[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: e1542f080b666233bf679c899daec39fed3f0a4c Author: Conrad Kostecki gentoo org> AuthorDate: Fri Dec 2 23:57:48 2022 + Commit: Conrad Kostecki gentoo org> CommitDate: Fri Dec 2 23:57:48 2022 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1542f08 www-servers/nginx: fix ldap crash Closes: https://bugs.gentoo.org/883401 Signed-off-by: Conrad Kostecki gentoo.org> .../files/nginx-1.23.2-mod_auth_ldap-fix.patch | 21 + ...ginx-1.23.2-r2.ebuild => nginx-1.23.2-r3.ebuild} | 6 ++ 2 files changed, 27 insertions(+) diff --git a/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch b/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch new file mode 100644 index ..b3b4cf4b33c4 --- /dev/null +++ b/www-servers/nginx/files/nginx-1.23.2-mod_auth_ldap-fix.patch @@ -0,0 +1,21 @@ +From f0a5f61d9aad59c23e2c877094a8f17c43bee5b5 Mon Sep 17 00:00:00 2001 +From: freultwah <631910+freult...@users.noreply.github.com> +Date: Tue, 23 Aug 2022 18:09:45 +0300 +Subject: [PATCH] Make the module not crash with nginx >1.23.* + +--- + ngx_http_auth_ldap_module.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/ngx_http_auth_ldap_module.c b/ngx_http_auth_ldap_module.c +index 2f4e592..83b481c 100644 +--- a/ngx_http_auth_ldap_module.c b/ngx_http_auth_ldap_module.c +@@ -1779,6 +1779,7 @@ ngx_http_auth_ldap_set_realm(ngx_http_request_t *r, ngx_str_t *realm) + } + + r->headers_out.www_authenticate->hash = 1; ++r->headers_out.www_authenticate->next = NULL; + r->headers_out.www_authenticate->key.len = sizeof("WWW-Authenticate") - 1; + r->headers_out.www_authenticate->key.data = (u_char *) "WWW-Authenticate"; + r->headers_out.www_authenticate->value = *realm; diff --git a/www-servers/nginx/nginx-1.23.2-r2.ebuild b/www-servers/nginx/nginx-1.23.2-r3.ebuild similarity index 99% rename from www-servers/nginx/nginx-1.23.2-r2.ebuild rename to www-servers/nginx/nginx-1.23.2-r3.ebuild index 96915733beb5..4b707c551371 100644 --- a/www-servers/nginx/nginx-1.23.2-r2.ebuild +++ b/www-servers/nginx/nginx-1.23.2-r3.ebuild @@ -377,6 +377,12 @@ src_prepare() { eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" + if use nginx_modules_http_auth_ldap; then + cd "${HTTP_LDAP_MODULE_WD}" || die + eapply "${FILESDIR}/${PN}-1.23.2-mod_auth_ldap-fix.patch" + cd "${S}" || die + fi + if use nginx_modules_http_sticky; then cd "${HTTP_STICKY_MODULE_WD}" || die eapply "${FILESDIR}"/http_sticky-nginx-1.23.0.patch
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 5297ee7000326d641b28980b4e1a7018e1658470 Author: Conrad Kostecki gentoo org> AuthorDate: Wed Oct 19 14:40:44 2022 + Commit: Conrad Kostecki gentoo org> CommitDate: Wed Oct 19 14:43:05 2022 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5297ee70 www-servers/nginx: add 1.23.2 Includes also CVE-2022-38890 fix for NJS-0.7.7. Bug: https://bugs.gentoo.org/870409 Signed-off-by: Conrad Kostecki gentoo.org> www-servers/nginx/Manifest |1 + .../files/http_javascript_cve_2022-38890.patch | 49 + www-servers/nginx/nginx-1.23.2.ebuild | 1049 3 files changed, 1099 insertions(+) diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index ef8bbe4fe5fd..b68ad65ae614 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -1,5 +1,6 @@ DIST modsecurity-nginx-1.0.3.tar.gz 34063 BLAKE2B 859a29eb7f67d53a818578f1008f0d0debbe37c205bb7c6e79594d8b1a6a0d9390d35f607ef05ef6d73c9aa887baebfd2c54aca894969beeed4bfe576f37 SHA512 20495884c6b3594edf879a19fd7445f2e74a1628789decd146b3c712764b0507e440a84a64aab619461b044f98b8d641913cfad57a6d0002e7061716bdfe84fc DIST nginx-1.23.1.tar.gz 1104352 BLAKE2B 2c90b792ad7d9d685dc417e4c4d24ad68fa490da737574d25d526c70839fb64f69581e9093cf1c38010b7c404650e48c0fe8f9c1ef71c75d30be0be7e9ebd4d8 SHA512 62d6b3d5282f4e4cc23adf23b3dc26e06fc4574cae3c18381c406d0cf0f8c68e7dfa86af0c3c1c1485214c548f3b45015eb219e62bfe04e0aaa5edaad82e6706 +DIST nginx-1.23.2.tar.gz 1108243 BLAKE2B 0a6a556afe93c4326247e879e3bb2ad377cd734a572f471b52c91b1b2901a243a848cd74fea587bda5afa0ee91dec9635b5d2a468cb95abc7f361c42a32c9598 SHA512 4a5413c0ec251c02fb73dfb4d351045f857a36d45ebb7ae2c29f4a4f320a6543d0a049b147b08318de0b7b0406773c329dbf43bf98bb088f76e506ea532cd8ef DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 BLAKE2B 5ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333 SHA512 ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19bf4cf53973269 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570 SHA512 6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529 DIST ngx_brotli-1.0.0rc.tar.gz 16207 BLAKE2B 450d0ea693bd98d4a1b615f2cdcaad41ccd28266f6d80beec7fe77fe750ab8c5d1bb55aabe15161b9b6d819d2b4d99a7774f2706f2f6fd084b52a7c7dddbc00c SHA512 05a880d5e48ac83be84498ed41fb4750211b827a9d7541acfd6ef494e5205a6e853d5594bfec3ab4ae668ea3f803e4f4b0ba550c76811971c8e266e42663c56d diff --git a/www-servers/nginx/files/http_javascript_cve_2022-38890.patch b/www-servers/nginx/files/http_javascript_cve_2022-38890.patch new file mode 100644 index ..43469b552968 --- /dev/null +++ b/www-servers/nginx/files/http_javascript_cve_2022-38890.patch @@ -0,0 +1,49 @@ +From b9aea5854bcf6f2de8f7a7f1550874e392b94be2 Mon Sep 17 00:00:00 2001 +From: Dmitry Volyntsev +Date: Wed, 31 Aug 2022 18:35:58 -0700 +Subject: [PATCH] Fixed String.prototype.trimEnd() with unicode string. + +Previously, when the method was invoked with a string consisting of space +characters and at least one of them was a Unicode space separator (code +point above 127) it returned invalid string value with non-zero size +but zero length. + +The fix is to update the size of the resulting string appropriately. + +This closes #569 issue on Github. +--- + src/njs_string.c | 1 + + src/test/njs_unit_test.c | 8 + 2 files changed, 9 insertions(+) + +diff --git a/src/njs_string.c b/src/njs_string.c +index 83cede548..62bece0de 100644 +--- a/src/njs_string.c b/src/njs_string.c +@@ -2849,6 +2849,7 @@ njs_string_trim(const njs_value_t *value, njs_string_prop_t *string, + + for ( ;; ) { + if (start == prev) { ++end = prev; + break; + } + +diff --git a/src/test/njs_unit_test.c b/src/test/njs_unit_test.c +index 287ddda2d..a717f02a8 100644 +--- a/src/test/njs_unit_test.c b/src/test/njs_unit_test.c +@@ -8450,6 +8450,14 @@ static njs_unit_test_t njs_test[] = + { njs_str("' абв '.trimStart().trimEnd()"), + njs_str("абв") }, + ++{ njs_str("[" ++ " String.fromCodePoint(0x2028)," ++ " String.fromCodePoint(0x20, 0x2028)," ++ " String.fromCodePoint(0x0009, 0x20, 0x2028)," ++ " String.fromCodePoint(0xFEFF)," ++ "].every(v => v.trimEnd() == '')"), ++ njs_str("true") }, ++ + { njs_str("'\\u2029abc\\uFEFF\\u2028'.trim()"), + njs_str("abc") }, + diff --git a/www-servers/nginx/nginx-1.23.2.ebuild b/www-servers/nginx/nginx-1.23.2.ebuild new file mo
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: cea207f843acb7cd1d09b56a4302eb1155bf560f Author: Thomas Deutschmann gentoo org> AuthorDate: Tue May 26 18:11:37 2020 + Commit: Thomas Deutschmann gentoo org> CommitDate: Tue May 26 18:40:55 2020 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cea207f8 www-servers/nginx: bump to v1.19.0 mainline - brotli module bumped to 1.0.0rc from new upstream - HTTP LUA module bumped to v0.10.16rc5 - fancyindex module bumped to v0.4.3 - nginScript module bumped to v0.4.1 Closes: https://bugs.gentoo.org/724646 Package-Manager: Portage-2.3.100, Repoman-2.3.22 Signed-off-by: Thomas Deutschmann gentoo.org> www-servers/nginx/Manifest |3 + .../nginx/files/http_brotli-detect-brotli-r3.patch | 28 + www-servers/nginx/nginx-1.19.0.ebuild | 1093 3 files changed, 1124 insertions(+) diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index 523b0974076..2365b9621d9 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -1,7 +1,9 @@ DIST modsecurity-2.9.3.tar.gz 4307670 BLAKE2B 337ea15cc8805af7ab43aed8aecf4c72ccc586d0d7e9d9b91f036a61baa70d1ac8b4ad8045a2bb7a13515912a15fba7d3cdb9670ae6730de43b1e44ee90ded6d SHA512 4e1ea5dd8edadf8f630e4fe92a200d3a8e78963fce3128b5975a1e1ecd0e8bf9ceecd9905c95f8c508932ccd837f1d8ae8bb2ba423307718c3c6a4ae9b783ddd DIST nginx-1.18.0.tar.gz 1039530 BLAKE2B a8962a6af96acb043ff0c3dc4ad5192083773c449950aff53b01f6f7c46a2a540eb061a43432acccd753fa71067b1451d75f440ba5526575b78608be9d40a50b SHA512 8c21eeb62ab6e32e436932500f700bd2fb99fd2d29e43c08a5bfed4714c189c29c7141db551fcd5d2437303b7439f71758f7407dfd3e801e704e45e7daa78ddb +DIST nginx-1.19.0.tar.gz 1043748 BLAKE2B 46647676c2e5dd0b06a1079329d211f7449312873f40d762b1c81841863f61dbc11f836956c006e0283dc79ab9b6bb4b9430136e4c66ff194402413fdc0bdf83 SHA512 3240d5dc59877f9d6a95c8779240675cec9290df079b9d52c06147e58900f2e060e768729669ffaf9a2a90bb9abbe8ab7fba24ff65d45fec9eeb3b6733b65f30 DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 BLAKE2B 5ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333 SHA512 ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19bf4cf53973269 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570 SHA512 6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529 +DIST ngx_brotli-25f86f0bac1101b6512135eac5f93c49c63609e3.tar.gz 16201 BLAKE2B 2da3ce8a9f29b713da4de4cd60fe22256742ff61e1718346e5246ffa0169d5a2e1babb625b16ac52e3b79431f749adb3ee0170957024953c139aaebc7a496478 SHA512 