wrapper/nginx-sid
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: wrapper:main
Branches Tags
wrapper:main
wrapper:bullseye
wrapper:debian/bookworm
wrapper:riscv64
wrapper:pristine-tar
wrapper:upstream
wrapper:FTBR-fix
wrapper:wip-1.26.0-3
wrapper:http3
wrapper:experimental
wrapper:nginxdevdeps
wrapper:test
wrapper:master
wrapper:noquilt
wrapper:pcre
wrapper:onlycoreflavour
wrapper:abi
wrapper:prune-odd-bd
wrapper:readme
wrapper:errorlog
wrapper:nginx_test_path
wrapper:ssl_cb_yield
wrapper:dh-ndk
wrapper:stderr
wrapper:luajit
wrapper:sequence
wrapper:buster
wrapper:bullseye-pu
wrapper:stretch-pu
wrapper:buster-pu
wrapper:stretch
wrapper:stretch-backports
wrapper:jessie
wrapper:wheezy
wrapper:experimental-base
wrapper:1.12.x
wrapper:jessie-backports
wrapper:default-includes-apps.d
wrapper:wheezy-backports
wrapper:wheezy-backports-sloppy
wrapper:debian/1.18.0-6.1+deb11u4
wrapper:debian/1.22.1-9+deb12u2
wrapper:debian/1.26.3-3
wrapper:debian/1.22.1-9+deb12u1
wrapper:debian/1.26.3-2
wrapper:debian/1.26.3-1
wrapper:upstream/1.26.3
wrapper:debian/1.26.2-1
wrapper:upstream/1.26.2
wrapper:debian/1.26.0-2
wrapper:debian/1.26.0-1
wrapper:debian/1.26.0-1_exp1
wrapper:upstream/1.26.0
wrapper:debian/1.24.0-2
wrapper:debian/1.24.0-1
wrapper:upstream/1.24.0
wrapper:debian/1.22.1-9
wrapper:debian/1.22.1-8
wrapper:debian/1.22.1-7
wrapper:debian/1.22.1-6
wrapper:debian/1.22.1-6_exp1
wrapper:debian/1.22.1-5
wrapper:debian/1.22.1-4
wrapper:debian/1.22.1-3
wrapper:debian/1.22.1-2
wrapper:debian/1.22.1-1
wrapper:upstream/1.22.1
wrapper:debian/1.22.0-3.1
wrapper:debian/1.22.0-3
wrapper:debian/1.22.0-2
wrapper:debian/1.22.0-1
wrapper:upstream/1.22.0
wrapper:debian/1.20.2-2
wrapper:debian/1.20.2-1
wrapper:upstream/1.20.2
wrapper:debian/1.18.0-9
wrapper:debian/1.18.0-6.1
wrapper:debian/1.18.0-8
wrapper:debian/1.18.0-7
wrapper:debian/1.18.0-6
wrapper:debian/1.18.0-5
wrapper:debian/1.18.0-4
wrapper:debian/1.18.0-3
wrapper:debian/1.18.0-2
wrapper:debian/1.18.0-1
wrapper:upstream/1.18.0
wrapper:debian/1.16.1-3
wrapper:debian/1.16.1-2
wrapper:debian/1.16.1-1
wrapper:upstream/1.16.1
wrapper:debian/1.14.2-2+deb10u1
wrapper:debian/1.10.3-1+deb9u3
wrapper:debian/1.14.2-3
wrapper:debian/1.14.2-2
wrapper:debian/1.14.2-1
wrapper:upstream/1.14.2
wrapper:debian/1.14.1-1_bpo9+1
wrapper:debian/1.10.3-1+deb9u2
wrapper:debian/1.6.2-5+deb8u6
wrapper:debian/1.14.1-1
wrapper:upstream/1.14.1
wrapper:debian/1.14.0-1_bpo9+1
wrapper:debian/1.14.0-1
wrapper:upstream/1.14.0
wrapper:debian/1.13.12-1
wrapper:upstream/1.13.12
wrapper:debian/1.13.11-1
wrapper:upstream/1.13.11
wrapper:debian/1.13.10-1
wrapper:upstream/1.13.10
wrapper:debian/1.13.9-1
wrapper:upstream/1.13.9
wrapper:debian/1.13.8-1
wrapper:upstream/1.13.8
wrapper:debian/1.13.7-1
wrapper:upstream/1.13.7
wrapper:debian/1.13.6-2
wrapper:debian/1.13.6-1
wrapper:upstream/1.13.6
wrapper:debian/1.13.5-1
wrapper:upstream/1.13.5
wrapper:debian/1.13.4-1
wrapper:upstream/1.13.4
wrapper:debian/1.13.3-1_bpo9+1
wrapper:debian/1.2.1-2.2+wheezy4+deb7u1
wrapper:debian/1.10.3-1+deb9u1_bpo8+1
wrapper:debian/1.10.3-1+deb9u1_bpo8+2
wrapper:debian/1.13.3-1
wrapper:debian/1.6.2-5+deb8u5
wrapper:debian/1.10.3-1+deb9u1
wrapper:debian/1.13.2-1
wrapper:upstream/1.13.3
wrapper:debian/1.13.1-2_bpo9+1
wrapper:upstream/1.13.2
wrapper:debian/1.13.1-2
wrapper:debian/1.13.1-1
wrapper:upstream/1.13.1
wrapper:debian/1.13.0-1
wrapper:debian/1.12.0-1
wrapper:upstream/1.12.0
wrapper:upstream/1.13.0
wrapper:upstream-1.11/1.11.13
wrapper:upstream-1.11/1.11.12
wrapper:upstream-1.11/1.11.11
wrapper:debian/1.10.3-1_bpo8+1
wrapper:debian/1.10.2-4_bpo8+1
wrapper:debian/1.11.10-1_exp1
wrapper:upstream-1.11/1.11.10
wrapper:debian/1.10.3-1
wrapper:upstream/1.10.3
wrapper:debian/1.11.9-1_exp2
wrapper:debian/1.11.9-1_exp1
wrapper:debian/1.10.2-4
wrapper:upstream-1.11/1.11.9
wrapper:debian/1.11.8-1_exp1
wrapper:upstream-1.11/1.11.8
wrapper:debian/1.10.2-3
wrapper:debian/1.11.7-1_exp1
wrapper:upstream-1.11/1.11.7
wrapper:debian/1.11.6-1_exp1
wrapper:upstream-1.11/1.11.6
wrapper:debian/1.10.2-2
wrapper:debian/1.9.10-1_bpo8+4
wrapper:debian/1.10.2-1
wrapper:debian/1.6.2-5+deb8u4
wrapper:debian/1.6.2-5+deb8u3
wrapper:upstream/1.10.2
wrapper:debian/1.11.5-1_exp1
wrapper:upstream-1.11/1.11.5
wrapper:upstream-1.11/1.11.4
wrapper:debian/1.10.1-3
wrapper:debian/1.11.3-1_exp2
wrapper:debian/1.10.1-2
wrapper:debian/1.11.3-1_exp1
wrapper:debian/1.9.10-1_bpo8+3
wrapper:upstream-1.11/1.11.3
wrapper:debian/1.9.10-1_bpo8+2
wrapper:debian/1.11.2-1_exp1
wrapper:upstream-1.11/1.11.2
wrapper:debian/1.6.2-5+deb8u2
wrapper:debian/1.6.2-5+deb8u2_bpo70+1
wrapper:debian/1.10.1-1
wrapper:upstream/1.10.1
wrapper:upstream/1.11.0
wrapper:debian/1.10.0-1
wrapper:upstream/1.10.0
wrapper:debian/1.9.14-2
wrapper:debian/1.9.14-1
wrapper:upstream/1.9.14
wrapper:debian/1.9.10-1_bpo8+1
wrapper:debian/1.6.2-5+deb8u1
wrapper:debian/1.2.1-2.2+wheezy4
wrapper:upstream/1.9.11
wrapper:debian/1.9.10-1
wrapper:upstream/1.9.10
wrapper:debian/1.9.9-1
wrapper:upstream/1.9.9
wrapper:debian/1.9.6-2
wrapper:debian/1.9.6-1
wrapper:upstream/1.9.6
wrapper:debian/1.9.4-1
wrapper:upstream/1.9.4
wrapper:debian/1.9.3-1
wrapper:upstream/1.9.3
wrapper:debian/1.9.1-1_bpo8+1
wrapper:debian/1.9.2-1
wrapper:upstream/1.9.2
wrapper:debian/1.9.1-1
wrapper:upstream/1.9.1
wrapper:debian/1.6.2-5_bpo70+1
wrapper:debian/1.6.2-5
wrapper:debian/1.2.1-2.2+wheezy3
wrapper:debian/1.6.2-4
wrapper:debian/1.6.2-3
wrapper:debian/1.6.2-2_bpo70+1
wrapper:debian/1.6.2-2
wrapper:debian/1.6.2-1_bpo70+1
wrapper:debian/1.6.2-1
wrapper:upstream/1.6.2
wrapper:debian/1.6.1-1_bpo70+1
wrapper:debian/1.6.1-2
wrapper:debian/1.6.1-1
wrapper:upstream/1.6.1
wrapper:debian/1.6.0-2
wrapper:debian/1.6.0-1_bpo70+1
wrapper:debian/1.6.0-1
wrapper:upstream/1.6.0
wrapper:debian/1.4.7-2
wrapper:debian/1.5.13-1_exp1
wrapper:debian/1.5.11-1_exp1
wrapper:debian/1.5.12-1_exp1
wrapper:debian/1.4.7-1
wrapper:upstream/1.4.7
wrapper:debian/1.4.6-1
wrapper:upstream/1.4.6
wrapper:debian/1.4.5-1
wrapper:upstream/1.4.5
wrapper:debian/1.4.4-4
wrapper:debian/1.4.4-3
wrapper:debian/1.4.4-2
wrapper:debian/1.2.1-2.2+wheezy2
wrapper:debian/1.2.1-2.2+wheezy1
wrapper:debian/1.2.1-2.2
wrapper:debian/1.2.1-2.1
wrapper:debian/1.4.4-1
wrapper:upstream/1.4.4
wrapper:debian/1.4.3-2
wrapper:upstream/1.4.3
wrapper:upstream/1.4.2
wrapper:debian/1.4.1-3
wrapper:debian/1.4.1-2
wrapper:debian/1.4.1-1
wrapper:upstream/1.4.1
wrapper:debian/1.4.0-2
wrapper:debian/1.4.0-1
wrapper:upstream/1.4.0
wrapper:upstream/1.2.8
wrapper:debian/1.2.6-1
wrapper:upstream/1.2.6
wrapper:upstream/1.2.5
wrapper:debian/1.2.4-2
wrapper:debian/1.2.4-1
wrapper:upstream/1.2.4
wrapper:debian/1.2.1-2
wrapper:debian/1.2.1-1
wrapper:upstream/1.2.1
wrapper:debian/1.2.0-1
wrapper:upstream/1.2.0
..
