nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

Build Fails with nginx v1.23.0 #596

Closed dlford closed 2 years ago

dlford commented 2 years ago

Environment:

Ubuntu 18.04
NGINX 1.23.0
GCC 7.5.0

Info from last successful build:

nginx version: nginx/1.22.0
built by gcc 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04)
built with OpenSSL 1.1.1  11 Sep 2018
TLS SNI support enabled
configure arguments: --conf-path=/etc/nginx/nginx.conf --add-module=../naxsi-1.3/naxsi_src/ --add-module=.././incubator-pagespeed-ngx-1.13.35.2-stable --add-module=../ngx_brotli --add-module=../nginx-http-rdns/ --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --http-proxy-temp-path=/var/lib/nginx/proxy --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --with-http_ssl_module --with-http_geoip_module --with-http_v2_module --with-stream --with-stream_realip_module --with-stream_ssl_module --without-mail_pop3_module --without-mail_smtp_module --without-mail_imap_module --without-http_uwsgi_module --without-http_scgi_module --prefix=/usr

Error in build:

cc -c -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g   -D_GLIBCXX_USE_CXX11_ABI=0 -Wno-deprecated-declarations  -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs -I src/http -I src/http/modules -I src/http/v2 -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/chromium/src -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/google-sparsehash/src/src -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/google-sparsehash/gen/arch/linux/x64/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/grpc/src/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/protobuf/src/src -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/re2/src -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/out/Release/obj/gen -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/out/Release/obj/gen/protoc_out/instaweb -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/apr/src/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/aprutil/src/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/apr/gen/arch/linux/x64/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/aprutil/gen/arch/linux/x64/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/url -I ../ngx_brotli/deps/brotli/c/include -I src/stream \
        -o objs/addon/naxsi_src/naxsi_runtime.o \
        ../naxsi-1.3/naxsi_src//naxsi_runtime.c
In file included from src/event/ngx_event.h:526:0,
                 from ../naxsi-1.3/naxsi_src//naxsi.h:18,
                 from ../naxsi-1.3/naxsi_src//naxsi_runtime.c:8:
src/event/ngx_event_udp.h:38:27: error: field ‘pkt6’ has incomplete type
     struct in6_pktinfo    pkt6;
                           ^~~~
../naxsi-1.3/naxsi_src//naxsi_runtime.c: In function ‘ngx_http_naxsi_data_parse’:
../naxsi-1.3/naxsi_src//naxsi_runtime.c:2846:36: error: ‘r->headers_in.x_forwarded_for’ is a pointer; did you mean to use ‘->’?
   if (r->headers_in.x_forwarded_for.nelts >= 1) {
                                    ^
                                    ->
../naxsi-1.3/naxsi_src//naxsi_runtime.c:2847:7: error: incompatible types when assigning to type ‘ngx_array_t {aka struct <anonymous>}’ from type ‘ngx_table_elt_t * {aka struct ngx_table_elt_s *}’
     a = r->headers_in.x_forwarded_for;
       ^
../naxsi-1.3/naxsi_src//naxsi_runtime.c: In function ‘ngx_http_naxsi_update_current_ctx_status’:
../naxsi-1.3/naxsi_src//naxsi_runtime.c:2883:38: error: ‘r->headers_in.x_forwarded_for’ is a pointer; did you mean to use ‘->’?
     if (r->headers_in.x_forwarded_for.nelts >= 1) {
                                      ^
                                      ->
../naxsi-1.3/naxsi_src//naxsi_runtime.c:2884:9: error: incompatible types when assigning to type ‘ngx_array_t {aka struct <anonymous>}’ from type ‘ngx_table_elt_t * {aka struct ngx_table_elt_s *}’
