wrapper/nginx-sid
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: wrapper:main
Branches Tags
wrapper:main
wrapper:bullseye
wrapper:debian/bookworm
wrapper:riscv64
wrapper:pristine-tar
wrapper:upstream
wrapper:FTBR-fix
wrapper:wip-1.26.0-3
wrapper:http3
wrapper:experimental
wrapper:nginxdevdeps
wrapper:test
wrapper:master
wrapper:noquilt
wrapper:pcre
wrapper:onlycoreflavour
wrapper:abi
wrapper:prune-odd-bd
wrapper:readme
wrapper:errorlog
wrapper:nginx_test_path
wrapper:ssl_cb_yield
wrapper:dh-ndk
wrapper:stderr
wrapper:luajit
wrapper:sequence
wrapper:buster
wrapper:bullseye-pu
wrapper:stretch-pu
wrapper:buster-pu
wrapper:stretch
wrapper:stretch-backports
wrapper:jessie
wrapper:wheezy
wrapper:experimental-base
wrapper:1.12.x
wrapper:jessie-backports
wrapper:default-includes-apps.d
wrapper:wheezy-backports
wrapper:wheezy-backports-sloppy
wrapper:debian/1.18.0-6.1+deb11u4
wrapper:debian/1.22.1-9+deb12u2
wrapper:debian/1.26.3-3
wrapper:debian/1.22.1-9+deb12u1
wrapper:debian/1.26.3-2
wrapper:debian/1.26.3-1
wrapper:upstream/1.26.3
wrapper:debian/1.26.2-1
wrapper:upstream/1.26.2
wrapper:debian/1.26.0-2
wrapper:debian/1.26.0-1
wrapper:debian/1.26.0-1_exp1
wrapper:upstream/1.26.0
wrapper:debian/1.24.0-2
wrapper:debian/1.24.0-1
wrapper:upstream/1.24.0
wrapper:debian/1.22.1-9
wrapper:debian/1.22.1-8
wrapper:debian/1.22.1-7
wrapper:debian/1.22.1-6
wrapper:debian/1.22.1-6_exp1
wrapper:debian/1.22.1-5
wrapper:debian/1.22.1-4
wrapper:debian/1.22.1-3
wrapper:debian/1.22.1-2
wrapper:debian/1.22.1-1
wrapper:upstream/1.22.1
wrapper:debian/1.22.0-3.1
wrapper:debian/1.22.0-3
wrapper:debian/1.22.0-2
wrapper:debian/1.22.0-1
wrapper:upstream/1.22.0
wrapper:debian/1.20.2-2
wrapper:debian/1.20.2-1
wrapper:upstream/1.20.2
wrapper:debian/1.18.0-9
wrapper:debian/1.18.0-6.1
wrapper:debian/1.18.0-8
wrapper:debian/1.18.0-7
wrapper:debian/1.18.0-6
wrapper:debian/1.18.0-5
wrapper:debian/1.18.0-4
wrapper:debian/1.18.0-3
wrapper:debian/1.18.0-2
wrapper:debian/1.18.0-1
wrapper:upstream/1.18.0
wrapper:debian/1.16.1-3
wrapper:debian/1.16.1-2
wrapper:debian/1.16.1-1
wrapper:upstream/1.16.1
wrapper:debian/1.14.2-2+deb10u1
wrapper:debian/1.10.3-1+deb9u3
wrapper:debian/1.14.2-3
wrapper:debian/1.14.2-2
wrapper:debian/1.14.2-1
wrapper:upstream/1.14.2
wrapper:debian/1.14.1-1_bpo9+1
wrapper:debian/1.10.3-1+deb9u2
wrapper:debian/1.6.2-5+deb8u6
wrapper:debian/1.14.1-1
wrapper:upstream/1.14.1
wrapper:debian/1.14.0-1_bpo9+1
wrapper:debian/1.14.0-1
wrapper:upstream/1.14.0
wrapper:debian/1.13.12-1
wrapper:upstream/1.13.12
wrapper:debian/1.13.11-1
wrapper:upstream/1.13.11
wrapper:debian/1.13.10-1
wrapper:upstream/1.13.10
wrapper:debian/1.13.9-1
wrapper:upstream/1.13.9
wrapper:debian/1.13.8-1
wrapper:upstream/1.13.8
wrapper:debian/1.13.7-1
wrapper:upstream/1.13.7
wrapper:debian/1.13.6-2
wrapper:debian/1.13.6-1
wrapper:upstream/1.13.6
wrapper:debian/1.13.5-1
wrapper:upstream/1.13.5
wrapper:debian/1.13.4-1
wrapper:upstream/1.13.4
wrapper:debian/1.13.3-1_bpo9+1
wrapper:debian/1.2.1-2.2+wheezy4+deb7u1
wrapper:debian/1.10.3-1+deb9u1_bpo8+1
wrapper:debian/1.10.3-1+deb9u1_bpo8+2
wrapper:debian/1.13.3-1
wrapper:debian/1.6.2-5+deb8u5
wrapper:debian/1.10.3-1+deb9u1
wrapper:debian/1.13.2-1
wrapper:upstream/1.13.3
wrapper:debian/1.13.1-2_bpo9+1
wrapper:upstream/1.13.2
wrapper:debian/1.13.1-2
wrapper:debian/1.13.1-1
wrapper:upstream/1.13.1
wrapper:debian/1.13.0-1
wrapper:debian/1.12.0-1
wrapper:upstream/1.12.0
wrapper:upstream/1.13.0
wrapper:upstream-1.11/1.11.13
wrapper:upstream-1.11/1.11.12
wrapper:upstream-1.11/1.11.11
wrapper:debian/1.10.3-1_bpo8+1
wrapper:debian/1.10.2-4_bpo8+1
wrapper:debian/1.11.10-1_exp1
wrapper:upstream-1.11/1.11.10
wrapper:debian/1.10.3-1
wrapper:upstream/1.10.3
wrapper:debian/1.11.9-1_exp2
wrapper:debian/1.11.9-1_exp1
wrapper:debian/1.10.2-4
wrapper:upstream-1.11/1.11.9
wrapper:debian/1.11.8-1_exp1
wrapper:upstream-1.11/1.11.8
wrapper:debian/1.10.2-3
wrapper:debian/1.11.7-1_exp1
wrapper:upstream-1.11/1.11.7
wrapper:debian/1.11.6-1_exp1
wrapper:upstream-1.11/1.11.6
wrapper:debian/1.10.2-2
wrapper:debian/1.9.10-1_bpo8+4
wrapper:debian/1.10.2-1
wrapper:debian/1.6.2-5+deb8u4
wrapper:debian/1.6.2-5+deb8u3
wrapper:upstream/1.10.2
wrapper:debian/1.11.5-1_exp1
wrapper:upstream-1.11/1.11.5
wrapper:upstream-1.11/1.11.4
wrapper:debian/1.10.1-3
wrapper:debian/1.11.3-1_exp2
wrapper:debian/1.10.1-2
wrapper:debian/1.11.3-1_exp1
wrapper:debian/1.9.10-1_bpo8+3
wrapper:upstream-1.11/1.11.3
wrapper:debian/1.9.10-1_bpo8+2
wrapper:debian/1.11.2-1_exp1
wrapper:upstream-1.11/1.11.2
wrapper:debian/1.6.2-5+deb8u2
wrapper:debian/1.6.2-5+deb8u2_bpo70+1
wrapper:debian/1.10.1-1
wrapper:upstream/1.10.1
wrapper:upstream/1.11.0
wrapper:debian/1.10.0-1
wrapper:upstream/1.10.0
wrapper:debian/1.9.14-2
wrapper:debian/1.9.14-1
wrapper:upstream/1.9.14
wrapper:debian/1.9.10-1_bpo8+1
wrapper:debian/1.6.2-5+deb8u1
wrapper:debian/1.2.1-2.2+wheezy4
wrapper:upstream/1.9.11
wrapper:debian/1.9.10-1
wrapper:upstream/1.9.10
wrapper:debian/1.9.9-1
wrapper:upstream/1.9.9
wrapper:debian/1.9.6-2
wrapper:debian/1.9.6-1
wrapper:upstream/1.9.6
wrapper:debian/1.9.4-1
wrapper:upstream/1.9.4
wrapper:debian/1.9.3-1
wrapper:upstream/1.9.3
wrapper:debian/1.9.1-1_bpo8+1
wrapper:debian/1.9.2-1
wrapper:upstream/1.9.2
wrapper:debian/1.9.1-1
wrapper:upstream/1.9.1
wrapper:debian/1.6.2-5_bpo70+1
wrapper:debian/1.6.2-5
wrapper:debian/1.2.1-2.2+wheezy3
wrapper:debian/1.6.2-4
wrapper:debian/1.6.2-3
wrapper:debian/1.6.2-2_bpo70+1
wrapper:debian/1.6.2-2
wrapper:debian/1.6.2-1_bpo70+1
wrapper:debian/1.6.2-1
wrapper:upstream/1.6.2
wrapper:debian/1.6.1-1_bpo70+1
wrapper:debian/1.6.1-2
wrapper:debian/1.6.1-1
wrapper:upstream/1.6.1
wrapper:debian/1.6.0-2
wrapper:debian/1.6.0-1_bpo70+1
wrapper:debian/1.6.0-1
wrapper:upstream/1.6.0
wrapper:debian/1.4.7-2
wrapper:debian/1.5.13-1_exp1
wrapper:debian/1.5.11-1_exp1
wrapper:debian/1.5.12-1_exp1
wrapper:debian/1.4.7-1
wrapper:upstream/1.4.7
wrapper:debian/1.4.6-1
wrapper:upstream/1.4.6
wrapper:debian/1.4.5-1
wrapper:upstream/1.4.5
wrapper:debian/1.4.4-4
wrapper:debian/1.4.4-3
wrapper:debian/1.4.4-2
wrapper:debian/1.2.1-2.2+wheezy2
wrapper:debian/1.2.1-2.2+wheezy1
wrapper:debian/1.2.1-2.2
wrapper:debian/1.2.1-2.1
wrapper:debian/1.4.4-1
wrapper:upstream/1.4.4
wrapper:debian/1.4.3-2
wrapper:upstream/1.4.3
wrapper:upstream/1.4.2
wrapper:debian/1.4.1-3
wrapper:debian/1.4.1-2
wrapper:debian/1.4.1-1
wrapper:upstream/1.4.1
wrapper:debian/1.4.0-2
wrapper:debian/1.4.0-1
wrapper:upstream/1.4.0
wrapper:upstream/1.2.8
wrapper:debian/1.2.6-1
wrapper:upstream/1.2.6
wrapper:upstream/1.2.5
wrapper:debian/1.2.4-2
wrapper:debian/1.2.4-1
wrapper:upstream/1.2.4
wrapper:debian/1.2.1-2
wrapper:debian/1.2.1-1
wrapper:upstream/1.2.1
wrapper:debian/1.2.0-1
wrapper:upstream/1.2.0
..
compare: wrapper:bullseye-pu
Branches Tags
wrapper:main
wrapper:bullseye
wrapper:debian/bookworm
wrapper:riscv64
wrapper:pristine-tar
wrapper:upstream
wrapper:FTBR-fix
wrapper:wip-1.26.0-3
wrapper:http3
wrapper:experimental
wrapper:nginxdevdeps
wrapper:test
wrapper:master
wrapper:noquilt
wrapper:pcre
wrapper:onlycoreflavour
wrapper:abi
wrapper:prune-odd-bd
wrapper:readme
wrapper:errorlog
wrapper:nginx_test_path
wrapper:ssl_cb_yield
wrapper:dh-ndk
wrapper:stderr
wrapper:luajit
wrapper:sequence
wrapper:buster
wrapper:bullseye-pu
wrapper:stretch-pu
wrapper:buster-pu
wrapper:stretch
wrapper:stretch-backports
wrapper:jessie
wrapper:wheezy
wrapper:experimental-base
wrapper:1.12.x
wrapper:jessie-backports
wrapper:default-includes-apps.d
wrapper:wheezy-backports
wrapper:wheezy-backports-sloppy
wrapper:debian/1.18.0-6.1+deb11u4
wrapper:debian/1.22.1-9+deb12u2
wrapper:debian/1.26.3-3
wrapper:debian/1.22.1-9+deb12u1
wrapper:debian/1.26.3-2
wrapper:debian/1.26.3-1
wrapper:upstream/1.26.3
wrapper:debian/1.26.2-1
wrapper:upstream/1.26.2
wrapper:debian/1.26.0-2
wrapper:debian/1.26.0-1
wrapper:debian/1.26.0-1_exp1
wrapper:upstream/1.26.0
wrapper:debian/1.24.0-2
wrapper:debian/1.24.0-1
wrapper:upstream/1.24.0
wrapper:debian/1.22.1-9
wrapper:debian/1.22.1-8
wrapper:debian/1.22.1-7
wrapper:debian/1.22.1-6
wrapper:debian/1.22.1-6_exp1
wrapper:debian/1.22.1-5
wrapper:debian/1.22.1-4
wrapper:debian/1.22.1-3
wrapper:debian/1.22.1-2
wrapper:debian/1.22.1-1
wrapper:upstream/1.22.1
wrapper:debian/1.22.0-3.1
wrapper:debian/1.22.0-3
wrapper:debian/1.22.0-2
wrapper:debian/1.22.0-1
wrapper:upstream/1.22.0
wrapper:debian/1.20.2-2
wrapper:debian/1.20.2-1
wrapper:upstream/1.20.2
wrapper:debian/1.18.0-9
wrapper:debian/1.18.0-6.1
wrapper:debian/1.18.0-8
wrapper:debian/1.18.0-7
wrapper:debian/1.18.0-6
wrapper:debian/1.18.0-5
wrapper:debian/1.18.0-4
wrapper:debian/1.18.0-3
wrapper:debian/1.18.0-2
wrapper:debian/1.18.0-1
wrapper:upstream/1.18.0
wrapper:debian/1.16.1-3
wrapper:debian/1.16.1-2
wrapper:debian/1.16.1-1
wrapper:upstream/1.16.1
wrapper:debian/1.14.2-2+deb10u1
wrapper:debian/1.10.3-1+deb9u3
wrapper:debian/1.14.2-3
wrapper:debian/1.14.2-2
wrapper:debian/1.14.2-1
wrapper:upstream/1.14.2
wrapper:debian/1.14.1-1_bpo9+1
wrapper:debian/1.10.3-1+deb9u2
wrapper:debian/1.6.2-5+deb8u6
wrapper:debian/1.14.1-1
wrapper:upstream/1.14.1
wrapper:debian/1.14.0-1_bpo9+1
wrapper:debian/1.14.0-1
wrapper:upstream/1.14.0
wrapper:debian/1.13.12-1
wrapper:upstream/1.13.12
wrapper:debian/1.13.11-1
wrapper:upstream/1.13.11
wrapper:debian/1.13.10-1
wrapper:upstream/1.13.10
wrapper:debian/1.13.9-1
wrapper:upstream/1.13.9
wrapper:debian/1.13.8-1
wrapper:upstream/1.13.8
wrapper:debian/1.13.7-1
wrapper:upstream/1.13.7
wrapper:debian/1.13.6-2
wrapper:debian/1.13.6-1
wrapper:upstream/1.13.6
wrapper:debian/1.13.5-1
wrapper:upstream/1.13.5
wrapper:debian/1.13.4-1
wrapper:upstream/1.13.4
wrapper:debian/1.13.3-1_bpo9+1
wrapper:debian/1.2.1-2.2+wheezy4+deb7u1
wrapper:debian/1.10.3-1+deb9u1_bpo8+1
wrapper:debian/1.10.3-1+deb9u1_bpo8+2
wrapper:debian/1.13.3-1
wrapper:debian/1.6.2-5+deb8u5
wrapper:debian/1.10.3-1+deb9u1
wrapper:debian/1.13.2-1
wrapper:upstream/1.13.3
wrapper:debian/1.13.1-2_bpo9+1
wrapper:upstream/1.13.2
wrapper:debian/1.13.1-2
wrapper:debian/1.13.1-1
wrapper:upstream/1.13.1
wrapper:debian/1.13.0-1
wrapper:debian/1.12.0-1
wrapper:upstream/1.12.0
wrapper:upstream/1.13.0
wrapper:upstream-1.11/1.11.13
wrapper:upstream-1.11/1.11.12
wrapper:upstream-1.11/1.11.11
wrapper:debian/1.10.3-1_bpo8+1
wrapper:debian/1.10.2-4_bpo8+1
wrapper:debian/1.11.10-1_exp1
wrapper:upstream-1.11/1.11.10
wrapper:debian/1.10.3-1
wrapper:upstream/1.10.3
wrapper:debian/1.11.9-1_exp2
wrapper:debian/1.11.9-1_exp1
wrapper:debian/1.10.2-4
wrapper:upstream-1.11/1.11.9
wrapper:debian/1.11.8-1_exp1
wrapper:upstream-1.11/1.11.8
wrapper:debian/1.10.2-3
wrapper:debian/1.11.7-1_exp1
wrapper:upstream-1.11/1.11.7
wrapper:debian/1.11.6-1_exp1
wrapper:upstream-1.11/1.11.6
wrapper:debian/1.10.2-2
wrapper:debian/1.9.10-1_bpo8+4
wrapper:debian/1.10.2-1
wrapper:debian/1.6.2-5+deb8u4
wrapper:debian/1.6.2-5+deb8u3
wrapper:upstream/1.10.2
wrapper:debian/1.11.5-1_exp1
wrapper:upstream-1.11/1.11.5
wrapper:upstream-1.11/1.11.4
wrapper:debian/1.10.1-3
wrapper:debian/1.11.3-1_exp2
wrapper:debian/1.10.1-2
wrapper:debian/1.11.3-1_exp1
wrapper:debian/1.9.10-1_bpo8+3
wrapper:upstream-1.11/1.11.3
wrapper:debian/1.9.10-1_bpo8+2
wrapper:debian/1.11.2-1_exp1
wrapper:upstream-1.11/1.11.2
wrapper:debian/1.6.2-5+deb8u2
wrapper:debian/1.6.2-5+deb8u2_bpo70+1
wrapper:debian/1.10.1-1
wrapper:upstream/1.10.1
wrapper:upstream/1.11.0
wrapper:debian/1.10.0-1
wrapper:upstream/1.10.0
wrapper:debian/1.9.14-2
wrapper:debian/1.9.14-1
wrapper:upstream/1.9.14
wrapper:debian/1.9.10-1_bpo8+1
wrapper:debian/1.6.2-5+deb8u1
wrapper:debian/1.2.1-2.2+wheezy4
wrapper:upstream/1.9.11
wrapper:debian/1.9.10-1
wrapper:upstream/1.9.10
wrapper:debian/1.9.9-1
wrapper:upstream/1.9.9
wrapper:debian/1.9.6-2
wrapper:debian/1.9.6-1
wrapper:upstream/1.9.6
wrapper:debian/1.9.4-1
wrapper:upstream/1.9.4
wrapper:debian/1.9.3-1
wrapper:upstream/1.9.3
wrapper:debian/1.9.1-1_bpo8+1
wrapper:debian/1.9.2-1
wrapper:upstream/1.9.2
wrapper:debian/1.9.1-1
wrapper:upstream/1.9.1
wrapper:debian/1.6.2-5_bpo70+1
wrapper:debian/1.6.2-5
wrapper:debian/1.2.1-2.2+wheezy3
wrapper:debian/1.6.2-4
wrapper:debian/1.6.2-3
wrapper:debian/1.6.2-2_bpo70+1
wrapper:debian/1.6.2-2
wrapper:debian/1.6.2-1_bpo70+1
wrapper:debian/1.6.2-1
wrapper:upstream/1.6.2
wrapper:debian/1.6.1-1_bpo70+1
wrapper:debian/1.6.1-2
wrapper:debian/1.6.1-1
wrapper:upstream/1.6.1
wrapper:debian/1.6.0-2
wrapper:debian/1.6.0-1_bpo70+1
wrapper:debian/1.6.0-1
wrapper:upstream/1.6.0
wrapper:debian/1.4.7-2
wrapper:debian/1.5.13-1_exp1
wrapper:debian/1.5.11-1_exp1
wrapper:debian/1.5.12-1_exp1
wrapper:debian/1.4.7-1
wrapper:upstream/1.4.7
wrapper:debian/1.4.6-1
wrapper:upstream/1.4.6
wrapper:debian/1.4.5-1
wrapper:upstream/1.4.5
wrapper:debian/1.4.4-4
wrapper:debian/1.4.4-3
wrapper:debian/1.4.4-2
wrapper:debian/1.2.1-2.2+wheezy2
wrapper:debian/1.2.1-2.2+wheezy1
wrapper:debian/1.2.1-2.2
wrapper:debian/1.2.1-2.1
wrapper:debian/1.4.4-1
wrapper:upstream/1.4.4
wrapper:debian/1.4.3-2
wrapper:upstream/1.4.3
wrapper:upstream/1.4.2
wrapper:debian/1.4.1-3
wrapper:debian/1.4.1-2
wrapper:debian/1.4.1-1
wrapper:upstream/1.4.1
wrapper:debian/1.4.0-2
wrapper:debian/1.4.0-1
wrapper:upstream/1.4.0
wrapper:upstream/1.2.8
wrapper:debian/1.2.6-1
wrapper:upstream/1.2.6
wrapper:upstream/1.2.5
wrapper:debian/1.2.4-2
wrapper:debian/1.2.4-1
wrapper:upstream/1.2.4
wrapper:debian/1.2.1-2
wrapper:debian/1.2.1-1
wrapper:upstream/1.2.1
wrapper:debian/1.2.0-1
wrapper:upstream/1.2.0

4 commits
main ... bullseye-p

Author SHA1 Message Date
Jan Mojžíš
77dc39215c
update to bullseye-security version 1.18.0-6.1+deb11u3 
CVE-2022-41741
CVE-2022-41742
 2022-11-26 18:28:40 +01:00
Jan Mojžíš
1d4be75eac
CVE-2021-3618 fix 
Include upstream changeset from NGINX
that adds mitigations into the Mail module for CVE-2021-3618.patch.
 2022-05-29 11:26:11 +02:00
Ondřej Nový
2c27f48e5e Backport upstream bugfix for segfault in nginx core >= 1.15.0 when libnginx-mod-http-lua is loaded and init_worker_by_lua* is used. (Closes: #994178) 2022-03-24 10:11:56 +01:00
Ondřej Nový
c8824ac4cc releasing package nginx version 1.18.0-6.1 2022-03-24 10:10:15 +01:00
1651 changed files with 237007 additions and 105309 deletions
Download patch file Download diff file Expand all files Collapse all files

10
.gitignore vendored
View file

@ -1,10 +0,0 @@
objs/*
!objs/ndk_*
.pc/
.vscode/
modules/media-framework/
modules/nginx-srt-module/
modules/nginx-vod-module/
Makefile
*.orig
*.txt

