Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Thomas Deutschmann <whissi@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/files/, www-servers/nginx/
Date: Fri, 14 Apr 2017 10:51:50
Message-Id: 1492167096.85f4b8342e104aab605abf551c2b71ac87e0170e.whissi@gentoo
1 commit: 85f4b8342e104aab605abf551c2b71ac87e0170e
2 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3 AuthorDate: Fri Apr 14 10:37:27 2017 +0000
4 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5 CommitDate: Fri Apr 14 10:51:36 2017 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=85f4b834
7
8 www-servers/nginx: Rev bump mainline slot to update lua module nginx-1.11.11+ patch
9
10 Ebuild changes:
11 ===============
12 - HTTP LUA module bumped to v0.10.8
13 Warning: While the module builds against nginx-1.11.11+ the author warns
14 that >=nginx-1.11.11 is still not an officially supported target
15 for that module. You are on your own!
16
17 - RTMP module bumped to v1.1.11
18
19 - HTTP memc module bumped to v0.18
20
21 Package-Manager: Portage-2.3.5, Repoman-2.3.2
22
23 www-servers/nginx/Manifest | 3 +-
24 .../nginx/files/http_lua_nginx-1.11.11+-r1.patch | 214 +++++
25 .../nginx/files/http_lua_nginx-1.11.11+.patch | 46 -
26 ...x-1.11.12-r1.ebuild => nginx-1.11.13-r1.ebuild} | 22 +-
27 www-servers/nginx/nginx-1.11.13.ebuild | 1011 --------------------
28 5 files changed, 229 insertions(+), 1067 deletions(-)
29
30 diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
31 index e121a44fcc7..06b177149bf 100644
32 --- a/www-servers/nginx/Manifest
33 +++ b/www-servers/nginx/Manifest
34 @@ -1,7 +1,6 @@
35 DIST modsecurity-2.9.1.tar.gz 4261212 SHA256 958cc5a7a7430f93fac0fd6f8b9aa92fc1801efce0cda797d6029d44080a9b24 SHA512 374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269 WHIRLPOOL 5f41bebf032f8a269412d104b7632a06af4d4c495658c9cd1ebf69b82c10ce1bbcb34b9dd159a7b00e57348714a5e93ad3db19701dda51479accd3a9dc79a9cb
36 DIST nginx-1.10.3.tar.gz 911509 SHA256 75020f1364cac459cb733c4e1caed2d00376e40ea05588fb8793076a4c69dd90 SHA512 25cddbe5c419700aeca41bff3be5b7c3accfb38ad846ec8d91d81ab7c15f10db719f02d9263edf1fa12f59805ff7001b62864dc2885370b24afeea1d7d2afbbf WHIRLPOOL 1ebf540d49d28a853a9221a558b53d28e2e7dfddf345e433baa4c2b819f6e1fe34528b4680387147c73271d3837529a4452e53b863dff5d29772c2b0a75e0ba6
37 DIST nginx-1.11.10.tar.gz 967773 SHA256 778b3cabb07633f754cd9dee32fc8e22582bce22bfa407be76a806abd935533d SHA512 b6437d8305547a834a0f3ad076ac591b90189eb922f48759094efaa9618e39fc249600ab13650113fe841fc9af0b736acc61a9b9baba7bacd35224c34df1bbc9 WHIRLPOOL f9535d4fabad7603cc384dda13aca51be77c7901d099190f9d5a187e517128a56a28cb851408b93091f8d99ce118678857ec08fba16bec4c2e2ed2d75ab543bd
38 -DIST nginx-1.11.12.tar.gz 979963 SHA256 2aff7f9396d1f77256efc363e1cc05ba52d40a29e6de4d9bc08aa444eea14122 SHA512 fc40551b83c98cf81a3a7728c8b143a4d8b98251e8caccf5391397639aacb631ff57427c8207a3f9c86f0a5cb212edaf3ed0d9d92ab085d3387097b99326ff69 WHIRLPOOL 8da4c8a7578abad39f073b4f034bf328e896b51f62d25ad8280c67334e190c1277d988803e9ce169b7e3e1170bbd49dee8f1e2b1cb0f39460e77da568ab75bf0
39 DIST nginx-1.11.13.tar.gz 980784 SHA256 360b601ef8ed2998c80fa56a27bf3cd745c3ce18c5fb10892e6595467b1415d3 SHA512 6546a1d96e5234c9512217559c22bc4be0e5f793d6082a9a3acaa1724c91c656b36a976cb452195b256915dc0d21fd433f539cd6c06d73c8dbb0233220d54fa8 WHIRLPOOL 53b3e0b8767ea93d4a3daaf5cfcd489dd83d9f60f53f985c677dfb328b7e6aee13114290bed22b268bca12d2e63fbb142b2357ef7dd8166e8da9eac4c931289a
40 DIST nginx-auth-ldap-49a8b4d28fc4a518563c82e0b52821e5f37db1fc.tar.gz 17159 SHA256 3c11c32f05da04f1a4647dc4e35dd8d8aeacd5a2e763ba349feba3dba8663132 SHA512 323abd0ca8e90f5afcaf81a8ff1a8abe3dfcbff3d69f0dd4a1c005fe6436acbf3076c4c57a4df877b3d8e388cbea085d46301bb2df9c0752e2567817ff7cca92 WHIRLPOOL ad65e8182b2634db5fa06055ef7d91c7d8aabd0fa986d8402a4845977354d6edb329621b6f9f96c90ce2d158cff20e42ae50fba06a088a84de3e3f414205dbc2
41 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 SHA256 6f9102321d8c68df6d67e9bde145a8de3f45f99f6cb47c08735a86f003234d31 SHA512 6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529 WHIRLPOOL 38abe56e177e22dad68ac7d6570425ecd763d2e891627a75156a6f39bd7edc54f664c3d2f638e1ea57c743dadc6a8c9889be087abbdb4c98b5641c299f7fbc07
42 @@ -13,6 +12,7 @@ DIST ngx_http_echo-0.60.tar.gz 52771 SHA256 1077da2229ac7d0a0215e9e6817e297c1069
43 DIST ngx_http_fancyindex-0.4.1.tar.gz 21130 SHA256 2b00d8e0ad2a67152a9cee7b7ee67990c742d501412df912baaf1eee9bb6dc71 SHA512 ce0043ad4a2b638c5d99244d6caaa65ad142cea78884084a9aeca5a9593c68dbe508c9e4dd85dc5722eb63ef386612bffc48d4b6fc1487df244fbcb7a73bffe1 WHIRLPOOL 4a885afbadf64bbd25df6580a099472ae48836d9dddfe1dee6ac6a6f97bfb0cf7120ff10dd69fceca7085fab590bec3a4b4b5be5644f2352375316885ddc3cac
44 DIST ngx_http_headers_more-0.32.tar.gz 28033 SHA256 c6d9dab8ea1fc997031007e2e8f47cced01417e203cd88d53a9fe9f6ae138720 SHA512 e42582b45c3111de3940bbeb67ce161aca2d55adcfb00c61c12256fa0e36221d38723013f36edbcf6d1b520f8dfb49d4657df8a956e66d36e68425afad382bd1 WHIRLPOOL 2b95ea8e2933e83082b9dfd7aaa8f57dd38b0ec12fb452a4aa38a215ca76b6572fe35b79c8afe8cf3097bf89ced0e81c33e07ee6913c99966b87b8e610df3121