       a = r->headers_in.x_forwarded_for;
         ^
objs/Makefile:1653: recipe for target 'objs/addon/naxsi_src/naxsi_runtime.o' failed
make[1]: *** [objs/addon/naxsi_src/naxsi_runtime.o] Error 1
make[1]: Leaving directory '/usr/local/src/nginx/nginx-1.23.0'
Makefile:10: recipe for target 'build' failed
make: *** [build] Error 2
make -f objs/Makefile install
make[1]: Entering directory '/usr/local/src/nginx/nginx-1.23.0'
cc -c -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g   -D_GLIBCXX_USE_CXX11_ABI=0 -Wno-deprecated-declarations  -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs -I src/http -I src/http/modules -I src/http/v2 -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/chromium/src -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/google-sparsehash/src/src -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/google-sparsehash/gen/arch/linux/x64/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/grpc/src/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/protobuf/src/src -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/re2/src -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/out/Release/obj/gen -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/out/Release/obj/gen/protoc_out/instaweb -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/apr/src/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/aprutil/src/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/apr/gen/arch/linux/x64/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/third_party/aprutil/gen/arch/linux/x64/include -I .././incubator-pagespeed-ngx-1.13.35.2-stable/psol/include/url -I ../ngx_brotli/deps/brotli/c/include -I src/stream \
        -o objs/addon/naxsi_src/naxsi_runtime.o \
        ../naxsi-1.3/naxsi_src//naxsi_runtime.c
In file included from src/event/ngx_event.h:526:0,
                 from ../naxsi-1.3/naxsi_src//naxsi.h:18,
                 from ../naxsi-1.3/naxsi_src//naxsi_runtime.c:8:
src/event/ngx_event_udp.h:38:27: error: field ‘pkt6’ has incomplete type
     struct in6_pktinfo    pkt6;
                           ^~~~
../naxsi-1.3/naxsi_src//naxsi_runtime.c: In function ‘ngx_http_naxsi_data_parse’:
../naxsi-1.3/naxsi_src//naxsi_runtime.c:2846:36: error: ‘r->headers_in.x_forwarded_for’ is a pointer; did you mean to use ‘->’?
   if (r->headers_in.x_forwarded_for.nelts >= 1) {
                                    ^
                                    ->
../naxsi-1.3/naxsi_src//naxsi_runtime.c:2847:7: error: incompatible types when assigning to type ‘ngx_array_t {aka struct <anonymous>}’ from type ‘ngx_table_elt_t * {aka struct ngx_table_elt_s *}’
     a = r->headers_in.x_forwarded_for;
       ^
../naxsi-1.3/naxsi_src//naxsi_runtime.c: In function ‘ngx_http_naxsi_update_current_ctx_status’:
../naxsi-1.3/naxsi_src//naxsi_runtime.c:2883:38: error: ‘r->headers_in.x_forwarded_for’ is a pointer; did you mean to use ‘->’?
     if (r->headers_in.x_forwarded_for.nelts >= 1) {
                                      ^
                                      ->
../naxsi-1.3/naxsi_src//naxsi_runtime.c:2884:9: error: incompatible types when assigning to type ‘ngx_array_t {aka struct <anonymous>}’ from type ‘ngx_table_elt_t * {aka struct ngx_table_elt_s *}’
       a = r->headers_in.x_forwarded_for;
         ^
objs/Makefile:1653: recipe for target 'objs/addon/naxsi_src/naxsi_runtime.o' failed
make[1]: *** [objs/addon/naxsi_src/naxsi_runtime.o] Error 1
wargio commented 2 years ago

looks like many definitions are not available anymore

eilandert commented 2 years ago

looks like many definitions are not available anymore

They are available, however:

Changes with nginx 1.23.0 21 Jun 2022

*) Change in internal API: now header lines are represented as linked
   lists.

