Cannot able to install luaexpat on top of openresty-centos8

[gokulkr535]

` RUN yum -y install expat-devel

RUN yum -y install gcc

RUN /usr/local/openresty/luajit/bin/luarocks install luaexpat `

if i try to install luaexpat, i am getting folloing error .

`

[10/48] RUN /usr/local/openresty/luajit/bin/luarocks install luaexpat:

13 2.662 Installing https://luarocks.org/luaexpat-1.5.1-1.src.rock

13 4.306 src/lxplib.c:15:2: error: #error Expat 2.4 or newer is required

13 4.306 15 | #error Expat 2.4 or newer is required

13 4.306 | ^~~~~

13 4.320 src/lxplib.c: In function ‘lxp_bla_maximum_amplification’:

13 4.320 src/lxplib.c:741:9: warning: implicit declaration of function ‘XML_SetBillionLaughsAttackProtectionMaximumAmplification’ [-Wimplicit-function-declaration]

13 4.320 741 | if (! XML_SetBillionLaughsAttackProtectionMaximumAmplification(xpu->parser, luaL_checknumber(L, 2))) {

13 4.320 | ^~~~~~~~~~~~

13 4.322 src/lxplib.c: In function ‘lxp_bla_activation_threshold’:

13 4.322 src/lxplib.c:753:9: warning: implicit declaration of function ‘XML_SetBillionLaughsAttackProtectionActivationThreshold’ [-Wimplicit-function-declaration]

13 4.322 753 | if (! XML_SetBillionLaughsAttackProtectionActivationThreshold(xpu->parser, luaL_checkinteger(L, 2))) {

13 4.322 | ^~~~~~~~~~~~~~~

13 4.331

13 4.331 Error: Build error: Failed compiling object src/lxplib.o

13 4.375

13 4.375 luaexpat 1.5.1-1 depends on lua >= 5.1 (5.1-1 provided by VM)

13 4.375 gcc -O2 -fPIC -I/usr/local/openresty/luajit/include/luajit-2.1 -c src/lxplib.c -o src/lxplib.o -I/usr/include -Isrc/

`

[gokulkr535]

@neomantra Please help me to resolve the issue

[neomantra]

This is not specifically a docker-openresty issue, but I'll help you out because you said please =)
I hadn't thought about the BillionLaughs exploit in a very long time, which made me LOL (making it 1e9+1)

LuaRocks doesn't always play well with out-of-the-box with OpenResty. Also it seems that CentoOS 8 has an old Expat that doesn't work with the latest LuaExpat. Here's a Dockerfile which downloads and builds both from source.

I did not exercise it though. Let me know if it works for you and I'll add the example to the repo.

ARG OPENRESTY_VERSION="1.21.4.1-5"
FROM "openresty/openresty:${OPENRESTY_VERSION}-centos"  # I needed to add "-aarch64" to build on my ARM laptop
ARG OPENRESTY_VERSION="1.21.4.1-5"

# Install dependencies
RUN yum -y install gcc

# Download and install Expat from source
ARG EXPAT_VERSION="2.5.0"
RUN cd /tmp && \
    curl -fSL "https://github.com/libexpat/libexpat/releases/download/R_$(echo -n ${EXPAT_VERSION} | sed 's/\./_/g')/expat-${EXPAT_VERSION}.tar.gz" -o expat.tar.gz && \
    tar xzf expat.tar.gz && \
    cd expat-${EXPAT_VERSION} && \
    ./configure && \
    make && \
    make install && \
    cd /tmp && \
    rm -rf expat-${EXPAT_VERSION} expat.tar.gz

# Download and install LuaExpat module from source
ARG LUAEXPAT_VERSION="1.5.1"
RUN cd /tmp && \
    curl -fSL "https://github.com/lunarmodules/luaexpat/archive/refs/tags/${LUAEXPAT_VERSION}.tar.gz" -o luaexpat.tar.gz && \
    tar xzf luaexpat.tar.gz && \
    cd luaexpat-${LUAEXPAT_VERSION} && \
    make -e LUA_INC=-I/usr/local/openresty/luajit/include/luajit-2.1 && \
    make -e LUA_INC=-I/usr/local/openresty/luajit/include/luajit-2.1 \
         -e LUA_LDIR=/usr/local/openresty/lualib \
         -e LUA_CDIR=/usr/local/openresty/lualib \
         install && \
    cd /tmp && \
    rm -rf luaexpat-${LUAEXPAT_VERSION} luaexpat.tar.gz

[gokulkr535]

Thanks @neomantra . It worked .

One more question, do you have any plan to support openresty for almalinux base image. ?

[neomantra]

@gokulkr535 It was getting confusing with how the RedHat / CentOS ecosystem was evolving. So I wasn't sure which distros to target. It's easier to track the upstream OpenResty releases.

I only want to maintain one "built-from-source" RedHat-ish repo -- is AlmaLinux the one? Feel free make an issue pointing out if that's the one or what the best alternatives to consider are.