45 DIST ngx_http_lua-0.10.7.tar.gz 605171 SHA256 c21c8937dcdd6fc2b6a955f929e3f4d1388610f47180e60126e6dcab06786f77 SHA512 d060a13de4d01d77e6d6cd1635ecbb405330e4326b71b89341c1c128ee4182978a51d53355bc07c350e3c3a7df15325e3df380d9c3a98b2ff7d7efa18fa09b32 WHIRLPOOL 7b64f75aae2ab74f51b3b2d07a59262a2c8ab2b863698b93b1184c003049641b45eded8fa5cc6301887c80d5fc34e9f22365da7765b3d5594ad838dacfceddd7
46 +DIST ngx_http_lua-0.10.8.tar.gz 606643 SHA256 d67449c71051b3cc2d6dd60df0ae0d21fca08aa19c9b30c5b95ee21ff38ef8dd SHA512 ad621cec178eb37109f16ebc30dbab7b1ea344ac4b523ff1e6ad62364b8cf437488a89c593ca44b446b729a1c578e3a97685851847b4b16a147ac9eca8f23a2a WHIRLPOOL 07ba9d1c35c5f8cf627a485ee19b4a5bd0969efc70283f4617af542c5152879aba2b6f5e0a8fd1a6d1a69c2438a499f56156de6f3345a0f2f6527686e682baba
47 DIST ngx_http_naxsi-0.55.1.tar.gz 185997 SHA256 45dd0df7a6b0b6aa9c64eb8c39a8e294d659d87fb18e192cf58f1402f3cdb0a8 SHA512 aebda20e5b78e9111b7bac1e15829258e6b85b80e4ce333e4dba8caead36287b3f0fcb453c51d7c59f07d637fa62f5c6b23aecd3bf6a3c3da4abebf1a6689f14 WHIRLPOOL 36830d10a35b724b7ea15e3884e96e2e4dd84f2b81fc1c7122d3e2e83a1942227321b1a7141d829423788bc52a3e199a95ca2637369e17f84ea16eb0cb2e5e37
48 DIST ngx_http_naxsi-0.55.3.tar.gz 187416 SHA256 0b3c95d250772dc89ad8b49e47c1e024c5ae2c76c0cffa445e9fe05c4dd13495 SHA512 9e8f41a5cd1342cc9b8aa334a603842d14a256aab1f4a21205bb1278aecbb0c49e39c889d8113a5b41aad2efeaa2ed9f11cba6929173f50add91f54c4c59c8a0 WHIRLPOOL 0a1bbe06730730944a882d86ffa378c4a3c759366208913603ffd18fcd7b18e65b6b1a89e9a07dc82e360dfe7ef4a6430391f6e52de35023d33ca19e80a3b693
49 DIST ngx_http_push_stream-0.5.2.tar.gz 182008 SHA256 1d07f38acdb8194bd49344b0ba21de101070de9b8731d27a8d22e928850bc199 SHA512 ee8bf9ece652da6aa5a39879298bba70d1842696545259f3f5e302cc61397b35f016364805805f9ab1914fc39ed2f07c015e042155789073e3d1fdc02a0783de WHIRLPOOL d309cecbb1bb5b6c4f64712d44889e3ecca59140d845a31a3f605dc3cc2aa01622b0deadb8f6852baea3c211bebbe6ed7d7868399447ac1249c1b1b740fa3c27
50 @@ -20,6 +20,7 @@ DIST ngx_http_slowfs_cache-1.10.tar.gz 11809 SHA256 1e81453942e5b0877de1f1f06c56
51 DIST ngx_http_upload_progress-0.9.2-r1.tar.gz 17268 SHA256 b286689355442657650421d8e8398bd4abf9dbbaade65947bb0cb74a349cc497 SHA512 c31c46344d49704389722325a041b9cd170fa290acefe92cfc572c07f711cd3039de78f28df48ca7dcb79b2e4bbe442580aaaf4d92883fd3a14bf41d66dd9d8c WHIRLPOOL e847603f1445c7e1471a5570e2774a448be880eb71eeb21e27361586bcee9aae31cb0a8a80cd5abfc8d14e2c356fabfa7293e6a4d5f6782d41521a7bdc124066
52 DIST ngx_http_upstream_check-0.3.0-10-gf3bdb7b.tar.gz 129060 SHA256 9e0835e8c1550033e74c7eaeebf94d41ab1617cff152dd076da976e0eba30bfc SHA512 5b2ae6d305d24d0c64dc118fd3b0c23f5bf0e9a282e70e8d2c4eb946ed510263b5e845f64ca352784e34708cf9d98804cacf64b6c9efd712a395076dd0ba7c29 WHIRLPOOL 8dab8aa1bf3f7c9adbf2952148d76cc627682876b5e64dc789582b573a4b6fa73910043325fc664784b68966bcb1e8ba9ae6bfa457133bde0d52e39b7d3c09e0
53 DIST ngx_memc_module-0.17.tar.gz 36369 SHA256 25cbe3ff4931283a681260607bc91ae4a922075345d5770b293c6cd7f1e3bdcc SHA512 e6fdecb4bb629f0882868b78f4b3a2549fce4471efcc4f2c6fdc414435799be6ce41cf056a3170952f8a1f401ee1ca372c97f2d7f79fba79239599755ade8949 WHIRLPOOL 766d84e7a2dfb2a6f069fd846e19d635f4dbd36f78014e97bbd159312d0b38d671b4db989584ca2b5b449046483b5b90d09edbe1c4531b266d8592ad7bad3c3a
54 +DIST ngx_memc_module-0.18.tar.gz 37113 SHA256 4e280d1dcb8b312bc7875604c1e35b17879279126d3d5fbf482aa9cc7c11276d SHA512 8087bd361fb4e522493e66f93d59c9b13245d6eef0fe4a53f619d1826feb02af60769c0a04f87f2faf5308a44b794ef146a445bdbe7cbc7f21c0edaaba08c706 WHIRLPOOL 9570bf7fb4e925d1794f3af0914efca036fe65696e7e380969133b89878e5f46f71cd5ffb7b5ea94085aced26d289abca77d7ef805f03ff614bc12a47d7aab3f
55 DIST ngx_metrics-0.1.1.tar.gz 2964 SHA256 1c62ebb31e3caafad91720962770b0e7a4287f195520cf12471c262ac19b154e SHA512 d36a8fb0104c83b6b564e03b351aa750cab08650264c74d6f786af357bfb7006b531a93270dd961896ea8dafe27e5db8548ede714c5f52c4742876bc73af4b5e WHIRLPOOL 2796f5a97e76dfcc91133240e8e90ba493f0356f781a173d8cacdd09eba64b75ef531db398c0566fda395124700de8c991b771433e376ca0d5898c2ea6f82868
56 DIST ngx_mogilefs_module-1.0.4.tar.gz 11208 SHA256 7ac230d30907f013dff8d435a118619ea6168aa3714dba62c6962d350c6295ae SHA512 b8cb7eaf6274f4e2247dbcb39db05072d2b2d4361256a325fafab5533d7ce0c4ae9e2905b954dfcfa4789c9cab5cccf2ac1c3a1f02f6a327ed95b562d7773ed1 WHIRLPOOL 64c9b11ad938e6dbe5ba31298f1cd46f6e6bb4ba039c96b1e43bd85919d1606326f74b677f789ecabe0b0f4e0f08ac5aaf8148bf820de65aaa1e9966a28b9f61
57 DIST ngx_rtmp-1.1.10.tar.gz 519877 SHA256 f9491dd24390b0d5d70dfe3553edf3d14efeb7c7a81b4d4a20c5cfeaefc1141c SHA512 bcc0aee3308af7c61bf01a5530fcf1dae938e6778306f6e3eb5995e6d0529f43d33b7ee2acb813d5a39acc92e4853d207a01e8e41b766a6e0dd07aade60cd98f WHIRLPOOL 655f4dcb02f928698ae14d29e5b7f60ad3fd71c757d67f1930c695a3501054d124a92f7ada7d4e605204f1e73e0779cad0b60102bc98d64764535581db0b1867
58
59 diff --git a/www-servers/nginx/files/http_lua_nginx-1.11.11+-r1.patch b/www-servers/nginx/files/http_lua_nginx-1.11.11+-r1.patch
60 new file mode 100644
61 index 00000000000..2a61c03b200
62 --- /dev/null
63 +++ b/www-servers/nginx/files/http_lua_nginx-1.11.11+-r1.patch
64 @@ -0,0 +1,214 @@
65 +From 0459a285ca0159d45e73da8bd1164edb5c57cde3 Mon Sep 17 00:00:00 2001
66 +From: Andrei Belov <defanator@×××××.com>
67 +Date: Wed, 22 Mar 2017 07:50:57 +0300
68 +Subject: [PATCH] feature: nginx 1.11.11+ can now build with this module.
69 +
70 +Note: nginx 1.11.11+ are still not an officially supported target yet.
71 +More work needed.
