nset(PACKAGE_BUGREPORT \"security@modsecurity.org\")\nset(PACKAGE_NAME \"modsecurity\")\nset(PACKAGE_VERSION \"${PROJECT_VERSION}\")\nset(PACKAGE_STRING \"${PACKAGE_NAME} ${PACKAGE_VERSION}\")\nset(PACKAGE_TARNAME \"${PACKAGE_NAME}\")\n\nset(HAVE_YAJL 1) # should always be one, mandatory dependency\nset(HAVE_GEOIP 0) # should always be zero, no conan package available\nset(HAVE_SSDEEP 0) # should always be zero, no conan package available\n\nmacro(enable_feature flag option)\n if(${option})\n set(${flag} 1) # ON\n else()\n set(${flag} 0) # OFF\n endif()\nendmacro()\n\nenable_feature(HAVE_LMDB ${WITH_LMDB})\nenable_feature(HAVE_LUA ${WITH_LUA})\nenable_feature(HAVE_LIBXML2 ${WITH_LIBXML2})\nenable_feature(HAVE_MAXMIND ${WITH_MAXMIND})\nenable_feature(HAVE_CURL ${WITH_CURL})\n\ninclude(${CMAKE_CURRENT_LIST_DIR}/ConfigureChecks.cmake)\n\nconfigure_file(config.h.cmake ${BASE_DIR}/src/config.h)\n\nfind_package(PCRE2 REQUIRED)\nfind_package(Poco REQUIRED)\nfind_package(dirent REQUIRED)\t\t# used only by tests (check dirent::dirent refernces)\n\nmacro(include_package package flag)\n if(${flag})\n find_package(${package} REQUIRED)\n endif()\nendmacro()\n\ninclude_package(yajl HAVE_YAJL)\ninclude_package(libxml2 HAVE_LIBXML2)\ninclude_package(lua HAVE_LUA)\ninclude_package(CURL HAVE_CURL)\ninclude_package(lmdb HAVE_LMDB)\ninclude_package(maxminddb HAVE_MAXMIND)\n\n# library\n#\n\n# NOTE: required to generate libModSecurity's import library (libModSecurity.lib), used by tests to link with shared library\nset(CMAKE_WINDOWS_EXPORT_ALL_SYMBOLS ON)\n\nfile(GLOB_RECURSE libModSecuritySources ${BASE_DIR}/src/*.cc)\n\nadd_library(libModSecurity SHARED ${libModSecuritySources})\n\ntarget_compile_definitions(libModSecurity PRIVATE WITH_PCRE2)\ntarget_include_directories(libModSecurity PRIVATE ${BASE_DIR} ${BASE_DIR}/headers ${BASE_DIR}/others ${MBEDTLS_DIR}/include)\ntarget_link_libraries(libModSecurity PRIVATE pcre2::pcre2 libinjection mbedcrypto Poco::Poco Iphlpapi.lib)\n\nmacro(add_package_dependency project compile_definition link_library flag)\n if(${flag})\n target_compile_definitions(${project} PRIVATE ${compile_definition})\n target_link_libraries(${project} PRIVATE ${link_library})\n endif()\nendmacro()\n\nadd_package_dependency(libModSecurity WITH_YAJL yajl::yajl HAVE_YAJL)\nadd_package_dependency(libModSecurity WITH_LIBXML2 LibXml2::LibXml2 HAVE_LIBXML2)\nadd_package_dependency(libModSecurity WITH_LUA lua::lua HAVE_LUA)\nif(HAVE_LUA)\n target_compile_definitions(libModSecurity PRIVATE WITH_LUA_5_4)\nendif()\nadd_package_dependency(libModSecurity MSC_WITH_CURL CURL::libcurl HAVE_CURL)\nadd_package_dependency(libModSecurity WITH_LMDB lmdb::lmdb HAVE_LMDB)\nadd_package_dependency(libModSecurity WITH_MAXMIND maxminddb::maxminddb HAVE_MAXMIND)\n\n# tests\n#\n\nproject(libModSecurityTests)\n\nfunction(setTestTargetProperties executable)\n target_compile_definitions(${executable} PRIVATE WITH_PCRE2)\n target_include_directories(${executable} PRIVATE ${BASE_DIR} ${BASE_DIR}/headers)\n target_link_libraries(${executable} PRIVATE libModSecurity pcre2::pcre2 dirent::dirent)\n add_package_dependency(${executable} WITH_YAJL yajl::yajl HAVE_YAJL)\nendfunction()\n\n# unit tests\nfile(GLOB unitTestSources ${BASE_DIR}/test/unit/*.cc)\nadd_executable(unit_tests ${unitTestSources} ${BASE_DIR}/test/common/custom_debug_log.cc)\nsetTestTargetProperties(unit_tests)\ntarget_compile_options(unit_tests PRIVATE /wd4805)\n\n# regression tests\nfile(GLOB regressionTestsSources ${BASE_DIR}/test/regression/*.cc)\nadd_executable(regression_tests ${regressionTestsSources} ${BASE_DIR}/test/common/custom_debug_log.cc)\nsetTestTargetProperties(regression_tests)\n\nmacro(add_regression_test_capability compile_definition flag)\n if(${flag})\n target_compile_definitions(regression_tests PRIVATE ${compile_definition})\n endif()\nendmacro()\n\nadd_regression_test_capability(WITH_LUA HAVE_LUA)\nadd_regression_test_capability(WITH_CURL HAVE_CURL)\nadd_regression_test_capability(WITH_LMDB HAVE_LMDB)\nadd_regression_test_capability(WITH_MAXMIND HAVE_MAXMIND)\n\nenable_testing()\n\nfile(READ ${BASE_DIR}/test/test-suite.in TEST_FILES_RAW)\nstring(REPLACE \"\\n\" \";\" TEST_FILES ${TEST_FILES_RAW})\n\nforeach(TEST_FILE ${TEST_FILES})\n # ignore comment lines\n string(FIND ${TEST_FILE} \"#\" is_comment)\n if(NOT is_comment EQUAL 0)\n string(FIND ${TEST_FILE} \"TESTS+=\" is_valid_prefix)\n if(NOT is_valid_prefix EQUAL 0)\n message(FATAL_ERROR \"Invalid prefix in line: ${TEST_FILE}\")\n endif()\n\n # remove 'TESTS+=' prefix and 'test/' too because tests are launched\n # from that directory\n string(SUBSTRING ${TEST_FILE} 12 -1 TEST_FILE)\n\n # test name\n get_filename_component(TEST_NAME ${TEST_FILE} NAME_WE)\n\n # determine test runner based on test path prefix\n string(FIND ${TEST_FILE} \"test-cases/regression/\" is_regression_test)\n if(is_regression_test EQUAL 0)\n set(TEST_RUNNER \"regression_tests\")\n else()\n set(TEST_RUNNER \"unit_tests\")\n endif()\n\n add_test(NAME ${TEST_NAME} COMMAND ${TEST_RUNNER} ${TEST_FILE} WORKING_DIRECTORY ${BASE_DIR}/test)\n endif()\nendforeach()\n\n# benchmark\nadd_executable(benchmark ${BASE_DIR}/test/benchmark/benchmark.cc)\nsetTestTargetProperties(benchmark)\n\n# rules_optimization\nadd_executable(rules_optimization ${BASE_DIR}/test/optimization/optimization.cc)\nsetTestTargetProperties(rules_optimization)\n\n\n# examples\n#\n\nproject(libModSecurityExamples)\n\nfunction(setExampleTargetProperties executable)\n target_include_directories(${executable} PRIVATE ${BASE_DIR} ${BASE_DIR}/headers)\n target_link_libraries(${executable} PRIVATE libModSecurity)\nendfunction()\n\n# simple_example_using_c\nadd_executable(simple_example_using_c ${BASE_DIR}/examples/simple_example_using_c/test.c)\nsetExampleTargetProperties(simple_example_using_c)\n\n# using_bodies_in_chunks\nadd_executable(using_bodies_in_chunks ${BASE_DIR}/examples/using_bodies_in_chunks/simple_request.cc)\nsetExampleTargetProperties(using_bodies_in_chunks)\n\n# reading_logs_via_rule_message\nadd_executable(reading_logs_via_rule_message ${BASE_DIR}/examples/reading_logs_via_rule_message/simple_request.cc)\nsetExampleTargetProperties(reading_logs_via_rule_message)\n\n# reading_logs_with_offset\nadd_executable(reading_logs_with_offset ${BASE_DIR}/examples/reading_logs_with_offset/read.cc)\nsetExampleTargetProperties(reading_logs_with_offset)\n\n# multithread\nadd_executable(multithread ${BASE_DIR}/examples/multithread/multithread.cc)\nsetExampleTargetProperties(multithread)\n\n# tools\n#\n\n# rules_check\nadd_executable(rules_check ${BASE_DIR}/tools/rules-check/rules-check.cc)\ntarget_include_directories(rules_check PRIVATE ${BASE_DIR} ${BASE_DIR}/headers)\ntarget_link_libraries(rules_check PRIVATE libModSecurity)\n" }, { "path": "build/win32/ConfigureChecks.cmake", "content": "include(CheckIncludeFile)\ninclude(CheckIncludeFiles)\n\ncheck_include_file(\"dlfcn.h\" HAVE_DLFCN_H)\ncheck_include_file(\"inttypes.h\" HAVE_INTTYPES_H)\ncheck_include_file(\"stdint.h\" HAVE_STDINT_H)\ncheck_include_file(\"stdio.h\" HAVE_STDIO_H)\ncheck_include_file(\"stdlib.h\" HAVE_STDLIB_H)\ncheck_include_file(\"string\" HAVE_STRING)\ncheck_include_file(\"strings.h\" HAVE_STRINGS_H)\ncheck_include_file(\"string.h\" HAVE_STRING_H)\ncheck_include_file(\"sys/stat.h\" HAVE_SYS_STAT_H)\ncheck_include_file(\"sys/types.h\" HAVE_SYS_TYPES_H)\ncheck_include_file(\"sys/utsname.h\" HAVE_SYS_UTSNAME_H)\ncheck_include_file(\"unistd.h\" HAVE_UNISTD_H)\n\n#/* Define to 1 if you have the ANSI C header files. */\ncheck_include_files(\"stdlib.h;stdarg.h;string.h;float.h\" STDC_HEADERS)\n" }, { "path": "build/win32/README.md", "content": "# libModSecurity Windows build information \n\nThe Windows build of libModSecurity uses Build Tools for Visual Studio 2022 (for Visual C++ & CMake) and Conan package manager.\n\n## Contents \n\n- [Prerequisites](#prerequisites)\n- [Build](#build)\n - [Optional features](#optional-features)\n - [Address Sanitizer](#address-sanitizer)\n - [Docker container](#docker-container)\n\n## Prerequisites\n\n * [Build Tools for Visual Studio 2022](https://aka.ms/vs/17/release/vs_buildtools.exe)\n * Install *Desktop development with C++* workload, which includes:\n * MSVC C++ compiler\n * Windows SDK\n * CMake\n * Address Sanitizer\n * [Conan package manager 2.10.2](https://github.com/conan-io/conan/releases/download/2.10.2/conan-2.10.2-windows-x86_64-installer.exe)\n * Install and then setup the default Conan profile to use the MSVC C++ compiler:\n 1. Open a command-prompt and set the MSVC C++ compiler environment by executing: `C:\\BuildTools\\VC\\Auxiliary\\Build\\vcvars64.bat`\n 2. Execute: `conan profile detect --force`\n * [Git for Windows 2.44.0](https://github.com/git-for-windows/git/releases/download/v2.44.0.windows.1/Git-2.44.0-64-bit.exe)\n * To clone the libModSecurity repository.\n * NOTE: Make sure to initialize and update submodules (to get `libinjection` and regression tests)\n * `git submodule init`\n * `git submodule update`\n\n## Build\n\nInstall the prerequisites listed in the previous section, checkout libModSecurity and from the directory where it's located execute:\n\n```\nvcbuild.bat [build_configuration] [arch] [USE_ASAN]\n```\n\nwhere `[build_configuration]` can be: `Release` (default), `RelWithDebInfo`, `MinSizeRel` or `Debug`, and `[arch]` can be: `x86_64` (default) or `x86`.\n\nBuilt files will be located in the directory: `build\\win32\\build\\[build_configuration]` and include:\n\n * `libModSecurity.dll`\n * Executable files for test projects\n * `unit_tests.exe`\n * `regression_tests.exe`\n * `benchmark.exe` \n * `rules_optimization.exe`\n * Executable files for examples\n * `simple_example_using_c.exe`\n * `using_bodies_in_chunks.exe`\n * `reading_logs_via_rule_message.exe`\n * `reading_logs_with_offset.exe`\n * `multithread.exe`\n * Executable files for tools\n * `rules_check.exe`\n\nNOTE: When building a different configuration, it's recommended to reset:\n\n * the build directory: `build\\win32\\build`\n * previously built conan packages executing the command:\n * `conan remove * -c`\n\n### Optional features\n\nBy default the following all the following features are enabled by including the associated third-party library through a Conan package:\n\n * libxml2 2.12.6 for XML processing support\n * libcurl 8.6.0 to support http requests from rules\n * libmaxminddb 1.9.1 to support reading MaxMind DB files.\n * LUA 5.4.6 to enable rules to run scripts in this language for extensibility\n * lmdb 0.9.31 in-memory database\n\nEach of these can be turned off by updating the associated `HAVE_xxx` variable (setting it to zero) in the beginning of the libModSecurity section of `CMakeLists.txt`.\n\n### Address Sanitizer\n\n[AddressSanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizer) (aka ASan) is a memory error detector for C/C++.\n\nTo generate a build with *Address Sanitizer*, add the `USE_ASAN` optional third argument to `vcbuild.bat`. For example:\n * `vcbuild.bat Debug x86_64 USE_ASAN`\n\nNOTE: `USE_ASAN` does not work with `Release` & `MinSizeRel` configurations because they do not include debug info (it is only compatible with `Debug` & `RelWithDebInfo` builds).\n\n * References\n * [AddressSanitizer | Microsoft Learn](https://learn.microsoft.com/en-us/cpp/sanitizers/asan?view=msvc-170)\n * [AddressSanitizer for Windows: x64 and Debug Build Support - C++ Team Blog (microsoft.com)](https://devblogs.microsoft.com/cppblog/asan-for-windows-x64-and-debug-build-support/)\n * [AddressSanitizer language, build, and debugging reference | Microsoft Learn](https://learn.microsoft.com/en-us/cpp/sanitizers/asan-building?view=msvc-170)\n\n### Docker container\n\nA `Dockerfile` configuration file is provided in the `docker` subdir that creates a Windows container image which installs the [prerequisites](#prerequisites) and builds libModSecurity and other binaries.\n\nNOTE: Windows containers are supported in Docker Desktop for Windows, using the *Switch to Windows containers...* option on the context menu of the system tray icon.\n\nTo build the docker image, execute the following command (from the `build\\win32\\docker` directory):\n\n * `docker build -t libmodsecurity:latest -m 4GB .`\n * Build type, architecture and build with Address Sanitizer can be configured through build arguments (`BUILD_TYPE`, `ARCH` & `USE_ASAN` respectively). For example, to generate a debug build, add the following argument:\n * `--build-arg BUILD_TYPE=Debug`\n\nOnce the image is generated, the library and associated binaries (tests & examples) are located in the `C:\\src\\ModSecurity\\build\\win32\\build\\[build_type]` directory.\n\nTo extract the library (`libModSecurity.dll`) from the image, you can execute the following commands:\n\n * `docker container create --name [container_name] libmodsecurity`\n * `docker cp [container_name]:C:\\src\\ModSecurity\\build\\win32\\build\\[build_type]\\libModSecurity.dll .