Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement
|
From: Christian F. <chr...@ne...> - 2016-03-03 20:09:58
|
Robert, So you mean I need to read the logfiles before submitting? You are right on target. I installed libyajl-dev and both problems solved: - compilation against apache 2.4.17 works - Audit-Log Format JSON works Making yajl a mandatory item in configure seems like the way to go then. Cheers, Christian On Thu, Mar 03, 2016 at 06:54:13AM -0800, Robert Paprocki wrote: > So here's the culprint: > > checking for yajl install... no > configure: optional yajl library not found > > Christian, do you have anything odd about the system where this is running? > Perhaps try re-installing the libyajl-dev package? Here's what it should > provide on Trusty (running on my laptop): > poprocks@soter:~$ dpkg -L libyajl-dev > /. > /usr > /usr/share > /usr/share/doc > /usr/share/doc/libyajl-dev > /usr/share/doc/libyajl-dev/copyright > /usr/lib > /usr/lib/x86_64-linux-gnu > /usr/lib/x86_64-linux-gnu/libyajl_s.a > /usr/lib/x86_64-linux-gnu/pkgconfig > /usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc > /usr/include > /usr/include/yajl > /usr/include/yajl/yajl_tree.h > /usr/include/yajl/yajl_version.h > /usr/include/yajl/yajl_parse.h > /usr/include/yajl/yajl_gen.h > /usr/include/yajl/yajl_common.h > /usr/share/doc/libyajl-dev/README > /usr/share/doc/libyajl-dev/TODO > /usr/share/doc/libyajl-dev/changelog.Debian.gz > /usr/lib/x86_64-linux-gnu/libyajl.so > > ModSec config should be relying on the > '/usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc' > package config file to make it's detection I believe. Does that exist for > you? > > > On Wed, Mar 2, 2016 at 9:23 PM, Christian Folini < > chr...@ne...> wrote: > > > Unfortunately, the build problem against apache 2.4.17 did not go away > > either: > > > > The OS Release: > > Ubuntu 14.04.4 LTS \n \l > > > > Apache build: > > Server version: Apache/2.4.18 (Unix) > > Server built: Mar 3 2016 05:25:21 > > > > $> ./configure --prefix=/opt/apache-2.4.18 \ > > --with-apr=/usr/local/apr/bin/apr-1-config \ > > --with-apr-util=/usr/local/apr/bin/apu-1-config \ > > --enable-mpms-shared=event \ > > --enable-mods-shared=all \ > > --enable-nonportable-atomics=yes > > ... > > > > ModSec Configure: > > $> ./configure --with-apxs=/apache/bin/apxs./configure \ > > --with-apxs=/apache/bin/apxs \ > > --with-apr=/usr/local/apr/bin/apr-1-config \ > > --with-pcre=/usr/bin/pcre-config \ > > --enable-request-early > > checking for a BSD-compatible install... /usr/bin/install -c > > checking whether build environment is sane... yes > > checking for a thread-safe mkdir -p... /bin/mkdir -p > > checking for gawk... gawk > > checking whether make sets $(MAKE)... yes > > checking whether make supports nested variables... yes > > checking for style of include used by make... GNU > > checking for gcc... gcc > > checking whether the C compiler works... yes > > checking for C compiler default output file name... a.out > > checking for suffix of executables... > > checking whether we are cross compiling... no > > checking for suffix of object files... o > > checking whether we are using the GNU C compiler... yes > > checking whether gcc accepts -g... yes > > checking for gcc option to accept ISO C89... none needed > > checking whether gcc understands -c and -o together... yes > > checking dependency style of gcc... gcc3 > > checking for ar... ar > > checking the archiver (ar) interface... ar > > checking build system type... x86_64-unknown-linux-gnu > > checking host system type... x86_64-unknown-linux-gnu > > checking how to print strings... printf > > checking for a sed that does not truncate output... /bin/sed > > checking for grep that handles long lines and -e... /bin/grep > > checking for egrep... /bin/grep -E > > checking for fgrep... /bin/grep -F > > checking for ld used by gcc... /usr/bin/ld > > checking if the linker (/usr/bin/ld) is GNU ld... yes > > checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B > > checking the name lister (/usr/bin/nm -B) interface... BSD nm > > checking whether ln -s works... yes > > checking the maximum length of command line arguments... 1572864 > > checking whether the shell understands some XSI constructs... yes > > checking whether the shell understands "+="... yes > > checking how to convert x86_64-unknown-linux-gnu file names to > > x86_64-unknown-linux-gnu format... func_convert_file_noop > > checking how to convert x86_64-unknown-linux-gnu file names to toolchain > > format... func_convert_file_noop > > checking for /usr/bin/ld option to reload object files... -r > > checking for objdump... objdump > > checking how to recognize dependent libraries... pass_all > > checking for dlltool... no > > checking how to associate runtime and link libraries... printf %s\n > > checking for archiver @FILE support... @ > > checking for strip... strip > > checking for ranlib... ranlib > > checking command to parse /usr/bin/nm -B output from gcc object... ok > > checking for sysroot... no > > checking for mt... mt > > checking if mt is a manifest tool... no > > checking how to run the C preprocessor... gcc -E > > checking for ANSI C header files... yes > > checking for sys/types.h... yes > > checking for sys/stat.h... yes > > checking for stdlib.h... yes > > checking for string.h... yes > > checking for memory.h... yes > > checking for strings.h... yes > > checking for inttypes.h... yes > > checking for stdint.h... yes > > checking for unistd.h... yes > > checking for dlfcn.h... yes > > checking for objdir... .libs > > checking if gcc supports -fno-rtti -fno-exceptions... no > > checking for gcc option to produce PIC... -fPIC -DPIC > > checking if gcc PIC flag -fPIC -DPIC works... yes > > checking if gcc static flag -static works... yes > > checking if gcc supports -c -o file.o... yes > > checking if gcc supports -c -o file.o... (cached) yes > > checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports > > shared libraries... yes > > checking whether -lc should be explicitly linked in... no > > checking dynamic linker characteristics... GNU/Linux ld.so > > checking how to hardcode library paths into programs... immediate > > checking for shl_load... no > > checking for shl_load in -ldld... no > > checking for dlopen... no > > checking for dlopen in -ldl... yes > > checking whether a program can dlopen itself... yes > > checking whether a statically linked program can dlopen itself... no > > checking whether stripping libraries is possible... yes > > checking if libtool supports shared libraries... yes > > checking whether to build shared libraries... yes > > checking whether to build static libraries... yes > > checking for gawk... (cached) gawk > > checking for gcc... (cached) gcc > > checking whether we are using the GNU C compiler... (cached) yes > > checking whether gcc accepts -g... (cached) yes > > checking for gcc option to accept ISO C89... (cached) none needed > > checking whether gcc understands -c and -o together... (cached) yes > > checking dependency style of gcc... (cached) gcc3 > > checking how to run the C preprocessor... gcc -E > > checking whether ln -s works... yes > > checking whether make sets $(MAKE)... (cached) yes > > checking for grep that handles long lines and -e... (cached) /bin/grep > > checking for perl... /usr/bin/perl > > checking for env... /usr/bin/env > > checking for ANSI C header files... (cached) yes > > checking fcntl.h usability... yes > > checking fcntl.h presence... yes > > checking for fcntl.h... yes > > checking limits.h usability... yes > > checking limits.h presence... yes > > checking for limits.h... yes > > checking for stdlib.h... (cached) yes > > checking for string.h... (cached) yes > > checking for unistd.h... (cached) yes > > checking for sys/types.h... (cached) yes > > checking for sys/stat.h... (cached) yes > > checking sys/utsname.h usability... yes > > checking sys/utsname.h presence... yes > > checking for sys/utsname.h... yes > > checking for an ANSI C-conforming const... yes > > checking for inline... inline > > checking for C/C++ restrict keyword... __restrict > > checking for pid_t... yes > > checking for size_t... yes > > checking whether struct tm is in sys/time.h or time.h... time.h > > checking for uint8_t... yes > > checking for stdlib.h... (cached) yes > > checking for GNU libc compatible malloc... yes > > checking for working memcmp... yes > > checking for atexit... yes > > checking for getcwd... yes > > checking for memmove... yes > > checking for memset... yes > > checking for strcasecmp... yes > > checking for strchr... yes > > checking for strdup... yes > > checking for strerror... yes > > checking for strncasecmp... yes > > checking for strrchr... yes > > checking for strstr... yes > > checking for strtol... yes > > checking for fchmod... yes > > checking for strcasestr... yes > > Checking platform... Identified as Linux > > checking for libcurl config script... /usr/bin/curl-config > > checking if libcurl is at least v... yes, 7.35.0 > > checking if libcurl is linked with gnutls... no > > configure: using curl v7.35.0 > > configure: looking for Apache module support via DSO through APXS > > configure: found apxs at /opt/apache-2.4.17/bin/apxs > > configure: checking httpd version > > configure: httpd is recent enough > > checking for libpcre config script... /usr/bin/pcre-config > > configure: using pcre v8.31 > > checking for libapr config script... /usr/local/apr/bin/apr-1-config > > configure: using apr v1.5.2 > > checking for libapu config script... /usr/local/apr/bin/apu-1-config > > configure: using apu v1.5.4 > > checking for libxml2 config script... /usr/bin/xml2-config > > checking if libxml2 is at least v2.6.29... yes, 2.9.1 > > configure: using libxml2 v2.9.1 > > checking for pkg-config... /usr/bin/pkg-config > > checking pkg-config is at least version 0.9.0... yes > > checking for liblua config script... /usr/bin/pkg-config > > configure: using lua v5.2.0 > > checking for libyajl config script... no > > checking for yajl install... no > > configure: optional yajl library not found > > checking for ssdeep path... no > > configure: optional ssdeep library not found > > checking that generated files are newer than configure... done > > configure: creating ./config.status > > config.status: creating Makefile > > config.status: creating tools/Makefile > > config.status: creating apache2/Makefile > > config.status: creating build/apxs-wrapper > > config.status: creating mlogc/mlogc-batch-load.pl > > config.status: creating tests/regression/misc/40-secRemoteRules.t > > config.status: creating tests/regression/misc/50-ipmatchfromfile-external.t > > config.status: creating tests/regression/misc/60-pmfromfile-external.t > > config.status: creating tests/run-unit-tests.pl > > config.status: creating tests/run-regression-tests.pl > > config.status: creating tests/gen_rx-pm.pl > > config.status: creating tests/csv_rx-pm.pl > > config.status: creating tests/regression/server_root/conf/httpd.conf > > config.status: creating tools/rules-updater.pl > > config.status: creating mlogc/Makefile > > config.status: creating tests/Makefile > > config.status: creating apache2/modsecurity_config_auto.h > > config.status: apache2/modsecurity_config_auto.h is unchanged > > config.status: executing depfiles commands > > config.status: executing libtool commands > > > > > > Make: > > $> make > > Making all in tools > > make[1]: Entering directory > > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools' > > make[1]: Nothing to be done for `all'. > > make[1]: Leaving directory > > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools' > > Making all in apache2 > > make[1]: Entering directory > > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2' > > make all-am > > make[2]: Entering directory > > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2' > > /bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. > > -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2 > > -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1 > > -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL > > -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY > > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 > > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 > > -I/usr/local/apr//include/apr-1 -MT mod_security2_la-acmp.lo -MD -MP -MF > > .deps/mod_security2_la-acmp.Tpo -c -o mod_security2_la-acmp.lo `test -f > > 'acmp.c' || echo './'`acmp.c > > libtool: compile: gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT > > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1 > > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include > > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 > > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY > > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 > > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1 > > -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c > > acmp.c -fPIC -DPIC -o .libs/mod_security2_la-acmp.o > > libtool: compile: gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT > > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1 > > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include > > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 > > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY > > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 > > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1 > > -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c > > acmp.c -o mod_security2_la-acmp.o >/dev/null 2>&1 > > mv -f .deps/mod_security2_la-acmp.Tpo .deps/mod_security2_la-acmp.Plo > > /bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. > > -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2 > > -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1 > > -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL > > -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY > > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 > > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 > > -I/usr/local/apr//include/apr-1 -MT mod_security2_la-apache2_config.lo -MD > > -MP -MF .deps/mod_security2_la-apache2_config.Tpo -c -o > > mod_security2_la-apache2_config.lo `test -f 'apache2_config.c' || echo > > './'`apache2_config.c > > libtool: compile: gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT > > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1 > > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include > > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 > > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY > > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 > > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1 > > -MT mod_security2_la-apache2_config.lo -MD -MP -MF > > .deps/mod_security2_la-apache2_config.Tpo -c apache2_config.c -fPIC -DPIC > > -o .libs/mod_security2_la-apache2_config.o > > In file included from /opt/apache-2.4.17/include/apr_network_io.h:26:0, > > from /opt/apache-2.4.17/include/apr_buckets.h:29, > > from /opt/apache-2.4.17/include/util_filter.h:26, > > from /opt/apache-2.4.17/include/http_core.h:32, > > from apache2.h:18, > > from re.h:42, > > from msc_util.h:29, > > from modsecurity.h:40, > > from apache2_config.c:17: > > /opt/apache-2.4.17/include/apr_file_io.h:612:46: error: unknown type name > > 'apr_wait_type_t' > > apr_wait_type_t direction); > > ^ > > In file included from /opt/apache-2.4.17/include/apr_buckets.h:29:0, > > from /opt/apache-2.4.17/include/util_filter.h:26, > > from /opt/apache-2.4.17/include/http_core.h:32, > > from apache2.h:18, > > from re.h:42, > > from msc_util.h:29, > > from modsecurity.h:40, > > from apache2_config.c:17: > > /opt/apache-2.4.17/include/apr_network_io.h:650:43: error: unknown type > > name 'apr_wait_type_t' > > apr_wait_type_t direction); > > ^ > > make[2]: *** [mod_security2_la-apache2_config.lo] Error 1 > > make[2]: Leaving directory > > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2' > > make[1]: *** [all] Error 2 > > make[1]: Leaving directory > > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2' > > make: *** [all-recursive] Error 1 > > > > > > > > Sorry for the bad news.... > > > > Ahoj, > > > > Christian > > > > > > > > -- > > I think IT projects are about supporting social systems - about > > communications between people and machines. They tend to fail due to > > cultural issues. > > -- Tim Berners-Lee > > > > > > ------------------------------------------------------------------------------ > > Site24x7 APM Insight: Get Deep Visibility into Application Performance > > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > > Monitor end-to-end web transactions and take corrective actions now > > Troubleshoot faster and improve end-user experience. Signup Now! > > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > > _______________________________________________ > > mod-security-developers mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > > ModSecurity Services from Trustwave's SpiderLabs: > > https://www.trustwave.com/spiderLabs.php > > > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php -- mailto:chr...@ne... http://www.christian-folini.ch twitter: @ChrFolini |