c6eb026f204e1e6f930ab7ca68cca78054318e05a0dc11d897d3516380dbc4e42e93d40334e3088bf348d4b7b182e87c77473974719e5850a4f97666f9babbd6 DIST ngx_brotli-8104036af9cff4b1d34f22d00ba857e2a93a243c.tar.gz 12672 BLAKE2B fa2febfa63b98303f8890c6774de6ccb09475ccd639d3b74493a4ffd97c90febdc22755c5928018bdac24a537bd13cde165f97e5d2b50bebf598c3fb22ec0206 SHA512 169566b8764bb2b82e029f954a99063a9c61e2cbf982861c5f6818b389a5f37bf5389afb1b5627de9bd3f7af7b3c404be0230f943d47ab621c2a2bd825cc8203 DIST ngx_devel_kit-0.3.1.tar.gz 66542 BLAKE2B 8242d884464d99a131a48f599f9d0c2b546610f73f646e7eb0dcfdb98220810d949189cffa721360ddbe3b7b8adc8b678a848b9d1a56db6c62fd4439ecb63d24 SHA512 de1e3349d8dd08e5982279b2219dc8a8006739f0409b8e0f5c50d93434beff1fbafba43e9c5ac85a5fab90afc5c0a7244a340610339c36f82f2cba7233e72de9 DIST ngx_http_auth_pam-1.5.1.tar.gz 6863 BLAKE2B 00807cc3db8f6c007c968b8a30d7f6094b7d9db4eaa60d211fcb3ac60aeb28c5f8193578a7e1ca67acbbf57a319c8442fe44efc1e193927c3bce5961539f9c16 SHA512 973b94874d8a58c0df0ac2d31571eafc1e80b11179cba33ec88421a826207fbf7e99b0387e135a1ca48d82daacb78f19a4c21d3a27b49b16dc86b4748bb72261 @@ -12,6 +14,7 @@ DIST ngx_http_fancyindex-0.4.4.tar.gz 26292 BLAKE2B a1ed76cb31cd4f7a349bcbe63d75 DIST ngx_http_geoip2_module-3.3.tar.gz 8509 BLAKE2B 4841e1bdd13b9b85f34732d1eb7447638f62bb09e1bd480da0fa8b0085d3b2d90a740732ef534c355feb71d7db613c73f68a4e6e3624b47a0937be046dfa1f8d SHA512 06963b598c54e22d75ce837fb222f5aa6c9494c29e558ff46f1205d7159fc305414bfac4ed3288c836dcbf7628d92f26458e1992d34fc2f4b73275a32847bdc0 DIST ngx_http_headers_more-0.33.tar.gz 28130 BLAKE2B fe3097a7700ce5da087058f7bb44c95164b75137031187400473f6833bf0e33e5c4920807225a6ff94174fe7dbd6186cca176a33a629ca0911faab6804bdd12a SHA512 13165b1b8d4be281b8bd2404fa48d456013d560bace094c81da08a35dc6a4f025a809a3ae3a42be6bbf67abbcbe41e0730aba06f905220f3baeb01e1192a7d37 DIST ngx_http_lua-0.10.15.tar.gz 655110 BLAKE2B 73bf8e2f157c93f3d4e54b5aa63deb266731a10e3e48b2257756efee8d752e86440ca9c27bd27bc1d90075a5ffb58772eecb7c445db44cd055d2b9e0b4bac082 SHA512 1feea538464275e6e5718
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 395959f0a2392993b260566a518de96f16d66daf Author: Thomas Deutschmann gentoo org> AuthorDate: Tue Nov 6 15:58:12 2018 + Commit: Thomas Deutschmann gentoo org> CommitDate: Tue Nov 6 16:04:04 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=395959f0 www-servers/nginx: bump to v1.15.6 mainline - nginScript module bumped to v0.2.5 - brotli module bumped to commit 8104036af9cff Bug: https://bugs.gentoo.org/670496 Package-Manager: Portage-2.3.51, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann gentoo.org> www-servers/nginx/Manifest |3 + .../nginx/files/http_brotli-detect-brotli-r2.patch | 30 + www-servers/nginx/nginx-1.15.6.ebuild | 1081 3 files changed, 1114 insertions(+) diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index f2a16b9dd49..c582c0046ec 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -4,9 +4,11 @@ DIST nginx-1.15.1.tar.gz 1024086 BLAKE2B 411f566f53fcae62a8b539ac3809d75dc7eaae7 DIST nginx-1.15.2.tar.gz 1025746 BLAKE2B 96b1b1d660571e35b7f97c71da241fa88b44d3928868019b4fffdfa68cd40bb8bd31bba9429cc9e4ca2c2f8d7abf03129577003f4cca50e6d0325644eb47aad4 SHA512 ef8171138246b851f3713ea027d6b96de414b15e24de244fa4fcb428da3a68f4df0c54152e5c0993e36c9c97d4dabcd55a019d6709840b4393c86995604668ff DIST nginx-1.15.3.tar.gz 1022881 BLAKE2B 5a33a36a2a0dfa9b276c1fe9aeb148d191244973844ee9e411a88792fa8c80d2605efd83da708535f0e39234418b955eb15642a0d4d14e5c7c26e805ed921a2e SHA512 112fafd0841b79a165cee6a94da6d0c6c828b29ef1e3af00f4a12809c5d3bc8fd2a94f6d0cb05f6b487be81a414be42ea64f88e63a4d62fe9bebc9cf946aa94a DIST nginx-1.15.5.tar.gz 1024791 BLAKE2B 713373b908c40c5cf676cec7698807a7de0a3ba81e8215b00896f178f2369bdbd01318c688276cf9fea8b9274be75eab0fbf403ac629ca730198eccf363ec92f SHA512 90b3d8148fca183bd3f6d16fd9212e2eedbe13f151c079d67086fca5a9f58256b99a87bee18b1f9fb2b65fbe2d5353985145e1c075b6236b31d0ce7e9051 +DIST nginx-1.15.6.tar.gz 1025761 BLAKE2B 0d8a76a04f830e85d6022faaea6a27f6d80382bfbfa067f29c6d62e34f4d6a35c315a71727a1c12dd3cd804a4e84eccde8a1cbd42be95c06143817ebdde00951 SHA512 89c1b7df7ed0722a930a977edfb94a8278e51ebd7d5a0d0959ac09515374f976283e945c283b704447f7b57fd302bdbbea0d0d11c48aa282f2d53230eb3e63be DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 BLAKE2B 5ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333 SHA512 ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19bf4cf53973269 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570 SHA512 6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529 DIST ngx_brotli-0.1.2.tar.gz 12668 BLAKE2B 904d3f28dcf9f2d5a8eefa2ab8ff991e34624897a9932e351ec4cea05f2b0dbee34ea495de2d546510a556fb10041b388be963f28fecfcd7dc8638f950b36fd0 SHA512 661b4ce5cc678600e5df6be7588b0f0d5d914df9a6788c994cebfa25e211720b9e7d2c08fc34eb6a84743ae2929920ebf2888075e122ac23816ab7c0f3ef4b76 +DIST ngx_brotli-8104036af9cff4b1d34f22d00ba857e2a93a243c.tar.gz 12672 BLAKE2B fa2febfa63b98303f8890c6774de6ccb09475ccd639d3b74493a4ffd97c90febdc22755c5928018bdac24a537bd13cde165f97e5d2b50bebf598c3fb22ec0206 SHA512 169566b8764bb2b82e029f954a99063a9c61e2cbf982861c5f6818b389a5f37bf5389afb1b5627de9bd3f7af7b3c404be0230f943d47ab621c2a2bd825cc8203 DIST ngx_devel_kit-0.3.0-r1.tar.gz 66455 BLAKE2B e4e987a85b2283ba540b4b894382e65dac7fbca23e233b1031b38828908088370cdb1a9bded4d4ee1ceb1c2e1d506dc2b6f4ba5f6ee94248e863def5a1c8dd1a SHA512 558764c9be913a4f61d0e277d07bf3c272e1ce086b3fadb85b693a7e92805cd9fca4da7a8d29c96e53fc0d23b331327d3b2561ff61f19d2330e7d5d35ac7d614 DIST ngx_http_auth_pam-1.5.1.tar.gz 6863 BLAKE2B 00807cc3db8f6c007c968b8a30d7f6094b7d9db4eaa60d211fcb3ac60aeb28c5f8193578a7e1ca67acbbf57a319c8442fe44efc1e193927c3bce5961539f9c16 SHA512 973b94874d8a58c0df0ac2d31571eafc1e80b11179cba33ec88421a826207fbf7e99b0387e135a1ca48d82daacb78f19a4c21d3a27b49b16dc86b4748bb72261 DIST ngx_http_cache_purge-2.3.tar.gz 12248 BLAKE2B f83b267f4c19a9d4af5964522695814c164d200ecd4108bf8f6b5c21388eba8af989bdda646dee18a03174211e8c090a04736bbeb44043cb0e19fbccdc66278e SHA512 50a31dbf2216a6fae74a186af56dec4600cf55777e76a10ac0075f609e7737135aab063a64f2590dddcd0369ebebd4a523027f3d9ebcca74f7b4355be1c5dcc0 @@ -30,3 +32,4 @@ DIST ngx_rtmp-1.2.1.tar.gz 519919 BLAKE2B 744ccb8031eb9653f158f9eceba64fc9c8af7b DIST njs-0.2.2.tar.gz 253349 BLAKE2B 1ca508677a251ff38f5bca01292f2c7d2c41ac1c5d2cffae8b565694cbed9ebb2811b7e8893ea03384810e169ebb0cccfbf51d36166fcbc32e77fb30ba90d664 SHA512 e309b06b66e955873b82ef6c8881c3a98e0cf22e379b292c7561947db34c28990ade5461f42561e73c79c8e
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 2ec7917bcb1fd3f3c1e491146107902307280811 Author: Thomas Deutschmann gentoo org> AuthorDate: Tue Apr 17 16:24:44 2018 + Commit: Thomas Deutschmann gentoo org> CommitDate: Tue Apr 17 16:36:54 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2ec7917b www-servers/nginx: Rev bump vor v1.13.12 mainline Ebuild changes: === - brotli module updated to commit 37ab9b2933a0b756ba3447000b7f31d432ed8228. Package-Manager: Portage-2.3.28, Repoman-2.3.9 www-servers/nginx/Manifest |1 + .../nginx/files/http_brotli-detect-brotli-r1.patch | 116 +++ www-servers/nginx/nginx-1.13.12-r1.ebuild | 1064 3 files changed, 1181 insertions(+) diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index 83a8156c93b..e183788cbf1 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -8,6 +8,7 @@ DIST nginx-1.13.9.tar.gz 994802 BLAKE2B 3a34cd87a7bcc51b44787a322569d3d475dc0b48 DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 BLAKE2B 5ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333 SHA512 ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19bf4cf53973269 DIST nginx-auth-ldap-49a8b4d28fc4a518563c82e0b52821e5f37db1fc.tar.gz 17159 BLAKE2B f2209c8b5eb5616a362f2b532245167a5940faad6d66d98a94b3bf2d1e33a73492d42c60a9ddad347a592362a002ff38273a5d1f61f663984a09e14a3fe35e0f SHA512 323abd0ca8e90f5afcaf81a8ff1a8abe3dfcbff3d69f0dd4a1c005fe6436acbf3076c4c57a4df877b3d8e388cbea085d46301bb2df9c0752e2567817ff7cca92 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570 SHA512 6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529 +DIST ngx_brotli-37ab9b2933a0b756ba3447000b7f31d432ed8228.tar.gz 12692 BLAKE2B 8b969fcd7daf37d790e81ff6dd4d43a210c9097052cc7a2db9f2aa8ad3115ffe175b0839210c234610e5731be35327eb08eb0eb3f28783d272b172df07259651 SHA512 fb12e4b50b9a472ee2f4fe08ffd86c38072a4c254a4f99627d6f2411f915c139f6e7cfe41f29222bc70b57942cde85d8ef2cd5458638201c751cd4c818d65f10 DIST ngx_brotli-482761e7c0cf3ea4d1540fc9e14c9dedd80d2f7c.tar.gz 10590 BLAKE2B a707353e7f98f06652b89dc00a7ea40f4e52c05f8adfe9dca0d602d52d48a472fee23f079dca73556a26575960e9079d54ab45e13997cdd949f992322200f01c SHA512 480280c464e3cc3523e9b2bf210afd1bf62fa789d0acb7064c80919184bcbb975131f698a1e589b97ce1664f6cc44e6ac5e20a40188020b3558d38005d66287c DIST ngx_brotli-6a1174446f5a866d3d13615dd2824177570f0a69.tar.gz 12771 BLAKE2B 84e8bad6d3006dd919778ebbdb85bfe58dd9546533f824697eb3a0a3c560e858aa91c7ab4adcb2fc851aa7cee974086400607d9f9ddea0596b1b19eb87618a39 SHA512 10ce5360cd7a1edd2623918d5b438ef400dc6c2c030c992f200491448e182aedd8ebebc647d333ef22a393bb172f52d9e01f2a1d8d780e849fc3c0971e4130fe DIST ngx_brotli-8cd9dd5fc232d3a01644584921e52dae99034779.tar.gz 10585 BLAKE2B