`\n * NOTE: If you leave out the `libModSecurity.dll` filename out, you can copy all the built binaries (including examples & tests).\n\nAdditionally, the image can be used interactively for additional development work by executing:\n\n * `docker run -it libmodsecurity`\n" }, { "path": "build/win32/conanfile.txt", "content": "[requires]\nyajl/2.1.0\npcre2/10.42\nlibxml2/2.12.6\nlua/5.4.6\nlibcurl/8.6.0\nlmdb/0.9.31\nlibmaxminddb/1.9.1\ndirent/1.24\npoco/1.13.3\n\n[generators]\nCMakeDeps\nCMakeToolchain\n" }, { "path": "build/win32/config.h.cmake", "content": "/* config.h.cmake. Based upon generated config.h.in. */\n\n#ifndef MODSECURITY_CONFIG_H\n#define MODSECURITY_CONFIG_H 1\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_DLFCN_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_INTTYPES_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_IOSTREAM\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_STDINT_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_STDIO_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_STDLIB_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_STRING\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_STRINGS_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_STRING_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_SYS_STAT_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_SYS_TYPES_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_SYS_UTSNAME_H\n\n/* Define to 1 if you have the header file. */\n#cmakedefine HAVE_UNISTD_H\n\n/* Define if GeoIP is available */\n#cmakedefine HAVE_GEOIP\n\n/* Define if LMDB is available */\n#cmakedefine HAVE_LMDB\n\n/* Define if LUA is available */\n#cmakedefine HAVE_LUA\n\n/* Define if MaxMind is available */\n#cmakedefine HAVE_MAXMIND\n\n/* Define if SSDEEP is available */\n#cmakedefine HAVE_SSDEEP\n\n/* Define if YAJL is available */\n#cmakedefine HAVE_YAJL\n\n/* Define if libcurl is available */\n#cmakedefine HAVE_CURL\n\n/* Name of package */\n#define PACKAGE \"@PACKAGE_NAME@\"\n\n/* Define to the address where bug reports for this package should be sent. */\n#cmakedefine PACKAGE_BUGREPORT \"@PACKAGE_BUGREPORT@\"\n\n/* Define to the full name of this package. */\n#cmakedefine PACKAGE_NAME \"@PACKAGE_NAME@\"\n\n/* Define to the full name and version of this package. */\n#cmakedefine PACKAGE_STRING \"@PACKAGE_STRING@\"\n\n/* Define to the one symbol short name of this package. */\n#cmakedefine PACKAGE_TARNAME \"@PACKAGE_TARNAME@\"\n\n/* Define to the home page for this package. */\n#define PACKAGE_URL \"\"\n\n/* Define to the version of this package. */\n#cmakedefine PACKAGE_VERSION \"@PACKAGE_VERSION@\"\n\n/* Define to 1 if you have the ANSI C header files. */\n#ifndef STDC_HEADERS\n#cmakedefine STDC_HEADERS\n#endif\n\n#endif // ndef MODSECURITY_CONFIG_H" }, { "path": "build/win32/docker/Dockerfile", "content": "# escape=`\n\nARG FROM_IMAGE=mcr.microsoft.com/windows/servercore:ltsc2022\nFROM ${FROM_IMAGE}\n\n# reset the shell.\nSHELL [\"cmd\", \"/S\", \"/C\"]\n\n# set up environment to collect install errors.\nCOPY InstallBuildTools.cmd C:\\TEMP\\\nADD https://aka.ms/vscollect.exe C:\\TEMP\\collect.exe\n\n# download channel for fixed install.\nARG CHANNEL_URL=https://aka.ms/vs/17/release/channel\nADD ${CHANNEL_URL} C:\\TEMP\\VisualStudio.chman\n\n# download and install Build Tools for Visual Studio 2022 for native desktop workload.\nADD https://aka.ms/vs/17/release/vs_buildtools.exe C:\\TEMP\\vs_buildtools.exe\nRUN C:\\TEMP\\InstallBuildTools.cmd C:\\TEMP\\vs_buildtools.exe --quiet --wait --norestart --nocache `\n --channelUri C:\\TEMP\\VisualStudio.chman `\n --installChannelUri C:\\TEMP\\VisualStudio.chman `\n --add Microsoft.VisualStudio.Workload.VCTools `\n --includeRecommended `\n --installPath C:\\BuildTools\n\n# download & install GIT\nARG GIT_VERSION=2.44.0\nARG GIT_BINARY=Git-${GIT_VERSION}-64-bit.exe\nARG GIT_URL=https://github.com/git-for-windows/git/releases/download/v${GIT_VERSION}.windows.1/${GIT_BINARY}\n\nCOPY git.inf C:\\TEMP\\\nARG INSTALLER=C:\\TEMP\\${GIT_BINARY}\nADD ${GIT_URL} ${INSTALLER}\nRUN %INSTALLER% /SP- /VERYSILENT /SUPPRESSMSGBOXES /NOCANCEL `\n /NORESTART /CLOSEAPPLICATIONS /RESTARTAPPLICATIONS /LOADINF=git.inf\n\n# download & setup conan\nARG CONAN_VERSION=2.10.2\nARG CONAN_BINARY=conan-${CONAN_VERSION}-windows-x86_64-installer.exe\nARG CONAN_URL=https://github.com/conan-io/conan/releases/download/${CONAN_VERSION}/${CONAN_BINARY}\n\nARG INSTALLER=C:\\TEMP\\${CONAN_BINARY}\nADD ${CONAN_URL} ${INSTALLER}\nRUN %INSTALLER% /SP- /VERYSILENT /SUPPRESSMSGBOXES\n\n# setup conan profile\nRUN C:\\BuildTools\\VC\\Auxiliary\\Build\\vcvars64.bat && conan profile detect --force\n\n# download libModSecurity\n#\n\n# create src dir\nARG SRC_DIR=C:\\src\n\nWORKDIR C:\\\nRUN cmd.exe /C md %SRC_DIR%\n\n# libModSecurity\nWORKDIR ${SRC_DIR}\n\nARG MOD_SECURITY_TAG=v3/master\nRUN git clone -c advice.detachedHead=false --depth 1 --branch %MOD_SECURITY_TAG% https://github.com/owasp-modsecurity/ModSecurity.git\n\nARG MOD_SECURITY_DIR=${SRC_DIR}\\ModSecurity\nWORKDIR ${MOD_SECURITY_DIR}\n\n# fetch submodules (bindings/python, others/libinjection, test/test-cases/secrules-language-tests)\nRUN git submodule init\nRUN git submodule update\n\n# build libraries\n#\n\nARG BUILD_TYPE=Release\nARG ARCH=x86_64\nARG USE_ASAN=\n\nRUN C:\\BuildTools\\VC\\Auxiliary\\Build\\vcvars64.bat && vcbuild.bat %BUILD_TYPE% %ARCH% %USE_ASAN%\n\n# test suite\n#\n\n# setup test environment\nRUN cmd.exe /C md \\tmp\nRUN cmd.exe /C md \\bin\nRUN cmd.exe /C copy \"C:\\Program Files\\GIT\\usr\\bin\" \\bin > NUL\nRUN cmd.exe /C copy \"C:\\Program Files\\GIT\\usr\\bin\\echo.exe\" \\bin\\echo > NUL\n\n# disable tests that don't work on windows\nARG JQ_VERSION=1.7.1\nARG JQ_BINARY=jq-windows-amd64.exe\nARG JQ_URL=https://github.com/jqlang/jq/releases/download/jq-${JQ_VERSION}/${JQ_BINARY}\n\nARG JQ_BIN=C:\\TEMP\\jq.exe\nADD ${JQ_URL} ${JQ_BIN}\n\nWORKDIR ${MOD_SECURITY_DIR}\\test\\test-cases\\regression\n\nRUN %JQ_BIN% \"map(if .title == \\\"Test match variable (1/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\nRUN %JQ_BIN% \"map(if .title == \\\"Test match variable (2/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\nRUN %JQ_BIN% \"map(if .title == \\\"Test match variable (3/n)\\\" then .enabled = 0 else . end)\" issue-2423-msg-in-chain.json > tmp.json && move /Y tmp.json issue-2423-msg-in-chain.json\nRUN %JQ_BIN% \"map(if .title == \\\"Variable offset - FILES_NAMES\\\" then .enabled = 0 else . end)\" offset-variable.json > tmp.json && move /Y tmp.json offset-variable.json\n\n# run tests\nWORKDIR ${MOD_SECURITY_DIR}\\build\\win32\\build\n\nRUN C:\\BuildTools\\VC\\Auxiliary\\Build\\vcvars64.bat && ctest -C %BUILD_TYPE% --output-on-failure\n\n# setup container's entrypoint\n#\n\nWORKDIR C:\\\n\n# Use developer command prompt and start PowerShell if no other command specified.\nENTRYPOINT [\"C:\\\\BuildTools\\\\VC\\\\Auxiliary\\\\Build\\\\vcvars64.bat\", \"&&\", \"powershell.exe\", \"-NoLogo\", \"-ExecutionPolicy\", \"Bypass\"]\n" }, { "path": "build/win32/docker/InstallBuildTools.cmd", "content": "@rem Copyright (C) Microsoft Corporation. All rights reserved.\n@rem Licensed under the MIT license. See LICENSE.txt in the project root for license information.\n\n@if not defined _echo echo off\nsetlocal enabledelayedexpansion\n\ncall %*\nif \"%ERRORLEVEL%\"==\"3010\" (\n exit /b 0\n) else (\n if not \"%ERRORLEVEL%\"==\"0\" (\n set ERR=%ERRORLEVEL%\n call C:\\TEMP\\collect.exe -zip:C:\\vslogs.zip\n\n exit /b !ERR!\n )\n)\n" }, { "path": "build/win32/docker/git.inf", "content": "[Setup]\nLang=default\nDir=C:\\Program Files\\Git\nGroup=Git\nNoIcons=0\nSetupType=default\nComponents=ext,ext\\shellhere,ext\\guihere,gitlfs,assoc,autoupdate\nTasks=\nEditorOption=VIM\nCustomEditorPath=\nPathOption=Cmd\nSSHOption=OpenSSH\nTortoiseOption=false\nCURLOption=WinSSL\nCRLFOption=LFOnly\nBashTerminalOption=ConHost\nPerformanceTweaksFSCache=Enabled\nUseCredentialManager=Enabled\nEnableSymlinks=Disabled\nEnableBuiltinInteractiveAdd=Disabled" }, { "path": "build/yajl.m4", "content": "dnl Check for YAJL Libraries\ndnl Sets:\ndnl YAJL_CFLAGS\ndnl YAJL_LDADD\ndnl YAJL_LDFLAGS\ndnl YAJL_VERSION\ndnl YAJL_DISPLAY\ndnl YAJL_FOUND\n\nAC_DEFUN([PROG_YAJL], [\nMSC_CHECK_LIB([YAJL], [yajl2 yajl], [yajl/yajl_parse.h], [yajl], [-DWITH_YAJL])\n\n# FIX: if the include directory in CFLAGS ends with \"include/yajl\",\n# remove the suffix \"/yajl\". The library header files are included\n# using the prefix (e.g., #include ), and\n# this is even the case for the library itself (e.g.,\n# yajl_tree.h includes yajl/yajl_common.h).\n_msc_yajl_new_cflags=\"\"\nfor _msc_yajl_flag in $YAJL_CFLAGS; do\n case \"$_msc_yajl_flag\" in\n -I*/include/yajl)\n _msc_yajl_new_flag=\"${_msc_yajl_flag%/yajl}\"\n _msc_yajl_new_cflags=\"$_msc_yajl_new_cflags $_msc_yajl_new_flag\"\n ;;\n *)\n _msc_yajl_new_cflags=\"$_msc_yajl_new_cflags $_msc_yajl_flag\"\n ;;\n esac\ndone\nYAJL_CFLAGS=\"$_msc_yajl_new_cflags\"\nYAJL_DISPLAY=\"${YAJL_LDADD}, ${YAJL_CFLAGS}\"\n\n]) # AC_DEFUN [PROG_YAJL]\n" }, { "path": "build.sh", "content": "#!/bin/sh\n\nrm -rf autom4te.cache\nrm -f aclocal.m4\n\ncd src\nrm -f headers.mk\necho \"noinst_HEADERS = \\\\\" > headers.mk\nls -1 \\\n actions/*.h \\\n actions/ctl/*.h \\\n actions/data/*.h \\\n actions/disruptive/*.h \\\n actions/transformations/*.h \\\n debug_log/*.h \\\n audit_log/writer/*.h \\\n collection/backend/*.h \\\n operators/*.h \\\n parser/*.h \\\n request_body_processor/*.h \\\n utils/*.h \\\n variables/*.h \\\n engine/*.h \\\n *.h | tr \"\\012\" \" \" >> headers.mk\ncd ../\n\ncase `uname` in Darwin*) glibtoolize --force --copy ;;\n *) libtoolize --force --copy ;; esac\nautoreconf --install\nautoheader\nautomake --add-missing --foreign --copy --force-missing\nautoconf --force\nrm -rf autom4te.cache\n\n\n" }, { "path": "configure.ac", "content": "# ModSecurity configure.ac\n\nAC_PREREQ([2.69])\n\n# Get the hash of the last commit, to be used if it is not an\n# official release.\nAC_DEFUN([MSC_GIT_HASH], m4_esyscmd_s(git log -1 --format=\"%h\" --abbrev-commit))\nAC_DEFUN([MSC_MAJOR], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep \"define MODSECURITY_MAJOR \" | awk {'print $3'} | sed 's/\\\"//g'))\nAC_DEFUN([MSC_MINOR], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep \"define MODSECURITY_MINOR \" | awk {'print $3'} | sed 's/\\\"//g'))\nAC_DEFUN([MSC_PATCHLEVEL], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep \"define MODSECURITY_PATCHLEVEL \" | awk {'print $3'} | sed 's/\\\"//g'))\nAC_DEFUN([MSC_TAG], m4_esyscmd_s(cat headers/modsecurity/modsecurity.h | grep \"define MODSECURITY_FTAG \" | awk {'print $3'} | sed 's/\\\"//g'))\n\n\n# Version definition to be further used by AC_INIT and \n# .so file naming.\nm4_define([msc_version_major], [MSC_MAJOR])\nm4_define([msc_version_minor], [MSC_MINOR])\nm4_define([msc_version_patchlevel], [MSC_PATCHLEVEL])\n\nm4_define([msc_version_c_plus_a], [m4_eval(msc_version_major + msc_version_minor)])\n\n\nm4_define([msc_version],\n [msc_version_major.msc_version_minor])\n\nm4_define([msc_version_with_patchlevel],\n [msc_version_major.msc_version_minor.msc_version_patchlevel])\n\nm4_define([msc_version_git],\n [m4_esyscmd_s(git describe)])\n\nm4_define([msc_version_info],\n [msc_version_c_plus_a:msc_version_patchlevel:msc_version_minor])\n\n\n# Project Information\nAC_INIT([modsecurity], [3.0], [security@modsecurity.org])\n\n\n# General definitions\nAC_CONFIG_MACRO_DIR([build])\nAC_PREFIX_DEFAULT([/usr/local/modsecurity])\n\n\n# General automake options.\nAM_INIT_AUTOMAKE([-Wall foreign subdir-objects])\n\n\n# Check for dependencies (C++, AR, Lex, Yacc and Make)\nAC_PROG_CXX\nAM_PROG_AR\nAC_PROG_AWK\nAC_PROG_CC\nAC_PROG_CPP\nAC_PROG_INSTALL\nAC_PROG_LN_S\nAC_PROG_MAKE_SET\nAC_PROG_MKDIR_P\nPKG_PROG_PKG_CONFIG\n\n\n# Set C++ standard version and check if compiler supports it.\nAX_CXX_COMPILE_STDCXX(17, noext, mandatory)\n\n# Check for libinjection\nif ! test -f \"${srcdir}/others/libinjection/src/libinjection_html5.c\"; then\nAC_MSG_ERROR([\\\n\n\n libInjection was not found within ModSecurity source directory.\n\n libInjection code is available as part of ModSecurity source code in a format\n of a git-submodule. git-submodule allow us to specify the correct version of\n libInjection and still uses the libInjection repository to download it.\n\n You can download libInjection using git:\n\n $ git submodule update --init --recursive\n\n ])\nfi\n# Libinjection version\nAC_DEFUN([LIBINJECTION_VERSION], m4_esyscmd_s(cd \"others/libinjection\" && git describe && cd ../..))\nAC_SUBST([LIBINJECTION_VERSION])\n\n# Check for Mbed TLS\nif ! test -f \"${srcdir}/others/mbedtls/library/base64.c\"; then\nAC_MSG_ERROR([\\\n\n\n Mbed TLS was not found within ModSecurity source directory.