subject:"\[gentoo\-commits\] repo\/gentoo\:master commit in\: www\-servers\/nginx\/, www\-servers\/nginx\/files\/"

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2022-12-02 Thread Conrad Kostecki

commit: e1542f080b666233bf679c899daec39fed3f0a4c
Author: Conrad Kostecki  gentoo  org>
AuthorDate: Fri Dec  2 23:57:48 2022 +
Commit: Conrad Kostecki  gentoo  org>
CommitDate: Fri Dec  2 23:57:48 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1542f08

www-servers/nginx: fix ldap crash

Closes: https://bugs.gentoo.org/883401
Signed-off-by: Conrad Kostecki  gentoo.org>

 .../files/nginx-1.23.2-mod_auth_ldap-fix.patch  | 21 +
 ...ginx-1.23.2-r2.ebuild => nginx-1.23.2-r3.ebuild} |  6 ++
 2 files changed, 27 insertions(+)

diff --git a/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch 
b/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch
new file mode 100644
index ..b3b4cf4b33c4
--- /dev/null
+++ b/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch
@@ -0,0 +1,21 @@
+From f0a5f61d9aad59c23e2c877094a8f17c43bee5b5 Mon Sep 17 00:00:00 2001
+From: freultwah <631910+freult...@users.noreply.github.com>
+Date: Tue, 23 Aug 2022 18:09:45 +0300
+Subject: [PATCH] Make the module not crash with nginx >1.23.*
+
+---
+ ngx_http_auth_ldap_module.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/ngx_http_auth_ldap_module.c b/ngx_http_auth_ldap_module.c
+index 2f4e592..83b481c 100644
+--- a/ngx_http_auth_ldap_module.c
 b/ngx_http_auth_ldap_module.c
+@@ -1779,6 +1779,7 @@ ngx_http_auth_ldap_set_realm(ngx_http_request_t *r, 
ngx_str_t *realm)
+ }
+ 
+ r->headers_out.www_authenticate->hash = 1;
++r->headers_out.www_authenticate->next = NULL;
+ r->headers_out.www_authenticate->key.len = sizeof("WWW-Authenticate") - 1;
+ r->headers_out.www_authenticate->key.data = (u_char *) "WWW-Authenticate";
+ r->headers_out.www_authenticate->value = *realm;

diff --git a/www-servers/nginx/nginx-1.23.2-r2.ebuild 
b/www-servers/nginx/nginx-1.23.2-r3.ebuild
similarity index 99%
rename from www-servers/nginx/nginx-1.23.2-r2.ebuild
rename to www-servers/nginx/nginx-1.23.2-r3.ebuild
index 96915733beb5..4b707c551371 100644
--- a/www-servers/nginx/nginx-1.23.2-r2.ebuild
+++ b/www-servers/nginx/nginx-1.23.2-r3.ebuild
@@ -377,6 +377,12 @@ src_prepare() {
eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch"
 
+   if use nginx_modules_http_auth_ldap; then
+   cd "${HTTP_LDAP_MODULE_WD}" || die
+   eapply "${FILESDIR}/${PN}-1.23.2-mod_auth_ldap-fix.patch"
+   cd "${S}" || die
+   fi
+
if use nginx_modules_http_sticky; then
cd "${HTTP_STICKY_MODULE_WD}" || die
eapply "${FILESDIR}"/http_sticky-nginx-1.23.0.patch

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2022-10-19 Thread Conrad Kostecki

commit: 5297ee7000326d641b28980b4e1a7018e1658470
Author: Conrad Kostecki  gentoo  org>
AuthorDate: Wed Oct 19 14:40:44 2022 +
Commit: Conrad Kostecki  gentoo  org>
CommitDate: Wed Oct 19 14:43:05 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5297ee70

www-servers/nginx: add 1.23.2

Includes also CVE-2022-38890 fix for NJS-0.7.7.

Bug: https://bugs.gentoo.org/870409
Signed-off-by: Conrad Kostecki  gentoo.org>

 www-servers/nginx/Manifest |1 +
 .../files/http_javascript_cve_2022-38890.patch |   49 +
 www-servers/nginx/nginx-1.23.2.ebuild  | 1049 
 3 files changed, 1099 insertions(+)

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index ef8bbe4fe5fd..b68ad65ae614 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -1,5 +1,6 @@
 DIST modsecurity-nginx-1.0.3.tar.gz 34063 BLAKE2B 
859a29eb7f67d53a818578f1008f0d0debbe37c205bb7c6e79594d8b1a6a0d9390d35f607ef05ef6d73c9aa887baebfd2c54aca894969beeed4bfe576f37
 SHA512 
20495884c6b3594edf879a19fd7445f2e74a1628789decd146b3c712764b0507e440a84a64aab619461b044f98b8d641913cfad57a6d0002e7061716bdfe84fc
 DIST nginx-1.23.1.tar.gz 1104352 BLAKE2B 
2c90b792ad7d9d685dc417e4c4d24ad68fa490da737574d25d526c70839fb64f69581e9093cf1c38010b7c404650e48c0fe8f9c1ef71c75d30be0be7e9ebd4d8
 SHA512 
62d6b3d5282f4e4cc23adf23b3dc26e06fc4574cae3c18381c406d0cf0f8c68e7dfa86af0c3c1c1485214c548f3b45015eb219e62bfe04e0aaa5edaad82e6706
+DIST nginx-1.23.2.tar.gz 1108243 BLAKE2B 
0a6a556afe93c4326247e879e3bb2ad377cd734a572f471b52c91b1b2901a243a848cd74fea587bda5afa0ee91dec9635b5d2a468cb95abc7f361c42a32c9598
 SHA512 
4a5413c0ec251c02fb73dfb4d351045f857a36d45ebb7ae2c29f4a4f320a6543d0a049b147b08318de0b7b0406773c329dbf43bf98bb088f76e506ea532cd8ef
 DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 
BLAKE2B 
5ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333
 SHA512 
ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19bf4cf53973269
 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B 
d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570
 SHA512 
6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529
 DIST ngx_brotli-1.0.0rc.tar.gz 16207 BLAKE2B 
450d0ea693bd98d4a1b615f2cdcaad41ccd28266f6d80beec7fe77fe750ab8c5d1bb55aabe15161b9b6d819d2b4d99a7774f2706f2f6fd084b52a7c7dddbc00c
 SHA512 
05a880d5e48ac83be84498ed41fb4750211b827a9d7541acfd6ef494e5205a6e853d5594bfec3ab4ae668ea3f803e4f4b0ba550c76811971c8e266e42663c56d

diff --git a/www-servers/nginx/files/http_javascript_cve_2022-38890.patch 
b/www-servers/nginx/files/http_javascript_cve_2022-38890.patch
new file mode 100644
index ..43469b552968
--- /dev/null
+++ b/www-servers/nginx/files/http_javascript_cve_2022-38890.patch
@@ -0,0 +1,49 @@
+From b9aea5854bcf6f2de8f7a7f1550874e392b94be2 Mon Sep 17 00:00:00 2001
+From: Dmitry Volyntsev 
+Date: Wed, 31 Aug 2022 18:35:58 -0700
+Subject: [PATCH] Fixed String.prototype.trimEnd() with unicode string.
+
+Previously, when the method was invoked with a string consisting of space
+characters and at least one of them was a Unicode space separator (code
+point above 127) it returned invalid string value with non-zero size
+but zero length.
+
+The fix is to update the size of the resulting string appropriately.
+
+This closes #569 issue on Github.
+---
+ src/njs_string.c | 1 +
+ src/test/njs_unit_test.c | 8 
+ 2 files changed, 9 insertions(+)
+
+diff --git a/src/njs_string.c b/src/njs_string.c
+index 83cede548..62bece0de 100644
+--- a/src/njs_string.c
 b/src/njs_string.c
+@@ -2849,6 +2849,7 @@ njs_string_trim(const njs_value_t *value, 
njs_string_prop_t *string,
+ 
+ for ( ;; ) {
+ if (start == prev) {
++end = prev;
+ break;
+ }
+ 
+diff --git a/src/test/njs_unit_test.c b/src/test/njs_unit_test.c
+index 287ddda2d..a717f02a8 100644
+--- a/src/test/njs_unit_test.c
 b/src/test/njs_unit_test.c
+@@ -8450,6 +8450,14 @@ static njs_unit_test_t  njs_test[] =
+ { njs_str("'   абв  '.trimStart().trimEnd()"),
+   njs_str("абв") },
+ 
++{ njs_str("["
++  " String.fromCodePoint(0x2028),"
++  " String.fromCodePoint(0x20, 0x2028),"
++  " String.fromCodePoint(0x0009, 0x20, 0x2028),"
++  " String.fromCodePoint(0xFEFF),"
++  "].every(v => v.trimEnd() == '')"),
++  njs_str("true") },
++
+ { njs_str("'\\u2029abc\\uFEFF\\u2028'.trim()"),
+   njs_str("abc") },
+ 

diff --git a/www-servers/nginx/nginx-1.23.2.ebuild 
b/www-servers/nginx/nginx-1.23.2.ebuild
new file mo

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2020-05-26 Thread Thomas Deutschmann

commit: cea207f843acb7cd1d09b56a4302eb1155bf560f
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Tue May 26 18:11:37 2020 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Tue May 26 18:40:55 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cea207f8

www-servers/nginx: bump to v1.19.0 mainline

- brotli module bumped to 1.0.0rc from new upstream

- HTTP LUA module bumped to v0.10.16rc5

- fancyindex module bumped to v0.4.3

- nginScript module bumped to v0.4.1

Closes: https://bugs.gentoo.org/724646
Package-Manager: Portage-2.3.100, Repoman-2.3.22
Signed-off-by: Thomas Deutschmann  gentoo.org>

 www-servers/nginx/Manifest |3 +
 .../nginx/files/http_brotli-detect-brotli-r3.patch |   28 +
 www-servers/nginx/nginx-1.19.0.ebuild  | 1093 
 3 files changed, 1124 insertions(+)

