search

corazawaf / coraza-caddy

OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
https://www.coraza.io/
Apache License 2.0
355 stars 41 forks source link

Build issue with QUIC #100

Closed neosdutertre closed 1 year ago

neosdutertre commented 1 year ago

Hello, I am pretty new to the "build" stuff, Caddy and Coraza (looking for a replacement of modsecurity), so I apologize if the below question seems dumb. I encounter the below error while building Coraza:

xcaddy build --with github.com/corazawaf/coraza-caddy/v2 using go 1.21.0 on ubuntu 22.04

[go downloads]
...
2023/08/11 14:26:42 [INFO] Build environment ready
2023/08/11 14:26:42 [INFO] Building Caddy
2023/08/11 14:26:42 [INFO] exec (timeout=0s): /usr/local/go/bin/go mod tidy -e
2023/08/11 14:26:42 [INFO] exec (timeout=0s): /usr/local/go/bin/go build -o /home/neocaseadmin/caddy -ldflags -w -s -trimpath
# github.com/quic-go/quic-go/internal/handshake
/home/neocaseadmin/go/pkg/mod/github.com/quic-go/quic-go@v0.37.3/internal/handshake/crypto_setup.go:362:37: cannot use h.allow0RTT (variable of type bool) as tls.QUICSessionTicketOptions value in argument to h.conn.SendSessionTicket
2023/08/11 14:26:44 [INFO] Cleaning up temporary folder: /tmp/buildenv_2023-08-11-1426.587629017
2023/08/11 14:26:44 [FATAL] exit status 1

Any clue ?

thanks, Stephane

M4tteoP commented 1 year ago

Hi @neosdutertre, seems like that quic-go build broke between go1.21rc4 and go1.21.0, see https://github.com/quic-go/quic-go/issues/4021. So, in order to build it with Go 1.21 we need quic-go v0.37.4, but currently the indirect dependency Is github.com/quic-go/quic-go v0.37.3 // indirect

More context: https://github.com/caddyserver/caddy/pull/5719#issuecomment-1670271346

M4tteoP commented 1 year ago

It is a Caddy dependency, updated https://github.com/caddyserver/caddy/pull/5719, it is part of Caddy v2.7.4, not yet released.

You could:

neosdutertre commented 1 year ago

so that was almost dumb :-) reverted to golang 1.20 and it is building, now !

Moving forward ! Thanks a lot for your response,

M4tteoP commented 1 year ago

You are welcome! You are just ahead of time and faster than releases 😄

jcchavezs commented 1 year ago

We just cut a release https://github.com/corazawaf/coraza-caddy/releases/tag/v2.0.0-rc.3