[Bug 263197] www/nginx-devel - does not build with mod_security anymore?
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 10 Apr 2022 16:33:25 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263197
Bug ID: 263197
Summary: www/nginx-devel - does not build with mod_security
anymore?
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: osa@FreeBSD.org
Reporter: rainer@ultra-secure.de
Flags: maintainer-feedback?(osa@FreeBSD.org)
Assignee: osa@FreeBSD.org
Hi,
I wanted to try out nginx-devel and see how far its QUIC-support has come.
# This file is auto-generated by 'make config'.
# Options for nginx-devel-1.21.6_7
_OPTIONS_READ=nginx-devel-1.21.6_7
_FILE_COMPLETE_OPTIONS_LIST=DEBUG DEBUGLOG DSO FILE_AIO IPV6 NJS THREADS WWW
PCRE_ONE PCRE_TWO GOOGLE_PERFTOOLS HTTP HTTP_ADDITION HTTP_AUTH_REQ HTTP_CACHE
HTTP_DAV HTTP_DEGRADATION HTTP_FLV HTTP_GUNZIP_FILTER HTTP_GZIP_STATIC
HTTP_IMAGE_FILTER HTTP_MP4 HTTP_PERL HTTP_RANDOM_INDEX HTTP_REALIP
HTTP_SECURE_LINK HTTP_SLICE HTTP_SSL HTTP_STATUS HTTP_SUB HTTP_XSLT HTTPV2
HTTPV3 HTTPV3_BORING HTTPV3_QTLS MAIL MAIL_IMAP MAIL_POP3 MAIL_SMTP MAIL_SSL
STREAM STREAM_REALIP STREAM_SSL STREAM_SSL_PREREAD AJP AWS_AUTH BROTLI
CACHE_PURGE CLOJURE COOKIE_FLAG CT DEVEL_KIT ARRAYVAR DRIZZLE DYNAMIC_HC
DYNAMIC_UPSTREAM ECHO ENCRYPTSESSION FORMINPUT GRIDFS HEADERS_MORE
HTTP_ACCEPT_LANGUAGE HTTP_AUTH_DIGEST HTTP_AUTH_KRB5 HTTP_AUTH_LDAP
HTTP_AUTH_PAM HTTP_DAV_EXT HTTP_EVAL HTTP_FANCYINDEX HTTP_FOOTER HTTP_GEOIP2
HTTP_IP2LOCATION HTTP_IP2PROXY HTTP_JSON_STATUS HTTP_MOGILEFS HTTP_MP4_H264
HTTP_NOTICE HTTP_PUSH HTTP_PUSH_STREAM HTTP_REDIS HTTP_RESPONSE
HTTP_SLICE_AHEAD HTTP_SUBS_FILTER HTTP_TARANTOOL HTTP_UPLOAD
HTTP_UPLOAD_PROGRESS HTTP_UPSTREAM_CHECK HTTP_UPSTREAM_FAIR
HTTP_UPSTREAM_STICKY HTTP_VIDEO_THUMBEXTRACTOR HTTP_ZIP ICONV LET LINK LUA
MEMC MODSECURITY3 NAXSI OPENTRACING PASSENGER POSTGRES RDS_CSV RDS_JSON
REDIS2 RTMP SET_MISC SFLOW SHIBBOLETH SLOWFS_CACHE SMALL_LIGHT SRCACHE VOD VTS
XSS WEBSOCKIFY
OPTIONS_FILE_UNSET+=DEBUG
OPTIONS_FILE_UNSET+=DEBUGLOG
OPTIONS_FILE_UNSET+=DSO
OPTIONS_FILE_SET+=FILE_AIO
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_UNSET+=NJS
OPTIONS_FILE_UNSET+=THREADS
OPTIONS_FILE_SET+=WWW
OPTIONS_FILE_SET+=PCRE_ONE
OPTIONS_FILE_UNSET+=PCRE_TWO
OPTIONS_FILE_UNSET+=GOOGLE_PERFTOOLS
OPTIONS_FILE_SET+=HTTP
OPTIONS_FILE_SET+=HTTP_ADDITION
OPTIONS_FILE_UNSET+=HTTP_AUTH_REQ
OPTIONS_FILE_SET+=HTTP_CACHE
OPTIONS_FILE_UNSET+=HTTP_DAV
OPTIONS_FILE_UNSET+=HTTP_DEGRADATION
OPTIONS_FILE_UNSET+=HTTP_FLV
OPTIONS_FILE_SET+=HTTP_GUNZIP_FILTER
OPTIONS_FILE_UNSET+=HTTP_GZIP_STATIC
OPTIONS_FILE_SET+=HTTP_IMAGE_FILTER
OPTIONS_FILE_UNSET+=HTTP_MP4
OPTIONS_FILE_UNSET+=HTTP_PERL
OPTIONS_FILE_UNSET+=HTTP_RANDOM_INDEX
OPTIONS_FILE_SET+=HTTP_REALIP
OPTIONS_FILE_SET+=HTTP_SECURE_LINK
