Update third-party modsecurity module from 2.8.0 to 2.9.0.

<ChangeLog>

12 Feb 2015 - 2.9.0
-------------------

 * Fix apr_crypto.h include, now checking if apr_crypto.h is available by
   checking the definition WITH_APU_CRYPTO.
   [martinjina and ModSecurity team]

15 Dez 2014 - 2.9.0-RC2
-----------------------

 * OpenSSL dependency was removed on MS Windows builds. ModSecurity is now using
   the Windows certificate storage.
   [Gregg Smith, Steffen and ModSecurity team]
 * Informs about external resources loaded/failed while reloading Apache.
   [ModSecurity team]
 * Adds missing 'ModSecurity:' prefix in some warnings messages.
   [Walter Hop and ModSecurity team]
 * Refactoring external resources download warn messages. Holding the message
   to be displayed when Apache is ready to write on the error_log.
   [ModSecurity team]
 * Remote resources loading process is now failing in case of HTTP error.
   [Walter Hop and ModSecurity team]
 * Fixed start up crash on Apache with mod_ssl configured. Crash was happening
   during the download of remote resources.
   [Christian Folini, Walter Hop and ModSecurity team]
 * Curl is not a mandatory dependency to ModSecurity core anymore.
   [Rainer Jung and ModSecurity team]

18 Nov 2014 - 2.9.0-RC1
-----------------------

 * `pmFromFile' and `ipMatchFromFile' operators are now accepting HTTPS served
    files as parameter.
 * `SecRemoteRules' directive - allows you to specify a HTTPS served file that
    may contain rules in the SecRule format to be loaded into your ModSecurity
    instance.
 * `SecRemoteRulesFailAction' directive - allows you to control whenever the
    user wants to Abort or just Warn when there is a problem while downloading
    rules specified with the directive: `SecRemoteRules'.
 * `fuzzyHash' operator - allows to match contents using fuzzy hashes.
 * `FILES_TMP_CONTENT' collection - make available the content of uploaded
    files.
 * InsecureNoCheckCert - option to validate or not a chain of SSL certificates
   on mlogc connections.
 * ModSecurityIIS: ModSecurity event ID was changed from 0 to 0x1.
   [Issue #676 - Kris Kater and ModSecurity team]
 * Fixed signature on "status call": ModSecurity is now using the original
   server signature.
   [Issues #702 - Linas and ModSecurity team]
 * YAJL version is printed while ModSecurity initialization.
   [Issue #703 - Steffen (Apache Lounge) and Mauro Faccenda]
 * Fixed subnet representation using slash notation on the @ipMatch operator.
   [Issue #706 - Walter Hop and ModSecurity team]
 * Limited the length of a status call.
   [Issue #714 - 'cpanelkurt' and ModSecurity team]
 * Added the missing -P option to nginx regression tests.
   [Issue #720 - Paul Yang]
 * Fixed automake scripts to do not use features which will be deprecated in
   the upcoming releases of automake.
   [Issue #760 - ModSecurity team]
 * apr-utils's LDFALGS is now considered while building ModSecurity.
   [Issue #782 - Daniel J. Luke]
 * IIS installer is not considering IIS 6 as compatible anymore.
   [Issue #790 - ModSecurity team]
 * Fixed yajl build script: now looking for the correct header file.
   [Issue #804 - 'rpfilomeno' and ModSecurity team]
 * mlgoc is now forced to use TLS 1.x.
   [Issue #806 - Josh Amishav-Zlatin and ModSecurity team]

</ChangeLog>

3 files changed, 5 insertions, 5 deletions

diff --git a/www/nginx/Makefile b/www/nginx/Makefile
index e7befa66ad29..ff8361a045e7 100644
--- a/www/nginx/Makefile
+++ b/www/nginx/Makefile
@@ -625,7 +625,7 @@ CONFIGURE_ARGS+=--add-module=${WRKDIR}/openresty-memc-nginx-module-${GIT_MEMC_VE
 .endif
 
 .if ${PORT_OPTIONS:MMODSECURITY}
-NGINX_MODSECURITY_VERSION=	2.8.0
+NGINX_MODSECURITY_VERSION=	2.9.0
 LIB_DEPENDS+=	libpcre.so:${PORTSDIR}/devel/pcre \
 		libapr-1.so:${PORTSDIR}/devel/apr1 \
 		libcurl.so:${PORTSDIR}/ftp/curl \
diff --git a/www/nginx/distinfo b/www/nginx/distinfo
index 1fc98cf0eb66..dcf55f200ffb 100644
--- a/www/nginx/distinfo
+++ b/www/nginx/distinfo
@@ -70,8 +70,8 @@ SHA256 (openresty-lua-nginx-module-v0.9.4-0-g6169a19.tar.gz) = 4d869650d03a76d28
 SIZE (openresty-lua-nginx-module-v0.9.4-0-g6169a19.tar.gz) = 470182
 SHA256 (openresty-memc-nginx-module-v0.14-0-gde4cf86.tar.gz) = b60fed5921a0c19c6ffe71e5c764193283dbe635bb3bad6febd6655f94a633e9
 SIZE (openresty-memc-nginx-module-v0.14-0-gde4cf86.tar.gz) = 37756
-SHA256 (modsecurity-2.8.0.tar.gz) = 5cbbc7fc993d39106b653213753d25c4ec21771eee17b01b69122ccf3f73460e
-SIZE (modsecurity-2.8.0.tar.gz) = 3940357
+SHA256 (modsecurity-2.9.0.tar.gz) = e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434
+SIZE (modsecurity-2.9.0.tar.gz) = 4246467
 SHA256 (naxsi-core-0.50.tgz) = 7cece5f9d9c5df9e09af1e1023bc8e04bbbbe953e67461b893b8240e82ca52ef
 SIZE (naxsi-core-0.50.tgz) = 49809
 SHA256 (passenger-4.0.59.tar.gz) = 8b4756564a5133dc97425883d15d1ba1c9f6566c79e92794dc3e1f5b749238ae
diff --git a/www/nginx/files/extra-patch-nginx-modsecurity-configure b/www/nginx/files/extra-patch-nginx-modsecurity-configure
index 92e5aac2e6da..ffbc3eb36687 100644
--- a/www/nginx/files/extra-patch-nginx-modsecurity-configure
+++ b/www/nginx/files/extra-patch-nginx-modsecurity-configure
@@ -1,5 +1,5 @@
---- ../modsecurity-2.8.0/configure.orig	2014-04-15 16:44:15.000000000 +0400
-+++ ../modsecurity-2.8.0/configure	2014-08-10 21:24:00.000000000 +0400
+--- ../modsecurity-2.9.0/configure.orig	2014-04-15 16:44:15.000000000 +0400
++++ ../modsecurity-2.9.0/configure	2014-08-10 21:24:00.000000000 +0400
 @@ -14664,7 +14664,7 @@
    no) :
      test_paths= ;; #(