d65f068300852b5dbd77184cbcdbd31b14cb30484c5eb8c0d2b757d1d59e97d291b4b06fc11bc861d8796579964c91da2cb359e8fdf75199c655488701619516 SHA512 fa97bea2041d08d3ba07ae1cf6d84c225673b49c9ac8930923997c3ce501358a8bec63e4f3c075e22041f7997b8371a0d1887d73e989b8f27d55a0f72b3ea0f9 diff --git a/www-servers/nginx/files/http_brotli-detect-brotli-r1.patch b/www-servers/nginx/files/http_brotli-detect-brotli-r1.patch new file mode 100644 index 000..07a869fa096 --- /dev/null +++ b/www-servers/nginx/files/http_brotli-detect-brotli-r1.patch @@ -0,0 +1,116 @@ +We aren't interested in bundled Brotli. + +Use pkg-config to detect Brotli's install path. + +--- a/config b/config +@@ -59,98 +59,19 @@ have=NGX_HTTP_BROTLI_STATIC_MODULE . auto/have # deprecated + ngx_module_type=HTTP_FILTER + ngx_module_name=ngx_http_brotli_filter_module + +-brotli="/usr/local" ++brotli=$(pkg-config --variable=prefix libbrotlienc) + + if [ ! -f "$brotli/include/brotli/encode.h" ]; then + +-brotli="$ngx_addon_dir/deps/brotli/c" +- +-if [ ! -f "$brotli/include/brotli/encode.h" ]; then + cat << END + + $0: error: \ +-Brotli library is missing from the $brotli directory. +- +-Please make sure that the git submodule has been checked out: +- +-cd $ngx_addon_dir && git submodule update --init && cd $PWD ++Brotli library not found. Don't you have app-arch/brotli installed? + + END + exit 1 + fi + +-ngx_module_incs="$brotli/include" +-ngx_module_deps="$brotli/common/constants.h \ +- $brotli/common/context.h \ +- $brotli/common/dictionary.h \ +- $brotli/common/platform.h \ +- $brotli/common/transform.h \ +- $brotli/common/version.h \ +- $brotli/enc/backward_references.h \ +- $brotli/enc/
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 808d03f69901c05159d8baf470d9a6ec3d65d8cc Author: Thomas Deutschmann gentoo org> AuthorDate: Tue Oct 24 18:52:35 2017 + Commit: Thomas Deutschmann gentoo org> CommitDate: Tue Oct 24 18:53:14 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=808d03f6 www-servers/nginx: Rev bump to fix http_cache_purge module Closes: https://bugs.gentoo.org/635330 Package-Manager: Portage-2.3.11, Repoman-2.3.3 .../nginx/files/http_cache_purge-1.11.6+.patch | 22 + www-servers/nginx/nginx-1.12.2-r1.ebuild | 1005 +++ www-servers/nginx/nginx-1.13.6-r1.ebuild | 1006 3 files changed, 2033 insertions(+) diff --git a/www-servers/nginx/files/http_cache_purge-1.11.6+.patch b/www-servers/nginx/files/http_cache_purge-1.11.6+.patch new file mode 100644 index 000..c4596bf97ad --- /dev/null +++ b/www-servers/nginx/files/http_cache_purge-1.11.6+.patch @@ -0,0 +1,22 @@ +Fix compatibility with nginx-1.11.6+ + +https://github.com/FRiCKLE/ngx_cache_purge/pull/51 + +--- + ngx_cache_purge_module.c | 4 + 1 file changed, 4 insertions(+) + +--- a/ngx_cache_purge_module.c b/ngx_cache_purge_module.c +@@ -492,7 +492,11 @@ typedef struct { + ngx_str_t body_source; + # endif /* nginx_version < 1007008 */ + ++# if (nginx_version >= 1011006) ++ngx_http_complex_value_t *method; ++# else + ngx_str_t method; ++# endif /* nginx_version >= 1011006 */ + ngx_str_t location; + ngx_str_t url; + diff --git a/www-servers/nginx/nginx-1.12.2-r1.ebuild b/www-servers/nginx/nginx-1.12.2-r1.ebuild new file mode 100644 index 000..fdf52f005cc --- /dev/null +++ b/www-servers/nginx/nginx-1.12.2-r1.ebuild @@ -0,0 +1,1005 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +# Maintainer notes: +# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite +# - any http-module activates the main http-functionality and overrides USE=-http +# - keep the following requirements in mind before adding external modules: +# * alive upstream +# * sane packaging +# * builds cleanly +# * does not need a patch for nginx core +# - TODO: test the google-perftools module (included in vanilla tarball) + +# prevent perl-module from adding automagic perl DEPENDs +GENTOO_DEPEND_ON_PERL="no" + +# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license) +DEVEL_KIT_MODULE_PV="0.3.0" +DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1" +DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz"; +DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}" + +# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license) +HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2" +HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1" +HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz"; +HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}" + +# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license) +HTTP_HEADERS_MORE_MODULE_PV="0.32" +HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}" +HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz"; +HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}" + +# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license) +HTTP_CACHE_PURGE_MODULE_PV="2.3" +HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" +HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz"; +HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" + +# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license) +HTTP_SLOWFS_CACHE_MODULE_PV="1.10" +HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" +HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz"; +HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" + +# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license) +HTTP_FANCYINDEX_MODULE_PV="0.4.2" +HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" +HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz"; +HTTP_FANCYINDEX_MOD
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/, profiles/base/
commit: f107db8a54071c0d74bbcbde801dc07af7bf260c Author: Thomas Deutschmann gentoo org> AuthorDate: Wed Mar 22 16:48:26 2017 + Commit: Thomas Deutschmann gentoo org> CommitDate: Wed Mar 22 16:51:28 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f107db8a www-servers/nginx: Bumped to v1.11.11 mainline Ebuild changes: === - rtmp module bumped to v1.1.11 - mod_security masked because incompatible with recent changes in nginx-1.11.11. We will have to switch to the new ModSecurity v3 Nginx Connector in future but there isn't any release/tagged version yet. Package-Manager: Portage-2.3.3, Repoman-2.3.1 profiles/base/package.use.mask |6 + www-servers/nginx/Manifest |2 + .../nginx/files/http_echo-nginx-1.11.11+.patch | 59 ++ .../nginx/files/http_lua_nginx-1.11.11+.patch | 46 + www-servers/nginx/nginx-1.11.11.ebuild | 1010 5 files changed, 1123 insertions(+) diff --git a/profiles/base/package.use.mask b/profiles/base/package.use.mask index 94179afe301..96da6703d41 100644 --- a/profiles/base/package.use.mask +++ b/profiles/base/package.use.mask @@ -7,6 +7,12 @@ # This file is only for generic masks. For arch-specific masks (i.e. # mask everywhere, unmask on arch/*) use arch/base. +# Thomas Deutschmann (22 Mar 2017) +# mod_security is currently incompatible with recent changes +# in >=nginx-1.11.11. +# https://github.com/SpiderLabs/ModSecurity/issues/1359 +>=www-servers/nginx-1.11.11 nginx_modules_http_security + # Michał Górny (18 Mar 2017) # Requires removed old version of media-gfx/graphviz. media-gfx/nip2 graphviz diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index b435401f202..377d516b6ec 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -2,6 +2,7 @@ DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 958cc5a7a7430f93fac0fd6f8b9aa92fc18 DIST nginx-1.10.2.tar.gz 910812 SHA256 1045ac4987a396e2fa5d0011daf8987b612dd2f05181b67507da68cbe7d765c2 SHA512 f2d5a4fbabaf9333bae46461bcbe3dbcc5ff7e8f8c7a5dead3063e3d59c9ec15dc85262a23ca7d693db45a50ec98a70fb216b3da9872ee23d57b6bfaf064876e WHIRLPOOL 7e819f43a68de49d3cceb3e5ec81eef6872859df0abca2be00fb73c8779c2716b6997ea5f8cadb93af195d9f4d07a4404f51e0752dd881628de93a0c0289aea7 DIST nginx-1.10.3.tar.gz 911509 SHA256 75020f1364cac459cb733c4e1caed2d00376e40ea05588fb8793076a4c69dd90 SHA512 25cddbe5c419700aeca41bff3be5b7c3accfb38ad846ec8d91d81ab7c15f10db719f02d9263edf1fa12f59805ff7001b62864dc2885370b24afeea1d7d2afbbf WHIRLPOOL 1ebf540d49d28a853a9221a558b53d28e2e7dfddf345e433baa4c2b819f6e1fe34528b4680387147c73271d3837529a4452e53b863dff5d29772c2b0a75e0ba6 DIST nginx-1.11.10.tar.gz 967773 SHA256 778b3cabb07633f754cd9dee32fc8e22582bce22bfa407be76a806abd935533d SHA512 b6437d8305547a834a0f3ad076ac591b90189eb922f48759094efaa9618e39fc249600ab13650113fe841fc9af0b736acc61a9b9baba7bacd35224c34df1bbc9 WHIRLPOOL f9535d4fabad7603cc384dda13aca51be77c7901d099190f9d5a187e517128a56a28cb851408b93091f8d99ce118678857ec08fba16bec4c2e2ed2d75ab543bd +DIST nginx-1.11.11.tar.gz 979864 SHA256 5a7ac480248e28d26e68fd1ea3dbd8b05f69726d71528e79332839b171277262 SHA512 c830c1eb762f5d5df19c4b256c8aa4ebe8354f3a088f07c6b4b890806117d1716eaa20dbd6ac1ff5eafc2b1ee43c44ed608aa96b9057e44953b2888177e67719 WHIRLPOOL 9403ab4763a077a378d997d7a60abdf6c9a8caa8756096c86c1046ca324926e9e8e835c59bd677440fc33e8a9f4c22cfa238e043116bfed621dabcadacc9d1cf DIST nginx-1.11.6.tar.gz 960331 SHA256 3153abbb518e2d9c032e1b127da3dc0028ad36cd4679e5f3be0b8afa33bc85bd SHA512 1969f527d4554a976d14e82c2297c519a0d0d82a9fbd3cc703ab42a23067c7fcf101ddf16f1abff374c71f37969fd7c58d2a344c57566538b821acc32cd3d979 WHIRLPOOL 67ed24c25b20f6d94f3a0602946f750b4efafd79d3a093a35fdf370a20377abcc2a54c00fcd5e7bc54305515da9234fb2f192c744a7fb59c4bbdee2ba0c0f626 DIST nginx-1.11.8.tar.gz 964918 SHA256 53aef3715d79015314c2dcb18f2b185a0c64368cc01b30bdf0737a215f666b34 SHA512 4bbecf17579022cc925af8808554983c57e4f438edc8f987751413f0a023267a4766edc8321cbbe8a8b675f7e86d8a2cba76bd52236c8d9509b2b301ab349ffa WHIRLPOOL a30ad4cdc0b74e0f860938942caeee961759ceabae8735725a989db29702b366fb285079a992cbc681ec3fd157ef6f8907f6a3eac13a8af302daad94ca867738 DIST nginx-1.11.9.tar.gz 965463 SHA256 dc22b71f16b551705930544dc042f1ad1af2f9715f565187ec22c7a4b2625748 SHA512 95247d5db3e23a0ea22686cc3fe4295f8854948a6f168a783082fdbb2acbecdad61cd9c8cadd84c1f74c1e87becdca8d6664622ff9cebc72687f20b29cc09fd0 WHIRLPOOL 39a56073e359aac716e0a9ff672ee89b97205c281b53be97920c098aea9b25635e59a5ea0e3a7cb4ba79d43afc8ed3942cd34840773dd1e472101c9ab6ac72a4 @@ -25,3 +26,4 @@ DIST ngx_memc_module-0.17.tar.gz 36369 SHA256 25cbe3ff4931283a681260607bc91ae4a9 DIST ngx_metrics-0.1.1.tar.gz 2964 SHA256 1c62ebb31e3caafad91720962770b0e7a4287f195520cf12471c262ac19b154e SHA512 d36a8fb0104c83b6b564e03b351aa750cab08650264c74d6f786af357bfb7006b531a93270dd961896ea8dafe27e5db85
