Skip to content

Latest commit

 

History

History
99 lines (60 loc) · 2.25 KB

modsecurity2wasm.md

File metadata and controls

99 lines (60 loc) · 2.25 KB

Build ModSecurity WASM Library

This article will guide you to build your own ModSecurity WASM library using Emscripten toolchain.

Pre-requirements

Install Emscripten

You can refer to the following steps to install the latest Emscripten.

# Get the emsdk repo
git clone https://github.com/emscripten-core/emsdk.git

# Enter that directory
cd emsdk

# Fetch the latest version of the emsdk (not needed the first time you clone)
git pull

# Download and install the SDK tools (version used by envoy).
./emsdk install 2.0.7

# Make the "latest" SDK "active" for the current user. (writes .emscripten file)
./emsdk activate 2.0.7

# Activate PATH and other environment variables in the current terminal
source ./emsdk_env.sh

wasi-sdk setup

  • Download

    wget https://github.com/WebAssembly/wasi-sdk/releases/download/wasi-sdk-12/wasi-sdk-12.0-linux.tar.gz
  • Export it to /opt/wasi-sdk

  • Configure

    export WASI_SDK_PATH="/opt/wasi-sdk"

Build PCRE WASM library

# Get the pcre library source code
git clone https://github.com/maxfierke/libpcre.git -b mf-wasm32-wasi-cross-compile

cd libpcre
# This should compile successfully and place the compiled .a static library in targets/wasm32-wasi
Run ./build_for_crystal.sh. 

# Copy the wams library to target directory
cp targets/wasm32-wasi/*.a /usr/local/pcre

Configure and build ModSecurity

# This is version for WASM ModSecurity
git clone https://github.com/leyao-daily/ModSecurity.git

cd ModSecurity
# Build the configuration script
./build.sh

# Download the submodule
git submodule init
git submodule update

# Configure ModSecurity with core functions
emconfigure ./configure --without-yajl --without-geoip --without-libxml --without-curl --without-lua --disable-shared --disable-examples --disable-libtool-lock --disable-debug-logs  --disable-mutex-on-pm --without-lmdb --without-maxmind --without-ssdeep --with-pcre=./pcre-config

# Build the library
emmake make -j <num_cpus>

# Install the library
emmake make install

Build your own wasm application

emcc test.cc -L/usr/local/modsecurity/lib/ -lmodsecurity -L/usr/local/pcre/ -lpcre -o test.wasm -I/usr/local/modsecurity/include/