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index 523b0974076..2365b9621d9 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -1,7 +1,9 @@
 DIST modsecurity-2.9.3.tar.gz 4307670 BLAKE2B 
337ea15cc8805af7ab43aed8aecf4c72ccc586d0d7e9d9b91f036a61baa70d1ac8b4ad8045a2bb7a13515912a15fba7d3cdb9670ae6730de43b1e44ee90ded6d
 SHA512 
4e1ea5dd8edadf8f630e4fe92a200d3a8e78963fce3128b5975a1e1ecd0e8bf9ceecd9905c95f8c508932ccd837f1d8ae8bb2ba423307718c3c6a4ae9b783ddd
 DIST nginx-1.18.0.tar.gz 1039530 BLAKE2B 
a8962a6af96acb043ff0c3dc4ad5192083773c449950aff53b01f6f7c46a2a540eb061a43432acccd753fa71067b1451d75f440ba5526575b78608be9d40a50b
 SHA512 
8c21eeb62ab6e32e436932500f700bd2fb99fd2d29e43c08a5bfed4714c189c29c7141db551fcd5d2437303b7439f71758f7407dfd3e801e704e45e7daa78ddb
+DIST nginx-1.19.0.tar.gz 1043748 BLAKE2B 
46647676c2e5dd0b06a1079329d211f7449312873f40d762b1c81841863f61dbc11f836956c006e0283dc79ab9b6bb4b9430136e4c66ff194402413fdc0bdf83
 SHA512 
3240d5dc59877f9d6a95c8779240675cec9290df079b9d52c06147e58900f2e060e768729669ffaf9a2a90bb9abbe8ab7fba24ff65d45fec9eeb3b6733b65f30
 DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 
BLAKE2B 
5ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333
 SHA512 
ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19bf4cf53973269
 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B 
d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570
 SHA512 
6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529
+DIST ngx_brotli-25f86f0bac1101b6512135eac5f93c49c63609e3.tar.gz 16201 BLAKE2B 
2da3ce8a9f29b713da4de4cd60fe22256742ff61e1718346e5246ffa0169d5a2e1babb625b16ac52e3b79431f749adb3ee0170957024953c139aaebc7a496478
 SHA512 
c6eb026f204e1e6f930ab7ca68cca78054318e05a0dc11d897d3516380dbc4e42e93d40334e3088bf348d4b7b182e87c77473974719e5850a4f97666f9babbd6
 DIST ngx_brotli-8104036af9cff4b1d34f22d00ba857e2a93a243c.tar.gz 12672 BLAKE2B 
fa2febfa63b98303f8890c6774de6ccb09475ccd639d3b74493a4ffd97c90febdc22755c5928018bdac24a537bd13cde165f97e5d2b50bebf598c3fb22ec0206
 SHA512 
169566b8764bb2b82e029f954a99063a9c61e2cbf982861c5f6818b389a5f37bf5389afb1b5627de9bd3f7af7b3c404be0230f943d47ab621c2a2bd825cc8203
 DIST ngx_devel_kit-0.3.1.tar.gz 66542 BLAKE2B 
8242d884464d99a131a48f599f9d0c2b546610f73f646e7eb0dcfdb98220810d949189cffa721360ddbe3b7b8adc8b678a848b9d1a56db6c62fd4439ecb63d24
 SHA512 
de1e3349d8dd08e5982279b2219dc8a8006739f0409b8e0f5c50d93434beff1fbafba43e9c5ac85a5fab90afc5c0a7244a340610339c36f82f2cba7233e72de9
 DIST ngx_http_auth_pam-1.5.1.tar.gz 6863 BLAKE2B 
00807cc3db8f6c007c968b8a30d7f6094b7d9db4eaa60d211fcb3ac60aeb28c5f8193578a7e1ca67acbbf57a319c8442fe44efc1e193927c3bce5961539f9c16
 SHA512 
973b94874d8a58c0df0ac2d31571eafc1e80b11179cba33ec88421a826207fbf7e99b0387e135a1ca48d82daacb78f19a4c21d3a27b49b16dc86b4748bb72261
@@ -12,6 +14,7 @@ DIST ngx_http_fancyindex-0.4.4.tar.gz 26292 BLAKE2B 
a1ed76cb31cd4f7a349bcbe63d75
 DIST ngx_http_geoip2_module-3.3.tar.gz 8509 BLAKE2B 
4841e1bdd13b9b85f34732d1eb7447638f62bb09e1bd480da0fa8b0085d3b2d90a740732ef534c355feb71d7db613c73f68a4e6e3624b47a0937be046dfa1f8d
 SHA512 
06963b598c54e22d75ce837fb222f5aa6c9494c29e558ff46f1205d7159fc305414bfac4ed3288c836dcbf7628d92f26458e1992d34fc2f4b73275a32847bdc0
 DIST ngx_http_headers_more-0.33.tar.gz 28130 BLAKE2B 
fe3097a7700ce5da087058f7bb44c95164b75137031187400473f6833bf0e33e5c4920807225a6ff94174fe7dbd6186cca176a33a629ca0911faab6804bdd12a
 SHA512 
13165b1b8d4be281b8bd2404fa48d456013d560bace094c81da08a35dc6a4f025a809a3ae3a42be6bbf67abbcbe41e0730aba06f905220f3baeb01e1192a7d37
 DIST ngx_http_lua-0.10.15.tar.gz 655110 BLAKE2B 
73bf8e2f157c93f3d4e54b5aa63deb266731a10e3e48b2257756efee8d752e86440ca9c27bd27bc1d90075a5ffb58772eecb7c445db44cd055d2b9e0b4bac082
 SHA512 
1feea538464275e6e5718

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2018-11-06 Thread Thomas Deutschmann

commit: 395959f0a2392993b260566a518de96f16d66daf
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Tue Nov  6 15:58:12 2018 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Tue Nov  6 16:04:04 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=395959f0

www-servers/nginx: bump to v1.15.6 mainline

- nginScript module bumped to v0.2.5

- brotli module bumped to commit 8104036af9cff

Bug: https://bugs.gentoo.org/670496
Package-Manager: Portage-2.3.51, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann  gentoo.org>

 www-servers/nginx/Manifest |3 +
 .../nginx/files/http_brotli-detect-brotli-r2.patch |   30 +
 www-servers/nginx/nginx-1.15.6.ebuild  | 1081 
 3 files changed, 1114 insertions(+)

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index f2a16b9dd49..c582c0046ec 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -4,9 +4,11 @@ DIST nginx-1.15.1.tar.gz 1024086 BLAKE2B 
411f566f53fcae62a8b539ac3809d75dc7eaae7
 DIST nginx-1.15.2.tar.gz 1025746 BLAKE2B 
96b1b1d660571e35b7f97c71da241fa88b44d3928868019b4fffdfa68cd40bb8bd31bba9429cc9e4ca2c2f8d7abf03129577003f4cca50e6d0325644eb47aad4
 SHA512 
ef8171138246b851f3713ea027d6b96de414b15e24de244fa4fcb428da3a68f4df0c54152e5c0993e36c9c97d4dabcd55a019d6709840b4393c86995604668ff
 DIST nginx-1.15.3.tar.gz 1022881 BLAKE2B 
5a33a36a2a0dfa9b276c1fe9aeb148d191244973844ee9e411a88792fa8c80d2605efd83da708535f0e39234418b955eb15642a0d4d14e5c7c26e805ed921a2e
 SHA512 
112fafd0841b79a165cee6a94da6d0c6c828b29ef1e3af00f4a12809c5d3bc8fd2a94f6d0cb05f6b487be81a414be42ea64f88e63a4d62fe9bebc9cf946aa94a
 DIST nginx-1.15.5.tar.gz 1024791 BLAKE2B 
713373b908c40c5cf676cec7698807a7de0a3ba81e8215b00896f178f2369bdbd01318c688276cf9fea8b9274be75eab0fbf403ac629ca730198eccf363ec92f
 SHA512 
90b3d8148fca183bd3f6d16fd9212e2eedbe13f151c079d67086fca5a9f58256b99a87bee18b1f9fb2b65fbe2d5353985145e1c075b6236b31d0ce7e9051
+DIST nginx-1.15.6.tar.gz 1025761 BLAKE2B 
0d8a76a04f830e85d6022faaea6a27f6d80382bfbfa067f29c6d62e34f4d6a35c315a71727a1c12dd3cd804a4e84eccde8a1cbd42be95c06143817ebdde00951
 SHA512 
89c1b7df7ed0722a930a977edfb94a8278e51ebd7d5a0d0959ac09515374f976283e945c283b704447f7b57fd302bdbbea0d0d11c48aa282f2d53230eb3e63be
 DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 
BLAKE2B 
5ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333
 SHA512 
ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19bf4cf53973269
 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B 
d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570
 SHA512 
6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529
 DIST ngx_brotli-0.1.2.tar.gz 12668 BLAKE2B 
904d3f28dcf9f2d5a8eefa2ab8ff991e34624897a9932e351ec4cea05f2b0dbee34ea495de2d546510a556fb10041b388be963f28fecfcd7dc8638f950b36fd0
 SHA512 
661b4ce5cc678600e5df6be7588b0f0d5d914df9a6788c994cebfa25e211720b9e7d2c08fc34eb6a84743ae2929920ebf2888075e122ac23816ab7c0f3ef4b76
+DIST ngx_brotli-8104036af9cff4b1d34f22d00ba857e2a93a243c.tar.gz 12672 BLAKE2B 
fa2febfa63b98303f8890c6774de6ccb09475ccd639d3b74493a4ffd97c90febdc22755c5928018bdac24a537bd13cde165f97e5d2b50bebf598c3fb22ec0206
 SHA512 
169566b8764bb2b82e029f954a99063a9c61e2cbf982861c5f6818b389a5f37bf5389afb1b5627de9bd3f7af7b3c404be0230f943d47ab621c2a2bd825cc8203
 DIST ngx_devel_kit-0.3.0-r1.tar.gz 66455 BLAKE2B 
e4e987a85b2283ba540b4b894382e65dac7fbca23e233b1031b38828908088370cdb1a9bded4d4ee1ceb1c2e1d506dc2b6f4ba5f6ee94248e863def5a1c8dd1a
 SHA512 
558764c9be913a4f61d0e277d07bf3c272e1ce086b3fadb85b693a7e92805cd9fca4da7a8d29c96e53fc0d23b331327d3b2561ff61f19d2330e7d5d35ac7d614
 DIST ngx_http_auth_pam-1.5.1.tar.gz 6863 BLAKE2B 
00807cc3db8f6c007c968b8a30d7f6094b7d9db4eaa60d211fcb3ac60aeb28c5f8193578a7e1ca67acbbf57a319c8442fe44efc1e193927c3bce5961539f9c16
 SHA512 
973b94874d8a58c0df0ac2d31571eafc1e80b11179cba33ec88421a826207fbf7e99b0387e135a1ca48d82daacb78f19a4c21d3a27b49b16dc86b4748bb72261
 DIST ngx_http_cache_purge-2.3.tar.gz 12248 BLAKE2B 
f83b267f4c19a9d4af5964522695814c164d200ecd4108bf8f6b5c21388eba8af989bdda646dee18a03174211e8c090a04736bbeb44043cb0e19fbccdc66278e
 SHA512 
50a31dbf2216a6fae74a186af56dec4600cf55777e76a10ac0075f609e7737135aab063a64f2590dddcd0369ebebd4a523027f3d9ebcca74f7b4355be1c5dcc0
@@ -30,3 +32,4 @@ DIST ngx_rtmp-1.2.1.tar.gz 519919 BLAKE2B 
744ccb8031eb9653f158f9eceba64fc9c8af7b
 DIST njs-0.2.2.tar.gz 253349 BLAKE2B 
1ca508677a251ff38f5bca01292f2c7d2c41ac1c5d2cffae8b565694cbed9ebb2811b7e8893ea03384810e169ebb0cccfbf51d36166fcbc32e77fb30ba90d664
 SHA512 
e309b06b66e955873b82ef6c8881c3a98e0cf22e379b292c7561947db34c28990ade5461f42561e73c79c8e

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2018-04-17 Thread Thomas Deutschmann

commit: 2ec7917bcb1fd3f3c1e491146107902307280811
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Tue Apr 17 16:24:44 2018 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Tue Apr 17 16:36:54 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2ec7917b

www-servers/nginx: Rev bump vor v1.13.12 mainline

Ebuild changes:
===
- brotli module updated to commit 37ab9b2933a0b756ba3447000b7f31d432ed8228.

Package-Manager: Portage-2.3.28, Repoman-2.3.9

 www-servers/nginx/Manifest |1 +
 .../nginx/files/http_brotli-detect-brotli-r1.patch |  116 +++
 www-servers/nginx/nginx-1.13.12-r1.ebuild  | 1064 
 3 files changed, 1181 insertions(+)

