search

owasp-modsecurity / ModSecurity

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
https://www.modsecurity.org
Apache License 2.0
8.23k stars 1.61k forks source link

2.9.0: --with-ssdeep doesn't compile correctly when libfuzzy is in a non-standard location #871

Closed skurtn closed 9 years ago

skurtn commented 9 years ago

When compiling ModSecurity 2.9.0, I get the following error:

libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/opt/xml2/include/libxml2 -I/usr/local/apache/include -I/usr/local/apache/include -I/usr/local/apache/include -I/opt/curlssl/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/opt/xml2/include/libxml2 -DWITH_LUA -I/opt/lua//include -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -DREQUEST_EARLY -DWITH_APU_CRYPTO -DWITH_REMOTE_RULES -I/opt/pcre/include -DWITH_SSDEEP -I/opt/ssdeep -g -O2 -I/usr/local/apache/include -MT mod_security2_la-re_operators.lo -MD -MP -MF .deps/mod_security2_la-re_operators.Tpo -c re_operators.c  -fPIC -DPIC -o .libs/mod_security2_la-re_operators.o
re_operators.c:35:19: error: fuzzy.h: No such file or directory
re_operators.c: In function 'msre_op_fuzzy_hash_execute':
re_operators.c:3910: error: 'FUZZY_MAX_RESULT' undeclared (first use in this function)
re_operators.c:3910: error: (Each undeclared identifier is reported only once
re_operators.c:3910: error: for each function it appears in.)
make[2]: *** [mod_security2_la-re_operators.lo] Error 1

Solution:

Steps to re-produce:

./configure --prefix=/opt/ssdeep && make && make install
$ find /opt/ssdeep/
/opt/ssdeep/
/opt/ssdeep/share
/opt/ssdeep/share/man
/opt/ssdeep/share/man/man1
/opt/ssdeep/share/man/man1/ssdeep.1
/opt/ssdeep/bin
/opt/ssdeep/bin/ssdeep
/opt/ssdeep/include
/opt/ssdeep/include/edit_dist.h
/opt/ssdeep/include/fuzzy.h
/opt/ssdeep/lib
/opt/ssdeep/lib/libfuzzy.a
/opt/ssdeep/lib/libfuzzy.so.2
/opt/ssdeep/lib/libfuzzy.so.2.0.0
/opt/ssdeep/lib/libfuzzy.so
/opt/ssdeep/lib/libfuzzy.la
./configure --with-apr=/usr/local/apache/ --with-apu=/usr/local/apache/bin/apu-1-config --with-apxs=/usr/local/apache/bin/apxs --with-curl=/opt/curlssl/ --with-libxml=/opt/xml2/ --with-lua=/opt/lua/ --with-pcre=/opt/pcre --with-ssdeep=/opt/ssdeep && make && make install
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/opt/xml2/include/libxml2 -I/usr/local/apache/include -I/usr/local/apache/include -I/usr/local/apache/include -I/opt/curlssl/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/opt/xml2/include/libxml2 -DWITH_LUA -I/opt/lua//include -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -DREQUEST_EARLY -DWITH_APU_CRYPTO -DWITH_REMOTE_RULES -I/opt/pcre/include -DWITH_SSDEEP -I/opt/ssdeep -g -O2 -I/usr/local/apache/include -MT mod_security2_la-re_operators.lo -MD -MP -MF .deps/mod_security2_la-re_operators.Tpo -c re_operators.c  -fPIC -DPIC -o .libs/mod_security2_la-re_operators.o
re_operators.c:35:19: error: fuzzy.h: No such file or directory
re_operators.c: In function 'msre_op_fuzzy_hash_execute':
re_operators.c:3910: error: 'FUZZY_MAX_RESULT' undeclared (first use in this function)
re_operators.c:3910: error: (Each undeclared identifier is reported only once
re_operators.c:3910: error: for each function it appears in.)
make[2]: *** [mod_security2_la-re_operators.lo] Error 1
zimmerle commented 9 years ago

Hi @cpanelkurt, thank you for the detailed report && patch. The patch is now on our Buildbots:

zimmerle commented 9 years ago

Merged into our mainline. Thanks.