OPTIONS_FILE_UNSET+=HTTP_SLICE
OPTIONS_FILE_SET+=HTTP_SSL
OPTIONS_FILE_SET+=HTTP_STATUS
OPTIONS_FILE_UNSET+=HTTP_SUB
OPTIONS_FILE_SET+=HTTP_XSLT
OPTIONS_FILE_SET+=HTTPV2
OPTIONS_FILE_SET+=HTTPV3
OPTIONS_FILE_UNSET+=HTTPV3_BORING
OPTIONS_FILE_SET+=HTTPV3_QTLS
OPTIONS_FILE_UNSET+=MAIL
OPTIONS_FILE_UNSET+=MAIL_IMAP
OPTIONS_FILE_UNSET+=MAIL_POP3
OPTIONS_FILE_UNSET+=MAIL_SMTP
OPTIONS_FILE_UNSET+=MAIL_SSL
OPTIONS_FILE_SET+=STREAM
OPTIONS_FILE_SET+=STREAM_REALIP
OPTIONS_FILE_SET+=STREAM_SSL
OPTIONS_FILE_SET+=STREAM_SSL_PREREAD
OPTIONS_FILE_UNSET+=AJP
OPTIONS_FILE_UNSET+=AWS_AUTH
OPTIONS_FILE_SET+=BROTLI
OPTIONS_FILE_SET+=CACHE_PURGE
OPTIONS_FILE_UNSET+=CLOJURE
OPTIONS_FILE_UNSET+=COOKIE_FLAG
OPTIONS_FILE_UNSET+=CT
OPTIONS_FILE_UNSET+=DEVEL_KIT
OPTIONS_FILE_UNSET+=ARRAYVAR
OPTIONS_FILE_UNSET+=DRIZZLE
OPTIONS_FILE_UNSET+=DYNAMIC_HC
OPTIONS_FILE_UNSET+=DYNAMIC_UPSTREAM
OPTIONS_FILE_UNSET+=ECHO
OPTIONS_FILE_UNSET+=ENCRYPTSESSION
OPTIONS_FILE_UNSET+=FORMINPUT
OPTIONS_FILE_UNSET+=GRIDFS
OPTIONS_FILE_SET+=HEADERS_MORE
OPTIONS_FILE_UNSET+=HTTP_ACCEPT_LANGUAGE
OPTIONS_FILE_UNSET+=HTTP_AUTH_DIGEST
OPTIONS_FILE_UNSET+=HTTP_AUTH_KRB5
OPTIONS_FILE_UNSET+=HTTP_AUTH_LDAP
OPTIONS_FILE_UNSET+=HTTP_AUTH_PAM
OPTIONS_FILE_UNSET+=HTTP_DAV_EXT
OPTIONS_FILE_UNSET+=HTTP_EVAL
OPTIONS_FILE_UNSET+=HTTP_FANCYINDEX
OPTIONS_FILE_UNSET+=HTTP_FOOTER
OPTIONS_FILE_SET+=HTTP_GEOIP2
OPTIONS_FILE_UNSET+=HTTP_IP2LOCATION
OPTIONS_FILE_UNSET+=HTTP_IP2PROXY
OPTIONS_FILE_UNSET+=HTTP_JSON_STATUS
OPTIONS_FILE_UNSET+=HTTP_MOGILEFS
OPTIONS_FILE_SET+=HTTP_MP4_H264
OPTIONS_FILE_UNSET+=HTTP_NOTICE
OPTIONS_FILE_UNSET+=HTTP_PUSH
OPTIONS_FILE_UNSET+=HTTP_PUSH_STREAM
OPTIONS_FILE_UNSET+=HTTP_REDIS
OPTIONS_FILE_UNSET+=HTTP_RESPONSE
OPTIONS_FILE_UNSET+=HTTP_SLICE_AHEAD
OPTIONS_FILE_SET+=HTTP_SUBS_FILTER
OPTIONS_FILE_UNSET+=HTTP_TARANTOOL
OPTIONS_FILE_UNSET+=HTTP_UPLOAD
OPTIONS_FILE_UNSET+=HTTP_UPLOAD_PROGRESS
OPTIONS_FILE_SET+=HTTP_UPSTREAM_CHECK
OPTIONS_FILE_SET+=HTTP_UPSTREAM_FAIR
OPTIONS_FILE_SET+=HTTP_UPSTREAM_STICKY
OPTIONS_FILE_UNSET+=HTTP_VIDEO_THUMBEXTRACTOR
OPTIONS_FILE_UNSET+=HTTP_ZIP
OPTIONS_FILE_UNSET+=ICONV
OPTIONS_FILE_UNSET+=LET
OPTIONS_FILE_UNSET+=LINK
OPTIONS_FILE_UNSET+=LUA
OPTIONS_FILE_UNSET+=MEMC
OPTIONS_FILE_SET+=MODSECURITY3
OPTIONS_FILE_UNSET+=NAXSI
OPTIONS_FILE_UNSET+=OPENTRACING
OPTIONS_FILE_UNSET+=PASSENGER
OPTIONS_FILE_UNSET+=POSTGRES
OPTIONS_FILE_UNSET+=RDS_CSV
OPTIONS_FILE_UNSET+=RDS_JSON
OPTIONS_FILE_UNSET+=REDIS2
OPTIONS_FILE_UNSET+=RTMP
OPTIONS_FILE_UNSET+=SET_MISC
OPTIONS_FILE_UNSET+=SFLOW
OPTIONS_FILE_UNSET+=SHIBBOLETH
OPTIONS_FILE_UNSET+=SLOWFS_CACHE
OPTIONS_FILE_UNSET+=SMALL_LIGHT
OPTIONS_FILE_UNSET+=SRCACHE
OPTIONS_FILE_UNSET+=VOD
OPTIONS_FILE_UNSET+=VTS
OPTIONS_FILE_UNSET+=XSS
OPTIONS_FILE_UNSET+=WEBSOCKIFY
However, it does not build:
cc -c -O2 -pipe -I/usr/local/include -fstack-protector-strong