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 7e9a4ebc9ca7bb35814cacf85c9a28cdab6fdf9f Author: Thomas Deutschmann gentoo org> AuthorDate: Sat Jan 7 23:29:14 2017 + Commit: Thomas Deutschmann gentoo org> CommitDate: Sat Jan 7 23:30:45 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7e9a4ebc www-servers/nginx: rev bump to fix CVE-2016-1247 (bug #605008) Ebuild changes: === - Rewritten pkg_postinst for a better user experience - Package tries to show warnings/notices only when really needed - Permission checks should now be more reliable, i.e. working when switching between stable (:0) and mainline (:mainline) slot. - An additional sanity check will make sure that at least permissions on "/var/log/nginx" will prevent a known root privilege escalation - Permissions on "/var/log/nginx" changed to 0710 and owner changed to 0:nginx to fix CVE-2016-1247 (bug #tba) - Runscript: Bashisms removed - User is now able to control most runscript options like used nginx' config file, pidfile, user/group, start-stop-daemon arguments ... through "/etc/conf.d/nginx" Package-Manager: Portage-2.3.3, Repoman-2.3.1 www-servers/nginx/files/nginx.confd | 32 + www-servers/nginx/files/nginx.initd-r4 | 93 +++ www-servers/nginx/nginx-1.10.2-r3.ebuild | 986 ++ www-servers/nginx/nginx-1.11.6-r1.ebuild | 999 +++ 4 files changed, 2110 insertions(+) diff --git a/www-servers/nginx/files/nginx.confd b/www-servers/nginx/files/nginx.confd new file mode 100644 index ..f4b8043 --- /dev/null +++ b/www-servers/nginx/files/nginx.confd @@ -0,0 +1,32 @@ +# /etc/conf.d/nginx + +# Configuration file +#NGINX_CONFIGFILE="/etc/nginx/nginx.conf" + +# PID file +# If you should ever change this, remember to update +# "/etc/logrotate.d/nginx", too. +#NGINX_PIDFILE="/run/nginx.pid" + +# User to run nginx as +# If you should ever change this, make sure this user has +# execution permission on any of your log directories +# (/var/log/nginx per default) but do NOT forget other log directories +# one of your vhost(s) maybe using or logging after logrotation will +# be broken). +#NGINX_USER="nginx" + +# Group to run nginx as +# See the note above regarding NGINX_USER. +#NGINX_GROUP="nginx" + +# You can use this configuration option to pass additional options to the +# start-stop-daemon, see start-stop-daemon(8) for more details. +# Per default we wait 1000ms after we have started the service to ensure +# that the daemon is really up and running. +#NGINX_SSDARGS="--wait 1000" + +# The termination timeout (start-stop-daemon parameter "retry") ensures +# that the service will be terminated within a given time (60 + 5 seconds +# per default) when you are stopping the service. +#NGINX_TERMTIMEOUT="TERM/60/KILL/5" diff --git a/www-servers/nginx/files/nginx.initd-r4 b/www-servers/nginx/files/nginx.initd-r4 new file mode 100644 index ..1b7385f --- /dev/null +++ b/www-servers/nginx/files/nginx.initd-r4 @@ -0,0 +1,93 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +extra_commands="configtest" +extra_started_commands="upgrade reload" + +description="Robust, small and high performance http and reverse proxy server" +description_configtest="Run nginx' internal config check." +description_upgrade="Upgrade the nginx binary without losing connections." +description_reload="Reload the nginx configuration without losing connections." + +NGINX_CONFIGFILE=${NGINX_CONFIGFILE:-/etc/nginx/nginx.conf} + +command="/usr/sbin/nginx" +command_args="-c \"${NGINX_CONFIGFILE}\"" +start_stop_daemon_args=${NGINX_SSDARGS:-"--wait 1000"} +pidfile=${NGINX_PIDFILE:-/run/nginx.pid} +user=${NGINX_USER:-nginx} +group=${NGINX_GROUP:-nginx} +retry=${NGINX_TERMTIMEOUT:-"TERM/60/KILL/5"} + +depend() { + need net + use dns logger netmount +} + +start_pre() { + if [ "${RC_CMD}" != "restart" ]; then + configtest || return 1 + fi +} + +stop_pre() { + if [ "${RC_CMD}" = "restart" ]; then + configtest || return 1 + fi +} + +stop_post() { + rm -f ${pidfile} +} + +reload() { + configtest || return 1 + ebegin "Refreshing nginx' configuration" + start-stop-daemon --signal SIGHUP --pidfile "${pidfile}" + eend $? "Failed to reload nginx" +} + +upgrade() { + configtest || return 1 + ebegin "Upgrading nginx" + + einfo "Sending USR2 to old binary" + start-stop-daemon --signal SIGUSR2 --pidfile "${pidfile}" + + einfo "Sleeping 3 seconds before pid-files checking" + sleep 3 + + if [ ! -f "${pidfile}.oldbin" ]; then + eerror "File with old pid not found" + return 1 + fi + + if [ ! -f "${pidfile}" ]; then + eerror "New binary failed to start" + return 1 + fi + + einfo "Sleepi
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 8ac89065bebe43ae243a8ad0865b3ac512e9d63a Author: Thomas Deutschmann gentoo org> AuthorDate: Tue Nov 15 21:48:07 2016 + Commit: Thomas Deutschmann gentoo org> CommitDate: Tue Nov 15 21:48:56 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8ac89065 www-servers/nginx: Cleanup old. Package-Manager: portage-2.3.2 www-servers/nginx/Manifest | 2 - .../nginx/files/http-sticky-nginx-1.11.2.patch | 64 -- www-servers/nginx/nginx-1.10.1-r3.ebuild | 776 www-servers/nginx/nginx-1.10.1-r4.ebuild | 776 www-servers/nginx/nginx-1.11.4.ebuild | 789 - 5 files changed, 2407 deletions(-) diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index 9c0b9aa..f950922 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -1,7 +1,6 @@ DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269 WHIRLPOOL 5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb DIST nginx-1.10.1.tar.gz 909077 SHA256 1fd35846566485e03c0e318989561c135c598323ff349c503a6c14826487a801 SHA512 fa1329d40e83340380332dd5e2ed66f08dd59cc7f7582dd0e0193c493353ba550e80dc80e5165c225d70532d4197abc49cc8c760e8ab72e48f630cb57c2803e1 WHIRLPOOL 6942f70c3279a28bd8d664d085dee68bf0d0526c8dcb636f3258c9de598268efc984af72e527efd86889bd13911b38b0bdb2de1e92eef69cabd02f7080f64eb6 DIST nginx-1.10.2.tar.gz 910812 SHA256 1045ac4987a396e2fa5d0011daf8987b612dd2f05181b67507da68cbe7d765c2 SHA512 f2d5a4fbabaf9333bae46461bcbe3dbcc5ff7e8f8c7a5dead3063e3d59c9ec15dc85262a23ca7d693db45a50ec98a70fb216b3da9872ee23d57b6bfaf064876e WHIRLPOOL 7e819f43a68de49d3cceb3e5ec81eef6872859df0abca2be00fb73c8779c2716b6997ea5f8cadb93af195d9f4d07a4404f51e0752dd881628de93a0c0289aea7 -DIST nginx-1.11.4.tar.gz 949793 SHA256 06221c1f43f643bc6bfe5b2c26d19e09f2588d5cde6c65bdb77dfcce7c026b3b SHA512 c6a03c440a274576434aa74932b3fa7cd49174d9e2d8c6e480838637f33f158e31b6f25cac97e158f386bb92f62ff9636c2d3ac1a552e27a860eb9448e2f3f94 WHIRLPOOL 53c371cb34bc55f28d0a0915e08a4fdeffcfcbc8571628db086e0a75627c926693f2faba8608f0c444bc79df244b7f321e6017eda0eb7710d2ccb6f25aac8b75 DIST nginx-1.11.5.tar.gz 956517 SHA256 223f8a2345a75f891098cf26ccdf208b293350388f51ce69083674c9432db6f6 SHA512 f41b21b5d8c6b7fe7f8713e96fb6b1c40da49bf64ebb790fb5aa38f036a37b36fcf048ff72c2216552b2f75366b30c5fcdef26312bd4e5515b2476a1cd944b8c WHIRLPOOL fba49ae277ec2114b06eb0fdce87161ac7bd3e0ca90387dc58caf327c5f12056be07eeba677ff37c59e7d759054ec276ce4db647250774c57588619a1803592c DIST nginx-1.11.6.tar.gz 960331 SHA256 3153abbb518e2d9c032e1b127da3dc0028ad36cd4679e5f3be0b8afa33bc85bd SHA512 1969f527d4554a976d14e82c2297c519a0d0d82a9fbd3cc703ab42a23067c7fcf101ddf16f1abff374c71f37969fd7c58d2a344c57566538b821acc32cd3d979 WHIRLPOOL 67ed24c25b20f6d94f3a0602946f750b4efafd79d3a093a35fdf370a20377abcc2a54c00fcd5e7bc54305515da9234fb2f192c744a7fb59c4bbdee2ba0c0f626 DIST nginx-auth-ldap-49a8b4d28fc4a518563c82e0b52821e5f37db1fc.tar.gz 17159 SHA256 3c11c32f05da04f1a4647dc4e35dd8d8aeacd5a2e763ba349feba3dba8663132 SHA512 323abd0ca8e90f5afcaf81a8ff1a8abe3dfcbff3d69f0dd4a1c005fe6436acbf3076c4c57a4df877b3d8e388cbea085d46301bb2df9c0752e2567817ff7cca92 WHIRLPOOL ad65e8182b2634db5fa06055ef7d91c7d8aabd0fa986d8402a4845977354d6edb329621b6f9f96c90ce2d158cff20e42ae50fba06a088a84de3e3f414205dbc2 @@ -35,4 +34,3 @@ DIST ngx_metrics-0.1.1.tar.gz 2964 SHA256 1c62ebb31e3caafad91720962770b0e7a4287f DIST ngx_mogilefs_module-1.0.4.tar.gz 11208 SHA256 7ac230d30907f013dff8d435a118619ea6168aa3714dba62c6962d350c6295ae SHA512 b8cb7eaf6274f4e2247dbcb39db05072d2b2d4361256a325fafab5533d7ce0c4ae9e2905b954dfcfa4789c9cab5cccf2ac1c3a1f02f6a327ed95b562d7773ed1 WHIRLPOOL 64c9b11ad938e6dbe5ba31298f1cd46f6e6bb4ba039c96b1e43bd85919d1606326f74b677f789ecabe0b0f4e0f08ac5aaf8148bf820de65aaa1e9966a28b9f61 DIST ngx_rtmp-1.1.10.tar.gz 519877 SHA256 f9491dd24390b0d5d70dfe3553edf3d14efeb7c7a81b4d4a20c5cfeaefc1141c SHA512 bcc0aee3308af7c61bf01a5530fcf1dae938e6778306f6e3eb5995e6d0529f43d33b7ee2acb813d5a39acc92e4853d207a01e8e41b766a6e0dd07aade60cd98f WHIRLPOOL 655f4dcb02f928698ae14d29e5b7f60ad3fd71c757d67f1930c695a3501054d124a92f7ada7d4e605204f1e73e0779cad0b60102bc98d64764535581db0b1867 DIST ngx_rtmp-1.1.7.tar.gz 519735 SHA256 7922b0e3d5f3d9c4b275e4908cfb8f5fb1bfb3ac2df77f4c262cda56df21aab3 SHA512 9883462a04683f1e7af175da04b86d259ff6d677864667588fb073143f7130969eb2a5a5a48ddceda7a555b908580f179bdcacb7f0111413d51db5bfe43b396e WHIRLPOOL e9c1fc9c3c965ae7047657f76e0997d5da107aff7dd9e5cf3ddb5a2d8f388efd8439b82923e199dc36def449567b8529e06c80f69c36f42128236ac0be5719d5 -DIST ngx_rtmp-1.1.9.tar.gz 519807 SHA256 46d9