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index 83a8156c93b..e183788cbf1 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -8,6 +8,7 @@ DIST nginx-1.13.9.tar.gz 994802 BLAKE2B 
3a34cd87a7bcc51b44787a322569d3d475dc0b48
 DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 
BLAKE2B 
5ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333
 SHA512 
ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19bf4cf53973269
 DIST nginx-auth-ldap-49a8b4d28fc4a518563c82e0b52821e5f37db1fc.tar.gz 17159 
BLAKE2B 
f2209c8b5eb5616a362f2b532245167a5940faad6d66d98a94b3bf2d1e33a73492d42c60a9ddad347a592362a002ff38273a5d1f61f663984a09e14a3fe35e0f
 SHA512 
323abd0ca8e90f5afcaf81a8ff1a8abe3dfcbff3d69f0dd4a1c005fe6436acbf3076c4c57a4df877b3d8e388cbea085d46301bb2df9c0752e2567817ff7cca92
 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B 
d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570
 SHA512 
6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529
+DIST ngx_brotli-37ab9b2933a0b756ba3447000b7f31d432ed8228.tar.gz 12692 BLAKE2B 
8b969fcd7daf37d790e81ff6dd4d43a210c9097052cc7a2db9f2aa8ad3115ffe175b0839210c234610e5731be35327eb08eb0eb3f28783d272b172df07259651
 SHA512 
fb12e4b50b9a472ee2f4fe08ffd86c38072a4c254a4f99627d6f2411f915c139f6e7cfe41f29222bc70b57942cde85d8ef2cd5458638201c751cd4c818d65f10
 DIST ngx_brotli-482761e7c0cf3ea4d1540fc9e14c9dedd80d2f7c.tar.gz 10590 BLAKE2B 
a707353e7f98f06652b89dc00a7ea40f4e52c05f8adfe9dca0d602d52d48a472fee23f079dca73556a26575960e9079d54ab45e13997cdd949f992322200f01c
 SHA512 
480280c464e3cc3523e9b2bf210afd1bf62fa789d0acb7064c80919184bcbb975131f698a1e589b97ce1664f6cc44e6ac5e20a40188020b3558d38005d66287c
 DIST ngx_brotli-6a1174446f5a866d3d13615dd2824177570f0a69.tar.gz 12771 BLAKE2B 
84e8bad6d3006dd919778ebbdb85bfe58dd9546533f824697eb3a0a3c560e858aa91c7ab4adcb2fc851aa7cee974086400607d9f9ddea0596b1b19eb87618a39
 SHA512 
10ce5360cd7a1edd2623918d5b438ef400dc6c2c030c992f200491448e182aedd8ebebc647d333ef22a393bb172f52d9e01f2a1d8d780e849fc3c0971e4130fe
 DIST ngx_brotli-8cd9dd5fc232d3a01644584921e52dae99034779.tar.gz 10585 BLAKE2B 
d65f068300852b5dbd77184cbcdbd31b14cb30484c5eb8c0d2b757d1d59e97d291b4b06fc11bc861d8796579964c91da2cb359e8fdf75199c655488701619516
 SHA512 
fa97bea2041d08d3ba07ae1cf6d84c225673b49c9ac8930923997c3ce501358a8bec63e4f3c075e22041f7997b8371a0d1887d73e989b8f27d55a0f72b3ea0f9

diff --git a/www-servers/nginx/files/http_brotli-detect-brotli-r1.patch 
b/www-servers/nginx/files/http_brotli-detect-brotli-r1.patch
new file mode 100644
index 000..07a869fa096
--- /dev/null
+++ b/www-servers/nginx/files/http_brotli-detect-brotli-r1.patch
@@ -0,0 +1,116 @@
+We aren't interested in bundled Brotli.
+
+Use pkg-config to detect Brotli's install path.
+
+--- a/config
 b/config
+@@ -59,98 +59,19 @@ have=NGX_HTTP_BROTLI_STATIC_MODULE . auto/have  # 
deprecated
+ ngx_module_type=HTTP_FILTER
+ ngx_module_name=ngx_http_brotli_filter_module
+ 
+-brotli="/usr/local"
++brotli=$(pkg-config --variable=prefix libbrotlienc)
+ 
+ if [ ! -f "$brotli/include/brotli/encode.h" ]; then
+ 
+-brotli="$ngx_addon_dir/deps/brotli/c"
+-
+-if [ ! -f "$brotli/include/brotli/encode.h" ]; then
+ cat << END
+ 
+ $0: error: \
+-Brotli library is missing from the $brotli directory.
+-
+-Please make sure that the git submodule has been checked out:
+-
+-cd $ngx_addon_dir && git submodule update --init && cd $PWD
++Brotli library not found. Don't you have app-arch/brotli installed?
+ 
+ END
+ exit 1
+ fi
+ 
+-ngx_module_incs="$brotli/include"
+-ngx_module_deps="$brotli/common/constants.h \
+- $brotli/common/context.h \
+- $brotli/common/dictionary.h \
+- $brotli/common/platform.h \
+- $brotli/common/transform.h \
+- $brotli/common/version.h \
+- $brotli/enc/backward_references.h \
+- $brotli/enc/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2017-10-24 Thread Thomas Deutschmann

commit: 808d03f69901c05159d8baf470d9a6ec3d65d8cc
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Tue Oct 24 18:52:35 2017 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Tue Oct 24 18:53:14 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=808d03f6

www-servers/nginx: Rev bump to fix http_cache_purge module

Closes: https://bugs.gentoo.org/635330
Package-Manager: Portage-2.3.11, Repoman-2.3.3

 .../nginx/files/http_cache_purge-1.11.6+.patch |   22 +
 www-servers/nginx/nginx-1.12.2-r1.ebuild   | 1005 +++
 www-servers/nginx/nginx-1.13.6-r1.ebuild   | 1006 
 3 files changed, 2033 insertions(+)

diff --git a/www-servers/nginx/files/http_cache_purge-1.11.6+.patch 
b/www-servers/nginx/files/http_cache_purge-1.11.6+.patch
new file mode 100644
index 000..c4596bf97ad
--- /dev/null
+++ b/www-servers/nginx/files/http_cache_purge-1.11.6+.patch
@@ -0,0 +1,22 @@
+Fix compatibility with nginx-1.11.6+
+
+https://github.com/FRiCKLE/ngx_cache_purge/pull/51
+
+---
+ ngx_cache_purge_module.c | 4 
+ 1 file changed, 4 insertions(+)
+
+--- a/ngx_cache_purge_module.c
 b/ngx_cache_purge_module.c
+@@ -492,7 +492,11 @@ typedef struct {
+ ngx_str_t  body_source;
+ #  endif /* nginx_version < 1007008 */
+ 
++#  if (nginx_version >= 1011006)
++ngx_http_complex_value_t  *method;
++#  else
+ ngx_str_t  method;
++#  endif /* nginx_version >= 1011006 */
+ ngx_str_t  location;
+ ngx_str_t  url;
+ 

diff --git a/www-servers/nginx/nginx-1.12.2-r1.ebuild 
b/www-servers/nginx/nginx-1.12.2-r1.ebuild
new file mode 100644
index 000..fdf52f005cc
--- /dev/null
+++ b/www-servers/nginx/nginx-1.12.2-r1.ebuild
@@ -0,0 +1,1005 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+# Maintainer notes:
+# - http_rewrite-independent pcre-support makes sense for matching locations 
without an actual rewrite
+# - any http-module activates the main http-functionality and overrides 
USE=-http
+# - keep the following requirements in mind before adding external modules:
+#  * alive upstream
+#  * sane packaging
+#  * builds cleanly
+#  * does not need a patch for nginx core
+# - TODO: test the google-perftools module (included in vanilla tarball)
+
+# prevent perl-module from adding automagic perl DEPENDs
+GENTOO_DEPEND_ON_PERL="no"
+
+# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license)
+DEVEL_KIT_MODULE_PV="0.3.0"
+DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1"
+DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz";
+DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}"
+
+# http_uploadprogress 
(https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license)
+HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2"
+HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1"
+HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz";
+HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}"
+
+# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD 
license)
+HTTP_HEADERS_MORE_MODULE_PV="0.32"
+HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}"
+HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz";
+HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}"
+
+# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, 
https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license)
+HTTP_CACHE_PURGE_MODULE_PV="2.3"
+HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
+HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz";
+HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
+
+# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 
license)
+HTTP_SLOWFS_CACHE_MODULE_PV="1.10"
+HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
+HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz";
+HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
+
+# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license)
+HTTP_FANCYINDEX_MODULE_PV="0.4.2"
+HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
+HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz";
+HTTP_FANCYINDEX_MOD

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/, profiles/base/

2017-03-22 Thread Thomas Deutschmann

commit: f107db8a54071c0d74bbcbde801dc07af7bf260c
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Wed Mar 22 16:48:26 2017 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Wed Mar 22 16:51:28 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f107db8a

www-servers/nginx: Bumped to v1.11.11 mainline

Ebuild changes:
===
 - rtmp module bumped to v1.1.11

 - mod_security masked because incompatible with recent changes
   in nginx-1.11.11. We will have to switch to the new
   ModSecurity v3 Nginx Connector in future but there isn't any
   release/tagged version yet.

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 profiles/base/package.use.mask |6 +
 www-servers/nginx/Manifest |2 +
 .../nginx/files/http_echo-nginx-1.11.11+.patch |   59 ++
 .../nginx/files/http_lua_nginx-1.11.11+.patch  |   46 +
 www-servers/nginx/nginx-1.11.11.ebuild | 1010 
 5 files changed, 1123 insertions(+)

diff --git a/profiles/base/package.use.mask b/profiles/base/package.use.mask
index 94179afe301..96da6703d41 100644
--- a/profiles/base/package.use.mask
+++ b/profiles/base/package.use.mask
@@ -7,6 +7,12 @@
 # This file is only for generic masks. For arch-specific masks (i.e.
 # mask everywhere, unmask on arch/*) use arch/base.
 
+# Thomas Deutschmann  (22 Mar 2017)
+# mod_security is currently incompatible with recent changes
+# in >=nginx-1.11.11.
+# https://github.com/SpiderLabs/ModSecurity/issues/1359
+>=www-servers/nginx-1.11.11 nginx_modules_http_security
+
 # Michał Górny  (18 Mar 2017)
 # Requires removed old version of media-gfx/graphviz.
 media-gfx/nip2 graphviz

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index b435401f202..377d516b6ec 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -2,6 +2,7 @@ DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 
958cc5a7a7430f93fac0fd6f8b9aa92fc18
 DIST nginx-1.10.2.tar.gz 910812 SHA256 
1045ac4987a396e2fa5d0011daf8987b612dd2f05181b67507da68cbe7d765c2 SHA512 
f2d5a4fbabaf9333bae46461bcbe3dbcc5ff7e8f8c7a5dead3063e3d59c9ec15dc85262a23ca7d693db45a50ec98a70fb216b3da9872ee23d57b6bfaf064876e
 WHIRLPOOL 
7e819f43a68de49d3cceb3e5ec81eef6872859df0abca2be00fb73c8779c2716b6997ea5f8cadb93af195d9f4d07a4404f51e0752dd881628de93a0c0289aea7
 DIST nginx-1.10.3.tar.gz 911509 SHA256 
75020f1364cac459cb733c4e1caed2d00376e40ea05588fb8793076a4c69dd90 SHA512 
25cddbe5c419700aeca41bff3be5b7c3accfb38ad846ec8d91d81ab7c15f10db719f02d9263edf1fa12f59805ff7001b62864dc2885370b24afeea1d7d2afbbf
 WHIRLPOOL 
1ebf540d49d28a853a9221a558b53d28e2e7dfddf345e433baa4c2b819f6e1fe34528b4680387147c73271d3837529a4452e53b863dff5d29772c2b0a75e0ba6
 DIST nginx-1.11.10.tar.gz 967773 SHA256 
778b3cabb07633f754cd9dee32fc8e22582bce22bfa407be76a806abd935533d SHA512 
b6437d8305547a834a0f3ad076ac591b90189eb922f48759094efaa9618e39fc249600ab13650113fe841fc9af0b736acc61a9b9baba7bacd35224c34df1bbc9
 WHIRLPOOL 
f9535d4fabad7603cc384dda13aca51be77c7901d099190f9d5a187e517128a56a28cb851408b93091f8d99ce118678857ec08fba16bec4c2e2ed2d75ab543bd
+DIST nginx-1.11.11.tar.gz 979864 SHA256 
5a7ac480248e28d26e68fd1ea3dbd8b05f69726d71528e79332839b171277262 SHA512 
c830c1eb762f5d5df19c4b256c8aa4ebe8354f3a088f07c6b4b890806117d1716eaa20dbd6ac1ff5eafc2b1ee43c44ed608aa96b9057e44953b2888177e67719
 WHIRLPOOL 
9403ab4763a077a378d997d7a60abdf6c9a8caa8756096c86c1046ca324926e9e8e835c59bd677440fc33e8a9f4c22cfa238e043116bfed621dabcadacc9d1cf
 DIST nginx-1.11.6.tar.gz 960331 SHA256 
3153abbb518e2d9c032e1b127da3dc0028ad36cd4679e5f3be0b8afa33bc85bd SHA512 
1969f527d4554a976d14e82c2297c519a0d0d82a9fbd3cc703ab42a23067c7fcf101ddf16f1abff374c71f37969fd7c58d2a344c57566538b821acc32cd3d979
 WHIRLPOOL 
67ed24c25b20f6d94f3a0602946f750b4efafd79d3a093a35fdf370a20377abcc2a54c00fcd5e7bc54305515da9234fb2f192c744a7fb59c4bbdee2ba0c0f626
 DIST nginx-1.11.8.tar.gz 964918 SHA256 
53aef3715d79015314c2dcb18f2b185a0c64368cc01b30bdf0737a215f666b34 SHA512 
4bbecf17579022cc925af8808554983c57e4f438edc8f987751413f0a023267a4766edc8321cbbe8a8b675f7e86d8a2cba76bd52236c8d9509b2b301ab349ffa
 WHIRLPOOL 
a30ad4cdc0b74e0f860938942caeee961759ceabae8735725a989db29702b366fb285079a992cbc681ec3fd157ef6f8907f6a3eac13a8af302daad94ca867738
 DIST nginx-1.11.9.tar.gz 965463 SHA256 
dc22b71f16b551705930544dc042f1ad1af2f9715f565187ec22c7a4b2625748 SHA512 
95247d5db3e23a0ea22686cc3fe4295f8854948a6f168a783082fdbb2acbecdad61cd9c8cadd84c1f74c1e87becdca8d6664622ff9cebc72687f20b29cc09fd0
 WHIRLPOOL 
39a56073e359aac716e0a9ff672ee89b97205c281b53be97920c098aea9b25635e59a5ea0e3a7cb4ba79d43afc8ed3942cd34840773dd1e472101c9ab6ac72a4
@@ -25,3 +26,4 @@ DIST ngx_memc_module-0.17.tar.gz 36369 SHA256 
25cbe3ff4931283a681260607bc91ae4a9
 DIST ngx_metrics-0.1.1.tar.gz 2964 SHA256 
1c62ebb31e3caafad91720962770b0e7a4287f195520cf12471c262ac19b154e SHA512 
d36a8fb0104c83b6b564e03b351aa750cab08650264c74d6f786af357bfb7006b531a93270dd961896ea8dafe27e5db85