-fno-strict-aliasing -DLARGEFILE_SOURCE -DBUILDING_NGINX
-Wno-deprecated-declarations -I src/core -I src/event -I src/event/modules
-I src/event/quic -I src/os/unix -I
/wrkdirs/usr/ports/www/nginx-devel/work/nginx_upstream_check_module-9aecf15 -I
/usr/local/include/libxml2 -I /usr/local/include -I objs -I src/http -I
src/http/modules -I src/http/v2 -I src/http/v3 -I /usr/local/include -I
/wrkdirs/usr/ports/www/nginx-devel/work/nginx_upstream_check_module-9aecf15 -I
src/stream -o objs/addon/src/ngx_http_modsecurity_module.o
/wrkdirs/usr/ports/www/nginx-devel/work/ModSecurity-nginx-1.0.2/src/ngx_http_modsecurity_module.c
/wrkdirs/usr/ports/www/nginx-devel/work/ModSecurity-nginx-1.0.2/src/ngx_http_modsecurity_module.c:78:9:
error: use of undeclared identifier 'pcre_malloc'
if (pcre_malloc != ngx_http_modsec_pcre_malloc) {
^
/wrkdirs/usr/ports/www/nginx-devel/work/ModSecurity-nginx-1.0.2/src/ngx_http_modsecurity_module.c:81:27:
error: use of undeclared identifier 'pcre_malloc'
old_pcre_malloc = pcre_malloc;
^
/wrkdirs/usr/ports/www/nginx-devel/work/ModSecurity-nginx-1.0.2/src/ngx_http_modsecurity_module.c:82:25:
error: use of undeclared identifier 'pcre_free'
old_pcre_free = pcre_free;
^
/wrkdirs/usr/ports/www/nginx-devel/work/ModSecurity-nginx-1.0.2/src/ngx_http_modsecurity_module.c:84:9:
error: use of undeclared identifier 'pcre_malloc'
pcre_malloc = ngx_http_modsec_pcre_malloc;
^
/wrkdirs/usr/ports/www/nginx-devel/work/ModSecurity-nginx-1.0.2/src/ngx_http_modsecurity_module.c:85:9:
error: use of undeclared identifier 'pcre_free'
pcre_free = ngx_http_modsec_pcre_free;
^
/wrkdirs/usr/ports/www/nginx-devel/work/ModSecurity-nginx-1.0.2/src/ngx_http_modsecurity_module.c:102:9:
error: use of undeclared identifier 'pcre_malloc'
pcre_malloc = old_pcre_malloc;
^
/wrkdirs/usr/ports/www/nginx-devel/work/ModSecurity-nginx-1.0.2/src/ngx_http_modsecurity_module.c:103:9:
error: use of undeclared identifier 'pcre_free'
pcre_free = old_pcre_free;
^
7 errors generated.
*** Error code 1
Stop.
make[2]: stopped in /wrkdirs/usr/ports/www/nginx-devel/work/nginx-1.21.6
*** Error code 1
Stop.
make[1]: stopped in /wrkdirs/usr/ports/www/nginx-devel/work/nginx-1.21.6
*** Error code 1
Stop.
make: stopped in /usr/ports/www/nginx-devel
=>> Cleaning up wrkdir
===> Cleaning for nginx-devel-1.21.6_7
(12.3-amd64, 2022Q2 ports tree).
regardless whether I use PCRE_ONE or PCRE_TWO.
Maybe it's a mod_security issue?
https://githubhot.com/repo/SpiderLabs/ModSecurity-nginx/issues/261
Also, it seems that some options like HTTP_ADDITION, HTTP_GUNZIP_FILTER and
HTTP_IMAGE_FILTER are always set in the options-file, even if I deselect them
(in make config).
Is that intentional?
--
You are receiving this mail because:
You are the assignee for the bug.