483
.hgtags
View file

@ -1,483 +0,0 @@
551102312e19b704cd22bd7254a9444b9ea14e96 release-0.1.0
23fb87bddda14ce9faec90f774085634106aded4 release-0.1.1
295d97d70c698585705345f1a8f92b02e63d6d0d release-0.1.2
ded1284520cc939ad5ae6ddab39925375e64237d release-0.1.3
0491b909ef7612d8411f1f59054186c1f3471b52 release-0.1.4
a88a3e4e158fade0aaa6f3eb25597d5ced2c1075 release-0.1.5
1f31dc6d33a3a4e65240b08066bf186df9e33b79 release-0.1.6
5aecc125bc33d81d6214c91d73eb44230a903dde release-0.1.7
bbd6b0b4a2b15ef8c8f1aaf7b027b6da47303524 release-0.1.8
2ff194b74f1e60cd04670986973e3b1a6aa3bece release-0.1.9
31ee1b50354fb829564b81a6f34e8d6ceb2d3f48 release-0.1.10
8e8f3af115b5b903b2b8f3335de971f18891246f release-0.1.11
c3c2848fc081e19aec5ffa97e468ad20ddb81df0 release-0.1.12
ad1e9ebf93bb5ae4c748d471fad2de8a0afc4d2a release-0.1.13
c5240858380136a67bec261c59b1532560b57885 release-0.1.14
fd661d14a7fad212e326a7dad6234ea0de992fbf release-0.1.15
621229427cba1b0af417ff2a101fc4f17a7d93c8 release-0.1.16
4ebe09b07e3021f1a63b459903ec58f162183b26 release-0.1.17
31ff3e943e1675a2caf745ba7a981244445d4c98 release-0.1.18
45a460f82aec80b0f61136aa09f412436d42203a release-0.1.19
0f836f0288eee4980f57736d50a7a60fa082d8e9 release-0.1.20
975f62e77f0244f1b631f740be77c72c8f2da1de release-0.1.21
fc9909c369b2b4716304ac8e38da57b8fb781211 release-0.1.22
d7c90bb5ce83dab08715e98f9c7b81c7df4b37be release-0.1.23
64d9afb209da0cd4a917202b7b77e51cc23e2229 release-0.1.24
d4ea69372b946dc4ec37fc3f5ddd93ff7c3da675 release-0.1.25
b1648294f6935e993e436fd8a68bca75c74c826d release-0.1.26
ee66921ecd47a7fa459f70f4a9d660f91f6a1b94 release-0.1.27
cd3117ad9aab9c58c6f7e677e551e1adbdeaba54 release-0.1.28
9b8c906f6e63ec2c71cecebfff35819a7d32227d release-0.1.29
c12967aadd8726daf2d85e3f3e622d89c42db176 release-0.1.30
fbbf16224844e7d560c00043e8ade8a560415bba release-0.1.31
417a087c9c4d9abb9b0b9b3f787aff515c43c035 release-0.1.32
dadfa78d227027348d7f9d1e7b7093d06ba545a0 release-0.1.33
12234c998d83bfbbaa305273b3dd1b855ca325dc release-0.1.34
6f00349b98e5f706b82115c6e4dc84456fc0d770 release-0.1.35
2019117e6b38cc3e89fe4f56a23b271479c627a6 release-0.1.36
09b42134ac0c42625340f16628e29690a04f8db5 release-0.1.37
7fa11e5c6e9612ecff5eb58274cc846ae742d1d2 release-0.1.38
e5d7d0334fdb946133c17523c198800142ac9fe9 release-0.1.39
c3bd8cdabb8f73e5600a91f198eb7df6fac65e92 release-0.1.40
d6e48c08d718bf5a9e58c20a37e8ae172bff1139 release-0.1.41
563ad09abf5042eb41e8ecaf5b4e6c9deaa42731 release-0.1.42
c9ad0d9c7d59b2fa2a5fe669f1e88debd03e6c04 release-0.1.43
371c1cee100d7a1b0e6cad4d188e05c98a641ee7 release-0.1.44
b09ee85d0ac823e36861491eedfc4dfafe282997 release-0.1.45
511a89da35ada16ae806667d699f9610b4f8499a release-0.2.0
0148586012ab3dde69b394ec5a389d44bb11c869 release-0.2.1
818fbd4750b99d14d2736212c939855a11b1f1ef release-0.2.2
e16a8d574da511622b97d6237d005f40f2cddb30 release-0.2.3
483cca23060331f2078b1c2984870d80f288ad41 release-0.2.4
45033d85b30e3f12c407b7cfc518d76e0eda0263 release-0.2.5
7bd37aef1e7e87858c12b124e253e98558889b50 release-0.2.6
ecd9c160f25b7a7075dd93383d98a0fc8d8c0a41 release-0.3.0
c1f965ef97188fd7ef81342dcf8719da18c554d2 release-0.3.1
e48ebafc69393fc94fecfdf9997c4179fd1ce473 release-0.3.2
9c2f3ed7a24711d3b42b124d5f831155c8beff95 release-0.3.3
7c1369d37c7eb0017c28ebcaa0778046f5aafdcc release-0.3.4
1af2fcb3be8a63796b6b23a488049c92a6bc12f4 release-0.3.5
174f1e853e1e831b01000aeccfd06a9c8d4d95a2 release-0.3.6
458b6c3fea65a894c99dd429334a77bb164c7e83 release-0.3.7
58475592100cb792c125101b6d2d898f5adada30 release-0.3.8
fcd6fc7ff7f9b132c35193d834e6e7d05026c716 release-0.3.9
4d9ea73a627a914d364e83e20c58eb1283f4031d release-0.3.10
4c5c2c55975c1152b5ca5d5d55b32d4dd7945f7a release-0.3.11
326634fb9d47912ad94221dc2f8fa4bec424d40c release-0.3.12
4e296b7d25bf62390ca2afb599e395426b94f785 release-0.3.13
401de5a43ba5a8acdb9c52465193c0ea7354afe7 release-0.3.14
284cc140593bb16ac71094acd509ab415ff4837d release-0.3.15
d4e858a5751a7fd08e64586795ed7d336011fbc0 release-0.3.16
8c0cdd81580eb76d774cfc5724de68e7e5cbbdc2 release-0.3.17
425af804d968f30eeff01e33b808bc2e8c467f2c release-0.3.18
ebc68d8ca4962fe3531b7e13444f7ac4395d9c6e release-0.3.19
9262f520ce214d3d5fd7c842891519336ef85ca6 release-0.3.20
869b6444d2341a587183859d4df736c7f3381169 release-0.3.21
77f77f53214a0e3a68fef8226c15532b54f2c365 release-0.3.22
858700ae46b453ea111b966b6d03f2c21ddcb94e release-0.3.23
5dac8c7fb71b86aafed8ea352305e7f85759f72e release-0.3.24
77cdfe394a94a625955e7585e09983b3af9b889b release-0.3.25
608cf78b24ef7baaf9705e4715a361f26bb16ba9 release-0.3.26
3f8a2132b93d66ac19bec006205a304a68524a0b release-0.3.27
c73c5c58c619c22dd3a5a26c91bb0567a62c6930 release-0.3.28
5ef026a2ac7481f04154f29ab49377bf99aaf96f release-0.3.29
51b27717f140b71a2e9158807d79da17c888ce4c release-0.3.30
7a16e281c01f1c7ab3b79c64b43ddb754ea7935e release-0.3.31
93e85a79757c49d502e42a1cb8264a0f133b0b00 release-0.3.32
0216fd1471f386168545f772836156761eddec08 release-0.3.33
fbed40ce7cb4fd7203fecc22a617b9ce5b950fb3 release-0.3.34
387450de0b4d21652f0b6242a5e26a31e3be8d8c release-0.3.35
65bf042c0b4f39f18a235464c52f980e9fa24f6b release-0.3.36
5d2b8078c1c2593b95ec50acfeeafbefa65be344 release-0.3.37
f971949ffb585d400e0f15508a56232a0f897c80 release-0.3.38
18268abd340cb351e0c01b9c44e9f8cc05492364 release-0.3.39
e60fe4cf1d4ea3c34be8c49047c712c6d46c1727 release-0.3.40
715d243270806d38be776fc3ed826d97514a73d6 release-0.3.41
5e8fb59c18c19347a5607fb5af075fe1e2925b9a release-0.3.42
947c6fd27699e0199249ad592151f844c8a900b0 release-0.3.43
4946078f0a79e6cc952d3e410813aac9b8bda650 release-0.3.44
95d7da23ea5315a6e9255ce036ed2c51f091f180 release-0.3.45
1e720b0be7ecd92358da8a60944669fa493e78cd release-0.3.46
39b7d7b33c918d8f4abc86c4075052d8c19da3c7 release-0.3.47
7cbef16c71a1f43a07f8141f02e0135c775f0f5b release-0.3.48
4c8cd5ae5cc100add5c08c252d991b82b1838c6b release-0.3.49
400711951595aef7cd2ef865b84b31df52b15782 release-0.3.50
649c9063d0fda23620eaeaf0f6393be0a672ebe7 release-0.3.51
9079ee4735aefa98165bb2cb26dee4f58d58c1d7 release-0.3.52
6d5c1535bb9dcd891c5963971f767421a334a728 release-0.3.53
5fd7a5e990477189c40718c8c3e01002a2c20b81 release-0.3.54
63a820b0bc6ca629c8e45a069b52d622ddc27a2d release-0.3.55
562806624c4afb1687cba83bc1852f5d0fecbac3 release-0.3.56
cec32b3753acf610ac1a6227d14032c1a89d6319 release-0.3.57
b80f94fa2197b99db5e033fec92e0426d1fe5026 release-0.3.58
e924670896abe2769ea0fcfd2058b405bed8e8ec release-0.3.59
921a7ce4baf42fd1091b7e40f89c858c6b23053e release-0.3.60
df95dcff753a6dc5e94257302aea02c18c7a7c87 release-0.3.61
7e24168b0853ee7e46c9c7b943ef077dc64f17f5 release-0.4.0
8183d4ba50f8500465efb27e66dd23f98775dd21 release-0.4.1
610267a772c7bf911b499d37f66c21ce8f2ebaf7 release-0.4.2
39dd0b045441e21512e0a6061a03d0df63414d8b release-0.4.3
5e42c1615f4de0079bd4d8913886d588ce6a295d release-0.4.4
40266f92b829a870808b3d4ee54c8fccdecbd2d6 release-0.4.5
56e33c6efee7ff63cdc52bd1cf172bde195079df release-0.4.6
119bad43bfd493400c57a05848eada2c35a46810 release-0.4.7
0f404f82a1343cb4e4b277a44e3417385798e5e5 release-0.4.8
d24a717314365c857b9f283d6072c2a427d5e342 release-0.4.9
d6f0a00015fdef861fd67fb583b9690638650656 release-0.4.10
e372368dadd7b2ecd0182b2f1b11db86fc27b2c3 release-0.4.11
fd57967d850d2361072c72562d1ed03598473478 release-0.4.12
979045fdcbd20cf7188545c1c589ff240251f890 release-0.4.13
93c94cfa9f78f0a5740595dde4466ec4fba664f8 release-0.4.14
589ee12e8d7c2ae5e4f4676bcc7a1279a76f9e8e release-0.5.0
13416db8a807e5acb4021bc3c581203de57e2f50 release-0.5.1
06c58edc88831fb31c492a8eddcf2c6056567f18 release-0.5.2
e2ac5fa41bcba14adbbb722d45c083c30c07bb5c release-0.5.3
393dbc659df15ccd411680b5c1ce87ed86d4c144 release-0.5.4
38cc7bd8e04f2c519fd4526c12841a876be353cb release-0.5.5
6d1fcec2ea79101c756316c015f72e75f601a5ab release-0.5.6
aed8a9de62456c4b360358bc112ccca32ce02e8d release-0.5.7
7642f45af67d805452df2667486201c36efaff85 release-0.5.8
779216610662c3a459935d506f66a9b16b9c9576 release-0.5.9
9eeb585454f3daa30cf768e95c088a092fe229b9 release-0.5.10
bb491c8197e38ca10ae63b1f1ecb36bf6fdaf950 release-0.5.11
613369e08810f36bbcc9734ef1059a03ccbf5e16 release-0.5.12
bd796ef5c9c9dd34bfac20261b98685e0410122a release-0.5.13
8a730c49f906d783b47e4b44d735efd083936c64 release-0.5.14
cb447039152d85e9145139ff2575a6199b9af9d4 release-0.5.15
64854c7c95d04f838585ca08492823000503fa61 release-0.5.16
d1ffcf84ea1244f659145c36ff28de6fcdf528b2 release-0.5.17
796a6e30ca9d29504195c10210dbc8deced0ae83 release-0.5.18
1f81c711d2a039e1f93b9b515065a2235372d455 release-0.5.19
8e8f6082654aedb4438c8fca408cfc316c7c5a2a release-0.5.20
e9551132f7dd40da5719dd5bcf924c86f1436f85 release-0.5.21
533a252896c4d1cff1586ae42129d610f7497811 release-0.5.22
f461a49b6c747e0b67f721f2be172902afea5528 release-0.5.23
2d5ef73671f690b65bf6d9e22e7155f68f484d5a release-0.5.24
77bf42576050862c268e267ef3e508b145845a25 release-0.5.25
2aefee4d4ed69eb7567680bf27a2efd212232488 release-0.6.0
7ac0fe9bec9a2b5f8e191f6fdd6922bfd916a6cb release-0.6.1
4882735ebc71eeec0fbfe645bdfdb31306872d82 release-0.6.2
b94731c73d0922f472ff938b9d252ba29020f20c release-0.6.3
13e649b813d6ccba5db33a61e08ebe09d683cd5b release-0.6.4
80de622646b0059fd4c553eff47c391bf7503b89 release-0.6.5
3b05edb2619d5935023b979ee7a9611b61b6c9e5 release-0.6.6
1dcfd375100c4479611f71efb99271d0a3059215 release-0.6.7
0228185d4c5772947b842e856ad74cf7f7fd52f3 release-0.6.8
d1879c52326ecac45c713203670f54220879911e release-0.6.9
5a80c6ccbe2ad24fa3d4ff6f9fe4a2b07408d19d release-0.6.10
f88a8b0b39601b19cd740e4db614ab0b5b874686 release-0.6.11
5557460a7247a1602ae96efd1d0ccf781344cb58 release-0.6.12
451b02cc770a794cd41363461b446948ae1d8bc8 release-0.6.13
537b6ef014c4a133e0ab0b7dc817508e0647e315 release-0.6.14
5e68764f0d6e91a983170fa806e7450a9e9b33fe release-0.6.15
158aa4e8cc46fcf9504a61469d22daf3476b17bf release-0.6.16
d8fcca555542619228d9fab89e1665b993f8c3ee release-0.6.17
60707ebc037086cf004736a0d4979e2a608da033 release-0.6.18
3c2a99d3a71af846855be35e62edb9a12f363f44 release-0.6.19
3e0a27f9358ffc1b5249e0ea2311ce7da5c8967e release-0.6.20
143f4d65b1c875d6563ccb7f653d9157afc72194 release-0.6.21
95e6160d2b7d0af8ffd1b95a23cadadf8f0b3f6d release-0.6.22
69a03d5e3b6e6660079ef1ef172db7ac08d8370e release-0.6.23
3e2a58fb48f1e1a99ebf851e0d47a7034c52ae22 release-0.6.24
3b8607c05a8bebcfa59235c2126a70d737f0ccf5 release-0.6.25
07ad5b2606614c4be4ee720c46cf4af126059d31 release-0.6.26
be531addfabe5214f409d457140c1038af10d199 release-0.6.27
58f05255d3a345d04baef5cff0ca1ae0ac7ecebb release-0.6.28
eb2bd21dc8d03f6c94016f04ffb9adaf83a2b606 release-0.6.29
55408deb3cd171efa9b81d23d7a1dd1ccde0b839 release-0.6.30
d4288915bba73c4c3c9cf5d39d34e86879eb2b45 release-0.6.31
0a189588830b8629c4dfea68feb49af36b59e4a9 release-0.7.0
6ab27a06f3346cf9ec8737f5dbcc82dd4031e30f release-0.7.1
a07e258cef3b0a0b6e76a6ff4ba4651c5facc85a release-0.7.2
9992c4583513d2804fc2e7fec860fbc7ab043009 release-0.7.3
4dc24d50230fbadfc037a414a86390db2de69dd2 release-0.7.4
9527137b4354a648a229c7169850c7c65272c00d release-0.7.5
c2f0f7cf306f302254beae512bda18713922375c release-0.7.6
bbcf6d75556fdcee8bd4aba8f6c27014be9920ee release-0.7.7
43bde71f0bbe5a33b161760d7f9f980d50386597 release-0.7.8
769f0dd7081e9011394f264aa22aa66fd79730d8 release-0.7.9
511edfa732da637f5f0c9476335df7dca994706d release-0.7.10
0e7023bf6b2461309c29885935443449a41be807 release-0.7.11
9ad1bd2b21d93902863807528e426862aedee737 release-0.7.12
d90ea21e24ea35379aef50c5d70564158e110a15 release-0.7.13
c07d2d20d95c83d804079bbdcecbce4a0c8282f0 release-0.7.14
0cd7bb051f67eac2b179fb9f9cc988b9ba18ed76 release-0.7.15
eab2e87deba73ae6abd9cc740e8d4365bed96322 release-0.7.16
91d7a9eb8ade90e9421d7b1e3c2e47a6bc427876 release-0.7.17
fc10f7b5cb1305fb930f8ac40b46882d0828d61e release-0.7.18
9dba9779e37e5969a2d408c792084fd7acfec062 release-0.7.19
61838d1bcbddc7bc4dd9f30d535573a6fddca8f9 release-0.7.20
5f665d0fa6a5f6e748157f2ccbc445b2db8125d0 release-0.7.21
24763afa5efe91e54f00b2ae5b87666eb6c08c3b release-0.7.22
0562fb355a25266150cbe8c8d4e00f55e3654df3 release-0.7.23
19c452ecd083550816873a8a31eb3ed9879085e6 release-0.7.24
46b68faf271d6fdcaaf3ad2c69f6167ea9e9fa28 release-0.7.25
d04bfca0c7e3ae2e4422bc1d383553139d6f0a19 release-0.7.26
9425d9c7f8ead95b00a3929a9a5e487e0e3c8499 release-0.7.27
fbc3e7e8b3ee756568a875f87d8a954a2f9d3bf6 release-0.7.28
5176dfdf153fc785b18604197d58806f919829ad release-0.7.29
87e07ccdf0a4ec53458d9d7a4ea66e1239910968 release-0.7.30
9fddd7e1a7a27f8463867f41a461aad57df461b2 release-0.7.31
780b2ba1ec6daf6e3773774e26b05b9ff0d5483e release-0.7.32
83027471a25385b1c671968be761e9aa7a8591a7 release-0.7.33
1e9a362c3dcee221ca6e34308c483ed93867aca2 release-0.7.34
c7ee9e15717b54ead5f4a554686e74abe66c6b07 release-0.7.35
b84548abe9b9d4f4e203f848696e52c8c82c308f release-0.7.36
3286f0bab8e77dbc7ebb370b1dc379592ccff123 release-0.7.37
11a4e2ed5b166b9c9f119171aa399a9e3aa4684a release-0.7.38
f822655d4120629977794c32d3b969343b6c30db release-0.7.39
8a350e49d2b6751296db6d8e27277ccf63ed412a release-0.7.40
c4a56c197eeafd71fc1caef7a9d890a330e3c23d release-0.7.41
a9575a57a5443df39611774cf3840e9088132b0e release-0.7.42
7503d95d6eadad14c28b2db183ba09848265274b release-0.7.43
9be652e9114435fc6f1fdec84c0458d56702db91 release-0.7.44
797e070d480a34b31ddac0d364784773f1bbbcf9 release-0.7.45
9b5037e7ec7db25875c40f9d1cf20a853388b124 release-0.7.46
d1d0e6d7ff0ca3c0dd1be1ef1cfff2e3fd0b4e1c release-0.7.47
9816fb28eda599bfd53940e6d3b6617d1ecb6323 release-0.7.48
452b9d09df8e3f2fb04b2a33d04d2f3a6436eb34 release-0.7.49
e4350efa7cf7a0e868c2236a1137de8a33bd8ec6 release-0.7.50
f51f2bec766c8b6d7e1799d904f18f8ea631bd44 release-0.7.51
18e39e566781c9c187e2eb62bebd9d669d68f08c release-0.7.52
b073eaa1dcea296a3488b83d455fab6621a73932 release-0.7.53
01c6fe6c2a55998434cd3b05dd10ca487ac3fb6c release-0.7.54
3ed9377e686f2521e6ec15873084381033fb490d release-0.7.55
a1e44954549c35023b409f728c678be8bf898148 release-0.7.56
fbb1918a85e38a7becdb1a001dbaf5933f23a919 release-0.7.57
87f4a49a9cc34a5b11c8784cc5ea89e97b4b2bd8 release-0.7.58
0c22cb4862c8beb4ee1b9e4627125162a29a5304 release-0.7.59
82d56c2425ef857cd430b8530a3f9e1127145a67 release-0.8.0
f4acb784b53cd952559567971b97dde1e818a2b6 release-0.8.1
b3503597c1a0f0f378afdc5e5e5b85e2c095a4be release-0.8.2
c98da980514a02ba81c421b25bf91803ffffddf3 release-0.8.3
db34ec0c53c4b9dec12ffdf70caf89a325ab9577 release-0.8.4
0914802433b8678ba2cdf91280766f00f4b9b76e release-0.8.5
ff52ee9e6422f3759f43a442b7ba615595b3a3d4 release-0.8.6
7607237b4829fff1f60999f4663c50ed9d5182f7 release-0.8.7
1cef1807bc12cb05ac52fb0e7a0f111d3760b569 release-0.8.8
a40f8475511d74a468ade29c1505e8986600d7a3 release-0.8.9
2d9faf2260df6c3e5d4aa1781493c31f27a557d0 release-0.8.10
d0d61c32331a6505381b5218318f7b69db167ca8 release-0.8.11
ca7a1c6c798a7eb5b294d4ac3179ec87ecf297d3 release-0.8.12
81c8277cd8ed55febcb2dd9d9213076f6c0ccb09 release-0.8.13
3089486a8dc5844b5b6e9f78d536b4b26f7ffa16 release-0.8.14
d364c2c12dd9723a2dfac3f096f5e55d4cfe6838 release-0.8.15
52163a1027c3efd6b4c461b60a2ca6266c23e193 release-0.8.16
06564e9a2d9ec5852132c212e85eda0bf1300307 release-0.8.17
7aaa959da85e09e29bcac3b1cadec35b0a25b64d release-0.8.18
4bc73c644329a510da4e96b7241b80ead7772f83 release-0.8.19
ea3d168fb99c32a5c3545717ecc61e85a375e5dd release-0.8.20
27951ca037e63dae45ff5b6279124c224ae1255a release-0.8.21
d56c8b5df517c2bf6e7bc2827b8bf3e08cda90e1 release-0.8.22
3c6ac062b379b126212cbb27e98a3c8275ef381a release-0.8.23
89b9173476de14688b1418fbf7df10f91d1719ef release-0.8.24
aa550cb4159ae0d566006e091fb1c7a888771050 release-0.8.25
06ce92293f6a65651b08c466f90f55bd69984b98 release-0.8.26
ea50b0d79ef1d7d901cd0e4dcd7373447849d719 release-0.8.27
e68b1c35cad86105ff1c5b240f53442f4c36356e release-0.8.28
78d3582a30afe63fc0adb17c3ac8891a64e47146 release-0.8.29
9852c5965a3292a1b6127dbb4da9fce4912d898a release-0.8.30
4f84115914490e572bcbee5069157b7334df2744 release-0.8.31
59dee6f7f3afeb1fad6ed5983756e48c81ad2a5c release-0.8.32
a4456378d234c07038456cf32bfe3c651f1d5e82 release-0.8.33
21cb50799a20575a42f9733342d37a426f79db4d release-0.8.34
7cb3cb8d78ef7ae63561733ed91fd07933896bc8 release-0.8.35
aed68639d4eb6afe944b7fb50499c16f7f3f503c release-0.8.36
265b7fd2ae21c75bbffa5115b83a0123d6c4acb4 release-0.8.37
fa5f1ca353c0c5aa5415f51d72fd7bbcc02d1ed7 release-0.8.38
af10bf9d4c6532850aa1f70cdf7504bd109b284c release-0.8.39
4846ec9f83cb5bc4c8519d5641b35fb9b190430c release-0.8.40
718b4cb3faf7efe4e0648140f064bf7a92c3f7e8 release-0.8.41
b5a3065749093282ddd19845e0b77ffc2e54333e release-0.8.42
34df9fb22fed415cdad52def04095dc6d4b48222 release-0.8.43
00ec8cd76fb89af27363b76c40d9f88bf4679c3b release-0.8.44
e16dd52a0d226c23dcae9a11252564a04753bbed release-0.8.45
f034d9173df0a433e0bbcf5974f12ea9eb9076c0 release-0.8.46
4434dc967087315efcd0658206a67fe6c85528f3 release-0.8.47
0b65c962e0cd6783a854877b52c903cb058eec8c release-0.8.48
a2b7e94b9807e981866bf07e37b715847d1b7120 release-0.8.49
e7bdb8edc1bab2bc352a9fb6ce765c46575c35bf release-0.8.50
21dacebd12f65cb57ceb8d2688db5b07fad6e06d release-0.8.51
67dd7533b99c8945b5b8b5b393504d4e003a1c50 release-0.8.52
010468d890dbac33a4cae6dfb2017db70721b2fe release-0.8.53
62b599022a2fa625b526c2ad1711dc6db7d66786 release-0.9.0
71281dd73b17a0ead5535d531afaee098da723cb release-0.9.1
16cff36b0e49fc9fdeee13b2e92690286bcc1b3d release-0.9.2
b7b306325972661117694879d3e22faf4cf0df32 release-0.9.3
fe671505a8ea86a76f0358b3ec4de84a9037ac2b release-0.9.4
70542931bc5436d1bbd38f152245d93ac063968d release-0.9.5
27e2f3b7a3db1819c5d0ba28327ceaba84a13c4e release-0.9.6
657d05d63915ce2f6c4d763091059f5f85bb10e5 release-0.9.7
e0fd9f36005923b8f98d1ba1ea583cb7625f318f release-1.0.0
f8f89eb4e0c27e857ec517d893d4f9a454985084 release-1.0.1
c50df367648e53d55e80b60a447c9c66caa0d326 release-1.0.2
80d586db316512b5a9d39f00fe185f7f91523f52 release-1.0.3
c9c2805ac9245cc48ce6efeba2b4a444f859d6aa release-1.0.4
fa2c37b1122c2c983b6e91d1188e387d72dde4d6 release-1.0.5
f31aea5b06654c9163be5acd6d9b7aaf0fdf6b33 release-1.1.0
44bf95f670656fae01ccb266b3863843ea13d324 release-1.1.1
da1289482a143dfa016769649bdff636c26f53c8 release-1.1.2
bac8ba08a6570bac2ecd3bf2ad64b0ac3030c903 release-1.1.3
911060bc8221d4113a693ae97952a1fa88663ca8 release-1.1.4
e47531dfabbf8e5f8b8aff9ff353642ea4aa7abb release-1.1.5
f9ddecfe331462f870a95e4c1c3ba1bb8f19f2d3 release-1.1.6
378c297bb7459fb99aa9c77decac0d35391a3932 release-1.1.7
71600ce67510af093d4bc0117a78b3b4678c6b3a release-1.1.8
482d7d907f1ab92b78084d8b8631ed0eb7dd08f7 release-1.1.9
c7e65deabf0db5109e8d8f6cf64cd3fb7633a3d1 release-1.1.10
9590f0cf5aab8e6e0b0c8ae59c70187b2b97d886 release-1.1.11
ade8fc136430cfc04a8d0885c757968b0987d56c release-1.1.12
6a6836e65827fd3cb10a406e7bbbe36e0dad8736 release-1.1.13
6845f4ac909233f5a08ed8a51de137713a888328 release-1.1.14
2397e9c72f1bc5eac67006e12ad3e33e0ea9ba74 release-1.1.15
7b7c49639a7bceecabf4963c60b26b65a77d6ce0 release-1.1.16
f7e1113a9a1648cad122543e7080e895cf2d88f4 release-1.1.17
2b22743c3079b41233ded0fc35af8aa89bcfab91 release-1.1.18
0f0b425659e0b26f5bc8ea14a42dbf34de2eaba6 release-1.1.19
f582d662cc408eb7a132c21f4b298b71d0701abb release-1.2.0
9ee68d629722f583d43d92271f2eb84281afc630 release-1.3.0
61b6a3438afef630774e568eefd89c53e3b93287 release-1.3.1
7ccd50a0a455f2f2d3b241f376e1193ad956196d release-1.2.1
0000000000000000000000000000000000000000 release-1.2.1
50107e2d96bbfc2c59e46f889b1a5f68dd10cf19 release-1.3.2
2c5e1e88c8cf710caf551c5c67eba00443601efe release-1.3.3
a43447fb82aa03eabcd85352758ae14606a84d35 release-1.3.4
90f3b4ea7992a7bf9385851a3e77173363091eea release-1.3.5
3aeb14f88daeb973e4708310daa3dc68ac1200f7 release-1.3.6
dafd375f1c882b15fa4a9b7aa7c801c55082395e release-1.3.7
ab7ce0eb4cf78a656750ab1d8e55ef61f7e535ec release-1.3.8
1b1a9337a7399ad3cdc5e3a2f9fbaaec990271d5 release-1.3.9
2c053b2572694eb9cd4aed26a498b6cb1f51bbcc release-1.3.10
36409ac209872ce53019f084e4e07467c5d9d25e release-1.3.11
560dc55e90c13860a79d8f3e0d67a81c7b0257bb release-1.3.12
dc195ffe0965b2b9072f8e213fe74ecce38f6773 release-1.3.13
e04428778567dd4de329bbbe97ad653e22801612 release-1.3.14
cd84e467c72967b9f5fb4d96bfc708c93edeb634 release-1.3.15
23159600bdea695db8f9d2890aaf73424303e49c release-1.3.16
7809529022b83157067e7d1e2fb65d57db5f4d99 release-1.4.0
48a84bc3ff074a65a63e353b9796ff2b14239699 release-1.5.0
99eed1a88fc33f32d66e2ec913874dfef3e12fcc release-1.5.1
5bdca4812974011731e5719a6c398b54f14a6d61 release-1.5.2
644a079526295aca11c52c46cb81e3754e6ad4ad release-1.5.3
376a5e7694004048a9d073e4feb81bb54ee3ba91 release-1.5.4
60e0409b9ec7ee194c6d8102f0656598cc4a6cfe release-1.5.5
70c5cd3a61cb476c2afb3a61826e59c7cda0b7a7 release-1.5.6
9ba2542d75bf62a3972278c63561fc2ef5ec573a release-1.5.7
eaa76f24975948b0ce8be01838d949122d44ed67 release-1.5.8
5a1759f33b7fa6270e1617c08d7e655b7b127f26 release-1.5.9
b798fc020e3a84ef68e6c9f47865a319c826d33c release-1.5.10
f995a10d4c7e9a817157a6ce7b753297ad32897e release-1.5.11
97b47d95e4449cbde976657cf8cbbc118351ffe0 release-1.5.12
fd722b890eabc600394349730a093f50dac31639 release-1.5.13
d161d68df8be32e5cbf72b07db1a707714827803 release-1.7.0
0351a6d89c3dbcc7a76295024ba6b70e27b9a497 release-1.7.1
0bd223a546192fdf2e862f33938f4ec2a3b5b283 release-1.7.2
fe7cd01828d5ca7491059f0690bb4453645eb28b release-1.7.3
cbb146b120296852e781079d5138b04495bab6df release-1.7.4
fe129aa02db9001d220f1db7c3c056f79482c111 release-1.7.5
a8d111bb68847f61d682a3c8792fecb2e52efa2c release-1.7.6
6d2fbc30f8a7f70136cf08f32d5ff3179d524873 release-1.7.7
d5ea659b8bab2d6402a2266efa691f705e84001e release-1.7.8
34b201c1abd1e2d4faeae4650a21574771a03c0e release-1.7.9
860cfbcc4606ee36d898a9cd0c5ae8858db984d6 release-1.7.10
2b3b737b5456c05cd63d3d834f4fb4d3776953d0 release-1.7.11
3ef00a71f56420a9c3e9cec311c9a2109a015d67 release-1.7.12
53d850fe292f157d2fb999c52788ec1dc53c91ed release-1.9.0
884a967c369f73ab16ea859670d690fb094d3850 release-1.9.1
3a32d6e7404a79a0973bcd8d0b83181c5bf66074 release-1.9.2
e27a215601292872f545a733859e06d01af1017d release-1.9.3
5cb7e2eed2031e32d2e5422caf9402758c38a6ad release-1.9.4
942475e10cb47654205ede7ccbe7d568698e665b release-1.9.5
b78018cfaa2f0ec20494fccb16252daa87c48a31 release-1.9.6
54117529e40b988590ea2d38aae909b0b191663f release-1.9.7
1bdc497c81607d854e3edf8b9a3be324c3d136b6 release-1.9.8
ef107f3ddc237a3007e2769ec04adde0dcf627fa release-1.9.9
be00ca08e41a69e585b6aff70a725ed6c9e1a876 release-1.9.10
fe66cff450a95beed36a2515210eb2d7ef62c9d3 release-1.9.11
ead3907d74f90a14d1646f1b2b56ba01d3d11702 release-1.9.12
5936b7ed929237f1a73b467f662611cdc0309e51 release-1.9.13
4106db71cbcb9c8274700199ac17e520902c6c0f release-1.9.14
13070ecfda67397985f0e986eb9c42ecb46d05b5 release-1.9.15
271ee30c6791847980cd139d31807541f5e569bf release-1.11.0
cb783d9cc19761e14e1285d91c38f4b84d0b8756 release-1.11.1
4d3b3a13a8cf5fc3351a7f167d1c13325e00f21c release-1.11.2
b83a067949a3384a49fd3d943eb8d0997b31f87b release-1.11.3
953512ca02c6f63b4fcbbc3e10d0d9835896bf99 release-1.11.4
5253015a339aaca0a3111473d3e931b6d4752393 release-1.11.5
5e371426b3bcba4312ce08606194b89b758927d1 release-1.11.6
5c8f60faf33ca8926473d2da27b4c3c417bd4630 release-1.11.7
4591da489a30f790def29bc5987f43409b503cae release-1.11.8
20a45c768e5ed26b740679d0e22045c98727c3cc release-1.11.9
1ad0999a7ded3d4fb01c7acf8ff57c80b643da7e release-1.11.10
d8b321a876d6254e9e98795e3b194ef053290354 release-1.11.11
7f394e433f0003222aa6531931ecc0b24740d5e4 release-1.11.12
3d0e8655f897959e48cc74e87670bb5492a58871 release-1.11.13
3671096a45bce570a2afa20b9faf42c7fb0f7e66 release-1.13.0
539f7893ecb96bee60965528c8958d7eb2f1ce6b release-1.13.1
5be2b25bdc65775a85f18f68a4be4f58c7384415 release-1.13.2
8457ce87640f9bfe6221c4ac4466ced20e03bebe release-1.13.3
bbc642c813c829963ce8197c0ca237ab7601f3d4 release-1.13.4
0d45b4cf7c2e4e626a5a16e1fe604402ace1cea5 release-1.13.5
f87da7d9ca02b8ced4caa6c5eb9013ccd47b0117 release-1.13.6
47cca243d0ed39bf5dcb9859184affc958b79b6f release-1.13.7
20ca4bcff108d3e66977f4d97508637093492287 release-1.13.8
fb1212c7eca4c5328fe17d6cd95b010c67336aac release-1.13.9
31c929e16910c38492581ef474e72fa67c28f124 release-1.13.10
64179f242cb55fc206bca59de9bfdc4cf5ebcec7 release-1.13.11
051e5fa03b92b8a564f6b12debd483d267391e82 release-1.13.12
990b3e885636d763b97ed02d0d2cfc161a4e0c09 release-1.15.0
4189160cb946bb38d0bc0a452b5eb4cdd8979fb5 release-1.15.1
b234199c7ed8a156a6bb98f7ff58302c857c954f release-1.15.2
28b3e17ca7eba1e6a0891afde0e4bc5bcc99c861 release-1.15.3
49d49835653857daa418e68d6cbfed4958c78fca release-1.15.4
f062e43d74fc2578bb100a9e82a953efa1eb9e4e release-1.15.5
2351853ce6867b6166823bdf94333c0a76633c0a release-1.15.6
051a039ce1c7e09144de4a4846669ec7116cecea release-1.15.7
ee551e3f6dba336c0d875e266d7d55385f379b42 release-1.15.8
d2fd76709909767fc727a5b4affcf1dc9ca488a7 release-1.15.9
75f5c7f628411c79c7044102049f7ab4f7a246e7 release-1.15.10
5155d0296a5ef9841f035920527ffdb771076b44 release-1.15.11
0130ca3d58437b3c7c707cdddd813d530c68da9a release-1.15.12
054c1c46395caff79bb4caf16f40b331f71bb6dd release-1.17.0
7816bd7dabf6ee86c53c073b90a7143161546e06 release-1.17.1
2fc9f853a6b7cd29dc84e0af2ed3cf78e0da6ca8 release-1.17.2
ed4303aa1b31a9aad5440640c0840d9d0af45fed release-1.17.3
ce2ced3856909f36f8130c99eaa4dbdbae636ddc release-1.17.4
9af0dddbddb2c368bfedd2801bc100ffad01e19b release-1.17.5
de68d0d94320cbf033599c6f3ca37e5335c67fd7 release-1.17.6
e56295fe0ea76bf53b06bffa77a2d3a9a335cb8c release-1.17.7
fdacd273711ddf20f778c1fb91529ab53979a454 release-1.17.8
5e8d52bca714d4b85284ddb649d1ba4a3ca978a8 release-1.17.9
c44970de01474f6f3e01b0adea85ec1d03e3a5f2 release-1.17.10
cbe6ba650211541310618849168631ce0b788f35 release-1.19.0
062920e2f3bf871ef7a3d8496edec1b3065faf80 release-1.19.1
a7b46539f507e6c64efa0efda69ad60b6f4ffbce release-1.19.2
3cbc2602325f0ac08917a4397d76f5155c34b7b1 release-1.19.3
dc0cc425fa63a80315f6efb68697cadb6626cdf2 release-1.19.4
8e5b068f761cd512d10c9671fbde0b568c1fd08b release-1.19.5
f618488eb769e0ed74ef0d93cd118d2ad79ef94d release-1.19.6
3fa6e2095a7a51acc630517e1c27a7b7ac41f7b3 release-1.19.7
8c65d21464aaa5923775f80c32474adc7a320068 release-1.19.8
da571b8eaf8f30f36c43b3c9b25e01e31f47149c release-1.19.9
ffcbb9980ee2bad27b4d7b1cd680b14ff47b29aa release-1.19.10
df34dcc9ac072ffd0945e5a1f3eb7987e8275375 release-1.21.0
a68ac0677f8553b1f84d357bc9da114731ab5f47 release-1.21.1
bfbc52374adcbf2f9060afd62de940f6fab3bba5 release-1.21.2
2217a9c1d0b86026f22700b3c089545db1964f55 release-1.21.3
39be8a682c58308d9399cddd57e37f9fdb7bdf3e release-1.21.4
d986378168fd4d70e0121cabac274c560cca9bdf release-1.21.5
714eb4b2c09e712fb2572a2164ce2bf67638ccac release-1.21.6
5da2c0902e8e2aa4534008a582a60c61c135960e release-1.23.0
a63d0a70afea96813ba6667997bc7d68b5863f0d release-1.23.1
aa901551a7ebad1e8b0f8c11cb44e3424ba29707 release-1.23.2
ff3afd1ce6a6b65057741df442adfaa71a0e2588 release-1.23.3
ac779115ed6ee4f3039e9aea414a54e560450ee2 release-1.23.4
12dcf92b0c2c68552398f19644ce3104459807d7 release-1.25.0
f8134640e8615448205785cf00b0bc810489b495 release-1.25.1
1d839f05409d1a50d0f15a2bf36547001f99ae40 release-1.25.2
294a3d07234f8f65d7b0e0b0e2c5b05c12c5da0a release-1.25.3
173a0a7dbce569adbb70257c6ec4f0f6bc585009 release-1.25.4
8618e4d900cc71082fbe7dc72af087937d64faf5 release-1.25.5
a58202a8c41bf0bd97eef1b946e13105a105520d release-1.26.0
a63c124e34bcf2d1d1feb8d40ff075103b967c4c release-1.26.1
e4c5da06073ca24e2ffc5c8f8b8d7833a926356f release-1.26.2