compare: wrapper:debian/bookworm
Branches Tags
wrapper:main
wrapper:bullseye
wrapper:debian/bookworm
wrapper:riscv64
wrapper:pristine-tar
wrapper:upstream
wrapper:FTBR-fix
wrapper:wip-1.26.0-3
wrapper:http3
wrapper:experimental
wrapper:nginxdevdeps
wrapper:test
wrapper:master
wrapper:noquilt
wrapper:pcre
wrapper:onlycoreflavour
wrapper:abi
wrapper:prune-odd-bd
wrapper:readme
wrapper:errorlog
wrapper:nginx_test_path
wrapper:ssl_cb_yield
wrapper:dh-ndk
wrapper:stderr
wrapper:luajit
wrapper:sequence
wrapper:buster
wrapper:bullseye-pu
wrapper:stretch-pu
wrapper:buster-pu
wrapper:stretch
wrapper:stretch-backports
wrapper:jessie
wrapper:wheezy
wrapper:experimental-base
wrapper:1.12.x
wrapper:jessie-backports
wrapper:default-includes-apps.d
wrapper:wheezy-backports
wrapper:wheezy-backports-sloppy
wrapper:debian/1.18.0-6.1+deb11u4
wrapper:debian/1.22.1-9+deb12u2
wrapper:debian/1.26.3-3
wrapper:debian/1.22.1-9+deb12u1
wrapper:debian/1.26.3-2
wrapper:debian/1.26.3-1
wrapper:upstream/1.26.3
wrapper:debian/1.26.2-1
wrapper:upstream/1.26.2
wrapper:debian/1.26.0-2
wrapper:debian/1.26.0-1
wrapper:debian/1.26.0-1_exp1
wrapper:upstream/1.26.0
wrapper:debian/1.24.0-2
wrapper:debian/1.24.0-1
wrapper:upstream/1.24.0
wrapper:debian/1.22.1-9
wrapper:debian/1.22.1-8
wrapper:debian/1.22.1-7
wrapper:debian/1.22.1-6
wrapper:debian/1.22.1-6_exp1
wrapper:debian/1.22.1-5
wrapper:debian/1.22.1-4
wrapper:debian/1.22.1-3
wrapper:debian/1.22.1-2
wrapper:debian/1.22.1-1
wrapper:upstream/1.22.1
wrapper:debian/1.22.0-3.1
wrapper:debian/1.22.0-3
wrapper:debian/1.22.0-2
wrapper:debian/1.22.0-1
wrapper:upstream/1.22.0
wrapper:debian/1.20.2-2
wrapper:debian/1.20.2-1
wrapper:upstream/1.20.2
wrapper:debian/1.18.0-9
wrapper:debian/1.18.0-6.1
wrapper:debian/1.18.0-8
wrapper:debian/1.18.0-7
wrapper:debian/1.18.0-6
wrapper:debian/1.18.0-5
wrapper:debian/1.18.0-4
wrapper:debian/1.18.0-3
wrapper:debian/1.18.0-2
wrapper:debian/1.18.0-1
wrapper:upstream/1.18.0
wrapper:debian/1.16.1-3
wrapper:debian/1.16.1-2
wrapper:debian/1.16.1-1
wrapper:upstream/1.16.1
wrapper:debian/1.14.2-2+deb10u1
wrapper:debian/1.10.3-1+deb9u3
wrapper:debian/1.14.2-3
wrapper:debian/1.14.2-2
wrapper:debian/1.14.2-1
wrapper:upstream/1.14.2
wrapper:debian/1.14.1-1_bpo9+1
wrapper:debian/1.10.3-1+deb9u2
wrapper:debian/1.6.2-5+deb8u6
wrapper:debian/1.14.1-1
wrapper:upstream/1.14.1
wrapper:debian/1.14.0-1_bpo9+1
wrapper:debian/1.14.0-1
wrapper:upstream/1.14.0
wrapper:debian/1.13.12-1
wrapper:upstream/1.13.12
wrapper:debian/1.13.11-1
wrapper:upstream/1.13.11
wrapper:debian/1.13.10-1
wrapper:upstream/1.13.10
wrapper:debian/1.13.9-1
wrapper:upstream/1.13.9
wrapper:debian/1.13.8-1
wrapper:upstream/1.13.8
wrapper:debian/1.13.7-1
wrapper:upstream/1.13.7
wrapper:debian/1.13.6-2
wrapper:debian/1.13.6-1
wrapper:upstream/1.13.6
wrapper:debian/1.13.5-1
wrapper:upstream/1.13.5
wrapper:debian/1.13.4-1
wrapper:upstream/1.13.4
wrapper:debian/1.13.3-1_bpo9+1
wrapper:debian/1.2.1-2.2+wheezy4+deb7u1
wrapper:debian/1.10.3-1+deb9u1_bpo8+1
wrapper:debian/1.10.3-1+deb9u1_bpo8+2
wrapper:debian/1.13.3-1
wrapper:debian/1.6.2-5+deb8u5
wrapper:debian/1.10.3-1+deb9u1
wrapper:debian/1.13.2-1
wrapper:upstream/1.13.3
wrapper:debian/1.13.1-2_bpo9+1
wrapper:upstream/1.13.2
wrapper:debian/1.13.1-2
wrapper:debian/1.13.1-1
wrapper:upstream/1.13.1
wrapper:debian/1.13.0-1
wrapper:debian/1.12.0-1
wrapper:upstream/1.12.0
wrapper:upstream/1.13.0
wrapper:upstream-1.11/1.11.13
wrapper:upstream-1.11/1.11.12
wrapper:upstream-1.11/1.11.11
wrapper:debian/1.10.3-1_bpo8+1
wrapper:debian/1.10.2-4_bpo8+1
wrapper:debian/1.11.10-1_exp1
wrapper:upstream-1.11/1.11.10
wrapper:debian/1.10.3-1
wrapper:upstream/1.10.3
wrapper:debian/1.11.9-1_exp2
wrapper:debian/1.11.9-1_exp1
wrapper:debian/1.10.2-4
wrapper:upstream-1.11/1.11.9
wrapper:debian/1.11.8-1_exp1
wrapper:upstream-1.11/1.11.8
wrapper:debian/1.10.2-3
wrapper:debian/1.11.7-1_exp1
wrapper:upstream-1.11/1.11.7
wrapper:debian/1.11.6-1_exp1
wrapper:upstream-1.11/1.11.6
wrapper:debian/1.10.2-2
wrapper:debian/1.9.10-1_bpo8+4
wrapper:debian/1.10.2-1
wrapper:debian/1.6.2-5+deb8u4
wrapper:debian/1.6.2-5+deb8u3
wrapper:upstream/1.10.2
wrapper:debian/1.11.5-1_exp1
wrapper:upstream-1.11/1.11.5
wrapper:upstream-1.11/1.11.4
wrapper:debian/1.10.1-3
wrapper:debian/1.11.3-1_exp2
wrapper:debian/1.10.1-2
wrapper:debian/1.11.3-1_exp1
wrapper:debian/1.9.10-1_bpo8+3
wrapper:upstream-1.11/1.11.3
wrapper:debian/1.9.10-1_bpo8+2
wrapper:debian/1.11.2-1_exp1
wrapper:upstream-1.11/1.11.2
wrapper:debian/1.6.2-5+deb8u2
wrapper:debian/1.6.2-5+deb8u2_bpo70+1
wrapper:debian/1.10.1-1
wrapper:upstream/1.10.1
wrapper:upstream/1.11.0
wrapper:debian/1.10.0-1
wrapper:upstream/1.10.0
wrapper:debian/1.9.14-2
wrapper:debian/1.9.14-1
wrapper:upstream/1.9.14
wrapper:debian/1.9.10-1_bpo8+1
wrapper:debian/1.6.2-5+deb8u1
wrapper:debian/1.2.1-2.2+wheezy4
wrapper:upstream/1.9.11
wrapper:debian/1.9.10-1
wrapper:upstream/1.9.10
wrapper:debian/1.9.9-1
wrapper:upstream/1.9.9
wrapper:debian/1.9.6-2
wrapper:debian/1.9.6-1
wrapper:upstream/1.9.6
wrapper:debian/1.9.4-1
wrapper:upstream/1.9.4
wrapper:debian/1.9.3-1
wrapper:upstream/1.9.3
wrapper:debian/1.9.1-1_bpo8+1
wrapper:debian/1.9.2-1
wrapper:upstream/1.9.2
wrapper:debian/1.9.1-1
wrapper:upstream/1.9.1
wrapper:debian/1.6.2-5_bpo70+1
wrapper:debian/1.6.2-5
wrapper:debian/1.2.1-2.2+wheezy3
wrapper:debian/1.6.2-4
wrapper:debian/1.6.2-3
wrapper:debian/1.6.2-2_bpo70+1
wrapper:debian/1.6.2-2
wrapper:debian/1.6.2-1_bpo70+1
wrapper:debian/1.6.2-1
wrapper:upstream/1.6.2
wrapper:debian/1.6.1-1_bpo70+1
wrapper:debian/1.6.1-2
wrapper:debian/1.6.1-1
wrapper:upstream/1.6.1
wrapper:debian/1.6.0-2
wrapper:debian/1.6.0-1_bpo70+1
wrapper:debian/1.6.0-1
wrapper:upstream/1.6.0
wrapper:debian/1.4.7-2
wrapper:debian/1.5.13-1_exp1
wrapper:debian/1.5.11-1_exp1
wrapper:debian/1.5.12-1_exp1
wrapper:debian/1.4.7-1
wrapper:upstream/1.4.7
wrapper:debian/1.4.6-1
wrapper:upstream/1.4.6
wrapper:debian/1.4.5-1
wrapper:upstream/1.4.5
wrapper:debian/1.4.4-4
wrapper:debian/1.4.4-3
wrapper:debian/1.4.4-2
wrapper:debian/1.2.1-2.2+wheezy2
wrapper:debian/1.2.1-2.2+wheezy1
wrapper:debian/1.2.1-2.2
wrapper:debian/1.2.1-2.1
wrapper:debian/1.4.4-1
wrapper:upstream/1.4.4
wrapper:debian/1.4.3-2
wrapper:upstream/1.4.3
wrapper:upstream/1.4.2
wrapper:debian/1.4.1-3
wrapper:debian/1.4.1-2
wrapper:debian/1.4.1-1
wrapper:upstream/1.4.1
wrapper:debian/1.4.0-2
wrapper:debian/1.4.0-1
wrapper:upstream/1.4.0
wrapper:upstream/1.2.8
wrapper:debian/1.2.6-1
wrapper:upstream/1.2.6
wrapper:upstream/1.2.5
wrapper:debian/1.2.4-2
wrapper:debian/1.2.4-1
wrapper:upstream/1.2.4
wrapper:debian/1.2.1-2
wrapper:debian/1.2.1-1
wrapper:upstream/1.2.1
wrapper:debian/1.2.0-1
wrapper:upstream/1.2.0

2 commits
main ... debian/boo

Author SHA1 Message Date
Andrej Shadura
0d71108200 Import Debian changes 1.22.1-9+deb12u2 
nginx (1.22.1-9+deb12u2) bookworm; urgency=medium
.
