# nginx 1.4.1 on 9.1-REL refuse to build



## NuLL3rr0r (Jun 14, 2013)

Hi there,

I'm trying to build www/nginx (1.4.1) which always fails regardless of any compiler (4.2.1, 4.6.4, 4.8.1) that I've tried.

Any help will be appreciated.


```
cc -c -O2 -pipe -march=native -DNO_IDEA -fno-strict-aliasing -I /usr/local/include -I src/core  -I src/event  -I src/event/modules  -I src/os/unix  -I objs -I src/http  -I src/http/modules  -o objs/src/http/ngx_http_request.o  src/http/ngx_http_request.c
src/http/ngx_http_request.c: In function 'ngx_http_set_virtual_server':
src/http/ngx_http_request.c:1992: error: 'ngx_http_ssl_srv_conf_t' undeclared (first use in this function)
src/http/ngx_http_request.c:1992: error: (Each undeclared identifier is reported only once
src/http/ngx_http_request.c:1992: error: for each function it appears in.)
src/http/ngx_http_request.c:1992: error: 'sscf' undeclared (first use in this function)
src/http/ngx_http_request.c:1999: error: 'ngx_http_ssl_module' undeclared (first use in this function)
*** [objs/src/http/ngx_http_request.o] Error code 1

Stop in /usr/ports/www/nginx/work/nginx-1.4.1.
*** [build] Error code 1

Stop in /usr/ports/www/nginx/work/nginx-1.4.1.
*** [do-build] Error code 1

Stop in /usr/ports/www/nginx.
*** [install] Error code 1

Stop in /usr/ports/www/nginx.
```


----------



## SirDice (Jun 14, 2013)

It builds just fine here with the default compiler. Is there anything in /etc/make.conf that might interfere?


----------



## jozze (Jun 14, 2013)

It builds with clang too, and even with additional CPU optimization flags (-mssse3, -msse4.1).

I used script(1)() to record the compilation process, found the exactly same line you're showing in your report, and there is no mention of the NO_IDEA flag (which you have). As @SirDice suggested, maybe you have set some options in your /etc/make.conf that you shouldn't have.

It may also be, that there is a problem with the port, and that one of the config options is the one behind this. You can try `# make -C /usr/ports/www/nginx rmconfig` and retry.

If this doesn't help, try to build the port along with all the dependencies (using ports-mgmt/portupgrade or ports-mgmt/portmaster), and also, make sure your ports-tree is up to date (`# portsnap fetch update` or `# svn up /usr/ports` -- whichever you prefer).

EDIT:
I did some research of what this NO_IDEA is (`# grep IDEA /usr/ports/Mk/*`). It's mentioned in file /usr/ports/Mk/bsd.openssl.mk. The file is only read if you have USE_OPENSSL=yes enabled in your /etc/make.conf, and the flag is connected to license issues. It might be that this is interfering with your installation, as some of the crucial files might be omitted during the installation.

So disable the USE_OPENSSL flag, and rebuild openssl, which has two possible origins: the world or ports. If `# whereis openssl` points your sources to /usr/src/secure/usr.bin/openssl, then you'll have to rebuild your world, or perhaps just `# make -C /usr/src/secure/usr.bin/openssl install`.


----------



## NuLL3rr0r (Jun 16, 2013)

@SirDice, @jozze,

Thank you for the suggestions.

Actually I don't have anything special in make.conf it's just distcc (which I disabled) and some if/endifs for using gcc48 (which I disabled too).

But as you suggested I made a backup of the Nginx ports configuration and did the `make rmconfig`. Then, I rebuilt the port and it worked. After that I tried different configurations and found out it is related to the mail_ssl module. If you enable mail_ssl, the port fails to build. Indeed this is a bug, because in older 1.2.x versions it worked perfectly.

Unfortunately I don't know where to report the bug?


----------



## jozze (Jun 17, 2013)

You can report bugs here.