\n\n Mbed TLS code is available as part of ModSecurity source code in a format\n of a git-submodule. git-submodule allow us to specify the correct version of\n Mbed TLS and still uses the Mbed TLS repository to download it.\n\n You can download Mbed TLS using git:\n\n $ git submodule update --init --recursive\n\n ])\nfi\n# Mbed TLS version\nAC_DEFUN([MBEDTLS_VERSION], m4_esyscmd_s(cd \"others/mbedtls\" && git describe && cd ../..))\n\n# SecLang test version\nAC_DEFUN([SECLANG_TEST_VERSION], m4_esyscmd_s(cd \"test/test-cases/secrules-language-tests\" && git log -1 --format=\"%h\" --abbrev-commit && cd ../../..))\n\n\n# Check for yajl\nPROG_YAJL\n\nAM_CONDITIONAL([YAJL_VERSION], [test \"$YAJL_VERSION\" != \"\"])\n\n# Check for LibGeoIP\nPROG_GEOIP\n\n# Check for MaxMind\nPROG_MAXMIND\n\n# Check for LMDB\nPROG_LMDB\n\n# Check for SSDEEP\nCHECK_SSDEEP\n\n# Check for LUA\nCHECK_LUA\n\n\n#\n# Check for curl\n#\nCHECK_CURL\n\nif ! test -z \"${CURL_VERSION}\"; then\n AC_DEFINE([MSC_WITH_CURL], [1], [Define if libcurl is available])\nfi\n\n\n#\n# Check for LibXML\n#\nCHECK_LIBXML2\n\n\n#\n# Check for libpcre only if explicitly requested\n#\nif test \"x${with_pcre}\" != \"x\" && test \"x${with_pcre}\" != \"xno\"; then\n CHECK_PCRE\nelse\n #\n # Check for pcre2\n #\n PROG_PCRE2\nfi\n\n\n# Checks for header files.\nAC_CHECK_HEADERS([string])\nAC_CHECK_HEADERS([iostream])\nAC_CHECK_HEADERS([sys/utsname.h])\nAC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h libintl.h malloc.h netdb.h netinet/in.h stdint.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h unistd.h])\n\n\n\n# Checks for typedefs, structures, and compiler characteristics.\nAC_CHECK_HEADER_STDBOOL\nAC_C_INLINE\nAC_TYPE_INT16_T\nAC_TYPE_INT32_T\nAC_TYPE_INT64_T\nAC_TYPE_INT8_T\nAC_TYPE_OFF_T\nAC_TYPE_PID_T\nAC_TYPE_SIZE_T\nAC_TYPE_SSIZE_T\nAC_TYPE_UINT16_T\nAC_TYPE_UINT32_T\nAC_TYPE_UINT64_T\nAC_TYPE_UINT8_T\nAC_CHECK_TYPES([ptrdiff_t])\nAC_CHECK_TYPES([time_t])\n\n# Checks for library functions.\nAC_FUNC_ERROR_AT_LINE\nAC_FUNC_FORK\nAC_FUNC_MALLOC\nAC_FUNC_REALLOC\nAC_CHECK_FUNCS([alarm clock_gettime gethostname gettimeofday inet_ntoa localtime_r memmove memset mkdir select setenv socket strcasecmp strchr strdup strerror strncasecmp strspn strstr strtol strtoul strtoull uname])\n\n# Initialize libtool\nLT_INIT\n\n# Identify platform\nAC_CANONICAL_HOST\n\ncase $host in\n *-*-aix*)\n echo \"Checking platform... Identified as AIX\"\n AC_DEFINE([AIX], [1], [Define if the operating system is AIX])\n PLATFORM=\"AIX\"\n ;;\n *-*-hpux*)\n echo \"Checking platform... Identified as HPUX\"\n AC_DEFINE([HPUX], [1], [Define if the operating system is HPUX])\n PLATFORM=\"HPUX\"\n ;;\n *-*-darwin*)\n echo \"Checking platform... Identified as Macintosh OS X\"\n AC_DEFINE([MACOSX], [1], [Define if the operating system is Macintosh OSX])\n PLATFORM=\"MacOSX\"\n ;;\n *-*-linux* | *-*uclinux*)\n echo \"Checking platform... Identified as Linux\"\n AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX])\n PLATFORM=\"Linux\"\n ;;\n *-*-solaris*)\n echo \"Checking platform... Identified as Solaris\"\n AC_DEFINE([SOLARIS], [1], [Define if the operating system is SOLARIS])\n PLATFORM=\"Solaris\"\n ;;\n *-*-freebsd*)\n echo \"Checking platform... Identified as FreeBSD\"\n AC_DEFINE([FREEBSD], [1], [Define if the operating system is FREEBSD])\n PLATFORM=\"FreeBSD\"\n ;;\n *-*-netbsd*)\n echo \"Checking platform... Identified as NetBSD\"\n AC_DEFINE([NETBSD], [1], [Define if the operating system is NETBSD])\n PLATFORM=\"NetBSD\"\n ;;\n *-*-openbsd*)\n echo \"Checking platform... Identified as OpenBSD\"\n AC_DEFINE([OPENBSD], [1], [Define if the operating system is OPENBSD])\n PLATFORM=\"OpenBSD\"\n ;;\n *-*-kfreebsd*)\n echo \"Checking platform... Identified as kFreeBSD, treating as linux\"\n AC_DEFINE([FREEBSD], [1], [Define if the operating system is FREEBSD])\n PLATFORM=\"kFreeBSD\"\n ;;\n *-*-dragonfly*)\n echo \"Checking platform... Identified as DragonFlyBSD, treating as linux\"\n AC_DEFINE([DRAGONFLY], [1], [Define if the operating system is DRAGONFLY])\n PLATFORM=\"DragonFly\"\n ;;\n *-*-gnu*.*)\n echo \"Checking platform... Identified as HURD, treating as linux\"\n AC_DEFINE([LINUX], [1], [Define if the operating system is LINUX])\n PLATFORM=\"HURD\"\n ;;\n *)\n echo \"Unknown CANONICAL_HOST $host\"\n exit 1\n ;;\nesac\n\n# Variables to be used inside the Makefile.am files.\nMSC_BASE_DIR=`pwd`\nAC_SUBST([MSC_BASE_DIR])\n\nMSC_VERSION_INFO=msc_version_info\nAC_SUBST([MSC_VERSION_INFO])\n\nMSC_VERSION_WITH_PATCHLEVEL=msc_version_with_patchlevel\nAC_SUBST([MSC_VERSION_WITH_PATCHLEVEL])\n\nMSC_VERSION=msc_version\nAC_SUBST([MSC_VERSION])\n\nMSC_GIT_VERSION=msc_version_git\nAC_SUBST([MSC_GIT_VERSION])\n\nMSC_ARG_ENABLE_BOOL([assertions], [Turn on assertions feature: undefine NDEBUG], [false], [assertions])\nMSC_ARG_ENABLE_BOOL([debug-logs], [Turn off the SecDebugLog feature], [true], [debugLogs])\nif test \"$debugLogs\" != \"true\"; then\n MODSEC_NO_LOGS=\"-DNO_LOGS=1\"\n AC_SUBST(MODSEC_NO_LOGS)\nfi\n\nMSC_ARG_ENABLE_BOOL([afl-fuzz], [Turn on the afl fuzzer compilation utilities], [false], [aflFuzzer])\nMSC_ARG_ENABLE_BOOL([examples], [Turn on the examples compilation (default option)], [true], [buildExamples])\nMSC_ARG_ENABLE_BOOL([parser-generation], [Enables parser generation during the build], [false], [buildParser])\nMSC_ARG_ENABLE_BOOL([mutex-on-pm], [Treat pm operations as critical section], [false], [mutexPm])\n\n\nif test $buildParser = true; then\n AC_PROG_YACC\n AC_PROG_LEX(noyywrap)\n AC_PATH_PROG([FLEX], [flex])\n test \"x$FLEX\" = \"x\" && AC_MSG_ERROR([flex is needed to build ModSecurity])\n\n AC_PATH_PROG([BISON], [bison])\n test \"x$BISON\" = \"x\" && AC_MSG_ERROR([bison is needed to build ModSecurity])\n\n AC_PATH_PROG([YACC_INST], $YACC)\n if test ! -f \"$srcdir/gram.c\"; then\n if test -z \"$YACC_INST\"; then\n AC_MSG_ERROR([yacc not found - unable to compile ModSecurity])\n fi\n fi\nfi\n\n\n# Decide if we want to build the tests or not.\nbuildTestUtilities=false\nif test \"x$YAJL_FOUND\" = \"x1\"; then\n # Regression tests will not be able to run without the logging support.\n # But we still have the unit tests.\n # if test \"$debugLogs\" = \"true\"; then\n buildTestUtilities=true\n # fi\nfi\n\n\nAM_CONDITIONAL([TEST_UTILITIES], [test $buildTestUtilities = true])\nif test $buildTestUtilities = true; then\n if test $debugLogs = true; then\n if test -f ./test/test-list.sh; then\n TEST_CASES=`./test/test-list.sh`\n fi\n fi\nfi\n\nAM_CONDITIONAL([EXAMPLES], [test $buildExamples = true])\nAM_CONDITIONAL([BUILD_PARSER], [test $buildParser = true])\nAM_CONDITIONAL([USE_MUTEX_ON_PM], [test $mutexPm = true])\n\n\n# General link options\nif test \"$PLATFORM\" != \"MacOSX\" -a \"$PLATFORM\" != \"OpenBSD\"; then\n GLOBAL_LDADD=\"-lrt \"\nfi\n\nif test \"$aflFuzzer\" == \"true\"; then\n FUZZ_CPPCFLAGS=\"-fsanitize=address -fsanitize-coverage=4 \"\n GLOBAL_LDADD=\"$GLOBAL_LDADD -fsanitize=address \"\n GLOBAL_CPPFLAGS=\"$GLOBAL_CPPFLAGS $FUZZ_CPPCFLAGS\"\n $buildExamples = false\nfi\n\ncase $assertions in\n false) ASSERTIONS_CPPCFLAGS=\"-DNDEBUG\" ;;\n true) ASSERTIONS_CPPCFLAGS=\"-UNDEBUG\" ;;\n *) AC_MSG_ERROR(bad value ${assertions} for assertions) ;;\nesac\nGLOBAL_CPPFLAGS=\"$GLOBAL_CPPFLAGS $ASSERTIONS_CPPCFLAGS\"\n\nAC_SUBST(GLOBAL_LDADD)\nAC_SUBST(GLOBAL_CPPFLAGS)\n\nAM_CONDITIONAL([AFL_FUZZER], [test $aflFuzzer = true])\n\nGLOBAL_CFLAGS=\"\"\nAC_SUBST(GLOBAL_CFLAGS)\n\n# Files to be generated via autotools.\nAC_CONFIG_FILES([\\\n modsecurity.pc \\\n Makefile \\\n doc/Makefile \\\n src/Makefile \\\n others/Makefile \\\n tools/Makefile \\\n tools/rules-check/Makefile\n ])\n\nAM_COND_IF([TEST_UTILITIES],\n [AC_CONFIG_FILES([test/Makefile test/benchmark/Makefile])])\n\nAM_COND_IF([EXAMPLES],\n [AC_CONFIG_FILES([ \\\n examples/Makefile \\\n examples/simple_example_using_c/Makefile \\\n examples/multiprocess_c/Makefile \\\n examples/multithread/Makefile \\\n examples/reading_logs_with_offset/Makefile \\\n examples/reading_logs_via_rule_message/Makefile \\\n examples/using_bodies_in_chunks/Makefile \\\n ])])\n\nAM_COND_IF([AFL_FUZZER],\n [AC_CONFIG_FILES([test/fuzzer/Makefile])])\n\nAM_COND_IF([BUILD_PARSER],\n [AC_CONFIG_FILES([src/parser/Makefile])])\n\n\nAC_CONFIG_HEADERS([src/config.h])\n\n\n# Doxygen support\nDX_HTML_FEATURE(ON)\nDX_CHM_FEATURE(OFF)\nDX_CHI_FEATURE(OFF)\nDX_MAN_FEATURE(OFF)\nDX_RTF_FEATURE(OFF)\nDX_XML_FEATURE(OFF)\nDX_PDF_FEATURE(OFF)\nDX_PS_FEATURE(OFF)\n\nDX_INIT_DOXYGEN([ModSecurity],[doc/doxygen.cfg])\n\n# make check-valgrind\nAX_VALGRIND_DFLT([sgcheck], [off])\nAX_VALGRIND_CHECK\n\n# Generate the files.\nAC_OUTPUT\n\n\n# Print a fancy summary\necho \" \"\necho \" \"\necho \"ModSecurity - ${MSC_GIT_VERSION} for $PLATFORM\"\necho \" \"\necho \" Mandatory dependencies\"\nAS_ECHO_N(\" + libInjection ....\")\necho LIBINJECTION_VERSION\nAS_ECHO_N(\" + Mbed TLS ....\")\necho MBEDTLS_VERSION\nAS_ECHO_N(\" + SecLang tests ....\")\necho SECLANG_TEST_VERSION\n\necho \" \"\necho \" Optional dependencies\"\n\n\n\n## GeoIP - MaxMind (combined display)\nif test \"x$GEOIP_FOUND\" = \"x0\" && test \"x$MAXMIND_FOUND\" = \"x0\"; then\n echo \" + GeoIP/MaxMind ....not found\"\nfi\nif test \"x$GEOIP_FOUND\" = \"x1\" || test \"x$MAXMIND_FOUND\" = \"x1\"; then\n AS_ECHO_N([\" + GeoIP/MaxMind ....found \"])\n echo \"\"\n if test \"x$MAXMIND_FOUND\" = \"x1\"; then\n echo \" * (MaxMind) v${MAXMIND_VERSION}\"\n echo \" ${MAXMIND_DISPLAY}\"\n fi\n if test \"x$GEOIP_FOUND\" = \"x1\"; then\n echo \" * (GeoIP) v${GEOIP_VERSION}\"\n echo \" ${GEOIP_DISPLAY}\"\n fi\nfi\nif test \"x$GEOIP_FOUND\" = \"x2\" && test \"x$MAXMIND_FOUND\" = \"x2\"; then\n echo \" + GeoIP/MaxMind ....disabled\"\nfi\n\nMSC_STATUS_LIB([LibCURL ], [CURL])\nMSC_STATUS_LIB([YAJL ], [YAJL])\nMSC_STATUS_LIB([LMDB ], [LMDB])\nMSC_STATUS_LIB([LibXML2 ], [LIBXML2])\nMSC_STATUS_LIB([SSDEEP ], [SSDEEP])\nMSC_STATUS_LIB([LUA ], [LUA])\n\n## PCRE (only shown when explicitly requested)\nif test \"x${with_pcre}\" != \"x\" && test \"x${with_pcre}\" != \"xno\"; then\n if test -n \"${PCRE_VERSION}\"; then\n echo \" + PCRE ....found \"\n echo \" using pcre v${PCRE_VERSION}\"\n echo \" ${PCRE_LDADD}, ${PCRE_CFLAGS}\"\n else\n AC_MSG_NOTICE([*** pcre library not found.])\n fi\nfi\n\nMSC_STATUS_LIB([PCRE2 ], [PCRE2])\n\necho \" \"\necho \" Other Options\"\nif test $buildTestUtilities = true; then\n if test $debugLogs = true; then\n echo \" + Test Utilities ....enabled\"\n else\n echo \" + Test Utilities ....partially\"\n fi\nelse\n echo \" + Test Utilities ....disabled\"\nfi\nif test $assertions = true; then\n echo \" + Assertions ....enabled\"\nelse\n echo \" + Assertions ....disabled\"\nfi\nif test $debugLogs = true; then\n echo \" + SecDebugLog ....enabled\"\nelse\n echo \" + SecDebugLog ....disabled\"\nfi\n\nif test \"$aflFuzzer\" = \"true\"; then\n echo \" + afl fuzzer ....enabled\"\n echo \" ($FUZZ_CPPCFLAGS)\"\nelse\n echo \" + afl fuzzer ....disabled\"\nfi\n\nif test \"$buildExamples\" = \"true\"; then\n echo \" + library examples ....enabled\"\nelse\n echo \" + library examples ....disabled\"\nfi\n\nif test \"$buildParser\" = \"true\"; then\n echo \" + Building parser ....enabled\"\nelse\n echo \" + Building parser ....disabled\"\nfi\n\nif test \"$mutexPm\" = \"true\"; then\n echo \" + Treating pm operations as critical section ....enabled\"\nelse\n echo \" + Treating pm operations as critical section ....disabled\"\nfi\n\n\necho \" \"\n\n\nif test \"$aflFuzzer\" = \"true\"; then\n echo \"WARNING: afl fuzzer was enabled. Make sure you are using the\"\n echo \" 'afl-clang-fast' as the compiler, otherwise the compilation\"\n echo \" will fail.\"\n echo \" \"\n echo \" You can set the compiler using:\"\n echo \" \"\n echo \" $ export CXX=afl-clang-fast++ \"\n echo \" $ export CC=afl-clang-fast \"\n echo \" \"\nfi\n\n" }, { "path": "doc/.empty", "content": "" }, { "path": "doc/Makefile.am", "content": "\nACLOCAL_AMFLAGS = -I build\n\n# Doxygen support\n# include $(top_srcdir)/build/ax_prog_doxygen.m4\n\n# distribution of the Doxygen configuration file\nEXTRA_DIST = \\\n\tdoxygen.cfg\n\n\nMAINTAINERCLEANFILES = \\\n\tMakefile.in \\\n\tdoxygen_sqlite3.db \\\n\thtml \\\n\tlatex\n\n" }, { "path": "doc/doxygen.cfg", "content": "# Doxyfile 1.8.8\n\n# This file describes the settings to be used by the documentation system\n# doxygen (www.doxygen.org) for a project.\n#\n# All text after a double hash (##) is considered a comment and is placed in\n# front of the TAG it is preceding.\n#\n# All text after a single hash (#) is considered a comment and will be ignored.\n# The format is:\n# TAG = value [value, ...]\n# For lists, items can also be appended using:\n# TAG += value [value, ...]\n# Values that contain spaces should be placed between quotes (\\\" \\\").