  * Non-maintainer upload by the LTS Team.
  * Add upstream patches for CVE-2024-7347:
    - mp4: fix buffer underread while updating stsz atom
    - mp4: reject unordered chunks in stsc atom
 2025-05-21 09:27:16 +02:00
Jan Mojžíš
b1b8bf71fb
release nginx 1.22.1-9+deb12u1, upload to bookworm pu 2025-03-06 07:11:13 +01:00
1006 changed files with 4595 additions and 194674 deletions
Download patch file Download diff file Expand all files Collapse all files

10
.gitignore vendored
View file

@ -1,10 +0,0 @@
objs/*
!objs/ndk_*
.pc/
.vscode/
modules/media-framework/
modules/nginx-srt-module/
modules/nginx-vod-module/
Makefile
*.orig
*.txt

483
.hgtags
View file

@ -1,483 +0,0 @@
551102312e19b704cd22bd7254a9444b9ea14e96 release-0.1.0
23fb87bddda14ce9faec90f774085634106aded4 release-0.1.1
295d97d70c698585705345f1a8f92b02e63d6d0d release-0.1.2
ded1284520cc939ad5ae6ddab39925375e64237d release-0.1.3
0491b909ef7612d8411f1f59054186c1f3471b52 release-0.1.4
a88a3e4e158fade0aaa6f3eb25597d5ced2c1075 release-0.1.5
1f31dc6d33a3a4e65240b08066bf186df9e33b79 release-0.1.6
5aecc125bc33d81d6214c91d73eb44230a903dde release-0.1.7
bbd6b0b4a2b15ef8c8f1aaf7b027b6da47303524 release-0.1.8
2ff194b74f1e60cd04670986973e3b1a6aa3bece release-0.1.9
31ee1b50354fb829564b81a6f34e8d6ceb2d3f48 release-0.1.10
8e8f3af115b5b903b2b8f3335de971f18891246f release-0.1.11
c3c2848fc081e19aec5ffa97e468ad20ddb81df0 release-0.1.12
ad1e9ebf93bb5ae4c748d471fad2de8a0afc4d2a release-0.1.13
c5240858380136a67bec261c59b1532560b57885 release-0.1.14
fd661d14a7fad212e326a7dad6234ea0de992fbf release-0.1.15
621229427cba1b0af417ff2a101fc4f17a7d93c8 release-0.1.16
4ebe09b07e3021f1a63b459903ec58f162183b26 release-0.1.17
31ff3e943e1675a2caf745ba7a981244445d4c98 release-0.1.18
45a460f82aec80b0f61136aa09f412436d42203a release-0.1.19
0f836f0288eee4980f57736d50a7a60fa082d8e9 release-0.1.20
975f62e77f0244f1b631f740be77c72c8f2da1de release-0.1.21
fc9909c369b2b4716304ac8e38da57b8fb781211 release-0.1.22
d7c90bb5ce83dab08715e98f9c7b81c7df4b37be release-0.1.23
64d9afb209da0cd4a917202b7b77e51cc23e2229 release-0.1.24
d4ea69372b946dc4ec37fc3f5ddd93ff7c3da675 release-0.1.25
b1648294f6935e993e436fd8a68bca75c74c826d release-0.1.26
ee66921ecd47a7fa459f70f4a9d660f91f6a1b94 release-0.1.27
cd3117ad9aab9c58c6f7e677e551e1adbdeaba54 release-0.1.28
9b8c906f6e63ec2c71cecebfff35819a7d32227d release-0.1.29
c12967aadd8726daf2d85e3f3e622d89c42db176 release-0.1.30
fbbf16224844e7d560c00043e8ade8a560415bba release-0.1.31
417a087c9c4d9abb9b0b9b3f787aff515c43c035 release-0.1.32
dadfa78d227027348d7f9d1e7b7093d06ba545a0 release-0.1.33
12234c998d83bfbbaa305273b3dd1b855ca325dc release-0.1.34
6f00349b98e5f706b82115c6e4dc84456fc0d770 release-0.1.35
2019117e6b38cc3e89fe4f56a23b271479c627a6 release-0.1.36
09b42134ac0c42625340f16628e29690a04f8db5 release-0.1.37
7fa11e5c6e9612ecff5eb58274cc846ae742d1d2 release-0.1.38
e5d7d0334fdb946133c17523c198800142ac9fe9 release-0.1.39
c3bd8cdabb8f73e5600a91f198eb7df6fac65e92 release-0.1.40
d6e48c08d718bf5a9e58c20a37e8ae172bff1139 release-0.1.41
563ad09abf5042eb41e8ecaf5b4e6c9deaa42731 release-0.1.42
c9ad0d9c7d59b2fa2a5fe669f1e88debd03e6c04 release-0.1.43
371c1cee100d7a1b0e6cad4d188e05c98a641ee7 release-0.1.44
b09ee85d0ac823e36861491eedfc4dfafe282997 release-0.1.45
511a89da35ada16ae806667d699f9610b4f8499a release-0.2.0
0148586012ab3dde69b394ec5a389d44bb11c869 release-0.2.1
818fbd4750b99d14d2736212c939855a11b1f1ef release-0.2.2
e16a8d574da511622b97d6237d005f40f2cddb30 release-0.2.3
483cca23060331f2078b1c2984870d80f288ad41 release-0.2.4
45033d85b30e3f12c407b7cfc518d76e0eda0263 release-0.2.5
7bd37aef1e7e87858c12b124e253e98558889b50 release-0.2.6
ecd9c160f25b7a7075dd93383d98a0fc8d8c0a41 release-0.3.0
c1f965ef97188fd7ef81342dcf8719da18c554d2 release-0.3.1
e48ebafc69393fc94fecfdf9997c4179fd1ce473 release-0.3.2
9c2f3ed7a24711d3b42b124d5f831155c8beff95 release-0.3.3
7c1369d37c7eb0017c28ebcaa0778046f5aafdcc release-0.3.4
1af2fcb3be8a63796b6b23a488049c92a6bc12f4 release-0.3.5
174f1e853e1e831b01000aeccfd06a9c8d4d95a2 release-0.3.6
458b6c3fea65a894c99dd429334a77bb164c7e83 release-0.3.7
58475592100cb792c125101b6d2d898f5adada30 release-0.3.8
fcd6fc7ff7f9b132c35193d834e6e7d05026c716 release-0.3.9
4d9ea73a627a914d364e83e20c58eb1283f4031d release-0.3.10
4c5c2c55975c1152b5ca5d5d55b32d4dd7945f7a release-0.3.11
326634fb9d47912ad94221dc2f8fa4bec424d40c release-0.3.12
4e296b7d25bf62390ca2afb599e395426b94f785 release-0.3.13
401de5a43ba5a8acdb9c52465193c0ea7354afe7 release-0.3.14
284cc140593bb16ac71094acd509ab415ff4837d release-0.3.15
d4e858a5751a7fd08e64586795ed7d336011fbc0 release-0.3.16
8c0cdd81580eb76d774cfc5724de68e7e5cbbdc2 release-0.3.17
425af804d968f30eeff01e33b808bc2e8c467f2c release-0.3.18
ebc68d8ca4962fe3531b7e13444f7ac4395d9c6e release-0.3.19
9262f520ce214d3d5fd7c842891519336ef85ca6 release-0.3.20
869b6444d2341a587183859d4df736c7f3381169 release-0.3.21
77f77f53214a0e3a68fef8226c15532b54f2c365 release-0.3.22
858700ae46b453ea111b966b6d03f2c21ddcb94e release-0.3.23
5dac8c7fb71b86aafed8ea352305e7f85759f72e release-0.3.24
77cdfe394a94a625955e7585e09983b3af9b889b release-0.3.25
608cf78b24ef7baaf9705e4715a361f26bb16ba9 release-0.3.26
3f8a2132b93d66ac19bec006205a304a68524a0b release-0.3.27
c73c5c58c619c22dd3a5a26c91bb0567a62c6930 release-0.3.28
5ef026a2ac7481f04154f29ab49377bf99aaf96f release-0.3.29
51b27717f140b71a2e9158807d79da17c888ce4c release-0.3.30
7a16e281c01f1c7ab3b79c64b43ddb754ea7935e release-0.3.31
93e85a79757c49d502e42a1cb8264a0f133b0b00 release-0.3.32
0216fd1471f386168545f772836156761eddec08 release-0.3.33
fbed40ce7cb4fd7203fecc22a617b9ce5b950fb3 release-0.3.34
387450de0b4d21652f0b6242a5e26a31e3be8d8c release-0.3.35
65bf042c0b4f39f18a235464c52f980e9fa24f6b release-0.3.36
5d2b8078c1c2593b95ec50acfeeafbefa65be344 release-0.3.37
f971949ffb585d400e0f15508a56232a0f897c80 release-0.3.38
18268abd340cb351e0c01b9c44e9f8cc05492364 release-0.3.39
e60fe4cf1d4ea3c34be8c49047c712c6d46c1727 release-0.3.40
715d243270806d38be776fc3ed826d97514a73d6 release-0.3.41
5e8fb59c18c19347a5607fb5af075fe1e2925b9a release-0.3.42
947c6fd27699e0199249ad592151f844c8a900b0 release-0.3.43
4946078f0a79e6cc952d3e410813aac9b8bda650 release-0.3.44
95d7da23ea5315a6e9255ce036ed2c51f091f180 release-0.3.45
1e720b0be7ecd92358da8a60944669fa493e78cd release-0.3.46
39b7d7b33c918d8f4abc86c4075052d8c19da3c7 release-0.3.47
7cbef16c71a1f43a07f8141f02e0135c775f0f5b release-0.3.48
4c8cd5ae5cc100add5c08c252d991b82b1838c6b release-0.3.49
400711951595aef7cd2ef865b84b31df52b15782 release-0.3.50
649c9063d0fda23620eaeaf0f6393be0a672ebe7 release-0.3.51
9079ee4735aefa98165bb2cb26dee4f58d58c1d7 release-0.3.52
6d5c1535bb9dcd891c5963971f767421a334a728 release-0.3.53
5fd7a5e990477189c40718c8c3e01002a2c20b81 release-0.3.54
63a820b0bc6ca629c8e45a069b52d622ddc27a2d release-0.3.55
562806624c4afb1687cba83bc1852f5d0fecbac3 release-0.3.56
cec32b3753acf610ac1a6227d14032c1a89d6319 release-0.3.57
b80f94fa2197b99db5e033fec92e0426d1fe5026 release-0.3.58
e924670896abe2769ea0fcfd2058b405bed8e8ec release-0.3.59
