Bug 255441 - www/nginx-full: ngx_http_modsecurity_module.so version 1018000 instead of 1020000
Summary: www/nginx-full: ngx_http_modsecurity_module.so version 1018000 instead of 102...
Status: Closed Not Accepted
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Many People
Assignee: Bartek Rutkowski
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-27 15:18 UTC by IPTRACE
Modified: 2021-11-25 23:46 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (robak)


Attachments
git patch for modsecurity3-nginx v1.0.2 (4.37 KB, patch)
2021-09-30 07:29 UTC, waitman
no flags Details | Diff
modsecurity3-nginx v1.0.2 update (4.37 KB, patch)
2021-09-30 07:34 UTC, waitman
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description IPTRACE 2021-04-27 15:18:24 UTC
I cannot run the nginx due to the following error. 
Nginx installed via packages, via ports does not work as well.

nginx: [emerg] module "/usr/local/libexec/nginx/ngx_http_modsecurity_module.so" version 1018000 instead of 1020000 in /usr/local/etc/nginx/nginx.conf:2


Name           : nginx-full
Version        : 1.20.0_6,2
Installed on   : Tue Apr 27 17:11:26 2021 CEST
Origin         : www/nginx-full
Architecture   : FreeBSD:12:amd64
Prefix         : /usr/local
Categories     : ruby java perl5 www
Licenses       : BSD2CLAUSE
Maintainer     : robak@FreeBSD.org
WWW            : https://nginx.org/
Comment        : Robust and small WWW server (full package)

Annotations    :
        FreeBSD_version: 1202000
        cpe            : cpe:2.3:a:nginx:nginx:1.20.0:::::freebsd12:x64:6
        repo_type      : binary
        repository     : FreeBSD


Name           : modsecurity3
Version        : 3.0.4_2
Installed on   : Tue Apr 27 17:11:26 2021 CEST
Origin         : security/modsecurity3
Architecture   : FreeBSD:12:amd64
Prefix         : /usr/local
Categories     : security www
Licenses       : APACHE20
Maintainer     : marius.halden@modirum.com
WWW            : https://www.modsecurity.org/
Comment        : Intrusion detection and prevention engine
Shared Libs required:
        libcurl.so.4
        libxml2.so.2
        libpcre.so.1
        libgcc_s.so.1
        libmaxminddb.so.0
        libstdc++.so.6
        libyajl.so.2
Shared Libs provided:
        libmodsecurity.so.3
Annotations    :
        FreeBSD_version: 1202000
        repo_type      : binary
 
Name           : modsecurity3-nginx
Version        : 1.0.1_1
Installed on   : Tue Apr 27 17:11:26 2021 CEST
Origin         : security/modsecurity3-nginx
Architecture   : FreeBSD:12:amd64
Prefix         : /usr/local
Categories     : security www
Licenses       : APACHE20
Maintainer     : joneum@FreeBSD.org
WWW            : https://github.com/SpiderLabs/ModSecurity-nginx
Comment        : Instruction detection and prevention engine / nginx Wrapper
Shared Libs required:
        libmodsecurity.so.3
Annotations    :
        FreeBSD_version: 1202000
        repo_type      : binary
        repository     : FreeBSD
Comment 1 waitman 2021-09-30 07:29:17 UTC
Created attachment 228277 [details]
git patch for modsecurity3-nginx v1.0.2
Comment 2 waitman 2021-09-30 07:29:44 UTC
Here's an updated port for ModSecurity-nginx 1.0.2
Changes - fix typos, change message to satisfy portlint, update to 1.0.2, use nginx version from ports (1.20.1), use clang, simplify configure (don't need to build the entire nginx source to get the module)

Needs some testing though. I'm pretty sure the clang build issues have been resolved, but i'm checking it out. 

I also have an updated ModSecurity v3.0.5 i'm submitting on a separate ticket so you might check that one out too.
Comment 3 waitman 2021-09-30 07:34:09 UTC
Created attachment 228278 [details]
modsecurity3-nginx v1.0.2 update

sp: Intrusion not Instrusion
Comment 4 Bartek Rutkowski freebsd_committer freebsd_triage 2021-11-25 23:46:57 UTC
Proposed patch is not for the nginx-full port but instead for the modsecurity3-nginx port, that is already in the version proposed in the patch, so I'm closing this PR.