72 +
73 +Closes openresty/lua-nginx-module#1016
74 +
75 +See also:
76 +http://hg.nginx.org/nginx/rev/e662cbf1b932
77 +---
78 + src/ngx_http_lua_common.h | 6 ++++
79 + src/ngx_http_lua_headers.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++
80 + src/ngx_http_lua_headers.h | 3 ++
81 + src/ngx_http_lua_module.c | 13 ++++++++-
82 + 4 files changed, 89 insertions(+), 1 deletion(-)
83 +
84 +diff --git a/src/ngx_http_lua_common.h b/src/ngx_http_lua_common.h
85 +index 079a4dc..f37d776 100644
86 +--- a/src/ngx_http_lua_common.h
87 ++++ b/src/ngx_http_lua_common.h
88 +@@ -199,6 +199,12 @@ struct ngx_http_lua_main_conf_s {
89 + of reqeusts */
90 + ngx_uint_t malloc_trim_req_count;
91 +
92 ++#if nginx_version >= 1011011
93 ++ /* the following 2 fields are only used by ngx.req.raw_headers() for now */
94 ++ ngx_buf_t **busy_buf_ptrs;
95 ++ ngx_int_t busy_buf_ptr_count;
96 ++#endif
97 ++
98 + unsigned requires_header_filter:1;
99 + unsigned requires_body_filter:1;
100 + unsigned requires_capture_filter:1;
101 +diff --git a/src/ngx_http_lua_headers.c b/src/ngx_http_lua_headers.c
102 +index 2392598..6700ce8 100644
103 +--- a/src/ngx_http_lua_headers.c
104 ++++ b/src/ngx_http_lua_headers.c
105 +@@ -26,6 +26,9 @@ static int ngx_http_lua_ngx_req_get_headers(lua_State *L);
106 + static int ngx_http_lua_ngx_req_header_clear(lua_State *L);
107 + static int ngx_http_lua_ngx_req_header_set(lua_State *L);
108 + static int ngx_http_lua_ngx_resp_get_headers(lua_State *L);
109 ++#if nginx_version >= 1011011
110 ++void ngx_http_lua_ngx_raw_header_cleanup(void *data);
111 ++#endif
112 +
113 +
114 + static int
115 +@@ -77,6 +80,11 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
116 + size_t size;
117 + ngx_buf_t *b, *first = NULL;
118 + ngx_int_t i, j;
119 ++#if nginx_version >= 1011011
120 ++ ngx_buf_t **bb;
121 ++ ngx_chain_t *cl;
122 ++ ngx_http_lua_main_conf_t *lmcf;
123 ++#endif
124 + ngx_connection_t *c;
125 + ngx_http_request_t *r, *mr;
126 + ngx_http_connection_t *hc;
127 +@@ -93,6 +101,10 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
128 + return luaL_error(L, "no request object found");
129 + }
130 +
131 ++#if nginx_version >= 1011011
132 ++ lmcf = ngx_http_get_module_main_conf(r, ngx_http_lua_module);
133 ++#endif
134 ++
135 + ngx_http_lua_check_fake_request(L, r);
136 +
137 + mr = r->main;
138 +@@ -109,8 +121,13 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
139 + dd("hc->nbusy: %d", (int) hc->nbusy);
140 +
141 + if (hc->nbusy) {
142 ++#if nginx_version >= 1011011
143 ++ dd("hc->busy: %p %p %p %p", hc->busy->buf->start, hc->busy->buf->pos,
144 ++ hc->busy->buf->last, hc->busy->buf->end);
145 ++#else
146 + dd("hc->busy: %p %p %p %p", hc->busy[0]->start, hc->busy[0]->pos,
147 + hc->busy[0]->last, hc->busy[0]->end);
148 ++#endif
149 + }
150 +
151 + dd("request line: %p %p", mr->request_line.data,
152 +@@ -146,9 +163,37 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
153 + dd("size: %d", (int) size);
154 +
155 + if (hc->nbusy) {
156 ++#if nginx_version >= 1011011
157 ++ if (hc->nbusy > lmcf->busy_buf_ptr_count) {
158 ++ if (lmcf->busy_buf_ptrs) {
159 ++ ngx_free(lmcf->busy_buf_ptrs);
160 ++ }
161 ++
162 ++ lmcf->busy_buf_ptrs = ngx_alloc(hc->nbusy * sizeof(ngx_buf_t *),
163 ++ r->connection->log);
164 ++
165 ++ if (lmcf->busy_buf_ptrs == NULL) {
166 ++ return luaL_error(L, "no memory");
167 ++ }
168 ++
169 ++ lmcf->busy_buf_ptr_count = hc->nbusy;
170 ++ }
171 ++
172 ++ bb = lmcf->busy_buf_ptrs;
173 ++ for (cl = hc->busy; cl; cl = cl->next) {
174 ++ *bb++ = cl->buf;
175 ++ }
176 ++#endif
177 + b = NULL;
178 ++
179 ++#if nginx_version >= 1011011
180 ++ bb = lmcf->busy_buf_ptrs;
181 ++ for (i = hc->nbusy; i > 0; i--) {
182 ++ b = bb[i - 1];
183 ++#else
184 + for (i = 0; i < hc->nbusy; i++) {
185 + b = hc->busy[i];
186 ++#endif
187 +
188 + dd("busy buf: %d: [%.*s]", (int) i, (int) (b->pos - b->start),
189 + b->start);
190 +@@ -223,8 +268,15 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
191 + }
192 +
193 + if (hc->nbusy) {
194 ++
195 ++#if nginx_version >= 1011011
196 ++ bb = lmcf->busy_buf_ptrs;
197 ++ for (i = hc->nbusy - 1; i >= 0; i--) {
198 ++ b = bb[i];
199 ++#else
200 + for (i = 0; i < hc->nbusy; i++) {
201 + b = hc->busy[i];
202 ++#endif
203 +
204 + if (!found) {
205 + if (b != first) {
206 +@@ -1431,4 +1483,20 @@ ngx_http_lua_ffi_get_resp_header(ngx_http_request_t *r,
207 + #endif /* NGX_LUA_NO_FFI_API */
208 +
209 +
210 ++#if nginx_version >= 1011011
211 ++void
212 ++ngx_http_lua_ngx_raw_header_cleanup(void *data)
213 ++{
214 ++ ngx_http_lua_main_conf_t *lmcf;
215 ++
216 ++ lmcf = (ngx_http_lua_main_conf_t *) data;
217 ++
218 ++ if (lmcf->busy_buf_ptrs) {
219 ++ ngx_free(lmcf->busy_buf_ptrs);
220 ++ lmcf->busy_buf_ptrs = NULL;
221 ++ }
222 ++}
223 ++#endif
224 ++
225 ++
226 + /* vi:set ft=c ts=4 sw=4 et fdm=marker: */
227 +diff --git a/src/ngx_http_lua_headers.h b/src/ngx_http_lua_headers.h
228 +index 39f1114..ee4d21c 100644
229 +--- a/src/ngx_http_lua_headers.h
230 ++++ b/src/ngx_http_lua_headers.h
231 +@@ -15,6 +15,9 @@
232 + void ngx_http_lua_inject_resp_header_api(lua_State *L);
233 + void ngx_http_lua_inject_req_header_api(lua_State *L);
234 + void ngx_http_lua_create_headers_metatable(ngx_log_t *log, lua_State *L);
235 ++#if nginx_version >= 1011011
236 ++void ngx_http_lua_ngx_raw_header_cleanup(void *data);
237 ++#endif
238 +
239 +
240 + #endif /* _NGX_HTTP_LUA_HEADERS_H_INCLUDED_ */
241 +diff --git a/src/ngx_http_lua_module.c b/src/ngx_http_lua_module.c
242 +index 3dc2817..875f933 100644
243 +--- a/src/ngx_http_lua_module.c
244 ++++ b/src/ngx_http_lua_module.c
245 +@@ -28,6 +28,7 @@
246 + #include "ngx_http_lua_ssl_certby.h"
247 + #include "ngx_http_lua_ssl_session_storeby.h"
248 + #include "ngx_http_lua_ssl_session_fetchby.h"
249 ++#include "ngx_http_lua_headers.h"
250 +
251 +
252 + static void *ngx_http_lua_create_main_conf(ngx_conf_t *cf);
253 +@@ -624,7 +625,7 @@ ngx_http_lua_init(ngx_conf_t *cf)
254 + volatile ngx_cycle_t *saved_cycle;
255 + ngx_http_core_main_conf_t *cmcf;
256 + ngx_http_lua_main_conf_t *lmcf;
257 +-#ifndef NGX_LUA_NO_FFI_API
258 ++#if !defined(NGX_LUA_NO_FFI_API) || nginx_version >= 1011011
259 + ngx_pool_cleanup_t *cln;
260 + #endif
261 +
262 +@@ -716,6 +717,16 @@ ngx_http_lua_init(ngx_conf_t *cf)
263 + cln->handler = ngx_http_lua_sema_mm_cleanup;
264 + #endif
265 +
266 ++#if nginx_version >= 1011011
267 ++ cln = ngx_pool_cleanup_add(cf->pool, 0);
268 ++ if (cln == NULL) {
269 ++ return NGX_ERROR;
270 ++ }
271 ++
272 ++ cln->data = lmcf;
273 ++ cln->handler = ngx_http_lua_ngx_raw_header_cleanup;
274 ++#endif
275 ++
276 + if (lmcf->lua == NULL) {
277 + dd("initializing lua vm");
278 +
279
280 diff --git a/www-servers/nginx/files/http_lua_nginx-1.11.11+.patch b/www-servers/nginx/files/http_lua_nginx-1.11.11+.patch
281 deleted file mode 100644
282 index 2c9cc8ea382..00000000000
283 --- a/www-servers/nginx/files/http_lua_nginx-1.11.11+.patch
284 +++ /dev/null
285 @@ -1,46 +0,0 @@
286 -Upstream: https://github.com/openresty/lua-nginx-module/pull/1017
287 -
288 ---- a/src/ngx_http_lua_headers.c
289 -+++ b/src/ngx_http_lua_headers.c
290 -@@ -77,6 +77,9 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
291 - size_t size;
292 - ngx_buf_t *b, *first = NULL;
293 - ngx_int_t i, j;
294 -+#if defined(nginx_version) && nginx_version >= 1011011
295 -+ ngx_chain_t *cl;
296 -+#endif
297 - ngx_connection_t *c;
298 - ngx_http_request_t *r, *mr;
299 - ngx_http_connection_t *hc;
300 -@@ -147,8 +150,15 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
301 -
302 - if (hc->nbusy) {
303 - b = NULL;
304 -+
305 -+#if defined(nginx_version) && nginx_version >= 1011011
306 -+ for (cl = hc->busy; cl; /* void */) {
307 -+ b = cl->buf;
308 -+ cl = cl->next;
309 -+#else
310 - for (i = 0; i < hc->nbusy; i++) {
311 - b = hc->busy[i];
312 -+#endif
313 -
314 - dd("busy buf: %d: [%.*s]", (int) i, (int) (b->pos - b->start),
315 - b->start);
316 -@@ -223,8 +233,15 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
317 - }
318 -
319 - if (hc->nbusy) {
320 -+
321 -+#if defined(nginx_version) && nginx_version >= 1011011
322 -+ for (cl = hc->busy; cl; /* void */) {
323 -+ b = cl->buf;
324 -+ cl = cl->next;
325 -+#else
326 - for (i = 0; i < hc->nbusy; i++) {
327 - b = hc->busy[i];
328 -+#endif
329 -
330 - if (!found) {
331 - if (b != first) {
332
333 diff --git a/www-servers/nginx/nginx-1.11.12-r1.ebuild b/www-servers/nginx/nginx-1.11.13-r1.ebuild
334 similarity index 98%
