1From 8ea5218b07f715e9616a846bf305633ef1b3aa2a Mon Sep 17 00:00:00 2001 2From: Fabrice Fontaine <fontaine.fabrice@gmail.com> 3Date: Sat, 14 Aug 2021 11:46:08 +0200 4Subject: [PATCH] naxsi_src/naxsi_runtime.c: fix build without x_forwarded_for 5 6x_forwarded_for is not available if realip, geo, geoip or proxy modules 7aren't enabled resulting in the following build failure since version 81.1a and 9https://github.com/nbs-system/naxsi/commit/07a056ccd36bc3c5c40dc17991db226cb8cf6241: 10 11/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c: In function 'ngx_http_naxsi_data_parse': 12/home/buildroot/autobuild/instance-3/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:2846:20: error: 'ngx_http_headers_in_t' has no member named 'x_forwarded_for' 13 if (r->headers_in.x_forwarded_for.nelts >= 1) { 14 ^ 15 16Fixes: 17 - http://autobuild.buildroot.org/results/cdbc1536f6b5de3d4c836efa2f0dcaf0cdbb1462 18 19Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> 20[Upstream status: https://github.com/nbs-system/naxsi/pull/568] 21--- 22 naxsi_src/naxsi_runtime.c | 7 ++++++- 23 1 file changed, 6 insertions(+), 1 deletion(-) 24 25diff --git a/naxsi_src/naxsi_runtime.c b/naxsi_src/naxsi_runtime.c 26index 28e0b29..6a723d2 100644 27--- a/naxsi_src/naxsi_runtime.c 28+++ b/naxsi_src/naxsi_runtime.c 29@@ -2842,10 +2842,12 @@ ngx_http_naxsi_data_parse(ngx_http_request_ctx_t* ctx, ngx_http_request_t* r) 30 unsigned int n = 0; 31 ngx_table_elt_t** h = NULL; 32 ngx_array_t a; 33+#if (NGX_HTTP_X_FORWARDED_FOR) 34 if (r->headers_in.x_forwarded_for.nelts >= 1) { 35 a = r->headers_in.x_forwarded_for; 36 n = a.nelts; 37 } 38+#endif 39 if (n >= 1) 40 h = a.elts; 41 if (n >= 1) { 42@@ -2879,6 +2881,7 @@ ngx_http_naxsi_update_current_ctx_status(ngx_http_request_ctx_t* ctx, 43 44 /*cr, sc, cf, ctx*/ 45 if (cf->check_rules && ctx->special_scores) { 46+#if (NGX_HTTP_X_FORWARDED_FOR) 47 if (r->headers_in.x_forwarded_for.nelts >= 1) { 48 a = r->headers_in.x_forwarded_for; 49 n = a.nelts; 50@@ -2896,7 +2899,9 @@ ngx_http_naxsi_update_current_ctx_status(ngx_http_request_ctx_t* ctx, 51 memcpy(ip.data, h[0]->value.data, ip.len); 52 ignore = nx_can_ignore_ip(&ip, cf) || nx_can_ignore_cidr(&ip, cf); 53 } 54- } else { 55+ } else 56+#endif 57+ { 58 ngx_str_t* ip = &r->connection->addr_text; 59 NX_DEBUG(_debug_whitelist_ignore, 60 NGX_LOG_DEBUG_HTTP, 61-- 622.30.2 63 64