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2017-01-07 Thread Thomas Deutschmann

commit: 7e9a4ebc9ca7bb35814cacf85c9a28cdab6fdf9f
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Sat Jan  7 23:29:14 2017 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Sat Jan  7 23:30:45 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7e9a4ebc

www-servers/nginx: rev bump to fix CVE-2016-1247 (bug #605008)

Ebuild changes:
===
 - Rewritten pkg_postinst for a better user experience

  - Package tries to show warnings/notices only when really needed

  - Permission checks should now be more reliable, i.e. working when
switching between stable (:0) and mainline (:mainline) slot.

  - An additional sanity check will make sure that at least permissions on
"/var/log/nginx" will prevent a known root privilege escalation

 - Permissions on "/var/log/nginx" changed to 0710 and owner changed to
   0:nginx to fix CVE-2016-1247 (bug #tba)

 - Runscript: Bashisms removed

 - User is now able to control most runscript options like used nginx'
   config file, pidfile, user/group, start-stop-daemon arguments ... through
   "/etc/conf.d/nginx"

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 www-servers/nginx/files/nginx.confd  |  32 +
 www-servers/nginx/files/nginx.initd-r4   |  93 +++
 www-servers/nginx/nginx-1.10.2-r3.ebuild | 986 ++
 www-servers/nginx/nginx-1.11.6-r1.ebuild | 999 +++
 4 files changed, 2110 insertions(+)

diff --git a/www-servers/nginx/files/nginx.confd 
b/www-servers/nginx/files/nginx.confd
new file mode 100644
index ..f4b8043
--- /dev/null
+++ b/www-servers/nginx/files/nginx.confd
@@ -0,0 +1,32 @@
+# /etc/conf.d/nginx
+
+# Configuration file
+#NGINX_CONFIGFILE="/etc/nginx/nginx.conf"
+
+# PID file
+# If you should ever change this, remember to update
+# "/etc/logrotate.d/nginx", too.
+#NGINX_PIDFILE="/run/nginx.pid"
+
+# User to run nginx as
+# If you should ever change this, make sure this user has
+# execution permission on any of your log directories
+# (/var/log/nginx per default) but do NOT forget other log directories
+# one of your vhost(s) maybe using or logging after logrotation will
+# be broken).
+#NGINX_USER="nginx"
+
+# Group to run nginx as
+# See the note above regarding NGINX_USER.
+#NGINX_GROUP="nginx"
+
+# You can use this configuration option to pass additional options to the
+# start-stop-daemon, see start-stop-daemon(8) for more details.
+# Per default we wait 1000ms after we have started the service to ensure
+# that the daemon is really up and running.
+#NGINX_SSDARGS="--wait 1000"
+
+# The termination timeout (start-stop-daemon parameter "retry") ensures
+# that the service will be terminated within a given time (60 + 5 seconds
+# per default) when you are stopping the service.
+#NGINX_TERMTIMEOUT="TERM/60/KILL/5"

diff --git a/www-servers/nginx/files/nginx.initd-r4 
b/www-servers/nginx/files/nginx.initd-r4
new file mode 100644
index ..1b7385f
--- /dev/null
+++ b/www-servers/nginx/files/nginx.initd-r4
@@ -0,0 +1,93 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+extra_commands="configtest"
+extra_started_commands="upgrade reload"
+
+description="Robust, small and high performance http and reverse proxy server"
+description_configtest="Run nginx' internal config check."
+description_upgrade="Upgrade the nginx binary without losing connections."
+description_reload="Reload the nginx configuration without losing connections."
+
+NGINX_CONFIGFILE=${NGINX_CONFIGFILE:-/etc/nginx/nginx.conf}
+
+command="/usr/sbin/nginx"
+command_args="-c \"${NGINX_CONFIGFILE}\""
+start_stop_daemon_args=${NGINX_SSDARGS:-"--wait 1000"}
+pidfile=${NGINX_PIDFILE:-/run/nginx.pid}
+user=${NGINX_USER:-nginx}
+group=${NGINX_GROUP:-nginx}
+retry=${NGINX_TERMTIMEOUT:-"TERM/60/KILL/5"}
+
+depend() {
+   need net
+   use dns logger netmount
+}
+
+start_pre() {
+   if [ "${RC_CMD}" != "restart" ]; then
+   configtest || return 1
+   fi
+}
+
+stop_pre() {
+   if [ "${RC_CMD}" = "restart" ]; then
+   configtest || return 1
+   fi
+}
+
+stop_post() {
+   rm -f ${pidfile}
+}
+
+reload() {
+   configtest || return 1
+   ebegin "Refreshing nginx' configuration"
+   start-stop-daemon --signal SIGHUP --pidfile "${pidfile}"
+   eend $? "Failed to reload nginx"
+}
+
+upgrade() {
+   configtest || return 1
+   ebegin "Upgrading nginx"
+
+   einfo "Sending USR2 to old binary"
+   start-stop-daemon --signal SIGUSR2 --pidfile "${pidfile}"
+
+   einfo "Sleeping 3 seconds before pid-files checking"
+   sleep 3
+
+   if [ ! -f "${pidfile}.oldbin" ]; then
+   eerror "File with old pid not found"
+   return 1
+   fi
+
+   if [ ! -f "${pidfile}" ]; then
+   eerror "New binary failed to start"
+   return 1
+   fi
+
+   einfo "Sleepi

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2016-11-15 Thread Thomas Deutschmann

commit: 8ac89065bebe43ae243a8ad0865b3ac512e9d63a
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Tue Nov 15 21:48:07 2016 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Tue Nov 15 21:48:56 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8ac89065

www-servers/nginx: Cleanup old.

Package-Manager: portage-2.3.2

 www-servers/nginx/Manifest |   2 -
 .../nginx/files/http-sticky-nginx-1.11.2.patch |  64 --
 www-servers/nginx/nginx-1.10.1-r3.ebuild   | 776 
 www-servers/nginx/nginx-1.10.1-r4.ebuild   | 776 
 www-servers/nginx/nginx-1.11.4.ebuild  | 789 -
 5 files changed, 2407 deletions(-)

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index 9c0b9aa..f950922 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -1,7 +1,6 @@
 DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 
958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 
374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269
 WHIRLPOOL 
5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb
 DIST nginx-1.10.1.tar.gz 909077 SHA256 
1fd35846566485e03c0e318989561c135c598323ff349c503a6c14826487a801 SHA512 
fa1329d40e83340380332dd5e2ed66f08dd59cc7f7582dd0e0193c493353ba550e80dc80e5165c225d70532d4197abc49cc8c760e8ab72e48f630cb57c2803e1
 WHIRLPOOL 
6942f70c3279a28bd8d664d085dee68bf0d0526c8dcb636f3258c9de598268efc984af72e527efd86889bd13911b38b0bdb2de1e92eef69cabd02f7080f64eb6
 DIST nginx-1.10.2.tar.gz 910812 SHA256 
1045ac4987a396e2fa5d0011daf8987b612dd2f05181b67507da68cbe7d765c2 SHA512 
f2d5a4fbabaf9333bae46461bcbe3dbcc5ff7e8f8c7a5dead3063e3d59c9ec15dc85262a23ca7d693db45a50ec98a70fb216b3da9872ee23d57b6bfaf064876e
 WHIRLPOOL 
7e819f43a68de49d3cceb3e5ec81eef6872859df0abca2be00fb73c8779c2716b6997ea5f8cadb93af195d9f4d07a4404f51e0752dd881628de93a0c0289aea7
-DIST nginx-1.11.4.tar.gz 949793 SHA256 
06221c1f43f643bc6bfe5b2c26d19e09f2588d5cde6c65bdb77dfcce7c026b3b SHA512 
c6a03c440a274576434aa74932b3fa7cd49174d9e2d8c6e480838637f33f158e31b6f25cac97e158f386bb92f62ff9636c2d3ac1a552e27a860eb9448e2f3f94
 WHIRLPOOL 
53c371cb34bc55f28d0a0915e08a4fdeffcfcbc8571628db086e0a75627c926693f2faba8608f0c444bc79df244b7f321e6017eda0eb7710d2ccb6f25aac8b75
 DIST nginx-1.11.5.tar.gz 956517 SHA256 
223f8a2345a75f891098cf26ccdf208b293350388f51ce69083674c9432db6f6 SHA512 
f41b21b5d8c6b7fe7f8713e96fb6b1c40da49bf64ebb790fb5aa38f036a37b36fcf048ff72c2216552b2f75366b30c5fcdef26312bd4e5515b2476a1cd944b8c
 WHIRLPOOL 
fba49ae277ec2114b06eb0fdce87161ac7bd3e0ca90387dc58caf327c5f12056be07eeba677ff37c59e7d759054ec276ce4db647250774c57588619a1803592c
 DIST nginx-1.11.6.tar.gz 960331 SHA256 
3153abbb518e2d9c032e1b127da3dc0028ad36cd4679e5f3be0b8afa33bc85bd SHA512 
1969f527d4554a976d14e82c2297c519a0d0d82a9fbd3cc703ab42a23067c7fcf101ddf16f1abff374c71f37969fd7c58d2a344c57566538b821acc32cd3d979
 WHIRLPOOL 
67ed24c25b20f6d94f3a0602946f750b4efafd79d3a093a35fdf370a20377abcc2a54c00fcd5e7bc54305515da9234fb2f192c744a7fb59c4bbdee2ba0c0f626
 DIST nginx-auth-ldap-49a8b4d28fc4a518563c82e0b52821e5f37db1fc.tar.gz 17159 
SHA256 3c11c32f05da04f1a4647dc4e35dd8d8aeacd5a2e763ba349feba3dba8663132 SHA512 
323abd0ca8e90f5afcaf81a8ff1a8abe3dfcbff3d69f0dd4a1c005fe6436acbf3076c4c57a4df877b3d8e388cbea085d46301bb2df9c0752e2567817ff7cca92
 WHIRLPOOL 
ad65e8182b2634db5fa06055ef7d91c7d8aabd0fa986d8402a4845977354d6edb329621b6f9f96c90ce2d158cff20e42ae50fba06a088a84de3e3f414205dbc2
@@ -35,4 +34,3 @@ DIST ngx_metrics-0.1.1.tar.gz 2964 SHA256 
1c62ebb31e3caafad91720962770b0e7a4287f
 DIST ngx_mogilefs_module-1.0.4.tar.gz 11208 SHA256 
7ac230d30907f013dff8d435a118619ea6168aa3714dba62c6962d350c6295ae SHA512 
b8cb7eaf6274f4e2247dbcb39db05072d2b2d4361256a325fafab5533d7ce0c4ae9e2905b954dfcfa4789c9cab5cccf2ac1c3a1f02f6a327ed95b562d7773ed1
 WHIRLPOOL 
64c9b11ad938e6dbe5ba31298f1cd46f6e6bb4ba039c96b1e43bd85919d1606326f74b677f789ecabe0b0f4e0f08ac5aaf8148bf820de65aaa1e9966a28b9f61
 DIST ngx_rtmp-1.1.10.tar.gz 519877 SHA256 
f9491dd24390b0d5d70dfe3553edf3d14efeb7c7a81b4d4a20c5cfeaefc1141c SHA512 
bcc0aee3308af7c61bf01a5530fcf1dae938e6778306f6e3eb5995e6d0529f43d33b7ee2acb813d5a39acc92e4853d207a01e8e41b766a6e0dd07aade60cd98f
 WHIRLPOOL 
655f4dcb02f928698ae14d29e5b7f60ad3fd71c757d67f1930c695a3501054d124a92f7ada7d4e605204f1e73e0779cad0b60102bc98d64764535581db0b1867
 DIST ngx_rtmp-1.1.7.tar.gz 519735 SHA256 
7922b0e3d5f3d9c4b275e4908cfb8f5fb1bfb3ac2df77f4c262cda56df21aab3 SHA512 
9883462a04683f1e7af175da04b86d259ff6d677864667588fb073143f7130969eb2a5a5a48ddceda7a555b908580f179bdcacb7f0111413d51db5bfe43b396e
 WHIRLPOOL 
e9c1fc9c3c965ae7047657f76e0997d5da107aff7dd9e5cf3ddb5a2d8f388efd8439b82923e199dc36def449567b8529e06c80f69c36f42128236ac0be5719d5
-DIST ngx_rtmp-1.1.9.tar.gz 519807 SHA256 
46d9