OK, now that's weird. I enabled MAIL_SSL option, but it still builds fine. Before building, it outputs this configuration summary for me:

```
...
checking for sha1 in system md library ... found
checking for zlib library ... found
creating objs/Makefile

Configuration summary
  + using system PCRE library
  + OpenSSL library is not used
  + md5: using system md library
  + sha1: using system md library
  + using system zlib library

  nginx path prefix: "/usr/local/etc/nginx"
  nginx binary file: "/usr/local/sbin/nginx"
  nginx configuration prefix: "/usr/local/etc/nginx"
  nginx configuration file: "/usr/local/etc/nginx/nginx.conf"
  nginx pid file: "/var/run/nginx.pid"
  nginx error log file: "/var/log/nginx-error.log"
  nginx http access log file: "/var/log/nginx-access.log"
  nginx http client request body temporary files: "/var/tmp/nginx/client_body_temp"
  nginx http proxy temporary files: "/var/tmp/nginx/proxy_temp"
  nginx http fastcgi temporary files: "/var/tmp/nginx/fastcgi_temp"
  nginx http uwsgi temporary files: "/var/tmp/nginx/uwsgi_temp"
  nginx http scgi temporary files: "/var/tmp/nginx/scgi_temp"

===>  Building for nginx-1.4.1,1
...
```
I discovered, that the -DNO_IDEA flag was connected to the HTTP_SSL option. I enabled it, and the port was still built and installed with it (the 1.4.1 version).

Can post the entire output of your build process (via pastebin for example), and the output of `$ make -C /usr/ports/www/nginx showconfig`. Like I said in my previous post, you can use script(1)() to do that:

```
# script /var/tmp/my-build-report.out
# cd /usr/ports/www/nginx
# make showconfig
# make install clean
# exit
```
with which you saved the output in /var/tmp/my-build-report.out, which can be opened with your favorite text editor. The `# exit` command is there to exit the script mode.

Port www/nginx has only one dependency -- devel/pcre. Try rebuilding it, just in case.

Also, did you (re)build your world with any special options (if you built it yourself)? Do you have any configuration in /etc/src.conf?


----------



## NuLL3rr0r (Jun 18, 2013)

@jozze,

Thank you for the effort. As you suggested I rebuilt devel/pcre and tried again without any luck. I don't know why your Nginx won't pick up OpenSSL and mine does?


```
Configuration summary
  + using system PCRE library
  + using system OpenSSL library
  + md5: using OpenSSL library
  + sha1: using OpenSSL library
  + using system zlib library

  nginx path prefix: "/usr/local/etc/nginx"
  nginx binary file: "/usr/local/sbin/nginx"
  nginx configuration prefix: "/usr/local/etc/nginx"
  nginx configuration file: "/usr/local/etc/nginx/nginx.conf"
  nginx pid file: "/var/run/nginx.pid"
  nginx error log file: "/var/log/nginx-error.log"
  nginx http access log file: "/var/log/nginx-access.log"
  nginx http client request body temporary files: "/var/tmp/nginx/client_body_temp"
  nginx http proxy temporary files: "/var/tmp/nginx/proxy_temp"
  nginx http fastcgi temporary files: "/var/tmp/nginx/fastcgi_temp"
  nginx http uwsgi temporary files: "/var/tmp/nginx/uwsgi_temp"
  nginx http scgi temporary files: "/var/tmp/nginx/scgi_temp"

===>  Building for nginx-1.4.1,1
```

The only thing that I rebuilt is the kernel. I just added QUOTA to the GENERIC kernel and rebuilt it. And, I don't have anything special in /etc/src.conf (actually I don't have this file in my system).

I'm not sure this is a bug or not. So, I'll try your suggestion (script) and post back here first.


----------



## NuLL3rr0r (Jun 18, 2013)

Here you can find the full log using the script command.

And it's such a cool tool. Thanks.


----------



## ShelLuser (Jun 18, 2013)

I'm on to you @NuLL3rr0r, this is just a deliberate plot to make us build and optionally install www/nginx I bet 

Nah, a little more serious: this looks pretty intriguing, and for the record the whole thing also cleanly compiles on my end (on FreeBSD 9.1-RELEASE-p3). However, I don't use other compilers such as gcc but simply resort to the default /usr/bin/cc.

Looking into this thread I'm wondering: which OpenSSL version is everyone using? The one which is included with the base system, or did you also install security/openssl?