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 1ff623f132f68b98061ac2d0ff9695920041a336 Author: Thomas Deutschmann gentoo org> AuthorDate: Thu Oct 20 14:03:39 2016 + Commit: Thomas Deutschmann gentoo org> CommitDate: Thu Oct 20 14:03:39 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1ff623f1 www-servers/nginx: Patch for uploadprogress module updated The previous patch worked however upstream merged an updated PR so I updated the patch to stay in sync. Package-Manager: portage-2.3.2 .../files/http_uploadprogress-issue_50-r1.patch| 31 + .../nginx/files/http_uploadprogress-issue_50.patch | 32 -- www-servers/nginx/nginx-1.10.2-r1.ebuild | 2 +- www-servers/nginx/nginx-1.11.5-r1.ebuild | 2 +- 4 files changed, 33 insertions(+), 34 deletions(-) diff --git a/www-servers/nginx/files/http_uploadprogress-issue_50-r1.patch b/www-servers/nginx/files/http_uploadprogress-issue_50-r1.patch new file mode 100644 index ..42cbd77 --- /dev/null +++ b/www-servers/nginx/files/http_uploadprogress-issue_50-r1.patch @@ -0,0 +1,31 @@ +From dd138546b16a01e9c09613d02211373baf1cac02 Mon Sep 17 00:00:00 2001 +From: Thomas Deutschmann +Date: Thu, 20 Oct 2016 03:09:37 +0200 +Subject: [PATCH] config: Fix ngx_module_type + +Since commit 37182ce2f3b6 the module was not present in static builds +because due to an invalid "ngx_module_type" the module was not added to +objs/ngx_modules.c. + +This commit will fix the problem by setting the correct module type +"HTTP_FILTER" [Link 1]. + +Link 1: https://www.nginx.com/resources/wiki/extending/new_config/#key-ngx_module_type +Gentoo-Bug: https://bugs.gentoo.org/593450 +Fixes: https://github.com/masterzen/nginx-upload-progress-module/issues/50 +--- + config | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/config b/config +index 364af8c..5f4ade1 100644 +--- a/config b/config +@@ -1,6 +1,6 @@ + ngx_addon_name=ngx_http_uploadprogress_module + if test -n "$ngx_module_link"; then +-ngx_module_type=FILTER ++ngx_module_type=HTTP_FILTER + ngx_module_name=ngx_http_uploadprogress_module + ngx_module_srcs="$ngx_addon_dir/ngx_http_uploadprogress_module.c" + diff --git a/www-servers/nginx/files/http_uploadprogress-issue_50.patch b/www-servers/nginx/files/http_uploadprogress-issue_50.patch deleted file mode 100644 index 3347c5b.. --- a/www-servers/nginx/files/http_uploadprogress-issue_50.patch +++ /dev/null @@ -1,32 +0,0 @@ -From edd7e026fa992f58b04ea9d00b56239f37b3e320 Mon Sep 17 00:00:00 2001 -From: Thomas Deutschmann -Date: Wed, 19 Oct 2016 15:05:27 +0200 -Subject: [PATCH] config: Only build as dynamic module when really requested - -Since commit 37182ce2f3b6 the module was always build as dynamic module. -Probably because following a bad skeleton [1]. - -With this change we will only build a dynamic module when requested. Otherwise -we will fall back to static build. - -Link: https://trac.nginx.org/nginx/ticket/1115 -Gentoo-Bug: https://bugs.gentoo.org/593450 -Fixes: https://github.com/masterzen/nginx-upload-progress-module/issues/50 - config | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/config b/config -index 364af8c..d704460 100644 a/config -+++ b/config -@@ -1,5 +1,5 @@ - ngx_addon_name=ngx_http_uploadprogress_module --if test -n "$ngx_module_link"; then -+if [ $ngx_module_link = DYNAMIC ] ; then - ngx_module_type=FILTER - ngx_module_name=ngx_http_uploadprogress_module - ngx_module_srcs="$ngx_addon_dir/ngx_http_uploadprogress_module.c" --- -2.10.1 - diff --git a/www-servers/nginx/nginx-1.10.2-r1.ebuild b/www-servers/nginx/nginx-1.10.2-r1.ebuild index c649333..8690da9 100644 --- a/www-servers/nginx/nginx-1.10.2-r1.ebuild +++ b/www-servers/nginx/nginx-1.10.2-r1.ebuild @@ -354,7 +354,7 @@ src_prepare() { if use nginx_modules_http_upload_progress; then cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die - eapply "${FILESDIR}"/http_uploadprogress-issue_50.patch + eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch cd "${S}" || die fi diff --git a/www-servers/nginx/nginx-1.11.5-r1.ebuild b/www-servers/nginx/nginx-1.11.5-r1.ebuild index 46c24d3..5aae3ae 100644 --- a/www-servers/nginx/nginx-1.11.5-r1.ebuild +++ b/www-servers/nginx/nginx-1.11.5-r1.ebuild @@ -362,7 +362,7 @@ src_prepare() { if use nginx_modules_http_upload_progress; then cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die - eapply "${FILESDIR}"/http_uploadprogress-issue_50.patch + eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch cd "${S}" || die fi
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f Author: Thomas Deutschmann gentoo org> AuthorDate: Wed Aug 10 22:02:57 2016 + Commit: Thomas Deutschmann gentoo org> CommitDate: Wed Aug 10 22:13:33 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8be44f76 www-servers/nginx: Revision bump to update HTTPoxy mitigation Commit c4b897dc39a9 ("www-servers/nginx: HTTPoxy mitigation added") only added HTTPoxy mitigation for fastcgi protocol. This commit will add mitigation for similar protocols like scgi and uwsgi as well. Reported-by: Valentin V. Bartenev nginx.com> Package-Manager: portage-2.3.0 .../nginx/files/nginx-httpoxy-mitigation-r1.patch | 54 ++ www-servers/nginx/nginx-1.10.1-r2.ebuild | 768 www-servers/nginx/nginx-1.11.3-r1.ebuild | 782 + 3 files changed, 1604 insertions(+) diff --git a/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch b/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch new file mode 100644 index 000..4a6372a --- /dev/null +++ b/www-servers/nginx/files/nginx-httpoxy-mitigation-r1.patch @@ -0,0 +1,54 @@ +httpoxy mitigation + +See https://httpoxy.org/ and https://www.nginx.com/blog/?p=41962 for details. +--- + conf/fastcgi.conf | 3 +++ + conf/fastcgi_params | 3 +++ + conf/scgi_params| 3 +++ + conf/uwsgi_params | 3 +++ + 4 files changed, 12 insertions(+) + +diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf +index 091738c..9f7e192 100644 +--- a/conf/fastcgi.conf b/conf/fastcgi.conf +@@ -24,3 +24,6 @@ fastcgi_param SERVER_NAME$server_name; + + # PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_param REDIRECT_STATUS200; ++ ++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) ++fastcgi_param HTTP_PROXY ""; +diff --git a/conf/fastcgi_params b/conf/fastcgi_params +index 28decb9..3be3a95 100644 +--- a/conf/fastcgi_params b/conf/fastcgi_params +@@ -23,3 +23,6 @@ fastcgi_param SERVER_NAME$server_name; + + # PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_param REDIRECT_STATUS200; ++ ++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) ++fastcgi_param HTTP_PROXY ""; +diff --git a/conf/scgi_params b/conf/scgi_params +index 6d4ce4f..a9da34f 100644 +--- a/conf/scgi_params b/conf/scgi_params +@@ -15,3 +15,6 @@ scgi_param REMOTE_ADDR$remote_addr; + scgi_param REMOTE_PORT$remote_port; + scgi_param SERVER_PORT$server_port; + scgi_param SERVER_NAME$server_name; ++ ++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) ++scgi_param HTTP_PROXY ""; +diff --git a/conf/uwsgi_params b/conf/uwsgi_params +index 09c732c..9d67d3d 100644 +--- a/conf/uwsgi_params b/conf/uwsgi_params +@@ -15,3 +15,6 @@ uwsgi_param REMOTE_ADDR$remote_addr; + uwsgi_param REMOTE_PORT$remote_port; + uwsgi_param SERVER_PORT$server_port; + uwsgi_param SERVER_NAME$server_name; ++ ++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) ++uwsgi_param HTTP_PROXY ""; diff --git a/www-servers/nginx/nginx-1.10.1-r2.ebuild b/www-servers/nginx/nginx-1.10.1-r2.ebuild new file mode 100644 index 000..a320bc8 --- /dev/null +++ b/www-servers/nginx/nginx-1.10.1-r2.ebuild @@ -0,0 +1,768 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 + +# Maintainer notes: +# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite +# - any http-module activates the main http-functionality and overrides USE=-http +# - keep the following requirements in mind before adding external modules: +# * alive upstream +# * sane packaging +# * builds cleanly +# * does not need a patch for nginx core +# - TODO: test the google-perftools module (included in vanilla tarball) + +# prevent perl-module from adding automagic perl DEPENDs +GENTOO_DEPEND_ON_PERL="no" + +# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license) +DEVEL_KIT_MODULE_PV="0.3.0" +DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1" +DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz"; +DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}" + +# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license) +HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.1" +HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1" +HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz"; +HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/, profiles/desc/