921a7ce4baf42fd1091b7e40f89c858c6b23053e release-0.3.60
df95dcff753a6dc5e94257302aea02c18c7a7c87 release-0.3.61
7e24168b0853ee7e46c9c7b943ef077dc64f17f5 release-0.4.0
8183d4ba50f8500465efb27e66dd23f98775dd21 release-0.4.1
610267a772c7bf911b499d37f66c21ce8f2ebaf7 release-0.4.2
39dd0b045441e21512e0a6061a03d0df63414d8b release-0.4.3
5e42c1615f4de0079bd4d8913886d588ce6a295d release-0.4.4
40266f92b829a870808b3d4ee54c8fccdecbd2d6 release-0.4.5
56e33c6efee7ff63cdc52bd1cf172bde195079df release-0.4.6
119bad43bfd493400c57a05848eada2c35a46810 release-0.4.7
0f404f82a1343cb4e4b277a44e3417385798e5e5 release-0.4.8
d24a717314365c857b9f283d6072c2a427d5e342 release-0.4.9
d6f0a00015fdef861fd67fb583b9690638650656 release-0.4.10
e372368dadd7b2ecd0182b2f1b11db86fc27b2c3 release-0.4.11
fd57967d850d2361072c72562d1ed03598473478 release-0.4.12
979045fdcbd20cf7188545c1c589ff240251f890 release-0.4.13
93c94cfa9f78f0a5740595dde4466ec4fba664f8 release-0.4.14
589ee12e8d7c2ae5e4f4676bcc7a1279a76f9e8e release-0.5.0
13416db8a807e5acb4021bc3c581203de57e2f50 release-0.5.1
06c58edc88831fb31c492a8eddcf2c6056567f18 release-0.5.2
e2ac5fa41bcba14adbbb722d45c083c30c07bb5c release-0.5.3
393dbc659df15ccd411680b5c1ce87ed86d4c144 release-0.5.4
38cc7bd8e04f2c519fd4526c12841a876be353cb release-0.5.5
6d1fcec2ea79101c756316c015f72e75f601a5ab release-0.5.6
aed8a9de62456c4b360358bc112ccca32ce02e8d release-0.5.7
7642f45af67d805452df2667486201c36efaff85 release-0.5.8
779216610662c3a459935d506f66a9b16b9c9576 release-0.5.9
9eeb585454f3daa30cf768e95c088a092fe229b9 release-0.5.10
bb491c8197e38ca10ae63b1f1ecb36bf6fdaf950 release-0.5.11
613369e08810f36bbcc9734ef1059a03ccbf5e16 release-0.5.12
bd796ef5c9c9dd34bfac20261b98685e0410122a release-0.5.13
8a730c49f906d783b47e4b44d735efd083936c64 release-0.5.14
cb447039152d85e9145139ff2575a6199b9af9d4 release-0.5.15
64854c7c95d04f838585ca08492823000503fa61 release-0.5.16
d1ffcf84ea1244f659145c36ff28de6fcdf528b2 release-0.5.17
796a6e30ca9d29504195c10210dbc8deced0ae83 release-0.5.18
1f81c711d2a039e1f93b9b515065a2235372d455 release-0.5.19
8e8f6082654aedb4438c8fca408cfc316c7c5a2a release-0.5.20
e9551132f7dd40da5719dd5bcf924c86f1436f85 release-0.5.21
533a252896c4d1cff1586ae42129d610f7497811 release-0.5.22
f461a49b6c747e0b67f721f2be172902afea5528 release-0.5.23
2d5ef73671f690b65bf6d9e22e7155f68f484d5a release-0.5.24
77bf42576050862c268e267ef3e508b145845a25 release-0.5.25
2aefee4d4ed69eb7567680bf27a2efd212232488 release-0.6.0
7ac0fe9bec9a2b5f8e191f6fdd6922bfd916a6cb release-0.6.1
4882735ebc71eeec0fbfe645bdfdb31306872d82 release-0.6.2
b94731c73d0922f472ff938b9d252ba29020f20c release-0.6.3
13e649b813d6ccba5db33a61e08ebe09d683cd5b release-0.6.4
80de622646b0059fd4c553eff47c391bf7503b89 release-0.6.5
3b05edb2619d5935023b979ee7a9611b61b6c9e5 release-0.6.6
1dcfd375100c4479611f71efb99271d0a3059215 release-0.6.7
0228185d4c5772947b842e856ad74cf7f7fd52f3 release-0.6.8
d1879c52326ecac45c713203670f54220879911e release-0.6.9
5a80c6ccbe2ad24fa3d4ff6f9fe4a2b07408d19d release-0.6.10
f88a8b0b39601b19cd740e4db614ab0b5b874686 release-0.6.11
5557460a7247a1602ae96efd1d0ccf781344cb58 release-0.6.12
451b02cc770a794cd41363461b446948ae1d8bc8 release-0.6.13
537b6ef014c4a133e0ab0b7dc817508e0647e315 release-0.6.14
5e68764f0d6e91a983170fa806e7450a9e9b33fe release-0.6.15
158aa4e8cc46fcf9504a61469d22daf3476b17bf release-0.6.16
d8fcca555542619228d9fab89e1665b993f8c3ee release-0.6.17
60707ebc037086cf004736a0d4979e2a608da033 release-0.6.18
3c2a99d3a71af846855be35e62edb9a12f363f44 release-0.6.19
3e0a27f9358ffc1b5249e0ea2311ce7da5c8967e release-0.6.20
143f4d65b1c875d6563ccb7f653d9157afc72194 release-0.6.21
95e6160d2b7d0af8ffd1b95a23cadadf8f0b3f6d release-0.6.22
69a03d5e3b6e6660079ef1ef172db7ac08d8370e release-0.6.23
3e2a58fb48f1e1a99ebf851e0d47a7034c52ae22 release-0.6.24
3b8607c05a8bebcfa59235c2126a70d737f0ccf5 release-0.6.25
07ad5b2606614c4be4ee720c46cf4af126059d31 release-0.6.26
be531addfabe5214f409d457140c1038af10d199 release-0.6.27
58f05255d3a345d04baef5cff0ca1ae0ac7ecebb release-0.6.28
eb2bd21dc8d03f6c94016f04ffb9adaf83a2b606 release-0.6.29
55408deb3cd171efa9b81d23d7a1dd1ccde0b839 release-0.6.30
d4288915bba73c4c3c9cf5d39d34e86879eb2b45 release-0.6.31
0a189588830b8629c4dfea68feb49af36b59e4a9 release-0.7.0
6ab27a06f3346cf9ec8737f5dbcc82dd4031e30f release-0.7.1
a07e258cef3b0a0b6e76a6ff4ba4651c5facc85a release-0.7.2
9992c4583513d2804fc2e7fec860fbc7ab043009 release-0.7.3
4dc24d50230fbadfc037a414a86390db2de69dd2 release-0.7.4
9527137b4354a648a229c7169850c7c65272c00d release-0.7.5
c2f0f7cf306f302254beae512bda18713922375c release-0.7.6
bbcf6d75556fdcee8bd4aba8f6c27014be9920ee release-0.7.7
43bde71f0bbe5a33b161760d7f9f980d50386597 release-0.7.8
769f0dd7081e9011394f264aa22aa66fd79730d8 release-0.7.9
511edfa732da637f5f0c9476335df7dca994706d release-0.7.10
0e7023bf6b2461309c29885935443449a41be807 release-0.7.11
9ad1bd2b21d93902863807528e426862aedee737 release-0.7.12
d90ea21e24ea35379aef50c5d70564158e110a15 release-0.7.13
c07d2d20d95c83d804079bbdcecbce4a0c8282f0 release-0.7.14
0cd7bb051f67eac2b179fb9f9cc988b9ba18ed76 release-0.7.15
eab2e87deba73ae6abd9cc740e8d4365bed96322 release-0.7.16
91d7a9eb8ade90e9421d7b1e3c2e47a6bc427876 release-0.7.17
fc10f7b5cb1305fb930f8ac40b46882d0828d61e release-0.7.18
9dba9779e37e5969a2d408c792084fd7acfec062 release-0.7.19
61838d1bcbddc7bc4dd9f30d535573a6fddca8f9 release-0.7.20
5f665d0fa6a5f6e748157f2ccbc445b2db8125d0 release-0.7.21
24763afa5efe91e54f00b2ae5b87666eb6c08c3b release-0.7.22
0562fb355a25266150cbe8c8d4e00f55e3654df3 release-0.7.23
19c452ecd083550816873a8a31eb3ed9879085e6 release-0.7.24
46b68faf271d6fdcaaf3ad2c69f6167ea9e9fa28 release-0.7.25
d04bfca0c7e3ae2e4422bc1d383553139d6f0a19 release-0.7.26
9425d9c7f8ead95b00a3929a9a5e487e0e3c8499 release-0.7.27
fbc3e7e8b3ee756568a875f87d8a954a2f9d3bf6 release-0.7.28
5176dfdf153fc785b18604197d58806f919829ad release-0.7.29
87e07ccdf0a4ec53458d9d7a4ea66e1239910968 release-0.7.30
9fddd7e1a7a27f8463867f41a461aad57df461b2 release-0.7.31
780b2ba1ec6daf6e3773774e26b05b9ff0d5483e release-0.7.32
83027471a25385b1c671968be761e9aa7a8591a7 release-0.7.33
1e9a362c3dcee221ca6e34308c483ed93867aca2 release-0.7.34
c7ee9e15717b54ead5f4a554686e74abe66c6b07 release-0.7.35
b84548abe9b9d4f4e203f848696e52c8c82c308f release-0.7.36
3286f0bab8e77dbc7ebb370b1dc379592ccff123 release-0.7.37
11a4e2ed5b166b9c9f119171aa399a9e3aa4684a release-0.7.38
f822655d4120629977794c32d3b969343b6c30db release-0.7.39
8a350e49d2b6751296db6d8e27277ccf63ed412a release-0.7.40
c4a56c197eeafd71fc1caef7a9d890a330e3c23d release-0.7.41
a9575a57a5443df39611774cf3840e9088132b0e release-0.7.42
7503d95d6eadad14c28b2db183ba09848265274b release-0.7.43
9be652e9114435fc6f1fdec84c0458d56702db91 release-0.7.44
797e070d480a34b31ddac0d364784773f1bbbcf9 release-0.7.45
9b5037e7ec7db25875c40f9d1cf20a853388b124 release-0.7.46
d1d0e6d7ff0ca3c0dd1be1ef1cfff2e3fd0b4e1c release-0.7.47
9816fb28eda599bfd53940e6d3b6617d1ecb6323 release-0.7.48
452b9d09df8e3f2fb04b2a33d04d2f3a6436eb34 release-0.7.49