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2016-10-20 Thread Thomas Deutschmann

commit: 1ff623f132f68b98061ac2d0ff9695920041a336
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Thu Oct 20 14:03:39 2016 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Thu Oct 20 14:03:39 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1ff623f1

www-servers/nginx: Patch for uploadprogress module updated

The previous patch worked however upstream merged an updated PR
so I updated the patch to stay in sync.

Package-Manager: portage-2.3.2

 .../files/http_uploadprogress-issue_50-r1.patch| 31 +
 .../nginx/files/http_uploadprogress-issue_50.patch | 32 --
 www-servers/nginx/nginx-1.10.2-r1.ebuild   |  2 +-
 www-servers/nginx/nginx-1.11.5-r1.ebuild   |  2 +-
 4 files changed, 33 insertions(+), 34 deletions(-)

diff --git a/www-servers/nginx/files/http_uploadprogress-issue_50-r1.patch 
b/www-servers/nginx/files/http_uploadprogress-issue_50-r1.patch
new file mode 100644
index ..42cbd77
--- /dev/null
+++ b/www-servers/nginx/files/http_uploadprogress-issue_50-r1.patch
@@ -0,0 +1,31 @@
+From dd138546b16a01e9c09613d02211373baf1cac02 Mon Sep 17 00:00:00 2001
+From: Thomas Deutschmann 
+Date: Thu, 20 Oct 2016 03:09:37 +0200
+Subject: [PATCH] config: Fix ngx_module_type
+
+Since commit 37182ce2f3b6 the module was not present in static builds
+because due to an invalid "ngx_module_type" the module was not added to
+objs/ngx_modules.c.
+
+This commit will fix the problem by setting the correct module type
+"HTTP_FILTER" [Link 1].
+
+Link 1: 
https://www.nginx.com/resources/wiki/extending/new_config/#key-ngx_module_type
+Gentoo-Bug: https://bugs.gentoo.org/593450
+Fixes: https://github.com/masterzen/nginx-upload-progress-module/issues/50
+---
+ config | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config b/config
+index 364af8c..5f4ade1 100644
+--- a/config
 b/config
+@@ -1,6 +1,6 @@
+ ngx_addon_name=ngx_http_uploadprogress_module
+ if test -n "$ngx_module_link"; then
+-ngx_module_type=FILTER
++ngx_module_type=HTTP_FILTER
+ ngx_module_name=ngx_http_uploadprogress_module
+ ngx_module_srcs="$ngx_addon_dir/ngx_http_uploadprogress_module.c"
+ 

diff --git a/www-servers/nginx/files/http_uploadprogress-issue_50.patch 
b/www-servers/nginx/files/http_uploadprogress-issue_50.patch
deleted file mode 100644
index 3347c5b..
--- a/www-servers/nginx/files/http_uploadprogress-issue_50.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From edd7e026fa992f58b04ea9d00b56239f37b3e320 Mon Sep 17 00:00:00 2001
-From: Thomas Deutschmann 
-Date: Wed, 19 Oct 2016 15:05:27 +0200
-Subject: [PATCH] config: Only build as dynamic module when really requested
-
-Since commit 37182ce2f3b6 the module was always build as dynamic module.
-Probably because following a bad skeleton [1].
-
-With this change we will only build a dynamic module when requested. Otherwise
-we will fall back to static build.
-
-Link: https://trac.nginx.org/nginx/ticket/1115
-Gentoo-Bug: https://bugs.gentoo.org/593450
-Fixes: https://github.com/masterzen/nginx-upload-progress-module/issues/50

- config | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/config b/config
-index 364af8c..d704460 100644
 a/config
-+++ b/config
-@@ -1,5 +1,5 @@
- ngx_addon_name=ngx_http_uploadprogress_module
--if test -n "$ngx_module_link"; then
-+if [ $ngx_module_link = DYNAMIC ] ; then
- ngx_module_type=FILTER
- ngx_module_name=ngx_http_uploadprogress_module
- ngx_module_srcs="$ngx_addon_dir/ngx_http_uploadprogress_module.c"
--- 
-2.10.1
-

diff --git a/www-servers/nginx/nginx-1.10.2-r1.ebuild 
b/www-servers/nginx/nginx-1.10.2-r1.ebuild
index c649333..8690da9 100644
--- a/www-servers/nginx/nginx-1.10.2-r1.ebuild
+++ b/www-servers/nginx/nginx-1.10.2-r1.ebuild
@@ -354,7 +354,7 @@ src_prepare() {
 
if use nginx_modules_http_upload_progress; then
cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die
-   eapply "${FILESDIR}"/http_uploadprogress-issue_50.patch
+   eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch
cd "${S}" || die
fi
 

diff --git a/www-servers/nginx/nginx-1.11.5-r1.ebuild 
b/www-servers/nginx/nginx-1.11.5-r1.ebuild
index 46c24d3..5aae3ae 100644
--- a/www-servers/nginx/nginx-1.11.5-r1.ebuild
+++ b/www-servers/nginx/nginx-1.11.5-r1.ebuild
@@ -362,7 +362,7 @@ src_prepare() {
 
if use nginx_modules_http_upload_progress; then
cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die
-   eapply "${FILESDIR}"/http_uploadprogress-issue_50.patch
+   eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch
cd "${S}" || die
fi

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2016-08-10 Thread Thomas Deutschmann

commit: 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f
Author: Thomas Deutschmann  gentoo  org>
AuthorDate: Wed Aug 10 22:02:57 2016 +
Commit: Thomas Deutschmann  gentoo  org>
CommitDate: Wed Aug 10 22:13:33 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8be44f76

www-servers/nginx: Revision bump to update HTTPoxy mitigation

Commit c4b897dc39a9 ("www-servers/nginx: HTTPoxy mitigation added") only
added HTTPoxy mitigation for fastcgi protocol.

This commit will add mitigation for similar protocols like scgi and uwsgi
as well.

Reported-by: Valentin V. Bartenev  nginx.com>

Package-Manager: portage-2.3.0

 .../nginx/files/nginx-httpoxy-mitigation-r1.patch  |  54 ++
 www-servers/nginx/nginx-1.10.1-r2.ebuild   | 768 
 www-servers/nginx/nginx-1.11.3-r1.ebuild   | 782 +
 3 files changed, 1604 insertions(+)

diff --git a/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch 
b/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch
new file mode 100644
index 000..4a6372a
--- /dev/null
+++ b/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch
@@ -0,0 +1,54 @@
+httpoxy mitigation
+
+See https://httpoxy.org/ and https://www.nginx.com/blog/?p=41962 for details.
+---
+ conf/fastcgi.conf   | 3 +++
+ conf/fastcgi_params | 3 +++
+ conf/scgi_params| 3 +++
+ conf/uwsgi_params   | 3 +++
+ 4 files changed, 12 insertions(+)
+
+diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf
+index 091738c..9f7e192 100644
+--- a/conf/fastcgi.conf
 b/conf/fastcgi.conf
+@@ -24,3 +24,6 @@ fastcgi_param  SERVER_NAME$server_name;
+ 
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param  REDIRECT_STATUS200;
++
++# httpoxy mitigation (https://httpoxy.org/ 
https://www.nginx.com/blog/?p=41962)
++fastcgi_param  HTTP_PROXY "";
+diff --git a/conf/fastcgi_params b/conf/fastcgi_params
+index 28decb9..3be3a95 100644
+--- a/conf/fastcgi_params
 b/conf/fastcgi_params
+@@ -23,3 +23,6 @@ fastcgi_param  SERVER_NAME$server_name;
+ 
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param  REDIRECT_STATUS200;
++
++# httpoxy mitigation (https://httpoxy.org/ 
https://www.nginx.com/blog/?p=41962)
++fastcgi_param  HTTP_PROXY "";
+diff --git a/conf/scgi_params b/conf/scgi_params
+index 6d4ce4f..a9da34f 100644
+--- a/conf/scgi_params
 b/conf/scgi_params
+@@ -15,3 +15,6 @@ scgi_param  REMOTE_ADDR$remote_addr;
+ scgi_param  REMOTE_PORT$remote_port;
+ scgi_param  SERVER_PORT$server_port;
+ scgi_param  SERVER_NAME$server_name;
++
++# httpoxy mitigation (https://httpoxy.org/ 
https://www.nginx.com/blog/?p=41962)
++scgi_param  HTTP_PROXY "";
+diff --git a/conf/uwsgi_params b/conf/uwsgi_params
+index 09c732c..9d67d3d 100644
+--- a/conf/uwsgi_params
 b/conf/uwsgi_params
+@@ -15,3 +15,6 @@ uwsgi_param  REMOTE_ADDR$remote_addr;
+ uwsgi_param  REMOTE_PORT$remote_port;
+ uwsgi_param  SERVER_PORT$server_port;
+ uwsgi_param  SERVER_NAME$server_name;
++
++# httpoxy mitigation (https://httpoxy.org/ 
https://www.nginx.com/blog/?p=41962)
++uwsgi_param  HTTP_PROXY "";

diff --git a/www-servers/nginx/nginx-1.10.1-r2.ebuild 
b/www-servers/nginx/nginx-1.10.1-r2.ebuild
new file mode 100644
index 000..a320bc8
--- /dev/null
+++ b/www-servers/nginx/nginx-1.10.1-r2.ebuild
@@ -0,0 +1,768 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+# Maintainer notes:
+# - http_rewrite-independent pcre-support makes sense for matching locations 
without an actual rewrite
+# - any http-module activates the main http-functionality and overrides 
USE=-http
+# - keep the following requirements in mind before adding external modules:
+#  * alive upstream
+#  * sane packaging
+#  * builds cleanly
+#  * does not need a patch for nginx core
+# - TODO: test the google-perftools module (included in vanilla tarball)
+
+# prevent perl-module from adding automagic perl DEPENDs
+GENTOO_DEPEND_ON_PERL="no"
+
+# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license)
+DEVEL_KIT_MODULE_PV="0.3.0"
+DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1"
+DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz";
+DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}"
+
+# http_uploadprogress 
(https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license)
+HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.1"
+HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1"
+HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz";
+HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/, profiles/desc/

2016-08-09 Thread Patrice Clement

commit: 8e825c84541e7d88387a864b9aefe3a30c7f2b8b
Author: Thomas Deutschmann  whissi  de>
AuthorDate: Tue Aug  2 12:43:42 2016 +
Commit: Patrice Clement  gentoo  org>
CommitDate: Tue Aug  9 07:22:04 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8e825c84

www-servers/nginx: version bump to v1.11.3.