\n\n#---------------------------------------------------------------------------\n# Project related configuration options\n#---------------------------------------------------------------------------\n\n# This tag specifies the encoding used for all characters in the config file\n# that follow. The default is UTF-8 which is also the encoding used for all text\n# before the first occurrence of this tag. Doxygen uses libiconv (or the iconv\n# built into libc) for the transcoding. See http://www.gnu.org/software/libiconv\n# for the list of possible encodings.\n# The default value is: UTF-8.\n\nDOXYFILE_ENCODING = UTF-8\n\n# The PROJECT_NAME tag is a single word (or a sequence of words surrounded by\n# double-quotes, unless you are using Doxywizard) that should identify the\n# project for which the documentation is generated. This name is used in the\n# title of most generated pages and in a few other places.\n# The default value is: My Project.\n\nPROJECT_NAME = ModSecurity\n\n# The PROJECT_NUMBER tag can be used to enter a project or revision number. This\n# could be handy for archiving the generated documentation or if some version\n# control system is used.\n\nPROJECT_NUMBER = 3.0.0\n\n# Using the PROJECT_BRIEF tag one can provide an optional one line description\n# for a project that appears at the top of each page and should give viewer a\n# quick idea about the purpose of the project. Keep the description short.\n\nPROJECT_BRIEF = \"ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…\"\n\n# With the PROJECT_LOGO tag one can specify an logo or icon that is included in\n# the documentation. The maximum height of the logo should not exceed 55 pixels\n# and the maximum width should not exceed 200 pixels. Doxygen will copy the logo\n# to the output directory.\n\nPROJECT_LOGO = ../doc/ms-doxygen-logo.png\n\n# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path\n# into which the generated documentation will be written. If a relative path is\n# entered, it will be relative to the location where doxygen was started. If\n# left blank the current directory will be used.\n\nOUTPUT_DIRECTORY = ../doc\n\n# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create 4096 sub-\n# directories (in 2 levels) under the output directory of each output format and\n# will distribute the generated files over these directories. Enabling this\n# option can be useful when feeding doxygen a huge amount of source files, where\n# putting all generated files in the same directory would otherwise causes\n# performance problems for the file system.\n# The default value is: NO.\n\nCREATE_SUBDIRS = NO\n\n# If the ALLOW_UNICODE_NAMES tag is set to YES, doxygen will allow non-ASCII\n# characters to appear in the names of generated files. If set to NO, non-ASCII\n# characters will be escaped, for example _xE3_x81_x84 will be used for Unicode\n# U+3044.\n# The default value is: NO.\n\nALLOW_UNICODE_NAMES = NO\n\n# The OUTPUT_LANGUAGE tag is used to specify the language in which all\n# documentation generated by doxygen is written. Doxygen will use this\n# information to generate all constant output in the proper language.\n# Possible values are: Afrikaans, Arabic, Armenian, Brazilian, Catalan, Chinese,\n# Chinese-Traditional, Croatian, Czech, Danish, Dutch, English (United States),\n# Esperanto, Farsi (Persian), Finnish, French, German, Greek, Hungarian,\n# Indonesian, Italian, Japanese, Japanese-en (Japanese with English messages),\n# Korean, Korean-en (Korean with English messages), Latvian, Lithuanian,\n# Macedonian, Norwegian, Persian (Farsi), Polish, Portuguese, Romanian, Russian,\n# Serbian, Serbian-Cyrillic, Slovak, Slovene, Spanish, Swedish, Turkish,\n# Ukrainian and Vietnamese.\n# The default value is: English.\n\nOUTPUT_LANGUAGE = English\n\n# If the BRIEF_MEMBER_DESC tag is set to YES doxygen will include brief member\n# descriptions after the members that are listed in the file and class\n# documentation (similar to Javadoc). Set to NO to disable this.\n# The default value is: YES.\n\nBRIEF_MEMBER_DESC = YES\n\n# If the REPEAT_BRIEF tag is set to YES doxygen will prepend the brief\n# description of a member or function before the detailed description\n#\n# Note: If both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the\n# brief descriptions will be completely suppressed.\n# The default value is: YES.\n\nREPEAT_BRIEF = YES\n\n# This tag implements a quasi-intelligent brief description abbreviator that is\n# used to form the text in various listings. Each string in this list, if found\n# as the leading text of the brief description, will be stripped from the text\n# and the result, after processing the whole list, is used as the annotated\n# text. Otherwise, the brief description is used as-is. If left blank, the\n# following values are used ($name is automatically replaced with the name of\n# the entity):The $name class, The $name widget, The $name file, is, provides,\n# specifies, contains, represents, a, an and the.\n\nABBREVIATE_BRIEF = \"The $name class\" \\\n \"The $name widget\" \\\n \"The $name file\" \\\n is \\\n provides \\\n specifies \\\n contains \\\n represents \\\n a \\\n an \\\n the\n\n# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then\n# doxygen will generate a detailed section even if there is only a brief\n# description.\n# The default value is: NO.\n\nALWAYS_DETAILED_SEC = NO\n\n# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all\n# inherited members of a class in the documentation of that class as if those\n# members were ordinary class members. Constructors, destructors and assignment\n# operators of the base classes will not be shown.\n# The default value is: NO.\n\nINLINE_INHERITED_MEMB = NO\n\n# If the FULL_PATH_NAMES tag is set to YES doxygen will prepend the full path\n# before files name in the file list and in the header files. If set to NO the\n# shortest path that makes the file name unique will be used\n# The default value is: YES.\n\nFULL_PATH_NAMES = NO\n\n# The STRIP_FROM_PATH tag can be used to strip a user-defined part of the path.\n# Stripping is only done if one of the specified strings matches the left-hand\n# part of the path. The tag can be used to show relative paths in the file list.\n# If left blank the directory from which doxygen is run is used as the path to\n# strip.\n#\n# Note that you can specify absolute paths here, but also relative paths, which\n# will be relative from the directory where doxygen is started.\n# This tag requires that the tag FULL_PATH_NAMES is set to YES.\n\nSTRIP_FROM_PATH = \n\n# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of the\n# path mentioned in the documentation of a class, which tells the reader which\n# header file to include in order to use a class. If left blank only the name of\n# the header file containing the class definition is used. Otherwise one should\n# specify the list of include paths that are normally passed to the compiler\n# using the -I flag.\n\nSTRIP_FROM_INC_PATH = \n\n# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter (but\n# less readable) file names. This can be useful is your file systems doesn't\n# support long names like on DOS, Mac, or CD-ROM.\n# The default value is: NO.\n\nSHORT_NAMES = NO\n\n# If the JAVADOC_AUTOBRIEF tag is set to YES then doxygen will interpret the\n# first line (until the first dot) of a Javadoc-style comment as the brief\n# description. If set to NO, the Javadoc-style will behave just like regular Qt-\n# style comments (thus requiring an explicit @brief command for a brief\n# description.)\n# The default value is: NO.\n\nJAVADOC_AUTOBRIEF = NO\n\n# If the QT_AUTOBRIEF tag is set to YES then doxygen will interpret the first\n# line (until the first dot) of a Qt-style comment as the brief description. If\n# set to NO, the Qt-style will behave just like regular Qt-style comments (thus\n# requiring an explicit \\brief command for a brief description.)\n# The default value is: NO.\n\nQT_AUTOBRIEF = NO\n\n# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make doxygen treat a\n# multi-line C++ special comment block (i.e. a block of //! or /// comments) as\n# a brief description. This used to be the default behavior. The new default is\n# to treat a multi-line C++ comment block as a detailed description. Set this\n# tag to YES if you prefer the old behavior instead.\n#\n# Note that setting this tag to YES also means that rational rose comments are\n# not recognized any more.\n# The default value is: NO.\n\nMULTILINE_CPP_IS_BRIEF = NO\n\n# If the INHERIT_DOCS tag is set to YES then an undocumented member inherits the\n# documentation from any documented member that it re-implements.\n# The default value is: YES.\n\nINHERIT_DOCS = YES\n\n# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce a\n# new page for each member. If set to NO, the documentation of a member will be\n# part of the file/class/namespace that contains it.\n# The default value is: NO.\n\nSEPARATE_MEMBER_PAGES = NO\n\n# The TAB_SIZE tag can be used to set the number of spaces in a tab. Doxygen\n# uses this value to replace tabs by spaces in code fragments.\n# Minimum value: 1, maximum value: 16, default value: 4.\n\nTAB_SIZE = 4\n\n# This tag can be used to specify a number of aliases that act as commands in\n# the documentation. An alias has the form:\n# name=value\n# For example adding\n# \"sideeffect=@par Side Effects:\\n\"\n# will allow you to put the command \\sideeffect (or @sideeffect) in the\n# documentation, which will result in a user-defined paragraph with heading\n# \"Side Effects:\". You can put \\n's in the value part of an alias to insert\n# newlines.\n\nALIASES = \n\n# This tag can be used to specify a number of word-keyword mappings (TCL only).\n# A mapping has the form \"name=value\". For example adding \"class=itcl::class\"\n# will allow you to use the command class in the itcl::class meaning.\n\nTCL_SUBST = \n\n# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources\n# only. Doxygen will then generate output that is more tailored for C. For\n# instance, some of the names that are used will be different. The list of all\n# members will be omitted, etc.\n# The default value is: NO.\n\nOPTIMIZE_OUTPUT_FOR_C = NO\n\n# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java or\n# Python sources only. Doxygen will then generate output that is more tailored\n# for that language. For instance, namespaces will be presented as packages,\n# qualified scopes will look different, etc.\n# The default value is: NO.\n\nOPTIMIZE_OUTPUT_JAVA = NO\n\n# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran\n# sources. Doxygen will then generate output that is tailored for Fortran.\n# The default value is: NO.\n\nOPTIMIZE_FOR_FORTRAN = NO\n\n# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL\n# sources. Doxygen will then generate output that is tailored for VHDL.\n# The default value is: NO.\n\nOPTIMIZE_OUTPUT_VHDL = NO\n\n# Doxygen selects the parser to use depending on the extension of the files it\n# parses. With this tag you can assign which parser to use for a given\n# extension. Doxygen has a built-in mapping, but you can override or extend it\n# using this tag. The format is ext=language, where ext is a file extension, and\n# language is one of the parsers supported by doxygen: IDL, Java, Javascript,\n# C#, C, C++, D, PHP, Objective-C, Python, Fortran (fixed format Fortran:\n# FortranFixed, free formatted Fortran: FortranFree, unknown formatted Fortran:\n# Fortran. In the later case the parser tries to guess whether the code is fixed\n# or free formatted code, this is the default for Fortran type files), VHDL. For\n# instance to make doxygen treat .inc files as Fortran files (default is PHP),\n# and .f files as C (default is Fortran), use: inc=Fortran f=C.\n#\n# Note For files without extension you can use no_extension as a placeholder.\n#\n# Note that for custom extensions you also need to set FILE_PATTERNS otherwise\n# the files are not read by doxygen.\n\nEXTENSION_MAPPING = \n\n# If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments\n# according to the Markdown format, which allows for more readable\n# documentation. See http://daringfireball.net/projects/markdown/ for details.\n# The output of markdown processing is further processed by doxygen, so you can\n# mix doxygen, HTML, and XML commands with Markdown formatting. Disable only in\n# case of backward compatibilities issues.\n# The default value is: YES.\n\nMARKDOWN_SUPPORT = YES\n\n# When enabled doxygen tries to link words that correspond to documented\n# classes, or namespaces to their corresponding documentation. Such a link can\n# be prevented in individual cases by by putting a % sign in front of the word\n# or globally by setting AUTOLINK_SUPPORT to NO.\n# The default value is: YES.\n\nAUTOLINK_SUPPORT = YES\n\n# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want\n# to include (a tag file for) the STL sources as input, then you should set this\n# tag to YES in order to let doxygen match functions declarations and\n# definitions whose arguments contain STL classes (e.g. func(std::string);\n# versus func(std::string) {}). This also make the inheritance and collaboration\n# diagrams that involve STL classes more complete and accurate.