335 rename from www-servers/nginx/nginx-1.11.12-r1.ebuild
336 rename to www-servers/nginx/nginx-1.11.13-r1.ebuild
337 index 7870abf9766..cb4c774f1aa 100644
338 --- a/www-servers/nginx/nginx-1.11.12-r1.ebuild
339 +++ b/www-servers/nginx/nginx-1.11.13-r1.ebuild
340 @@ -53,7 +53,7 @@ HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v
341 HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
342
343 # http_lua (https://github.com/openresty/lua-nginx-module, BSD license)
344 -HTTP_LUA_MODULE_PV="0.10.7"
345 +HTTP_LUA_MODULE_PV="0.10.8"
346 HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}"
347 HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz"
348 HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}"
349 @@ -126,7 +126,7 @@ HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/ar
350 HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}"
351
352 # memc-module (https://github.com/openresty/memc-nginx-module, BSD-2)
353 -HTTP_MEMC_MODULE_PV="0.17"
354 +HTTP_MEMC_MODULE_PV="0.18"
355 HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}"
356 HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz"
357 HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}"
358 @@ -350,7 +350,7 @@ src_prepare() {
359
360 if use nginx_modules_http_lua; then
361 cd "${HTTP_LUA_MODULE_WD}" || die
362 - eapply -p1 "${FILESDIR}"/http_lua_nginx-1.11.11+.patch
363 + eapply -p1 "${FILESDIR}"/http_lua_nginx-1.11.11+-r1.patch
364 cd "${S}" || die
365 sed -i -e 's/-llua5.1/-llua/' "${HTTP_LUA_MODULE_WD}/config" || die
366 fi
367 @@ -378,12 +378,6 @@ src_prepare() {
368 cd "${S}" || die
369 fi
370
371 - if use nginx_modules_http_memc; then
372 - cd "${HTTP_MEMC_MODULE_WD}" || die
373 - eapply "${FILESDIR}"/http_memc-0.17-issue_26.patch
374 - cd "${S}" || die
375 - fi
376 -
377 find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die
378 # We have config protection, don't rename etc files
379 sed -i 's:.default::' auto/install || die
380 @@ -779,11 +773,21 @@ pkg_postinst() {
381 fi
382
383 if use nginx_modules_http_spdy; then
384 + ewarn ""
385 ewarn "In nginx 1.9.5 the spdy module was superseded by http2."
386 ewarn "Update your configs and package.use accordingly."
387 fi
388
389 + if use nginx_modules_http_lua; then
390 + ewarn ""
391 + ewarn "While you can build lua 3rd party module against ${P}"
392 + ewarn "the author warns that >=${PN}-1.11.11 is still not an"
393 + ewarn "officially supported target yet. You are on your own."
394 + ewarn "Expect runtime failures, memory leaks and other problems!"
395 + fi
396 +
397 if use nginx_modules_http_lua && use http2; then
398 + ewarn ""
399 ewarn "Lua 3rd party module author warns against using ${P} with"
400 ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see http://git.io/OldLsg"
401 fi
402
403 diff --git a/www-servers/nginx/nginx-1.11.13.ebuild b/www-servers/nginx/nginx-1.11.13.ebuild
404 deleted file mode 100644
405 index 7870abf9766..00000000000
406 --- a/www-servers/nginx/nginx-1.11.13.ebuild
407 +++ /dev/null
408 @@ -1,1011 +0,0 @@
409 -# Copyright 1999-2017 Gentoo Foundation
410 -# Distributed under the terms of the GNU General Public License v2
411 -
412 -EAPI="6"
413 -
414 -# Maintainer notes:
415 -# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite
416 -# - any http-module activates the main http-functionality and overrides USE=-http
417 -# - keep the following requirements in mind before adding external modules:
418 -# * alive upstream
419 -# * sane packaging
420 -# * builds cleanly
421 -# * does not need a patch for nginx core
422 -# - TODO: test the google-perftools module (included in vanilla tarball)
423 -
424 -# prevent perl-module from adding automagic perl DEPENDs
425 -GENTOO_DEPEND_ON_PERL="no"
426 -
427 -# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license)
428 -DEVEL_KIT_MODULE_PV="0.3.0"
429 -DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1"
430 -DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz"
431 -DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}"
432 -
433 -# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license)
434 -HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2"
435 -HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1"
436 -HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz"
437 -HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}"
438 -
439 -# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license)
440 -HTTP_HEADERS_MORE_MODULE_PV="0.32"
441 -HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}"
442 -HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz"
443 -HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}"
444 -
445 -# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license)
446 -HTTP_CACHE_PURGE_MODULE_PV="2.3"
447 -HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
448 -HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz"
449 -HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
450 -
451 -# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license)
452 -HTTP_SLOWFS_CACHE_MODULE_PV="1.10"
453 -HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
454 -HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz"
455 -HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
456 -
457 -# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license)
458 -HTTP_FANCYINDEX_MODULE_PV="0.4.1"
459 -HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
460 -HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz"
461 -HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
462 -
463 -# http_lua (https://github.com/openresty/lua-nginx-module, BSD license)
464 -HTTP_LUA_MODULE_PV="0.10.7"
465 -HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}"
466 -HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz"
467 -HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}"
468 -
469 -# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license)
470 -HTTP_AUTH_PAM_MODULE_PV="1.5.1"
471 -HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}"
472 -HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz"
473 -HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}"
474 -
475 -# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license)
476 -HTTP_UPSTREAM_CHECK_MODULE_PV="0.3.0-10-gf3bdb7b"
477 -HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}"
478 -HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/v${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz"
479 -HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-f3bdb7b85a194e2ad58e3c306c1d021ee76da2f5"
480 -
481 -# http_metrics (https://github.com/zenops/ngx_metrics, BSD license)
482 -HTTP_METRICS_MODULE_PV="0.1.1"
483 -HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}"
484 -HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz"
485 -HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}"
486 -
487 -# naxsi-core (https://github.com/nbs-system/naxsi, GPLv2+)
488 -HTTP_NAXSI_MODULE_PV="0.55.3"
489 -HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}"
490 -HTTP_NAXSI_MODULE_URI="https://github.com/nbs-system/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz"
491 -HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src"
492 -
493 -# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license)
494 -RTMP_MODULE_PV="1.1.11"
495 -RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}"
496 -RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz"
497 -RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}"
498 -
499 -# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license)
500 -HTTP_DAV_EXT_MODULE_PV="0.0.3"
501 -HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}"
502 -HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz"
503 -HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}"
504 -
505 -# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license)
506 -HTTP_ECHO_MODULE_PV="0.60"
507 -HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}"
508 -HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz"
509 -HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}"
510 -
511 -# mod_security for nginx (https://modsecurity.org/, Apache-2.0)
512 -# keep the MODULE_P here consistent with upstream to avoid tarball duplication
513 -HTTP_SECURITY_MODULE_PV="2.9.1"
514 -HTTP_SECURITY_MODULE_P="modsecurity-${HTTP_SECURITY_MODULE_PV}"
515 -HTTP_SECURITY_MODULE_URI="https://www.modsecurity.org/tarball/${HTTP_SECURITY_MODULE_PV}/${HTTP_SECURITY_MODULE_P}.tar.gz"