694
CHANGES
View file

@ -1,697 +1,7 @@
Changes with nginx 1.26.3 05 Feb 2025
Changes with nginx 1.18.0 21 Apr 2020
*) Security: insufficient check in virtual servers handling with TLSv1.3
SNI allowed to reuse SSL sessions in a different virtual server, to
bypass client SSL certificates verification (CVE-2025-23419).
*) Bugfix: in the ngx_http_mp4_module.
Thanks to Nils Bars.
*) Workaround: "gzip filter failed to use preallocated memory" alerts
appeared in logs when using zlib-ng.
*) Bugfix: nginx could not build libatomic library using the library
sources if the --with-libatomic=DIR option was used.
*) Bugfix: nginx now ignores QUIC version negotiation packets from
clients.
*) Bugfix: nginx could not be built on Solaris 10 and earlier with the
ngx_http_v3_module.
*) Bugfixes in HTTP/3.
Changes with nginx 1.26.2 14 Aug 2024
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash
(CVE-2024-7347).
Thanks to Nils Bars.
Changes with nginx 1.26.1 29 May 2024
*) Security: when using HTTP/3, processing of a specially crafted QUIC
session might cause a worker process crash, worker process memory
disclosure on systems with MTU larger than 4096 bytes, or might have
potential other impact (CVE-2024-32760, CVE-2024-31079,
CVE-2024-35200, CVE-2024-34161).
Thanks to Nils Bars of CISPA.
*) Bugfix: reduced memory consumption for long-lived requests if "gzip",
"gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
*) Bugfix: nginx could not be built by gcc 14 if the --with-libatomic
option was used.
Thanks to Edgar Bonet.
*) Bugfix: in HTTP/3.
Changes with nginx 1.26.0 23 Apr 2024
*) 1.26.x stable branch.
Changes with nginx 1.25.5 16 Apr 2024
*) Feature: virtual servers in the stream module.
*) Feature: the ngx_stream_pass_module.
*) Feature: the "deferred", "accept_filter", and "setfib" parameters of
the "listen" directive in the stream module.
*) Feature: cache line size detection for some architectures.
Thanks to Piotr Sikora.
*) Feature: support for Homebrew on Apple Silicon.
Thanks to Piotr Sikora.
*) Bugfix: Windows cross-compilation bugfixes and improvements.
Thanks to Piotr Sikora.
*) Bugfix: unexpected connection closure while using 0-RTT in QUIC.
Thanks to Vladimir Khomutov.
Changes with nginx 1.25.4 14 Feb 2024
*) Security: when using HTTP/3 a segmentation fault might occur in a
worker process while processing a specially crafted QUIC session
(CVE-2024-24989, CVE-2024-24990).
*) Bugfix: connections with pending AIO operations might be closed
prematurely during graceful shutdown of old worker processes.
*) Bugfix: socket leak alerts no longer logged when fast shutdown was
requested after graceful shutdown of old worker processes.
*) Bugfix: a socket descriptor error, a socket leak, or a segmentation
fault in a worker process (for SSL proxying) might occur if AIO was
used in a subrequest.
*) Bugfix: a segmentation fault might occur in a worker process if SSL
proxying was used along with the "image_filter" directive and errors
with code 415 were redirected with the "error_page" directive.
*) Bugfixes and improvements in HTTP/3.
Changes with nginx 1.25.3 24 Oct 2023
*) Change: improved detection of misbehaving clients when using HTTP/2.
*) Feature: startup speedup when using a large number of locations.
Thanks to Yusuke Nojima.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2 without SSL; the bug had appeared in 1.25.1.
*) Bugfix: the "Status" backend response header line with an empty
reason phrase was handled incorrectly.
*) Bugfix: memory leak during reconfiguration when using the PCRE2
library.
Thanks to ZhenZhong Wu.
*) Bugfixes and improvements in HTTP/3.
Changes with nginx 1.25.2 15 Aug 2023
*) Feature: path MTU discovery when using HTTP/3.
*) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
HTTP/3.
*) Change: now nginx uses appname "nginx" when loading OpenSSL
configuration.
*) Change: now nginx does not try to load OpenSSL configuration if the
--with-openssl option was used to built OpenSSL and the OPENSSL_CONF
environment variable is not set.
*) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
*) Bugfix: in HTTP/3.
Changes with nginx 1.25.1 13 Jun 2023
*) Feature: the "http2" directive, which enables HTTP/2 on a per-server
basis; the "http2" parameter of the "listen" directive is now
deprecated.
*) Change: HTTP/2 server push support has been removed.
*) Change: the deprecated "ssl" directive is not supported anymore.
*) Bugfix: in HTTP/3 when using OpenSSL.
Changes with nginx 1.25.0 23 May 2023
*) Feature: experimental HTTP/3 support.
Changes with nginx 1.23.4 28 Mar 2023
*) Change: now TLSv1.3 protocol is enabled by default.
*) Change: now nginx issues a warning if protocol parameters of a
listening socket are redefined.
*) Change: now nginx closes connections with lingering if pipelining was
used by the client.
*) Feature: byte ranges support in the ngx_http_gzip_static_module.
*) Bugfix: port ranges in the "listen" directive did not work; the bug
had appeared in 1.23.3.
Thanks to Valentin Bartenev.
*) Bugfix: incorrect location might be chosen to process a request if a
prefix location longer than 255 characters was used in the
configuration.
*) Bugfix: non-ASCII characters in file names on Windows were not
supported by the ngx_http_autoindex_module, the ngx_http_dav_module,
and the "include" directive.
*) Change: the logging level of the "data length too long", "length too
short", "bad legacy version", "no shared signature algorithms", "bad
digest length", "missing sigalgs extension", "encrypted length too
long", "bad length", "bad key update", "mixed handshake and non
handshake data", "ccs received early", "data between ccs and
finished", "packet length too long", "too many warn alerts", "record
too small", and "got a fin before a ccs" SSL errors has been lowered
from "crit" to "info".
*) Bugfix: a socket leak might occur when using HTTP/2 and the
"error_page" directive to redirect errors with code 400.
*) Bugfix: messages about logging to syslog errors did not contain
information that the errors happened while logging to syslog.
Thanks to Safar Safarly.
*) Workaround: "gzip filter failed to use preallocated memory" alerts
appeared in logs when using zlib-ng.
*) Bugfix: in the mail proxy server.
Changes with nginx 1.23.3 13 Dec 2022
*) Bugfix: an error might occur when reading PROXY protocol version 2
header with large number of TLVs.
*) Bugfix: a segmentation fault might occur in a worker process if SSI
was used to process subrequests created by other modules.
Thanks to Ciel Zhao.
*) Workaround: when a hostname used in the "listen" directive resolves
to multiple addresses, nginx now ignores duplicates within these
addresses.
*) Bugfix: nginx might hog CPU during unbuffered proxying if SSL
connections to backends were used.
Changes with nginx 1.23.2 19 Oct 2022
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash, worker
process memory disclosure, or might have potential other impact
(CVE-2022-41741, CVE-2022-41742).
*) Feature: the "$proxy_protocol_tlv_..." variables.
*) Feature: TLS session tickets encryption keys are now automatically
rotated when using shared memory in the "ssl_session_cache"
directive.
*) Change: the logging level of the "bad record type" SSL errors has
been lowered from "crit" to "info".
Thanks to Murilo Andrade.
*) Change: now when using shared memory in the "ssl_session_cache"
directive the "could not allocate new session" errors are logged at
the "warn" level instead of "alert" and not more often than once per
second.
*) Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.
*) Bugfix: in logging of the PROXY protocol errors.
Thanks to Sergey Brester.
*) Workaround: shared memory from the "ssl_session_cache" directive was
spent on sessions using TLS session tickets when using TLSv1.3 with
OpenSSL.
*) Workaround: timeout specified with the "ssl_session_timeout"
directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.
Changes with nginx 1.23.1 19 Jul 2022
*) Feature: memory usage optimization in configurations with SSL
proxying.
*) Feature: looking up of IPv4 addresses while resolving now can be
disabled with the "ipv4=off" parameter of the "resolver" directive.
*) Change: the logging level of the "bad key share", "bad extension",
"bad cipher", and "bad ecpoint" SSL errors has been lowered from
"crit" to "info".
*) Bugfix: while returning byte ranges nginx did not remove the
"Content-Range" header line if it was present in the original backend
response.
*) Bugfix: a proxied response might be truncated during reconfiguration
on Linux; the bug had appeared in 1.17.5.
Changes with nginx 1.23.0 21 Jun 2022
*) Change in internal API: now header lines are represented as linked
lists.
*) Change: now nginx combines arbitrary header lines with identical
names when sending to FastCGI, SCGI, and uwsgi backends, in the
$r->header_in() method of the ngx_http_perl_module, and during lookup
of the "$http_...", "$sent_http_...", "$sent_trailer_...",
"$upstream_http_...", and "$upstream_trailer_..." variables.
*) Bugfix: if there were multiple "Vary" header lines in the backend
response, nginx only used the last of them when caching.
*) Bugfix: if there were multiple "WWW-Authenticate" header lines in the
backend response and errors with code 401 were intercepted or the
"auth_request" directive was used, nginx only sent the first of the
header lines to the client.
*) Change: the logging level of the "application data after close
notify" SSL errors has been lowered from "crit" to "info".
*) Bugfix: connections might hang if nginx was built on Linux 2.6.17 or
newer, but was used on systems without EPOLLRDHUP support, notably
with epoll emulation layers; the bug had appeared in 1.17.5.
Thanks to Marcus Ball.
*) Bugfix: nginx did not cache the response if the "Expires" response
header line disabled caching, but following "Cache-Control" header
line enabled caching.
Changes with nginx 1.21.6 25 Jan 2022
*) Bugfix: when using EPOLLEXCLUSIVE on Linux client connections were
unevenly distributed among worker processes.
*) Bugfix: nginx returned the "Connection: keep-alive" header line in
responses during graceful shutdown of old worker processes.
*) Bugfix: in the "ssl_session_ticket_key" when using TLSv1.3.
Changes with nginx 1.21.5 28 Dec 2021
*) Change: now nginx is built with the PCRE2 library by default.
*) Change: now nginx always uses sendfile(SF_NODISKIO) on FreeBSD.
*) Feature: support for sendfile(SF_NOCACHE) on FreeBSD.
*) Feature: the $ssl_curve variable.
*) Bugfix: connections might hang when using HTTP/2 without SSL with the
"sendfile" and "aio" directives.
Changes with nginx 1.21.4 02 Nov 2021
*) Change: support for NPN instead of ALPN to establish HTTP/2
connections has been removed.
*) Change: now nginx rejects SSL connections if ALPN is used by the
client, but no supported protocols can be negotiated.
*) Change: the default value of the "sendfile_max_chunk" directive was
changed to 2 megabytes.
*) Feature: the "proxy_half_close" directive in the stream module.
*) Feature: the "ssl_alpn" directive in the stream module.
*) Feature: the $ssl_alpn_protocol variable.
*) Feature: support for SSL_sendfile() when using OpenSSL 3.0.
*) Feature: the "mp4_start_key_frame" directive in the
ngx_http_mp4_module.
Thanks to Tracey Jaquith.
*) Bugfix: in the $content_length variable when using chunked transfer
encoding.
*) Bugfix: after receiving a response with incorrect length from a
proxied backend nginx might nevertheless cache the connection.
Thanks to Awdhesh Mathpal.
*) Bugfix: invalid headers from backends were logged at the "info" level
instead of "error"; the bug had appeared in 1.21.1.
*) Bugfix: requests might hang when using HTTP/2 and the "aio_write"
directive.
Changes with nginx 1.21.3 07 Sep 2021
*) Change: optimization of client request body reading when using
HTTP/2.
*) Bugfix: in request body filters internal API when using HTTP/2 and
buffering of the data being processed.
Changes with nginx 1.21.2 31 Aug 2021
*) Change: now nginx rejects HTTP/1.0 requests with the
"Transfer-Encoding" header line.
*) Change: export ciphers are no longer supported.
*) Feature: OpenSSL 3.0 compatibility.
*) Feature: the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines
are now passed to the mail proxy authentication server.
Thanks to Rob Mueller.
*) Feature: request body filters API now permits buffering of the data
being processed.
*) Bugfix: backend SSL connections in the stream module might hang after
an SSL handshake.
*) Bugfix: the security level, which is available in OpenSSL 1.1.0 or
newer, did not affect loading of the server certificates when set
with "@SECLEVEL=N" in the "ssl_ciphers" directive.
*) Bugfix: SSL connections with gRPC backends might hang if select,
poll, or /dev/poll methods were used.
*) Bugfix: when using HTTP/2 client request body was always written to
disk if the "Content-Length" header line was not present in the
request.
Changes with nginx 1.21.1 06 Jul 2021
*) Change: now nginx always returns an error for the CONNECT method.
*) Change: now nginx always returns an error if both "Content-Length"
and "Transfer-Encoding" header lines are present in the request.
*) Change: now nginx always returns an error if spaces or control
characters are used in the request line.
*) Change: now nginx always returns an error if spaces or control
characters are used in a header name.
*) Change: now nginx always returns an error if spaces or control
characters are used in the "Host" request header line.
*) Change: optimization of configuration testing when using many
listening sockets.
*) Bugfix: nginx did not escape """, "<", ">", "\", "^", "`", "{", "|",
and "}" characters when proxying with changed URI.
*) Bugfix: SSL variables might be empty when used in logs; the bug had
appeared in 1.19.5.
*) Bugfix: keepalive connections with gRPC backends might not be closed
after receiving a GOAWAY frame.
*) Bugfix: reduced memory consumption for long-lived requests when
proxying with more than 64 buffers.
Changes with nginx 1.21.0 25 May 2021
*) Security: 1-byte memory overwrite might occur during DNS server
response processing if the "resolver" directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server to
cause worker process crash or, potentially, arbitrary code execution
(CVE-2021-23017).
*) Feature: variables support in the "proxy_ssl_certificate",
"proxy_ssl_certificate_key" "grpc_ssl_certificate",
"grpc_ssl_certificate_key", "uwsgi_ssl_certificate", and
"uwsgi_ssl_certificate_key" directives.
*) Feature: the "max_errors" directive in the mail proxy module.
*) Feature: the mail proxy module supports POP3 and IMAP pipelining.
*) Feature: the "fastopen" parameter of the "listen" directive in the
stream module.
Thanks to Anbang Wen.
*) Bugfix: special characters were not escaped during automatic redirect
with appended trailing slash.
*) Bugfix: connections with clients in the mail proxy module might be
closed unexpectedly when using SMTP pipelining.
Changes with nginx 1.19.10 13 Apr 2021
*) Change: the default value of the "keepalive_requests" directive was
changed to 1000.
*) Feature: the "keepalive_time" directive.
*) Feature: the $connection_time variable.
*) Workaround: "gzip filter failed to use preallocated memory" alerts
appeared in logs when using zlib-ng.
Changes with nginx 1.19.9 30 Mar 2021
*) Bugfix: nginx could not be built with the mail proxy module, but
without the ngx_mail_ssl_module; the bug had appeared in 1.19.8.
*) Bugfix: "upstream sent response body larger than indicated content
length" errors might occur when working with gRPC backends; the bug
had appeared in 1.19.1.
*) Bugfix: nginx might not close a connection till keepalive timeout
expiration if the connection was closed by the client while
discarding the request body.
*) Bugfix: nginx might not detect that a connection was already closed
by the client when waiting for auth_delay or limit_req delay, or when
working with backends.
*) Bugfix: in the eventport method.
Changes with nginx 1.19.8 09 Mar 2021
*) Feature: flags in the "proxy_cookie_flags" directive can now contain
variables.
*) Feature: the "proxy_protocol" parameter of the "listen" directive,
the "proxy_protocol" and "set_real_ip_from" directives in mail proxy.
*) Bugfix: HTTP/2 connections were immediately closed when using
"keepalive_timeout 0"; the bug had appeared in 1.19.7.
*) Bugfix: some errors were logged as unknown if nginx was built with
glibc 2.32.
*) Bugfix: in the eventport method.
Changes with nginx 1.19.7 16 Feb 2021
*) Change: connections handling in HTTP/2 has been changed to better
match HTTP/1.x; the "http2_recv_timeout", "http2_idle_timeout", and
"http2_max_requests" directives have been removed, the
"keepalive_timeout" and "keepalive_requests" directives should be
used instead.
*) Change: the "http2_max_field_size" and "http2_max_header_size"
directives have been removed, the "large_client_header_buffers"
directive should be used instead.
*) Feature: now, if free worker connections are exhausted, nginx starts
closing not only keepalive connections, but also connections in
lingering close.
*) Bugfix: "zero size buf in output" alerts might appear in logs if an
upstream server returned an incorrect response during unbuffered
proxying; the bug had appeared in 1.19.1.
*) Bugfix: HEAD requests were handled incorrectly if the "return"
directive was used with the "image_filter" or "xslt_stylesheet"
directives.
*) Bugfix: in the "add_trailer" directive.
Changes with nginx 1.19.6 15 Dec 2020
*) Bugfix: "no live upstreams" errors if a "server" inside "upstream"
block was marked as "down".
*) Bugfix: a segmentation fault might occur in a worker process if HTTPS
was used; the bug had appeared in 1.19.5.
*) Bugfix: nginx returned the 400 response on requests like
"GET http://example.com?args HTTP/1.0".
*) Bugfix: in the ngx_http_flv_module and ngx_http_mp4_module.
Thanks to Chris Newton.
Changes with nginx 1.19.5 24 Nov 2020
*) Feature: the -e switch.
*) Feature: the same source files can now be specified in different
modules while building addon modules.
*) Bugfix: SSL shutdown did not work when lingering close was used.
*) Bugfix: "upstream sent frame for closed stream" errors might occur
when working with gRPC backends.
*) Bugfix: in request body filters internal API.
Changes with nginx 1.19.4 27 Oct 2020
*) Feature: the "ssl_conf_command", "proxy_ssl_conf_command",
"grpc_ssl_conf_command", and "uwsgi_ssl_conf_command" directives.
*) Feature: the "ssl_reject_handshake" directive.
*) Feature: the "proxy_smtp_auth" directive in mail proxy.
Changes with nginx 1.19.3 29 Sep 2020
*) Feature: the ngx_stream_set_module.
*) Feature: the "proxy_cookie_flags" directive.
*) Feature: the "userid_flags" directive.
*) Bugfix: the "stale-if-error" cache control extension was erroneously
applied if backend returned a response with status code 500, 502,
503, 504, 403, 404, or 429.
*) Bugfix: "[crit] cache file ... has too long header" messages might
appear in logs if caching was used and the backend returned responses
with the "Vary" header line.
*) Workaround: "[crit] SSL_write() failed" messages might appear in logs
when using OpenSSL 1.1.1.
*) Bugfix: "SSL_shutdown() failed (SSL: ... bad write retry)" messages
might appear in logs; the bug had appeared in 1.19.2.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2 if errors with code 400 were redirected to a proxied
location using the "error_page" directive.
*) Bugfix: socket leak when using HTTP/2 and subrequests in the njs
module.
Changes with nginx 1.19.2 11 Aug 2020
*) Change: now nginx starts closing keepalive connections before all
free worker connections are exhausted, and logs a warning about this
to the error log.
*) Change: optimization of client request body reading when using
chunked transfer encoding.
*) Bugfix: memory leak if the "ssl_ocsp" directive was used.
*) Bugfix: "zero size buf in output" alerts might appear in logs if a
FastCGI server returned an incorrect response; the bug had appeared
in 1.19.1.
*) Bugfix: a segmentation fault might occur in a worker process if
different large_client_header_buffers sizes were used in different
virtual servers.
*) Bugfix: SSL shutdown might not work.
*) Bugfix: "SSL_shutdown() failed (SSL: ... bad write retry)" messages
might appear in logs.
*) Bugfix: in the ngx_http_slice_module.
*) Bugfix: in the ngx_http_xslt_filter_module.
Changes with nginx 1.19.1 07 Jul 2020
*) Change: the "lingering_close", "lingering_time", and
"lingering_timeout" directives now work when using HTTP/2.
*) Change: now extra data sent by a backend are always discarded.
*) Change: now after receiving a too short response from a FastCGI
server nginx tries to send the available part of the response to the
client, and then closes the client connection.
*) Change: now after receiving a response with incorrect length from a
gRPC backend nginx stops response processing with an error.
*) Feature: the "min_free" parameter of the "proxy_cache_path",
"fastcgi_cache_path", "scgi_cache_path", and "uwsgi_cache_path"
directives.
Thanks to Adam Bambuch.
*) Bugfix: nginx did not delete unix domain listen sockets during
graceful shutdown on the SIGQUIT signal.
*) Bugfix: zero length UDP datagrams were not proxied.
*) Bugfix: proxying to uwsgi backends using SSL might not work.
Thanks to Guanzhong Chen.
*) Bugfix: in error handling when using the "ssl_ocsp" directive.
*) Bugfix: on XFS and NFS file systems disk cache size might be
calculated incorrectly.
*) Bugfix: "negative size buf in writer" alerts might appear in logs if
a memcached server returned a malformed response.
Changes with nginx 1.19.0 26 May 2020
*) Feature: client certificate validation with OCSP.
*) Bugfix: "upstream sent frame for closed stream" errors might occur
when working with gRPC backends.
*) Bugfix: OCSP stapling might not work if the "resolver" directive was
not specified.
*) Bugfix: connections with incorrect HTTP/2 preface were not logged.
*) 1.18.x stable branch.
Changes with nginx 1.17.10 14 Apr 2020

710
CHANGES.ru
View file

@ -1,713 +1,7 @@
Изменения в nginx 1.26.3 05.02.2025
Изменения в nginx 1.18.0 21.04.2020
*) Безопасность: недостаточная проверка в обработке виртуальных серверов
при использовании SNI в TLSv1.3 позволяла повторно использовать
SSL-сессию в контексте другого виртуального сервера, чтобы обойти
проверку клиентских SSL-сертификатов (CVE-2025-23419).
*) Исправление: в модуле ngx_http_mp4_module.
Спасибо Nils Bars.
*) Изменение: при использовании zlib-ng в логах появлялись сообщения
"gzip filter failed to use preallocated memory".
*) Исправление: nginx не мог собрать библиотеку libatomic из исходных
текстов, если использовался параметр --with-libatomic=DIR.
*) Исправление: теперь nginx игнорирует пакеты согласования версий QUIC
от клиентов.
*) Исправление: nginx не собирался на Solaris 10 и более ранних с
модулем ngx_http_v3_module.
*) Исправления в HTTP/3.
Изменения в nginx 1.26.2 14.08.2024
*) Безопасность: обработка специально созданного mp4-файла модулем
ngx_http_mp4_module могла приводить к падению рабочего процесса
(CVE-2024-7347).
Спасибо Nils Bars.
Изменения в nginx 1.26.1 29.05.2024
*) Безопасность: при использовании HTTP/3 обработка специально созданной
QUIC-сессии могла приводить к падению рабочего процесса, отправке
клиенту содержимого памяти рабочего процесса на системах с MTU больше
4096 байт, а также потенциально могла иметь другие последствия
(CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161).
Спасибо Nils Bars из CISPA.
*) Исправление: уменьшено потребление памяти для долгоживущих запросов,
если используются директивы gzip, gunzip, ssi, sub_filter или
grpc_pass.
*) Исправление: nginx не собирался gcc 14, если использовался параметр
--with-libatomic.
Спасибо Edgar Bonet.
*) Исправление: в HTTP/3.
Изменения в nginx 1.26.0 23.04.2024
*) Стабильная ветка 1.26.x.
Изменения в nginx 1.25.5 16.04.2024
*) Добавление: виртуальные сервера в модуле stream.
*) Добавление: модуль ngx_stream_pass_module.
*) Добавление: параметры deferred, accept_filter и setfib директивы
listen в модуле stream.
*) Добавление: определение размера строки кеша процессора для некоторых
архитектур.
Спасибо Piotr Sikora.
*) Добавление: поддержка Homebrew на Apple Silicon.
Спасибо Piotr Sikora.
*) Исправление: улучшения и исправления кросс-компиляции для Windows.
Спасибо Piotr Sikora.
*) Исправление: неожиданное закрытие соединения при использовании 0-RTT
в QUIC.
Спасибо Владимиру Хомутову.
Изменения в nginx 1.25.4 14.02.2024
*) Безопасность: при использовании HTTP/3 в рабочем процессе мог
произойти segmentation fault во время обработки специально созданной
QUIC-сессии (CVE-2024-24989, CVE-2024-24990).
*) Исправление: соединения с незавершенными AIO-операциями могли
закрываться преждевременно во время плавного завершения старых
рабочих процессов.
*) Исправление: теперь nginx не пишет в лог сообщения об утечке сокетов,
если во время плавного завершения старых рабочих процессов было
запрошено быстрое завершение.
*) Исправление: при использовании AIO в подзапросе могла происходить
ошибка на сокете, утечка сокетов, либо segmentation fault в рабочем
процессе (при SSL-проксировании).
*) Исправление: в рабочем процессе мог произойти segmentation fault,
если использовалось SSL-проксирование и директива image_filter, а
ошибки с кодом 415 перенаправлялись с помощью директивы error_page.
*) Исправления и улучшения в HTTP/3.
Изменения в nginx 1.25.3 24.10.2023
*) Изменение: улучшено детектирование некорректного поведения клиентов
при использовании HTTP/2.
*) Добавление: уменьшение времени запуска при использовании большого
количества location'ов.
Спасибо Yusuke Nojima.
*) Исправление: при использовании HTTP/2 без SSL в рабочем процессе мог
произойти segmentation fault; ошибка появилась в 1.25.1.
*) Исправление: строка "Status" в заголовке ответа бэкенда с пустой
поясняющей фразой обрабатывалась некорректно.
*) Исправление: утечки памяти во время переконфигурации при
использовании библиотеки PCRE2.
Спасибо ZhenZhong Wu.
*) Исправления и улучшения в HTTP/3.
Изменения в nginx 1.25.2 15.08.2023
*) Добавление: path MTU discovery при использовании HTTP/3.
*) Добавление: поддержка шифра TLS_AES_128_CCM_SHA256 при использовании
HTTP/3.
*) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
appname "nginx".
*) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
если для сборки OpenSSL использовался параметр --with-openssl и
переменная окружения OPENSSL_CONF не установлена.
*) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.
*) Исправление: в HTTP/3.
Изменения в nginx 1.25.1 13.06.2023
*) Добавление: директива http2, позволяющая включать HTTP/2 в отдельных
блоках server; параметр http2 директивы listen объявлен устаревшим.
*) Изменение: поддержка HTTP/2 server push упразднена.
*) Изменение: устаревшая директива ssl больше не поддерживается.
*) Исправление: в HTTP/3 при использовании OpenSSL.
Изменения в nginx 1.25.0 23.05.2023
*) Добавление: экспериментальная поддержка HTTP/3.
Изменения в nginx 1.23.4 28.03.2023
*) Изменение: теперь протокол TLSv1.3 разрешён по умолчанию.
*) Изменение: теперь nginx выдаёт предупреждение при переопределении
параметров listen-сокета, задающих используемые протоколы.
*) Изменение: теперь, если клиент использует pipelining, nginx закрывает
соединения с ожиданием дополнительных данных (lingering close).
*) Добавление: поддержка byte ranges для ответов модуля
ngx_http_gzip_static_module.
*) Исправление: диапазоны портов в директиве listen не работали; ошибка
появилась в 1.23.3.
Спасибо Валентину Бартеневу.
*) Исправление: для обработки запроса мог быть выбран неверный location,
если в конфигурации использовался префиксный location длиннее 255
символов.
*) Исправление: не-ASCII символы в именах файлов на Windows не
поддерживались модулями ngx_http_autoindex_module и
ngx_http_dav_module, а также директивой include.
*) Изменение: уровень логгирования ошибок SSL "data length too long",
"length too short", "bad legacy version", "no shared signature
algorithms", "bad digest length", "missing sigalgs extension",
"encrypted length too long", "bad length", "bad key update", "mixed
handshake and non handshake data", "ccs received early", "data
between ccs and finished", "packet length too long", "too many warn
alerts", "record too small", и "got a fin before a ccs" понижен с
уровня crit до info.
*) Исправление: при использовании HTTP/2 и директивы error_page для
перенаправления ошибок с кодом 400 могла происходить утечка сокетов.
*) Исправление: сообщения об ошибках записи в syslog не содержали
информации о том, что ошибки происходили в процессе записи в syslog.
Спасибо Safar Safarly.
*) Изменение: при использовании zlib-ng в логах появлялись сообщения
"gzip filter failed to use preallocated memory".
*) Исправление: в почтовом прокси-сервере.
Изменения в nginx 1.23.3 13.12.2022
*) Исправление: при чтении заголовка протокола PROXY версии 2,
содержащего большое количество TLV, могла возникать ошибка.
*) Исправление: при использовании SSI для обработки подзапросов,
созданных другими модулями, в рабочем процессе мог произойти
segmentation fault.
Спасибо Ciel Zhao.
*) Изменение: теперь, если при преобразовании в адреса имени хоста,
указанного в директиве listen, возвращается несколько адресов, nginx
игнорирует дубликаты среди этих адресов.
*) Исправление: nginx мог нагружать процессор при небуферизированном
проксировании, если использовались SSL-соединения с бэкендами.
Изменения в nginx 1.23.2 19.10.2022
*) Безопасность: обработка специально созданного mp4-файла модулем
ngx_http_mp4_module могла приводить к падению рабочего процесса,
отправке клиенту части содержимого памяти рабочего процесса, а также
потенциально могла иметь другие последствия (CVE-2022-41741,
CVE-2022-41742).
*) Добавление: переменные "$proxy_protocol_tlv_...".
*) Добавление: ключи шифрования TLS session tickets теперь автоматически
меняются при использовании разделяемой памяти в ssl_session_cache.
*) Изменение: уровень логгирования ошибок SSL "bad record type" понижен
с уровня crit до info.
Спасибо Murilo Andrade.
*) Изменение: теперь при использовании разделяемой памяти в
ssl_session_cache сообщения "could not allocate new session"
логгируются на уровне warn вместо alert и не чаще одного раза в
секунду.
*) Исправление: nginx/Windows не собирался с OpenSSL 3.0.x.
*) Исправление: в логгировании ошибок протокола PROXY.
Спасибо Сергею Брестеру.
*) Изменение: при использовании TLSv1.3 с OpenSSL разделяемая память из
ssl_session_cache расходовалась в том числе на сессии, использующие
TLS session tickets.
*) Изменение: таймаут, заданный с помощью директивы ssl_session_timeout,
не работал при использовании TLSv1.3 с OpenSSL или BoringSSL.
Изменения в nginx 1.23.1 19.07.2022
*) Добавление: оптимизация использования памяти в конфигурациях с
SSL-проксированием.
*) Добавление: теперь с помощью параметра "ipv4=off" директивы
"resolver" можно запретить поиск IPv4-адресов при преобразовании имён
в адреса.
*) Изменение: уровень логгирования ошибок SSL "bad key share", "bad
extension", "bad cipher" и "bad ecpoint" понижен с уровня crit до
info.
*) Исправление: при возврате диапазонов nginx не удалял строку заголовка
"Content-Range", если она присутствовала в исходном ответе бэкенда.
*) Исправление: проксированный ответ мог быть отправлен не полностью при
переконфигурации на Linux; ошибка появилась в 1.17.5.
Изменения в nginx 1.23.0 21.06.2022
*) Изменение во внутреннем API: теперь строки заголовков представлены
связными списками.
*) Изменение: теперь nginx объединяет произвольные строки заголовков с
одинаковыми именами при отправке на FastCGI-, SCGI- и uwsgi-бэкенды,
в методе $r->header_in() модуля ngx_http_perl_module, и при доступе
через переменные "$http_...", "$sent_http_...", "$sent_trailer_...",
"$upstream_http_..." и "$upstream_trailer_...".
*) Исправление: если в заголовке ответа бэкенда было несколько строк
"Vary", при кэшировании nginx учитывал только последнюю из них.
*) Исправление: если в заголовке ответа бэкенда было несколько строк
"WWW-Authenticate" и использовался перехват ошибок с кодом 401 от
бэкенда или директива auth_request, nginx пересылал клиенту только
первую из этих строк.
*) Изменение: уровень логгирования ошибок SSL "application data after
close notify" понижен с уровня crit до info.
*) Исправление: соединения могли зависать, если nginx был собран на
Linux 2.6.17 и новее, а использовался на системах без поддержки
EPOLLRDHUP, в частности, на системах с эмуляцией epoll; ошибка
появилась в 1.17.5.
Спасибо Marcus Ball.
*) Исправление: nginx не кэшировал ответ, если строка заголовка ответа
"Expires" запрещала кэширование, а последующая строка заголовка
"Cache-Control" разрешала кэширование.
Изменения в nginx 1.21.6 25.01.2022
*) Исправление: при использование EPOLLEXCLUSIVE на Linux распределение
клиентских соединений между рабочими процессами было неравномерным.
*) Исправление: во время плавного завершения старых рабочих процессов
nginx возвращал в ответах строку заголовка "Connection: keep-alive".
*) Исправление: в директиве ssl_session_ticket_key при использовании
TLSv1.3.
Изменения в nginx 1.21.5 28.12.2021
*) Изменение: теперь nginx по умолчанию собирается с библиотекой PCRE2.
*) Изменение: теперь nginx всегда использует sendfile(SF_NODISKIO) на
FreeBSD.
*) Добавление: поддержка sendfile(SF_NOCACHE) на FreeBSD.
*) Добавление: переменная $ssl_curve.
*) Исправление: при использовании HTTP/2 без SSL вместе с директивами
sendfile и aio соединения могли зависать.
Изменения в nginx 1.21.4 02.11.2021
*) Изменение: поддержка NPN вместо ALPN для установления
HTTP/2-соединений упразднена.
*) Изменение: теперь nginx закрывает SSL соединение, если клиент
использует ALPN, но nginx не поддерживает ни один из присланных
клиентом протоколов.
*) Изменение: в директиве sendfile_max_chunk значение по умолчанию
изменено на 2 мегабайта.
*) Добавление: директива proxy_half_close в модуле stream.
*) Добавление: директива ssl_alpn в модуле stream.
*) Добавление: переменная $ssl_alpn_protocol.
*) Добавление: поддержка SSL_sendfile() при использовании OpenSSL 3.0.
*) Добавление: директива mp4_start_key_frame в модуле
ngx_http_mp4_module.
Спасибо Tracey Jaquith.
*) Исправление: в переменной $content_length при использовании chunked
transfer encoding.
*) Исправление: при получении ответа некорректной длины от проксируемого
бэкенда nginx мог тем не менее закэшировать соединение.
Спасибо Awdhesh Mathpal.
*) Исправление: некорректные заголовки от бэкендов логгировались на
уровне info вместо error; ошибка появилась в 1.21.1.
*) Исправление: при использовании HTTP/2 и директивы aio_write запросы
могли зависать.
Изменения в nginx 1.21.3 07.09.2021
*) Изменение: оптимизация чтения тела запроса при использовании HTTP/2.
*) Исправление: во внутреннем API для обработки тела запроса при
использовании HTTP/2 и буферизации обрабатываемых данных.
Изменения в nginx 1.21.2 31.08.2021
*) Изменение: теперь nginx возвращает ошибку, если в запросе по
протоколу HTTP/1.0 присутствует строка заголовка "Transfer-Encoding".
*) Изменение: экспортные шифры больше не поддерживаются.
*) Добавление: совместимость с OpenSSL 3.0.
*) Добавление: теперь серверу аутентификации почтового прокси-сервера
передаются строки заголовка "Auth-SSL-Protocol" и "Auth-SSL-Cipher".
Спасибо Rob Mueller.
*) Добавление: API для обработки тела запроса теперь позволяет
буферизировать обрабатываемые данные.
*) Исправление: SSL-соединения к бэкендам в модуле stream могли зависать
после SSL handshake.
*) Исправление: уровень безопасности, доступный в OpenSSL 1.1.0 и новее,
не учитывался при загрузке сертификатов сервера, если был задан через
"@SECLEVEL=N" в директиве ssl_ciphers.
*) Исправление: SSL-соединения с gRPC-бэкендами могли зависать, если
использовались методы select, poll или /dev/poll.
*) Исправление: при использовании HTTP/2 тело запроса всегда
записывалось на диск, если в запросе не было строки заголовка
"Content-Length".
Изменения в nginx 1.21.1 06.07.2021
*) Изменение: теперь nginx для метода CONNECT всегда возвращает ошибку.
*) Изменение: теперь nginx всегда возвращает ошибку, если в запросе
одновременно присутствуют строки заголовка "Content-Length" и
"Transfer-Encoding".
*) Изменение: теперь nginx всегда возвращает ошибку, если в строке
запроса используются пробелы или управляющие символы.
*) Изменение: теперь nginx всегда возвращает ошибку, если в имени
заголовка используются пробелы или управляющие символы.
*) Изменение: теперь nginx всегда возвращает ошибку, если в строке
"Host" заголовка запроса используются пробелы или управляющие
символы.
*) Изменение: оптимизация тестирования конфигурации при использовании
большого количества listen-сокетов.
*) Исправление: nginx не экранировал символы """, "<", ">", "\", "^",
"`", "{", "|", и "}" при проксировании с изменением URI запроса.
*) Исправление: SSL-переменные могли быть пустыми при записи в лог;
ошибка появилась в 1.19.5.
*) Исправление: keepalive-соединения с gRPC-бэкендами могли не
закрываться после получения GOAWAY-фрейма.
*) Исправление: уменьшено потребление памяти для долгоживущих запросов
при проксировании с использованием более 64 буферов.
Изменения в nginx 1.21.0 25.05.2021
*) Безопасность: при использовании директивы resolver во время обработки
ответа DNS-сервера могла происходить перезапись одного байта памяти,
что позволяло атакующему, имеющему возможность подделывать UDP-пакеты
от DNS-сервера, вызвать падение рабочего процесса или, потенциально,
выполнение произвольного кода (CVE-2021-23017).
*) Добавление: директивы proxy_ssl_certificate,
proxy_ssl_certificate_key, grpc_ssl_certificate,
grpc_ssl_certificate_key, uwsgi_ssl_certificate и
uwsgi_ssl_certificate_key поддерживают переменные.
*) Добавление: директива max_errors в почтовом прокси-сервере.
*) Добавление: почтовый прокси-сервер поддерживает POP3 и IMAP
pipelining.
*) Добавление: параметр fastopen директивы listen в модуле stream.
Спасибо Anbang Wen.
*) Исправление: специальные символы не экранировались при автоматическом
перенаправлении с добавлением завершающего слэша.
*) Исправление: при использовании SMTP pipelining соединения с клиентами
в почтовом прокси-сервере могли неожиданно закрываться.
Изменения в nginx 1.19.10 13.04.2021
*) Изменение: в директиве keepalive_requests значение по умолчанию
изменено на 1000.
*) Добавление: директива keepalive_time.
*) Добавление: переменная $connection_time.
*) Изменение: при использовании zlib-ng в логах появлялись сообщения
"gzip filter failed to use preallocated memory".
Изменения в nginx 1.19.9 30.03.2021
*) Исправление: nginx не собирался с почтовым прокси-сервером, но без
модуля ngx_mail_ssl_module; ошибка появилась в 1.19.8.
*) Исправление: при работе с gRPC-бэкендами могли возникать ошибки
"upstream sent response body larger than indicated content length";
ошибка появилась в 1.19.1.
*) Исправление: если клиент закрывал соединение в момент отбрасывания
тела запроса, nginx мог не закрыть соединение до истечения
keepalive-таймаута.
*) Исправление: при ожидании задержки limit_req или auth_delay, а также
при работе с бэкендами nginx мог не обнаружить, что соединение уже
закрыто клиентом.
*) Исправление: в методе обработки соединений eventport.
Изменения в nginx 1.19.8 09.03.2021
*) Добавление: в директиве proxy_cookie_flags теперь флаги можно
задавать с помощью переменных.
*) Добавление: параметр proxy_protocol в директиве listen, директивы
proxy_protocol и set_real_ip_from в почтовом прокси-сервере.
*) Исправление: HTTP/2-соединения сразу закрывались при использовании
"keepalive_timeout 0"; ошибка появилась в 1.19.7.
*) Исправление: некоторые ошибки логгировались как неизвестные, если
nginx был собран с glibc 2.32.
*) Исправление: в методе обработки соединений eventport.
Изменения в nginx 1.19.7 16.02.2021
*) Изменение: обработка соединений в HTTP/2 была изменена и теперь более
соответствует HTTP/1.x; директивы http2_recv_timeout,
http2_idle_timeout и http2_max_requests упразднены, вместо них
следует использовать директивы keepalive_timeout и
keepalive_requests.
*) Изменение: директивы http2_max_field_size и http2_max_header_size
упразднены, вместо них следует использовать директиву
large_client_header_buffers.
*) Добавление: теперь при исчерпании свободных соединений nginx
закрывает не только keepalive-соединения, но и соединения в lingering
close.
*) Исправление: в логах могли появляться сообщения "zero size buf in
output", если бэкенд возвращал некорректный ответ при
небуферизированном проксировании; ошибка появилась в 1.19.1.
*) Исправление: при использовании директивы return вместе с image_filter
или xslt_stylesheet HEAD-запросы обрабатывались некорректно.
*) Исправление: в директиве add_trailer.
Изменения в nginx 1.19.6 15.12.2020
*) Исправление: ошибки "no live upstreams", если server в блоке upstream
был помечен как down.
*) Исправление: при использовании HTTPS в рабочем процессе мог произойти
segmentation fault; ошибка появилась в 1.19.5.
*) Исправление: nginx возвращал ошибку 400 на запросы вида
"GET http://example.com?args HTTP/1.0".
*) Исправление: в модулях ngx_http_flv_module и ngx_http_mp4_module.
Спасибо Chris Newton.
Изменения в nginx 1.19.5 24.11.2020
*) Добавление: ключ -e.
*) Добавление: при сборке дополнительных модулей теперь можно указывать
одни и те же исходные файлы в разных модулях.
*) Исправление: SSL shutdown не работал при закрытии соединений с
ожиданием дополнительных данных (lingering close).
*) Исправление: при работе с gRPC-бэкендами могли возникать ошибки
"upstream sent frame for closed stream".
*) Исправление: во внутреннем API для обработки тела запроса.
Изменения в nginx 1.19.4 27.10.2020
*) Добавление: директивы ssl_conf_command, proxy_ssl_conf_command,
grpc_ssl_conf_command и uwsgi_ssl_conf_command.
*) Добавление: директива ssl_reject_handshake.
*) Добавление: директива proxy_smtp_auth в почтовом прокси-сервере.
Изменения в nginx 1.19.3 29.09.2020
*) Добавление: модуль ngx_stream_set_module.
*) Добавление: директива proxy_cookie_flags.
*) Добавление: директива userid_flags.
*) Исправление: расширение управления кэшированием stale-if-error
ошибочно применялось, если бэкенд возвращал ответ с кодом 500, 502,
503, 504, 403, 404 или 429.
*) Исправление: если использовалось кэширование и бэкенд возвращал
ответы с строкой заголовка Vary, в логах могли появляться сообщения
"[crit] cache file ... has too long header".
*) Изменение: при использовании OpenSSL 1.1.1 в логах могли появляться
сообщения "[crit] SSL_write() failed".
*) Исправление: в логах могли появляться сообщения "SSL_shutdown()
failed (SSL: ... bad write retry)"; ошибка появилась в 1.19.2.
*) Исправление: при использовании HTTP/2 в рабочем процессе мог
произойти segmentation fault, если ошибки с кодом 400 с помощью
директивы error_page перенаправлялись в проксируемый location.
*) Исправление: утечки сокетов при использовании HTTP/2 и подзапросов в
модуле njs.
Изменения в nginx 1.19.2 11.08.2020
*) Изменение: теперь nginx начинает закрывать keepalive-соединения, не
дожидаясь исчерпания всех свободных соединений, а также пишет об этом
предупреждение в лог ошибок.
*) Изменение: оптимизация чтения тела запроса при использовании chunked
transfer encoding.
*) Исправление: утечки памяти при использовании директивы ssl_ocsp.
*) Исправление: в логах могли появляться сообщения "zero size buf in
output", если FastCGI-сервер возвращал некорректный ответ; ошибка
появилась в 1.19.1.
*) Исправление: в рабочем процессе мог произойти segmentation fault,
если размеры large_client_header_buffers отличались в разных
виртуальных серверах.
*) Исправление: SSL shutdown мог не работать.
*) Исправление: в логах могли появляться сообщения "SSL_shutdown()
failed (SSL: ... bad write retry)".
*) Исправление: в модуле ngx_http_slice_module.
*) Исправление: в модуле ngx_http_xslt_filter_module.
Изменения в nginx 1.19.1 07.07.2020
*) Изменение: директивы lingering_close, lingering_time и
lingering_timeout теперь работают при использовании HTTP/2.
*) Изменение: теперь лишние данные, присланные бэкендом, всегда
отбрасываются.
*) Изменение: теперь при получении слишком короткого ответа от
FastCGI-сервера nginx пытается отправить клиенту доступную часть
ответа, после чего закрывает соединение с клиентом.
*) Изменение: теперь при получении ответа некорректной длины от
gRPC-бэкенда nginx прекращает обработку ответа с ошибкой.
*) Добавление: параметр min_free в директивах proxy_cache_path,
fastcgi_cache_path, scgi_cache_path и uwsgi_cache_path.
Спасибо Adam Bambuch.
*) Исправление: nginx не удалял unix domain listen-сокеты при плавном
завершении по сигналу SIGQUIT.
*) Исправление: UDP-пакеты нулевого размера не проксировались.
*) Исправление: проксирование на uwsgi-бэкенды с использованием SSL
могло не работать.
Спасибо Guanzhong Chen.
*) Исправление: в обработке ошибок при использовании директивы ssl_ocsp.
*) Исправление: при использовании файловых систем XFS и NFS размер кэша
на диске мог считаться некорректно.
*) Исправление: если сервер memcached возвращал некорректный ответ, в
логах могли появляться сообщения "negative size buf in writer".
Изменения в nginx 1.19.0 26.05.2020
*) Добавление: проверка клиентских сертификатов с помощью OCSP.
*) Исправление: при работе с gRPC-бэкендами могли возникать ошибки
"upstream sent frame for closed stream".
*) Исправление: OCSP stapling мог не работать, если не была указана
директива resolver.
*) Исправление: соединения с некорректным HTTP/2 preface не
логгировались.
*) Стабильная ветка 1.18.x.
Изменения в nginx 1.17.10 14.04.2020