* Upstream added 3 new STREAM modules:
 - geo
 - geoip
 - split_clients

* Each HTTP/STREAM upstream module can now be enabled/disabled using a
  dedicated USE flag

Package-Manager: portage-2.3.0
Closes: https://github.com/gentoo/gentoo/pull/1999

Signed-off-by: Patrice Clement  gentoo.org>

 profiles/desc/nginx_modules_http.desc  |   6 +-
 profiles/desc/nginx_modules_stream.desc|   8 +
 www-servers/nginx/Manifest |   1 +
 11.3-fix-build-without-stream_ssl_module.patch |  30 +
 www-servers/nginx/nginx-1.11.3.ebuild  | 782 +
 5 files changed, 826 insertions(+), 1 deletion(-)

diff --git a/profiles/desc/nginx_modules_http.desc 
b/profiles/desc/nginx_modules_http.desc
index f6c33cc..8c5ffa7 100644
--- a/profiles/desc/nginx_modules_http.desc
+++ b/profiles/desc/nginx_modules_http.desc
@@ -1,4 +1,4 @@
-# Copyright 1999-2015 Gentoo Foundation.
+# Copyright 1999-2016 Gentoo Foundation.
 # Distributed under the terms of the GNU General Public License v2
 # $Id$
 
@@ -62,7 +62,11 @@ stub_status - This module provides the ability to get some 
status from nginx.
 sub - This module can search and replace text in the nginx response.
 upload_progress - This module adds the ability to track POST upload progress 
via JSON API
 upstream_check - Add health check support for upstream servers.
+upstream_hash - This module provides the ability to distribute upstream 
requests based on hashed key value.
 upstream_ip_hash - This module provides the ability to distribute upstream 
requests based on the IP-address of the client.
+upstream_keepalive - Thiis module provides the ability to cache connections to 
upstream servers.
+upstream_least_conn - This module provides the ability to distribute upstream 
requests using load balancing methods.
+upstream_zone - This module makes it possible to define a shared memory zone 
that keeps the group's configuration and run-time state that are shared between 
worker processes.
 userid - This module gives out cookies for identification of clients.
 uwsgi - External module for the uWSGI protocol for python web apps.
 xslt - This module is a filter which converts an XML response with the aid of 
one or more XSLT templates.

diff --git a/profiles/desc/nginx_modules_stream.desc 
b/profiles/desc/nginx_modules_stream.desc
index bc20e2a..d7634ac 100644
--- a/profiles/desc/nginx_modules_stream.desc
+++ b/profiles/desc/nginx_modules_stream.desc
@@ -6,5 +6,13 @@
 
 # Keep it sorted.
 access - This module allows limiting access to certain client addresses.
+geo - This module creates variables, whose values depend on the IP-address of 
the client.
+geoip - This module creates variables based on the IP-address of the client 
matched against the MaxMind GeoIP binary files.
 limit_conn - This module is used to limit the number of connections per the 
defined key.
+map - This module allows you to classify, or map a set of values into a 
different set of values and store the result in a variable.
+return - This module allows sending a specified value to the client and then 
closing the connection.
+split_clients - This module provides A/B testing support.
 upstream - This module is used to define groups of servers that can be 
referenced by the proxy_pass directive.
+upstream_hash - This module provides the ability to distribute upstream 
requests based on hashed key value.
+upstream_least_conn - This module provides the ability to distribute upstream 
requests using load balancing methods.
+upstream_zone - This module makes it possible to define a shared memory zone 
that keeps the group's configuration and run-time state that are shared between 
worker processes.

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index fde5d70..a721492 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -1,6 +1,7 @@
 DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 
958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 
374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269
 WHIRLPOOL 
5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb
 DIST nginx-1.10.1.tar.gz 909077 SHA256 
1fd35846566485e03c0e318989561c135c598323ff349c503a6c14826487a801 SHA512 
fa1329d40e83340380332dd5e2ed66f08dd59cc7f7582dd0e0193c493353ba550e80dc80e5165c225d70532d4197abc49cc8c760e8ab72e48f630cb57c2803e1
 WHIRLPOOL 
6942f70c3279a28bd8d664d085dee68bf0d0526c8dcb636f3258c9de598268efc984af72e527efd86889bd13911b38b0bdb2de1e92eef69c

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2016-07-26 Thread Lars Wendler

commit: c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9
Author: Thomas Deutschmann  whissi  de>
AuthorDate: Tue Jul 19 23:16:33 2016 +
Commit: Lars Wendler  gentoo  org>
CommitDate: Tue Jul 26 09:51:22 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c4b897dc

www-servers/nginx: HTTPoxy mitigation added

Package-Manager: portage-2.3.0
Signed-off-by: Lars Wendler  gentoo.org>

 .../nginx/files/nginx-httpoxy-mitigation.patch | 33 ++
 ...{nginx-1.11.2.ebuild => nginx-1.10.1-r1.ebuild} | 23 +--
 www-servers/nginx/nginx-1.11.2.ebuild  | 13 +
 3 files changed, 61 insertions(+), 8 deletions(-)

diff --git a/www-servers/nginx/files/nginx-httpoxy-mitigation.patch 
b/www-servers/nginx/files/nginx-httpoxy-mitigation.patch
new file mode 100644
index 000..7e9618b
--- /dev/null
+++ b/www-servers/nginx/files/nginx-httpoxy-mitigation.patch
@@ -0,0 +1,33 @@
+httpoxy mitigation
+
+See https://httpoxy.org/ and https://www.nginx.com/blog/?p=41962 for details.
+---
+ conf/fastcgi.conf   | 3 +++
+ conf/fastcgi_params | 3 +++
+ 2 files changed, 6 insertions(+)
+
+diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf
+index 091738c..9f7e192 100644
+--- a/conf/fastcgi.conf
 b/conf/fastcgi.conf
+@@ -24,3 +24,6 @@ fastcgi_param  SERVER_NAME$server_name;
+ 
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param  REDIRECT_STATUS200;
++
++# httpoxy mitigation (https://httpoxy.org/ 
https://www.nginx.com/blog/?p=41962)
++fastcgi_param  HTTP_PROXY "";
+diff --git a/conf/fastcgi_params b/conf/fastcgi_params
+index 28decb9..3be3a95 100644
+--- a/conf/fastcgi_params
 b/conf/fastcgi_params
+@@ -23,3 +23,6 @@ fastcgi_param  SERVER_NAME$server_name;
+ 
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param  REDIRECT_STATUS200;
++
++# httpoxy mitigation (https://httpoxy.org/ 
https://www.nginx.com/blog/?p=41962)
++fastcgi_param  HTTP_PROXY "";
+-- 
+2.9.2
+

diff --git a/www-servers/nginx/nginx-1.11.2.ebuild 
b/www-servers/nginx/nginx-1.10.1-r1.ebuild
similarity index 97%
copy from www-servers/nginx/nginx-1.11.2.ebuild
copy to www-servers/nginx/nginx-1.10.1-r1.ebuild
index 9bf..5912230 100644
--- a/www-servers/nginx/nginx-1.11.2.ebuild
+++ b/www-servers/nginx/nginx-1.10.1-r1.ebuild
@@ -171,7 +171,7 @@ LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+
nginx_modules_http_security? ( Apache-2.0 )
nginx_modules_http_push_stream? ( GPL-3 )"
 
-SLOT="mainline"
+SLOT="0"
 KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux"
 
 NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif
@@ -269,7 +269,7 @@ CDEPEND="
nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] )"
 RDEPEND="${CDEPEND}
selinux? ( sec-policy/selinux-nginx )
-   !www-servers/nginx:0"
+   !www-servers/nginx:mainline"
 DEPEND="${CDEPEND}
arm? ( dev-libs/libatomic_ops )
libatomic? ( dev-libs/libatomic_ops )"
@@ -319,12 +319,7 @@ pkg_setup() {
 
 src_prepare() {
eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
-
-   if use nginx_modules_http_sticky; then
-   cd "${HTTP_STICKY_MODULE_WD}" || die
-   eapply "${FILESDIR}"/http-sticky-nginx-1.11.2.patch
-   cd "${S}" || die
-   fi
+   eapply "${FILESDIR}/${PN}-httpoxy-mitigation.patch"
 
if use nginx_modules_http_upstream_check; then
eapply -p0 "${HTTP_UPSTREAM_CHECK_MODULE_WD}/check_1.9.2+".patch
@@ -758,4 +753,16 @@ pkg_postinst() {
ewarn "'rx' permissions on /var/log/nginx (default on a fresh 
install)"
ewarn "Otherwise you end up with empty log files after a 
logrotate."
fi
+
+   # HTTPoxy mitigation
+   ewarn ""
+   ewarn "This nginx installation comes with a mitigation for the HTTPoxy"
+   ewarn "vulnerability for FastCGI applications by setting the HTTP_PROXY 
FastCGI"
+   ewarn "parameter to an empty string per default when you are sourcing 
the default"
+   ewarn "'fastcgi_params' or 'fastcgi.conf' in your server block(s)."
+   ewarn ""
+   ewarn "If this is causing any problems for you make sure that you are 
sourcing the"
+   ewarn "default parameters _before_ you set your own values."
+   ewarn "If you are relying on user-supplied proxy values you have to 
remove the"
+   ewarn "correlating lines from 'fastcgi_params' and or 'fastcgi.conf'."
 }

diff --git a/www-servers/nginx/nginx-1.11.2.ebuild 
b/www-servers/nginx/nginx-1.11.2.ebuild
index 9bf..0a7e068 100644
--- a/www-servers/nginx/nginx-1.11.2.ebuild
+++ b/www-servers/nginx/nginx-1.11.2.ebuild
@@ -319,6 +319,7 @@ pkg_setup() {
 
 src_prepare() {
eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
+   eapply "${FILESDIR}/${PN}-httpoxy-mitigation.patch"
 
if use nginx_modules_ht

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2016-06-15 Thread Patrice Clement

commit: 6241ba18ca4a5e043a97ad11cf450c8d27b3079f
Author: Thomas Deutschmann  whissi  de>
AuthorDate: Mon Jun 13 13:49:57 2016 +
Commit: Patrice Clement  gentoo  org>
CommitDate: Thu Jun 16 06:27:33 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6241ba18

www-servers/nginx: Patch for rtmp module. Fixes bug 585804.

Proposed patch for upstream bug 820 added to fix building of
nginx's 3rd party module "rtmp" against nginx-1.11.0+.

Bug: https://github.com/arut/nginx-rtmp-module/issues/820
Gentoo-Bug: https://bugs.gentoo.org/585804

Package-Manager: portage-2.3.0_rc1
Closes: https://github.com/gentoo/gentoo/pull/1669

Signed-off-by: Patrice Clement  gentoo.org>

 www-servers/nginx/files/rtmp-nginx-1.11.0.patch | 39 +
 www-servers/nginx/nginx-1.10.1.ebuild   |  7 +++--
 www-servers/nginx/nginx-1.11.1.ebuild   | 13 +++--
 3 files changed, 53 insertions(+), 6 deletions(-)

diff --git a/www-servers/nginx/files/rtmp-nginx-1.11.0.patch 
b/www-servers/nginx/files/rtmp-nginx-1.11.0.patch
new file mode 100644
index 000..36c9c03
--- /dev/null
+++ b/www-servers/nginx/files/rtmp-nginx-1.11.0.patch
@@ -0,0 +1,39 @@
+From 965523f3970e449e3abbaa6c9b0db1ce251f2b68 Mon Sep 17 00:00:00 2001
+From: RocFang 
+Date: Mon, 30 May 2016 22:56:16 +0800
+Subject: [PATCH] compile with nginx-1.11.0
+
+From https://github.com/arut/nginx-rtmp-module/issues/820
+
+---
+ ngx_rtmp_core_module.c | 8 
+ 1 file changed, 8 insertions(+)
+
+diff --git a/ngx_rtmp_core_module.c b/ngx_rtmp_core_module.c
+index 643702f..567f011 100644
+--- a/ngx_rtmp_core_module.c
 b/ngx_rtmp_core_module.c
+@@ -557,7 +557,11 @@ ngx_rtmp_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, 
void *conf)
+ break;
+ }
+ 
++#if (nginx_version >= 1011000)
++if (ngx_memcmp(ls[i].sockaddr + off, &u.sockaddr + off, len) != 0) {
++#else
+ if (ngx_memcmp(ls[i].sockaddr + off, u.sockaddr + off, len) != 0) {
++#endif
+ continue;
+ }
+ 
+@@ -577,7 +581,11 @@ ngx_rtmp_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, 
void *conf)
+ 
+ ngx_memzero(ls, sizeof(ngx_rtmp_listen_t));
+ 
++#if (nginx_version >= 1011000)
++ngx_memcpy(ls->sockaddr, &u.sockaddr, u.socklen);
++#else
+ ngx_memcpy(ls->sockaddr, u.sockaddr, u.socklen);
++#endif
+ 
+ ls->socklen = u.socklen;
+ ls->wildcard = u.wildcard;

diff --git a/www-servers/nginx/nginx-1.10.1.ebuild 
b/www-servers/nginx/nginx-1.10.1.ebuild
index 55ec9b2..630624b 100644
--- a/www-servers/nginx/nginx-1.10.1.ebuild
+++ b/www-servers/nginx/nginx-1.10.1.ebuild
@@ -348,7 +348,7 @@ src_prepare() {
 src_configure() {
# mod_security needs to generate nginx/modsecurity/config before 
including it
if use nginx_modules_http_security; then
-   cd "${HTTP_SECURITY_MODULE_WD}"
+   cd "${HTTP_SECURITY_MODULE_WD}" || die
if use luajit ; then
sed -i \
-e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \
@@ -360,7 +360,7 @@ src_configure() {
$(use_with nginx_modules_http_lua lua) || die 
"configure failed for mod_security"
fi
 