e4350efa7cf7a0e868c2236a1137de8a33bd8ec6 release-0.7.50
f51f2bec766c8b6d7e1799d904f18f8ea631bd44 release-0.7.51
18e39e566781c9c187e2eb62bebd9d669d68f08c release-0.7.52
b073eaa1dcea296a3488b83d455fab6621a73932 release-0.7.53
01c6fe6c2a55998434cd3b05dd10ca487ac3fb6c release-0.7.54
3ed9377e686f2521e6ec15873084381033fb490d release-0.7.55
a1e44954549c35023b409f728c678be8bf898148 release-0.7.56
fbb1918a85e38a7becdb1a001dbaf5933f23a919 release-0.7.57
87f4a49a9cc34a5b11c8784cc5ea89e97b4b2bd8 release-0.7.58
0c22cb4862c8beb4ee1b9e4627125162a29a5304 release-0.7.59
82d56c2425ef857cd430b8530a3f9e1127145a67 release-0.8.0
f4acb784b53cd952559567971b97dde1e818a2b6 release-0.8.1
b3503597c1a0f0f378afdc5e5e5b85e2c095a4be release-0.8.2
c98da980514a02ba81c421b25bf91803ffffddf3 release-0.8.3
db34ec0c53c4b9dec12ffdf70caf89a325ab9577 release-0.8.4
0914802433b8678ba2cdf91280766f00f4b9b76e release-0.8.5
ff52ee9e6422f3759f43a442b7ba615595b3a3d4 release-0.8.6
7607237b4829fff1f60999f4663c50ed9d5182f7 release-0.8.7
1cef1807bc12cb05ac52fb0e7a0f111d3760b569 release-0.8.8
a40f8475511d74a468ade29c1505e8986600d7a3 release-0.8.9
2d9faf2260df6c3e5d4aa1781493c31f27a557d0 release-0.8.10
d0d61c32331a6505381b5218318f7b69db167ca8 release-0.8.11
ca7a1c6c798a7eb5b294d4ac3179ec87ecf297d3 release-0.8.12
81c8277cd8ed55febcb2dd9d9213076f6c0ccb09 release-0.8.13
3089486a8dc5844b5b6e9f78d536b4b26f7ffa16 release-0.8.14
d364c2c12dd9723a2dfac3f096f5e55d4cfe6838 release-0.8.15
52163a1027c3efd6b4c461b60a2ca6266c23e193 release-0.8.16
06564e9a2d9ec5852132c212e85eda0bf1300307 release-0.8.17
7aaa959da85e09e29bcac3b1cadec35b0a25b64d release-0.8.18
4bc73c644329a510da4e96b7241b80ead7772f83 release-0.8.19
ea3d168fb99c32a5c3545717ecc61e85a375e5dd release-0.8.20
27951ca037e63dae45ff5b6279124c224ae1255a release-0.8.21
d56c8b5df517c2bf6e7bc2827b8bf3e08cda90e1 release-0.8.22
3c6ac062b379b126212cbb27e98a3c8275ef381a release-0.8.23
89b9173476de14688b1418fbf7df10f91d1719ef release-0.8.24
aa550cb4159ae0d566006e091fb1c7a888771050 release-0.8.25
06ce92293f6a65651b08c466f90f55bd69984b98 release-0.8.26
ea50b0d79ef1d7d901cd0e4dcd7373447849d719 release-0.8.27
e68b1c35cad86105ff1c5b240f53442f4c36356e release-0.8.28
78d3582a30afe63fc0adb17c3ac8891a64e47146 release-0.8.29
9852c5965a3292a1b6127dbb4da9fce4912d898a release-0.8.30
4f84115914490e572bcbee5069157b7334df2744 release-0.8.31
59dee6f7f3afeb1fad6ed5983756e48c81ad2a5c release-0.8.32
a4456378d234c07038456cf32bfe3c651f1d5e82 release-0.8.33
21cb50799a20575a42f9733342d37a426f79db4d release-0.8.34
7cb3cb8d78ef7ae63561733ed91fd07933896bc8 release-0.8.35
aed68639d4eb6afe944b7fb50499c16f7f3f503c release-0.8.36
265b7fd2ae21c75bbffa5115b83a0123d6c4acb4 release-0.8.37
fa5f1ca353c0c5aa5415f51d72fd7bbcc02d1ed7 release-0.8.38
af10bf9d4c6532850aa1f70cdf7504bd109b284c release-0.8.39
4846ec9f83cb5bc4c8519d5641b35fb9b190430c release-0.8.40
718b4cb3faf7efe4e0648140f064bf7a92c3f7e8 release-0.8.41
b5a3065749093282ddd19845e0b77ffc2e54333e release-0.8.42
34df9fb22fed415cdad52def04095dc6d4b48222 release-0.8.43
00ec8cd76fb89af27363b76c40d9f88bf4679c3b release-0.8.44
e16dd52a0d226c23dcae9a11252564a04753bbed release-0.8.45
f034d9173df0a433e0bbcf5974f12ea9eb9076c0 release-0.8.46
4434dc967087315efcd0658206a67fe6c85528f3 release-0.8.47
0b65c962e0cd6783a854877b52c903cb058eec8c release-0.8.48
a2b7e94b9807e981866bf07e37b715847d1b7120 release-0.8.49
e7bdb8edc1bab2bc352a9fb6ce765c46575c35bf release-0.8.50
21dacebd12f65cb57ceb8d2688db5b07fad6e06d release-0.8.51
67dd7533b99c8945b5b8b5b393504d4e003a1c50 release-0.8.52
010468d890dbac33a4cae6dfb2017db70721b2fe release-0.8.53
62b599022a2fa625b526c2ad1711dc6db7d66786 release-0.9.0
71281dd73b17a0ead5535d531afaee098da723cb release-0.9.1
16cff36b0e49fc9fdeee13b2e92690286bcc1b3d release-0.9.2
b7b306325972661117694879d3e22faf4cf0df32 release-0.9.3
fe671505a8ea86a76f0358b3ec4de84a9037ac2b release-0.9.4
70542931bc5436d1bbd38f152245d93ac063968d release-0.9.5
27e2f3b7a3db1819c5d0ba28327ceaba84a13c4e release-0.9.6
657d05d63915ce2f6c4d763091059f5f85bb10e5 release-0.9.7
e0fd9f36005923b8f98d1ba1ea583cb7625f318f release-1.0.0
f8f89eb4e0c27e857ec517d893d4f9a454985084 release-1.0.1
c50df367648e53d55e80b60a447c9c66caa0d326 release-1.0.2
80d586db316512b5a9d39f00fe185f7f91523f52 release-1.0.3
c9c2805ac9245cc48ce6efeba2b4a444f859d6aa release-1.0.4
fa2c37b1122c2c983b6e91d1188e387d72dde4d6 release-1.0.5
f31aea5b06654c9163be5acd6d9b7aaf0fdf6b33 release-1.1.0
44bf95f670656fae01ccb266b3863843ea13d324 release-1.1.1
da1289482a143dfa016769649bdff636c26f53c8 release-1.1.2
bac8ba08a6570bac2ecd3bf2ad64b0ac3030c903 release-1.1.3
911060bc8221d4113a693ae97952a1fa88663ca8 release-1.1.4
e47531dfabbf8e5f8b8aff9ff353642ea4aa7abb release-1.1.5
f9ddecfe331462f870a95e4c1c3ba1bb8f19f2d3 release-1.1.6
378c297bb7459fb99aa9c77decac0d35391a3932 release-1.1.7
71600ce67510af093d4bc0117a78b3b4678c6b3a release-1.1.8
482d7d907f1ab92b78084d8b8631ed0eb7dd08f7 release-1.1.9
c7e65deabf0db5109e8d8f6cf64cd3fb7633a3d1 release-1.1.10
9590f0cf5aab8e6e0b0c8ae59c70187b2b97d886 release-1.1.11
ade8fc136430cfc04a8d0885c757968b0987d56c release-1.1.12
6a6836e65827fd3cb10a406e7bbbe36e0dad8736 release-1.1.13
6845f4ac909233f5a08ed8a51de137713a888328 release-1.1.14
2397e9c72f1bc5eac67006e12ad3e33e0ea9ba74 release-1.1.15
7b7c49639a7bceecabf4963c60b26b65a77d6ce0 release-1.1.16
f7e1113a9a1648cad122543e7080e895cf2d88f4 release-1.1.17
2b22743c3079b41233ded0fc35af8aa89bcfab91 release-1.1.18
0f0b425659e0b26f5bc8ea14a42dbf34de2eaba6 release-1.1.19
f582d662cc408eb7a132c21f4b298b71d0701abb release-1.2.0
9ee68d629722f583d43d92271f2eb84281afc630 release-1.3.0
61b6a3438afef630774e568eefd89c53e3b93287 release-1.3.1
7ccd50a0a455f2f2d3b241f376e1193ad956196d release-1.2.1
0000000000000000000000000000000000000000 release-1.2.1
50107e2d96bbfc2c59e46f889b1a5f68dd10cf19 release-1.3.2
2c5e1e88c8cf710caf551c5c67eba00443601efe release-1.3.3
a43447fb82aa03eabcd85352758ae14606a84d35 release-1.3.4
90f3b4ea7992a7bf9385851a3e77173363091eea release-1.3.5
3aeb14f88daeb973e4708310daa3dc68ac1200f7 release-1.3.6
dafd375f1c882b15fa4a9b7aa7c801c55082395e release-1.3.7
ab7ce0eb4cf78a656750ab1d8e55ef61f7e535ec release-1.3.8
1b1a9337a7399ad3cdc5e3a2f9fbaaec990271d5 release-1.3.9
2c053b2572694eb9cd4aed26a498b6cb1f51bbcc release-1.3.10
36409ac209872ce53019f084e4e07467c5d9d25e release-1.3.11
560dc55e90c13860a79d8f3e0d67a81c7b0257bb release-1.3.12
dc195ffe0965b2b9072f8e213fe74ecce38f6773 release-1.3.13
e04428778567dd4de329bbbe97ad653e22801612 release-1.3.14
cd84e467c72967b9f5fb4d96bfc708c93edeb634 release-1.3.15
23159600bdea695db8f9d2890aaf73424303e49c release-1.3.16
7809529022b83157067e7d1e2fb65d57db5f4d99 release-1.4.0
48a84bc3ff074a65a63e353b9796ff2b14239699 release-1.5.0
99eed1a88fc33f32d66e2ec913874dfef3e12fcc release-1.5.1
5bdca4812974011731e5719a6c398b54f14a6d61 release-1.5.2
644a079526295aca11c52c46cb81e3754e6ad4ad release-1.5.3
376a5e7694004048a9d073e4feb81bb54ee3ba91 release-1.5.4
60e0409b9ec7ee194c6d8102f0656598cc4a6cfe release-1.5.5
