OLS Won't Build From Source Since 2 Weeks Ago...Build Libraries Changed? about openlitespeed HOT 12 CLOSED

Not sure, there is no OLS change required for ModSecurity 3.0.10 update. You can try build.sh .

from openlitespeed.

@litespeedtech has anyone actually tried to build OLS 1.7.17 in the last 2 weeks, since ModSecurity 3.0.10 came out? I am using build.sh to compile the source. Basically I changed nothing with my build setup and after running another build, 2 weeks ag, in order to ensure the underlying OS was updated with all security fixes, the build failed. As I dug into 2hat changes had occurred I found that ModSecurity had a new release at the time the failure started happening.

from openlitespeed.

Some further information, the build is dying at this point:

g++: error: /build/openlitespeed-1.7.17/src/modules/modsecurity-ls/ModSecurity/src/.libs/libmodsecurity.a: No such file or directory

Basically July 10th I ran a successful build. I kicked off a build on July 26th, without making any updates to the entire Docker image build process, and it started failing when building OLS.

from openlitespeed.

OK, so I looked at the July 26th build again and actually before the ModSecurity related error I'm seeing this:

cp: cannot stat 'build/src/openlitespeed': No such file or directory

Right before that it was at the point of:

#13 2224.8 [  8%] Linking CXX static library libedio.a
#13 2224.9 [  8%] Built target edio
#13 2224.9 make: *** [Makefile:149: all] Error 2

This build failure on the 26th is here: https://github.com/ndigitals/ols-dockerfiles/actions/runs/5675619821/job/15464329713

The successful build on the 10th is here: https://github.com/ndigitals/ols-dockerfiles/actions/runs/5514901335/job/14930673116

from openlitespeed.

OK, so looking through those 2 builds starting at the OLS build stage, and getting to the first visible signs of failures, it appears like some issue starting with building boringssl.

#13 1839.5 # command-line-arguments
#13 1839.5 util/embed_test_data.go:81:16: undefined: os.ReadFile
#13 1839.5 util/embed_test_data.go:132:16: undefined: os.ReadFile
#13 1839.5 note: module requires Go 1.19
#13 1839.6 make[2]: *** [CMakeFiles/crypto_test_data.dir/build.make:312: crypto_test_data.cc] Error 2
#13 1839.6 make[2]: *** Deleting file 'crypto_test_data.cc'
#13 1839.6 make[1]: *** [CMakeFiles/Makefile2:611: CMakeFiles/crypto_test_data.dir/all] Error 2
#13 1839.6 make[1]: *** Waiting for unfinished jobs....

There have been a lot of changes in BoringSSL over the past few weeks(https://boringssl.googlesource.com/boringssl/+log) so I'm curious how that library is being included in the project and these recent changes are what's breaking builds.

from openlitespeed.

there are compiling errors for dependencies.

#13 2126.8 /usr/bin/ld: ../lib/.libs/libcurl.a(libcurl_la-sha256.o): in function `my_sha256_init':
#13 2126.8 sha256.c:(.text+0x10): undefined reference to `EVP_MD_CTX_create'
#13 2126.8 /usr/bin/ld: ../lib/.libs/libcurl.a(libcurl_la-sha256.o): in function `my_sha256_final':
#13 2126.8 sha256.c:(.text+0x8c): undefined reference to `EVP_MD_CTX_destroy'
#13 2126.8 /usr/bin/ld: ../lib/.libs/libcurl.a(libcurl_la-sha256.o): in function `Curl_sha256it':
#13 2126.8 sha256.c:(.text+0xac): undefined reference to `EVP_MD_CTX_create'
#13 2126.8 /usr/bin/ld: sha256.c:(.text+0xf8): undefined reference to `EVP_MD_CTX_destroy'
#13 2126.8 /usr/bin/ld: ../lib/.libs/libcurl.a(libcurl_la-openssl.o): in function `pubkey_show':
#13 2126.9 openssl.c:(.text+0x1b4): undefined reference to `BIO_get_mem_data'
#13 2126.9 /usr/bin/ld: openssl.c:(.text+0x1d4): undefined reference to `BIO_reset'
#13 2126.9 /usr/bin/ld: ../lib/.libs/libcurl.a(libcurl_la-openssl.o): in function `ossl_sha256sum':

#13 2216.2 checking for libcurl config script... no
#13 2216.2 configure: *** curl library not found.
#13 2216.2 configure: error: Curl was explicitly referenced but it was not found
#13 2216.3 make: *** No targets specified and no makefile found.  Stop.
#13 2216.3 cp: cannot stat 'src/.libs/libmodsecurity.a': No such file or directory

To fix it, you need to update the third-party project to the latest.

from openlitespeed.

@litespeedtech interesting as it seems the normal build.sh script that I've been running from the source download has been pulling the third party repo sources.

from openlitespeed.

That being said I've tried to switch to using the latest 1.7.18 sources which also won't perform a successful build.

from openlitespeed.

should have been addressed.

from openlitespeed.

I ended up having no choice but to no longer build the releases from source and instead I'm now installing the arm64 binary packages of OLS. This did cause me to be unable to maintain older versions of the OLS image with patched PHP, which is not great, but I haven't received any reports of issues at this point.

from openlitespeed.

Yeah, it is not an easy task to compile all those third-party libraries. Especially, boringSSL. :-)

from openlitespeed.

Over the past week, I've been trying to compile version 1.8.0 of OLS on Ubuntu 20. Eventually, I discovered that the compilation issues were due to BoringSSL's requirement for a newer version of Go. The default Go version on Ubuntu 20 is only 1.13, while BoringSSL requires Go 1.17 or higher. Below are the steps I took to successfully install it:

First, I installed some dependencies for OLS.
sudo apt-get install build-essential libexpat1-dev libgeoip-dev libpcre3-dev zlib1g-dev libssl-dev libxml2-dev rcs libpng-dev
sudo apt-get install php php-common php-curl php-mysql php-opcache php-imap php-opcache

Next, I updated the Go source and installed the latest version of Go.
sudo add-apt-repository ppa:longsleep/golang-backports
sudo apt upgrade
sudo apt install golang-go

If you are in China, you will also need to change the Go proxy.
Add the following statement to the ~/.profile and /etc/profile files
export GOPROXY="https://goproxy.io“
export GO111MOUDLE="on"
then update the ~/.profile and /etc/profile files.
source ~/.profile
source /etc/profile

Finally, I ran ./build.sh and ./install.sh, which installed OLS successfully.

from openlitespeed.