Senior Web Producer
ModSecurity has always required Lua 5.1.x. Perhaps this version is
finding 5.0 by mistake instead of ignoring it? The --without-lua
configure option should help you. I'll look at adding a version check
to the next release.
On Fri, Sep 25, 2009 at 12:16 PM, Mike Duncan <Mike.Duncan@noaa.gov> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> A heads up...I think that this version requires lua 5.1.4 (possibly a
> little less version tho). I have RHEL 5.4 with lua 5.0.2 from DAG
> installed currently and 2.5.9 seems fine. However, 2.5.10's make fails...
> /usr/lib64/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic
> - -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
> - -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic
> - -fno-strict-aliasing -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread
> - -I/usr/include/httpd -I/usr/include/apr-1 -I/usr/include/apr-1 -O2
> - -g -Wall -I/usr/include/httpd -I/usr/include/httpd -I.
> - -I/usr/include/apr-1 -I/usr/kerberos/include -I/usr/include/libxml2
> - -I/usr/include -DWITH_LUA -c -o msc_lua.lo msc_lua.c && touch msc_lua.slo
> msc_lua.c: In function 'lua_compile':
> msc_lua.c:96: warning: implicit declaration of function 'luaL_openlibs'
> msc_lua.c: In function 'resolve_tfns':
> msc_lua.c:159: warning: implicit declaration of function 'lua_objlen'
> msc_lua.c: At top level:
> msc_lua.c:338: error: array type has incomplete element type
> msc_lua.c: In function 'lua_execute':
> msc_lua.c:378: warning: implicit declaration of function 'luaL_register'
> apxs:Error: Command failed with rc=65536
> make: *** [mod_security2.la] Error 1
> On another RHEL 5.4 with lua 5.1.4 (devel as well) installed everything
> compiles fine. You can download lua binary packages from here:
> Let me know if I am wrong on the versioning or msising something. I
> guess DAG has not updated this package in some time.
> Mike Duncan
> ISSO, Application Security Specialist
> Government Contractor with STG, Inc.
> NOAA :: National Climatic Data Center
> Brian Rectanus wrote:
>> ModSecurity 2.5.10 has been released and is now available.
>> This release fixes a number of small issues. Notable issues that have
>> been fixed are a cleaner build process, fixes to mlogc to build on
>> Windows and allow more reliable SSL neg. to the console, less verbose
>> logging when using anomaly scoring with CRS v2.x and a feature to
>> allow easier use with Apache mpm-itk.
>> Downloads and docs from modsecurity.org as usual.
>> 18 Sep 2009 - 2.5.10
>> * Cleanup mlogc so that it builds on Windows.
>> * Added more detailed messages to replace "Unknown error" in filters.
>> * Added SecAuditLogDirMode and SecAuditLogFileMode to allow fine tuning
>> auditlog permissions (especially with mpm-itk).
>> * Cleanup SecUploadFileMode implementation.
>> * Cleanup build scripts.
>> * Fixed crash on configuration if SecMarker is used before any rules.
>> * Fixed SecRuleUpdateActionById so that it will work on chain starters.
>> * Cleanup build system for mlogc.
>> * Allow mlogc to periodically flush memory pools.
>> * Using nolog,auditlog will now log the "Message:" line to the auditlog, but
>> nothing to the error log. Prior versions dropped the "Message:" line from
>> both logs. To do this now, just use "nolog" or "nolog,noauditlog".
>> * Forced mlogc to use SSLv3 to avoid some potential auto negotiation
>> issues with some libcurl versions.
>> * Fixed mlogc issue seen on big endian machines where content type
>> could be listed as zero.
>> * Removed extra newline from audit log message line when logging XML errors.
>> This was causing problems parsing audit logs.
>> * Fixed @pm/@pmFromFile case insensitivity.
>> * Truncate long parameters in log message for "Match of ... against ...
>> required" messages.
>> * Correctly resolve chained rule actions in logs.
>> * Cleanup some code for portability.
>> * AIX does not support hidden visibility with xlc compiler.
>> * Allow specifying EXTRA_CFLAGS during configure to override gcc specific
>> values for non-gcc compilers.
>> * Populate GEO:COUNTRY_NAME and GEO:COUNTRY_CONTINENT as documented.
>> * Handle a newer geo database more gracefully, avoiding a potential crash for
>> new countries that ModSecurity is not yet aware.
>> * Allow checking &GEO "@eq 0" for a failed @geoLookup.
>> * Fixed mlogc global mutex locking issue and added more debugging output.
>> * Cleaned up build dependencies and configure options.
>> Come build with us! The BlackBerry® Developer Conference in SF, CA
>> is the only developer event you need to attend this year. Jumpstart your
>> developing skills, take BlackBerry mobile applications to market and stay
>> ahead of the curve. Join us from November 9-12, 2009. Register now!
>> mod-security-users mailing list
>> Commercial ModSecurity Appliances, Rule Sets and Support:
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> -----END PGP SIGNATURE-----
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
mod-security-users mailing list
Commercial ModSecurity Appliances, Rule Sets and Support: