From 1be9d2eb4ad5164d4443e9b63aeaec832bb18adc Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sat, 14 Aug 2021 12:43:17 +0200 Subject: [PATCH] package/nginx-naxsi: fix build without x_forwarded_for Fix the following build failure without x_forwarded_for raised since bump to version 1.3 in commit 3335c8d8685119ebb5b2a9a6e575f3a5337c4d90: /home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c: In function 'ngx_http_naxsi_data_parse': /home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:2846:20: error: 'ngx_http_headers_in_t' has no member named 'x_forwarded_for' if (r->headers_in.x_forwarded_for.nelts >= 1) { ^ Fixes: - http://autobuild.buildroot.org/results/cdbc1536f6b5de3d4c836efa2f0dcaf0cdbb1462 Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni --- ...runtime.c-fix-build-without-x_forwar.patch | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 package/nginx-naxsi/0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch diff --git a/package/nginx-naxsi/0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch b/package/nginx-naxsi/0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch new file mode 100644 index 0000000000..238a01923d --- /dev/null +++ b/package/nginx-naxsi/0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch @@ -0,0 +1,63 @@ +From 8ea5218b07f715e9616a846bf305633ef1b3aa2a Mon Sep 17 00:00:00 2001 +From: Fabrice Fontaine +Date: Sat, 14 Aug 2021 11:46:08 +0200 +Subject: [PATCH] naxsi_src/naxsi_runtime.c: fix build without x_forwarded_for + +x_forwarded_for is not available if realip, geo, geoip or proxy modules +aren't enabled resulting in the following build failure since version +1.1a and +https://github.com/nbs-system/naxsi/commit/07a056ccd36bc3c5c40dc17991db226cb8cf6241: + +/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c: In function 'ngx_http_naxsi_data_parse': +/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:2846:20: error: 'ngx_http_headers_in_t' has no member named 'x_forwarded_for' + if (r->headers_in.x_forwarded_for.nelts >= 1) { + ^ + +Fixes: + - http://autobuild.buildroot.org/results/cdbc1536f6b5de3d4c836efa2f0dcaf0cdbb1462 + +Signed-off-by: Fabrice Fontaine +[Upstream status: https://github.com/nbs-system/naxsi/pull/568] +--- + naxsi_src/naxsi_runtime.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/naxsi_src/naxsi_runtime.c b/naxsi_src/naxsi_runtime.c +index 28e0b29..6a723d2 100644 +--- a/naxsi_src/naxsi_runtime.c ++++ b/naxsi_src/naxsi_runtime.c +@@ -2842,10 +2842,12 @@ ngx_http_naxsi_data_parse(ngx_http_request_ctx_t* ctx, ngx_http_request_t* r) + unsigned int n = 0; + ngx_table_elt_t** h = NULL; + ngx_array_t a; ++#if (NGX_HTTP_X_FORWARDED_FOR) + if (r->headers_in.x_forwarded_for.nelts >= 1) { + a = r->headers_in.x_forwarded_for; + n = a.nelts; + } ++#endif + if (n >= 1) + h = a.elts; + if (n >= 1) { +@@ -2879,6 +2881,7 @@ ngx_http_naxsi_update_current_ctx_status(ngx_http_request_ctx_t* ctx, + + /*cr, sc, cf, ctx*/ + if (cf->check_rules && ctx->special_scores) { ++#if (NGX_HTTP_X_FORWARDED_FOR) + if (r->headers_in.x_forwarded_for.nelts >= 1) { + a = r->headers_in.x_forwarded_for; + n = a.nelts; +@@ -2896,7 +2899,9 @@ ngx_http_naxsi_update_current_ctx_status(ngx_http_request_ctx_t* ctx, + memcpy(ip.data, h[0]->value.data, ip.len); + ignore = nx_can_ignore_ip(&ip, cf) || nx_can_ignore_cidr(&ip, cf); + } +- } else { ++ } else ++#endif ++ { + ngx_str_t* ip = &r->connection->addr_text; + NX_DEBUG(_debug_whitelist_ignore, + NGX_LOG_DEBUG_HTTP, +-- +2.30.2 + -- 2.30.2