Because when I enable both HTTP_SSL and MAIL_SSL this is what I get:


```
Configuration summary
+ using system PCRE library
+ using system OpenSSL library
+ md5: using OpenSSL library
+ sha1: using OpenSSL library
+ using system zlib library
```
I'm using the OpenSSL version from the base system, so now I'm wondering if this could be of any influence. Well, this and the involved compiler perhaps.


----------



## ShelLuser (Jun 18, 2013)

Ok, a new message just to avoid confusion. I can reproduce the problem when I copy the OP's shown configuration, that's step one. Especially if you keep in mind that it used to compile cleanly on my end:


```
cc -c -O2 -pipe -DNO_IDEA -fno-strict-aliasing -I /usr/local/include -I src/core
  -I src/event  -I src/event/modules  -I src/os/unix  -I objs -I src/http  -I sr
c/http/modules  -o objs/src/http/ngx_http_special_response.o  src/http/ngx_http_special_response.c
cc -c -O2 -pipe -DNO_IDEA -fno-strict-aliasing -I /usr/local/include -I src/core
  -I src/event  -I src/event/modules  -I src/os/unix  -I objs -I src/http  -I sr
c/http/modules  -o objs/src/http/ngx_http_request.o  src/http/ngx_http_request.c
*** [objs/src/http/ngx_http_request.o] Error code 1

Stop in /usr/ports/www/nginx/work/nginx-1.4.1.
*** [build] Error code 1
```
That looks familiar doesn't it?

*Edit*:

OP (sorry, I'm a bit lazy): what happens if you enable HTTP_SSL (only this option, don't change anything else), then run `# make clean` and after that `# make build` (both from within the port directory of course)?

This starts to look like a bug somewhere.


----------



## ShelLuser (Jun 18, 2013)

Hi gang,

I think I solved it, and if so the problem has nothing to do with the Port what so ever but everything with the Nginx software instead. It seems you can't use the mail_ssl module without including the http_ssl module as well.

As a side note (not a sneer): I'm a little under impressed with the available documentation. I know I become cynical when a README in a source distribution only tells you "See website for documentation" (I get a bit annoyed with such approaches because now you can't fully build or use the program without an Internet connection), but even so...


First I used `# make rmconfig && make distclean` and then started from scratch. I noticed that the OP had enabled mail_ssl but didn't enable http_ssl, and the error you get then definitely points to a web protocol related issue.

So I started looking into the Nginx building documentation and noticed that this didn't mention any modules. Even though some of them are build by default (which leads up to my previous comment). I then started digging through the main documentation itself and eventually found a page dedicated to the nginx_mail_ssl module.

Note how it doesn't mention anything about dependencies?

I then used the default Port configuration and only enabled mail support (POP3 and SMTP) as well as mail_ssl. Then I grabbed the pristine source distribution using: `# make fetch extract` (I know I can leave fetch out, force of habit) and looked into the configure help output. 

With a bit of comparing (editors/vim to the rescue) I then set up a configure line which would mimic the Port default configuration (with the changes I mentioned earlier):


```
./configure --with-ipv6 --with-http_stub_status_module --with-mail --with-mail_ssl_module
```
The important bit here is using mail_ssl without enabling http_ssl. And what do you know:


```
Configuration summary
  + using system PCRE library
  + using system OpenSSL library
  + md5: using OpenSSL library
  + sha1: using OpenSSL library
  + using system zlib library

---<SNIP

cc -c -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core  -I src/event  -I src/event/modules  -I src/os/unix  -I /usr/local/include  -I objs -I src/http  -I src/http/modules  -o objs/src/http/ngx_http_request.o  src/http/ngx_http_request.c
src/http/ngx_http_request.c: In function 'ngx_http_set_virtual_server':
src/http/ngx_http_request.c:1992: error: 'ngx_http_ssl_srv_conf_t' undeclared (first use in this function)
src/http/ngx_http_request.c:1992: error: (Each undeclared identifier is reported only once
src/http/ngx_http_request.c:1992: error: for each function it appears in.)
src/http/ngx_http_request.c:1992: error: 'sscf' undeclared (first use in this function)
src/http/ngx_http_request.c:1999: error: 'ngx_http_ssl_module' undeclared (first use in this function)
*** [objs/src/http/ngx_http_request.o] Error code 1

Stop in /usr/ports/www/nginx/work/nginx-1.4.1.
*** [build] Error code 1

Stop in /usr/ports/www/nginx/work/nginx-1.4.1.
```
I then ran `# make clean` from within the source (work) directory, added this configure option: --with-http_ssl_module and tried again. Now everything cleanly compiles.

