modsecurity-docker Support to PCRE2

Support to PCRE2

Open khiemdoan opened this issue 2 years ago • 7 comments

Jun 06 '22 03:06 khiemdoan

This only adds PCRE2 support to YAJL, correct?

Jun 06 '22 06:06 theseion

@theseion no, this adds PCRE2 to libmodsecurity follows the comment https://github.com/SpiderLabs/ModSecurity/pull/2719#issuecomment-1142112481, you can try to see it already linked to pcre2:

ldd /usr/local/modsecurity/lib/libmodsecurity.so
    linux-vdso.so.1 (0x00007fff60dc6000)
    libcurl-gnutls.so.4 => /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4 (0x00007fe2e8361000)
    libGeoIP.so.1 => /usr/lib/x86_64-linux-gnu/libGeoIP.so.1 (0x00007fe2e8323000)
    libxml2.so.2 => /usr/lib/x86_64-linux-gnu/libxml2.so.2 (0x00007fe2e8175000)
    liblua5.3.so.0 => /usr/lib/x86_64-linux-gnu/liblua5.3.so.0 (0x00007fe2e813b000)
    libpcre2-8.so.0 => /usr/lib/x86_64-linux-gnu/libpcre2-8.so.0 (0x00007fe2e80a3000)
    libfuzzy.so.2 => /usr/local/lib/libfuzzy.so.2 (0x00007fe2e809c000)
    ...

Jun 06 '22 08:06 khiemdoan

Nginx 1.21.x is not stable. And I don't know if we should go for 1.22.0 yet...

Jun 06 '22 12:06 fzipi

@khiemdoan ah yes, sorry. We had a discussion on Slack about PCRE2 a couple of weeks back. I'm pretty sure that not everyone will want to switch to PCRE2, at least not immediately. So we might have to consider producing two variants for the two PCRE versions.

Jun 06 '22 13:06 theseion

@theseion I agree with you that we should have two versions for testing and comparing.

Jun 06 '22 13:06 khiemdoan

@fzipi I have tested with nginx 1.22.0, it runs without any problem. Let me make a commit.

Jun 06 '22 13:06 khiemdoan

Thanks Kiem. We are aware that we still have this one, we need more time to think how are we going to tag them.

Jun 16 '22 11:06 fzipi

modsecurity-docker modsecurity-docker copied to clipboard

Support to PCRE2

modsecurity-docker
modsecurity-docker copied to clipboard