[Buildroot] [git commit branch/next] package/nginx-naxsi: fix build without x_forwarded_for
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Sun Aug 15 07:23:44 UTC 2021
commit: https://git.buildroot.net/buildroot/commit/?id=1be9d2eb4ad5164d4443e9b63aeaec832bb18adc
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/next
Fix the following build failure without x_forwarded_for raised since
bump to version 1.3 in commit 3335c8d8685119ebb5b2a9a6e575f3a5337c4d90:
/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c: In function 'ngx_http_naxsi_data_parse':
/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:2846:20: error: 'ngx_http_headers_in_t' has no member named 'x_forwarded_for'
if (r->headers_in.x_forwarded_for.nelts >= 1) {
^
Fixes:
- http://autobuild.buildroot.org/results/cdbc1536f6b5de3d4c836efa2f0dcaf0cdbb1462
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
---
...axsi_runtime.c-fix-build-without-x_forwar.patch | 63 ++++++++++++++++++++++
1 file changed, 63 insertions(+)
diff --git a/package/nginx-naxsi/0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch b/package/nginx-naxsi/0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch
new file mode 100644
index 0000000000..238a01923d
--- /dev/null
+++ b/package/nginx-naxsi/0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch
@@ -0,0 +1,63 @@
+From 8ea5218b07f715e9616a846bf305633ef1b3aa2a Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice at gmail.com>
+Date: Sat, 14 Aug 2021 11:46:08 +0200
+Subject: [PATCH] naxsi_src/naxsi_runtime.c: fix build without x_forwarded_for
+
+x_forwarded_for is not available if realip, geo, geoip or proxy modules
+aren't enabled resulting in the following build failure since version
+1.1a and
+https://github.com/nbs-system/naxsi/commit/07a056ccd36bc3c5c40dc17991db226cb8cf6241:
+
+/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c: In function 'ngx_http_naxsi_data_parse':
+/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:2846:20: error: 'ngx_http_headers_in_t' has no member named 'x_forwarded_for'
+ if (r->headers_in.x_forwarded_for.nelts >= 1) {
+ ^
+
+Fixes:
+ - http://autobuild.buildroot.org/results/cdbc1536f6b5de3d4c836efa2f0dcaf0cdbb1462
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
+[Upstream status: https://github.com/nbs-system/naxsi/pull/568]
+---
+ naxsi_src/naxsi_runtime.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/naxsi_src/naxsi_runtime.c b/naxsi_src/naxsi_runtime.c
+index 28e0b29..6a723d2 100644
+--- a/naxsi_src/naxsi_runtime.c
++++ b/naxsi_src/naxsi_runtime.c
+@@ -2842,10 +2842,12 @@ ngx_http_naxsi_data_parse(ngx_http_request_ctx_t* ctx, ngx_http_request_t* r)
+ unsigned int n = 0;
+ ngx_table_elt_t** h = NULL;
+ ngx_array_t a;
++#if (NGX_HTTP_X_FORWARDED_FOR)
+ if (r->headers_in.x_forwarded_for.nelts >= 1) {
+ a = r->headers_in.x_forwarded_for;
+ n = a.nelts;
+ }
++#endif
+ if (n >= 1)
+ h = a.elts;
+ if (n >= 1) {
+@@ -2879,6 +2881,7 @@ ngx_http_naxsi_update_current_ctx_status(ngx_http_request_ctx_t* ctx,
+
+ /*cr, sc, cf, ctx*/
+ if (cf->check_rules && ctx->special_scores) {
++#if (NGX_HTTP_X_FORWARDED_FOR)
+ if (r->headers_in.x_forwarded_for.nelts >= 1) {
+ a = r->headers_in.x_forwarded_for;
+ n = a.nelts;
+@@ -2896,7 +2899,9 @@ ngx_http_naxsi_update_current_ctx_status(ngx_http_request_ctx_t* ctx,
+ memcpy(ip.data, h[0]->value.data, ip.len);
+ ignore = nx_can_ignore_ip(&ip, cf) || nx_can_ignore_cidr(&ip, cf);
+ }
+- } else {
++ } else
++#endif
++ {
+ ngx_str_t* ip = &r->connection->addr_text;
+ NX_DEBUG(_debug_whitelist_ignore,
+ NGX_LOG_DEBUG_HTTP,
+--
+2.30.2
+
More information about the buildroot
mailing list