It requires a fix like https://github.com/openresty/headers-more-nginx-module/pull/136/commits/00e95cb7ae0cad571a47640de0259ef18189aef8

benoit-scnd commented 2 years ago

Same issue here. nginx version: nginx/1.22.0

benoit-scnd commented 2 years ago
objs/ngx_modules.o \
-Wl,-z,relro -Wl,-z,now -fPIC -ldl -lpthread -lpthread -lcrypt -lpcre2-8 -lssl -lcrypto -ldl -lpthread -lz \
-Wl,-E
cc -c -fPIC -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -g -O2 -ffile-prefix-map=/build/nginx-1.22.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2 -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs -I src/http -I src/http/modules -I src/http/v2 \
        -o objs/addon/naxsi_src/naxsi_runtime.o \
        ../naxsi-1.3/naxsi_src//naxsi_runtime.c
../naxsi-1.3/naxsi_src//naxsi_runtime.c: In function ‘ngx_http_process_basic_rule_buffer’:
../naxsi-1.3/naxsi_src//naxsi_runtime.c:205:61: error: invalid use of incomplete typedef ‘ngx_regex_t’ {aka ‘struct pcre2_real_code_8’}
  205 |       (tmp_idx < len && (match = pcre_exec(rl->br->rx->regex->code,
      |                                                             ^~
../naxsi-1.3/naxsi_src//naxsi_runtime.c: In function ‘ngx_http_naxsi_pcre_wrapper’:
../naxsi-1.3/naxsi_src//naxsi_runtime.c:500:30: error: invalid use of incomplete typedef ‘ngx_regex_t’ {aka ‘struct pcre2_real_code_8’}
  500 |   match = pcre_exec(rx->regex->code, 0, (const char*)str, len, 0, 0, captures, 1);
      |                              ^~
make[1]: *** [objs/Makefile:1461: objs/addon/naxsi_src/naxsi_runtime.o] Error 1
make[1]: Leaving directory '/tmp/tmp.qsuwWV9da0/nginx-1.22.0'
make: *** [Makefile:10: build] Error 2
make -f objs/Makefile install
make[1]: Entering directory '/tmp/tmp.qsuwWV9da0/nginx-1.22.0'
cc -c -fPIC -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -g -O2 -ffile-prefix-map=/build/nginx-1.22.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2 -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs -I src/http -I src/http/modules -I src/http/v2 \
        -o objs/addon/naxsi_src/naxsi_runtime.o \
        ../naxsi-1.3/naxsi_src//naxsi_runtime.c
../naxsi-1.3/naxsi_src//naxsi_runtime.c: In function ‘ngx_http_process_basic_rule_buffer’:
../naxsi-1.3/naxsi_src//naxsi_runtime.c:205:61: error: invalid use of incomplete typedef ‘ngx_regex_t’ {aka ‘struct pcre2_real_code_8’}
  205 |       (tmp_idx < len && (match = pcre_exec(rl->br->rx->regex->code,
      |                                                             ^~
../naxsi-1.3/naxsi_src//naxsi_runtime.c: In function ‘ngx_http_naxsi_pcre_wrapper’:
../naxsi-1.3/naxsi_src//naxsi_runtime.c:500:30: error: invalid use of incomplete typedef ‘ngx_regex_t’ {aka ‘struct pcre2_real_code_8’}
  500 |   match = pcre_exec(rx->regex->code, 0, (const char*)str, len, 0, 0, captures, 1);
      |                              ^~
make[1]: *** [objs/Makefile:1461: objs/addon/naxsi_src/naxsi_runtime.o] Error 1
make[1]: Leaving directory '/tmp/tmp.qsuwWV9da0/nginx-1.22.0'
make: *** [Makefile:13: install] Error 2
Yan-Gzc commented 2 years ago

The same error is reported. Is there a solution?

wargio commented 2 years ago

closing since this issue has been fixed here: https://github.com/wargio/naxsi/commit/9e06c5f53b2e393e40e9df7746a7b8bc4c2abfa4

dlford commented 1 year ago

@wargio is the fix going to make it into nbs-system/naxsi? Or is your repo upstream now? Pardon my confusion.

wargio commented 1 year ago

no. this is an abandoned repository. mine is going to be the upstream.