\n# The default value is: NO.\n\nBUILTIN_STL_SUPPORT = NO\n\n# If you use Microsoft's C++/CLI language, you should set this option to YES to\n# enable parsing support.\n# The default value is: NO.\n\nCPP_CLI_SUPPORT = NO\n\n# Set the SIP_SUPPORT tag to YES if your project consists of sip (see:\n# http://www.riverbankcomputing.co.uk/software/sip/intro) sources only. Doxygen\n# will parse them like normal C++ but will assume all classes use public instead\n# of private inheritance when no explicit protection keyword is present.\n# The default value is: NO.\n\nSIP_SUPPORT = NO\n\n# For Microsoft's IDL there are propget and propput attributes to indicate\n# getter and setter methods for a property. Setting this option to YES will make\n# doxygen to replace the get and set methods by a property in the documentation.\n# This will only work if the methods are indeed getting or setting a simple\n# type. If this is not the case, or you want to show the methods anyway, you\n# should set this option to NO.\n# The default value is: YES.\n\nIDL_PROPERTY_SUPPORT = YES\n\n# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC\n# tag is set to YES, then doxygen will reuse the documentation of the first\n# member in the group (if any) for the other members of the group. By default\n# all members of a group must be documented explicitly.\n# The default value is: NO.\n\nDISTRIBUTE_GROUP_DOC = NO\n\n# Set the SUBGROUPING tag to YES to allow class member groups of the same type\n# (for instance a group of public functions) to be put as a subgroup of that\n# type (e.g. under the Public Functions section). Set it to NO to prevent\n# subgrouping. Alternatively, this can be done per class using the\n# \\nosubgrouping command.\n# The default value is: YES.\n\nSUBGROUPING = YES\n\n# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and unions\n# are shown inside the group in which they are included (e.g. using \\ingroup)\n# instead of on a separate page (for HTML and Man pages) or section (for LaTeX\n# and RTF).\n#\n# Note that this feature does not work in combination with\n# SEPARATE_MEMBER_PAGES.\n# The default value is: NO.\n\nINLINE_GROUPED_CLASSES = NO\n\n# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and unions\n# with only public data fields or simple typedef fields will be shown inline in\n# the documentation of the scope in which they are defined (i.e. file,\n# namespace, or group documentation), provided this scope is documented. If set\n# to NO, structs, classes, and unions are shown on a separate page (for HTML and\n# Man pages) or section (for LaTeX and RTF).\n# The default value is: NO.\n\nINLINE_SIMPLE_STRUCTS = NO\n\n# When TYPEDEF_HIDES_STRUCT tag is enabled, a typedef of a struct, union, or\n# enum is documented as struct, union, or enum with the name of the typedef. So\n# typedef struct TypeS {} TypeT, will appear in the documentation as a struct\n# with name TypeT. When disabled the typedef will appear as a member of a file,\n# namespace, or class. And the struct will be named TypeS. This can typically be\n# useful for C code in case the coding convention dictates that all compound\n# types are typedef'ed and only the typedef is referenced, never the tag name.\n# The default value is: NO.\n\nTYPEDEF_HIDES_STRUCT = NO\n\n# The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This\n# cache is used to resolve symbols given their name and scope. Since this can be\n# an expensive process and often the same symbol appears multiple times in the\n# code, doxygen keeps a cache of pre-resolved symbols. If the cache is too small\n# doxygen will become slower. If the cache is too large, memory is wasted. The\n# cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range\n# is 0..9, the default is 0, corresponding to a cache size of 2^16=65536\n# symbols. At the end of a run doxygen will report the cache usage and suggest\n# the optimal cache size from a speed point of view.\n# Minimum value: 0, maximum value: 9, default value: 0.\n\nLOOKUP_CACHE_SIZE = 0\n\n#---------------------------------------------------------------------------\n# Build related configuration options\n#---------------------------------------------------------------------------\n\n# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in\n# documentation are documented, even if no documentation was available. Private\n# class members and static file members will be hidden unless the\n# EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES.\n# Note: This will also disable the warnings about undocumented members that are\n# normally produced when WARNINGS is set to YES.\n# The default value is: NO.\n\nEXTRACT_ALL = YES\n\n# If the EXTRACT_PRIVATE tag is set to YES all private members of a class will\n# be included in the documentation.\n# The default value is: NO.\n\nEXTRACT_PRIVATE = NO\n\n# If the EXTRACT_PACKAGE tag is set to YES all members with package or internal\n# scope will be included in the documentation.\n# The default value is: NO.\n\nEXTRACT_PACKAGE = NO\n\n# If the EXTRACT_STATIC tag is set to YES all static members of a file will be\n# included in the documentation.\n# The default value is: NO.\n\nEXTRACT_STATIC = NO\n\n# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) defined\n# locally in source files will be included in the documentation. If set to NO\n# only classes defined in header files are included. Does not have any effect\n# for Java sources.\n# The default value is: YES.\n\nEXTRACT_LOCAL_CLASSES = YES\n\n# This flag is only useful for Objective-C code. When set to YES local methods,\n# which are defined in the implementation section but not in the interface are\n# included in the documentation. If set to NO only methods in the interface are\n# included.\n# The default value is: NO.\n\nEXTRACT_LOCAL_METHODS = NO\n\n# If this flag is set to YES, the members of anonymous namespaces will be\n# extracted and appear in the documentation as a namespace called\n# 'anonymous_namespace{file}', where file will be replaced with the base name of\n# the file that contains the anonymous namespace. By default anonymous namespace\n# are hidden.\n# The default value is: NO.\n\nEXTRACT_ANON_NSPACES = NO\n\n# If the HIDE_UNDOC_MEMBERS tag is set to YES, doxygen will hide all\n# undocumented members inside documented classes or files. If set to NO these\n# members will be included in the various overviews, but no documentation\n# section is generated. This option has no effect if EXTRACT_ALL is enabled.\n# The default value is: NO.\n\nHIDE_UNDOC_MEMBERS = NO\n\n# If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all\n# undocumented classes that are normally visible in the class hierarchy. If set\n# to NO these classes will be included in the various overviews. This option has\n# no effect if EXTRACT_ALL is enabled.\n# The default value is: NO.\n\nHIDE_UNDOC_CLASSES = NO\n\n# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, doxygen will hide all friend\n# (class|struct|union) declarations. If set to NO these declarations will be\n# included in the documentation.\n# The default value is: NO.\n\nHIDE_FRIEND_COMPOUNDS = NO\n\n# If the HIDE_IN_BODY_DOCS tag is set to YES, doxygen will hide any\n# documentation blocks found inside the body of a function. If set to NO these\n# blocks will be appended to the function's detailed documentation block.\n# The default value is: NO.\n\nHIDE_IN_BODY_DOCS = NO\n\n# The INTERNAL_DOCS tag determines if documentation that is typed after a\n# \\internal command is included. If the tag is set to NO then the documentation\n# will be excluded. Set it to YES to include the internal documentation.\n# The default value is: NO.\n\nINTERNAL_DOCS = NO\n\n# If the CASE_SENSE_NAMES tag is set to NO then doxygen will only generate file\n# names in lower-case letters. If set to YES upper-case letters are also\n# allowed. This is useful if you have classes or files whose names only differ\n# in case and if your file system supports case sensitive file names. Windows\n# and Mac users are advised to set this option to NO.\n# The default value is: system dependent.\n\nCASE_SENSE_NAMES = NO\n\n# If the HIDE_SCOPE_NAMES tag is set to NO then doxygen will show members with\n# their full class and namespace scopes in the documentation. If set to YES the\n# scope will be hidden.\n# The default value is: NO.\n\nHIDE_SCOPE_NAMES = NO\n\n# If the SHOW_INCLUDE_FILES tag is set to YES then doxygen will put a list of\n# the files that are included by a file in the documentation of that file.\n# The default value is: YES.\n\nSHOW_INCLUDE_FILES = YES\n\n# If the SHOW_GROUPED_MEMB_INC tag is set to YES then Doxygen will add for each\n# grouped member an include statement to the documentation, telling the reader\n# which file to include in order to use the member.\n# The default value is: NO.\n\nSHOW_GROUPED_MEMB_INC = NO\n\n# If the FORCE_LOCAL_INCLUDES tag is set to YES then doxygen will list include\n# files with double quotes in the documentation rather than with sharp brackets.\n# The default value is: NO.\n\nFORCE_LOCAL_INCLUDES = NO\n\n# If the INLINE_INFO tag is set to YES then a tag [inline] is inserted in the\n# documentation for inline members.\n# The default value is: YES.\n\nINLINE_INFO = YES\n\n# If the SORT_MEMBER_DOCS tag is set to YES then doxygen will sort the\n# (detailed) documentation of file and class members alphabetically by member\n# name. If set to NO the members will appear in declaration order.\n# The default value is: YES.\n\nSORT_MEMBER_DOCS = YES\n\n# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the brief\n# descriptions of file, namespace and class members alphabetically by member\n# name. If set to NO the members will appear in declaration order. Note that\n# this will also influence the order of the classes in the class list.\n# The default value is: NO.\n\nSORT_BRIEF_DOCS = NO\n\n# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the\n# (brief and detailed) documentation of class members so that constructors and\n# destructors are listed first. If set to NO the constructors will appear in the\n# respective orders defined by SORT_BRIEF_DOCS and SORT_MEMBER_DOCS.\n# Note: If SORT_BRIEF_DOCS is set to NO this option is ignored for sorting brief\n# member documentation.\n# Note: If SORT_MEMBER_DOCS is set to NO this option is ignored for sorting\n# detailed member documentation.\n# The default value is: NO.\n\nSORT_MEMBERS_CTORS_1ST = NO\n\n# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the hierarchy\n# of group names into alphabetical order. If set to NO the group names will\n# appear in their defined order.\n# The default value is: NO.\n\nSORT_GROUP_NAMES = NO\n\n# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be sorted by\n# fully-qualified names, including namespaces. If set to NO, the class list will\n# be sorted only by class name, not including the namespace part.\n# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.\n# Note: This option applies only to the class list, not to the alphabetical\n# list.\n# The default value is: NO.\n\nSORT_BY_SCOPE_NAME = NO\n\n# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper\n# type resolution of all parameters of a function it will reject a match between\n# the prototype and the implementation of a member function even if there is\n# only one candidate or it is obvious which candidate to choose by doing a\n# simple string match. By disabling STRICT_PROTO_MATCHING doxygen will still\n# accept a match between prototype and implementation in such cases.\n# The default value is: NO.\n\nSTRICT_PROTO_MATCHING = NO\n\n# The GENERATE_TODOLIST tag can be used to enable ( YES) or disable ( NO) the\n# todo list. This list is created by putting \\todo commands in the\n# documentation.\n# The default value is: YES.\n\nGENERATE_TODOLIST = YES\n\n# The GENERATE_TESTLIST tag can be used to enable ( YES) or disable ( NO) the\n# test list. This list is created by putting \\test commands in the\n# documentation.\n# The default value is: YES.\n\nGENERATE_TESTLIST = YES\n\n# The GENERATE_BUGLIST tag can be used to enable ( YES) or disable ( NO) the bug\n# list. This list is created by putting \\bug commands in the documentation.\n# The default value is: YES.\n\nGENERATE_BUGLIST = YES\n\n# The GENERATE_DEPRECATEDLIST tag can be used to enable ( YES) or disable ( NO)\n# the deprecated list. This list is created by putting \\deprecated commands in\n# the documentation.\n# The default value is: YES.\n\nGENERATE_DEPRECATEDLIST= YES\n\n# The ENABLED_SECTIONS tag can be used to enable conditional documentation\n# sections, marked by \\if ... \\endif and \\cond \n# ... \\endcond blocks.