-   cd "${S}"
+   cd "${S}" || die
 
local myconf=() http_enabled= mail_enabled= stream_enabled=
 
@@ -624,9 +624,10 @@ src_install() {
newins "${FILESDIR}"/nginx.logrotate-r1 nginx
 
if use nginx_modules_http_perl; then
-   cd "${S}"/objs/src/http/modules/perl/
+   cd "${S}"/objs/src/http/modules/perl/ || die
emake DESTDIR="${D}" INSTALLDIRS=vendor
perl_delete_localpod
+   cd "${S}" || die
fi
 
if use nginx_modules_http_cache_purge; then

diff --git a/www-servers/nginx/nginx-1.11.1.ebuild 
b/www-servers/nginx/nginx-1.11.1.ebuild
index 5b4e977..451b271 100644
--- a/www-servers/nginx/nginx-1.11.1.ebuild
+++ b/www-servers/nginx/nginx-1.11.1.ebuild
@@ -320,6 +320,12 @@ pkg_setup() {
 src_prepare() {
eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
 
+   if use rtmp; then
+   cd "${RTMP_MODULE_WD}" || die
+   eapply "${FILESDIR}"/rtmp-nginx-1.11.0.patch
+   cd "${S}" || die
+   fi
+
if use nginx_modules_http_upstream_check; then
eapply -p0 "${HTTP_UPSTREAM_CHECK_MODULE_WD}/check_1.9.2+".patch
fi
@@ -348,7 +354,7 @@ src_prepare() {
 src_configure() {
# mod_security needs to generate nginx/modsecurity/config before 
including it
if use nginx_modules_http_security; then
-   cd "${HTTP_SECURITY_MODULE_WD}"
+   cd "${HTTP_SECURITY_MODULE_WD}" || die
if use luajit ; then
sed -i \
-e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \
@@ -360,7 +366,7 @@ src_configure() {
$(use_with nginx_modules_http_lua lua) || die

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2016-06-13 Thread Kristian Fiskerstrand

commit: fa58d5378eee1fc28ceff889a80e26beffa23d38
Author: Thomas Deutschmann  whissi  de>
AuthorDate: Mon Jun 13 18:30:54 2016 +
Commit: Kristian Fiskerstrand  gentoo  org>
CommitDate: Mon Jun 13 18:36:32 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa58d537

www-servers/nginx: Security cleanup

Dropping nginx-1.8.1 which is vulnerable to CVE-2016-4450 and was replaced
by nginx-1.10.1 via commit 9d8b4adb72f5912b8c121bdda6ffee72e08926d7.

Gentoo-Bug: 584744

Package-Manager: portage-2.3.0_rc1

 www-servers/nginx/Manifest |  12 -
 www-servers/nginx/files/AJP-nginx-1.7.9+.patch | 184 ---
 www-servers/nginx/files/check-1.9.2.patch  | 242 -
 www-servers/nginx/files/lua-nginx-1.7.6.patch  |  39 --
 www-servers/nginx/files/rtmp-nginx-1.7.6.patch |  89 
 www-servers/nginx/nginx-1.8.1.ebuild   | 667 -
 6 files changed, 1233 deletions(-)

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index f9608ef..2932c5a 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -1,33 +1,21 @@
-DIST modsecurity-2.9.0.tar.gz 4246467 SHA256 
e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434 SHA512 
1af04f29bf23c51d03cdd3795c530f88b523a645aa02d776a6b23dcbc31decec7cd574919e5c7c7cf82684df2774062de5e465bddbbaf4c01a442c6d49401d3d
 WHIRLPOOL 
1167ba6048a3ca05dcdabf03c67ae12720cca0cec74547fc223ee92ff76b6d5131785fa77b5f16da180e56590c851c192eaf02817b798e4d6f41fa6bfb2735a6
 DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 
958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 
374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269
 WHIRLPOOL 
5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb
 DIST nginx-1.10.1.tar.gz 909077 SHA256 
1fd35846566485e03c0e318989561c135c598323ff349c503a6c14826487a801 SHA512 
fa1329d40e83340380332dd5e2ed66f08dd59cc7f7582dd0e0193c493353ba550e80dc80e5165c225d70532d4197abc49cc8c760e8ab72e48f630cb57c2803e1
 WHIRLPOOL 
6942f70c3279a28bd8d664d085dee68bf0d0526c8dcb636f3258c9de598268efc984af72e527efd86889bd13911b38b0bdb2de1e92eef69cabd02f7080f64eb6
 DIST nginx-1.11.1.tar.gz 913417 SHA256 
5d8dd0197e3ffeb427729c045382182fb28db8e045c635221b2e0e6722821ad0 SHA512 
01330a5200b9b5ac5788cd95b2857d2ff87bf0a073a93e3e441b89d19f12137b496e6de67145c04cc74ba88d599a7be96d622f29785e30df23fc8a657adf8b2a
 WHIRLPOOL 
e902d408f45eb9168db5a5220275896a072419660505eb45816280f1a2d2150593262d601583d2c34b521fae560fdd237e6609e85bf03a30b7721c10299a207e
-DIST nginx-1.8.1.tar.gz 833473 SHA256 
8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7 SHA512 
546eba1749af0034cb8b924d2432be2f0e82a75c545aa929391ef7234103c3f29376235a2ef1363b120e1825cda15aeb085a05f9ce3596c88466e112e82aa882
 WHIRLPOOL 
cd399083fb14bdb3498f1cd91a1cb59a73d37f323ce7c2a32500c9443f654cb5449137708cf149a0126aedb77abec9d1eb3dce3121f0b378d7d70e8eb18062af
 DIST nginx-auth-ldap-dbcef31bebb2d54b6120422d0b178bbf78bc48f7.tar.gz 16998 
SHA256 35c8f29581823be0f8bdbcf237d7fa5518c45eabe0ab9a695b131d32c8f1c264 SHA512 
f47a9a6c5f93daa9260825261d2069bca5fc528221f94fc8ec98462f61774a36bce0238d931f8d0690544fd0144a83f942b6673c8376fe03f7834f8da971
 WHIRLPOOL 
26a2f67e715d13f785932f00e642c0864b5b7059d120f7fe7458017dbe02203f4873d1cfc4f0dd262834465438ad2b00ef4b49295e18a8e246abda6f7694ac70
-DIST nginx_http_sticky_module_ng-1.2.5.tar.bz2 124072 SHA256 
f975c033eb3c342f7247f6524774bbb727aaf630ed984576dbafe5de7a790c58 SHA512 
d6ae723f739efb2f0548461931b1c395801684759962beda08067111426b1c9787ceaede91b0e984c023108fd17864c53c53925506f7e8e25ec8d2fc065585f6
 WHIRLPOOL 
1013c6a51f5989c8131392b3d9704d42c99f9727a673f6205878d0b7dfd265bb6042c1d30089603c9b38e339d48302e6873e77fe380b7e8edba25b71e9e84ba6
 DIST nginx_http_sticky_module_ng-1.2.6.tar.bz2 124089 SHA256 
e47b9fd435d7a5a3200f945a9745aaa7b9446495bda76df48f211129f88d6b26 SHA512 
2632b04c94f523aa7c9726db182cba11d83e642c2db5798274e67fbef30de95d02e4e95cbfb98bc429d4244d630b5d9617405b43f728ae0117a5c134940c0ded
 WHIRLPOOL 
1b754c02f834c6b4d4930e9c46b8c5accb6c9663718fb9296c92d79bc33206e66e49e4234ca4db9a5afcd42fa23273bdf0e675aa7b38927c4e46a85318c189eb
-DIST ngx_devel_kit-0.2.19-r1.tar.gz 65029 SHA256 
501f299abdb81b992a980bda182e5de5a4b2b3e275fbf72ee34dd7ae84c4b679 SHA512 
915954acf16a27fbd3c93c154012d38e864f1d8dfd51cde401bba26e46eb3e3c778ec4c92f4f8ed83ac001e96cee72765554d0e4da06acf6a4be5184b23b3657
 WHIRLPOOL 
0ce6bffc0fe2cef28ee74f5862ca6d914ed18fdee18d900608ff2a9983594c707aab3e335957b79dd7e77ae1beed054d8f71965ca0f57fc5f1d41ac06106c5a4
 DIST ngx_devel_kit-0.3.0-r1.tar.gz 66455 SHA256 
88e05a99a8a7419066f5ae75966fb1efc409bad4522d14986da074554ae61619 SHA512 
558764c9be913a4f61d0e277d07bf3c272e1ce086b3fadb85b693a7e92805cd9fca4da7a8d29c96e53fc0d23b331327d3b2561ff61f19d2330e7d5d35ac7d614
 WHIRLPOOL 
5f6ed4e6850d2ce7e8c65e0570a7e

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2016-05-04 Thread Manuel Rüger

commit: 8dd9fab6768ab82e3c23aaf3d35800bc96b8fc86
Author: Manuel Rüger  gentoo  org>
AuthorDate: Wed May  4 13:19:41 2016 +
Commit: Manuel Rüger  gentoo  org>
CommitDate: Wed May  4 13:19:41 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8dd9fab6

www-servers/nginx: Version bump to 1.10.0, use openrc-run

Gentoo-Bug: #581862
Gentoo-Bug: #581944

Package-Manager: portage-2.2.28

 www-servers/nginx/Manifest |   3 +
 www-servers/nginx/files/nginx.initd-r3 |  89 
 www-servers/nginx/nginx-1.10.0.ebuild  | 761 +
 3 files changed, 853 insertions(+)