commit: 8e825c84541e7d88387a864b9aefe3a30c7f2b8b Author: Thomas Deutschmann whissi de> AuthorDate: Tue Aug 2 12:43:42 2016 + Commit: Patrice Clement gentoo org> CommitDate: Tue Aug 9 07:22:04 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8e825c84 www-servers/nginx: version bump to v1.11.3. * Upstream added 3 new STREAM modules: - geo - geoip - split_clients * Each HTTP/STREAM upstream module can now be enabled/disabled using a dedicated USE flag Package-Manager: portage-2.3.0 Closes: https://github.com/gentoo/gentoo/pull/1999 Signed-off-by: Patrice Clement gentoo.org> profiles/desc/nginx_modules_http.desc | 6 +- profiles/desc/nginx_modules_stream.desc| 8 + www-servers/nginx/Manifest | 1 + 11.3-fix-build-without-stream_ssl_module.patch | 30 + www-servers/nginx/nginx-1.11.3.ebuild | 782 + 5 files changed, 826 insertions(+), 1 deletion(-) diff --git a/profiles/desc/nginx_modules_http.desc b/profiles/desc/nginx_modules_http.desc index f6c33cc..8c5ffa7 100644 --- a/profiles/desc/nginx_modules_http.desc +++ b/profiles/desc/nginx_modules_http.desc @@ -1,4 +1,4 @@ -# Copyright 1999-2015 Gentoo Foundation. +# Copyright 1999-2016 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 # $Id$ @@ -62,7 +62,11 @@ stub_status - This module provides the ability to get some status from nginx. sub - This module can search and replace text in the nginx response. upload_progress - This module adds the ability to track POST upload progress via JSON API upstream_check - Add health check support for upstream servers. +upstream_hash - This module provides the ability to distribute upstream requests based on hashed key value. upstream_ip_hash - This module provides the ability to distribute upstream requests based on the IP-address of the client. +upstream_keepalive - Thiis module provides the ability to cache connections to upstream servers. +upstream_least_conn - This module provides the ability to distribute upstream requests using load balancing methods. +upstream_zone - This module makes it possible to define a shared memory zone that keeps the group's configuration and run-time state that are shared between worker processes. userid - This module gives out cookies for identification of clients. uwsgi - External module for the uWSGI protocol for python web apps. xslt - This module is a filter which converts an XML response with the aid of one or more XSLT templates. diff --git a/profiles/desc/nginx_modules_stream.desc b/profiles/desc/nginx_modules_stream.desc index bc20e2a..d7634ac 100644 --- a/profiles/desc/nginx_modules_stream.desc +++ b/profiles/desc/nginx_modules_stream.desc @@ -6,5 +6,13 @@ # Keep it sorted. access - This module allows limiting access to certain client addresses. +geo - This module creates variables, whose values depend on the IP-address of the client. +geoip - This module creates variables based on the IP-address of the client matched against the MaxMind GeoIP binary files. limit_conn - This module is used to limit the number of connections per the defined key. +map - This module allows you to classify, or map a set of values into a different set of values and store the result in a variable. +return - This module allows sending a specified value to the client and then closing the connection. +split_clients - This module provides A/B testing support. upstream - This module is used to define groups of servers that can be referenced by the proxy_pass directive. +upstream_hash - This module provides the ability to distribute upstream requests based on hashed key value. +upstream_least_conn - This module provides the ability to distribute upstream requests using load balancing methods. +upstream_zone - This module makes it possible to define a shared memory zone that keeps the group's configuration and run-time state that are shared between worker processes. diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index fde5d70..a721492 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -1,6 +1,7 @@ DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269 WHIRLPOOL 5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb DIST nginx-1.10.1.tar.gz 909077 SHA256 1fd35846566485e03c0e318989561c135c598323ff349c503a6c14826487a801 SHA512 fa1329d40e83340380332dd5e2ed66f08dd59cc7f7582dd0e0193c493353ba550e80dc80e5165c225d70532d4197abc49cc8c760e8ab72e48f630cb57c2803e1 WHIRLPOOL 6942f70c3279a28bd8d664d085dee68bf0d0526c8dcb636f3258c9de598268efc984af72e527efd86889bd13911b38b0bdb2de1e92eef69c
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: c4b897dc39a939d0f409e1bcd9f6bd9c75679cf9 Author: Thomas Deutschmann whissi de> AuthorDate: Tue Jul 19 23:16:33 2016 + Commit: Lars Wendler gentoo org> CommitDate: Tue Jul 26 09:51:22 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c4b897dc www-servers/nginx: HTTPoxy mitigation added Package-Manager: portage-2.3.0 Signed-off-by: Lars Wendler gentoo.org> .../nginx/files/nginx-httpoxy-mitigation.patch | 33 ++ ...{nginx-1.11.2.ebuild => nginx-1.10.1-r1.ebuild} | 23 +-- www-servers/nginx/nginx-1.11.2.ebuild | 13 + 3 files changed, 61 insertions(+), 8 deletions(-) diff --git a/www-servers/nginx/files/nginx-httpoxy-mitigation.patch b/www-servers/nginx/files/nginx-httpoxy-mitigation.patch new file mode 100644 index 000..7e9618b --- /dev/null +++ b/www-servers/nginx/files/nginx-httpoxy-mitigation.patch @@ -0,0 +1,33 @@ +httpoxy mitigation + +See https://httpoxy.org/ and https://www.nginx.com/blog/?p=41962 for details. +--- + conf/fastcgi.conf | 3 +++ + conf/fastcgi_params | 3 +++ + 2 files changed, 6 insertions(+) + +diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf +index 091738c..9f7e192 100644 +--- a/conf/fastcgi.conf b/conf/fastcgi.conf +@@ -24,3 +24,6 @@ fastcgi_param SERVER_NAME$server_name; + + # PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_param REDIRECT_STATUS200; ++ ++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) ++fastcgi_param HTTP_PROXY ""; +diff --git a/conf/fastcgi_params b/conf/fastcgi_params +index 28decb9..3be3a95 100644 +--- a/conf/fastcgi_params b/conf/fastcgi_params +@@ -23,3 +23,6 @@ fastcgi_param SERVER_NAME$server_name; + + # PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_param REDIRECT_STATUS200; ++ ++# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962) ++fastcgi_param HTTP_PROXY ""; +-- +2.9.2 + diff --git a/www-servers/nginx/nginx-1.11.2.ebuild b/www-servers/nginx/nginx-1.10.1-r1.ebuild similarity index 97% copy from www-servers/nginx/nginx-1.11.2.ebuild copy to www-servers/nginx/nginx-1.10.1-r1.ebuild index 9bf..5912230 100644 --- a/www-servers/nginx/nginx-1.11.2.ebuild +++ b/www-servers/nginx/nginx-1.10.1-r1.ebuild @@ -171,7 +171,7 @@ LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+ nginx_modules_http_security? ( Apache-2.0 ) nginx_modules_http_push_stream? ( GPL-3 )" -SLOT="mainline" +SLOT="0" KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux" NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif @@ -269,7 +269,7 @@ CDEPEND=" nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] )" RDEPEND="${CDEPEND} selinux? ( sec-policy/selinux-nginx ) - !www-servers/nginx:0" + !www-servers/nginx:mainline" DEPEND="${CDEPEND} arm? ( dev-libs/libatomic_ops ) libatomic? ( dev-libs/libatomic_ops )" @@ -319,12 +319,7 @@ pkg_setup() { src_prepare() { eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" - - if use nginx_modules_http_sticky; then - cd "${HTTP_STICKY_MODULE_WD}" || die - eapply "${FILESDIR}"/http-sticky-nginx-1.11.2.patch - cd "${S}" || die - fi + eapply "${FILESDIR}/${PN}-httpoxy-mitigation.patch" if use nginx_modules_http_upstream_check; then eapply -p0 "${HTTP_UPSTREAM_CHECK_MODULE_WD}/check_1.9.2+".patch @@ -758,4 +753,16 @@ pkg_postinst() { ewarn "'rx' permissions on /var/log/nginx (default on a fresh install)" ewarn "Otherwise you end up with empty log files after a logrotate." fi + + # HTTPoxy mitigation + ewarn "" + ewarn "This nginx installation comes with a mitigation for the HTTPoxy" + ewarn "vulnerability for FastCGI applications by setting the HTTP_PROXY FastCGI" + ewarn "parameter to an empty string per default when you are sourcing the default" + ewarn "'fastcgi_params' or 'fastcgi.conf' in your server block(s)." + ewarn "" + ewarn "If this is causing any problems for you make sure that you are sourcing the" + ewarn "default parameters _before_ you set your own values." + ewarn "If you are relying on user-supplied proxy values you have to remove the" + ewarn "correlating lines from 'fastcgi_params' and or 'fastcgi.conf'." } diff --git a/www-servers/nginx/nginx-1.11.2.ebuild b/www-servers/nginx/nginx-1.11.2.ebuild index 9bf..0a7e068 100644 --- a/www-servers/nginx/nginx-1.11.2.ebuild +++ b/www-servers/nginx/nginx-1.11.2.ebuild @@ -319,6 +319,7 @@ pkg_setup() { src_prepare() { eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" + eapply "${FILESDIR}/${PN}-httpoxy-mitigation.patch" if use nginx_modules_ht