\n\nENABLED_SECTIONS = \n\n# The MAX_INITIALIZER_LINES tag determines the maximum number of lines that the\n# initial value of a variable or macro / define can have for it to appear in the\n# documentation. If the initializer consists of more lines than specified here\n# it will be hidden. Use a value of 0 to hide initializers completely. The\n# appearance of the value of individual variables and macros / defines can be\n# controlled using \\showinitializer or \\hideinitializer command in the\n# documentation regardless of this setting.\n# Minimum value: 0, maximum value: 10000, default value: 30.\n\nMAX_INITIALIZER_LINES = 30\n\n# Set the SHOW_USED_FILES tag to NO to disable the list of files generated at\n# the bottom of the documentation of classes and structs. If set to YES the list\n# will mention the files that were used to generate the documentation.\n# The default value is: YES.\n\nSHOW_USED_FILES = YES\n\n# Set the SHOW_FILES tag to NO to disable the generation of the Files page. This\n# will remove the Files entry from the Quick Index and from the Folder Tree View\n# (if specified).\n# The default value is: YES.\n\nSHOW_FILES = YES\n\n# Set the SHOW_NAMESPACES tag to NO to disable the generation of the Namespaces\n# page. This will remove the Namespaces entry from the Quick Index and from the\n# Folder Tree View (if specified).\n# The default value is: YES.\n\nSHOW_NAMESPACES = YES\n\n# The FILE_VERSION_FILTER tag can be used to specify a program or script that\n# doxygen should invoke to get the current version for each file (typically from\n# the version control system). Doxygen will invoke the program by executing (via\n# popen()) the command command input-file, where command is the value of the\n# FILE_VERSION_FILTER tag, and input-file is the name of an input file provided\n# by doxygen. Whatever the program writes to standard output is used as the file\n# version. For an example see the documentation.\n\nFILE_VERSION_FILTER = \n\n# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed\n# by doxygen. The layout file controls the global structure of the generated\n# output files in an output format independent way. To create the layout file\n# that represents doxygen's defaults, run doxygen with the -l option. You can\n# optionally specify a file name after the option, if omitted DoxygenLayout.xml\n# will be used as the name of the layout file.\n#\n# Note that if you run doxygen from a directory containing a file called\n# DoxygenLayout.xml, doxygen will parse it automatically even if the LAYOUT_FILE\n# tag is left empty.\n\nLAYOUT_FILE = \n\n# The CITE_BIB_FILES tag can be used to specify one or more bib files containing\n# the reference definitions. This must be a list of .bib files. The .bib\n# extension is automatically appended if omitted. This requires the bibtex tool\n# to be installed. See also http://en.wikipedia.org/wiki/BibTeX for more info.\n# For LaTeX the style of the bibliography can be controlled using\n# LATEX_BIB_STYLE. To use this feature you need bibtex and perl available in the\n# search path. See also \\cite for info how to create references.\n\nCITE_BIB_FILES = \n\n#---------------------------------------------------------------------------\n# Configuration options related to warning and progress messages\n#---------------------------------------------------------------------------\n\n# The QUIET tag can be used to turn on/off the messages that are generated to\n# standard output by doxygen. If QUIET is set to YES this implies that the\n# messages are off.\n# The default value is: NO.\n\nQUIET = NO\n\n# The WARNINGS tag can be used to turn on/off the warning messages that are\n# generated to standard error ( stderr) by doxygen. If WARNINGS is set to YES\n# this implies that the warnings are on.\n#\n# Tip: Turn warnings on while writing the documentation.\n# The default value is: YES.\n\nWARNINGS = YES\n\n# If the WARN_IF_UNDOCUMENTED tag is set to YES, then doxygen will generate\n# warnings for undocumented members. If EXTRACT_ALL is set to YES then this flag\n# will automatically be disabled.\n# The default value is: YES.\n\nWARN_IF_UNDOCUMENTED = YES\n\n# If the WARN_IF_DOC_ERROR tag is set to YES, doxygen will generate warnings for\n# potential errors in the documentation, such as not documenting some parameters\n# in a documented function, or documenting parameters that don't exist or using\n# markup commands wrongly.\n# The default value is: YES.\n\nWARN_IF_DOC_ERROR = YES\n\n# This WARN_NO_PARAMDOC option can be enabled to get warnings for functions that\n# are documented, but have no documentation for their parameters or return\n# value. If set to NO doxygen will only warn about wrong or incomplete parameter\n# documentation, but not about the absence of documentation.\n# The default value is: NO.\n\nWARN_NO_PARAMDOC = NO\n\n# The WARN_FORMAT tag determines the format of the warning messages that doxygen\n# can produce. The string should contain the $file, $line, and $text tags, which\n# will be replaced by the file and line number from which the warning originated\n# and the warning text. Optionally the format may contain $version, which will\n# be replaced by the version of the file (if it could be obtained via\n# FILE_VERSION_FILTER)\n# The default value is: $file:$line: $text.\n\nWARN_FORMAT = \"$file:$line: $text\"\n\n# The WARN_LOGFILE tag can be used to specify a file to which warning and error\n# messages should be written. If left blank the output is written to standard\n# error (stderr).\n\nWARN_LOGFILE = \n\n#---------------------------------------------------------------------------\n# Configuration options related to the input files\n#---------------------------------------------------------------------------\n\n# The INPUT tag is used to specify the files and/or directories that contain\n# documented source files. You may enter file names like myfile.cpp or\n# directories like /usr/src/myproject. Separate the files or directories with\n# spaces.\n# Note: If this tag is empty the current directory is searched.\n\nINPUT = ../headers/modsecurity/modsecurity.h ../src ../headers\n\n# This tag can be used to specify the character encoding of the source files\n# that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses\n# libiconv (or the iconv built into libc) for the transcoding. See the libiconv\n# documentation (see: http://www.gnu.org/software/libiconv) for the list of\n# possible encodings.\n# The default value is: UTF-8.\n\nINPUT_ENCODING = UTF-8\n\n# If the value of the INPUT tag contains directories, you can use the\n# FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and\n# *.h) to filter out the source-files in the directories. If left blank the\n# following patterns are tested:*.c, *.cc, *.cxx, *.cpp, *.c++, *.java, *.ii,\n# *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h, *.hh, *.hxx, *.hpp,\n# *.h++, *.cs, *.d, *.php, *.php4, *.php5, *.phtml, *.inc, *.m, *.markdown,\n# *.md, *.mm, *.dox, *.py, *.f90, *.f, *.for, *.tcl, *.vhd, *.vhdl, *.ucf,\n# *.qsf, *.as and *.js.\n\nFILE_PATTERNS = *.c \\\n *.cc \\\n *.cxx \\\n *.cpp \\\n *.c++ \\\n *.java \\\n *.ii \\\n *.ixx \\\n *.ipp \\\n *.i++ \\\n *.inl \\\n *.idl \\\n *.ddl \\\n *.odl \\\n *.h \\\n *.hh \\\n *.hxx \\\n *.hpp \\\n *.h++ \\\n *.cs \\\n *.d \\\n *.php \\\n *.php4 \\\n *.php5 \\\n *.phtml \\\n *.inc \\\n *.m \\\n *.markdown \\\n *.md \\\n *.mm \\\n *.dox \\\n *.py \\\n *.f90 \\\n *.f \\\n *.for \\\n *.tcl \\\n *.vhd \\\n *.vhdl \\\n *.ucf \\\n *.qsf \\\n *.as \\\n *.js\n\n# The RECURSIVE tag can be used to specify whether or not subdirectories should\n# be searched for input files as well.\n# The default value is: NO.\n\nRECURSIVE = YES\n\n# The EXCLUDE tag can be used to specify files and/or directories that should be\n# excluded from the INPUT source files. This way you can easily exclude a\n# subdirectory from a directory tree whose root is specified with the INPUT tag.\n#\n# Note that relative paths are relative to the directory from which doxygen is\n# run.\n\nEXCLUDE = \n\n# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or\n# directories that are symbolic links (a Unix file system feature) are excluded\n# from the input.\n# The default value is: NO.\n\nEXCLUDE_SYMLINKS = NO\n\n# If the value of the INPUT tag contains directories, you can use the\n# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude\n# certain files from those directories.\n#\n# Note that the wildcards are matched against the file with absolute path, so to\n# exclude all test directories for example use the pattern */test/*\n\nEXCLUDE_PATTERNS = \n\n# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names\n# (namespaces, classes, functions, etc.) that should be excluded from the\n# output. The symbol name can be a fully qualified name, a word, or if the\n# wildcard * is used, a substring. Examples: ANamespace, AClass,\n# AClass::ANamespace, ANamespace::*Test\n#\n# Note that the wildcards are matched against the file with absolute path, so to\n# exclude all test directories use the pattern */test/*\n\nEXCLUDE_SYMBOLS = \n\n# The EXAMPLE_PATH tag can be used to specify one or more files or directories\n# that contain example code fragments that are included (see the \\include\n# command).\n\nEXAMPLE_PATH = \n\n# If the value of the EXAMPLE_PATH tag contains directories, you can use the\n# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and\n# *.h) to filter out the source-files in the directories. If left blank all\n# files are included.\n\nEXAMPLE_PATTERNS = *\n\n# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be\n# searched for input files to be used with the \\include or \\dontinclude commands\n# irrespective of the value of the RECURSIVE tag.\n# The default value is: NO.\n\nEXAMPLE_RECURSIVE = NO\n\n# The IMAGE_PATH tag can be used to specify one or more files or directories\n# that contain images that are to be included in the documentation (see the\n# \\image command).\n\nIMAGE_PATH = \n\n# The INPUT_FILTER tag can be used to specify a program that doxygen should\n# invoke to filter for each input file. Doxygen will invoke the filter program\n# by executing (via popen()) the command:\n#\n# \n#\n# where is the value of the INPUT_FILTER tag, and is the\n# name of an input file. Doxygen will then use the output that the filter\n# program writes to standard output. If FILTER_PATTERNS is specified, this tag\n# will be ignored.\n#\n# Note that the filter must not add or remove lines; it is applied before the\n# code is scanned, but not when the output code is generated. If lines are added\n# or removed, the anchors will not be placed correctly.\n\nINPUT_FILTER = \n\n# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern\n# basis. Doxygen will compare the file name with each pattern and apply the\n# filter if there is a match. The filters are a list of the form: pattern=filter\n# (like *.cpp=my_cpp_filter). See INPUT_FILTER for further information on how\n# filters are used. If the FILTER_PATTERNS tag is empty or if none of the\n# patterns match the file name, INPUT_FILTER is applied.\n\nFILTER_PATTERNS = \n\n# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using\n# INPUT_FILTER ) will also be used to filter the input files that are used for\n# producing the source files to browse (i.e. when SOURCE_BROWSER is set to YES).\n# The default value is: NO.\n\nFILTER_SOURCE_FILES = NO\n\n# The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file\n# pattern. A pattern will override the setting for FILTER_PATTERN (if any) and\n# it is also possible to disable source filtering for a specific pattern using\n# *.ext= (so without naming a filter).\n# This tag requires that the tag FILTER_SOURCE_FILES is set to YES.\n\nFILTER_SOURCE_PATTERNS = \n\n# If the USE_MDFILE_AS_MAINPAGE tag refers to the name of a markdown file that\n# is part of the input, its contents will be placed on the main page\n# (index.html). This can be useful if you have a project on for instance GitHub\n# and want to reuse the introduction page also for the doxygen output.\n\nUSE_MDFILE_AS_MAINPAGE = \n\n#---------------------------------------------------------------------------\n# Configuration options related to source browsing\n#---------------------------------------------------------------------------\n\n# If the SOURCE_BROWSER tag is set to YES then a list of source files will be\n# generated. Documented entities will be cross-referenced with these sources.\n#\n# Note: To get rid of all source code in the generated output, make sure that\n# also VERBATIM_HEADERS is set to NO.\n# The default value is: NO.\n\nSOURCE_BROWSER = YES\n\n# Setting the INLINE_SOURCES tag to YES will include the body of functions,\n# classes and enums directly into the documentation.\n# The default value is: NO.\n\nINLINE_SOURCES = NO\n\n# Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any\n# special comment blocks from generated source code fragments. Normal C, C++ and\n# Fortran comments will always remain visible.