4
LICENSE
View file

@ -1,6 +1,6 @@
/*
* Copyright (C) 2002-2021 Igor Sysoev
* Copyright (C) 2011-2024 Nginx, Inc.
* Copyright (C) 2002-2019 Igor Sysoev
* Copyright (C) 2011-2019 Nginx, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without

2
auto/cc/conf
View file

@ -117,7 +117,7 @@ else
. auto/cc/acc
;;
msvc)
msvc*)
# MSVC++ 6.0 SP2, MSVC++ Toolkit 2003
. auto/cc/msvc

19
auto/cc/msvc
View file

@ -11,8 +11,8 @@
# MSVC 2015 (14.0) cl 19.00
NGX_MSVC_VER=`$NGX_WINE $CC 2>&1 | grep 'C/C++.* [0-9][0-9]*\.[0-9]' 2>&1 \
| sed -e 's/^.* \([0-9][0-9]*\.[0-9].*\)/\1/'`
NGX_MSVC_VER=`$NGX_WINE $CC 2>&1 | grep 'Compiler Version' 2>&1 \
| sed -e 's/^.* Version \(.*\)/\1/'`
echo " + cl version: $NGX_MSVC_VER"
@ -22,21 +22,6 @@ have=NGX_COMPILER value="\"cl $NGX_MSVC_VER\"" . auto/define
ngx_msvc_ver=`echo $NGX_MSVC_VER | sed -e 's/^\([0-9]*\).*/\1/'`
# detect x64 builds
case "$NGX_MSVC_VER" in
*x64)
NGX_MACHINE=amd64
;;
*)
NGX_MACHINE=i386
;;
esac
# optimizations
# maximize speed, equivalent to -Og -Oi -Ot -Oy -Ob2 -Gs -GF -Gy

2
auto/init
View file

@ -48,6 +48,4 @@ default: build
clean:
rm -rf Makefile $NGX_OBJS
.PHONY: default clean
END

4
auto/install
View file

@ -112,7 +112,7 @@ install: build $NGX_INSTALL_PERL_MODULES
test ! -f '\$(DESTDIR)$NGX_SBIN_PATH' \\
|| mv '\$(DESTDIR)$NGX_SBIN_PATH' \\
'\$(DESTDIR)$NGX_SBIN_PATH.old'
cp $NGX_OBJS/nginx$ngx_binext '\$(DESTDIR)$NGX_SBIN_PATH'
cp $NGX_OBJS/nginx '\$(DESTDIR)$NGX_SBIN_PATH'
test -d '\$(DESTDIR)$NGX_CONF_PREFIX' \\
|| mkdir -p '\$(DESTDIR)$NGX_CONF_PREFIX'
@ -215,6 +215,4 @@ upgrade:
test -f $NGX_PID_PATH.oldbin
kill -QUIT \`cat $NGX_PID_PATH.oldbin\`
.PHONY: build install modules upgrade
END

17
auto/lib/geoip/conf
View file

@ -64,23 +64,6 @@ if [ $ngx_found = no ]; then
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="GeoIP library in /opt/homebrew/"
ngx_feature_path="/opt/homebrew/include"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lGeoIP"
else
ngx_feature_libs="-L/opt/homebrew/lib -lGeoIP"
fi
. auto/feature
fi
if [ $ngx_found = yes ]; then
CORE_INCS="$CORE_INCS $ngx_feature_path"

16
auto/lib/google-perftools/conf
View file

@ -46,22 +46,6 @@ if [ $ngx_found = no ]; then
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="Google perftools in /opt/homebrew/"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lprofiler"
else
ngx_feature_libs="-L/opt/homebrew/lib -lprofiler"
fi
. auto/feature
fi
if [ $ngx_found = yes ]; then
CORE_LIBS="$CORE_LIBS $ngx_feature_libs"

6
auto/lib/libatomic/conf
View file

@ -7,8 +7,8 @@ if [ $NGX_LIBATOMIC != YES ]; then
have=NGX_HAVE_LIBATOMIC . auto/have
CORE_INCS="$CORE_INCS $NGX_LIBATOMIC/src"
LINK_DEPS="$LINK_DEPS $NGX_LIBATOMIC/build/lib/libatomic_ops.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBATOMIC/build/lib/libatomic_ops.a"
LINK_DEPS="$LINK_DEPS $NGX_LIBATOMIC/src/libatomic_ops.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBATOMIC/src/libatomic_ops.a"
else
@ -19,7 +19,7 @@ else
#include <atomic_ops.h>"
ngx_feature_path=
ngx_feature_libs="-latomic_ops"
ngx_feature_test="AO_t n = 0;
ngx_feature_test="long n = 0;
if (!AO_compare_and_swap(&n, 0, 1))
return 1;
if (AO_fetch_and_add(&n, 1) != 1)

11
auto/lib/libatomic/make
View file

@ -3,19 +3,14 @@
# Copyright (C) Nginx, Inc.
case $NGX_LIBATOMIC in
/*) ngx_prefix="$NGX_LIBATOMIC/build" ;;
*) ngx_prefix="$PWD/$NGX_LIBATOMIC/build" ;;
esac
cat << END >> $NGX_MAKEFILE
$NGX_LIBATOMIC/build/lib/libatomic_ops.a: $NGX_LIBATOMIC/Makefile
cd $NGX_LIBATOMIC && \$(MAKE) && \$(MAKE) install
$NGX_LIBATOMIC/src/libatomic_ops.a: $NGX_LIBATOMIC/Makefile
cd $NGX_LIBATOMIC && \$(MAKE)
$NGX_LIBATOMIC/Makefile: $NGX_MAKEFILE
cd $NGX_LIBATOMIC \\
&& if [ -f Makefile ]; then \$(MAKE) distclean; fi \\
&& ./configure --prefix=$ngx_prefix
&& ./configure
END

17
auto/lib/libgd/conf
View file

@ -65,23 +65,6 @@ if [ $ngx_found = no ]; then
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="GD library in /opt/homebrew/"
ngx_feature_path="/opt/homebrew/include"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lgd"
else
ngx_feature_libs="-L/opt/homebrew/lib -lgd"
fi
. auto/feature
fi
if [ $ngx_found = yes ]; then
CORE_INCS="$CORE_INCS $ngx_feature_path"

63
auto/lib/openssl/conf
View file

@ -5,19 +5,12 @@
if [ $OPENSSL != NONE ]; then
have=NGX_OPENSSL . auto/have
have=NGX_SSL . auto/have
have=NGX_OPENSSL_NO_CONFIG . auto/have
if [ $USE_OPENSSL_QUIC = YES ]; then
have=NGX_QUIC . auto/have
have=NGX_QUIC_OPENSSL_COMPAT . auto/have
fi
case "$CC" in
cl | bcc32)
have=NGX_OPENSSL . auto/have
have=NGX_SSL . auto/have
CFLAGS="$CFLAGS -DNO_SYS_TYPES_H"
CORE_INCS="$CORE_INCS $OPENSSL/openssl/include"
@ -40,6 +33,9 @@ if [ $OPENSSL != NONE ]; then
;;
*)
have=NGX_OPENSSL . auto/have
have=NGX_SSL . auto/have
CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
@ -122,58 +118,11 @@ else
. auto/feature
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="OpenSSL library in /opt/homebrew/"
ngx_feature_path="/opt/homebrew/include"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lssl -lcrypto"
else
ngx_feature_libs="-L/opt/homebrew/lib -lssl -lcrypto"
fi
ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"
. auto/feature
fi
if [ $ngx_found = yes ]; then
have=NGX_SSL . auto/have
CORE_INCS="$CORE_INCS $ngx_feature_path"
CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
OPENSSL=YES
if [ $USE_OPENSSL_QUIC = YES ]; then
ngx_feature="OpenSSL QUIC support"
ngx_feature_name="NGX_QUIC"
ngx_feature_test="SSL_set_quic_method(NULL, NULL)"
. auto/feature
if [ $ngx_found = no ]; then
have=NGX_QUIC_OPENSSL_COMPAT . auto/have
ngx_feature="OpenSSL QUIC compatibility"
ngx_feature_test="SSL_CTX_add_custom_ext(NULL, 0, 0,
NULL, NULL, NULL, NULL, NULL)"
. auto/feature
fi
if [ $ngx_found = no ]; then
cat << END
$0: error: certain modules require OpenSSL QUIC support.
You can either do not enable the modules, or install the OpenSSL library with
QUIC support into the system, or build the OpenSSL library with QUIC support
statically from the source with nginx by using --with-openssl=<path> option.
END
exit 1
fi
fi
fi
fi

15
auto/lib/openssl/make
View file

@ -7,24 +7,11 @@ case "$CC" in
cl)
case "$NGX_MACHINE" in
amd64)
OPENSSL_TARGET=VC-WIN64A
;;
*)
OPENSSL_TARGET=VC-WIN32
;;
esac
cat << END >> $NGX_MAKEFILE
$OPENSSL/openssl/include/openssl/ssl.h: $NGX_MAKEFILE
\$(MAKE) -f auto/lib/openssl/makefile.msvc \
OPENSSL="$OPENSSL" OPENSSL_OPT="$OPENSSL_OPT" \
OPENSSL_TARGET="$OPENSSL_TARGET"
OPENSSL="$OPENSSL" OPENSSL_OPT="$OPENSSL_OPT"
END

2
auto/lib/openssl/makefile.msvc
View file

@ -6,7 +6,7 @@
all:
cd $(OPENSSL)
perl Configure $(OPENSSL_TARGET) no-shared no-threads \
perl Configure VC-WIN32 no-shared \
--prefix="%cd%/openssl" \
--openssldir="%cd%/openssl/ssl" \
$(OPENSSL_OPT)

180
auto/lib/pcre/conf
View file

@ -4,62 +4,87 @@
if [ $PCRE != NONE ]; then
CORE_INCS="$CORE_INCS $PCRE"
if [ -f $PCRE/src/pcre2.h.generic ]; then
case "$NGX_CC_NAME" in
PCRE_LIBRARY=PCRE2
have=NGX_PCRE . auto/have
have=NGX_PCRE2 . auto/have
if [ "$NGX_PLATFORM" = win32 ]; then
have=PCRE2_STATIC . auto/have
fi
CORE_INCS="$CORE_INCS $PCRE/src/"
CORE_DEPS="$CORE_DEPS $PCRE/src/pcre2.h"
case "$NGX_CC_NAME" in
msvc)
LINK_DEPS="$LINK_DEPS $PCRE/src/pcre2-8.lib"
CORE_LIBS="$CORE_LIBS $PCRE/src/pcre2-8.lib"
;;
*)
LINK_DEPS="$LINK_DEPS $PCRE/.libs/libpcre2-8.a"
CORE_LIBS="$CORE_LIBS $PCRE/.libs/libpcre2-8.a"
;;
esac
else
PCRE_LIBRARY=PCRE
have=NGX_PCRE . auto/have
if [ "$NGX_PLATFORM" = win32 ]; then
msvc | owc | bcc)
have=NGX_PCRE . auto/have
have=PCRE_STATIC . auto/have
fi
CORE_DEPS="$CORE_DEPS $PCRE/pcre.h"
LINK_DEPS="$LINK_DEPS $PCRE/pcre.lib"
CORE_LIBS="$CORE_LIBS $PCRE/pcre.lib"
;;
CORE_INCS="$CORE_INCS $PCRE"
CORE_DEPS="$CORE_DEPS $PCRE/pcre.h"
icc)
have=NGX_PCRE . auto/have
CORE_DEPS="$CORE_DEPS $PCRE/pcre.h"
case "$NGX_CC_NAME" in
LINK_DEPS="$LINK_DEPS $PCRE/.libs/libpcre.a"
msvc | owc | bcc)
LINK_DEPS="$LINK_DEPS $PCRE/pcre.lib"
CORE_LIBS="$CORE_LIBS $PCRE/pcre.lib"
;;
echo $ngx_n "checking for PCRE library ...$ngx_c"
*)
LINK_DEPS="$LINK_DEPS $PCRE/.libs/libpcre.a"
CORE_LIBS="$CORE_LIBS $PCRE/.libs/libpcre.a"
;;
if [ -f $PCRE/pcre.h ]; then
ngx_pcre_ver=`grep PCRE_MAJOR $PCRE/pcre.h \
| sed -e 's/^.*PCRE_MAJOR.* \(.*\)$/\1/'`
else if [ -f $PCRE/configure.in ]; then
ngx_pcre_ver=`grep PCRE_MAJOR= $PCRE/configure.in \
| sed -e 's/^.*=\(.*\)$/\1/'`
else
ngx_pcre_ver=`grep pcre_major, $PCRE/configure.ac \
| sed -e 's/^.*pcre_major,.*\[\(.*\)\].*$/\1/'`
fi
fi
echo " $ngx_pcre_ver major version found"
# to allow -ipo optimization we link with the *.o but not library
case "$ngx_pcre_ver" in
4|5)
CORE_LIBS="$CORE_LIBS $PCRE/pcre.o"
;;
6)
CORE_LIBS="$CORE_LIBS $PCRE/pcre_chartables.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_compile.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_exec.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_fullinfo.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_globals.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_tables.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_try_flipped.o"
;;
*)
CORE_LIBS="$CORE_LIBS $PCRE/pcre_chartables.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_compile.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_exec.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_fullinfo.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_globals.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_tables.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_try_flipped.o"
CORE_LIBS="$CORE_LIBS $PCRE/pcre_newline.o"
;;
esac
;;
*)
have=NGX_PCRE . auto/have
if [ "$NGX_PLATFORM" = win32 ]; then
have=PCRE_STATIC . auto/have
fi
CORE_DEPS="$CORE_DEPS $PCRE/pcre.h"
LINK_DEPS="$LINK_DEPS $PCRE/.libs/libpcre.a"
CORE_LIBS="$CORE_LIBS $PCRE/.libs/libpcre.a"
;;
esac
esac
fi
if [ $PCRE_JIT = YES ]; then
have=NGX_HAVE_PCRE_JIT . auto/have
@ -69,48 +94,8 @@ if [ $PCRE != NONE ]; then
else
if [ "$NGX_PLATFORM" != win32 ]; then
PCRE=NO
fi
if [ $PCRE = NO -a $PCRE2 != DISABLED ]; then
ngx_feature="PCRE2 library"
ngx_feature_name="NGX_PCRE2"
ngx_feature_run=no
ngx_feature_incs="#define PCRE2_CODE_UNIT_WIDTH 8
#include <pcre2.h>"
ngx_feature_path=
ngx_feature_libs="-lpcre2-8"
ngx_feature_test="pcre2_code *re;
re = pcre2_compile(NULL, 0, 0, NULL, NULL, NULL);
if (re == NULL) return 1"
. auto/feature
if [ $ngx_found = no ]; then
# pcre2-config
ngx_pcre2_prefix=`pcre2-config --prefix 2>/dev/null`
if [ -n "$ngx_pcre2_prefix" ]; then
ngx_feature="PCRE2 library in $ngx_pcre2_prefix"
ngx_feature_path=`pcre2-config --cflags \
| sed -n -e 's/.*-I *\([^ ][^ ]*\).*/\1/p'`
ngx_feature_libs=`pcre2-config --libs8`
. auto/feature
fi
fi
if [ $ngx_found = yes ]; then
have=NGX_PCRE . auto/have
CORE_INCS="$CORE_INCS $ngx_feature_path"
CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
PCRE=YES
PCRE_LIBRARY=PCRE2
fi
fi
if [ $PCRE = NO ]; then
ngx_feature="PCRE library"
ngx_feature_name="NGX_PCRE"
@ -182,27 +167,10 @@ else
. auto/feature
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="PCRE library in /opt/homebrew/"
ngx_feature_path="/opt/homebrew/include"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lpcre"
else
ngx_feature_libs="-L/opt/homebrew/lib -lpcre"
fi
. auto/feature
fi
if [ $ngx_found = yes ]; then
CORE_INCS="$CORE_INCS $ngx_feature_path"
CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
PCRE=YES
PCRE_LIBRARY=PCRE
fi
if [ $PCRE = YES ]; then

153
auto/lib/pcre/make
View file

@ -3,139 +3,36 @@
# Copyright (C) Nginx, Inc.
if [ $PCRE_LIBRARY = PCRE2 ]; then
case "$NGX_CC_NAME" in
# PCRE2
msvc)
ngx_makefile=makefile.msvc
ngx_opt="CPU_OPT=\"$CPU_OPT\" LIBC=$LIBC"
ngx_pcre="PCRE=\"$PCRE\""
;;
if [ $NGX_CC_NAME = msvc ]; then
owc)
ngx_makefile=makefile.owc
ngx_opt="CPU_OPT=\"$CPU_OPT\""
ngx_pcre=`echo PCRE=\"$PCRE\" | sed -e "s/\//$ngx_regex_dirsep/g"`
;;
# With PCRE2, it is not possible to compile all sources.
# Since list of source files changes between versions, we
# test files which might not be present.
bcc)
ngx_makefile=makefile.bcc
ngx_opt="-DCPU_OPT=\"$CPU_OPT\""
ngx_pcre=`echo \-DPCRE=\"$PCRE\" | sed -e "s/\//$ngx_regex_dirsep/g"`
;;
ngx_pcre_srcs="pcre2_auto_possess.c \
pcre2_chartables.c \
pcre2_compile.c \
pcre2_config.c \
pcre2_context.c \
pcre2_dfa_match.c \
pcre2_error.c \
pcre2_jit_compile.c \
pcre2_maketables.c \
pcre2_match.c \
pcre2_match_data.c \
pcre2_newline.c \
pcre2_ord2utf.c \
pcre2_pattern_info.c \
pcre2_string_utils.c \
pcre2_study.c \
pcre2_substitute.c \
pcre2_substring.c \
pcre2_tables.c \
pcre2_ucd.c \
pcre2_valid_utf.c \
pcre2_xclass.c"
*)
ngx_makefile=
;;
ngx_pcre_test="pcre2_chkdint.c \
pcre2_convert.c \
pcre2_extuni.c \
pcre2_find_bracket.c \
pcre2_script_run.c \
pcre2_serialize.c"
for ngx_src in $ngx_pcre_test
do
if [ -f $PCRE/src/$ngx_src ]; then
ngx_pcre_srcs="$ngx_pcre_srcs $ngx_src"
fi
done
ngx_pcre_objs=`echo $ngx_pcre_srcs \
| sed -e "s#\([^ ]*\.\)c#\1$ngx_objext#g"`
ngx_pcre_srcs=`echo $ngx_pcre_srcs \
| sed -e "s/ *\([^ ][^ ]*\)/$ngx_regex_cont\1/g"`
ngx_pcre_objs=`echo $ngx_pcre_objs \
| sed -e "s/ *\([^ ][^ ]*\)/$ngx_regex_cont\1/g"`
cat << END >> $NGX_MAKEFILE
PCRE_CFLAGS = -O2 -Ob1 -Oi -Gs $LIBC $CPU_OPT
PCRE_FLAGS = -DHAVE_CONFIG_H -DPCRE2_STATIC -DPCRE2_CODE_UNIT_WIDTH=8 \\
-DHAVE_MEMMOVE
PCRE_SRCS = $ngx_pcre_srcs
PCRE_OBJS = $ngx_pcre_objs
$PCRE/src/pcre2.h:
cd $PCRE/src \\
&& copy /y config.h.generic config.h \\
&& copy /y pcre2.h.generic pcre2.h \\
&& copy /y pcre2_chartables.c.dist pcre2_chartables.c
$PCRE/src/pcre2-8.lib: $PCRE/src/pcre2.h $NGX_MAKEFILE
cd $PCRE/src \\
&& cl -nologo -c \$(PCRE_CFLAGS) -I . \$(PCRE_FLAGS) \$(PCRE_SRCS) \\
&& link -lib -out:pcre2-8.lib -verbose:lib \$(PCRE_OBJS)
END
else
cat << END >> $NGX_MAKEFILE
$PCRE/src/pcre2.h: $PCRE/Makefile
$PCRE/Makefile: $NGX_MAKEFILE
cd $PCRE \\
&& if [ -f Makefile ]; then \$(MAKE) distclean; fi \\
&& CC="\$(CC)" CFLAGS="$PCRE_OPT" \\
./configure --disable-shared $PCRE_CONF_OPT
$PCRE/.libs/libpcre2-8.a: $PCRE/Makefile
cd $PCRE \\
&& \$(MAKE) libpcre2-8.la
END
fi
esac
else
if [ -n "$ngx_makefile" ]; then
# PCRE
case "$NGX_CC_NAME" in
msvc)
ngx_makefile=makefile.msvc
ngx_opt="CPU_OPT=\"$CPU_OPT\" LIBC=$LIBC"
ngx_pcre="PCRE=\"$PCRE\""
;;
owc)
ngx_makefile=makefile.owc
ngx_opt="CPU_OPT=\"$CPU_OPT\""
ngx_pcre=`echo PCRE=\"$PCRE\" | sed -e "s/\//$ngx_regex_dirsep/g"`
;;
bcc)
ngx_makefile=makefile.bcc
ngx_opt="-DCPU_OPT=\"$CPU_OPT\""
ngx_pcre=`echo \-DPCRE=\"$PCRE\" \
| sed -e "s/\//$ngx_regex_dirsep/g"`
;;
*)
ngx_makefile=
;;
esac
if [ -n "$ngx_makefile" ]; then
cat << END >> $NGX_MAKEFILE
cat << END >> $NGX_MAKEFILE
`echo "$PCRE/pcre.lib: $PCRE/pcre.h $NGX_MAKEFILE" \
| sed -e "s/\//$ngx_regex_dirsep/g"`
@ -146,9 +43,9 @@ else
END
else
else
cat << END >> $NGX_MAKEFILE
cat << END >> $NGX_MAKEFILE
$PCRE/pcre.h: $PCRE/Makefile
@ -164,6 +61,4 @@ $PCRE/.libs/libpcre.a: $PCRE/Makefile
END
fi
fi