The reason why this proves that we're not dealing with a port problem is because I haven't ran `# make patch` from the main port directory yet, so I'm only working with the clean source distribution (this is what makes the Ports collection so cool in my opinion; even if you don't want to use Ports you can always use it as your "lazy ass software fetcher").

Concluding: you have discovered a bug in the Nginx software. Maybe this is by design, could be, but then I would have expected a reference in the documentation somewhere.


----------



## jozze (Jun 18, 2013)

Great job @ShelLuser for tackling this problem! @NuLL3rr0r, good to hear that you have generic settings. I just wanted to make sure, so I could exclude them as the source of the problem.

It's weird though, since I can build fine with just MAIL_SSL and no HTTP_SSL enabled, but I didn't try with other configure flags (I'm not at home right now). I am using the OpenSSL from 9.1-STABLE. I checked the OpenSSL version available on 9.1-RELENG. Merely judging from the last update, it seems that the -STABLE branch has a different version (well, at least the man(1)() page is) but the Makefiles are the same. For me, `# openssl version` returns OpenSSL 0.9.8y.

A short (maybe helpful) note:


			
				ShelLuser said:
			
		

> However, I don't use other compilers such as gcc but simply resort to the default /usr/bin/cc.


`# ls -i /usr/bin/cc && ls -i /usr/bin/gcc` return the same inode number, so they are in fact the same files (/usr/bin/c++ and /usr/bin/cpp also have their equivalents), unless the world was built with WITH_CLANG_IS_CC enabled, in which case those files are actually connected to the clang compiler.


----------



## jozze (Jun 18, 2013)

OK, I tried with @ShelLuser's suggestion to build without patches, and there is indeed the same problem. The problem persists with @NuLL3rr0r's config flags, indicating it's not the MAIL_SSL that needs HTTP_SSL enabled, but another one -- MAIL flag itself, (it enables IMAP4/POP3/SMTP proxy modules). @ShelLuser was correct, it's not related to OpenSSL but to Nginx software.

This should be reported to the port maintainer, so he can add a message in the Makefile warning potential users about this problem.


----------



## fonz (Jun 18, 2013)

jozze said:
			
		

> This should be reported to the port maintainer




```
[CMD=%]cd /usr/ports/www/nginx[/CMD]
[CMD=%]make maintainer[/CMD]
[email]osa@FreeBSD.org[/email]
```
There you go. Either send an e-mail or file a PR. And thanks for noticing/reporting!


----------



## ShelLuser (Jun 18, 2013)

jozze said:
			
		

> The problem persists with @NuLL3rr0r's config flags, indicating it's not the MAIL_SSL that needs HTTP_SSL enabled, but another one -- MAIL flag itself, (it enables IMAP4/POP3/SMTP proxy modules).


That's not correct it seems. Because the OP's configuration flags include the mail_ssl module.

There's an easy way to demonstrate this (I'd appreciate it if you could try this too to rule everything out):


```
cd /usr/ports/www/nginx
make fetch
cd work/nginx-1.4.1
./configure --with-ipv6 --with-http_stub_status_module --with-mail
make
```
On my end this results in a clean build. However, the moment I add the --with-mail_ssl_module parameter then I'm getting the previous build errors again.

That's how I ended up with my earlier conclusion.


----------



## ShelLuser (Jun 18, 2013)

jozze said:
			
		

> `# ls -i /usr/bin/cc && ls -i /usr/bin/gcc` return the same inode number, so they are in fact the same files (/usr/bin/c++ and /usr/bin/cpp also have their equivalents), unless the world was built with WITH_CLANG_IS_CC enabled, in which case those files are actually connected to the clang compiler.


Great to know, thanks!

This may sound very stupid, but would you believe that this is the first time I noticed /usr/bin/gcc being there? :e

Well, I don't care what `cc -v` tells me, its obvious that /usr/bin/gcc is a hard link to /usr/bin/cc and not the other way around


----------



## jozze (Jun 18, 2013)

I suggested that port fails to build due to MAIL flag, because after I disabled it from @NuLL3rr0r and it built normally.