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index e29cd6e..0c541fc 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -1,9 +1,11 @@
 DIST modsecurity-2.9.0.tar.gz 4246467 SHA256 
e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434 SHA512 
1af04f29bf23c51d03cdd3795c530f88b523a645aa02d776a6b23dcbc31decec7cd574919e5c7c7cf82684df2774062de5e465bddbbaf4c01a442c6d49401d3d
 WHIRLPOOL 
1167ba6048a3ca05dcdabf03c67ae12720cca0cec74547fc223ee92ff76b6d5131785fa77b5f16da180e56590c851c192eaf02817b798e4d6f41fa6bfb2735a6
 DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 
958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 
374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269
 WHIRLPOOL 
5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb
+DIST nginx-1.10.0.tar.gz 908954 SHA256 
8ed647c3dd65bc4ced03b0e0f6bf9e633eff6b01bac772bcf97077d58bc2be4d SHA512 
495da729ce6de935399c2bf7fc0c2cd112197d9dba6d8604f639d5815cbb8bb3ff70e994f942785481e064cc1df97211f886297ee72519b332a7197999d9f14e
 WHIRLPOOL 
889e723f635909d1b562663ed46b27edac83b63143c10c2c53e70dc6dccf3a378f8fef3f2f19641879dc9f812880b4f51ef0d438d80ede395ffda38987b13dd3
 DIST nginx-1.8.1.tar.gz 833473 SHA256 
8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7 SHA512 
546eba1749af0034cb8b924d2432be2f0e82a75c545aa929391ef7234103c3f29376235a2ef1363b120e1825cda15aeb085a05f9ce3596c88466e112e82aa882
 WHIRLPOOL 
cd399083fb14bdb3498f1cd91a1cb59a73d37f323ce7c2a32500c9443f654cb5449137708cf149a0126aedb77abec9d1eb3dce3121f0b378d7d70e8eb18062af
 DIST nginx-1.9.14.tar.gz 908191 SHA256 
2b4893076d28e6b4384bba8c4fdebfca6de6f8f68ec48a1ca94b9b855ff457d2 SHA512 
e73a10495a8b199856f4e5d6f428b46e0b1148cee26c8517e360130d9f1e85028b28f311879d31f37e1d3facccf6f215377e984ae937a44f45245fe09a3be90e
 WHIRLPOOL 
c4e1d2b8181b9c8c967de2d68314c05c28a1fe44bd35809f3672c2ff9b02d08e2f572970ab0328f85dbe9b29c6dae0c4ebb33586a8c70053e764158c055fa8d8
 DIST nginx-1.9.15.tar.gz 908984 SHA256 
cc89b277cc03f403c0b746d60aa5943cdecf59ae48278f8cb7e2df0cbdb6dac3 SHA512 
563cec7828d1e398ded83579c3c4afcd83fd809662e64a0212e25a34ce1b599135558e9fd8cee3e07ba028ee4b308e40ce9910a5071a3d8e3b7ec9f9bdef95f0
 WHIRLPOOL 
b87dd96b1fa34824fb6ca16da39d72cf6036f6276766ef420c3be8ceac8e8639ff74e842c1ffd5f8f2dd03d7c411197a05049c1673dc70862cee662b494da88f
 DIST nginx-auth-ldap-8517bb05ecc896b54429ca5e95137b0a386bd41a.tar.gz 16950 
SHA256 2f0b1a65847ea1da801a99b654f132e1c814d2fa49a43a324d8fc4ce6327935f SHA512 
65b0aec3a4b28625ef93d166f659d63b9ef7d971dea78b09987eaa02f632bf5b8f6c9afdb6ef444afa466dba7ff67180cad27e138e6818c2ba80bc804f140ca6
 WHIRLPOOL 
9ef896fa3501415e2c7022448783626af256c6c3878fcca5d6cc042a9789937147eb4c3743f92002ab8d09e4ce828532b9ae321dc284ef2560801da98153d146
+DIST nginx-auth-ldap-dbcef31bebb2d54b6120422d0b178bbf78bc48f7.tar.gz 16998 
SHA256 35c8f29581823be0f8bdbcf237d7fa5518c45eabe0ab9a695b131d32c8f1c264 SHA512 
f47a9a6c5f93daa9260825261d2069bca5fc528221f94fc8ec98462f61774a36bce0238d931f8d0690544fd0144a83f942b6673c8376fe03f7834f8da971
 WHIRLPOOL 
26a2f67e715d13f785932f00e642c0864b5b7059d120f7fe7458017dbe02203f4873d1cfc4f0dd262834465438ad2b00ef4b49295e18a8e246abda6f7694ac70
 DIST nginx_http_sticky_module_ng-1.2.5.tar.bz2 124072 SHA256 
f975c033eb3c342f7247f6524774bbb727aaf630ed984576dbafe5de7a790c58 SHA512 
d6ae723f739efb2f0548461931b1c395801684759962beda08067111426b1c9787ceaede91b0e984c023108fd17864c53c53925506f7e8e25ec8d2fc065585f6
 WHIRLPOOL 
1013c6a51f5989c8131392b3d9704d42c99f9727a673f6205878d0b7dfd265bb6042c1d30089603c9b38e339d48302e6873e77fe380b7e8edba25b71e9e84ba6
 DIST nginx_http_sticky_module_ng-1.2.6.tar.bz2 124089 SHA256 
e47b9fd435d7a5a3200f945a9745aaa7b9446495bda76df48f211129f88d6b26 SHA512 
2632b04c94f523aa7c9726db182cba11d83e642c2db5798274e67fbef30de95d02e4e95cbfb98bc429d4244d630b5d9617405b43f728ae0117a5c134940c0ded
 WHIRLPOOL 
1b754c02f834c6b4d4930e9c46b8c5accb6c9663718fb9296c92d79bc33206e66e49e4234ca4db9a5afcd42fa23273bdf0e675aa7b38927c4e46a85318c189eb
 DIST ngx_devel_kit-0.2.19-r1.tar.gz 65029 SHA256 
501f299abdb81b992a980bda182e5de5a4b2b3e275fbf72ee34dd7ae84c4b679 SHA512 
915954acf16a27fbd3c93c154012d38e864f1d8dfd51cde401bba26e46eb3e3c778ec4c

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

2016-02-06 Thread Manuel Rüger

commit: 2499a68efa4f3b685de907ed6e1e17afb408058f
Author: Johan Bergström  bergstroem  nu>
AuthorDate: Wed Feb  3 22:08:05 2016 +
Commit: Manuel Rüger  gentoo  org>
CommitDate: Sat Feb  6 13:54:38 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2499a68e

www-servers/nginx: Add auth_ldap, stream, slice modules

This commit adds http_slice, stream, auth_ldap modules and support for
libressl. It also updates 3rd party modules, enables http2 by default
and disables gzip by default.

 www-servers/nginx/Manifest   |   3 +
 www-servers/nginx/files/nginx.conf-r2|  69 +++
 www-servers/nginx/nginx-1.9.10-r1.ebuild | 758 +++
 3 files changed, 830 insertions(+)

diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index d1766ab..87bb5d0 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -1,6 +1,7 @@
 DIST modsecurity-2.9.0.tar.gz 4246467 SHA256 
e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434 SHA512 
1af04f29bf23c51d03cdd3795c530f88b523a645aa02d776a6b23dcbc31decec7cd574919e5c7c7cf82684df2774062de5e465bddbbaf4c01a442c6d49401d3d
 WHIRLPOOL 
1167ba6048a3ca05dcdabf03c67ae12720cca0cec74547fc223ee92ff76b6d5131785fa77b5f16da180e56590c851c192eaf02817b798e4d6f41fa6bfb2735a6
 DIST nginx-1.8.1.tar.gz 833473 SHA256 
8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7 SHA512 
546eba1749af0034cb8b924d2432be2f0e82a75c545aa929391ef7234103c3f29376235a2ef1363b120e1825cda15aeb085a05f9ce3596c88466e112e82aa882
 WHIRLPOOL 
cd399083fb14bdb3498f1cd91a1cb59a73d37f323ce7c2a32500c9443f654cb5449137708cf149a0126aedb77abec9d1eb3dce3121f0b378d7d70e8eb18062af
 DIST nginx-1.9.10.tar.gz 889267 SHA256 
fb14d76844cab0a5a0880768be28965e74f9956790f618c454ef6098e26631d9 SHA512 
60a736afe98e46abeb572c938702b09b0098164584bf8b5c1978c2b83269b6c2b99a60b7c8c9482230c26eebaeeb684f3aa7db52af4d7a3c18434542730873e0
 WHIRLPOOL 
8f285f6d4c4f7e312791d7dc6fc072dbb1207315fcb7facac0ce958389473641de2f2c2cd03cfd11c0df3a16abd84522bb150090b561a46752e8b6317363fbeb
+DIST nginx-auth-ldap-d0f2f829f708792ee97a9241c9c6ffd33c47c7c1.tar.gz 16349 
SHA256 7c1628d7e6ebb3a41ec916334014b74acc32dd09a0830752a2d03be0be3223c8 SHA512 
2929f2b1170eef0ede4888beb8d5c0d0d45095fc1a3358dbe81b55bfc7468e53b981b1784a5fb9257a5888645d5fc3ae4fab950e6b4525f6dd0bb4d96076f0f6
 WHIRLPOOL 
626d88396af16373622532a349a2f21418191ad4073bb4b56980cbc5f219e40cee8786f5233ced2d7c5de698537d5337698ecc4a49181c960fbd0ac4a4ab14be
 DIST nginx_http_sticky_module_ng-1.2.5.tar.bz2 124072 SHA256 
f975c033eb3c342f7247f6524774bbb727aaf630ed984576dbafe5de7a790c58 SHA512 
d6ae723f739efb2f0548461931b1c395801684759962beda08067111426b1c9787ceaede91b0e984c023108fd17864c53c53925506f7e8e25ec8d2fc065585f6
 WHIRLPOOL 
1013c6a51f5989c8131392b3d9704d42c99f9727a673f6205878d0b7dfd265bb6042c1d30089603c9b38e339d48302e6873e77fe380b7e8edba25b71e9e84ba6
 DIST nginx_http_sticky_module_ng-1.2.6.tar.bz2 124089 SHA256 
e47b9fd435d7a5a3200f945a9745aaa7b9446495bda76df48f211129f88d6b26 SHA512 
2632b04c94f523aa7c9726db182cba11d83e642c2db5798274e67fbef30de95d02e4e95cbfb98bc429d4244d630b5d9617405b43f728ae0117a5c134940c0ded
 WHIRLPOOL 
1b754c02f834c6b4d4930e9c46b8c5accb6c9663718fb9296c92d79bc33206e66e49e4234ca4db9a5afcd42fa23273bdf0e675aa7b38927c4e46a85318c189eb
 DIST ngx_devel_kit-0.2.19-r1.tar.gz 65029 SHA256 
501f299abdb81b992a980bda182e5de5a4b2b3e275fbf72ee34dd7ae84c4b679 SHA512 
915954acf16a27fbd3c93c154012d38e864f1d8dfd51cde401bba26e46eb3e3c778ec4c92f4f8ed83ac001e96cee72765554d0e4da06acf6a4be5184b23b3657
 WHIRLPOOL 
0ce6bffc0fe2cef28ee74f5862ca6d914ed18fdee18d900608ff2a9983594c707aab3e335957b79dd7e77ae1beed054d8f71965ca0f57fc5f1d41ac06106c5a4
@@ -12,6 +13,8 @@ DIST ngx_http_echo-0.58.tar.gz 64779 SHA256 
190fe3977dd1910e82059f30f9baae3da2ee
 DIST ngx_http_fancyindex-0.3.5.tar.gz 14837 SHA256 
e0998e83be58bc5787fa9243a76a9d21de3cd01088d3cf63177ba88a562634a1 SHA512 
ddb4ab3e8e47e1c49680db3e9f648f7cd582c07f963204105118e61432fa1e80c3f1bce69ed689db383011a9c155184bcc7e931eeae20bbd7cbdb5d4eb35a0a8
 WHIRLPOOL 
a45db854d75f05a59c6f5e67c652850b5410162e7852abda20bb6720d29cc716f25ce7ea93ef52f9ff3f11d6d3a744c1fa4c7a6270fc1bd6d42f6743accb8e73
 DIST ngx_http_headers_more-0.26.tar.gz 28028 SHA256 
d6bdc51f9e778a3b23e41a51cae542c1467a1e5e55c1329a7ffc454be084fb6f SHA512 
842927de67d28f3cff596607f209d1004b6d49f1d45b861758405ed6fe6f7aab76ad63530ccdfff1c1947db1190dd65dee0a29f50026bfa7a39a9a051561cf88
 WHIRLPOOL 
0dc37c36717be40a07112388d913d20bc99d76f90604da618d5547f24d93c636c14c2cca18191ff5916b40ec0113da648cfc07e1c00b1853f2b15ce056d5f3d7
 DIST ngx_http_headers_more-0.28.tar.gz 26948 SHA256 
67e5ca6cd9472938333c4530ab8c8b8bc9fe910a8cb237e5e5f1853e14725580 SHA512 
ed39930ddb416ab3510c3649f296e55474584bf1e9c9855c2330c0ec04d208865d242f54c55dbac79a4871803197fd930c20396a3b70f0f5fb009318d3c12254
 WHIRLPOOL 
7c0455c6ac15a033e62126ff8bb246d3d0315a2b18c095bdb0867669daa2387a5dfa4fdfbf038b8392ac4ee42c671a49ac742bd28352b2f5fbcf6fee4

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/, profiles/base/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/, profiles/desc/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/

17 matches

Site Navigation

Mail list logo

Footer information