\n# The default value is: YES.\n\nSTRIP_CODE_COMMENTS = YES\n\n# If the REFERENCED_BY_RELATION tag is set to YES then for each documented\n# function all documented functions referencing it will be listed.\n# The default value is: NO.\n\nREFERENCED_BY_RELATION = NO\n\n# If the REFERENCES_RELATION tag is set to YES then for each documented function\n# all documented entities called/used by that function will be listed.\n# The default value is: NO.\n\nREFERENCES_RELATION = NO\n\n# If the REFERENCES_LINK_SOURCE tag is set to YES and SOURCE_BROWSER tag is set\n# to YES, then the hyperlinks from functions in REFERENCES_RELATION and\n# REFERENCED_BY_RELATION lists will link to the source code. Otherwise they will\n# link to the documentation.\n# The default value is: YES.\n\nREFERENCES_LINK_SOURCE = YES\n\n# If SOURCE_TOOLTIPS is enabled (the default) then hovering a hyperlink in the\n# source code will show a tooltip with additional information such as prototype,\n# brief description and links to the definition and documentation. Since this\n# will make the HTML file larger and loading of large files a bit slower, you\n# can opt to disable this feature.\n# The default value is: YES.\n# This tag requires that the tag SOURCE_BROWSER is set to YES.\n\nSOURCE_TOOLTIPS = YES\n\n# If the USE_HTAGS tag is set to YES then the references to source code will\n# point to the HTML generated by the htags(1) tool instead of doxygen built-in\n# source browser. The htags tool is part of GNU's global source tagging system\n# (see http://www.gnu.org/software/global/global.html). You will need version\n# 4.8.6 or higher.\n#\n# To use it do the following:\n# - Install the latest version of global\n# - Enable SOURCE_BROWSER and USE_HTAGS in the config file\n# - Make sure the INPUT points to the root of the source tree\n# - Run doxygen as normal\n#\n# Doxygen will invoke htags (and that will in turn invoke gtags), so these\n# tools must be available from the command line (i.e. in the search path).\n#\n# The result: instead of the source browser generated by doxygen, the links to\n# source code will now point to the output of htags.\n# The default value is: NO.\n# This tag requires that the tag SOURCE_BROWSER is set to YES.\n\nUSE_HTAGS = NO\n\n# If the VERBATIM_HEADERS tag is set the YES then doxygen will generate a\n# verbatim copy of the header file for each class for which an include is\n# specified. Set to NO to disable this.\n# See also: Section \\class.\n# The default value is: YES.\n\nVERBATIM_HEADERS = YES\n\n# If the CLANG_ASSISTED_PARSING tag is set to YES, then doxygen will use the\n# clang parser (see: http://clang.llvm.org/) for more accurate parsing at the\n# cost of reduced performance. This can be particularly helpful with template\n# rich C++ code for which doxygen's built-in parser lacks the necessary type\n# information.\n# Note: The availability of this option depends on whether or not doxygen was\n# compiled with the --with-libclang option.\n# The default value is: NO.\n\nCLANG_ASSISTED_PARSING = NO\n\n# If clang assisted parsing is enabled you can provide the compiler with command\n# line options that you would normally use when invoking the compiler. Note that\n# the include paths will already be set by doxygen for the files and directories\n# specified with INPUT and INCLUDE_PATH.\n# This tag requires that the tag CLANG_ASSISTED_PARSING is set to YES.\n\nCLANG_OPTIONS = \n\n#---------------------------------------------------------------------------\n# Configuration options related to the alphabetical class index\n#---------------------------------------------------------------------------\n\n# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index of all\n# compounds will be generated. Enable this if the project contains a lot of\n# classes, structs, unions or interfaces.\n# The default value is: YES.\n\nALPHABETICAL_INDEX = YES\n\n# The COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns in\n# which the alphabetical index list will be split.\n# Minimum value: 1, maximum value: 20, default value: 5.\n# This tag requires that the tag ALPHABETICAL_INDEX is set to YES.\n\nCOLS_IN_ALPHA_INDEX = 5\n\n# In case all classes in a project start with a common prefix, all classes will\n# be put under the same header in the alphabetical index. The IGNORE_PREFIX tag\n# can be used to specify a prefix (or a list of prefixes) that should be ignored\n# while generating the index headers.\n# This tag requires that the tag ALPHABETICAL_INDEX is set to YES.\n\nIGNORE_PREFIX = \n\n#---------------------------------------------------------------------------\n# Configuration options related to the HTML output\n#---------------------------------------------------------------------------\n\n# If the GENERATE_HTML tag is set to YES doxygen will generate HTML output\n# The default value is: YES.\n\nGENERATE_HTML = YES\n\n# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. If a\n# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of\n# it.\n# The default directory is: html.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_OUTPUT = html\n\n# The HTML_FILE_EXTENSION tag can be used to specify the file extension for each\n# generated HTML page (for example: .htm, .php, .asp).\n# The default value is: .html.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_FILE_EXTENSION = .html\n\n# The HTML_HEADER tag can be used to specify a user-defined HTML header file for\n# each generated HTML page. If the tag is left blank doxygen will generate a\n# standard header.\n#\n# To get valid HTML the header file that includes any scripts and style sheets\n# that doxygen needs, which is dependent on the configuration options used (e.g.\n# the setting GENERATE_TREEVIEW). It is highly recommended to start with a\n# default header using\n# doxygen -w html new_header.html new_footer.html new_stylesheet.css\n# YourConfigFile\n# and then modify the file new_header.html. See also section \"Doxygen usage\"\n# for information on how to generate the default header that doxygen normally\n# uses.\n# Note: The header is subject to change so you typically have to regenerate the\n# default header when upgrading to a newer version of doxygen. For a description\n# of the possible markers and block names see the documentation.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_HEADER = \n\n# The HTML_FOOTER tag can be used to specify a user-defined HTML footer for each\n# generated HTML page. If the tag is left blank doxygen will generate a standard\n# footer. See HTML_HEADER for more information on how to generate a default\n# footer and what special commands can be used inside the footer. See also\n# section \"Doxygen usage\" for information on how to generate the default footer\n# that doxygen normally uses.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_FOOTER = \n\n# The HTML_STYLESHEET tag can be used to specify a user-defined cascading style\n# sheet that is used by each HTML page. It can be used to fine-tune the look of\n# the HTML output. If left blank doxygen will generate a default style sheet.\n# See also section \"Doxygen usage\" for information on how to generate the style\n# sheet that doxygen normally uses.\n# Note: It is recommended to use HTML_EXTRA_STYLESHEET instead of this tag, as\n# it is more robust and this tag (HTML_STYLESHEET) will in the future become\n# obsolete.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_STYLESHEET = \n\n# The HTML_EXTRA_STYLESHEET tag can be used to specify additional user-defined\n# cascading style sheets that are included after the standard style sheets\n# created by doxygen. Using this option one can overrule certain style aspects.\n# This is preferred over using HTML_STYLESHEET since it does not replace the\n# standard style sheet and is therefor more robust against future updates.\n# Doxygen will copy the style sheet files to the output directory.\n# Note: The order of the extra stylesheet files is of importance (e.g. the last\n# stylesheet in the list overrules the setting of the previous ones in the\n# list). For an example see the documentation.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_EXTRA_STYLESHEET = \n\n# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or\n# other source files which should be copied to the HTML output directory. Note\n# that these files will be copied to the base HTML output directory. Use the\n# $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these\n# files. In the HTML_STYLESHEET file, use the file name only. Also note that the\n# files will be copied as-is; there are no commands or markers available.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_EXTRA_FILES = \n\n# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen\n# will adjust the colors in the stylesheet and background images according to\n# this color. Hue is specified as an angle on a colorwheel, see\n# http://en.wikipedia.org/wiki/Hue for more information. For instance the value\n# 0 represents red, 60 is yellow, 120 is green, 180 is cyan, 240 is blue, 300\n# purple, and 360 is red again.\n# Minimum value: 0, maximum value: 359, default value: 220.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_COLORSTYLE_HUE = 220\n\n# The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of the colors\n# in the HTML output. For a value of 0 the output will use grayscales only. A\n# value of 255 will produce the most vivid colors.\n# Minimum value: 0, maximum value: 255, default value: 100.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_COLORSTYLE_SAT = 100\n\n# The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to the\n# luminance component of the colors in the HTML output. Values below 100\n# gradually make the output lighter, whereas values above 100 make the output\n# darker. The value divided by 100 is the actual gamma applied, so 80 represents\n# a gamma of 0.8, The value 220 represents a gamma of 2.2, and 100 does not\n# change the gamma.\n# Minimum value: 40, maximum value: 240, default value: 80.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_COLORSTYLE_GAMMA = 80\n\n# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML\n# page will contain the date and time when the page was generated. Setting this\n# to NO can help when comparing the output of multiple runs.\n# The default value is: YES.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_TIMESTAMP = YES\n\n# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML\n# documentation will contain sections that can be hidden and shown after the\n# page has loaded.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_DYNAMIC_SECTIONS = NO\n\n# With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries\n# shown in the various tree structured indices initially; the user can expand\n# and collapse entries dynamically later on. Doxygen will expand the tree to\n# such a level that at most the specified number of entries are visible (unless\n# a fully collapsed tree already exceeds this amount). So setting the number of\n# entries 1 will produce a full collapsed tree by default. 0 is a special value\n# representing an infinite number of entries and will result in a full expanded\n# tree by default.\n# Minimum value: 0, maximum value: 9999, default value: 100.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nHTML_INDEX_NUM_ENTRIES = 100\n\n# If the GENERATE_DOCSET tag is set to YES, additional index files will be\n# generated that can be used as input for Apple's Xcode 3 integrated development\n# environment (see: http://developer.apple.com/tools/xcode/), introduced with\n# OSX 10.5 (Leopard). To create a documentation set, doxygen will generate a\n# Makefile in the HTML output directory. Running make will produce the docset in\n# that directory and running make install will install the docset in\n# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find it at\n# startup. See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html\n# for more information.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nGENERATE_DOCSET = NO\n\n# This tag determines the name of the docset feed. A documentation feed provides\n# an umbrella under which multiple documentation sets from a single provider\n# (such as a company or product suite) can be grouped.\n# The default value is: Doxygen generated docs.\n# This tag requires that the tag GENERATE_DOCSET is set to YES.\n\nDOCSET_FEEDNAME = \"Doxygen generated docs\"\n\n# This tag specifies a string that should uniquely identify the documentation\n# set bundle. This should be a reverse domain-name style string, e.g.\n# com.mycompany.MyDocSet. Doxygen will append .docset to the name.\n# The default value is: org.doxygen.Project.\n# This tag requires that the tag GENERATE_DOCSET is set to YES.\n\nDOCSET_BUNDLE_ID = org.doxygen.Project\n\n# The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify\n# the documentation publisher. This should be a reverse domain-name style\n# string, e.g. com.mycompany.MyDocSet.documentation.