516 -HTTP_SECURITY_MODULE_WD="${WORKDIR}/${HTTP_SECURITY_MODULE_P}"
517 -
518 -# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3)
519 -HTTP_PUSH_STREAM_MODULE_PV="0.5.2"
520 -HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}"
521 -HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz"
522 -HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}"
523 -
524 -# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2)
525 -HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42"
526 -HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}"
527 -HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2"
528 -HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42"
529 -
530 -# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2)
531 -HTTP_MOGILEFS_MODULE_PV="1.0.4"
532 -HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}"
533 -HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz"
534 -HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}"
535 -
536 -# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2)
537 -HTTP_MEMC_MODULE_PV="0.17"
538 -HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}"
539 -HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz"
540 -HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}"
541 -
542 -# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2)
543 -HTTP_LDAP_MODULE_PV="49a8b4d28fc4a518563c82e0b52821e5f37db1fc"
544 -HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
545 -HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz"
546 -HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
547 -
548 -# We handle deps below ourselves
549 -SSL_DEPS_SKIP=1
550 -AUTOTOOLS_AUTO_DEPEND="no"
551 -
552 -inherit autotools ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator multilib
553 -
554 -DESCRIPTION="Robust, small and high performance http and reverse proxy server"
555 -HOMEPAGE="https://nginx.org"
556 -SRC_URI="https://nginx.org/download/${P}.tar.gz
557 - ${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz
558 - nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz )
559 - nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz )
560 - nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz )
561 - nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz )
562 - nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz )
563 - nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz )
564 - nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz )
565 - nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz )
566 - nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz )
567 - nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz )
568 - rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )
569 - nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz )
570 - nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz )
571 - nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz )
572 - nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz )
573 - nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 )
574 - nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz )
575 - nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz )
576 - nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz )"
577 -
578 -LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+
579 - nginx_modules_http_security? ( Apache-2.0 )
580 - nginx_modules_http_push_stream? ( GPL-3 )"
581 -
582 -SLOT="mainline"
583 -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux"
584 -
585 -# Package doesn't provide a real test suite
586 -RESTRICT="test"
587 -
588 -NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif
589 - fastcgi geo gzip limit_req limit_conn map memcached proxy referer
590 - rewrite scgi ssi split_clients upstream_hash upstream_ip_hash
591 - upstream_keepalive upstream_least_conn upstream_zone userid uwsgi"
592 -NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip
593 - gzip_static image_filter mp4 perl random_index realip secure_link
594 - slice stub_status sub xslt"
595 -NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients
596 - upstream_hash upstream_least_conn upstream_zone"
597 -NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread"
598 -NGINX_MODULES_MAIL="imap pop3 smtp"
599 -NGINX_MODULES_3RD="
600 - http_upload_progress
601 - http_headers_more
602 - http_cache_purge
603 - http_slowfs_cache
604 - http_fancyindex
605 - http_lua
606 - http_auth_pam
607 - http_upstream_check
608 - http_metrics
609 - http_naxsi
610 - http_dav_ext
611 - http_echo
612 - http_security
613 - http_push_stream
614 - http_sticky
615 - http_mogilefs
616 - http_memc
617 - http_auth_ldap"
618 -
619 -IUSE="aio debug +http +http2 +http-cache +ipv6 libatomic libressl luajit +pcre
620 - pcre-jit rtmp selinux ssl threads userland_GNU vim-syntax"
621 -
622 -for mod in $NGINX_MODULES_STD; do
623 - IUSE="${IUSE} +nginx_modules_http_${mod}"
624 -done
625 -
626 -for mod in $NGINX_MODULES_OPT; do
627 - IUSE="${IUSE} nginx_modules_http_${mod}"
628 -done
629 -
630 -for mod in $NGINX_MODULES_STREAM_STD; do
631 - IUSE="${IUSE} nginx_modules_stream_${mod}"
632 -done
633 -
634 -for mod in $NGINX_MODULES_STREAM_OPT; do
635 - IUSE="${IUSE} nginx_modules_stream_${mod}"
636 -done
637 -
638 -for mod in $NGINX_MODULES_MAIL; do
639 - IUSE="${IUSE} nginx_modules_mail_${mod}"
640 -done
641 -
642 -for mod in $NGINX_MODULES_3RD; do
643 - IUSE="${IUSE} nginx_modules_${mod}"
644 -done
645 -
646 -# Add so we can warn users updating about config changes
647 -# @TODO: jbergstroem: remove on next release series
648 -IUSE="${IUSE} nginx_modules_http_spdy"
649 -
650 -CDEPEND="
651 - pcre? ( dev-libs/libpcre:= )
652 - pcre-jit? ( dev-libs/libpcre:=[jit] )
653 - ssl? (
654 - !libressl? ( dev-libs/openssl:0= )
655 - libressl? ( dev-libs/libressl:= )
656 - )
657 - http2? (
658 - !libressl? ( >=dev-libs/openssl-1.0.1c:0= )
659 - libressl? ( dev-libs/libressl:= )
660 - )
661 - http-cache? (
662 - userland_GNU? (
663 - !libressl? ( dev-libs/openssl:0= )
664 - libressl? ( dev-libs/libressl:= )
665 - )
666 - )
667 - nginx_modules_http_geoip? ( dev-libs/geoip )
668 - nginx_modules_http_gunzip? ( sys-libs/zlib )
669 - nginx_modules_http_gzip? ( sys-libs/zlib )
670 - nginx_modules_http_gzip_static? ( sys-libs/zlib )
671 - nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] )
672 - nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= )
673 - nginx_modules_http_rewrite? ( dev-libs/libpcre:= )
674 - nginx_modules_http_secure_link? (
675 - userland_GNU? (
676 - !libressl? ( dev-libs/openssl:0= )
677 - libressl? ( dev-libs/libressl:= )
678 - )
679 - )
680 - nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt )
681 - nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? ( dev-lang/luajit:2= ) )
682 - nginx_modules_http_auth_pam? ( virtual/pam )
683 - nginx_modules_http_metrics? ( dev-libs/yajl:= )
684 - nginx_modules_http_dav_ext? ( dev-libs/expat )
685 - nginx_modules_http_security? (
686 - dev-libs/apr:=
687 - dev-libs/apr-util:=
688 - dev-libs/libxml2:=
689 - net-misc/curl
690 - www-servers/apache
691 - )
692 - nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] )"
693 -RDEPEND="${CDEPEND}
694 - selinux? ( sec-policy/selinux-nginx )
695 - !www-servers/nginx:0"
696 -DEPEND="${CDEPEND}
697 - nginx_modules_http_security? ( ${AUTOTOOLS_DEPEND} )
698 - arm? ( dev-libs/libatomic_ops )
699 - libatomic? ( dev-libs/libatomic_ops )"
700 -PDEPEND="vim-syntax? ( app-vim/nginx-syntax )"
701 -
702 -REQUIRED_USE="pcre-jit? ( pcre )
703 - nginx_modules_http_lua? ( nginx_modules_http_rewrite )
704 - nginx_modules_http_naxsi? ( pcre )
705 - nginx_modules_http_dav_ext? ( nginx_modules_http_dav )
706 - nginx_modules_http_metrics? ( nginx_modules_http_stub_status )
707 - nginx_modules_http_security? ( pcre )
708 - nginx_modules_http_push_stream? ( ssl )"
709 -
710 -pkg_setup() {
711 - NGINX_HOME="/var/lib/nginx"
712 - NGINX_HOME_TMP="${NGINX_HOME}/tmp"
713 -
714 - ebegin "Creating nginx user and group"
715 - enewgroup ${PN}
716 - enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN}
717 - eend $?
718 -
719 - if use libatomic; then
720 - ewarn "GCC 4.1+ features built-in atomic operations."
721 - ewarn "Using libatomic_ops is only needed if using"
722 - ewarn "a different compiler or a GCC prior to 4.1"
723 - fi
724 -
725 - if [[ -n $NGINX_ADD_MODULES ]]; then
726 - ewarn "You are building custom modules via \$NGINX_ADD_MODULES!"
727 - ewarn "This nginx installation is not supported!"