31
auto/make
View file

@ -2,19 +2,13 @@
# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.
basename_last2() {
local basename_1=`basename \`dirname $1\``
local basename_2=$(basename "$1")
echo $(printf "$basename_1/$basename_2" | sed 's/\.\.\///')
}
echo "creating $NGX_MAKEFILE"
mkdir -p $NGX_OBJS/src/core $NGX_OBJS/src/event $NGX_OBJS/src/event/modules \
$NGX_OBJS/src/event/quic \
$NGX_OBJS/src/os/unix $NGX_OBJS/src/os/win32 \
$NGX_OBJS/src/http $NGX_OBJS/src/http/v2 $NGX_OBJS/src/http/v3 \
$NGX_OBJS/src/http/modules $NGX_OBJS/src/http/modules/perl \
$NGX_OBJS/src/http $NGX_OBJS/src/http/v2 $NGX_OBJS/src/http/modules \
$NGX_OBJS/src/http/modules/perl \
$NGX_OBJS/src/mail \
$NGX_OBJS/src/stream \
$NGX_OBJS/src/misc
@ -179,7 +173,7 @@ ngx_all_srcs=`echo $ngx_all_srcs | sed -e "s/\//$ngx_regex_dirsep/g"`
for ngx_src in $NGX_ADDON_SRCS
do
ngx_obj="addon/`basename_last2 \`dirname $ngx_src\``"
ngx_obj="addon/`basename \`dirname $ngx_src\``"
test -d $NGX_OBJS/$ngx_obj || mkdir -p $NGX_OBJS/$ngx_obj
@ -319,7 +313,7 @@ $ngx_obj: \$(CORE_DEPS) \$(HTTP_DEPS)$ngx_cont$ngx_src
END
fi
done
done
fi
@ -349,7 +343,7 @@ $ngx_obj: \$(CORE_DEPS) \$(MAIL_DEPS)$ngx_cont$ngx_src
$ngx_cc$ngx_tab$ngx_objout$ngx_obj$ngx_tab$ngx_src$NGX_AUX
END
done
done
fi
@ -379,7 +373,7 @@ $ngx_obj: \$(CORE_DEPS) \$(STREAM_DEPS)$ngx_cont$ngx_src
$ngx_cc$ngx_tab$ngx_objout$ngx_obj$ngx_tab$ngx_src$NGX_AUX
END
done
done
fi
@ -405,7 +399,7 @@ $ngx_obj: \$(CORE_DEPS) $ngx_cont$ngx_src
$ngx_cc$ngx_tab$ngx_objout$ngx_obj$ngx_tab$ngx_src$NGX_AUX
END
done
done
fi
@ -418,7 +412,7 @@ if test -n "$NGX_ADDON_SRCS"; then
for ngx_src in $NGX_ADDON_SRCS
do
ngx_obj="addon/`basename_last2 \`dirname $ngx_src\``"
ngx_obj="addon/`basename \`dirname $ngx_src\``"
ngx_obj=`echo $ngx_obj/\`basename $ngx_src\` \
| sed -e "s/\//$ngx_regex_dirsep/g"`
@ -437,7 +431,7 @@ $ngx_obj: \$(ADDON_DEPS)$ngx_cont$ngx_src
$ngx_cc$ngx_tab$ngx_objout$ngx_obj$ngx_tab$ngx_src$NGX_AUX
END
done
done
fi
@ -508,7 +502,6 @@ fi
for ngx_module in $DYNAMIC_MODULES
do
eval ngx_module_srcs="\$${ngx_module}_SRCS"
eval ngx_module_shrd="\$${ngx_module}_SHRD"
eval eval ngx_module_libs="\\\"\$${ngx_module}_LIBS\\\""
eval ngx_module_modules="\$${ngx_module}_MODULES"
@ -574,14 +567,14 @@ END
| sed -e "s/\(.*\.\)c/\1$ngx_objext/"`
ngx_module_objs=
for ngx_src in $ngx_module_srcs $ngx_module_shrd
for ngx_src in $ngx_module_srcs
do
case "$ngx_src" in
src/*)
ngx_obj=$ngx_src
;;
*)
ngx_obj="addon/`basename_last2 \`dirname $ngx_src\``"
ngx_obj="addon/`basename \`dirname $ngx_src\``"
mkdir -p $NGX_OBJS/$ngx_obj
ngx_obj="$ngx_obj/`basename $ngx_src`"
;;
@ -643,7 +636,7 @@ END
ngx_obj=`echo $ngx_source | sed -e "s/\//$ngx_regex_dirsep/g"`
;;
*)
ngx_obj="addon/`basename_last2 \`dirname $ngx_source\``"
ngx_obj="addon/`basename \`dirname $ngx_source\``"
ngx_obj=`echo $ngx_obj/\`basename $ngx_source\` \
| sed -e "s/\//$ngx_regex_dirsep/g"`
;;

44
auto/module
View file

@ -17,6 +17,7 @@ if [ "$ngx_module_link" = DYNAMIC ]; then
done
DYNAMIC_MODULES="$DYNAMIC_MODULES $ngx_module"
eval ${ngx_module}_SRCS=\"$ngx_module_srcs\"
eval ${ngx_module}_MODULES=\"$ngx_module_name\"
@ -30,30 +31,6 @@ if [ "$ngx_module_link" = DYNAMIC ]; then
eval ${ngx_module}_ORDER=\"$ngx_module_order\"
fi
srcs=
shrd=
for src in $ngx_module_srcs
do
found=no
for old in $DYNAMIC_MODULES_SRCS
do
if [ $src = $old ]; then
found=yes
break
fi
done
if [ $found = no ]; then
srcs="$srcs $src"
else
shrd="$shrd $src"
fi
done
eval ${ngx_module}_SRCS=\"$srcs\"
eval ${ngx_module}_SHRD=\"$shrd\"
DYNAMIC_MODULES_SRCS="$DYNAMIC_MODULES_SRCS $srcs"
if test -n "$ngx_module_incs"; then
CORE_INCS="$CORE_INCS $ngx_module_incs"
fi
@ -130,24 +107,7 @@ elif [ "$ngx_module_link" = ADDON ]; then
eval ${ngx_module_type}_MODULES=\"\$${ngx_module_type}_MODULES \
$ngx_module_name\"
srcs=
for src in $ngx_module_srcs
do
found=no
for old in $NGX_ADDON_SRCS
do
if [ $src = $old ]; then
found=yes
break
fi
done
if [ $found = no ]; then
srcs="$srcs $src"
fi
done
NGX_ADDON_SRCS="$NGX_ADDON_SRCS $srcs"
NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_module_srcs"
if test -n "$ngx_module_incs"; then
eval ${ngx_var}_INCS=\"\$${ngx_var}_INCS $ngx_module_incs\"

130
auto/modules
View file

@ -102,11 +102,6 @@ if [ $HTTP = YES ]; then
fi
if [ $HTTP_V2 = YES -o $HTTP_V3 = YES ]; then
HTTP_SRCS="$HTTP_SRCS $HTTP_HUFF_SRCS"
fi
# the module order is important
# ngx_http_static_module
# ngx_http_gzip_static_module
@ -124,7 +119,6 @@ if [ $HTTP = YES ]; then
# ngx_http_header_filter
# ngx_http_chunked_filter
# ngx_http_v2_filter
# ngx_http_v3_filter
# ngx_http_range_header_filter
# ngx_http_gzip_filter
# ngx_http_postpone_filter
@ -157,7 +151,6 @@ if [ $HTTP = YES ]; then
ngx_http_header_filter_module \
ngx_http_chunked_filter_module \
ngx_http_v2_filter_module \
ngx_http_v3_filter_module \
ngx_http_range_header_filter_module \
ngx_http_gzip_filter_module \
ngx_http_postpone_filter_module \
@ -219,17 +212,6 @@ if [ $HTTP = YES ]; then
. auto/module
fi
if [ $HTTP_V3 = YES ]; then
ngx_module_name=ngx_http_v3_filter_module
ngx_module_incs=
ngx_module_deps=
ngx_module_srcs=src/http/v3/ngx_http_v3_filter_module.c
ngx_module_libs=
ngx_module_link=$HTTP_V3
. auto/module
fi
if :; then
ngx_module_name=ngx_http_range_header_filter_module
ngx_module_incs=
@ -423,6 +405,7 @@ if [ $HTTP = YES ]; then
if [ $HTTP_V2 = YES ]; then
have=NGX_HTTP_V2 . auto/have
have=NGX_HTTP_HEADERS . auto/have
ngx_module_name=ngx_http_v2_module
ngx_module_incs=src/http/v2
@ -431,6 +414,8 @@ if [ $HTTP = YES ]; then
ngx_module_srcs="src/http/v2/ngx_http_v2.c \
src/http/v2/ngx_http_v2_table.c \
src/http/v2/ngx_http_v2_encode.c \
src/http/v2/ngx_http_v2_huff_decode.c \
src/http/v2/ngx_http_v2_huff_encode.c \
src/http/v2/ngx_http_v2_module.c"
ngx_module_libs=
ngx_module_link=$HTTP_V2
@ -438,32 +423,6 @@ if [ $HTTP = YES ]; then
. auto/module
fi
if [ $HTTP_V3 = YES ]; then
USE_OPENSSL_QUIC=YES
HTTP_SSL=YES
have=NGX_HTTP_V3 . auto/have
ngx_module_name=ngx_http_v3_module
ngx_module_incs=src/http/v3
ngx_module_deps="src/http/v3/ngx_http_v3.h \
src/http/v3/ngx_http_v3_encode.h \
src/http/v3/ngx_http_v3_parse.h \
src/http/v3/ngx_http_v3_table.h \
src/http/v3/ngx_http_v3_uni.h"
ngx_module_srcs="src/http/v3/ngx_http_v3.c \
src/http/v3/ngx_http_v3_encode.c \
src/http/v3/ngx_http_v3_parse.c \
src/http/v3/ngx_http_v3_table.c \
src/http/v3/ngx_http_v3_uni.c \
src/http/v3/ngx_http_v3_request.c \
src/http/v3/ngx_http_v3_module.c"
ngx_module_libs=
ngx_module_link=$HTTP_V3
. auto/module
fi
if :; then
ngx_module_name=ngx_http_static_module
ngx_module_incs=
@ -1026,12 +985,6 @@ if [ $MAIL != NO ]; then
ngx_module_srcs=src/mail/ngx_mail_proxy_module.c
. auto/module
ngx_module_name=ngx_mail_realip_module
ngx_module_deps=
ngx_module_srcs=src/mail/ngx_mail_realip_module.c
. auto/module
fi
@ -1166,26 +1119,6 @@ if [ $STREAM != NO ]; then
. auto/module
fi
if [ $STREAM_PASS = YES ]; then
ngx_module_name=ngx_stream_pass_module
ngx_module_deps=
ngx_module_srcs=src/stream/ngx_stream_pass_module.c
ngx_module_libs=
ngx_module_link=$STREAM_PASS
. auto/module
fi
if [ $STREAM_SET = YES ]; then
ngx_module_name=ngx_stream_set_module
ngx_module_deps=
ngx_module_srcs=src/stream/ngx_stream_set_module.c
ngx_module_libs=
ngx_module_link=$STREAM_SET
. auto/module
fi
if [ $STREAM_UPSTREAM_HASH = YES ]; then
ngx_module_name=ngx_stream_upstream_hash_module
ngx_module_deps=
@ -1320,63 +1253,6 @@ if [ $USE_OPENSSL = YES ]; then
fi
if [ $USE_OPENSSL_QUIC = YES ]; then
ngx_module_type=CORE
ngx_module_name=ngx_quic_module
ngx_module_incs=
ngx_module_deps="src/event/quic/ngx_event_quic.h \
src/event/quic/ngx_event_quic_transport.h \
src/event/quic/ngx_event_quic_protection.h \
src/event/quic/ngx_event_quic_connection.h \
src/event/quic/ngx_event_quic_frames.h \
src/event/quic/ngx_event_quic_connid.h \
src/event/quic/ngx_event_quic_migration.h \
src/event/quic/ngx_event_quic_streams.h \
src/event/quic/ngx_event_quic_ssl.h \
src/event/quic/ngx_event_quic_tokens.h \
src/event/quic/ngx_event_quic_ack.h \
src/event/quic/ngx_event_quic_output.h \
src/event/quic/ngx_event_quic_socket.h \
src/event/quic/ngx_event_quic_openssl_compat.h"
ngx_module_srcs="src/event/quic/ngx_event_quic.c \
src/event/quic/ngx_event_quic_udp.c \
src/event/quic/ngx_event_quic_transport.c \
src/event/quic/ngx_event_quic_protection.c \
src/event/quic/ngx_event_quic_frames.c \
src/event/quic/ngx_event_quic_connid.c \
src/event/quic/ngx_event_quic_migration.c \
src/event/quic/ngx_event_quic_streams.c \
src/event/quic/ngx_event_quic_ssl.c \
src/event/quic/ngx_event_quic_tokens.c \
src/event/quic/ngx_event_quic_ack.c \
src/event/quic/ngx_event_quic_output.c \
src/event/quic/ngx_event_quic_socket.c \
src/event/quic/ngx_event_quic_openssl_compat.c"
ngx_module_libs=
ngx_module_link=YES
ngx_module_order=
. auto/module
if [ $QUIC_BPF = YES -a $SO_COOKIE_FOUND = YES ]; then
ngx_module_type=CORE
ngx_module_name=ngx_quic_bpf_module
ngx_module_incs=
ngx_module_deps=
ngx_module_srcs="src/event/quic/ngx_event_quic_bpf.c \
src/event/quic/ngx_event_quic_bpf_code.c"
ngx_module_libs=
ngx_module_link=YES
ngx_module_order=
. auto/module
have=NGX_QUIC_BPF . auto/have
fi
fi
if [ $USE_PCRE = YES ]; then
ngx_module_type=CORE
ngx_module_name=ngx_regex_module

23
auto/options
View file

@ -45,8 +45,6 @@ USE_THREADS=NO
NGX_FILE_AIO=NO
QUIC_BPF=NO
HTTP=YES
NGX_HTTP_LOG_PATH=
@ -61,7 +59,6 @@ HTTP_CHARSET=YES
HTTP_GZIP=YES
HTTP_SSL=NO
HTTP_V2=NO
HTTP_V3=NO
HTTP_SSI=YES
HTTP_REALIP=NO
HTTP_XSLT=NO
@ -127,8 +124,6 @@ STREAM_GEOIP=NO
STREAM_MAP=YES
STREAM_SPLIT_CLIENTS=YES
STREAM_RETURN=YES
STREAM_PASS=YES
STREAM_SET=YES
STREAM_UPSTREAM_HASH=YES
STREAM_UPSTREAM_LEAST_CONN=YES
STREAM_UPSTREAM_RANDOM=YES
@ -136,10 +131,8 @@ STREAM_UPSTREAM_ZONE=YES
STREAM_SSL_PREREAD=NO
DYNAMIC_MODULES=
DYNAMIC_MODULES_SRCS=
NGX_ADDONS=
NGX_ADDON_SRCS=
NGX_ADDON_DEPS=
DYNAMIC_ADDONS=
@ -150,10 +143,8 @@ PCRE=NONE
PCRE_OPT=
PCRE_CONF_OPT=
PCRE_JIT=NO
PCRE2=YES
USE_OPENSSL=NO
USE_OPENSSL_QUIC=NO
OPENSSL=NONE
USE_ZLIB=NO
@ -171,8 +162,6 @@ USE_GEOIP=NO
NGX_GOOGLE_PERFTOOLS=NO
NGX_CPP_TEST=NO
SO_COOKIE_FOUND=NO
NGX_LIBATOMIC=NO
NGX_CPU_CACHE_LINE=
@ -218,8 +207,6 @@ do
--with-file-aio) NGX_FILE_AIO=YES ;;
--without-quic_bpf_module) QUIC_BPF=NONE ;;
--with-ipv6)
NGX_POST_CONF_MSG="$NGX_POST_CONF_MSG
$0: warning: the \"--with-ipv6\" option is deprecated"
@ -237,7 +224,6 @@ $0: warning: the \"--with-ipv6\" option is deprecated"
--with-http_ssl_module) HTTP_SSL=YES ;;
--with-http_v2_module) HTTP_V2=YES ;;
--with-http_v3_module) HTTP_V3=YES ;;
--with-http_realip_module) HTTP_REALIP=YES ;;
--with-http_addition_module) HTTP_ADDITION=YES ;;
--with-http_xslt_module) HTTP_XSLT=YES ;;
@ -338,8 +324,6 @@ use the \"--with-mail_ssl_module\" option instead"
--without-stream_split_clients_module)
STREAM_SPLIT_CLIENTS=NO ;;
--without-stream_return_module) STREAM_RETURN=NO ;;
--without-stream_pass_module) STREAM_PASS=NO ;;
--without-stream_set_module) STREAM_SET=NO ;;
--without-stream_upstream_hash_module)
STREAM_UPSTREAM_HASH=NO ;;
--without-stream_upstream_least_conn_module)
@ -369,7 +353,6 @@ use the \"--with-mail_ssl_module\" option instead"
--with-pcre=*) PCRE="$value" ;;
--with-pcre-opt=*) PCRE_OPT="$value" ;;
--with-pcre-jit) PCRE_JIT=YES ;;
--without-pcre2) PCRE2=DISABLED ;;
--with-openssl=*) OPENSSL="$value" ;;
--with-openssl-opt=*) OPENSSL_OPT="$value" ;;
@ -454,11 +437,8 @@ cat << END
--with-file-aio enable file AIO support
--without-quic_bpf_module disable ngx_quic_bpf_module
--with-http_ssl_module enable ngx_http_ssl_module
--with-http_v2_module enable ngx_http_v2_module
--with-http_v3_module enable ngx_http_v3_module
--with-http_realip_module enable ngx_http_realip_module
--with-http_addition_module enable ngx_http_addition_module
--with-http_xslt_module enable ngx_http_xslt_module
@ -558,8 +538,6 @@ cat << END
--without-stream_split_clients_module
disable ngx_stream_split_clients_module
--without-stream_return_module disable ngx_stream_return_module
--without-stream_pass_module disable ngx_stream_pass_module
--without-stream_set_module disable ngx_stream_set_module
--without-stream_upstream_hash_module
disable ngx_stream_upstream_hash_module
--without-stream_upstream_least_conn_module
@ -590,7 +568,6 @@ cat << END
--with-pcre=DIR set path to PCRE library sources
--with-pcre-opt=OPTIONS set additional build options for PCRE
--with-pcre-jit build PCRE with JIT compilation support
--without-pcre2 do not use PCRE2 library
--with-zlib=DIR set path to zlib library sources
--with-zlib-opt=OPTIONS set additional build options for zlib

17
auto/os/conf
View file

@ -110,26 +110,11 @@ case "$NGX_MACHINE" in
NGX_MACH_CACHE_LINE=64
;;
aarch64 | arm64)
aarch64 )
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=64
;;
ppc64* | powerpc64*)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=128
;;
riscv64)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=64
;;
s390x)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=256
;;
*)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=32

8
auto/os/freebsd
View file

@ -44,10 +44,12 @@ if [ $osreldate -gt 300007 ]; then
CORE_SRCS="$CORE_SRCS $FREEBSD_SENDFILE_SRCS"
fi
if [ $osreldate -gt 1100093 ]; then
echo " + sendfile()'s SF_NODISKIO found"
if [ $NGX_FILE_AIO = YES ]; then
if [ $osreldate -gt 502103 ]; then
echo " + sendfile()'s SF_NODISKIO found"
have=NGX_HAVE_SENDFILE_NODISKIO . auto/have
have=NGX_HAVE_AIO_SENDFILE . auto/have
fi
fi
# POSIX semaphores

88
auto/os/linux
View file

@ -86,31 +86,6 @@ if [ $ngx_found = yes ]; then
ee.data.ptr = NULL;
epoll_ctl(efd, EPOLL_CTL_ADD, fd, &ee)"
. auto/feature
# eventfd()
ngx_feature="eventfd()"
ngx_feature_name="NGX_HAVE_EVENTFD"
ngx_feature_run=no
ngx_feature_incs="#include <sys/eventfd.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="(void) eventfd(0, 0)"
. auto/feature
if [ $ngx_found = yes ]; then
have=NGX_HAVE_SYS_EVENTFD_H . auto/have
fi
if [ $ngx_found = no ]; then
ngx_feature="eventfd() (SYS_eventfd)"
ngx_feature_incs="#include <sys/syscall.h>"
ngx_feature_test="(void) SYS_eventfd"
. auto/feature
fi
fi
@ -228,71 +203,8 @@ ngx_feature_test="struct crypt_data cd;
crypt_r(\"key\", \"salt\", &cd);"
. auto/feature
if [ $ngx_found = yes ]; then
CRYPT_LIB="-lcrypt"
fi
ngx_include="sys/vfs.h"; . auto/include
# BPF sockhash
ngx_feature="BPF sockhash"
ngx_feature_name="NGX_HAVE_BPF"
ngx_feature_run=no
ngx_feature_incs="#include <linux/bpf.h>
#include <sys/syscall.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="union bpf_attr attr = { 0 };
attr.map_flags = 0;
attr.map_type = BPF_MAP_TYPE_SOCKHASH;
syscall(__NR_bpf, 0, &attr, 0);"
. auto/feature
if [ $ngx_found = yes ]; then
CORE_SRCS="$CORE_SRCS src/core/ngx_bpf.c"
CORE_DEPS="$CORE_DEPS src/core/ngx_bpf.h"
if [ $QUIC_BPF != NONE ]; then
QUIC_BPF=YES
fi
fi
ngx_feature="SO_COOKIE"
ngx_feature_name="NGX_HAVE_SO_COOKIE"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
$NGX_INCLUDE_INTTYPES_H"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="socklen_t optlen = sizeof(uint64_t);
uint64_t cookie;
getsockopt(0, SOL_SOCKET, SO_COOKIE, &cookie, &optlen)"
. auto/feature
if [ $ngx_found = yes ]; then
SO_COOKIE_FOUND=YES
fi
# UDP segmentation offloading
ngx_feature="UDP_SEGMENT"
ngx_feature_name="NGX_HAVE_UDP_SEGMENT"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/udp.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="socklen_t optlen = sizeof(int);
int val;
getsockopt(0, SOL_UDP, UDP_SEGMENT, &val, &optlen)"
. auto/feature
CC_AUX_FLAGS="$cc_aux_flags -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64"

2
auto/os/win32
View file

@ -18,7 +18,7 @@ ngx_binext=".exe"
case "$NGX_CC_NAME" in
clang | gcc)
gcc)
CORE_LIBS="$CORE_LIBS -ladvapi32 -lws2_32"
MAIN_LINK="$MAIN_LINK -Wl,--export-all-symbols"
MAIN_LINK="$MAIN_LINK -Wl,--out-implib=$NGX_OBJS/libnginx.a"

8
auto/sources
View file

@ -83,14 +83,13 @@ CORE_SRCS="src/core/nginx.c \
EVENT_MODULES="ngx_events_module ngx_event_core_module"
EVENT_INCS="src/event src/event/modules src/event/quic"
EVENT_INCS="src/event src/event/modules"
EVENT_DEPS="src/event/ngx_event.h \
src/event/ngx_event_timer.h \
src/event/ngx_event_posted.h \
src/event/ngx_event_connect.h \
src/event/ngx_event_pipe.h \
src/event/ngx_event_udp.h"
src/event/ngx_event_pipe.h"
EVENT_SRCS="src/event/ngx_event.c \
src/event/ngx_event_timer.c \
@ -256,6 +255,3 @@ NGX_WIN32_RC="src/os/win32/nginx.rc"
HTTP_FILE_CACHE_SRCS=src/http/ngx_http_file_cache.c
HTTP_HUFF_SRCS="src/http/ngx_http_huff_decode.c
src/http/ngx_http_huff_encode.c"

4
auto/summary
View file

@ -16,9 +16,9 @@ if [ $USE_PCRE = DISABLED ]; then
else
case $PCRE in
YES) echo " + using system $PCRE_LIBRARY library" ;;
YES) echo " + using system PCRE library" ;;
NONE) echo " + PCRE library is not used" ;;
*) echo " + using $PCRE_LIBRARY library: $PCRE" ;;
*) echo " + using PCRE library: $PCRE" ;;
esac
fi

127
auto/unix
View file

@ -448,54 +448,6 @@ ngx_feature_test="setsockopt(0, IPPROTO_IPV6, IPV6_RECVPKTINFO, NULL, 0)"
. auto/feature
# IP packet fragmentation
ngx_feature="IP_MTU_DISCOVER"
ngx_feature_name="NGX_HAVE_IP_MTU_DISCOVER"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="(void) IP_PMTUDISC_DO;
setsockopt(0, IPPROTO_IP, IP_MTU_DISCOVER, NULL, 0)"
. auto/feature
ngx_feature="IPV6_MTU_DISCOVER"
ngx_feature_name="NGX_HAVE_IPV6_MTU_DISCOVER"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="(void) IPV6_PMTUDISC_DO;
setsockopt(0, IPPROTO_IPV6, IPV6_MTU_DISCOVER, NULL, 0)"
. auto/feature
ngx_feature="IP_DONTFRAG"
ngx_feature_name="NGX_HAVE_IP_DONTFRAG"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_DONTFRAG, NULL, 0)"
. auto/feature
ngx_feature="IPV6_DONTFRAG"
ngx_feature_name="NGX_HAVE_IPV6_DONTFRAG"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="setsockopt(0, IPPROTO_IP, IPV6_DONTFRAG, NULL, 0)"
. auto/feature
ngx_feature="TCP_DEFER_ACCEPT"
ngx_feature_name="NGX_HAVE_DEFERRED_ACCEPT"
ngx_feature_run=no
@ -630,6 +582,29 @@ Currently file AIO is supported on FreeBSD 4.3+ and Linux 2.6.22+ only
END
exit 1
fi
else
ngx_feature="eventfd()"
ngx_feature_name="NGX_HAVE_EVENTFD"
ngx_feature_run=no
ngx_feature_incs="#include <sys/eventfd.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="(void) eventfd(0, 0)"
. auto/feature
if [ $ngx_found = yes ]; then
have=NGX_HAVE_SYS_EVENTFD_H . auto/have
fi
if [ $ngx_found = no ]; then
ngx_feature="eventfd() (SYS_eventfd)"
ngx_feature_incs="#include <sys/syscall.h>"
ngx_feature_test="(void) SYS_eventfd"
. auto/feature
fi
fi
@ -752,33 +727,17 @@ ngx_feature_test="char buf[1]; struct iovec vec[1]; ssize_t n;
. auto/feature
# strerrordesc_np(), introduced in glibc 2.32
ngx_feature="strerrordesc_np()"
ngx_feature_name="NGX_HAVE_STRERRORDESC_NP"
ngx_feature_run=no
ngx_feature_incs='#include <string.h>'
ngx_feature="sys_nerr"
ngx_feature_name="NGX_SYS_NERR"
ngx_feature_run=value
ngx_feature_incs='#include <errno.h>
#include <stdio.h>'
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="char *p; p = strerrordesc_np(0);
if (p == NULL) return 1"
ngx_feature_test='printf("%d", sys_nerr);'
. auto/feature
if [ $ngx_found = no ]; then
ngx_feature="sys_nerr"
ngx_feature_name="NGX_SYS_NERR"
ngx_feature_run=value
ngx_feature_incs='#include <errno.h>
#include <stdio.h>'
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test='printf("%d", sys_nerr);'
. auto/feature
fi
if [ $ngx_found = no ]; then
# Cygiwn defines _sys_nerr
@ -794,6 +753,34 @@ if [ $ngx_found = no ]; then
fi
if [ $ngx_found = no ]; then
# Solaris has no sys_nerr
ngx_feature='maximum errno'
ngx_feature_name=NGX_SYS_NERR
ngx_feature_run=value
ngx_feature_incs='#include <errno.h>
#include <string.h>
#include <stdio.h>'
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test='int n;
char *p;
for (n = 1; n < 1000; n++) {
errno = 0;
p = strerror(n);
if (errno == EINVAL
|| p == NULL
|| strncmp(p, "Unknown error", 13) == 0)
{
break;
}
}
printf("%d", n);'
. auto/feature
fi
ngx_feature="localtime_r()"
ngx_feature_name="NGX_HAVE_LOCALTIME_R"
ngx_feature_run=no

2
conf/mime.types
View file

@ -15,7 +15,6 @@ types {
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
@ -52,7 +51,6 @@ types {
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;

5
configure vendored
View file

@ -44,7 +44,6 @@ if test -z "$NGX_PLATFORM"; then
else
echo "building for $NGX_PLATFORM"
NGX_SYSTEM=$NGX_PLATFORM
NGX_MACHINE=i386
fi
. auto/cc/conf
@ -88,10 +87,6 @@ have=NGX_PID_PATH value="\"$NGX_PID_PATH\"" . auto/define
have=NGX_LOCK_PATH value="\"$NGX_LOCK_PATH\"" . auto/define
have=NGX_ERROR_LOG_PATH value="\"$NGX_ERROR_LOG_PATH\"" . auto/define
if [ ".$NGX_ERROR_LOG_PATH" = "." ]; then
have=NGX_ERROR_LOG_STDERR . auto/have
fi
have=NGX_HTTP_LOG_PATH value="\"$NGX_HTTP_LOG_PATH\"" . auto/define
have=NGX_HTTP_CLIENT_TEMP_PATH value="\"$NGX_HTTP_CLIENT_TEMP_PATH\""
. auto/define

69
configure.docker.sh
View file

@ -1,69 +0,0 @@
#!/bin/bash
./configure \
--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fPIC -D_FORTIFY_SOURCE=2 -I/tmp/build/quickjs/" \
--with-ld-opt="-Wl,-z,relro -Wl,-z,now -fPIC -L/tmp/build/quickjs/" \
--sbin-path=/usr/local/sbin/nginx \
--conf-path=/video_server/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx/nginx.lock \
--http-log-path=/var/log/nginx/access.log \
--http-client-body-temp-path=/tmp/nginx-client-body \
--with-compat \
--with-debug \
--with-pcre-jit \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_dav_module \
--with-http_slice_module \
--with-threads \
--with-http_addition_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_sub_module \
--with-mail_ssl_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-http_geoip_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_perl_module=dynamic \
--with-http_xslt_module=dynamic \
--with-mail=dynamic \
--with-stream=dynamic \
--with-stream_geoip_module=dynamic \
--add-module=./modules_deb/libnginx-mod-http-ndk-0.3.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-brotli-1.0.0~rc \
--add-dynamic-module=./modules_deb/libnginx-mod-http-cache-purge-2.5.3 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-echo-0.63 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-geoip2-3.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-headers-more-filter-0.38 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-memc-0.20 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-set-misc-0.33 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-srcache-filter-0.33 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-subs-filter-0.6.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-upstream-fair-0.0~git20120408.a18b409 \
--add-dynamic-module=./modules_deb/libnginx-mod-nchan-1.3.7+dfsg \
--add-dynamic-module=./modules/njs/nginx \
--add-dynamic-module=./modules/nginx-vod-module \
--add-module=./modules/media-framework/nginx-common \
--add-dynamic-module=./modules/nginx-stream-preread-str-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-in-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-out-module \
--add-dynamic-module=./modules/media-framework/nginx-rtmp-module \
--add-dynamic-module=./modules/media-framework/nginx-rtmp-kmp-module \
--add-dynamic-module=./modules/media-framework/nginx-mpegts-module \
--add-dynamic-module=./modules/media-framework/nginx-mpegts-kmp-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-cc-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-rtmp-module \
--add-dynamic-module=./modules/media-framework/nginx-live-module \
--add-dynamic-module=./modules/nginx-srt-module \
--add-dynamic-module=./modules/media-framework/nginx-pckg-module \
--add-dynamic-module=./modules/nginx-secure-token-module

66
configure.sh
View file

@ -1,66 +0,0 @@
#!/bin/bash
./configure \
--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fPIC -D_FORTIFY_SOURCE=2 -I/usr/local/include/quickjs/" \
--with-ld-opt="-Wl,-z,relro -Wl,-z,now -fPIC -L/usr/local/lib/quickjs/" \
--prefix=/usr/local/temp/nginx/ \
--error-log-path=stderr \
--lock-path=/var/lock/nginx.lock \
--pid-path=/run/nginx.pid \
--with-compat \
--with-debug \
--with-pcre-jit \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_dav_module \
--with-http_slice_module \
--with-threads \
--with-http_addition_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_sub_module \
--with-mail_ssl_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-http_geoip_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_perl_module=dynamic \
--with-http_xslt_module=dynamic \
--with-mail=dynamic \
--with-stream=dynamic \
--with-stream_geoip_module=dynamic \
--add-module=./modules_deb/libnginx-mod-http-ndk-0.3.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-brotli-1.0.0~rc \
--add-dynamic-module=./modules_deb/libnginx-mod-http-cache-purge-2.5.3 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-echo-0.63 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-geoip2-3.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-headers-more-filter-0.38 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-memc-0.20 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-set-misc-0.33 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-srcache-filter-0.33 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-subs-filter-0.6.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-upstream-fair-0.0~git20120408.a18b409 \
--add-dynamic-module=./modules_deb/libnginx-mod-nchan-1.3.7+dfsg \
--add-dynamic-module=./modules/njs/nginx \
--add-dynamic-module=./modules/nginx-vod-module \
--add-module=./modules/media-framework/nginx-common \
--add-dynamic-module=./modules/nginx-stream-preread-str-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-in-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-out-module \
--add-dynamic-module=./modules/media-framework/nginx-rtmp-module \
--add-dynamic-module=./modules/media-framework/nginx-rtmp-kmp-module \
--add-dynamic-module=./modules/media-framework/nginx-mpegts-module \
--add-dynamic-module=./modules/media-framework/nginx-mpegts-kmp-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-cc-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-rtmp-module \
--add-dynamic-module=./modules/media-framework/nginx-live-module \
--add-dynamic-module=./modules/nginx-srt-module \
--add-dynamic-module=./modules/media-framework/nginx-pckg-module \
--add-dynamic-module=./modules/nginx-secure-token-module

1193
contrib/vim/syntax/nginx.vim
View file

File diff suppressed because it is too large Load diff

20
debian/README.source → debian/README.Packaging vendored
View file

@ -1,7 +1,8 @@
Debian Packaging
================
We use git-buildpackage for packaging.
We use git-buildpackage for packaging. Our repository can be found at
git.debian.org:/git/collab-maint/nginx.git.
Workflow for Unstable
=====================
@ -13,9 +14,15 @@ Dynamic Modules
Since v1.9.11 Nginx added dynamic module support. This will sanitize the
nginx packaging flow in the long term, but there is a lot work to be done
in order to get there. We gradually convert all modules to dynamic
in order to get there. We will gradually convert all modules to dynamic
as they add support for it.
Currently nginx modules need to be build together with nginx, but this
will be fixed upstream [0]. Since we already ship 3rd party modules under
debian/modules/ we will start shipping module packages (libnginx-mod) from
the same source. Once upstream implements separated building we will
split each module to a separate source.
[0] https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/
Workflow for Experimental
@ -27,7 +34,7 @@ as they lack security support.
The workflow we use is based on the assumption that packaging work happens on
origin/master and experimental builds are a trivial patch away from that.
The direct consequence of treating experimental as a patchset for origin/master
The direct consequense of treating experimental as a patchset for origin/master
is that the relevant branches are forced-pushed whenever we release a new
1.11.x version. In other words, **it is not safe to base your work on the
experimental branch**.
@ -60,4 +67,11 @@ them.
Older 1.11.x releases are not referenced by any branch, but they can be found
by the relevant debian/* tag.
3rd party experimental workflow
===============================
As we described, it is better not base you work on our forced-pushed
experimental branch. A better approach would be to maintain a custom-build
branch that is rebased to our latest experimental branch (basically git rebase
--onto the relevant commits should work).