70c5cd3a61cb476c2afb3a61826e59c7cda0b7a7 release-1.5.6
9ba2542d75bf62a3972278c63561fc2ef5ec573a release-1.5.7
eaa76f24975948b0ce8be01838d949122d44ed67 release-1.5.8
5a1759f33b7fa6270e1617c08d7e655b7b127f26 release-1.5.9
b798fc020e3a84ef68e6c9f47865a319c826d33c release-1.5.10
f995a10d4c7e9a817157a6ce7b753297ad32897e release-1.5.11
97b47d95e4449cbde976657cf8cbbc118351ffe0 release-1.5.12
fd722b890eabc600394349730a093f50dac31639 release-1.5.13
d161d68df8be32e5cbf72b07db1a707714827803 release-1.7.0
0351a6d89c3dbcc7a76295024ba6b70e27b9a497 release-1.7.1
0bd223a546192fdf2e862f33938f4ec2a3b5b283 release-1.7.2
fe7cd01828d5ca7491059f0690bb4453645eb28b release-1.7.3
cbb146b120296852e781079d5138b04495bab6df release-1.7.4
fe129aa02db9001d220f1db7c3c056f79482c111 release-1.7.5
a8d111bb68847f61d682a3c8792fecb2e52efa2c release-1.7.6
6d2fbc30f8a7f70136cf08f32d5ff3179d524873 release-1.7.7
d5ea659b8bab2d6402a2266efa691f705e84001e release-1.7.8
34b201c1abd1e2d4faeae4650a21574771a03c0e release-1.7.9
860cfbcc4606ee36d898a9cd0c5ae8858db984d6 release-1.7.10
2b3b737b5456c05cd63d3d834f4fb4d3776953d0 release-1.7.11
3ef00a71f56420a9c3e9cec311c9a2109a015d67 release-1.7.12
53d850fe292f157d2fb999c52788ec1dc53c91ed release-1.9.0
884a967c369f73ab16ea859670d690fb094d3850 release-1.9.1
3a32d6e7404a79a0973bcd8d0b83181c5bf66074 release-1.9.2
e27a215601292872f545a733859e06d01af1017d release-1.9.3
5cb7e2eed2031e32d2e5422caf9402758c38a6ad release-1.9.4
942475e10cb47654205ede7ccbe7d568698e665b release-1.9.5
b78018cfaa2f0ec20494fccb16252daa87c48a31 release-1.9.6
54117529e40b988590ea2d38aae909b0b191663f release-1.9.7
1bdc497c81607d854e3edf8b9a3be324c3d136b6 release-1.9.8
ef107f3ddc237a3007e2769ec04adde0dcf627fa release-1.9.9
be00ca08e41a69e585b6aff70a725ed6c9e1a876 release-1.9.10
fe66cff450a95beed36a2515210eb2d7ef62c9d3 release-1.9.11
ead3907d74f90a14d1646f1b2b56ba01d3d11702 release-1.9.12
5936b7ed929237f1a73b467f662611cdc0309e51 release-1.9.13
4106db71cbcb9c8274700199ac17e520902c6c0f release-1.9.14
13070ecfda67397985f0e986eb9c42ecb46d05b5 release-1.9.15
271ee30c6791847980cd139d31807541f5e569bf release-1.11.0
cb783d9cc19761e14e1285d91c38f4b84d0b8756 release-1.11.1
4d3b3a13a8cf5fc3351a7f167d1c13325e00f21c release-1.11.2
b83a067949a3384a49fd3d943eb8d0997b31f87b release-1.11.3
953512ca02c6f63b4fcbbc3e10d0d9835896bf99 release-1.11.4
5253015a339aaca0a3111473d3e931b6d4752393 release-1.11.5
5e371426b3bcba4312ce08606194b89b758927d1 release-1.11.6
5c8f60faf33ca8926473d2da27b4c3c417bd4630 release-1.11.7
4591da489a30f790def29bc5987f43409b503cae release-1.11.8
20a45c768e5ed26b740679d0e22045c98727c3cc release-1.11.9
1ad0999a7ded3d4fb01c7acf8ff57c80b643da7e release-1.11.10
d8b321a876d6254e9e98795e3b194ef053290354 release-1.11.11
7f394e433f0003222aa6531931ecc0b24740d5e4 release-1.11.12
3d0e8655f897959e48cc74e87670bb5492a58871 release-1.11.13
3671096a45bce570a2afa20b9faf42c7fb0f7e66 release-1.13.0
539f7893ecb96bee60965528c8958d7eb2f1ce6b release-1.13.1
5be2b25bdc65775a85f18f68a4be4f58c7384415 release-1.13.2
8457ce87640f9bfe6221c4ac4466ced20e03bebe release-1.13.3
bbc642c813c829963ce8197c0ca237ab7601f3d4 release-1.13.4
0d45b4cf7c2e4e626a5a16e1fe604402ace1cea5 release-1.13.5
f87da7d9ca02b8ced4caa6c5eb9013ccd47b0117 release-1.13.6
47cca243d0ed39bf5dcb9859184affc958b79b6f release-1.13.7
20ca4bcff108d3e66977f4d97508637093492287 release-1.13.8
fb1212c7eca4c5328fe17d6cd95b010c67336aac release-1.13.9
31c929e16910c38492581ef474e72fa67c28f124 release-1.13.10
64179f242cb55fc206bca59de9bfdc4cf5ebcec7 release-1.13.11
051e5fa03b92b8a564f6b12debd483d267391e82 release-1.13.12
990b3e885636d763b97ed02d0d2cfc161a4e0c09 release-1.15.0
4189160cb946bb38d0bc0a452b5eb4cdd8979fb5 release-1.15.1
b234199c7ed8a156a6bb98f7ff58302c857c954f release-1.15.2
28b3e17ca7eba1e6a0891afde0e4bc5bcc99c861 release-1.15.3
49d49835653857daa418e68d6cbfed4958c78fca release-1.15.4
f062e43d74fc2578bb100a9e82a953efa1eb9e4e release-1.15.5
2351853ce6867b6166823bdf94333c0a76633c0a release-1.15.6
051a039ce1c7e09144de4a4846669ec7116cecea release-1.15.7
ee551e3f6dba336c0d875e266d7d55385f379b42 release-1.15.8
d2fd76709909767fc727a5b4affcf1dc9ca488a7 release-1.15.9
75f5c7f628411c79c7044102049f7ab4f7a246e7 release-1.15.10
5155d0296a5ef9841f035920527ffdb771076b44 release-1.15.11
0130ca3d58437b3c7c707cdddd813d530c68da9a release-1.15.12
054c1c46395caff79bb4caf16f40b331f71bb6dd release-1.17.0
7816bd7dabf6ee86c53c073b90a7143161546e06 release-1.17.1
2fc9f853a6b7cd29dc84e0af2ed3cf78e0da6ca8 release-1.17.2
ed4303aa1b31a9aad5440640c0840d9d0af45fed release-1.17.3
ce2ced3856909f36f8130c99eaa4dbdbae636ddc release-1.17.4
9af0dddbddb2c368bfedd2801bc100ffad01e19b release-1.17.5
de68d0d94320cbf033599c6f3ca37e5335c67fd7 release-1.17.6
e56295fe0ea76bf53b06bffa77a2d3a9a335cb8c release-1.17.7
fdacd273711ddf20f778c1fb91529ab53979a454 release-1.17.8
5e8d52bca714d4b85284ddb649d1ba4a3ca978a8 release-1.17.9
c44970de01474f6f3e01b0adea85ec1d03e3a5f2 release-1.17.10
cbe6ba650211541310618849168631ce0b788f35 release-1.19.0
062920e2f3bf871ef7a3d8496edec1b3065faf80 release-1.19.1
a7b46539f507e6c64efa0efda69ad60b6f4ffbce release-1.19.2
3cbc2602325f0ac08917a4397d76f5155c34b7b1 release-1.19.3
dc0cc425fa63a80315f6efb68697cadb6626cdf2 release-1.19.4
8e5b068f761cd512d10c9671fbde0b568c1fd08b release-1.19.5
f618488eb769e0ed74ef0d93cd118d2ad79ef94d release-1.19.6
3fa6e2095a7a51acc630517e1c27a7b7ac41f7b3 release-1.19.7
8c65d21464aaa5923775f80c32474adc7a320068 release-1.19.8
da571b8eaf8f30f36c43b3c9b25e01e31f47149c release-1.19.9
ffcbb9980ee2bad27b4d7b1cd680b14ff47b29aa release-1.19.10
df34dcc9ac072ffd0945e5a1f3eb7987e8275375 release-1.21.0
a68ac0677f8553b1f84d357bc9da114731ab5f47 release-1.21.1
bfbc52374adcbf2f9060afd62de940f6fab3bba5 release-1.21.2
2217a9c1d0b86026f22700b3c089545db1964f55 release-1.21.3
39be8a682c58308d9399cddd57e37f9fdb7bdf3e release-1.21.4
d986378168fd4d70e0121cabac274c560cca9bdf release-1.21.5
714eb4b2c09e712fb2572a2164ce2bf67638ccac release-1.21.6
5da2c0902e8e2aa4534008a582a60c61c135960e release-1.23.0
a63d0a70afea96813ba6667997bc7d68b5863f0d release-1.23.1
aa901551a7ebad1e8b0f8c11cb44e3424ba29707 release-1.23.2
ff3afd1ce6a6b65057741df442adfaa71a0e2588 release-1.23.3
ac779115ed6ee4f3039e9aea414a54e560450ee2 release-1.23.4
12dcf92b0c2c68552398f19644ce3104459807d7 release-1.25.0
f8134640e8615448205785cf00b0bc810489b495 release-1.25.1
1d839f05409d1a50d0f15a2bf36547001f99ae40 release-1.25.2
294a3d07234f8f65d7b0e0b0e2c5b05c12c5da0a release-1.25.3
173a0a7dbce569adbb70257c6ec4f0f6bc585009 release-1.25.4
8618e4d900cc71082fbe7dc72af087937d64faf5 release-1.25.5
a58202a8c41bf0bd97eef1b946e13105a105520d release-1.26.0
a63c124e34bcf2d1d1feb8d40ff075103b967c4c release-1.26.1
e4c5da06073ca24e2ffc5c8f8b8d7833a926356f release-1.26.2

301
CHANGES
View file

@ -1,310 +1,15 @@
Changes with nginx 1.26.3 05 Feb 2025
*) Security: insufficient check in virtual servers handling with TLSv1.3
SNI allowed to reuse SSL sessions in a different virtual server, to
bypass client SSL certificates verification (CVE-2025-23419).