728 - ewarn "Make sure you can reproduce the bug without those modules"
729 - ewarn "_before_ reporting bugs."
730 - fi
731 -
732 - if use !http; then
733 - ewarn "To actually disable all http-functionality you also have to disable"
734 - ewarn "all nginx http modules."
735 - fi
736 -
737 - if use nginx_modules_http_mogilefs && use threads; then
738 - eerror "mogilefs won't compile with threads support."
739 - eerror "Please disable either flag and try again."
740 - die "Can't compile mogilefs with threads support"
741 - fi
742 -}
743 -
744 -src_prepare() {
745 - eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
746 - eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch"
747 -
748 - if use nginx_modules_http_echo; then
749 - cd "${HTTP_ECHO_MODULE_WD}" || die
750 - eapply "${FILESDIR}"/http_echo-nginx-1.11.11+.patch
751 - cd "${S}" || die
752 - fi
753 -
754 - if use nginx_modules_http_upstream_check; then
755 - #eapply -p0 "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/check_1.11.1+.patch
756 - eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch
757 - fi
758 -
759 - if use nginx_modules_http_lua; then
760 - cd "${HTTP_LUA_MODULE_WD}" || die
761 - eapply -p1 "${FILESDIR}"/http_lua_nginx-1.11.11+.patch
762 - cd "${S}" || die
763 - sed -i -e 's/-llua5.1/-llua/' "${HTTP_LUA_MODULE_WD}/config" || die
764 - fi
765 -
766 - if use nginx_modules_http_security; then
767 - cd "${HTTP_SECURITY_MODULE_WD}" || die
768 -
769 - eapply "${FILESDIR}"/http_security-pr_1158.patch
770 - eapply "${FILESDIR}"/http_security-pr_1373.patch
771 -
772 - eautoreconf
773 -
774 - if use luajit ; then
775 - sed -i \
776 - -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \
777 - configure || die
778 - fi
779 -
780 - cd "${S}" || die
781 - fi
782 -
783 - if use nginx_modules_http_upload_progress; then
784 - cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die
785 - eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch
786 - cd "${S}" || die
787 - fi
788 -
789 - if use nginx_modules_http_memc; then
790 - cd "${HTTP_MEMC_MODULE_WD}" || die
791 - eapply "${FILESDIR}"/http_memc-0.17-issue_26.patch
792 - cd "${S}" || die
793 - fi
794 -
795 - find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die
796 - # We have config protection, don't rename etc files
797 - sed -i 's:.default::' auto/install || die
798 - # remove useless files
799 - sed -i -e '/koi-/d' -e '/win-/d' auto/install || die
800 -
801 - # don't install to /etc/nginx/ if not in use
802 - local module
803 - for module in fastcgi scgi uwsgi ; do
804 - if ! use nginx_modules_http_${module}; then
805 - sed -i -e "/${module}/d" auto/install || die
806 - fi
807 - done
808 -
809 - eapply_user
810 -}
811 -
812 -src_configure() {
813 - # mod_security needs to generate nginx/modsecurity/config before including it
814 - if use nginx_modules_http_security; then
815 - cd "${HTTP_SECURITY_MODULE_WD}" || die
816 -
817 - ./configure \
818 - --enable-standalone-module \
819 - --disable-mlogc \
820 - --with-ssdeep=no \
821 - $(use_enable pcre-jit) \
822 - $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security"
823 -
824 - cd "${S}" || die
825 - fi
826 -
827 - local myconf=() http_enabled= mail_enabled= stream_enabled=
828 -
829 - use aio && myconf+=( --with-file-aio )
830 - use debug && myconf+=( --with-debug )
831 - use http2 && myconf+=( --with-http_v2_module )
832 - use libatomic && myconf+=( --with-libatomic )
833 - use pcre && myconf+=( --with-pcre )
834 - use pcre-jit && myconf+=( --with-pcre-jit )
835 - use threads && myconf+=( --with-threads )
836 -
837 - # HTTP modules
838 - for mod in $NGINX_MODULES_STD; do
839 - if use nginx_modules_http_${mod}; then
840 - http_enabled=1
841 - else
842 - myconf+=( --without-http_${mod}_module )
843 - fi
844 - done
845 -
846 - for mod in $NGINX_MODULES_OPT; do
847 - if use nginx_modules_http_${mod}; then
848 - http_enabled=1
849 - myconf+=( --with-http_${mod}_module )
850 - fi
851 - done
852 -
853 - if use nginx_modules_http_fastcgi; then
854 - myconf+=( --with-http_realip_module )
855 - fi
856 -
857 - # third-party modules
858 - if use nginx_modules_http_upload_progress; then
859 - http_enabled=1
860 - myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} )
861 - fi
862 -
863 - if use nginx_modules_http_headers_more; then
864 - http_enabled=1
865 - myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} )
866 - fi
867 -
868 - if use nginx_modules_http_cache_purge; then
869 - http_enabled=1
870 - myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} )
871 - fi
872 -
873 - if use nginx_modules_http_slowfs_cache; then
874 - http_enabled=1
875 - myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} )
876 - fi
877 -
878 - if use nginx_modules_http_fancyindex; then
879 - http_enabled=1
880 - myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} )
881 - fi
882 -
883 - if use nginx_modules_http_lua; then
884 - http_enabled=1
885 - if use luajit; then
886 - export LUAJIT_LIB=$(pkg-config --variable libdir luajit)
887 - export LUAJIT_INC=$(pkg-config --variable includedir luajit)
888 - else
889 - export LUA_LIB=$(pkg-config --variable libdir lua)
890 - export LUA_INC=$(pkg-config --variable includedir lua)
891 - fi
892 - myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} )
893 - myconf+=( --add-module=${HTTP_LUA_MODULE_WD} )
894 - fi
895 -
896 - if use nginx_modules_http_auth_pam; then
897 - http_enabled=1
898 - myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} )
899 - fi
900 -
901 - if use nginx_modules_http_upstream_check; then
902 - http_enabled=1
903 - myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} )
904 - fi
905 -
906 - if use nginx_modules_http_metrics; then
907 - http_enabled=1
908 - myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} )
909 - fi
910 -
911 - if use nginx_modules_http_naxsi ; then
912 - http_enabled=1
913 - myconf+=( --add-module=${HTTP_NAXSI_MODULE_WD} )
914 - fi
915 -
916 - if use rtmp ; then
917 - http_enabled=1
918 - myconf+=( --add-module=${RTMP_MODULE_WD} )
919 - fi
920 -
921 - if use nginx_modules_http_dav_ext ; then
922 - http_enabled=1
923 - myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} )
924 - fi
925 -
926 - if use nginx_modules_http_echo ; then
927 - http_enabled=1
928 - myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} )
929 - fi
930 -
931 - if use nginx_modules_http_security ; then
932 - http_enabled=1
933 - myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD}/nginx/modsecurity )
934 - fi
935 -
936 - if use nginx_modules_http_push_stream ; then
937 - http_enabled=1
938 - myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} )
939 - fi
940 -
941 - if use nginx_modules_http_sticky ; then
942 - http_enabled=1
943 - myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} )
944 - fi
945 -
946 - if use nginx_modules_http_mogilefs ; then
947 - http_enabled=1
948 - myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} )
949 - fi
950 -
951 - if use nginx_modules_http_memc ; then
952 - http_enabled=1
953 - myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} )
954 - fi
955 -
956 - if use nginx_modules_http_auth_ldap; then
957 - http_enabled=1
958 - myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} )
959 - fi
960 -
961 - if use http || use http-cache || use http2; then
962 - http_enabled=1
963 - fi
964 -
965 - if [ $http_enabled ]; then
966 - use http-cache || myconf+=( --without-http-cache )
967 - use ssl && myconf+=( --with-http_ssl_module )
968 - else
969 - myconf+=( --without-http --without-http-cache )
970 - fi
971 -
972 - # Stream modules
973 - for mod in $NGINX_MODULES_STREAM_STD; do
974 - if use nginx_modules_stream_${mod}; then
975 - stream_enabled=1
976 - else
977 - myconf+=( --without-stream_${mod}_module )
978 - fi
979 - done
980 -
981 - for mod in $NGINX_MODULES_STREAM_OPT; do
982 - if use nginx_modules_stream_${mod}; then
983 - stream_enabled=1
984 - myconf+=( --with-stream_${mod}_module )
985 - fi
986 - done
987 -
988 - if [ $stream_enabled ]; then
989 - myconf+=( --with-stream )
990 - use ssl && myconf+=( --with-stream_ssl_module )
991 - fi
992 -
993 - # MAIL modules
994 - for mod in $NGINX_MODULES_MAIL; do
995 - if use nginx_modules_mail_${mod}; then
996 - mail_enabled=1
997 - else
998 - myconf+=( --without-mail_${mod}_module )
999 - fi
1000 - done
1001 -
1002 - if [ $mail_enabled ]; then
1003 - myconf+=( --with-mail )
1004 - use ssl && myconf+=( --with-mail_ssl_module )
1005 - fi
1006 -
1007 - # custom modules
1008 - for mod in $NGINX_ADD_MODULES; do
1009 - myconf+=( --add-module=${mod} )
1010 - done
1011 -
1012 - # https://bugs.gentoo.org/286772
1013 - export LANG=C LC_ALL=C
1014 - tc-export CC
1015 -
1016 - if ! use prefix; then
1017 - myconf+=( --user=${PN} )
1018 - myconf+=( --group=${PN} )
1019 - fi
1020 -
1021 - local WITHOUT_IPV6=
1022 - if ! use ipv6; then
1023 - WITHOUT_IPV6=" -DNGX_HAVE_INET6=0"
1024 - fi
1025 -
1026 - ./configure \
1027 - --prefix="${EPREFIX}"/usr \
1028 - --conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \
1029 - --error-log-path="${EPREFIX}"/var/log/${PN}/error_log \
1030 - --pid-path="${EPREFIX}"/run/${PN}.pid \
1031 - --lock-path="${EPREFIX}"/run/lock/${PN}.lock \
1032 - --with-cc-opt="-I${EROOT}usr/include${WITHOUT_IPV6}" \
1033 - --with-ld-opt="-L${EROOT}usr/$(get_libdir)" \
1034 - --http-log-path="${EPREFIX}"/var/log/${PN}/access_log \
1035 - --http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \
1036 - --http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \
1037 - --http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \
1038 - --http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \
1039 - --http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \
1040 - --with-compat \
1041 - "${myconf[@]}" || die "configure failed"
1042 -
1043 - # A purely cosmetic change that makes nginx -V more readable. This can be
1044 - # good if people outside the gentoo community would troubleshoot and
1045 - # question the users setup.