19
debian/apport/source_nginx.py vendored
View file

@ -1,19 +0,0 @@
'''
apport package hook for nginx packages
Copyright (c) 2015, Thomas Ward <teward@ubuntu.com>
'''
import apport.hookutils
import os
import subprocess
def add_info(report, ui):
if (report['Package'].split()[0] != 'nginx-common'
and report['ProblemType'] == 'Package'
and os.path.isdir('/run/systemd/system')):
report['Journalctl_Nginx.txt'] = apport.hookutils.command_output(
['journalctl', '-xe', '--unit=nginx.service'])
report['SystemctlStatusFull_Nginx.txt'] = subprocess.Popen(
['systemctl', '-l', 'status', 'nginx.service'],
stdout=subprocess.PIPE).communicate()[0]

461
debian/changelog vendored
View file

@ -1,463 +1,24 @@
nginx (1.26.3-3) unstable; urgency=medium
nginx (1.18.0-6.1+deb11u3) bullseye-security; urgency=medium
[ Jan Mojžíš ]
* d/changelog: fix whitespace in 1.26.3-2 record
* d/control: add libnginx-mod-http-lua dependency for nginx-extras package
for riscv64 platform
* CVE-2022-41741 / CVE-2022-41742
[ Thomas Ward ]
* d/nginx-common.nginx.service: Add ConditionFileIsExecutable to
SystemD service file, prevents starting of service if nginx is
not installed (which can happen if nginx-common is installed
independently from `nginx` itself (Closes: #1098477)
-- Moritz Muehlenhoff <jmm@debian.org> Fri, 11 Nov 2022 15:14:18 +0000
-- Jan Mojžíš <janmojzis@debian.org> Thu, 15 May 2025 15:31:38 +0200
nginx (1.18.0-6.1+deb11u2) bullseye; urgency=medium
nginx (1.26.3-2) unstable; urgency=medium
* Team upload
* Upload to unstable
-- Jérémy Lal <kapouer@melix.org> Fri, 07 Feb 2025 12:53:11 +0100
nginx (1.26.3-1) experimental; urgency=medium
* Team upload
* New upstream version 1.26.3
-- Jérémy Lal <kapouer@melix.org> Wed, 05 Feb 2025 19:08:02 +0100
nginx (1.26.2-1) experimental; urgency=medium
* Team upload
* New upstream version 1.26.2
* Add Sergey Kandaurov <s.kandaurov@f5.com> pgp public key
* Drop upstream patches
[ Jan Mojžíš ]
* d/gbp.conf: add upstream-signatures = on
* d/{control,copyright}: update my email to "janmojzis@debian.org"
* d/copyright: bump my copyright year
-- Jérémy Lal <kapouer@melix.org> Sun, 02 Feb 2025 21:08:45 +0100
nginx (1.26.0-3) unstable; urgency=medium
* d/control: Resolve dependency loop between nginx and nginx-common.
(Fixes: #1082373)
-- Thomas Ward <teward@ubuntu.com> Fri, 20 Sep 2024 21:35:42 -0400
nginx (1.26.0-2) unstable; urgency=medium
[ Jan Mojžíš ]
* d/rules: enable QUIC and HTTP/3 module (Closes: 1070488)
* d/control: bump Standards-Version: 4.7.0, no changes
* d/p/nginx-1.26.1.patch add, backport changes from the nginx 1.26.1 and fix
CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161
* d/p/CVE-2024-7347.patch add, backport CVE-2024-7347 fix (Closes: 1078971)
* d/libnginx-mod.abisubstvars updated comment when ABI needs to be changed
[ Thomas Ward ]
* d/conf/nginx.conf: Update default options for current security
practices and standards. SSL protos, disable prefer server
ciphers, hide server tokens/versions in responses.
-- Jan Mojžíš <jan.mojzis@gmail.com> Mon, 19 Aug 2024 18:46:30 +0200
nginx (1.26.0-1) unstable; urgency=medium
* New upstream version 1.26.0
* nginx ABI release: nginx-abi-1.26.0-1 (Closes: 1069997)
* d/libnginx-mod.abisubstvars: remove third-party modules version constraints
* d/u/signing-key.asc add Roman Arutyunyans PGP public key,
the key is used to sign the 1.26.0 release
* d/p/CVE-2023-44487.patch remove, fixed in upstream
* d/ufw/nginx update, add QUICK, thanks Marcus Bointon
* d/conf/mime.types add application/xslt+xml, thanks K. Widholm
* d/copyright: updated copyright related to new upstream version
* d/copyright: bump my copyright year
* d/conf/nginx.conf: add worker_cpu_affinity auto (Closes: 1063659)
* d/gbp.conf: add sign-tags = True, [pull] track-missing = True,
[import-orig] merge-mode = replace
-- Jan Mojžíš <jan.mojzis@gmail.com> Sun, 05 May 2024 18:48:05 +0200
nginx (1.24.0-2) unstable; urgency=medium
* d/control added dependency nginx-common to nginx (Closes: 1039905)
After nginx installation, the nginx-common package is installed
automatically due to its dependencies. The nginx-common package includes
the systemd unit, which becomes enabled and activated upon installation.
When the nginx is removed, nginx-common package and the systemd unit will
remain in the system. Adding a dependency nginx-common to nginx solves
this problem.
* d/control fixed binNMU safe dependency declaration nginx to nginx-common,
nginx is 'any', nginx-common is 'all' -> dependency '= ${source:Version}'
* d/rules removed override_dh_strip, migration to automatic debug symbols is
already done, fixes debug-symbol-migration-possibly-complete lint. warning
* d/po/ro.po added Romanian debconf translation. (Closes: 1033084),
Thanks to Remus-Gabriel Chelu
* d/po/sv.po added Swedish debconf translation. (Closes: 1050443),
Thanks to Peter Kvillegård
* d/conf/mime.types added video/ogg, video/x-matroska (Closes: 1028144)
* d/p/CVE-2023-44487.patch adds additional mitigations for CVE-2023-44487
that according to NGINX developers on nginx-devel are already suitably
mitigated with the default config options for keepalive. (Closes: 1053770)
* d/control added nginx-dev dependency on ${nginx:abi}
* d/debhelper/nginx_mod.pm automatic libnginx-mod-stream dependencies
-- Jan Mojžíš <jan.mojzis@gmail.com> Wed, 11 Oct 2023 01:17:51 +0200
nginx (1.24.0-1) unstable; urgency=medium
* New upstream version 1.24.0
* nginx ABI release: nginx-abi-1.24.0-1
* d/libnginx-mod.abisubstvars update version constraints of the 3rd party
modules
* d/p/bug-{1024605,973861}.patch removed, fixed in upstream
* d/copyright: updated copyright for files src/event/ngx_event_udp.h,
src/os/win32/ngx_dlopen
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 27 Jun 2023 23:19:31 +0200
nginx (1.22.1-9) unstable; urgency=medium
* d/control: nginx-common Breaks+Replaces: nginx (<< 1.22.1-8)
(Closes: 1032929)
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 14 Mar 2023 16:19:32 +0100
nginx (1.22.1-8) unstable; urgency=medium
* Main change:
Configuration files returned to nginx-common package. This fixes
the serious problem of losing configuration files during upgrade.
This is a rollback of a change made in 1.22.1-6 (Closes: 1032517)
* d/control: fix nginx-full dependencies
* d/libnginx-mod.abisubstvars: update libnginx-mod-http-lua version
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 14 Mar 2023 06:53:32 +0100
nginx (1.22.1-7) unstable; urgency=medium
* nginx ABI release: nginx-abi-1.22.1-7
* nginx ABI: Nginx now provides nginx-abi-<VERSION> to better manage
dependencies between nginx and 3rd party modules. Credit to Jérémy Lal.
* switched to libpcre2 (Closes: 1000013)
* d/p/bug-973861: added, lingering close for connections with pipelined
requests. The patch is backported from the upstream. (Closes: 973861)
* d/gbb.conf: switched to debian branch main (debian-branch = main)
* d/copyright: updated to be compatible with 'cme update dpkg-copyright'
-- Jan Mojžíš <jan.mojzis@gmail.com> Mon, 13 Feb 2023 13:04:16 +0100
nginx (1.22.1-6) unstable; urgency=medium
* Main change:
Nginx binary moved to package nginx, also moved basic
configuration files from nginx-common to package nginx.
The packages nginx-{light,core,extras,common} are replaced
by a metapackage. (Closes: 1025763)
Users should simply install 'nginx' and 'libnginx-mod-...'
instead of these packages.
* Additional changes:
* d/nginx-{light,core,extras,full,common}.NEWS: added warning that
nginx-{light,core,extras,full,common} are deprecated
* d/control: fixed dependencies for safe binNMU
* d/copyright: updated debian/* copyright
* d/copyright: added missing copyright for d/apport/*
* d/copyright: added missing GPL-2+ copyright for d/debhelper/dh_nginx
* d/copyright: added missing copyright for d/help/examples/nginx_modsite
* d/po/it.po: added Italian debconf translation. (Closes: 1019160)
* d/control: removed dependency on obsolete package lsb-base
* d/control: bump Standards-Version: 4.6.2, no changes
-- Jan Mojžíš <jan.mojzis@gmail.com> Wed, 08 Feb 2023 17:20:27 +0100
nginx (1.22.1-5) unstable; urgency=medium
[ Jan Mojžíš ]
* Since version 1.22.1-5 all third party modules are removed from Debian NGINX
package and all these modules are maintained in separate external packages.
Removed namely these remaining modules:
- libnginx-mod-http-geoip2
- libnginx-mod-stream-geoip2
- libnginx-mod-http-auth-pam
- libnginx-mod-http-echo
- libnginx-mod-http-upstream-fair
- libnginx-mod-http-headers-more-filter
- libnginx-mod-http-cache-purge
- libnginx-mod-http-fancyindex
- libnginx-mod-http-uploadprogress
- libnginx-mod-http-subs-filter
- libnginx-mod-http-dav-ext
* d/tests: all *-simple and *-deps tests updated to check if nginx works
after installation/reload/restart for all flavours
* d/control: updated nginx-common dependency, fixes lintian warning
maybe-not-arch-all-binnmuable
[ Jérémy Lal ]
* d/rules: default error-log-path is stderr (--error-log-path=stderr)
instead of hardcoded /var/log/nginx/error.log (Closes: 1025858)
* dh nginx: auto-detect build-dependency on ndk-dev
* dh nginx: absolute /usr/sbin/nginx path for nginx tests
* d/p/nginx-ssl_cert_cb_yield.patch SSL_CTX_set_cert_cb() callback yielding
patch update
* d/conf/nginx.conf: Set global error_log to /var/log/error.log
Now that error_log default value is stderr, it is possible
to override that config using nginx -g 'error_log stderr;'
[ Miao Wang ]
* d/control: removed unnecessary dependencies after removing 3rd party modules
* d/rules: enabled stream_realip_module (--with-stream_realip_module)
* d/rules: explicitly disabled pcre2 (--without-pcre2)
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 20 Dec 2022 10:36:19 +0100
nginx (1.22.1-4) unstable; urgency=medium
* d/t/*-module-deps: updated, added curl timeout 300 seconds and
added nginx restart before calling curl
* d/t/*-module-deps: update:
- added tests for new ext. module libnginx-mod-http-set-misc
- added tests for new ext. module libnginx-mod-http-brotli-filter
- added tests for new ext. module libnginx-mod-http-brotli-static
- added tests for new ext. module libnginx-mod-http-memc
- added tests for new ext. module libnginx-mod-http-srcache-filter
* removed 3th party modules and moved to separate packages:
- libnginx-mod-nchan module
- libnginx-mod-rtmp module
- libnginx-mod-http-ndk module
-- Jan Mojžíš <jan.mojzis@gmail.com> Thu, 08 Dec 2022 14:15:15 +0100
nginx (1.22.1-3) unstable; urgency=medium
* d/control: added Multi-Arch: foreign for package nginx-dev
* d/rules: enabled NDK upstream list module NDK_UPSTREAM_LIST
* d/p/bug-1024605.patch: added header Forwarded: not-needed
-- Jan Mojžíš <jan.mojzis@gmail.com> Mon, 05 Dec 2022 18:25:16 +0100
nginx (1.22.1-2) unstable; urgency=medium
[ Jan Mojžíš ]
* d/control: fixed spelling-error-in-description
* d/nginx-*.postinst: fixed postinst script, used invoke-rc.d instead of
pidof and ad-hoc tests, tnx Gioele Barabucci
* d/tests/ssi-module-test added, simple ngx_http_ssi_filter_module test
* d/p/bug-1024605.patch added: fixes problem when a subrequest has SSI
enabled but its main request does not, the SSI module may crash the worker
due to NULL-pointer dereference. The patch is backported from the upstream
(Closes: 1024605)
* d/control: updated implicit dependencies of third-party modules
for easier transition to third-party modules in separate packages.
[ Jérémy Lal ]
* d/debhelper: set nginx_mod buildsystem by default
* d/control: nginx-dev provides dh-sequence-nginx (Closes: #1024879)
* d/control: remove Uploaders that are part of nginx-team,
keep only the most recent active one, per policy 5.6.3.
[ Debian Janitor ]
* Remove constraints unnecessary since buster (oldstable):
+ nginx-dev: Drop versioned constraint on dpkg-dev in Depends.
-- Jan Mojžíš <jan.mojzis@gmail.com> Wed, 30 Nov 2022 17:39:42 +0100
nginx (1.22.1-1) unstable; urgency=medium
[ Jan Mojžíš ]
* New upstream version 1.22.1
* d/control: added implicit version of dependency libnginx-mod-http-lua
(>=1:0.10.22-3~), it is a rebuilt version with nginx 1.22.1.
* Added libnginx-mod-http-lua powerpc architecture
[ Debian Janitor ]
* Fix day-of-week for changelog entry 0.5.11-1.
-- Jan Mojžíš <jan.mojzis@gmail.com> Thu, 10 Nov 2022 18:21:43 +0100
nginx (1.22.0-3.1) unstable; urgency=medium
* Non-maintainer upload.
* No source change upload to rebuild with debhelper 13.10.
-- Michael Biebl <biebl@debian.org> Sat, 15 Oct 2022 12:28:07 +0200
nginx (1.22.0-3) unstable; urgency=medium
* d/changelog: fixed typo in bug number 61261 -> 861261 (Closes: 861261)
* d/p/nginx-ssl_cert_cb_yield.patch added (Closes: 884434)
* http-lua: removed the http-lua module and moved it to a separate package
-- Jan Mojžíš <jan.mojzis@gmail.com> Wed, 17 Aug 2022 18:38:15 +0200
nginx (1.22.0-2) unstable; urgency=medium
[ Miao Wang ]
* adding a new libnginx-mod-http-ndk-dev package including necessary
headers to build a 3rd party module depending on ndk.
[ Jan Mojžíš ]
* d/nginx-common.nginx.service: added Systemd dependency
Wants=network-online.target and updated Systemd "After" dependency to
recommended NGINX values, namely:
- network-online.target (Closes: 861261) (Closes: 1000406)
- remote-fs.target (Closes: 898896)
- nss-lookup.target
* d/p/0003-define_gnu_source-on-other-glibc-based-platforms.patch: forwarded
to upstream (Closes: 859082)
* d/t/reboot: added, tests if nginx works after reboot
* d/m/p/http-subs-filter/pcre2.patch: added PCRE2 support
* d/p/nginx-fix-pidfile.patch: Fix NGINX PIDfile handling to avoid
SystemD race condition, this fix is backported from Ubuntu (Closes: 876365)
* d/apport/source_nginx.py: Add apport hooks for additional bug
information gathering, the script is backported from Ubuntu (Closes: 963668)
* d/nginx-common.install: Add install rule for apport hooks.
[ Debian Janitor ]
* Remove constraints unnecessary since buster:
+ Build-Depends: Drop versioned constraint on dpkg-dev.
+ nginx-common: Drop versioned constraint on lsb-base in Depends.
+ nginx-core: Drop versioned constraint on nginx in Breaks.
+ nginx-full: Drop versioned constraint on nginx in Breaks.
+ nginx-light: Drop versioned constraint on nginx in Breaks.
+ nginx-extras: Drop versioned constraint on nginx in Breaks.
+ libnginx-mod-http-perl: Drop versioned constraint on nginx-extras in
Replaces.
+ Remove 5 maintscript entries from 1 files.
-- Jan Mojžíš <jan.mojzis@gmail.com> Sun, 07 Aug 2022 16:14:59 +0200
nginx (1.22.0-1) unstable; urgency=medium
[ Thomas Ward ]
* New upstream release (1.22.0)
* Additional changes:
* d/conf/mime.types: Fix a typo in font/woff2 extension in
mime.types. (Closes: #1010798)
* d/upstream/signing-key.asc: Additional signing keys observed
in upstream (Konstantin Pavlov <k.pavlov@f5.com>) during
upstream merge/import by Thomas Ward, additional signing key
was added to the keyring while keeping Maxim's key in signing
keys as well.
* d/copyright: Updated copyright for src/core/ngx_murmurhash.c
and debian/modules/http-ndk/src/hash/murmurhash2.c to be
public-domain (Closes: #1011936)
* d/control: Use libluajit-5.1-dev for s390x.
Due to src:luajit2 landing in Unstable, superseding src:luajit,
and due to luajit2 having s390x support, we can use s390x now
with luajit instead of standard Lua.
Thanks to Paul Gevers for the heads up on luajit2 supporting s390x.
* d/control: Use liblua for ppc64el - src:luajit2 is still not ppc64el
stable and there seems to be nobody willing to support it. (Closes: 1013807)
[ Jan Mojžíš ]
* d/patches/CVE-2021-3618.patch removed, fix is included in new upstream
release
* d/copyright: bump nginx copyright years
* d/copyright: added copyright for src/stream/ngx_stream_set_module.c
* d/copyright: removed copyright for src/http/v2/ngx_http_v2_huff_encode.c
* d/control: bump Standards-Version to 4.6.1, no changes
[ Bastian Germann ]
* d/copyright: Update copyright for d/debhelper/*
[ Miao Wang ]
* dh_nginx: support auto generating module config files
* adding a new nginx-dev package including necessary headers and debhelper
scripts to build and package a 3rd party module. (Closes: 985133)
* d/p/0002-Make-sure-signature-stays-the-same-in-all-nginx-buil.patch
removed, because feature already implemented with --with-compat configure
option since 1.11.5
-- Thomas Ward <teward@ubuntu.com> Tue, 10 May 2022 12:08:02 -0400
nginx (1.20.2-2) unstable; urgency=medium
[ Thomas Ward ]
* d/patches/CVE-2021-3618.patch: Include upstream changeset from NGINX
that adds mitigations into the Mail module for CVE-2021-3618.patch.
(Closes: #991328)
[ Jan Mojžíš ]
* d/p/0003-define_gnu_source-on-other-glibc-based-platforms.patch update,
fixes build on hurd-i386 platform
-- Jan Mojžíš <jan.mojzis@gmail.com> Sat, 14 May 2022 08:27:08 +0200
-- Thomas Ward <teward@ubuntu.com> Wed, 04 May 2022 16:04:59 -0400
nginx (1.18.0-6.1+deb11u1) bullseye; urgency=medium
nginx (1.20.2-1) unstable; urgency=medium
* Backport upstream bugfix for segfault in nginx core >= 1.15.0 when
libnginx-mod-http-lua is loaded and init_worker_by_lua* is used.
(Closes: #994178)
[ Ondřej Nový ]
* d/control: Update Uploaders for new maintainers.
[ Thomas Ward ]
* Update to latest upstream Stable version (1.20.2) (Closes: #1008855)
* d/patches/Resolver-fixed-off-by-one-write-in-ngx_resolver
_copy.patch: Drop CVE-2021-23017 patch, as this is fixed in 1.20.1
and we are now using 1.20.2 which already contains the patch.
* Refreshed d/patches/0002-Make-sure-signature-stays-the-same-
in-all-nginx-buil.patch (fuzz thanks to 1.20.2)
* d/conf/mime.types: Update mime.types to more match upstream mime.types
and include upstream changes with mime.types from 1.21.x via nginx.org
mercurial repository versions.
* d/control: Remove self from Uploaders per other Debian devs, who want
that commit to be done by someone on the current uploaders/maintainers
group instead.
-- Thomas Ward <teward@ubuntu.com> Tue, 19 Apr 2022 09:50:42 -0400
nginx (1.18.0-9) unstable; urgency=medium
[ Jan Mojžíš ]
* http-lua: Downgrade to 0.10.13 (Closes: #1008787).
* http-lua: Backport upstream bugfix for segfault in nginx core >= 1.15.0
when libnginx-mod-http-lua is loaded and init_worker_by_lua* is used.
* d/control: Add mips64el,ppc64,kfreebsd-amd64 to list of luajit platforms.
* d/control: fix Homepage nginx.net -> nginx.org (Closes: #976158)
[ Thomas Ward ]
* d/watch: Update watch syntax to match all even versions of NGINX releases
rather than use a watch syntax that is static to one specific version.
This will fix the untracked "New upstream stable versions" problem.
* d/control: Update 'uploaders' as Thomas Ward is now a maintainer in
the Salsa repository.
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 05 Apr 2022 19:11:47 +0200
nginx (1.18.0-8) unstable; urgency=medium
* Restore patch:
d/p/Resolver-fixed-off-by-one-write-in-ngx_resolver_copy.patch
-- Ondřej Nový <onovy@debian.org> Tue, 15 Mar 2022 13:23:06 +0100
nginx (1.18.0-7) unstable; urgency=medium
[ Ondřej Nový ]
* d/p/CVE-2019-20372.patch: Drop, applied upstream.
* http-auth-pam: Upgrade to 1.5.3.
* http-echo: Upgrade to 0.62.
* nchan: Upgrade to 1.2.15.
* http-fancyindex: Upgrade to 0.5.2.
* rtmp: Upgrade to 1.2.2.
* http-lua: Upgrade to 0.10.15 (Closes: #994178).
* http-lua: Rebase patch.
* nchan: Drop GCC 10 patch, applied upstream.
* d/watch: Bump version to 4.
* Bump standards version to 4.6.1 (no changes).
* d/copyright: Bump my copyright year.
[ Ondřej Surý ]
* Add arm64 and ppc64el to list of luajit platforms.
[ Athos Ribeiro ]
* d/nginx-common.nginx.service: Fix service shutdown description to mention
SIGQUIT instead of SIGSTOP (LP: #1919965).
-- Ondřej Nový <onovy@debian.org> Tue, 15 Mar 2022 11:50:18 +0100
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 15 Mar 2022 21:36:18 +0100
nginx (1.18.0-6.1) unstable; urgency=high
@ -2855,7 +2416,7 @@ nginx (0.5.11-1) unstable; urgency=low
* New upstream version. (Closes: #405983)
-- Jose Parrella <joseparrella@cantv.net> Mon, 05 Feb 2007 19:35:56 -0400
-- Jose Parrella <joseparrella@cantv.net> Sun, 5 Feb 2007 19:35:56 -0400
nginx (0.4.13-2) unstable; urgency=low

172
debian/conf/mime.types vendored
View file

@ -1,101 +1,89 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
font/woff woff;
font/woff2 woff2;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xslt+xml xsl xslt;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/ogg ogv;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-matroska mkv;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

9
debian/conf/nginx.conf vendored
View file

@ -1,8 +1,6 @@
user www-data;
worker_processes auto;
worker_cpu_affinity auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;
events {
@ -19,7 +17,7 @@ http {
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
server_tokens off; # Recommended practice is to turn this off
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
@ -31,14 +29,15 @@ http {
# SSL Settings
##
ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3 (POODLE), TLS 1.0, 1.1
ssl_prefer_server_ciphers off; # Don't force server cipher order.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings

325
debian/control vendored
View file

@ -2,36 +2,44 @@ Source: nginx
Section: httpd
Priority: optional
Maintainer: Debian Nginx Maintainers <pkg-nginx-maintainers@alioth-lists.debian.net>
Uploaders: Jan Mojžíš <janmojzis@debian.org>
Uploaders: Christos Trochalakis <ctrochalakis@debian.org>,
Ondřej Nový <onovy@debian.org>,
Build-Depends: debhelper-compat (= 13),
dpkg-dev (>= 1.15.5),
libexpat-dev,
libgd-dev,
libgeoip-dev,
libpcre2-dev,
libhiredis-dev,
liblua5.1-0-dev [!i386 !amd64 !kfreebsd-i386 !armel !armhf !powerpc !powerpcspe !mips !mipsel],
libluajit-5.1-dev [i386 amd64 kfreebsd-i386 armel armhf powerpc powerpcspe mips mipsel],
libmaxminddb-dev,
libmhash-dev,
libpam0g-dev,
libpcre3-dev,
libperl-dev,
libssl-dev,
libxslt1-dev,
po-debconf,
quilt,
zlib1g-dev
Standards-Version: 4.7.0
Homepage: https://nginx.org
Standards-Version: 4.5.0
Homepage: https://nginx.net
Vcs-Git: https://salsa.debian.org/nginx-team/nginx.git
Vcs-Browser: https://salsa.debian.org/nginx-team/nginx
Rules-Requires-Root: no
Package: nginx
Architecture: any
Depends: ${misc:Depends},
${shlibs:Depends},
iproute2,
nginx-common (= ${source:Version}),
Breaks: nginx-light (<< 1.22.1-6~), nginx-extras (<< 1.22.1-6~), nginx-core (<< 1.22.1-6~),
Replaces: nginx-light (<< 1.22.1-6~), nginx-extras (<< 1.22.1-6~), nginx-core (<< 1.22.1-6~),
Provides: httpd, httpd-cgi, ${nginx:abi}
Architecture: all
Depends: nginx-core (<< ${source:Version}.1~) | nginx-full (<< ${source:Version}.1~) | nginx-light (<< ${source:Version}.1~) | nginx-extras (<< ${source:Version}.1~),
nginx-core (>= ${source:Version}) | nginx-full (>= ${source:Version}) | nginx-light (>= ${source:Version}) | nginx-extras (>= ${source:Version}),
${misc:Depends}
Description: small, powerful, scalable web/proxy server
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
and as a proxy to reduce the load on back-end HTTP or mail servers.
.
This is a dependency package to install either nginx-core (by default),
nginx-full, nginx-light or nginx-extras.
Package: nginx-doc
Architecture: all
@ -46,11 +54,9 @@ Description: small, powerful, scalable web/proxy server - documentation
This package provides extra documentation to help unleash the power of Nginx.
Package: nginx-common
Breaks: nginx (<< 1.22.1-8)
Replaces: nginx (<< 1.22.1-8)
Architecture: all
Multi-Arch: foreign
Depends: ${misc:Depends}
Depends: lsb-base (>= 3.0-6), ${misc:Depends}
Suggests: fcgiwrap, nginx-doc, ssl-cert
Description: small, powerful, scalable web/proxy server - common files
Nginx ("engine X") is a high-performance web and reverse proxy server
@ -60,49 +66,30 @@ Description: small, powerful, scalable web/proxy server - common files
This package contains base configuration files used by all versions of
nginx.
Package: nginx-dev
Architecture: all
Multi-Arch: foreign
Depends: ${misc:Depends}, ${S:Build-Depends},
${nginx:abi},
nginx (<< ${source:Version}.1~),
nginx (>= ${source:Version}),
Provides: dh-sequence-nginx
Description: nginx web/proxy server - development headers
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
and as a proxy to reduce the load on back-end HTTP or mail servers.
.
This package provides development headers and necessary config scripts
for the nginx web/proxy server, useful to develop and link third party
additions to the Debian nginx web/proxy server packages.
Package: nginx-core
Architecture: all
Depends: libnginx-mod-http-geoip (>= ${source:Version}),
libnginx-mod-http-geoip (<< ${source:Version}.1~),
libnginx-mod-http-image-filter (>= ${source:Version}),
libnginx-mod-http-image-filter (<< ${source:Version}.1~),
libnginx-mod-http-xslt-filter (>= ${source:Version}),
libnginx-mod-http-xslt-filter (<< ${source:Version}.1~),
libnginx-mod-mail (>= ${source:Version}),
libnginx-mod-mail (<< ${source:Version}.1~),
libnginx-mod-stream (>= ${source:Version}),
libnginx-mod-stream (<< ${source:Version}.1~),
libnginx-mod-stream-geoip (>= ${source:Version}),
libnginx-mod-stream-geoip (<< ${source:Version}.1~),
nginx (>= ${source:Version}),
nginx (<< ${source:Version}.1~),
Architecture: any
Depends: libnginx-mod-http-geoip (= ${binary:Version}),
libnginx-mod-http-image-filter (= ${binary:Version}),
libnginx-mod-http-xslt-filter (= ${binary:Version}),
libnginx-mod-mail (= ${binary:Version}),
libnginx-mod-stream (= ${binary:Version}),
libnginx-mod-stream-geoip (= ${binary:Version}),
nginx-common (= ${source:Version}),
iproute2,
${misc:Depends},
${shlibs:Depends}
Breaks: nginx-full (<< 1.18.0-1),
Breaks: nginx (<< 1.4.5-1),
nginx-full (<< 1.18.0-1),
Replaces: nginx-full (<< 1.18.0-1),
Provides: httpd, httpd-cgi, nginx
Conflicts: nginx-extras, nginx-light
Suggests: nginx-doc (= ${source:Version})
Description: nginx web/proxy server (standard version)
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
and as a proxy to reduce the load on back-end HTTP or mail servers.
.
This metapackage provides a version of nginx identical to that of nginx-full,
This package provides a version of nginx identical to that of nginx-full,
but without any third-party modules, and only modules in the original
nginx code base.
.
@ -128,10 +115,13 @@ Depends: libnginx-mod-http-auth-pam,
libnginx-mod-http-subs-filter,
libnginx-mod-http-upstream-fair,
libnginx-mod-stream-geoip2,
nginx (>= ${source:Version}),
nginx (<< ${source:Version}.1~),
nginx-core (>= ${source:Version}),
nginx-core (<< ${source:Version}.1~),
${misc:Depends},
${shlibs:Depends}
Breaks: nginx (<< 1.4.5-1)
Provides: httpd, httpd-cgi, nginx
Suggests: nginx-doc (= ${source:Version})
Description: nginx web/proxy server (standard version with 3rd parties)
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
@ -158,18 +148,22 @@ Description: nginx web/proxy server (standard version with 3rd parties)
Upstream Fair Queue.
Package: nginx-light
Architecture: all
Depends: libnginx-mod-http-echo,
nginx (>= ${source:Version}),
nginx (<< ${source:Version}.1~),
Architecture: any
Depends: libnginx-mod-http-echo (= ${binary:Version}),
nginx-common (= ${source:Version}),
iproute2,
${misc:Depends},
${shlibs:Depends}
Breaks: nginx (<< 1.4.5-1)
Provides: httpd, httpd-cgi, nginx
Conflicts: nginx-extras, nginx-core
Suggests: nginx-doc (= ${source:Version})
Description: nginx web/proxy server (basic version)
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
and as a proxy to reduce the load on back-end HTTP or mail servers.
.
This metapackage provides a very light version of nginx with only the
This package provides a very light version of nginx with only the
minimal set of features and modules.
.
STANDARD HTTP MODULES: Core, Access, Auth Basic, Auto Index, Empty GIF,
@ -183,35 +177,40 @@ Description: nginx web/proxy server (basic version)
Package: nginx-extras
Architecture: any
Depends: nginx (= ${binary:Version}),
Depends: libnginx-mod-http-auth-pam (= ${binary:Version}),
libnginx-mod-http-cache-purge (= ${binary:Version}),
libnginx-mod-http-dav-ext (= ${binary:Version}),
libnginx-mod-http-echo (= ${binary:Version}),
libnginx-mod-http-fancyindex (= ${binary:Version}),
libnginx-mod-http-geoip (= ${binary:Version}),
libnginx-mod-http-geoip2 (= ${binary:Version}),
libnginx-mod-http-headers-more-filter (= ${binary:Version}),
libnginx-mod-http-image-filter (= ${binary:Version}),
libnginx-mod-http-lua (= ${binary:Version}),
libnginx-mod-http-perl (= ${binary:Version}),
libnginx-mod-http-subs-filter (= ${binary:Version}),
libnginx-mod-http-uploadprogress (= ${binary:Version}),
libnginx-mod-http-upstream-fair (= ${binary:Version}),
libnginx-mod-http-xslt-filter (= ${binary:Version}),
libnginx-mod-mail (= ${binary:Version}),
libnginx-mod-nchan (= ${binary:Version}),
libnginx-mod-stream (= ${binary:Version}),
libnginx-mod-stream-geoip (= ${binary:Version}),
libnginx-mod-http-auth-pam,
libnginx-mod-http-cache-purge,
libnginx-mod-http-dav-ext,
libnginx-mod-http-echo,
libnginx-mod-http-fancyindex,
libnginx-mod-http-geoip2,
libnginx-mod-http-headers-more-filter,
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x riscv64 powerpc],
libnginx-mod-http-subs-filter,
libnginx-mod-http-uploadprogress,
libnginx-mod-http-upstream-fair,
libnginx-mod-nchan,
libnginx-mod-stream-geoip2,
libnginx-mod-stream-geoip2 (= ${binary:Version}),
nginx-common (= ${source:Version}),
iproute2,
${misc:Depends},
${shlibs:Depends}
Breaks: nginx (<< 1.4.5-1)
Provides: httpd, httpd-cgi, nginx
Conflicts: nginx-core, nginx-light
Suggests: nginx-doc (= ${source:Version})
Description: nginx web/proxy server (extended version)
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
and as a proxy to reduce the load on back-end HTTP or mail servers.
.
This metapackage provides a version of nginx with the standard modules, plus
This package provides a version of nginx with the standard modules, plus
extra features and modules such as the Perl module, which allows the
addition of Perl in configuration files.
.
@ -243,6 +242,17 @@ Description: GeoIP HTTP module for Nginx
Those variables include country, region, city, latitude, longitude, postal
code, etc.
Package: libnginx-mod-http-geoip2
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: GeoIP2 HTTP module for Nginx
The ngx_http_geoip2 module creates variables with values depending on the
client IP address, using the precompiled MaxMind GeoIP2 databases.
.
Those variables include country, region, city, latitude, longitude, postal
code, etc.
Package: libnginx-mod-http-image-filter
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
@ -298,10 +308,23 @@ Description: GeoIP Stream module for Nginx
Those variables include country, region, city, latitude, longitude, postal
code, etc.
Package: libnginx-mod-stream-geoip2
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
libnginx-mod-stream (= ${binary:Version}),
Recommends: nginx,
Description: GeoIP2 Stream module for Nginx
The ngx_stream_geoip2 module creates variables with values depending on the
client IP address, using the precompiled MaxMind GeoIP2 databases.
.
Those variables include country, region, city, latitude, longitude, postal
code, etc.
Package: libnginx-mod-http-perl
Architecture: any
Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends},
Recommends: nginx,
Replaces: nginx-extras (<< 1.9.14-1)
Description: Perl module for Nginx
Embed Perl runtime into nginx.
.
@ -309,3 +332,163 @@ Description: Perl module for Nginx
in Perl and insert Perl calls into SSI.
.
Note that this module is marked experimental.
Package: libnginx-mod-http-auth-pam
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: PAM authentication module for Nginx
The nginx_http_auth_pam module enables authentication using PAM.
.
The module uses PAM as a backend for simple http authentication. It
also allows setting the pam service name to allow more fine grained control.
Package: libnginx-mod-http-lua
Architecture: any
Depends: libnginx-mod-http-ndk (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends},
Recommends: nginx,
Description: Lua module for Nginx
Embed Lua runtime into nginx.
.
This module embeds Lua, via the standard Lua 5.1 interpreter or LuaJIT
2.0/2.1, into Nginx and by leveraging Nginx's subrequests, allows the
integration of the powerful Lua threads (Lua coroutines) into the Nginx event
model.
Package: libnginx-mod-http-ndk
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: Nginx Development Kit module
The NDK is an Nginx module that is designed to extend the core functionality of
the excellent Nginx webserver in a way that can be used as a basis of other
Nginx modules.
.
It has functions and macros to deal with generic tasks that don't currently
have generic code as part of the core distribution. The NDK itself adds few
features that are seen from a user's point of view - it's just designed to help
reduce the code that Nginx module developers need to write.
Package: libnginx-mod-nchan
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: Fast, flexible pub/sub server for Nginx
Nchan is a scalable, flexible pub/sub server for the modern web, It can be
configured as a standalone server, or as a shim between your application and
tens, thousands, or millions of live subscribers. It can buffer messages in
memory, on-disk, or via Redis. All connections are handled asynchronously and
distributed among any number of worker processes. It can also scale to many
nginx server instances with Redis.
.
Full documentation available at https://nchan.slact.net
Package: libnginx-mod-http-echo
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: Bring echo and more shell style goodies to Nginx
Echo module wraps lots of Nginx internal APIs for streaming input and output,
parallel/sequential subrequests, timers and sleeping, as well as various meta
data accessing.
.
Basically it provides various utilities that help testing and debugging of
other modules by trivially emulating different kinds of faked subrequest
locations.
.
People will also find it useful in real-world applications that need to:
.
1. Serve static contents directly from memory.
2. Wrap the upstream response with custom header and footer (kinda like the
addition module but with contents read directly from the config file and
Nginx variables).
3. Merge contents of various "Nginx locations" (i.e., subrequests) together in
a single main request (using echo_location and its friends).
Package: libnginx-mod-http-upstream-fair
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: Nginx Upstream Fair Proxy Load Balancer
The Nginx fair proxy balancer enhances the standard round-robin load balancer
provided with Nginx so that it tracks busy backend servers and adjusts
balancing accordingly.
Package: libnginx-mod-http-headers-more-filter
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: Set and clear input and output headers for Nginx
The Headers More module allows you to add, set, or clear any output or input
header that you specify.
.
This is an enhanced version of the standard headers module because it provides
more utilities like resetting or clearing "builtin headers" like Content-Type,
Content-Length, and Server.
Package: libnginx-mod-http-cache-purge
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: Purge content from Nginx caches
Cache Purge module adds purging capabilities to Nginx. It allows purging
content from caches used by all of Nginx proxy modules, like FastCGI, Proxy,
SCGI and uWSGI.
Package: libnginx-mod-http-fancyindex
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Suggests: nginx,
Description: Fancy indexes module for the Nginx
The Fancy Index module makes possible the generation of file listings, like
the built-in autoindex module does, but adding a touch of style by introducing
ways to customize the result.
Package: libnginx-mod-http-uploadprogress
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: Upload progress system for Nginx
Upload progress module is an implementation of an upload progress system, that
monitors RFC1867 POST uploads as they are transmitted to upstream servers.
.
It works by tracking the uploads proxied by Nginx to upstream servers without
analysing the uploaded content and offers a web API to report upload progress
in Javscript, Json or any other format.
Package: libnginx-mod-http-subs-filter
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: Substitution filter module for Nginx
Subsitution Nginx module can do both regular expression and fixed string
substitutions on response bodies. The module is quite different from Nginx's
native Substitution module. It scans the output chains buffer and
matches string line by line, just like Apache's mod_substitute.
Package: libnginx-mod-http-dav-ext
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: WebDAV missing commands support for Nginx
WebDAV Ext module complements the Nginx WebDAV module to provide a full
WebDAV support.
.
WebDAV Ext provides the missing PROPFIND & OPTIONS methods.
Package: libnginx-mod-rtmp
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends},
Recommends: nginx,
Description: RTMP support for Nginx
The nginx RTMP module is a fully-featured streaming solution implemented in
nginx.
.
It provides the following features:
- Live streaming with RTMP, HLS and MPEG-DASH;
- RTMP Video on Demand from local or HTTP sources;
- Stream relay support via a push or pull model;
- Integrated stream recording;
- and more.

231
debian/copyright vendored
View file

@ -3,12 +3,30 @@ Upstream-Name: nginx
Source: https://nginx.org/en/download.html
Files: *
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Roman Arutyunyan
Maxim Dounin
2011-2024, Nginx, Inc.
2002-2021, Igor Sysoev
Copyright: 2002-2019, Igor Sysoev
2011-2019, Nginx, Inc.
Maxim Dounin
Valentin V. Bartenev
Roman Arutyunyan
Ruslan Ermilov
License: BSD-2-clause
Files: src/core/ngx_murmurhash.c
Copyright: Copyright (C) Austin Appleby
License: BSD-2-clause
Files: src/http/modules/ngx_http_scgi_module.c
src/http/modules/ngx_http_uwsgi_module.c
Copyright: 2009-2010, Unbit S.a.s.
2008, Manlio Perillo (manlio.perillo@gmail.com)
Igor Sysoev
Nginx, Inc.
License: BSD-2-clause
Files: src/http/v2/ngx_http_v2_huff_encode.c
Copyright: 2015, Vlad Krasnov
Nginx, Inc.
Valentin V. Bartenev
License: BSD-2-clause
Files: contrib/geo2nginx.pl
@ -16,67 +34,110 @@ Copyright: 2005, Andrei Nigmatulin
License: BSD-2-clause
Files: debian/*
Copyright: 2022-2025, Jan Mojžíš <janmojzis@debian.org>
2020-2022, Ondřej Nový <onovy@debian.org>
2019-2022, Thomas Ward <teward@ubuntu.com>
2013-2016, Christos Trochalakis <ctrochalakis@debian.org>
2011-2013, Cyril Lavier <cyril.lavier@davromaniak.eu>
2011, Dmitry E. Oboukhov <unera@debian.org>
2010-2014, Michael Lustfield <michael@lustfield.net>
2009-2014, Kartik Mistry <kartik@debian.org>
2008, Jose Parrella <joseparrella@cantv.net>
2007-2009, Fabio Tranchitella <kobold@debian.org>
Copyright: 2007-2009, Fabio Tranchitella <kobold@debian.org>
2008, Jose Parrella <joseparrella@cantv.net>
2009-2014, Kartik Mistry <kartik@debian.org>
2010-2014, Michael Lustfield <michael@lustfield.net>
2011 Dmitry E. Oboukhov <unera@debian.org>
2011-2013, Cyril Lavier <cyril.lavier@davromaniak.eu>
2013-2016, Christos Trochalakis <ctrochalakis@debian.org>
2019-2020, Thomas Ward <teward@ubuntu.com>
2020, Ondřej Nový <onovy@debian.org>
License: BSD-2-clause
Files: debian/apport/*
Copyright: 2015, Thomas Ward <teward@ubuntu.com>
Files: debian/modules/http-headers-more-filter/*
Copyright: 2009-2017, Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, CloudFlare Inc.
2010-2013, Bernd Dorn
Igor Sysoev
License: BSD-2-clause
Files: debian/debhelper/*
Copyright: 2022, Miao Wang
License: Expat
Files: debian/debhelper/dh_nginx
Copyright: 2016, Christos Trochalakis <ctrochalakis@debian.org>
License: GPL-2+
Files: debian/ngx-conf/ngx-conf
Copyright: 2015, Michael Lustfield <michael@lustfield.net>
License: Expat
Files: man/*
Copyright: Nginx, Inc.
2010, 2019, Sergey A. Osokin
Files: debian/modules/http-geoip2/*
Copyright: 2014, Lee Valentine <lee@leev.net>
License: BSD-2-clause
Files: src/core/ngx_murmurhash.c
Files: debian/modules/http-ndk/*
Copyright: 2010-2018, Marcus Clyne
License: BSD-3-clause
Files: debian/modules/http-ndk/src/hash/md5.h
debian/modules/http-ndk/src/hash/sha.h
Copyright: 1995-1998, Eric Young <eay@cryptsoft.com>
License: BSD-4-clause
Files: debian/modules/http-ndk/src/hash/murmurhash2.c
Copyright: Austin Appleby
License: public-domain
All MurmurHash versions are public domain software, and the author
disclaims all copyright to their code.
License: BSD-3-clause
Files: src/http/modules/ngx_http_scgi_module.c
Copyright: Nginx, Inc.
Manlio Perillo (manlio.perillo@gmail.com)
Igor Sysoev
Files: debian/modules/http-auth-pam/*
Copyright: 2008-2020, Sergio Talens Oliag
License: BSD-2-clause
Files: src/http/modules/ngx_http_uwsgi_module.c
Copyright: Nginx, Inc.
Igor Sysoev
2009, 2010, Unbit S.a.s.
2008, Manlio Perillo (manlio.perillo@gmail.com)
Files: debian/modules/http-echo/*
Copyright: 2009-2014, Yichun "agentzh" Zhang <agentzh@gmail.com>
License: BSD-2-clause
Files: src/http/ngx_http_huff_encode.c
Copyright: Valentin V. Bartenev
Nginx, Inc.
2015, Vlad Krasnov
Files: debian/modules/http-lua/*
Copyright: 2009-2017, by Xiaozhe Wang (chaoslawful) <chaoslawful@gmail.com>.
2009-2018, by Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, OpenResty Inc.
License: BSD-2-clause
Files: src/stream/ngx_stream_set_module.c
Copyright: Pavel Pautov
Nginx, Inc.
Files: debian/modules/http-lua/t/lib/CRC32.lua
Copyright: 2007-2008, Neil Richardson (nrich@iinet.net.au)
License: Expat
Files: debian/modules/http-upstream-fair/*
Copyright: 2007, Grzegorz Nosek
Igor Sysoev
License: BSD-2-clause
Files: debian/modules/nchan/*
Copyright: 2009-2016, Leo Ponomarev (slact)
2014, Wandenberg Peixoto
Alexander Lyalin
Rogério Carvalho Schneider <stockrt@gmail.com>
License: Expat
Files: debian/modules/nchan/src/store/redis/hiredis/*
Copyright: 2006-2014, Salvatore Sanfilippo <antirez@gmail.com>
2010-2011, Pieter Noordhuis <pcnoordhuis@gmail.com>
2015, Matt Stancliff <matt@genges.com>
Jan-Erik Rediger <janerik.fnordig.com>
License: BSD-3-clause
Files: debian/modules/nchan/src/store/redis/cmp.*
Copyright: 2017, Charles Gunyon
License: Expat
Files: debian/modules/http-uploadprogress/*
Copyright: 2007, Brice Figureau
2002-2007, Igor Sysoev
License: BSD-2-clause
Files: debian/modules/http-cache-purge/*
Copyright: 2009-2014, FRiCKLE <info@frickle.com>,
2009-2014, Piotr Sikora <piotr.sikora@frickle.com>
License: BSD-2-clause
Files: debian/modules/http-dav-ext/*
Copyright: 2012-2018, Roman Arutyunyan <arut@qip.ru>
License: BSD-2-clause
Files: debian/modules/http-fancyindex/*
Copyright: 2007-2016, Adrian Perez <aperez@igalia.com>
License: BSD-2-clause
Files: debian/modules/http-subs-filter/*
Copyright: 2014, Weibin Yao <yaoweibin@gmail.com>
License: BSD-2-clause
Files: debian/modules/http-subs-filter/test/*
Copyright: 2009-2011, Taobao Inc., Alibaba Group
Antoine BONAVITA "<antoine.bonavita@gmail.com>"
agentzh (章亦春) "<agentzh@gmail.com>"
License: BSD-3-clause
Files: debian/modules/rtmp/*
Copyright: 2012-2014, Roman Arutyunyan
License: BSD-2-clause
License: BSD-2-clause
@ -104,6 +165,58 @@ License: BSD-2-clause
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
License: BSD-3-clause
All rights reserved.
.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the University nor the names of its contributors
may be used to endorse or promote products derived from this
software without specific prior written permission.
.
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS
BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
License: BSD-4-clause
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
4. Neither the name of the University nor the names of its contributors
may be used to endorse or promote products derived from this software
without specific prior written permission.
.
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
License: Expat
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to
@ -122,15 +235,3 @@ License: Expat
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.
License: GPL-2+
This is free software, licensed under:
.
The GNU General Public License, Version 2, June 1991
.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 dated June, 1991, or (at
your option) any later version.
On Debian systems, the complete text of version 2 of the GNU General
Public License can be found in '/usr/share/common-licenses/GPL-2'.

14
debian/debhelper/nginx.pm vendored
View file

@ -1,14 +0,0 @@
#!/usr/bin/perl
use warnings;
use strict;
use Debian::Debhelper::Dh_Lib;
add_command_options( "dh_auto_test", "--buildsystem=nginx_mod" );
add_command_options( "dh_auto_configure", "--buildsystem=nginx_mod" );
add_command_options( "dh_auto_build", "--buildsystem=nginx_mod" );
add_command_options( "dh_auto_install", "--buildsystem=nginx_mod" );
add_command_options( "dh_auto_clean", "--buildsystem=nginx_mod" );
insert_after("dh_install", "dh_nginx");
1;

138
debian/debhelper/nginx_mod.pm vendored
View file

@ -1,138 +0,0 @@
# A build system class for handling nginx modules.
#
# Copyright: © 2022 Miao Wang
# License: MIT
package Debian::Debhelper::Buildsystem::nginx_mod;
use strict;
use warnings;
use Dpkg::Deps qw(deps_parse);
use Dpkg::Control::Info;
use Debian::Debhelper::Dh_Lib qw(error doit getpackages addsubstvar);
use File::Spec;
use parent qw(Debian::Debhelper::Buildsystem::makefile);
use Config;
sub DESCRIPTION {
"Nginx Module (config)"
}
sub check_auto_buildable {
my ($this, $step) = @_;
return 1 if -e $this->get_sourcepath("config");
}
sub _NGINX_SRC_DIR {
"/usr/share/nginx/src"
}
sub _NDK_SRC_DIR {
"/usr/share/nginx-ndk/src"
}
sub new {
my $class=shift;
my $this= $class->SUPER::new(@_);
my $ngx_ver = `grep 'define NGINX_VERSION' /usr/share/nginx/src/src/core/nginx.h | sed -e 's/^.*"\\(.*\\)".*/\\1/'`;
chomp($ngx_ver);
$this->prefer_out_of_source_building(@_);
$this->{has_ndk} = $this->has_build_dep("libnginx-mod-http-ndk-dev");
$this->{has_stream} = $this->has_build_dep("libnginx-mod-stream");
foreach my $cur (getpackages('arch')) {
if ($this->{has_ndk} == 1) {
addsubstvar($cur, "misc:Depends", "libnginx-mod-http-ndk");
}
if ($this->{has_stream} == 1) {
addsubstvar($cur, "misc:Depends", "libnginx-mod-stream (>= $ngx_ver), libnginx-mod-stream (<< $ngx_ver.1~)");
}
}
return $this;
}
sub configure {
my $this=shift;
doit({
"chdir" => $this->_NGINX_SRC_DIR,
"update_env" => {
"src_dir" => $this->get_sourcedir,
"bld_dir" => $this->get_builddir,
"pwd_dir" => $this->{cwd},
},
}, "bash", "-c", '. ./conf_flags
./configure \\
--with-cc-opt="$(cd "$pwd_dir/$src_dir"; dpkg-buildflags --get CFLAGS) -fPIC $(cd "$pwd_dir/$src_dir"; dpkg-buildflags --get CPPFLAGS)" \\
--with-ld-opt="$(cd "$pwd_dir/$src_dir"; dpkg-buildflags --get LDFLAGS) -fPIC" \\
"${NGX_CONF_FLAGS[@]}" \\
--add-dynamic-module="$pwd_dir/$src_dir" \\
--builddir="$pwd_dir/$bld_dir" \\
' . ($this->{has_ndk} ? '--add-module=' . $this->_NDK_SRC_DIR : '') . ' \\
' . ($this->{has_stream} ? '--with-stream' : '') . ' \\
"$@"', "dummy", @_);
}
sub build {
my $this=shift;
$this->do_make("-f", File::Spec->catfile($this->{cwd}, $this->get_buildpath("Makefile")), "-C", $this->_NGINX_SRC_DIR, "modules");
}
sub test {
my $this=shift;
if ( $this->{has_ndk} and !grep( /^ndk_http_module.so$/, @_ ) ) {
unshift @_, "ndk_http_module.so";
}
if ( $this->{has_stream} and !grep( /^ngx_stream_module.so$/, @_ ) ) {
unshift @_, "ngx_stream_module.so";
}
$this->doit_in_builddir("bash", "-e", "-o", "pipefail", "-c", '
tmp_conf=$(mktemp -p .)
for pre_dep in "$@"; do
echo "load_module modules/$pre_dep;" >> "$tmp_conf"
done
for i in *.so; do
echo "load_module $PWD/$i;" >> "$tmp_conf"
done
echo "events{}" >> "$tmp_conf"
/usr/sbin/nginx -g "error_log /dev/null; pid /dev/null;" -t -q -c "$PWD/$tmp_conf"
rm -f "$tmp_conf"
', "dummy", @_);
}
sub install {
my $this=shift;
my $destdir=shift;
$this->doit_in_builddir("bash", "-e", "-o", "pipefail", "-c", '
destdir=$1
mkdir -p "$destdir/usr/lib/nginx/modules"
for i in *.so; do
cp "$i" "$destdir/usr/lib/nginx/modules/"
done
', "dummy", $destdir);
}
sub clean {
my $this=shift;
$this->rmdir_builddir();
}
sub has_build_dep {
my $this=shift;
my $bd=shift;
my $control = Dpkg::Control::Info->new()->get_source();
my $depends = deps_parse($control->{'Build-Depends'});
foreach (split /,\s+/,$depends) {
if ($_ =~ /$bd/) {
return 1;
}
}
return 0;
}
1

184
debian/debhelper/dh_nginx → debian/dh_nginx vendored
View file

@ -23,28 +23,17 @@
use strict;
use File::Find;
use Debian::Debhelper::Dh_Lib;
use Dpkg::Substvars;
=head1 NAME
dh_nginx - register configuration snippets to the nginx web server
=cut
my $nginx_in_tree;
my $abi;
sub nginx_depends
{
if (!$abi) {
my $sv = Dpkg::Substvars->new();
if ($nginx_in_tree) {
$sv->load("debian/libnginx-mod.abisubstvars");
}
else {
$sv->load("/usr/share/nginx/src/debian/libnginx-mod.abisubstvars");
}
$abi = $sv->get("nginx:abi");
}
return "$abi";
return 'nginx-common (= ${source:Version})'
}
sub nginx_api_installdir
@ -59,7 +48,7 @@ sub nginx_modules_conf_installdir
=head1 SYNOPSIS
B<dh_nginx> [S<I<debhelper options>>] [B<-n>|B<--noscripts>] [B<--in-nginx-tree>]
B<dh_nginx> [S<I<debhelper options>>] [B<-n>|B<--noscripts>]
=head1 DESCRIPTION
@ -74,8 +63,6 @@ It supports the following configuration types
=item *
Nginx modules
=back
=head1 INVOCATION
%:
@ -95,11 +82,6 @@ Lists files to be registered with the Nginx HTTP server. The file is
interpreted as line separated list of installation stanzas, where each entry
consists of whitespace separated values conforming to the file semantics below.
When this file is missing but the name of the package looks like a nginx module,
the module load file and its loading priority is automatically generated inferring
from the package name. In this case, I<package-name>B<.install> or other mechanisms
should be used for copying the B<.so> library into the correct place.
=head2 FILE SEMANTICS
Each line consists of a triple
@ -146,10 +128,6 @@ configuration by default.
Do not modify F<postinst>/F<postrm>/F<prerm> maintainer scripts.
=item B<--in-nginx-tree>
Specify this option when building in-tree modules along with nginx. When
specified, nginx abi version is not required in package name.
=back
@ -174,7 +152,6 @@ dh_nginx is heavily influnced by dh_apache2 written by Arno Toell
init(options => {
"e|noenable" => \$dh{NOENABLE},
"in-nginx-tree" => \$nginx_in_tree,
});
foreach my $package ((@{$dh{DOPACKAGES}}))
@ -185,116 +162,85 @@ foreach my $package ((@{$dh{DOPACKAGES}}))
my $file = pkgfile($package, "nginx");
my $tmp = tmpdir($package);
my $installdir = $tmp . "/" . nginx_modules_conf_installdir();
my $modinstalldir = $tmp . "/" . nginx_api_installdir();
if ($file){
my @files_to_register = filedoublearray($file, ".") if $file;
foreach my $line (@files_to_register)
my @files_to_register = filedoublearray($file, ".") if $file;
foreach my $line (@files_to_register)
{
my $type = lc(shift @{$line}) if $line->[0];
my $source = shift @{$line} if $line->[0];
my @arguments = @{$line};
my $destination;
$type = "modules" if $type eq "mod";
my $installdir = $tmp . "/" . nginx_modules_conf_installdir();
verbose_print("$type -- $source -- @arguments\n\n");
if ($type eq "modules")
{
my $type = lc(shift @{$line}) if $line->[0];
my $source = shift @{$line} if $line->[0];
my @arguments = @{$line};
my $destination;
$type = "modules" if $type eq "mod";
verbose_print("$type -- $source -- @arguments\n\n");
my $basesource = basename($source);
if ($type eq "modules")
{
my $basesource = basename($source);
if ($type eq "modules")
if ($basesource =~ m/\.conf$/)
{
if ($basesource =~ m/\.conf$/)
{
my $enablename = $basesource;
my $prio = $#arguments >= 0 ? $arguments[0] : 50;
$destination = "$prio-$basesource";
push @{$PACKAGE_TYPE{'has_a_module'}}, "$enablename:$destination";
verbose_print("Installing module configuration $enablename into $installdir prio:$prio\n");
}
elsif ($basesource =~ m/\.so$/)
{
verbose_print("Installing module binary $source into $modinstalldir\n");
if (! -d $modinstalldir)
{
complex_doit("mkdir","-p", $modinstalldir);
complex_doit("chmod","755","$modinstalldir");
}
complex_doit("cp", $source, $modinstalldir);
next;
}
# TODO
error("module: \"$basesource\" needs .conf, .so or suffix") if $basesource !~ m/\.(conf|so)/;
my $enablename = $basesource;
my $prio = $#arguments >= 0 ? $arguments[0] : 50;
$destination = "$prio-$basesource";
push @{$PACKAGE_TYPE{'has_a_module'}}, "$enablename:$destination";
verbose_print("Installing module configuration $enablename into $installdir prio:$prio\n");
}
if (! -d $installdir)
{
complex_doit("mkdir","-p",$installdir);
complex_doit("chmod","755","$installdir");
}
complex_doit("cp",$source,$installdir);
complex_doit("chmod","644","$installdir/$basesource");
}
else
elsif ($basesource =~ m/\.so$/)
{
error("Unknown parameter: $type\n");
my $modinstalldir = $tmp . "/" . nginx_api_installdir();
verbose_print("Installing module binary $source into $modinstalldir\n");
if (! -d $modinstalldir)
{
complex_doit("mkdir","-p", $modinstalldir);
complex_doit("chmod","755","$modinstalldir");
}
complex_doit("cp", $source, $modinstalldir);
next;
}
# TODO
error("module: \"$basesource\" needs .conf, .so or suffix") if $basesource !~ m/\.(conf|so)/;
}
}
} elsif ($package =~ /^libnginx-mod-/){
verbose_print("$package might be a nginx module\n");
my $module = $package;
$module =~ s/^libnginx-mod-//;
verbose_print("Guessed module name: $module\n");
my $modulepath = $module;
$modulepath =~ s/-/_/g;
if (-e "$modinstalldir/ngx_${modulepath}_module.so"){
my $prio = 50;
if ($module =~ /^\w+-/ && !($module =~ /^http-/) ){
$prio = 70;
if (! -d $installdir)
{
complex_doit("mkdir","-p",$installdir);
complex_doit("chmod","755","$installdir");
}
verbose_print("Guessed load priority: $prio\n");
complex_doit("cp",$source,$installdir);
complex_doit("chmod","644","$installdir/$basesource");
my $conf_name = "mod-$module.conf";
install_dir($installdir);
verbose_print("Installing module configuration $conf_name into $installdir prio:$prio\n");
open(MOD_CONF, $dh{NO_ACT} ? ">&STDERR" : ">$installdir/$conf_name") or error("open($installdir/$conf_name): $!");
print(MOD_CONF "load_module modules/ngx_${modulepath}_module.so;\n");
close(MOD_CONF);
chmod(0644, "$installdir/$conf_name") or error("chmod(0644, $installdir/$conf_name): $!");
push @{$PACKAGE_TYPE{'has_a_module'}}, "$conf_name:$prio-$conf_name";
} else {
verbose_print("$package is not a nginx module because $modinstalldir/ngx_${modulepath}_module.so not found");
verbose_print("If it is not correct, check if the module is installed before invoking this script");
}
else
{
error("Unknown parameter: $type\n");
}
}
my @postinst_autoscripts;
my @postinst_autoscripts;
if ($#{$PACKAGE_TYPE{'has_a_module'}} >= 0)
{
if ($package !~ m/libnginx-mod-\w+?/)
{
warning("Package $package appears to be an Nginx module. It should comply to the package naming scheme libnginx-mod-<modulename>\n");
}
addsubstvar($package, "misc:Depends", nginx_depends());
if ($#{$PACKAGE_TYPE{'has_a_module'}} >= 0)
{
if ($package !~ m/libnginx-mod-\w+?/)
{
warning("Package $package appears to be an Nginx module. It should comply to the package naming scheme libnginx-mod-<modulename>\n");
}
addsubstvar($package, "misc:Depends", nginx_depends());
my $modules = "";
foreach my $module (@{$PACKAGE_TYPE{'has_a_module'}})
{
$modules .= "$module ";
}
my $modules = "";
foreach my $module (@{$PACKAGE_TYPE{'has_a_module'}})
{
$modules .= "$module ";
}
push @postinst_autoscripts, ["module", $modules];
}
push @postinst_autoscripts, ["module", $modules];
}
if (! $dh{NOSCRIPTS})
{

11
debian/gbp.conf vendored
View file

@ -1,13 +1,4 @@
[DEFAULT]
debian-branch = main
pristine-tar = True
upstream-branch = upstream
upstream-tag = upstream/%(version)s
pristine-tar = True
sign-tags = True
upstream-signatures = on
[import-orig]
merge-mode = replace
[pull]
track-missing = True

8
debian/gitlab-ci.yml vendored Normal file
View file

@ -0,0 +1,8 @@
---
include:
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml
# Disable reprotest which is failing now
variables:
SALSA_CI_DISABLE_REPROTEST: 1

13
debian/libnginx-mod-http-auth-pam.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-cache-purge.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-dav-ext.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-echo.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-fancyindex.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

2
debian/libnginx-mod-http-geoip.nginx vendored
View file

@ -9,5 +9,5 @@ $module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-bin/objs/ngx_${modulepath}_module.so\n";
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-geoip2.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-headers-more-filter.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

2
debian/libnginx-mod-http-image-filter.nginx vendored
View file

@ -9,5 +9,5 @@ $module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-bin/objs/ngx_${modulepath}_module.so\n";
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-lua.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

2
debian/libnginx-mod-http-ndk.nginx vendored Normal file
View file

@ -0,0 +1,2 @@
mod debian/build-extras/objs/ndk_http_module.so
mod debian/libnginx-mod.conf/mod-http-ndk.conf 10

4
debian/libnginx-mod-http-perl.install vendored
View file

@ -3,5 +3,5 @@
use Config;
my $vendorarch = substr($Config{vendorarch}, 1);
print "debian/build-bin/objs/src/http/modules/perl/blib/arch/auto/nginx/* $vendorarch/auto/nginx\n";
print "debian/build-bin/objs/src/http/modules/perl/blib/lib/nginx.pm $vendorarch\n";
print "debian/build-extras/objs/src/http/modules/perl/blib/arch/auto/nginx/* $vendorarch/auto/nginx\n";
print "debian/build-extras/objs/src/http/modules/perl/blib/lib/nginx.pm $vendorarch\n";

2
debian/libnginx-mod-http-perl.nginx vendored
View file

@ -9,5 +9,5 @@ $module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-bin/objs/ngx_${modulepath}_module.so\n";
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-subs-filter.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-uploadprogress.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-http-upstream-fair.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

2
debian/libnginx-mod-http-xslt-filter.nginx vendored
View file

@ -9,5 +9,5 @@ $module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-bin/objs/ngx_${modulepath}_module.so\n";
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

2
debian/libnginx-mod-mail.nginx vendored
View file

@ -9,5 +9,5 @@ $module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-bin/objs/ngx_${modulepath}_module.so\n";
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

13
debian/libnginx-mod-nchan.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