*) Bugfix: in the ngx_http_mp4_module.
Thanks to Nils Bars.
*) Workaround: "gzip filter failed to use preallocated memory" alerts
appeared in logs when using zlib-ng.
*) Bugfix: nginx could not build libatomic library using the library
sources if the --with-libatomic=DIR option was used.
*) Bugfix: nginx now ignores QUIC version negotiation packets from
clients.
*) Bugfix: nginx could not be built on Solaris 10 and earlier with the
ngx_http_v3_module.
*) Bugfixes in HTTP/3.
Changes with nginx 1.26.2 14 Aug 2024
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash
(CVE-2024-7347).
Thanks to Nils Bars.
Changes with nginx 1.26.1 29 May 2024
*) Security: when using HTTP/3, processing of a specially crafted QUIC
session might cause a worker process crash, worker process memory
disclosure on systems with MTU larger than 4096 bytes, or might have
potential other impact (CVE-2024-32760, CVE-2024-31079,
CVE-2024-35200, CVE-2024-34161).
Thanks to Nils Bars of CISPA.
*) Bugfix: reduced memory consumption for long-lived requests if "gzip",
"gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
*) Bugfix: nginx could not be built by gcc 14 if the --with-libatomic
option was used.
Thanks to Edgar Bonet.
*) Bugfix: in HTTP/3.
Changes with nginx 1.26.0 23 Apr 2024
*) 1.26.x stable branch.
Changes with nginx 1.25.5 16 Apr 2024
*) Feature: virtual servers in the stream module.
*) Feature: the ngx_stream_pass_module.
*) Feature: the "deferred", "accept_filter", and "setfib" parameters of
the "listen" directive in the stream module.
*) Feature: cache line size detection for some architectures.
Thanks to Piotr Sikora.
*) Feature: support for Homebrew on Apple Silicon.
Thanks to Piotr Sikora.
*) Bugfix: Windows cross-compilation bugfixes and improvements.
Thanks to Piotr Sikora.
*) Bugfix: unexpected connection closure while using 0-RTT in QUIC.
Thanks to Vladimir Khomutov.
Changes with nginx 1.25.4 14 Feb 2024
*) Security: when using HTTP/3 a segmentation fault might occur in a
worker process while processing a specially crafted QUIC session
(CVE-2024-24989, CVE-2024-24990).
*) Bugfix: connections with pending AIO operations might be closed
prematurely during graceful shutdown of old worker processes.
*) Bugfix: socket leak alerts no longer logged when fast shutdown was
requested after graceful shutdown of old worker processes.
*) Bugfix: a socket descriptor error, a socket leak, or a segmentation
fault in a worker process (for SSL proxying) might occur if AIO was
used in a subrequest.
*) Bugfix: a segmentation fault might occur in a worker process if SSL
proxying was used along with the "image_filter" directive and errors
with code 415 were redirected with the "error_page" directive.
*) Bugfixes and improvements in HTTP/3.
Changes with nginx 1.25.3 24 Oct 2023
*) Change: improved detection of misbehaving clients when using HTTP/2.
*) Feature: startup speedup when using a large number of locations.
Thanks to Yusuke Nojima.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2 without SSL; the bug had appeared in 1.25.1.
*) Bugfix: the "Status" backend response header line with an empty
reason phrase was handled incorrectly.
*) Bugfix: memory leak during reconfiguration when using the PCRE2
library.
Thanks to ZhenZhong Wu.
*) Bugfixes and improvements in HTTP/3.
Changes with nginx 1.25.2 15 Aug 2023
*) Feature: path MTU discovery when using HTTP/3.
*) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
HTTP/3.
*) Change: now nginx uses appname "nginx" when loading OpenSSL
configuration.
*) Change: now nginx does not try to load OpenSSL configuration if the
--with-openssl option was used to built OpenSSL and the OPENSSL_CONF
environment variable is not set.
*) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
*) Bugfix: in HTTP/3.
Changes with nginx 1.25.1 13 Jun 2023
*) Feature: the "http2" directive, which enables HTTP/2 on a per-server
basis; the "http2" parameter of the "listen" directive is now
deprecated.
*) Change: HTTP/2 server push support has been removed.
*) Change: the deprecated "ssl" directive is not supported anymore.
*) Bugfix: in HTTP/3 when using OpenSSL.
Changes with nginx 1.25.0 23 May 2023
*) Feature: experimental HTTP/3 support.
Changes with nginx 1.23.4 28 Mar 2023
*) Change: now TLSv1.3 protocol is enabled by default.
*) Change: now nginx issues a warning if protocol parameters of a
listening socket are redefined.
*) Change: now nginx closes connections with lingering if pipelining was
used by the client.
*) Feature: byte ranges support in the ngx_http_gzip_static_module.
*) Bugfix: port ranges in the "listen" directive did not work; the bug
had appeared in 1.23.3.
Thanks to Valentin Bartenev.
*) Bugfix: incorrect location might be chosen to process a request if a
prefix location longer than 255 characters was used in the
configuration.
*) Bugfix: non-ASCII characters in file names on Windows were not
supported by the ngx_http_autoindex_module, the ngx_http_dav_module,
and the "include" directive.
*) Change: the logging level of the "data length too long", "length too
short", "bad legacy version", "no shared signature algorithms", "bad
digest length", "missing sigalgs extension", "encrypted length too
long", "bad length", "bad key update", "mixed handshake and non
handshake data", "ccs received early", "data between ccs and
finished", "packet length too long", "too many warn alerts", "record
too small", and "got a fin before a ccs" SSL errors has been lowered
from "crit" to "info".
*) Bugfix: a socket leak might occur when using HTTP/2 and the
"error_page" directive to redirect errors with code 400.
*) Bugfix: messages about logging to syslog errors did not contain
information that the errors happened while logging to syslog.
Thanks to Safar Safarly.
*) Workaround: "gzip filter failed to use preallocated memory" alerts
appeared in logs when using zlib-ng.
*) Bugfix: in the mail proxy server.
Changes with nginx 1.23.3 13 Dec 2022
*) Bugfix: an error might occur when reading PROXY protocol version 2
header with large number of TLVs.
*) Bugfix: a segmentation fault might occur in a worker process if SSI
was used to process subrequests created by other modules.
Thanks to Ciel Zhao.
*) Workaround: when a hostname used in the "listen" directive resolves
to multiple addresses, nginx now ignores duplicates within these
addresses.
*) Bugfix: nginx might hog CPU during unbuffered proxying if SSL
connections to backends were used.
Changes with nginx 1.23.2 19 Oct 2022
Changes with nginx 1.22.1 19 Oct 2022
*) Security: processing of a specially crafted mp4 file by the
ngx_http_mp4_module might cause a worker process crash, worker
process memory disclosure, or might have potential other impact
(CVE-2022-41741, CVE-2022-41742).
*) Feature: the "$proxy_protocol_tlv_..." variables.
*) Feature: TLS session tickets encryption keys are now automatically
rotated when using shared memory in the "ssl_session_cache"
directive.
Changes with nginx 1.22.0 24 May 2022
*) Change: the logging level of the "bad record type" SSL errors has
been lowered from "crit" to "info".
Thanks to Murilo Andrade.
*) Change: now when using shared memory in the "ssl_session_cache"
directive the "could not allocate new session" errors are logged at
the "warn" level instead of "alert" and not more often than once per
second.
*) Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.
*) Bugfix: in logging of the PROXY protocol errors.
Thanks to Sergey Brester.
*) Workaround: shared memory from the "ssl_session_cache" directive was
spent on sessions using TLS session tickets when using TLSv1.3 with
OpenSSL.
*) Workaround: timeout specified with the "ssl_session_timeout"
directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.
Changes with nginx 1.23.1 19 Jul 2022
*) Feature: memory usage optimization in configurations with SSL
proxying.
*) Feature: looking up of IPv4 addresses while resolving now can be
disabled with the "ipv4=off" parameter of the "resolver" directive.
*) Change: the logging level of the "bad key share", "bad extension",
"bad cipher", and "bad ecpoint" SSL errors has been lowered from
"crit" to "info".
*) Bugfix: while returning byte ranges nginx did not remove the
"Content-Range" header line if it was present in the original backend
response.
*) Bugfix: a proxied response might be truncated during reconfiguration
on Linux; the bug had appeared in 1.17.5.
Changes with nginx 1.23.0 21 Jun 2022
*) Change in internal API: now header lines are represented as linked
lists.
*) Change: now nginx combines arbitrary header lines with identical
names when sending to FastCGI, SCGI, and uwsgi backends, in the
$r->header_in() method of the ngx_http_perl_module, and during lookup
of the "$http_...", "$sent_http_...", "$sent_trailer_...",
"$upstream_http_...", and "$upstream_trailer_..." variables.
*) Bugfix: if there were multiple "Vary" header lines in the backend
response, nginx only used the last of them when caching.
*) Bugfix: if there were multiple "WWW-Authenticate" header lines in the
backend response and errors with code 401 were intercepted or the
"auth_request" directive was used, nginx only sent the first of the
header lines to the client.
*) Change: the logging level of the "application data after close
notify" SSL errors has been lowered from "crit" to "info".
*) Bugfix: connections might hang if nginx was built on Linux 2.6.17 or
newer, but was used on systems without EPOLLRDHUP support, notably
with epoll emulation layers; the bug had appeared in 1.17.5.
