PowerDNS / weakforced

Anti-Abuse for servers at authentication time
GNU General Public License v3.0
124 stars 33 forks source link

[BUG] GeoIP2 is not build without legacy GeoIP lib #345

Closed slavkoja closed 3 years ago

slavkoja commented 3 years ago

Describe the bug Have GeoIP2 libraries installed is not enough to build-in its support and the legacy GeoIP library is required.

To Reproduce I use configure from debian package, where i setup:

        --with-luajit \
        --sysconfdir=/etc/wforce \
        --enable-trackalert

Which results in configure called with:

./configure --build=x86_64-linux-gnu --prefix=/usr --includedir=\${prefix}/include --mandir=\${prefix}/share/man --infodir=\${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-option-checking --disable-silent-rules --libdir=\${prefix}/lib/x86_64-linux-gnu --runstatedir=/run --disable-maintainer-mode --disable-dependency-tracking --with-luajit --sysconfdir=/etc/wforce --enable-trackalert

With installed only libmaxminddb library, the confgure script outputs:

checking for geoip... no
checking for libmaxminddb... yes

Final binary is not linked against libmaxminddb:

ldd /usr/bin/wforce | grep -iP "geoip|maxm"
<return nothing>

Of course, GeoIP2 fails even to initialize DB.

With installed both, libgeoip and libmaxminddb, the configure script outputs:

checking for geoip... yes
checking for libmaxminddb... yes

Final binary shows:

ldd /usr/bin/wforce | grep -iP "geoip|maxm"
    libGeoIP.so.1 => /lib/x86_64-linux-gnu/libGeoIP.so.1 (0x00007fb54a020000)
    libmaxminddb.so.0 => /lib/x86_64-linux-gnu/libmaxminddb.so.0 (0x00007fb54a018000)

And GeoIP2 initialize and lookup works:

Read configuration from '/etc/wforce/wforce.conf'
Opened MMDB database /usr/local/GeoLite2-Country.mmdb (type: GeoLite2-Country version: 2.0)

Expected behavior

I would expect to be able to build GeoIP2 support without needing legacy libraries.

OS (please complete the following information):

neilcook commented 3 years ago

I'd need to see more information to reproduce this. Please upload your config.log and the build output. On my Mac, the exact setup you describe above (no legacy geoip, but libmaxminddb installed) works fine:

Neils-iMac:weakforced ncook$ ldd wforce/wforce | egrep  "geoip|maxm"
    /usr/local/opt/libmaxminddb/lib/libmaxminddb.0.dylib (compatibility version 1.0.0, current version 1.7.0)

There is essentially no link between the geoip source files and libraries and the maxmind source files and libraries, so there is no reason why one would affect the other. The legacy geoip source files are compiled if HAVE_GEOIP is defined, and the library is linked if configure finds a the legacy geoip library. Similarly the maxmind source files are compiled if HAVE_MMDB is defined, and the libmaxminddb library is linked if configure finds it.

slavkoja commented 3 years ago

To be sure, do you want log when it is build without legacy GeoIP installed?

neilcook commented 3 years ago

To be sure, do you want log when it is build without legacy GeoIP installed?

yes

slavkoja commented 3 years ago

Finally i decided to attach both, as name suggests one is with and one without legacy GeoIP library installed. build_with_legacy.txt build_without_legacy.txt

neilcook commented 3 years ago

Ok, so I see no issues with the "without legacy build":

/bin/bash ../libtool  --tag=CXX   --mode=link g++  -g -O2 -ffile-prefix-map=/build/weakforced-2.4.1=. -fstack-protector-strong -Wformat -Werror=format-security  -pthread  -Wl,-z,relro -Wl,-z,now -o wforce wforce.o wforce-lua.o wforce-web.o wforce-sibling.o twmap.o twmap-wrapper.o blackwhitelist.o replication.o replication_sdb.o replication_bl.o replication_wl.o wforce-replication.o wforce-prometheus.o replication.pb.o -lreadline -lluajit-5.1 -L/build/weakforced-2.4.1/ext/yahttp/yahttp -lyahttp /build/weakforced-2.4.1/ext/ext/libext.la /build/weakforced-2.4.1/common/libweakforce.la -lsodium  -lmaxminddb -lgetdns  -lprotobuf -lsystemd -L/build/weakforced-2.4.1/ext/json11 -ljson11 -lboost_date_time -lboost_regex -lhiredis -lcurl  -lcrypto -lyaml-cpp -L/usr/lib -lprometheus-cpp-core 
libtool: link: g++ -g -O2 -ffile-prefix-map=/build/weakforced-2.4.1=. -fstack-protector-strong -Wformat -Werror=format-security -pthread -Wl,-z -Wl,relro -Wl,-z -Wl,now -o wforce wforce.o wforce-lua.o wforce-web.o wforce-sibling.o twmap.o twmap-wrapper.o blackwhitelist.o replication.o replication_sdb.o replication_bl.o replication_wl.o wforce-replication.o wforce-prometheus.o replication.pb.o  -lreadline -lluajit-5.1 -L/build/weakforced-2.4.1/ext/yahttp/yahttp /build/weakforced-2.4.1/ext/yahttp/yahttp/.libs/libyahttp.a /build/weakforced-2.4.1/ext/ext/.libs/libext.a /build/weakforced-2.4.1/common/.libs/libweakforce.a -L/build/weakforced-2.4.1/ext/json11 -lboost_filesystem -lboost_system -lsodium -lmaxminddb -lgetdns -lprotobuf -lsystemd /build/weakforced-2.4.1/ext/json11/.libs/libjson11.a -lboost_date_time -lboost_regex -lhiredis -lcurl -lcrypto -lyaml-cpp -L/usr/lib -lprometheus-cpp-core -pthread

You can see that the link line is including -lmaxminddb

So I can't see any issues per-se. Just to check - HAVE_MMDB is defined to 1 in config.h?

slavkoja commented 3 years ago

So I can't see any issues per-se

Other than it doesn't work? ;-)

Just to check - HAVE_MMDB is defined to 1 in config.h?

There is not config.h file inside sources, thus i guess that it is autogenerated by configure step. I have no access to files generated during build, as they are deleted after build (pbuilder), thus i cannot check it. But if it is missing, then i guess that here is some problem with its generation.

BTW, i am not alone with this problem, i found exactly the same problem mentioned in dovecot's ML sometime in 2019 (sorry, no link), from where i got workaround to install legacy GeoIP to get GeoIP2 to work...

neilcook commented 3 years ago

Ok, I found the issue. I will PR this tomorrow.

slavkoja commented 3 years ago

Nice, i will test it then and report result back.

slavkoja commented 3 years ago

OK, i tested patch from PR, seems to build OK now