\n# The default value is: org.doxygen.Publisher.\n# This tag requires that the tag GENERATE_DOCSET is set to YES.\n\nDOCSET_PUBLISHER_ID = org.doxygen.Publisher\n\n# The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher.\n# The default value is: Publisher.\n# This tag requires that the tag GENERATE_DOCSET is set to YES.\n\nDOCSET_PUBLISHER_NAME = Publisher\n\n# If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three\n# additional HTML index files: index.hhp, index.hhc, and index.hhk. The\n# index.hhp is a project file that can be read by Microsoft's HTML Help Workshop\n# (see: http://www.microsoft.com/en-us/download/details.aspx?id=21138) on\n# Windows.\n#\n# The HTML Help Workshop contains a compiler that can convert all HTML output\n# generated by doxygen into a single compiled HTML file (.chm). Compiled HTML\n# files are now used as the Windows 98 help format, and will replace the old\n# Windows help format (.hlp) on all Windows platforms in the future. Compressed\n# HTML files also contain an index, a table of contents, and you can search for\n# words in the documentation. The HTML workshop also contains a viewer for\n# compressed HTML files.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nGENERATE_HTMLHELP = NO\n\n# The CHM_FILE tag can be used to specify the file name of the resulting .chm\n# file. You can add a path in front of the file if the result should not be\n# written to the html output directory.\n# This tag requires that the tag GENERATE_HTMLHELP is set to YES.\n\nCHM_FILE = \n\n# The HHC_LOCATION tag can be used to specify the location (absolute path\n# including file name) of the HTML help compiler ( hhc.exe). If non-empty\n# doxygen will try to run the HTML help compiler on the generated index.hhp.\n# The file has to be specified with full path.\n# This tag requires that the tag GENERATE_HTMLHELP is set to YES.\n\nHHC_LOCATION = \n\n# The GENERATE_CHI flag controls if a separate .chi index file is generated (\n# YES) or that it should be included in the master .chm file ( NO).\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTMLHELP is set to YES.\n\nGENERATE_CHI = NO\n\n# The CHM_INDEX_ENCODING is used to encode HtmlHelp index ( hhk), content ( hhc)\n# and project file content.\n# This tag requires that the tag GENERATE_HTMLHELP is set to YES.\n\nCHM_INDEX_ENCODING = \n\n# The BINARY_TOC flag controls whether a binary table of contents is generated (\n# YES) or a normal table of contents ( NO) in the .chm file. Furthermore it\n# enables the Previous and Next buttons.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTMLHELP is set to YES.\n\nBINARY_TOC = NO\n\n# The TOC_EXPAND flag can be set to YES to add extra items for group members to\n# the table of contents of the HTML help documentation and to the tree view.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTMLHELP is set to YES.\n\nTOC_EXPAND = NO\n\n# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and\n# QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that\n# can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help\n# (.qch) of the generated HTML documentation.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nGENERATE_QHP = NO\n\n# If the QHG_LOCATION tag is specified, the QCH_FILE tag can be used to specify\n# the file name of the resulting .qch file. The path specified is relative to\n# the HTML output folder.\n# This tag requires that the tag GENERATE_QHP is set to YES.\n\nQCH_FILE = \n\n# The QHP_NAMESPACE tag specifies the namespace to use when generating Qt Help\n# Project output. For more information please see Qt Help Project / Namespace\n# (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#namespace).\n# The default value is: org.doxygen.Project.\n# This tag requires that the tag GENERATE_QHP is set to YES.\n\nQHP_NAMESPACE = org.doxygen.Project\n\n# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating Qt\n# Help Project output. For more information please see Qt Help Project / Virtual\n# Folders (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#virtual-\n# folders).\n# The default value is: doc.\n# This tag requires that the tag GENERATE_QHP is set to YES.\n\nQHP_VIRTUAL_FOLDER = doc\n\n# If the QHP_CUST_FILTER_NAME tag is set, it specifies the name of a custom\n# filter to add. For more information please see Qt Help Project / Custom\n# Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom-\n# filters).\n# This tag requires that the tag GENERATE_QHP is set to YES.\n\nQHP_CUST_FILTER_NAME = \n\n# The QHP_CUST_FILTER_ATTRS tag specifies the list of the attributes of the\n# custom filter to add. For more information please see Qt Help Project / Custom\n# Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom-\n# filters).\n# This tag requires that the tag GENERATE_QHP is set to YES.\n\nQHP_CUST_FILTER_ATTRS = \n\n# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this\n# project's filter section matches. Qt Help Project / Filter Attributes (see:\n# http://qt-project.org/doc/qt-4.8/qthelpproject.html#filter-attributes).\n# This tag requires that the tag GENERATE_QHP is set to YES.\n\nQHP_SECT_FILTER_ATTRS = \n\n# The QHG_LOCATION tag can be used to specify the location of Qt's\n# qhelpgenerator. If non-empty doxygen will try to run qhelpgenerator on the\n# generated .qhp file.\n# This tag requires that the tag GENERATE_QHP is set to YES.\n\nQHG_LOCATION = \n\n# If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files will be\n# generated, together with the HTML files, they form an Eclipse help plugin. To\n# install this plugin and make it available under the help contents menu in\n# Eclipse, the contents of the directory containing the HTML and XML files needs\n# to be copied into the plugins directory of eclipse. The name of the directory\n# within the plugins directory should be the same as the ECLIPSE_DOC_ID value.\n# After copying Eclipse needs to be restarted before the help appears.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nGENERATE_ECLIPSEHELP = NO\n\n# A unique identifier for the Eclipse help plugin. When installing the plugin\n# the directory name containing the HTML and XML files should also have this\n# name. Each documentation set should have its own identifier.\n# The default value is: org.doxygen.Project.\n# This tag requires that the tag GENERATE_ECLIPSEHELP is set to YES.\n\nECLIPSE_DOC_ID = org.doxygen.Project\n\n# If you want full control over the layout of the generated HTML pages it might\n# be necessary to disable the index and replace it with your own. The\n# DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) at top\n# of each HTML page. A value of NO enables the index and the value YES disables\n# it. Since the tabs in the index contain the same information as the navigation\n# tree, you can set this option to YES if you also set GENERATE_TREEVIEW to YES.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nDISABLE_INDEX = NO\n\n# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index\n# structure should be generated to display hierarchical information. If the tag\n# value is set to YES, a side panel will be generated containing a tree-like\n# index structure (just like the one that is generated for HTML Help). For this\n# to work a browser that supports JavaScript, DHTML, CSS and frames is required\n# (i.e. any modern browser). Windows users are probably better off using the\n# HTML help feature. Via custom stylesheets (see HTML_EXTRA_STYLESHEET) one can\n# further fine-tune the look of the index. As an example, the default style\n# sheet generated by doxygen has an example that shows how to put an image at\n# the root of the tree instead of the PROJECT_NAME. Since the tree basically has\n# the same information as the tab index, you could consider setting\n# DISABLE_INDEX to YES when enabling this option.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nGENERATE_TREEVIEW = YES\n\n# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values that\n# doxygen will group on one line in the generated HTML documentation.\n#\n# Note that a value of 0 will completely suppress the enum values from appearing\n# in the overview section.\n# Minimum value: 0, maximum value: 20, default value: 4.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nENUM_VALUES_PER_LINE = 4\n\n# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used\n# to set the initial width (in pixels) of the frame in which the tree is shown.\n# Minimum value: 0, maximum value: 1500, default value: 250.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nTREEVIEW_WIDTH = 250\n\n# When the EXT_LINKS_IN_WINDOW option is set to YES doxygen will open links to\n# external symbols imported via tag files in a separate window.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nEXT_LINKS_IN_WINDOW = NO\n\n# Use this tag to change the font size of LaTeX formulas included as images in\n# the HTML documentation. When you change the font size after a successful\n# doxygen run you need to manually remove any form_*.png images from the HTML\n# output directory to force them to be regenerated.\n# Minimum value: 8, maximum value: 50, default value: 10.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nFORMULA_FONTSIZE = 10\n\n# Use the FORMULA_TRANPARENT tag to determine whether or not the images\n# generated for formulas are transparent PNGs. Transparent PNGs are not\n# supported properly for IE 6.0, but are supported on all modern browsers.\n#\n# Note that when changing this option you need to delete any form_*.png files in\n# the HTML output directory before the changes have effect.\n# The default value is: YES.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nFORMULA_TRANSPARENT = YES\n\n# Enable the USE_MATHJAX option to render LaTeX formulas using MathJax (see\n# http://www.mathjax.org) which uses client side Javascript for the rendering\n# instead of using prerendered bitmaps. Use this if you do not have LaTeX\n# installed or if you want to formulas look prettier in the HTML output. When\n# enabled you may also need to install MathJax separately and configure the path\n# to it using the MATHJAX_RELPATH option.\n# The default value is: NO.\n# This tag requires that the tag GENERATE_HTML is set to YES.\n\nUSE_MATHJAX = NO\n\n# When MathJax is enabled you can set the default output format to be used for\n# the MathJax output. See the MathJax site (see:\n# http://docs.mathjax.org/en/latest/output.html) for more details.\n# Possible values are: HTML-CSS (which is slower, but has the best\n# compatibility), NativeMML (i.e. MathML) and SVG.\n# The default value is: HTML-CSS.\n# This tag requires that the tag USE_MATHJAX is set to YES.\n\nMATHJAX_FORMAT = HTML-CSS\n\n# When MathJax is enabled you need to specify the location relative to the HTML\n# output directory using the MATHJAX_RELPATH option. The destination directory\n# should contain the MathJax.js script. For instance, if the mathjax directory\n# is located at the same level as the HTML output directory, then\n# MATHJAX_RELPATH should be ../mathjax. The default value points to the MathJax\n# Content Delivery Network so you can quickly see the result without installing\n# MathJax. However, it is strongly recommended to install a local copy of\n# MathJax from http://www.mathjax.org before deployment.\n# The default value is: http://cdn.mathjax.org/mathjax/latest.\n# This tag requires that the tag USE_MATHJAX is set to YES.\n\nMATHJAX_RELPATH = http://cdn.mathjax.org/mathjax/latest\n\n# The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax\n# extension names that should be enabled during MathJax rendering. For example\n# MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols\n# This tag requires that the tag USE_MATHJAX is set to YES.\n\nMATHJAX_EXTENSIONS = \n\n# The MATHJAX_CODEFILE tag can be used to specify a file with javascript pieces\n# of code that will be used on startup of the MathJax code. See the MathJax site\n# (see: http://docs.mathjax.org/en/latest/output.html) for more details. For an\n# example see the documentation.\n# This tag requires that the tag USE_MATHJAX is set to YES.\n\nMATHJAX_CODEFILE = \n\n# When the SEARCHENGINE tag is enabled doxygen will generate a search box for\n# the HTML output. The underlying search engine uses javascript and DHTML and\n# should work on any modern browser. Note that when using HTML help\n# (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets (GENERATE_DOCSET)\n# there is already a search function so this one should typically be disabled.\n# For large projects the javascript based search engine can be slow, then\n# enabling SERVER_BASED_SEARCH may provide a better solution. It is possible to\n# search using the keyboard; to jump to the search box use + S\n# (what the is depends on the OS and browser, but it is typically\n# , /