1046 - sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die
1047 -}
1048 -
1049 -src_compile() {
1050 - use nginx_modules_http_security && emake -C "${HTTP_SECURITY_MODULE_WD}"
1051 -
1052 - # https://bugs.gentoo.org/286772
1053 - export LANG=C LC_ALL=C
1054 - emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}"
1055 -}
1056 -
1057 -src_install() {
1058 - emake DESTDIR="${D%/}" install
1059 -
1060 - cp "${FILESDIR}"/nginx.conf-r2 "${ED}"etc/nginx/nginx.conf || die
1061 -
1062 - newinitd "${FILESDIR}"/nginx.initd-r4 nginx
1063 - newconfd "${FILESDIR}"/nginx.confd nginx
1064 -
1065 - systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service
1066 -
1067 - doman man/nginx.8
1068 - dodoc CHANGES* README
1069 -
1070 - # just keepdir. do not copy the default htdocs files (bug #449136)
1071 - keepdir /var/www/localhost
1072 - rm -rf "${D}"usr/html || die
1073 -
1074 - # set up a list of directories to keep
1075 - local keepdir_list="${NGINX_HOME_TMP}"/client
1076 - local module
1077 - for module in proxy fastcgi scgi uwsgi; do
1078 - use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}"
1079 - done
1080 -
1081 - keepdir /var/log/nginx ${keepdir_list}
1082 -
1083 - # this solves a problem with SELinux where nginx doesn't see the directories
1084 - # as root and tries to create them as nginx
1085 - fperms 0750 "${NGINX_HOME_TMP}"
1086 - fowners ${PN}:0 "${NGINX_HOME_TMP}"
1087 -
1088 - fperms 0700 ${keepdir_list}
1089 - fowners ${PN}:${PN} ${keepdir_list}
1090 -
1091 - fperms 0710 /var/log/nginx
1092 - fowners 0:${PN} /var/log/nginx
1093 -
1094 - # logrotate
1095 - insinto /etc/logrotate.d
1096 - newins "${FILESDIR}"/nginx.logrotate-r1 nginx
1097 -
1098 - if use nginx_modules_http_perl; then
1099 - cd "${S}"/objs/src/http/modules/perl/ || die
1100 - emake DESTDIR="${D}" INSTALLDIRS=vendor
1101 - perl_delete_localpod
1102 - cd "${S}" || die
1103 - fi
1104 -
1105 - if use nginx_modules_http_cache_purge; then
1106 - docinto ${HTTP_CACHE_PURGE_MODULE_P}
1107 - dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md}
1108 - fi
1109 -
1110 - if use nginx_modules_http_slowfs_cache; then
1111 - docinto ${HTTP_SLOWFS_CACHE_MODULE_P}
1112 - dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md}
1113 - fi
1114 -
1115 - if use nginx_modules_http_fancyindex; then
1116 - docinto ${HTTP_FANCYINDEX_MODULE_P}
1117 - dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst
1118 - fi
1119 -
1120 - if use nginx_modules_http_lua; then
1121 - docinto ${HTTP_LUA_MODULE_P}
1122 - dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown
1123 - fi
1124 -
1125 - if use nginx_modules_http_auth_pam; then
1126 - docinto ${HTTP_AUTH_PAM_MODULE_P}
1127 - dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog}
1128 - fi
1129 -
1130 - if use nginx_modules_http_upstream_check; then
1131 - docinto ${HTTP_UPSTREAM_CHECK_MODULE_P}
1132 - dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES}
1133 - fi
1134 -
1135 - if use nginx_modules_http_naxsi; then
1136 - insinto /etc/nginx
1137 - doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules
1138 - fi
1139 -
1140 - if use rtmp; then
1141 - docinto ${RTMP_MODULE_P}
1142 - dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl}
1143 - fi
1144 -
1145 - if use nginx_modules_http_dav_ext; then
1146 - docinto ${HTTP_DAV_EXT_MODULE_P}
1147 - dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README
1148 - fi
1149 -
1150 - if use nginx_modules_http_echo; then
1151 - docinto ${HTTP_ECHO_MODULE_P}
1152 - dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown
1153 - fi
1154 -
1155 - if use nginx_modules_http_security; then
1156 - docinto ${HTTP_SECURITY_MODULE_P}
1157 - dodoc "${HTTP_SECURITY_MODULE_WD}"/{CHANGES,README.TXT,authors.txt}
1158 - fi
1159 -
1160 - if use nginx_modules_http_push_stream; then
1161 - docinto ${HTTP_PUSH_STREAM_MODULE_P}
1162 - dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile}
1163 - fi
1164 -
1165 - if use nginx_modules_http_sticky; then
1166 - docinto ${HTTP_STICKY_MODULE_P}
1167 - dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf}
1168 - fi
1169 -
1170 - if use nginx_modules_http_memc; then
1171 - docinto ${HTTP_MEMC_MODULE_P}
1172 - dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown
1173 - fi
1174 -
1175 - if use nginx_modules_http_auth_ldap; then
1176 - docinto ${HTTP_LDAP_MODULE_P}
1177 - dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf
1178 - fi
1179 -}
1180 -
1181 -pkg_postinst() {
1182 - if use ssl; then
1183 - if [[ ! -f "${EROOT}"etc/ssl/${PN}/${PN}.key ]]; then
1184 - install_cert /etc/ssl/${PN}/${PN}
1185 - use prefix || chown ${PN}:${PN} "${EROOT}"etc/ssl/${PN}/${PN}.{crt,csr,key,pem}
1186 - fi
1187 - fi
1188 -
1189 - if use nginx_modules_http_spdy; then
1190 - ewarn "In nginx 1.9.5 the spdy module was superseded by http2."
1191 - ewarn "Update your configs and package.use accordingly."
1192 - fi
1193 -
1194 - if use nginx_modules_http_lua && use http2; then
1195 - ewarn "Lua 3rd party module author warns against using ${P} with"
1196 - ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see http://git.io/OldLsg"
1197 - fi
1198 -
1199 - local _n_permission_layout_checks=0
1200 - local _has_to_adjust_permissions=0
1201 - local _has_to_show_permission_warning=0
1202 -
1203 - # Defaults to 1 to inform people doing a fresh installation
1204 - # that we ship modified {scgi,uwsgi,fastcgi}_params files
1205 - local _has_to_show_httpoxy_mitigation_notice=1
1206 -
1207 - local _replacing_version=
1208 - for _replacing_version in ${REPLACING_VERSIONS}; do
1209 - _n_permission_layout_checks=$((${_n_permission_layout_checks}+1))
1210 -
1211 - if [[ ${_n_permission_layout_checks} -gt 1 ]]; then
1212 - # Should never happen:
1213 - # Package is abusing slots but doesn't allow multiple parallel installations.