1
debian/libnginx-mod-rtmp.docs vendored Normal file
View file

@ -0,0 +1 @@
debian/modules/rtmp/README.md

1
debian/libnginx-mod-rtmp.examples vendored Normal file
View file

@ -0,0 +1 @@
debian/modules/rtmp/stat.xsl

13
debian/libnginx-mod-rtmp.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

2
debian/libnginx-mod-stream-geoip.nginx vendored
View file

@ -9,5 +9,5 @@ $module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-bin/objs/ngx_${modulepath}_module.so\n";
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf 70\n";

13
debian/libnginx-mod-stream-geoip2.nginx vendored Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/perl -w
use File::Basename;
# Guess module name
$module = basename($0, '.nginx');
$module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf 70\n";

2
debian/libnginx-mod-stream.nginx vendored
View file

@ -9,5 +9,5 @@ $module =~ s/^libnginx-mod-//;
$modulepath = $module;
$modulepath =~ s/-/_/g;
print "mod debian/build-bin/objs/ngx_${modulepath}_module.so\n";
print "mod debian/build-extras/objs/ngx_${modulepath}_module.so\n";
print "mod debian/libnginx-mod.conf/mod-${module}.conf\n";

11
debian/libnginx-mod.abisubstvars vendored
View file

@ -1,11 +0,0 @@
# ABI must be changed:
# - when upstream nginx version is changed
# - when module signature is changed (e.g. time_t change from 32bit integer to 64bit integer https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069997)
# - when symbols/structures/... (exported from header files) are changed
#
# ABI format: nginx-abi-{UPSTREAM_VERSION}-{SUFFIX}
# the {SUFFIX} provides a mechanism on rare cases when there have to be ABI
# changes without upgrading the upstream nginx version, e.g. security updates
# in oldstable
nginx:abi=nginx-abi-1.26.3-1

1
debian/libnginx-mod.conf/mod-http-auth-pam.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_auth_pam_module.so;

1
debian/libnginx-mod.conf/mod-http-cache-purge.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_cache_purge_module.so;

1
debian/libnginx-mod.conf/mod-http-dav-ext.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_dav_ext_module.so;

1
debian/libnginx-mod.conf/mod-http-echo.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_echo_module.so;

1
debian/libnginx-mod.conf/mod-http-fancyindex.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_fancyindex_module.so;

1
debian/libnginx-mod.conf/mod-http-geoip2.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_geoip2_module.so;

1
debian/libnginx-mod.conf/mod-http-headers-more-filter.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_headers_more_filter_module.so;

1
debian/libnginx-mod.conf/mod-http-lua.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_lua_module.so;

0
modules_deb/libnginx-mod-http-ndk-0.3.4/debian/mod-http-ndk.conf → debian/libnginx-mod.conf/mod-http-ndk.conf vendored
View file

1
debian/libnginx-mod.conf/mod-http-subs-filter.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_subs_filter_module.so;

1
debian/libnginx-mod.conf/mod-http-uploadprogress.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_uploadprogress_module.so;

1
debian/libnginx-mod.conf/mod-http-upstream-fair.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_http_upstream_fair_module.so;

1
debian/libnginx-mod.conf/mod-nchan.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_nchan_module.so;

1
debian/libnginx-mod.conf/mod-rtmp.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_rtmp_module.so;

1
debian/libnginx-mod.conf/mod-stream-geoip2.conf vendored Normal file
View file

@ -0,0 +1 @@
load_module modules/ngx_stream_geoip2_module.so;

74
debian/modules/control vendored Normal file
View file

@ -0,0 +1,74 @@
Module: http-headers-more-filter
Homepage: https://github.com/agentzh/headers-more-nginx-module
Version: 0.33
Files-Excluded: .gitignore .gitattributes .travis.yml
Module: http-ndk
Homepage: https://github.com/simpl/ngx_devel_kit/
Version: 0.3.1
Module: http-auth-pam
Homepage: https://github.com/sto/ngx_http_auth_pam_module
Version: 1.5.2
Module: http-echo
Homepage: https://github.com/agentzh/echo-nginx-module
Version: v0.61
Files-Excluded: .gitignore .gitattributes .travis.yml
Module: http-geoip2
Homepage: https://github.com/leev/ngx_http_geoip2_module
Version: 3.3
Module: http-lua
Homepage: https://github.com/openresty/lua-nginx-module
Version: 0.10.13
Patch:
openssl-1.1.0.patch
discover-luajit-2.1.patch
Files-Excluded: .gitignore .gitattributes .travis.yml .github
Module: http-upstream-fair
Homepage: https://github.com/gnosek/nginx-upstream-fair
Version: a18b409
Patch:
dynamic-module.patch
openssl-1.1.0.patch
drop-default-port.patch
Module: nchan
Homepage: https://github.com/slact/nchan
Version: 1.2.7
Files-Excluded: dev nchan_logo.png NchanSubscriber.js src/hiredis nchan
Module: http-uploadprogress
Homepage: https://github.com/masterzen/nginx-upload-progress-module
Files-Excluded: test
Version: 0.9.2
Module: http-cache-purge
Homepage: https://github.com/FRiCKLE/ngx_cache_purge/
Version: 2.3
Patch:
dynamic-module.patch
segfault-1.11.6.patch
Module: http-dav-ext
Homepage: https://github.com/arut/nginx-dav-ext-module
Version: 3.0.0
Module: http-fancyindex
Homepage: https://github.com/aperezdc/ngx-fancyindex
Version: 0.4.4
Files-Excluded: .gitignore .travis.yml
Module: http-subs-filter
Homepage: https://github.com/yaoweibin/ngx_http_substitutions_filter_module
Version: 0.6.4
Patch: dynamic-module.patch
Module: rtmp
Homepage: https://github.com/arut/nginx-rtmp-module
Files-Excluded: test
Version: 1.2.1

57
debian/modules/http-auth-pam/ChangeLog vendored Normal file
View file

@ -0,0 +1,57 @@
2020-06-23 sto@mixinet.net
* Version 1.5.2.
* Log authentication errors as errors instead of debug (patch provided by
Juha Koho, see https://github.com/sto/ngx_http_auth_pam_module/pull/11)
* Send client IP address to PAM (patch provided by Marcin Łojewski, see
https://github.com/sto/ngx_http_auth_pam_module/pull/14)
2016-04-06 sto@iti.es
* Version 1.5.1.
* Fix building alongside other modules in nginx 1.9.11+ (patch provided by
Graham Edgecombe <grahamedgecombe@gmail.com>)
2016-03-23 sto@iti.es
* Version 1.5.
* Added support to build module dynamically (patch provided by Sjir
Bagmeijer <sbagmeijer@ulyaoth.co.kr>).
* Log PAM error and info messages to nginx log files (patch provided by
André Caron <andre.l.caron@gmail.com>).
2015-02-04 sto@iti.es
* Version 1.4.
* Cleanup PAM responses on error, the module was not doing it, causing
memory leaks (thanks to Michael Koziarski for the report).
2013-09-17 sto@iti.es
* Version 1.3.
* Added support to export HOST and REQUEST variables to the PAM ENVIRONMENT.
Thanks to Ruben Jenster for the initial patch, his version is available
from https://github.com/r10r/ngx_http_auth_pam_module; my version uses his
implementation but only if the user sets the ``pam_auth_set_pam_env``
flag.
* Fixed bug from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=+721702
(ngx_module_t commands array should end with a ngx_null_command); the bug
was already fixed on the PAM_ENV patch, but I forgot about it until I went
back to my svn repository to add the debian patch... better latter than
never... ;)
2010-11-15 sto@iti.upv.es
* Version 1.2.
* Fixed possible memory leak when authentication fails, pam_end has to
be called to free memory (thanks to Neil Chintomby).
2009-01-26 sto@iti.upv.es
* Version 1.1.
* Fixed ngx_log_debugX calls, no we use the correct X value on each
call.
2008-09-17 sto@iti.upv.es
* Initial version (1.0).

12
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/LICENSE → debian/modules/http-auth-pam/LICENSE vendored
View file

@ -1,8 +1,5 @@
/*
* Copyright (C) 2002-2015 Igor Sysoev
* Copyright (C) 2011-2015 Nginx, Inc.
* Copyright (C) 2015-2019 Google Inc.
* All rights reserved.
/*
* Copyright (C) 2008-2020 Sergio Talens Oliag
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -13,10 +10,10 @@
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
@ -24,4 +21,5 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/

95
debian/modules/http-auth-pam/README.md vendored Normal file
View file

@ -0,0 +1,95 @@
# ngx_http_auth_pam_module
## Nginx module to use PAM for simple http authentication
### Compilation
When compiling from source build as usual adding the ``--add-module`` option:
./configure --add-module=$PATH_TO_MODULE
or if you want to build the module as dynamic use the ``--add-dynamic-module``
option.
If you are using a Debian GNU/Linux distribution install the ``nginx-full``
package; the module has been included in the debian package since version
``1.1.6-1``, so it is available on all stable distributions since the *wheezy*
release.
### Configuration
The module only has two directives:
- ``auth_pam``: This is the http authentication realm. If given the value
``off`` the module is disabled (needed when we want to override the value
set on a lower-level directive).
- ``auth_pam_service_name``: this is the PAM service name and by default it is
set to ``nginx``.
### Examples
To protect everything under ``/secure`` you will add the following to the
``nginx.conf`` file:
location /secure {
auth_pam "Secure Zone";
auth_pam_service_name "nginx";
}
Note that the module runs as the web server user, so the PAM modules used must
be able to authenticate the users without being root; that means that if you
want to use the ``pam_unix.so`` module to autenticate users you need to let the
web server user to read the ``/etc/shadow`` file if that does not scare you (on
Debian like systems you can add the ``www-data`` user to the ``shadow`` group).
As an example, to authenticate users against an LDAP server (using the
``pam_ldap.so`` module) you will use an ``/etc/pam.d/nginx`` like the
following:
auth required /lib/security/pam_ldap.so
account required /lib/security/pam_ldap.so
If you also want to limit the users from LDAP that can authenticate you can
use the ``pam_listfile.so`` module; to limit who can access resources under
``/restricted`` add the following to the ``nginx.conf`` file:
location /restricted {
auth_pam "Restricted Zone";
auth_pam_service_name "nginx_restricted";
}
Use the following ``/etc/pam.d/nginx_restricted`` file:
auth required /lib/security/pam_listfile.so onerr=fail item=user \
sense=allow file=/etc/nginx/restricted_users
auth required /lib/security/pam_ldap.so
account required /lib/security/pam_ldap.so
And add the users allowed to authenticate to the ``/etc/nginx/restricted_users``
(remember that the web server user has to be able to read this file).
### PAM Environment
If you want use the ``pam_exec.so`` plugin for request based authentication the
module can add to the PAM environment the ``HOST`` and ``REQUEST`` variables if
you set the ``auth_pam_set_pam_env`` flag::
location /pam_exec_protected {
auth_pam "Exec Zone";
auth_pam_service_name "nginx_exec";
auth_pam_set_pam_env on;
}
With this configuration if you access an URL like:
http://localhost:8000/pam_exec_protected/page?foo=yes&bar=too
the PAM environment will include the following variables:
HOST=localhost:8000
REQUEST=GET /pam_exec_protected/page?foo=yes&bar=too HTTP/1.1
You may use this information for request based authentication.
You need a recent pam release (>= version 1.0.90) to expose environment
variables to pam_exec.

1
debian/modules/http-auth-pam/VERSION vendored Normal file
View file

@ -0,0 +1 @@
1.5.2

16
debian/modules/http-auth-pam/config vendored Normal file
View file

@ -0,0 +1,16 @@
ngx_addon_name=ngx_http_auth_pam_module
if test -n "$ngx_module_link"; then
ngx_module_type=HTTP
ngx_module_name=ngx_http_auth_pam_module
ngx_module_incs=
ngx_module_deps=
ngx_module_srcs="$ngx_addon_dir/ngx_http_auth_pam_module.c"
ngx_module_libs="-lpam"
. auto/module
else
HTTP_MODULES="$HTTP_MODULES ngx_http_auth_pam_module"
NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_http_auth_pam_module.c"
CORE_LIBS="$CORE_LIBS -lpam"
fi

482
debian/modules/http-auth-pam/ngx_http_auth_pam_module.c vendored Normal file
View file

@ -0,0 +1,482 @@
/*
* Copyright (C) 2008-2020 Sergio Talens-Oliag <sto@mixinet.net>
*
* Based on nginx's 'ngx_http_auth_basic_module.c' by Igor Sysoev and apache's
* 'mod_auth_pam.c' by Ingo Luetkebolhe.
*
* File: ngx_http_auth_pam_module.c
*/
#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_http.h>
#include <security/pam_appl.h>
#define NGX_PAM_SERVICE_NAME "nginx"
/* Module context data */
typedef struct {
ngx_str_t passwd;
} ngx_http_auth_pam_ctx_t;
/* PAM authinfo */
typedef struct {
ngx_str_t username;
ngx_str_t password;
ngx_log_t *log;
} ngx_pam_authinfo;
/* Module configuration struct */
typedef struct {
ngx_str_t realm; /* http basic auth realm */
ngx_str_t service_name; /* pam service name */
ngx_flag_t set_pam_env; /* flag that indicates if we should export
variables to PAM or NOT */
} ngx_http_auth_pam_loc_conf_t;
/* Module handler */
static ngx_int_t ngx_http_auth_pam_handler(ngx_http_request_t *r);
/* Function that authenticates the user -- is the only function that uses PAM */
static ngx_int_t ngx_http_auth_pam_authenticate(ngx_http_request_t *r,
ngx_http_auth_pam_ctx_t *ctx,
ngx_str_t *passwd, void *conf);
static ngx_int_t ngx_http_auth_pam_set_realm(ngx_http_request_t *r,
ngx_str_t *realm);
static void *ngx_http_auth_pam_create_loc_conf(ngx_conf_t *cf);
static char *ngx_http_auth_pam_merge_loc_conf(ngx_conf_t *cf,
void *parent, void *child);
static ngx_int_t ngx_http_auth_pam_init(ngx_conf_t *cf);
static char *ngx_http_auth_pam(ngx_conf_t *cf, void *post, void *data);
static ngx_conf_post_handler_pt ngx_http_auth_pam_p = ngx_http_auth_pam;
static int ngx_auth_pam_talker(int num_msg, const struct pam_message ** msg,
struct pam_response ** resp, void *appdata_ptr);
static ngx_command_t ngx_http_auth_pam_commands[] = {
{ ngx_string("auth_pam"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LMT_CONF
|NGX_CONF_TAKE1,
ngx_conf_set_str_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_auth_pam_loc_conf_t, realm),
&ngx_http_auth_pam_p },
{ ngx_string("auth_pam_service_name"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LMT_CONF
|NGX_CONF_TAKE1,
ngx_conf_set_str_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_auth_pam_loc_conf_t, service_name),
NULL },
{ ngx_string("auth_pam_set_pam_env"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LMT_CONF
|NGX_CONF_FLAG,
ngx_conf_set_flag_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_auth_pam_loc_conf_t, set_pam_env),
NULL },
ngx_null_command
};
static ngx_http_module_t ngx_http_auth_pam_module_ctx = {
NULL, /* preconfiguration */
ngx_http_auth_pam_init, /* postconfiguration */
NULL, /* create main configuration */
NULL, /* init main configuration */
NULL, /* create server configuration */
NULL, /* merge server configuration */
ngx_http_auth_pam_create_loc_conf, /* create location configuration */
ngx_http_auth_pam_merge_loc_conf /* merge location configuration */
};
ngx_module_t ngx_http_auth_pam_module = {
NGX_MODULE_V1,
&ngx_http_auth_pam_module_ctx, /* module context */
ngx_http_auth_pam_commands, /* module directives */
NGX_HTTP_MODULE, /* module type */
NULL, /* init master */
NULL, /* init module */
NULL, /* init process */
NULL, /* init thread */
NULL, /* exit thread */
NULL, /* exit process */
NULL, /* exit master */
NGX_MODULE_V1_PADDING
};
/*
* Function to free PAM_CONV responses if an error is returned.
*/
static void
free_resp(int num_msg, struct pam_response *response)
{
int i;
if (response == NULL)
return;
for (i = 0; i < num_msg; i++) {
if (response[i].resp) {
/* clear before freeing -- may be a password */
bzero(response[i].resp, strlen(response[i].resp));
free(response[i].resp);
response[i].resp = NULL;
}
}
free(response);
}
/*
* ngx_auth_pam_talker: supply authentication information to PAM when asked
*
* Assumptions:
* A password is asked for by requesting input without echoing
* A username is asked for by requesting input _with_ echoing
*/
static int
ngx_auth_pam_talker(int num_msg, const struct pam_message ** msg,
struct pam_response ** resp, void *appdata_ptr)
{
int i;
ngx_pam_authinfo *ainfo;
struct pam_response *response;
ainfo = (ngx_pam_authinfo *) appdata_ptr;
response = NULL;
/* parameter sanity checking */
if (!resp || !msg || !ainfo)
return PAM_CONV_ERR;
/* allocate memory to store response */
response = malloc(num_msg * sizeof(struct pam_response));
if (!response)
return PAM_CONV_ERR;
/* copy values */
for (i = 0; i < num_msg; i++) {
/* initialize to safe values */
response[i].resp_retcode = 0;
response[i].resp = 0;
/* select response based on requested output style */
switch (msg[i]->msg_style) {
case PAM_PROMPT_ECHO_ON:
/* on memory allocation failure, auth fails */
response[i].resp = strdup((const char *)ainfo->username.data);
break;
case PAM_PROMPT_ECHO_OFF:
response[i].resp = strdup((const char *)ainfo->password.data);
break;
case PAM_ERROR_MSG:
ngx_log_error(NGX_LOG_ERR, ainfo->log, 0,
"PAM: \'%s\'.", msg[i]->msg);
break;
case PAM_TEXT_INFO:
ngx_log_error(NGX_LOG_INFO, ainfo->log, 0,
"PAM: \'%s\'.", msg[i]->msg);
break;
default:
free_resp(i, response);
return PAM_CONV_ERR;
}
}
/* everything okay, set PAM response values */
*resp = response;
return PAM_SUCCESS;
}
static ngx_int_t
ngx_http_auth_pam_handler(ngx_http_request_t *r)
{
ngx_int_t rc;
ngx_http_auth_pam_ctx_t *ctx;
ngx_http_auth_pam_loc_conf_t *alcf;
alcf = ngx_http_get_module_loc_conf(r, ngx_http_auth_pam_module);
if (alcf->realm.len == 0) {
return NGX_DECLINED;
}
ctx = ngx_http_get_module_ctx(r, ngx_http_auth_pam_module);
if (ctx) {
return ngx_http_auth_pam_authenticate(r, ctx, &ctx->passwd, alcf);
}
/* Decode http auth user and passwd, leaving values on the request */
rc = ngx_http_auth_basic_user(r);
if (rc == NGX_DECLINED) {
return ngx_http_auth_pam_set_realm(r, &alcf->realm);
}
if (rc == NGX_ERROR) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
/* Check user & password using PAM */
return ngx_http_auth_pam_authenticate(r, ctx, &ctx->passwd, alcf);
}
/**
* create a key value pair from the given key and value string
*/
static void set_to_pam_env(pam_handle_t *pamh, ngx_http_request_t *r,
char *key, char *value)
{
if (key != NULL && value != NULL) {
size_t size = strlen(key) + strlen(value) + 1 * sizeof(char);
char *key_value_pair = ngx_palloc(r->pool, size);
sprintf(key_value_pair, "%s=%s", key, value);
pam_putenv(pamh, key_value_pair);
}
}
/**
* creates a '\0' terminated string from the given ngx_str_t
*
* @param source nginx string structure with data and length
* @param pool pool of the request used for memory allocation
*/
static char* ngx_strncpy_s(ngx_str_t source, ngx_pool_t *pool)
{
// allocate memory in pool
char* destination = ngx_palloc(pool, source.len + 1);
strncpy(destination, (char *) source.data, source.len);
// add null terminator
destination[source.len] = '\0';
return destination;
}
/**
* enrich pam environment with request parameters
*/
static void add_request_info_to_pam_env(pam_handle_t *pamh,
ngx_http_request_t *r)
{
char *request_info = ngx_strncpy_s(r->request_line, r->pool);
char *host_info = ngx_strncpy_s(r->headers_in.host->value, r->pool);
set_to_pam_env(pamh, r, "REQUEST", request_info);
set_to_pam_env(pamh, r, "HOST", host_info);
}
static ngx_int_t
ngx_http_auth_pam_authenticate(ngx_http_request_t *r,
ngx_http_auth_pam_ctx_t *ctx, ngx_str_t *passwd,
void *conf)
{
ngx_int_t rc;
ngx_http_auth_pam_loc_conf_t *alcf;
ngx_pam_authinfo ainfo;
struct pam_conv conv_info; /* PAM struct */
pam_handle_t *pamh;
u_char *service_name;
alcf = conf;
size_t len;
u_char *uname_buf, *p;
/**
* Get username and password, note that r->headers_in.user contains the
* string 'user:pass', so we need to copy the username
**/
for (len = 0; len < r->headers_in.user.len; len++) {
if (r->headers_in.user.data[len] == ':') {
break;
}
}
uname_buf = ngx_palloc(r->pool, len+1);
if (uname_buf == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
p = ngx_cpymem(uname_buf, r->headers_in.user.data , len);
*p ='\0';
ainfo.username.data = uname_buf;
ainfo.username.len = len;
ainfo.password.data = r->headers_in.passwd.data;
ainfo.password.len = r->headers_in.passwd.len;
ainfo.log = r->connection->log;
conv_info.conv = &ngx_auth_pam_talker;
conv_info.appdata_ptr = (void *) &ainfo;
pamh = NULL;
/* Initialize PAM */
if (alcf->service_name.data == NULL) {
service_name = (u_char *) NGX_PAM_SERVICE_NAME;
} else {
service_name = alcf->service_name.data;
}
if ((rc = pam_start((const char *) service_name,
(const char *) ainfo.username.data,
&conv_info,
&pamh)) != PAM_SUCCESS) {
ngx_log_error(NGX_LOG_CRIT, r->connection->log, 0,
"PAM: Could not start pam service: %s",
pam_strerror(pamh, rc));
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
/* send client IP address to PAM */
char *client_ip_addr = ngx_strncpy_s(r->connection->addr_text, r->pool);
if ((rc = pam_set_item(pamh, PAM_RHOST, client_ip_addr)) != PAM_SUCCESS) {
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"PAM: Could not set item PAM_RHOST: %s",
pam_strerror(pamh, rc));
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
if (alcf->set_pam_env) {
add_request_info_to_pam_env(pamh, r);
}
/* try to authenticate user, log error on failure */
if ((rc = pam_authenticate(pamh,
PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"PAM: user '%s' - not authenticated: %s",
ainfo.username.data, pam_strerror(pamh, rc));
pam_end(pamh, PAM_SUCCESS);
return ngx_http_auth_pam_set_realm(r, &alcf->realm);
} /* endif authenticate */
/* check that the account is healthy */
if ((rc = pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"PAM: user '%s' - invalid account: %s",
ainfo.username.data, pam_strerror(pamh, rc));
pam_end(pamh, PAM_SUCCESS);
return ngx_http_auth_pam_set_realm(r, &alcf->realm);
}
pam_end(pamh, PAM_SUCCESS);
return NGX_OK;
}
static ngx_int_t
ngx_http_auth_pam_set_realm(ngx_http_request_t *r, ngx_str_t *realm)
{
r->headers_out.www_authenticate = ngx_list_push(&r->headers_out.headers);
if (r->headers_out.www_authenticate == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
r->headers_out.www_authenticate->hash = 1;
r->headers_out.www_authenticate->key.len = sizeof("WWW-Authenticate") - 1;
r->headers_out.www_authenticate->key.data = (u_char *) "WWW-Authenticate";
r->headers_out.www_authenticate->value = *realm;
return NGX_HTTP_UNAUTHORIZED;
}
static void *
ngx_http_auth_pam_create_loc_conf(ngx_conf_t *cf)
{
ngx_http_auth_pam_loc_conf_t *conf;
conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_auth_pam_loc_conf_t));
if (conf == NULL) {
return NGX_CONF_ERROR;
}
/* Strings are already NULL, but the flags have to be marked as unset */
conf->set_pam_env = NGX_CONF_UNSET;
return conf;
}
static char *
ngx_http_auth_pam_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
{
ngx_http_auth_pam_loc_conf_t *prev = parent;
ngx_http_auth_pam_loc_conf_t *conf = child;
if (conf->realm.data == NULL) {
conf->realm = prev->realm;
}
if (conf->service_name.data == NULL) {
conf->service_name = prev->service_name;
}
/* By default set_pam_env is off */
ngx_conf_merge_value(conf->set_pam_env, prev->set_pam_env, 0);
return NGX_CONF_OK;
}
static ngx_int_t
ngx_http_auth_pam_init(ngx_conf_t *cf)
{
ngx_http_handler_pt *h;
ngx_http_core_main_conf_t *cmcf;
cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
h = ngx_array_push(&cmcf->phases[NGX_HTTP_ACCESS_PHASE].handlers);
if (h == NULL) {
return NGX_ERROR;
}
*h = ngx_http_auth_pam_handler;
return NGX_OK;
}
static char *
ngx_http_auth_pam(ngx_conf_t *cf, void *post, void *data)
{
ngx_str_t *realm = data;
size_t len;
u_char *basic, *p;
if (ngx_strcmp(realm->data, "off") == 0) {
realm->len = 0;
realm->data = (u_char *) "";
return NGX_CONF_OK;
}
len = sizeof("Basic realm=\"") - 1 + realm->len + 1;
basic = ngx_palloc(cf->pool, len);
if (basic == NULL) {
return NGX_CONF_ERROR;
}
p = ngx_cpymem(basic, "Basic realm=\"", sizeof("Basic realm=\"") - 1);
p = ngx_cpymem(p, realm->data, realm->len);
*p = '"';
realm->len = len;
realm->data = basic;
return NGX_CONF_OK;
}
/* File: ngx_http_auth_pam_module.c */

37
modules_deb/libnginx-mod-http-cache-purge-2.5.3/CHANGES → debian/modules/http-cache-purge/CHANGES vendored
View file

@ -1,40 +1,3 @@
2020-06-27 VERSION 2.5.1
* fix: empty key check - it coredumps when cache key is empty, Tuğrul Topuz
* fix: purge report calloc fix - Report template has not cache file path but it's length is use in buffer memory allocation, Tuğrul Topuz
2018-08-04 VERSION 2.5
* feat/docs: cache_purge_response_type directive, selecting response type (html|json|xml|text)
* break: changed status of HTTP code 404 (Not Found) to 412 (Precondition Failed)
* fix: remove path information of response body (#4, 3a8c08a, #11)
2020-06-27 VERSION 2.4.3
* fix: empty key check - it coredumps when cache key is empty, Tuğrul Topuz
2017-09-28 VERSION 2.4.2
* fix: segfault in call to `ngx_read_file` of partial key purge, Frankie Dintino
* fix: segfault in `cplcf->conf->purge_all` with separate location syntax, Frankie Dintino
2017-02-21 VERSION 2.4.1
* Fix compatibility with nginx-1.11.6+, Sułowicz Paweł
2016-11-20 VERSION 2.4
* Fix compatibility with nginx-1.7.12+.
* explain the purge logic
* feat(purge all): Include option to purge all the cached files
This option can be slow if a lot of content is cached, or if the
storage used for the cache is slow. But you really should be using
RAM as your cache storage.
* feat(partial keys): Support partial keys to purge multiple keys.
Put an '*' at the end of your purge cache URL.
e.g:
proxy_cache_key $scheme$host$uri$is_args$args$cookie_JSESSIONID;
curl -X PURGE https://example.com/pass*
This will remove every cached page whose key cache starting with:
httpsexample.com/pass*
Be careful not passing any value for the values after the $uri, or put
it at the end of your cache key.
* Convert a config file to build a dynamic module
2014-12-23 VERSION 2.3
* Fix compatibility with nginx-1.7.9+.

0
modules_deb/libnginx-mod-http-cache-purge-2.5.3/LICENSE → debian/modules/http-cache-purge/LICENSE vendored
View file

171
debian/modules/http-cache-purge/README.md vendored Normal file
View file

@ -0,0 +1,171 @@
About
=====
`ngx_cache_purge` is `nginx` module which adds ability to purge content from
`FastCGI`, `proxy`, `SCGI` and `uWSGI` caches.
Sponsors
========
Work on the original patch was fully funded by [yo.se](http://yo.se).
Status
======
This module is production-ready.
Configuration directives (same location syntax)
===============================================
fastcgi_cache_purge
-------------------
* **syntax**: `fastcgi_cache_purge on|off|<method> [from all|<ip> [.. <ip>]]`
* **default**: `none`
* **context**: `http`, `server`, `location`
Allow purging of selected pages from `FastCGI`'s cache.
proxy_cache_purge
-----------------
* **syntax**: `proxy_cache_purge on|off|<method> [from all|<ip> [.. <ip>]]`
* **default**: `none`
* **context**: `http`, `server`, `location`
Allow purging of selected pages from `proxy`'s cache.
scgi_cache_purge
----------------
* **syntax**: `scgi_cache_purge on|off|<method> [from all|<ip> [.. <ip>]]`
* **default**: `none`
* **context**: `http`, `server`, `location`
Allow purging of selected pages from `SCGI`'s cache.
uwsgi_cache_purge
-----------------
* **syntax**: `uwsgi_cache_purge on|off|<method> [from all|<ip> [.. <ip>]]`
* **default**: `none`
* **context**: `http`, `server`, `location`
Allow purging of selected pages from `uWSGI`'s cache.
Configuration directives (separate location syntax)
===================================================
fastcgi_cache_purge
-------------------
* **syntax**: `fastcgi_cache_purge zone_name key`
* **default**: `none`
* **context**: `location`
Sets area and key used for purging selected pages from `FastCGI`'s cache.
proxy_cache_purge
-----------------
* **syntax**: `proxy_cache_purge zone_name key`
* **default**: `none`
* **context**: `location`
Sets area and key used for purging selected pages from `proxy`'s cache.
scgi_cache_purge
----------------
* **syntax**: `scgi_cache_purge zone_name key`
* **default**: `none`
* **context**: `location`
Sets area and key used for purging selected pages from `SCGI`'s cache.
uwsgi_cache_purge
-----------------
* **syntax**: `uwsgi_cache_purge zone_name key`
* **default**: `none`
* **context**: `location`
Sets area and key used for purging selected pages from `uWSGI`'s cache.
Sample configuration (same location syntax)
===========================================
http {
proxy_cache_path /tmp/cache keys_zone=tmpcache:10m;
server {
location / {
proxy_pass http://127.0.0.1:8000;
proxy_cache tmpcache;
proxy_cache_key $uri$is_args$args;
proxy_cache_purge PURGE from 127.0.0.1;
}
}
}
Sample configuration (separate location syntax)
===============================================
http {
proxy_cache_path /tmp/cache keys_zone=tmpcache:10m;
server {
location / {
proxy_pass http://127.0.0.1:8000;
proxy_cache tmpcache;
proxy_cache_key $uri$is_args$args;
}
location ~ /purge(/.*) {
allow 127.0.0.1;
deny all;
proxy_cache_purge tmpcache $1$is_args$args;
}
}
}
Testing
=======
`ngx_cache_purge` comes with complete test suite based on [Test::Nginx](http://github.com/agentzh/test-nginx).
You can test it by running:
`$ prove`
License
=======
Copyright (c) 2009-2014, FRiCKLE <info@frickle.com>
Copyright (c) 2009-2014, Piotr Sikora <piotr.sikora@frickle.com>
All rights reserved.
This project was fully funded by yo.se.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
See also
========
- [ngx_slowfs_cache](http://github.com/FRiCKLE/ngx_slowfs_cache).

7
debian/modules/http-cache-purge/TODO.md vendored Normal file
View file

@ -0,0 +1,7 @@
Features that __will not__ be added to `ngx_cache_purge`:
* Support for prefixed purges (`/purge/images/*`).
Reason: Impossible with current cache implementation.
* Support for wildcard/regex purges (`/purge/*.jpg`).
Reason: Impossible with current cache implementation.

14
modules_deb/libnginx-mod-http-cache-purge-2.5.3/config → debian/modules/http-cache-purge/config vendored
View file

@ -15,17 +15,7 @@ if [ "$HTTP_UWSGI" = "YES" ]; then
fi
ngx_addon_name=ngx_http_cache_purge_module
CACHE_PURGE_SRCS="$ngx_addon_dir/ngx_cache_purge_module.c"
if [ -n "$ngx_module_link" ]; then
ngx_module_type=HTTP
ngx_module_name="$ngx_addon_name"
ngx_module_srcs="$CACHE_PURGE_SRCS"
. auto/module
else
HTTP_MODULES="$HTTP_MODULES $ngx_addon_name"
NGX_ADDON_SRCS="$NGX_ADDON_SRCS $CACHE_PURGE_SRCS"
fi
HTTP_MODULES="$HTTP_MODULES ngx_http_cache_purge_module"
NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_cache_purge_module.c"
have=NGX_CACHE_PURGE_MODULE . auto/have

Some files were not shown because too many files have changed in this diff Show more