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 6241ba18ca4a5e043a97ad11cf450c8d27b3079f Author: Thomas Deutschmann whissi de> AuthorDate: Mon Jun 13 13:49:57 2016 + Commit: Patrice Clement gentoo org> CommitDate: Thu Jun 16 06:27:33 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6241ba18 www-servers/nginx: Patch for rtmp module. Fixes bug 585804. Proposed patch for upstream bug 820 added to fix building of nginx's 3rd party module "rtmp" against nginx-1.11.0+. Bug: https://github.com/arut/nginx-rtmp-module/issues/820 Gentoo-Bug: https://bugs.gentoo.org/585804 Package-Manager: portage-2.3.0_rc1 Closes: https://github.com/gentoo/gentoo/pull/1669 Signed-off-by: Patrice Clement gentoo.org> www-servers/nginx/files/rtmp-nginx-1.11.0.patch | 39 + www-servers/nginx/nginx-1.10.1.ebuild | 7 +++-- www-servers/nginx/nginx-1.11.1.ebuild | 13 +++-- 3 files changed, 53 insertions(+), 6 deletions(-) diff --git a/www-servers/nginx/files/rtmp-nginx-1.11.0.patch b/www-servers/nginx/files/rtmp-nginx-1.11.0.patch new file mode 100644 index 000..36c9c03 --- /dev/null +++ b/www-servers/nginx/files/rtmp-nginx-1.11.0.patch @@ -0,0 +1,39 @@ +From 965523f3970e449e3abbaa6c9b0db1ce251f2b68 Mon Sep 17 00:00:00 2001 +From: RocFang +Date: Mon, 30 May 2016 22:56:16 +0800 +Subject: [PATCH] compile with nginx-1.11.0 + +From https://github.com/arut/nginx-rtmp-module/issues/820 + +--- + ngx_rtmp_core_module.c | 8 + 1 file changed, 8 insertions(+) + +diff --git a/ngx_rtmp_core_module.c b/ngx_rtmp_core_module.c +index 643702f..567f011 100644 +--- a/ngx_rtmp_core_module.c b/ngx_rtmp_core_module.c +@@ -557,7 +557,11 @@ ngx_rtmp_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) + break; + } + ++#if (nginx_version >= 1011000) ++if (ngx_memcmp(ls[i].sockaddr + off, &u.sockaddr + off, len) != 0) { ++#else + if (ngx_memcmp(ls[i].sockaddr + off, u.sockaddr + off, len) != 0) { ++#endif + continue; + } + +@@ -577,7 +581,11 @@ ngx_rtmp_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) + + ngx_memzero(ls, sizeof(ngx_rtmp_listen_t)); + ++#if (nginx_version >= 1011000) ++ngx_memcpy(ls->sockaddr, &u.sockaddr, u.socklen); ++#else + ngx_memcpy(ls->sockaddr, u.sockaddr, u.socklen); ++#endif + + ls->socklen = u.socklen; + ls->wildcard = u.wildcard; diff --git a/www-servers/nginx/nginx-1.10.1.ebuild b/www-servers/nginx/nginx-1.10.1.ebuild index 55ec9b2..630624b 100644 --- a/www-servers/nginx/nginx-1.10.1.ebuild +++ b/www-servers/nginx/nginx-1.10.1.ebuild @@ -348,7 +348,7 @@ src_prepare() { src_configure() { # mod_security needs to generate nginx/modsecurity/config before including it if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" + cd "${HTTP_SECURITY_MODULE_WD}" || die if use luajit ; then sed -i \ -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \ @@ -360,7 +360,7 @@ src_configure() { $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security" fi - cd "${S}" + cd "${S}" || die local myconf=() http_enabled= mail_enabled= stream_enabled= @@ -624,9 +624,10 @@ src_install() { newins "${FILESDIR}"/nginx.logrotate-r1 nginx if use nginx_modules_http_perl; then - cd "${S}"/objs/src/http/modules/perl/ + cd "${S}"/objs/src/http/modules/perl/ || die emake DESTDIR="${D}" INSTALLDIRS=vendor perl_delete_localpod + cd "${S}" || die fi if use nginx_modules_http_cache_purge; then diff --git a/www-servers/nginx/nginx-1.11.1.ebuild b/www-servers/nginx/nginx-1.11.1.ebuild index 5b4e977..451b271 100644 --- a/www-servers/nginx/nginx-1.11.1.ebuild +++ b/www-servers/nginx/nginx-1.11.1.ebuild @@ -320,6 +320,12 @@ pkg_setup() { src_prepare() { eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" + if use rtmp; then + cd "${RTMP_MODULE_WD}" || die + eapply "${FILESDIR}"/rtmp-nginx-1.11.0.patch + cd "${S}" || die + fi + if use nginx_modules_http_upstream_check; then eapply -p0 "${HTTP_UPSTREAM_CHECK_MODULE_WD}/check_1.9.2+".patch fi @@ -348,7 +354,7 @@ src_prepare() { src_configure() { # mod_security needs to generate nginx/modsecurity/config before including it if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" + cd "${HTTP_SECURITY_MODULE_WD}" || die if use luajit ; then sed -i \ -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \ @@ -360,7 +366,7 @@ src_configure() { $(use_with nginx_modules_http_lua lua) || die
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: fa58d5378eee1fc28ceff889a80e26beffa23d38 Author: Thomas Deutschmann whissi de> AuthorDate: Mon Jun 13 18:30:54 2016 + Commit: Kristian Fiskerstrand gentoo org> CommitDate: Mon Jun 13 18:36:32 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa58d537 www-servers/nginx: Security cleanup Dropping nginx-1.8.1 which is vulnerable to CVE-2016-4450 and was replaced by nginx-1.10.1 via commit 9d8b4adb72f5912b8c121bdda6ffee72e08926d7. Gentoo-Bug: 584744 Package-Manager: portage-2.3.0_rc1 www-servers/nginx/Manifest | 12 - www-servers/nginx/files/AJP-nginx-1.7.9+.patch | 184 --- www-servers/nginx/files/check-1.9.2.patch | 242 - www-servers/nginx/files/lua-nginx-1.7.6.patch | 39 -- www-servers/nginx/files/rtmp-nginx-1.7.6.patch | 89 www-servers/nginx/nginx-1.8.1.ebuild | 667 - 6 files changed, 1233 deletions(-) diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index f9608ef..2932c5a 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -1,33 +1,21 @@ -DIST modsecurity-2.9.0.tar.gz 4246467 SHA256 e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434 SHA512 1af04f29bf23c51d03cdd3795c530f88b523a645aa02d776a6b23dcbc31decec7cd574919e5c7c7cf82684df2774062de5e465bddbbaf4c01a442c6d49401d3d WHIRLPOOL 1167ba6048a3ca05dcdabf03c67ae12720cca0cec74547fc223ee92ff76b6d5131785fa77b5f16da180e56590c851c192eaf02817b798e4d6f41fa6bfb2735a6 DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269 WHIRLPOOL 5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb DIST nginx-1.10.1.tar.gz 909077 SHA256 1fd35846566485e03c0e318989561c135c598323ff349c503a6c14826487a801 SHA512 fa1329d40e83340380332dd5e2ed66f08dd59cc7f7582dd0e0193c493353ba550e80dc80e5165c225d70532d4197abc49cc8c760e8ab72e48f630cb57c2803e1 WHIRLPOOL 6942f70c3279a28bd8d664d085dee68bf0d0526c8dcb636f3258c9de598268efc984af72e527efd86889bd13911b38b0bdb2de1e92eef69cabd02f7080f64eb6 DIST nginx-1.11.1.tar.gz 913417 SHA256 5d8dd0197e3ffeb427729c045382182fb28db8e045c635221b2e0e6722821ad0 SHA512 01330a5200b9b5ac5788cd95b2857d2ff87bf0a073a93e3e441b89d19f12137b496e6de67145c04cc74ba88d599a7be96d622f29785e30df23fc8a657adf8b2a WHIRLPOOL e902d408f45eb9168db5a5220275896a072419660505eb45816280f1a2d2150593262d601583d2c34b521fae560fdd237e6609e85bf03a30b7721c10299a207e -DIST nginx-1.8.1.tar.gz 833473 SHA256 8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7 SHA512 546eba1749af0034cb8b924d2432be2f0e82a75c545aa929391ef7234103c3f29376235a2ef1363b120e1825cda15aeb085a05f9ce3596c88466e112e82aa882 WHIRLPOOL cd399083fb14bdb3498f1cd91a1cb59a73d37f323ce7c2a32500c9443f654cb5449137708cf149a0126aedb77abec9d1eb3dce3121f0b378d7d70e8eb18062af DIST nginx-auth-ldap-dbcef31bebb2d54b6120422d0b178bbf78bc48f7.tar.gz 16998 SHA256 35c8f29581823be0f8bdbcf237d7fa5518c45eabe0ab9a695b131d32c8f1c264 SHA512 f47a9a6c5f93daa9260825261d2069bca5fc528221f94fc8ec98462f61774a36bce0238d931f8d0690544fd0144a83f942b6673c8376fe03f7834f8da971 WHIRLPOOL 26a2f67e715d13f785932f00e642c0864b5b7059d120f7fe7458017dbe02203f4873d1cfc4f0dd262834465438ad2b00ef4b49295e18a8e246abda6f7694ac70 -DIST nginx_http_sticky_module_ng-1.2.5.tar.bz2 124072 SHA256 f975c033eb3c342f7247f6524774bbb727aaf630ed984576dbafe5de7a790c58 SHA512 d6ae723f739efb2f0548461931b1c395801684759962beda08067111426b1c9787ceaede91b0e984c023108fd17864c53c53925506f7e8e25ec8d2fc065585f6 WHIRLPOOL 1013c6a51f5989c8131392b3d9704d42c99f9727a673f6205878d0b7dfd265bb6042c1d30089603c9b38e339d48302e6873e77fe380b7e8edba25b71e9e84ba6 DIST nginx_http_sticky_module_ng-1.2.6.tar.bz2 124089 SHA256 e47b9fd435d7a5a3200f945a9745aaa7b9446495bda76df48f211129f88d6b26 SHA512 2632b04c94f523aa7c9726db182cba11d83e642c2db5798274e67fbef30de95d02e4e95cbfb98bc429d4244d630b5d9617405b43f728ae0117a5c134940c0ded WHIRLPOOL 1b754c02f834c6b4d4930e9c46b8c5accb6c9663718fb9296c92d79bc33206e66e49e4234ca4db9a5afcd42fa23273bdf0e675aa7b38927c4e46a85318c189eb -DIST ngx_devel_kit-0.2.19-r1.tar.gz 65029 SHA256 501f299abdb81b992a980bda182e5de5a4b2b3e275fbf72ee34dd7ae84c4b679 SHA512 915954acf16a27fbd3c93c154012d38e864f1d8dfd51cde401bba26e46eb3e3c778ec4c92f4f8ed83ac001e96cee72765554d0e4da06acf6a4be5184b23b3657 WHIRLPOOL 0ce6bffc0fe2cef28ee74f5862ca6d914ed18fdee18d900608ff2a9983594c707aab3e335957b79dd7e77ae1beed054d8f71965ca0f57fc5f1d41ac06106c5a4 DIST ngx_devel_kit-0.3.0-r1.tar.gz 66455 SHA256 88e05a99a8a7419066f5ae75966fb1efc409bad4522d14986da074554ae61619 SHA512 558764c9be913a4f61d0e277d07bf3c272e1ce086b3fadb85b693a7e92805cd9fca4da7a8d29c96e53fc0d23b331327d3b2561ff61f19d2330e7d5d35ac7d614 WHIRLPOOL 5f6ed4e6850d2ce7e8c65e0570a7e