@ShelLuser, as you suggested, I crosschecked with your results, and I seem to have found another problem with the port.


```
# ./configure --with-ipv6 --with-http_stub_status_module --with-mail_ssl_module  # fails
# ./configure --with-ipv6 --with-http_stub_status_module --with-mail             # builds
```

But if I only add either MAIL or MAIL_SSL without the HTTP_SSL flag to existing default options, the build proceeds normally. I inspected the port's Makefile and there all seems well (MAIL enables --with-mail and MAIL_SSL enables --with-mail_ssl_module.


```
.if ${PORT_OPTIONS:MMAIL}
CONFIGURE_ARGS+=--with-mail
.if empty(PORT_OPTIONS:MMAIL_IMAP)
CONFIGURE_ARGS+=--without-mail_imap_module
.endif
.if empty(PORT_OPTIONS:MMAIL_POP3)
CONFIGURE_ARGS+=--without-mail_pop3_module
.endif
.if empty(PORT_OPTIONS:MMAIL_SMTP)
CONFIGURE_ARGS+=--without-mail_smtp_module
.endif
.if ${PORT_OPTIONS:MMAIL_SSL}
NGINX_OPENSSL=  yes
CONFIGURE_ARGS+=--with-mail_ssl_module
.endif
.endif          # WITH_MAIL
```

Which is weird. It must be that other default flags take care of that problem (maybe), and that enabling others can make the problem resurface.



			
				ShelLuser said:
			
		

> Well, I don't care what `cc -v` tells me, its obvious that /usr/bin/gcc is a hard link to /usr/bin/cc and not the other way around



This is the case with some other files as well! /bin/tcsh and /bin/csh are such examples (I know, my whole life as a FreeBSD user has been a lie!). BTW, how do you know which file is the source of hard link (I thought with hard links, there is no such thing).


----------



## kpa (Jun 18, 2013)

With hard links there's absolutely no way to tell which one is the "original", the inode number is the unique identifier for the actual file and the directory entries are just references to the inode.


----------



## NuLL3rr0r (Jun 19, 2013)

ShelLuser said:
			
		

> I'm on to you @NuLL3rr0r, this is just a deliberate plot to make us build and optionally install www/nginx I bet







			
				jozze said:
			
		

> (I know, my whole life as a FreeBSD user has been a lie!).



Ha ha, very funny. 


Also, now (after installing 1.4.1) I have another trouble with the www/nginx port. When I do `make deinstall`. I'll get:

```
root@3rr0r:/usr/ports/www/nginx # make deinstall
===>  Deinstalling for www/nginx
===>   nginx-1.4.1,1 has a different PREFIX: , skipping
```

I have to remove it by using `pkg_delete -f nginx-1.4.1,1` first.


----------



## jozze (Jun 19, 2013)

That's weird, it seems like a package problem. I use PKGNG and I didn't experience this problem. Maybe it was a just a pkg_* hiccup. Install www/nginx again and then immediately remove it. Try

```
# make -C /usr/ports/www/nginx reinstall clean deinstall
```
a couple of times to see if it's removed cleanly. If all is well, then you don't have anything to worry about. Otherwise, try testing the port with these steps.


----------



## NuLL3rr0r (Jun 20, 2013)

Unfortunately your suggested method won't work. It's weird, never saw anything like this before in the ports. Anyway in the bug report I included this thread when I reported the issue. I hope it get fixed.


----------



## cpm@ (Jun 20, 2013)

You should build with HTTP_SSL option enabled. 

https://groups.google.com/forum/#!topic/nginx-rtmp/MqIaoUUPDeQ.

To stay updated always read the changes committed. Furthermore, the ports tree already have the 1.5.1 version.


----------



## NuLL3rr0r (Jun 20, 2013)

cpu82 said:
			
		

> You should building with HTTP_SSL option enabled.
> 
> https://groups.google.com/forum/#!topic/nginx-rtmp/MqIaoUUPDeQ.



Thanks, as others suggested before, I have already built it with HTTP_SSL module enabled and the issue was gone.


----------