1214 - # If we run into this situation it is unsafe to automatically adjust any
1215 - # permission...
1216 - _has_to_show_permission_warning=1
1217 -
1218 - ewarn "Replacing multiple ${PN}' versions is unsupported! " \
1219 - "You will have to adjust permissions on your own."
1220 -
1221 - break
1222 - fi
1223 -
1224 - local _replacing_version_branch=$(get_version_component_range 1-2 "${_replacing_version}")
1225 - debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..."
1226 -
1227 - # Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)?
1228 - # This was before we introduced multiple nginx versions so we
1229 - # do not need to distinguish between stable and mainline
1230 - local _need_to_fix_CVE2013_0337=1
1231 -
1232 - if version_is_at_least "1.4.1-r2" "${_replacing_version}"; then
1233 - # We are updating an installation which should already be fixed
1234 - _need_to_fix_CVE2013_0337=0
1235 - debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!"
1236 - else
1237 - _has_to_adjust_permissions=1
1238 - debug-print "Need to adjust permissions to fix CVE-2013-0337!"
1239 - fi
1240 -
1241 - # Do we need to inform about HTTPoxy mitigation?
1242 - # In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f
1243 - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then
1244 - # Updating from <1.10
1245 - _has_to_show_httpoxy_mitigation_notice=1
1246 - debug-print "Need to inform about HTTPoxy mitigation!"
1247 - else
1248 - # Updating from >=1.10
1249 - local _fixed_in_pvr=
1250 - case "${_replacing_version_branch}" in
1251 - "1.10")
1252 - _fixed_in_pvr="1.10.1-r2"
1253 - ;;
1254 - "1.11")
1255 - _fixed_in_pvr="1.11.3-r1"
1256 - ;;
1257 - *)
1258 - # This should be any future branch.
1259 - # If we run this code it is safe to assume that the user has
1260 - # already seen the HTTPoxy mitigation notice because he/she is doing
1261 - # an update from previous version where we have already shown
1262 - # the warning. Otherwise, we wouldn't hit this code path ...
1263 - _fixed_in_pvr=
1264 - esac
1265 -
1266 - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then
1267 - # We are updating an installation where we already informed
1268 - # that we are mitigating HTTPoxy per default
1269 - _has_to_show_httpoxy_mitigation_notice=0
1270 - debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!"
1271 - else
1272 - _has_to_show_httpoxy_mitigation_notice=1
1273 - debug-print "Need to inform about HTTPoxy mitigation!"
1274 - fi
1275 - fi
1276 -
1277 - # Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)?
1278 - # All branches up to 1.11 are affected
1279 - local _need_to_fix_CVE2016_1247=1
1280 -
1281 - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then
1282 - # Updating from <1.10
1283 - _has_to_adjust_permissions=1
1284 - debug-print "Need to adjust permissions to fix CVE-2016-1247!"
1285 - else
1286 - # Updating from >=1.10
1287 - local _fixed_in_pvr=
1288 - case "${_replacing_version_branch}" in
1289 - "1.10")
1290 - _fixed_in_pvr="1.10.2-r3"
1291 - ;;
1292 - "1.11")
1293 - _fixed_in_pvr="1.11.6-r1"
1294 - ;;
1295 - *)
1296 - # This should be any future branch.
1297 - # If we run this code it is safe to assume that we have already
1298 - # adjusted permissions or were never affected because user is
1299 - # doing an update from previous version which was safe or did
1300 - # the adjustments. Otherwise, we wouldn't hit this code path ...
1301 - _fixed_in_pvr=
1302 - esac
1303 -
1304 - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then
1305 - # We are updating an installation which should already be adjusted
1306 - # or which was never affected
1307 - _need_to_fix_CVE2016_1247=0
1308 - debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!"
1309 - else
1310 - _has_to_adjust_permissions=1
1311 - debug-print "Need to adjust permissions to fix CVE-2016-1247!"
1312 - fi
1313 - fi
1314 - done
1315 -
1316 - if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then
1317 - # We do not DIE when chmod/chown commands are failing because
1318 - # package is already merged on user's system at this stage
1319 - # and we cannot retry without losing the information that
1320 - # the existing installation needs to adjust permissions.
1321 - # Instead we are going to a show a big warning ...
1322 -
1323 - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then
1324 - ewarn ""
1325 - ewarn "The world-readable bit (if set) has been removed from the"
1326 - ewarn "following directories to mitigate a security bug"
1327 - ewarn "(CVE-2013-0337, bug #458726):"
1328 - ewarn ""
1329 - ewarn " ${EPREFIX%/}/var/log/nginx"
1330 - ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}"
1331 - ewarn ""
1332 - ewarn "Check if this is correct for your setup before restarting nginx!"
1333 - ewarn "This is a one-time change and will not happen on subsequent updates."
1334 - ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'"
1335 - chmod o-rwx \
1336 - "${EPREFIX%/}"/var/log/nginx \
1337 - "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \
1338 - _has_to_show_permission_warning=1
1339 - fi
1340 -
1341 - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then
1342 - ewarn ""
1343 - ewarn "The permissions on the following directory have been reset in"
1344 - ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):"
1345 - ewarn ""
1346 - ewarn " ${EPREFIX%/}/var/log/nginx"
1347 - ewarn ""
1348 - ewarn "Check if this is correct for your setup before restarting nginx!"
1349 - ewarn "Also ensure that no other log directory used by any of your"
1350 - ewarn "vhost(s) is not writeable for nginx user. Any of your log files"
1351 - ewarn "used by nginx can be abused to escalate privileges!"
1352 - ewarn "This is a one-time change and will not happen on subsequent updates."
1353 - chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1
1354 - chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1
1355 - fi
1356 -
1357 - if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then
1358 - # Should never happen ...
1359 - ewarn ""
1360 - ewarn "*************************************************************"
1361 - ewarn "*************** W A R N I N G ***************"
1362 - ewarn "*************************************************************"
1363 - ewarn "The one-time only attempt to adjust permissions of the"
1364 - ewarn "existing nginx installation failed. Be aware that we will not"
1365 - ewarn "try to adjust the same permissions again because now you are"
1366 - ewarn "using a nginx version where we expect that the permissions"
1367 - ewarn "are already adjusted or that you know what you are doing and"
1368 - ewarn "want to keep custom permissions."
1369 - ewarn ""
1370 - fi
1371 - fi
1372 -
1373 - # Sanity check for CVE-2016-1247
1374 - # Required to warn users who received the warning above and thought
1375 - # they could fix it by unmerging and re-merging the package or have
1376 - # unmerged a affected installation on purpose in the past leaving
1377 - # /var/log/nginx on their system due to keepdir/non-empty folder
1378 - # and are now installing the package again.
1379 - local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX)
1380 - su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null
1381 - if [ $? -eq 0 ] ; then
1382 - # Cleanup -- no reason to die here!
1383 - rm -f "${_sanity_check_testfile}"
1384 -
1385 - ewarn ""
1386 - ewarn "*************************************************************"
1387 - ewarn "*************** W A R N I N G ***************"
1388 - ewarn "*************************************************************"
1389 - ewarn "Looks like your installation is vulnerable to CVE-2016-1247"
1390 - ewarn "(bug #605008) because nginx user is able to create files in"
1391 - ewarn ""
1392 - ewarn " ${EPREFIX%/}/var/log/nginx"
1393 - ewarn ""
1394 - ewarn "Also ensure that no other log directory used by any of your"
1395 - ewarn "vhost(s) is not writeable for nginx user. Any of your log files"
1396 - ewarn "used by nginx can be abused to escalate privileges!"
1397 - fi
1398 -
1399 - if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then
1400 - # HTTPoxy mitigation
1401 - ewarn ""
1402 - ewarn "This nginx installation comes with a mitigation for the HTTPoxy"
1403 - ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting"
1404 - ewarn "the HTTP_PROXY parameter to an empty string per default when you"
1405 - ewarn "are sourcing one of the default"
1406 - ewarn ""
1407 - ewarn " - 'fastcgi_params' or 'fastcgi.conf'"
1408 - ewarn " - 'scgi_params'"
1409 - ewarn " - 'uwsgi_params'"
1410 - ewarn ""
1411 - ewarn "files in your server block(s)."
1412 - ewarn ""
1413 - ewarn "If this is causing any problems for you make sure that you are sourcing the"
1414 - ewarn "default parameters _before_ you set your own values."
1415 - ewarn "If you are relying on user-supplied proxy values you have to remove the"
1416 - ewarn "correlating lines from the file(s) mentioned above."
1417 - ewarn ""
1418 - fi
1419 -}
Report Message
Find on MARC Find on Google Groups