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 8dd9fab6768ab82e3c23aaf3d35800bc96b8fc86 Author: Manuel Rüger gentoo org> AuthorDate: Wed May 4 13:19:41 2016 + Commit: Manuel Rüger gentoo org> CommitDate: Wed May 4 13:19:41 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8dd9fab6 www-servers/nginx: Version bump to 1.10.0, use openrc-run Gentoo-Bug: #581862 Gentoo-Bug: #581944 Package-Manager: portage-2.2.28 www-servers/nginx/Manifest | 3 + www-servers/nginx/files/nginx.initd-r3 | 89 www-servers/nginx/nginx-1.10.0.ebuild | 761 + 3 files changed, 853 insertions(+) diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index e29cd6e..0c541fc 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -1,9 +1,11 @@ DIST modsecurity-2.9.0.tar.gz 4246467 SHA256 e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434 SHA512 1af04f29bf23c51d03cdd3795c530f88b523a645aa02d776a6b23dcbc31decec7cd574919e5c7c7cf82684df2774062de5e465bddbbaf4c01a442c6d49401d3d WHIRLPOOL 1167ba6048a3ca05dcdabf03c67ae12720cca0cec74547fc223ee92ff76b6d5131785fa77b5f16da180e56590c851c192eaf02817b798e4d6f41fa6bfb2735a6 DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269 WHIRLPOOL 5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb +DIST nginx-1.10.0.tar.gz 908954 SHA256 8ed647c3dd65bc4ced03b0e0f6bf9e633eff6b01bac772bcf97077d58bc2be4d SHA512 495da729ce6de935399c2bf7fc0c2cd112197d9dba6d8604f639d5815cbb8bb3ff70e994f942785481e064cc1df97211f886297ee72519b332a7197999d9f14e WHIRLPOOL 889e723f635909d1b562663ed46b27edac83b63143c10c2c53e70dc6dccf3a378f8fef3f2f19641879dc9f812880b4f51ef0d438d80ede395ffda38987b13dd3 DIST nginx-1.8.1.tar.gz 833473 SHA256 8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7 SHA512 546eba1749af0034cb8b924d2432be2f0e82a75c545aa929391ef7234103c3f29376235a2ef1363b120e1825cda15aeb085a05f9ce3596c88466e112e82aa882 WHIRLPOOL cd399083fb14bdb3498f1cd91a1cb59a73d37f323ce7c2a32500c9443f654cb5449137708cf149a0126aedb77abec9d1eb3dce3121f0b378d7d70e8eb18062af DIST nginx-1.9.14.tar.gz 908191 SHA256 2b4893076d28e6b4384bba8c4fdebfca6de6f8f68ec48a1ca94b9b855ff457d2 SHA512 e73a10495a8b199856f4e5d6f428b46e0b1148cee26c8517e360130d9f1e85028b28f311879d31f37e1d3facccf6f215377e984ae937a44f45245fe09a3be90e WHIRLPOOL c4e1d2b8181b9c8c967de2d68314c05c28a1fe44bd35809f3672c2ff9b02d08e2f572970ab0328f85dbe9b29c6dae0c4ebb33586a8c70053e764158c055fa8d8 DIST nginx-1.9.15.tar.gz 908984 SHA256 cc89b277cc03f403c0b746d60aa5943cdecf59ae48278f8cb7e2df0cbdb6dac3 SHA512 563cec7828d1e398ded83579c3c4afcd83fd809662e64a0212e25a34ce1b599135558e9fd8cee3e07ba028ee4b308e40ce9910a5071a3d8e3b7ec9f9bdef95f0 WHIRLPOOL b87dd96b1fa34824fb6ca16da39d72cf6036f6276766ef420c3be8ceac8e8639ff74e842c1ffd5f8f2dd03d7c411197a05049c1673dc70862cee662b494da88f DIST nginx-auth-ldap-8517bb05ecc896b54429ca5e95137b0a386bd41a.tar.gz 16950 SHA256 2f0b1a65847ea1da801a99b654f132e1c814d2fa49a43a324d8fc4ce6327935f SHA512 65b0aec3a4b28625ef93d166f659d63b9ef7d971dea78b09987eaa02f632bf5b8f6c9afdb6ef444afa466dba7ff67180cad27e138e6818c2ba80bc804f140ca6 WHIRLPOOL 9ef896fa3501415e2c7022448783626af256c6c3878fcca5d6cc042a9789937147eb4c3743f92002ab8d09e4ce828532b9ae321dc284ef2560801da98153d146 +DIST nginx-auth-ldap-dbcef31bebb2d54b6120422d0b178bbf78bc48f7.tar.gz 16998 SHA256 35c8f29581823be0f8bdbcf237d7fa5518c45eabe0ab9a695b131d32c8f1c264 SHA512 f47a9a6c5f93daa9260825261d2069bca5fc528221f94fc8ec98462f61774a36bce0238d931f8d0690544fd0144a83f942b6673c8376fe03f7834f8da971 WHIRLPOOL 26a2f67e715d13f785932f00e642c0864b5b7059d120f7fe7458017dbe02203f4873d1cfc4f0dd262834465438ad2b00ef4b49295e18a8e246abda6f7694ac70 DIST nginx_http_sticky_module_ng-1.2.5.tar.bz2 124072 SHA256 f975c033eb3c342f7247f6524774bbb727aaf630ed984576dbafe5de7a790c58 SHA512 d6ae723f739efb2f0548461931b1c395801684759962beda08067111426b1c9787ceaede91b0e984c023108fd17864c53c53925506f7e8e25ec8d2fc065585f6 WHIRLPOOL 1013c6a51f5989c8131392b3d9704d42c99f9727a673f6205878d0b7dfd265bb6042c1d30089603c9b38e339d48302e6873e77fe380b7e8edba25b71e9e84ba6 DIST nginx_http_sticky_module_ng-1.2.6.tar.bz2 124089 SHA256 e47b9fd435d7a5a3200f945a9745aaa7b9446495bda76df48f211129f88d6b26 SHA512 2632b04c94f523aa7c9726db182cba11d83e642c2db5798274e67fbef30de95d02e4e95cbfb98bc429d4244d630b5d9617405b43f728ae0117a5c134940c0ded WHIRLPOOL 1b754c02f834c6b4d4930e9c46b8c5accb6c9663718fb9296c92d79bc33206e66e49e4234ca4db9a5afcd42fa23273bdf0e675aa7b38927c4e46a85318c189eb DIST ngx_devel_kit-0.2.19-r1.tar.gz 65029 SHA256 501f299abdb81b992a980bda182e5de5a4b2b3e275fbf72ee34dd7ae84c4b679 SHA512 915954acf16a27fbd3c93c154012d38e864f1d8dfd51cde401bba26e46eb3e3c778ec4c
[gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/, www-servers/nginx/files/
commit: 2499a68efa4f3b685de907ed6e1e17afb408058f Author: Johan Bergström bergstroem nu> AuthorDate: Wed Feb 3 22:08:05 2016 + Commit: Manuel Rüger gentoo org> CommitDate: Sat Feb 6 13:54:38 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2499a68e www-servers/nginx: Add auth_ldap, stream, slice modules This commit adds http_slice, stream, auth_ldap modules and support for libressl. It also updates 3rd party modules, enables http2 by default and disables gzip by default. www-servers/nginx/Manifest | 3 + www-servers/nginx/files/nginx.conf-r2| 69 +++ www-servers/nginx/nginx-1.9.10-r1.ebuild | 758 +++ 3 files changed, 830 insertions(+) diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index d1766ab..87bb5d0 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -1,6 +1,7 @@ DIST modsecurity-2.9.0.tar.gz 4246467 SHA256 e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434 SHA512 1af04f29bf23c51d03cdd3795c530f88b523a645aa02d776a6b23dcbc31decec7cd574919e5c7c7cf82684df2774062de5e465bddbbaf4c01a442c6d49401d3d WHIRLPOOL 1167ba6048a3ca05dcdabf03c67ae12720cca0cec74547fc223ee92ff76b6d5131785fa77b5f16da180e56590c851c192eaf02817b798e4d6f41fa6bfb2735a6 DIST nginx-1.8.1.tar.gz 833473 SHA256 8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7 SHA512 546eba1749af0034cb8b924d2432be2f0e82a75c545aa929391ef7234103c3f29376235a2ef1363b120e1825cda15aeb085a05f9ce3596c88466e112e82aa882 WHIRLPOOL cd399083fb14bdb3498f1cd91a1cb59a73d37f323ce7c2a32500c9443f654cb5449137708cf149a0126aedb77abec9d1eb3dce3121f0b378d7d70e8eb18062af DIST nginx-1.9.10.tar.gz 889267 SHA256 fb14d76844cab0a5a0880768be28965e74f9956790f618c454ef6098e26631d9 SHA512 60a736afe98e46abeb572c938702b09b0098164584bf8b5c1978c2b83269b6c2b99a60b7c8c9482230c26eebaeeb684f3aa7db52af4d7a3c18434542730873e0 WHIRLPOOL 8f285f6d4c4f7e312791d7dc6fc072dbb1207315fcb7facac0ce958389473641de2f2c2cd03cfd11c0df3a16abd84522bb150090b561a46752e8b6317363fbeb +DIST nginx-auth-ldap-d0f2f829f708792ee97a9241c9c6ffd33c47c7c1.tar.gz 16349 SHA256 7c1628d7e6ebb3a41ec916334014b74acc32dd09a0830752a2d03be0be3223c8 SHA512 2929f2b1170eef0ede4888beb8d5c0d0d45095fc1a3358dbe81b55bfc7468e53b981b1784a5fb9257a5888645d5fc3ae4fab950e6b4525f6dd0bb4d96076f0f6 WHIRLPOOL 626d88396af16373622532a349a2f21418191ad4073bb4b56980cbc5f219e40cee8786f5233ced2d7c5de698537d5337698ecc4a49181c960fbd0ac4a4ab14be DIST nginx_http_sticky_module_ng-1.2.5.tar.bz2 124072 SHA256 f975c033eb3c342f7247f6524774bbb727aaf630ed984576dbafe5de7a790c58 SHA512 d6ae723f739efb2f0548461931b1c395801684759962beda08067111426b1c9787ceaede91b0e984c023108fd17864c53c53925506f7e8e25ec8d2fc065585f6 WHIRLPOOL 1013c6a51f5989c8131392b3d9704d42c99f9727a673f6205878d0b7dfd265bb6042c1d30089603c9b38e339d48302e6873e77fe380b7e8edba25b71e9e84ba6 DIST nginx_http_sticky_module_ng-1.2.6.tar.bz2 124089 SHA256 e47b9fd435d7a5a3200f945a9745aaa7b9446495bda76df48f211129f88d6b26 SHA512 2632b04c94f523aa7c9726db182cba11d83e642c2db5798274e67fbef30de95d02e4e95cbfb98bc429d4244d630b5d9617405b43f728ae0117a5c134940c0ded WHIRLPOOL 1b754c02f834c6b4d4930e9c46b8c5accb6c9663718fb9296c92d79bc33206e66e49e4234ca4db9a5afcd42fa23273bdf0e675aa7b38927c4e46a85318c189eb DIST ngx_devel_kit-0.2.19-r1.tar.gz 65029 SHA256 501f299abdb81b992a980bda182e5de5a4b2b3e275fbf72ee34dd7ae84c4b679 SHA512 915954acf16a27fbd3c93c154012d38e864f1d8dfd51cde401bba26e46eb3e3c778ec4c92f4f8ed83ac001e96cee72765554d0e4da06acf6a4be5184b23b3657 WHIRLPOOL 0ce6bffc0fe2cef28ee74f5862ca6d914ed18fdee18d900608ff2a9983594c707aab3e335957b79dd7e77ae1beed054d8f71965ca0f57fc5f1d41ac06106c5a4 @@ -12,6 +13,8 @@ DIST ngx_http_echo-0.58.tar.gz 64779 SHA256 190fe3977dd1910e82059f30f9baae3da2ee DIST ngx_http_fancyindex-0.3.5.tar.gz 14837 SHA256 e0998e83be58bc5787fa9243a76a9d21de3cd01088d3cf63177ba88a562634a1 SHA512 ddb4ab3e8e47e1c49680db3e9f648f7cd582c07f963204105118e61432fa1e80c3f1bce69ed689db383011a9c155184bcc7e931eeae20bbd7cbdb5d4eb35a0a8 WHIRLPOOL a45db854d75f05a59c6f5e67c652850b5410162e7852abda20bb6720d29cc716f25ce7ea93ef52f9ff3f11d6d3a744c1fa4c7a6270fc1bd6d42f6743accb8e73 DIST ngx_http_headers_more-0.26.tar.gz 28028 SHA256 d6bdc51f9e778a3b23e41a51cae542c1467a1e5e55c1329a7ffc454be084fb6f SHA512 842927de67d28f3cff596607f209d1004b6d49f1d45b861758405ed6fe6f7aab76ad63530ccdfff1c1947db1190dd65dee0a29f50026bfa7a39a9a051561cf88 WHIRLPOOL 0dc37c36717be40a07112388d913d20bc99d76f90604da618d5547f24d93c636c14c2cca18191ff5916b40ec0113da648cfc07e1c00b1853f2b15ce056d5f3d7 DIST ngx_http_headers_more-0.28.tar.gz 26948 SHA256 67e5ca6cd9472938333c4530ab8c8b8bc9fe910a8cb237e5e5f1853e14725580 SHA512 ed39930ddb416ab3510c3649f296e55474584bf1e9c9855c2330c0ec04d208865d242f54c55dbac79a4871803197fd930c20396a3b70f0f5fb009318d3c12254 WHIRLPOOL 7c0455c6ac15a033e62126ff8bb246d3d0315a2b18c095bdb0867669daa2387a5dfa4fdfbf038b8392ac4ee42c671a49ac742bd28352b2f5fbcf6fee4