Thanks to Marcus Ball.
*) Bugfix: nginx did not cache the response if the "Expires" response
header line disabled caching, but following "Cache-Control" header
line enabled caching.
*) 1.22.x stable branch.
Changes with nginx 1.21.6 25 Jan 2022

310
CHANGES.ru
View file

@ -1,235 +1,5 @@
Изменения в nginx 1.26.3 05.02.2025
*) Безопасность: недостаточная проверка в обработке виртуальных серверов
при использовании SNI в TLSv1.3 позволяла повторно использовать
SSL-сессию в контексте другого виртуального сервера, чтобы обойти
проверку клиентских SSL-сертификатов (CVE-2025-23419).
*) Исправление: в модуле ngx_http_mp4_module.
Спасибо Nils Bars.
*) Изменение: при использовании zlib-ng в логах появлялись сообщения
"gzip filter failed to use preallocated memory".
*) Исправление: nginx не мог собрать библиотеку libatomic из исходных
текстов, если использовался параметр --with-libatomic=DIR.
*) Исправление: теперь nginx игнорирует пакеты согласования версий QUIC
от клиентов.
*) Исправление: nginx не собирался на Solaris 10 и более ранних с
модулем ngx_http_v3_module.
*) Исправления в HTTP/3.
Изменения в nginx 1.26.2 14.08.2024
*) Безопасность: обработка специально созданного mp4-файла модулем
ngx_http_mp4_module могла приводить к падению рабочего процесса
(CVE-2024-7347).
Спасибо Nils Bars.
Изменения в nginx 1.26.1 29.05.2024
*) Безопасность: при использовании HTTP/3 обработка специально созданной
QUIC-сессии могла приводить к падению рабочего процесса, отправке
клиенту содержимого памяти рабочего процесса на системах с MTU больше
4096 байт, а также потенциально могла иметь другие последствия
(CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161).
Спасибо Nils Bars из CISPA.
*) Исправление: уменьшено потребление памяти для долгоживущих запросов,
если используются директивы gzip, gunzip, ssi, sub_filter или
grpc_pass.
*) Исправление: nginx не собирался gcc 14, если использовался параметр
--with-libatomic.
Спасибо Edgar Bonet.
*) Исправление: в HTTP/3.
Изменения в nginx 1.26.0 23.04.2024
*) Стабильная ветка 1.26.x.
Изменения в nginx 1.25.5 16.04.2024
*) Добавление: виртуальные сервера в модуле stream.
*) Добавление: модуль ngx_stream_pass_module.
*) Добавление: параметры deferred, accept_filter и setfib директивы
listen в модуле stream.
*) Добавление: определение размера строки кеша процессора для некоторых
архитектур.
Спасибо Piotr Sikora.
*) Добавление: поддержка Homebrew на Apple Silicon.
Спасибо Piotr Sikora.
*) Исправление: улучшения и исправления кросс-компиляции для Windows.
Спасибо Piotr Sikora.
*) Исправление: неожиданное закрытие соединения при использовании 0-RTT
в QUIC.
Спасибо Владимиру Хомутову.
Изменения в nginx 1.25.4 14.02.2024
*) Безопасность: при использовании HTTP/3 в рабочем процессе мог
произойти segmentation fault во время обработки специально созданной
QUIC-сессии (CVE-2024-24989, CVE-2024-24990).
*) Исправление: соединения с незавершенными AIO-операциями могли
закрываться преждевременно во время плавного завершения старых
рабочих процессов.
*) Исправление: теперь nginx не пишет в лог сообщения об утечке сокетов,
если во время плавного завершения старых рабочих процессов было
запрошено быстрое завершение.
*) Исправление: при использовании AIO в подзапросе могла происходить
ошибка на сокете, утечка сокетов, либо segmentation fault в рабочем
процессе (при SSL-проксировании).
*) Исправление: в рабочем процессе мог произойти segmentation fault,
если использовалось SSL-проксирование и директива image_filter, а
ошибки с кодом 415 перенаправлялись с помощью директивы error_page.
*) Исправления и улучшения в HTTP/3.
Изменения в nginx 1.25.3 24.10.2023
*) Изменение: улучшено детектирование некорректного поведения клиентов
при использовании HTTP/2.
*) Добавление: уменьшение времени запуска при использовании большого
количества location'ов.
Спасибо Yusuke Nojima.
*) Исправление: при использовании HTTP/2 без SSL в рабочем процессе мог
произойти segmentation fault; ошибка появилась в 1.25.1.
*) Исправление: строка "Status" в заголовке ответа бэкенда с пустой
поясняющей фразой обрабатывалась некорректно.
*) Исправление: утечки памяти во время переконфигурации при
использовании библиотеки PCRE2.
Спасибо ZhenZhong Wu.
*) Исправления и улучшения в HTTP/3.
Изменения в nginx 1.25.2 15.08.2023
*) Добавление: path MTU discovery при использовании HTTP/3.
*) Добавление: поддержка шифра TLS_AES_128_CCM_SHA256 при использовании
HTTP/3.
*) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
appname "nginx".
*) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
если для сборки OpenSSL использовался параметр --with-openssl и
переменная окружения OPENSSL_CONF не установлена.
*) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.
*) Исправление: в HTTP/3.
Изменения в nginx 1.25.1 13.06.2023
*) Добавление: директива http2, позволяющая включать HTTP/2 в отдельных
блоках server; параметр http2 директивы listen объявлен устаревшим.
*) Изменение: поддержка HTTP/2 server push упразднена.
*) Изменение: устаревшая директива ssl больше не поддерживается.
*) Исправление: в HTTP/3 при использовании OpenSSL.
Изменения в nginx 1.25.0 23.05.2023
*) Добавление: экспериментальная поддержка HTTP/3.
Изменения в nginx 1.23.4 28.03.2023
*) Изменение: теперь протокол TLSv1.3 разрешён по умолчанию.
*) Изменение: теперь nginx выдаёт предупреждение при переопределении
параметров listen-сокета, задающих используемые протоколы.
*) Изменение: теперь, если клиент использует pipelining, nginx закрывает
соединения с ожиданием дополнительных данных (lingering close).
*) Добавление: поддержка byte ranges для ответов модуля
ngx_http_gzip_static_module.
*) Исправление: диапазоны портов в директиве listen не работали; ошибка
появилась в 1.23.3.
Спасибо Валентину Бартеневу.
*) Исправление: для обработки запроса мог быть выбран неверный location,
если в конфигурации использовался префиксный location длиннее 255
символов.
*) Исправление: не-ASCII символы в именах файлов на Windows не
поддерживались модулями ngx_http_autoindex_module и
ngx_http_dav_module, а также директивой include.
*) Изменение: уровень логгирования ошибок SSL "data length too long",
"length too short", "bad legacy version", "no shared signature
algorithms", "bad digest length", "missing sigalgs extension",
"encrypted length too long", "bad length", "bad key update", "mixed
handshake and non handshake data", "ccs received early", "data
between ccs and finished", "packet length too long", "too many warn
alerts", "record too small", и "got a fin before a ccs" понижен с
уровня crit до info.
*) Исправление: при использовании HTTP/2 и директивы error_page для
перенаправления ошибок с кодом 400 могла происходить утечка сокетов.
*) Исправление: сообщения об ошибках записи в syslog не содержали
информации о том, что ошибки происходили в процессе записи в syslog.
Спасибо Safar Safarly.
*) Изменение: при использовании zlib-ng в логах появлялись сообщения
"gzip filter failed to use preallocated memory".
*) Исправление: в почтовом прокси-сервере.
Изменения в nginx 1.23.3 13.12.2022
*) Исправление: при чтении заголовка протокола PROXY версии 2,
содержащего большое количество TLV, могла возникать ошибка.
*) Исправление: при использовании SSI для обработки подзапросов,
созданных другими модулями, в рабочем процессе мог произойти
segmentation fault.
Спасибо Ciel Zhao.
*) Изменение: теперь, если при преобразовании в адреса имени хоста,
указанного в директиве listen, возвращается несколько адресов, nginx
игнорирует дубликаты среди этих адресов.
*) Исправление: nginx мог нагружать процессор при небуферизированном
проксировании, если использовались SSL-соединения с бэкендами.
Изменения в nginx 1.23.2 19.10.2022
Изменения в nginx 1.22.1 19.10.2022
*) Безопасность: обработка специально созданного mp4-файла модулем
ngx_http_mp4_module могла приводить к падению рабочего процесса,
@ -237,84 +7,10 @@
потенциально могла иметь другие последствия (CVE-2022-41741,
CVE-2022-41742).
*) Добавление: переменные "$proxy_protocol_tlv_...".
*) Добавление: ключи шифрования TLS session tickets теперь автоматически
меняются при использовании разделяемой памяти в ssl_session_cache.
Изменения в nginx 1.22.0 24.05.2022
*) Изменение: уровень логгирования ошибок SSL "bad record type" понижен
с уровня crit до info.
Спасибо Murilo Andrade.
*) Изменение: теперь при использовании разделяемой памяти в
ssl_session_cache сообщения "could not allocate new session"
логгируются на уровне warn вместо alert и не чаще одного раза в
секунду.
*) Исправление: nginx/Windows не собирался с OpenSSL 3.0.x.
*) Исправление: в логгировании ошибок протокола PROXY.
Спасибо Сергею Брестеру.
*) Изменение: при использовании TLSv1.3 с OpenSSL разделяемая память из
ssl_session_cache расходовалась в том числе на сессии, использующие
TLS session tickets.
*) Изменение: таймаут, заданный с помощью директивы ssl_session_timeout,
не работал при использовании TLSv1.3 с OpenSSL или BoringSSL.
Изменения в nginx 1.23.1 19.07.2022
*) Добавление: оптимизация использования памяти в конфигурациях с
SSL-проксированием.
*) Добавление: теперь с помощью параметра "ipv4=off" директивы
"resolver" можно запретить поиск IPv4-адресов при преобразовании имён
в адреса.
*) Изменение: уровень логгирования ошибок SSL "bad key share", "bad
extension", "bad cipher" и "bad ecpoint" понижен с уровня crit до
info.
*) Исправление: при возврате диапазонов nginx не удалял строку заголовка
"Content-Range", если она присутствовала в исходном ответе бэкенда.
*) Исправление: проксированный ответ мог быть отправлен не полностью при
переконфигурации на Linux; ошибка появилась в 1.17.5.
Изменения в nginx 1.23.0 21.06.2022
*) Изменение во внутреннем API: теперь строки заголовков представлены
связными списками.
*) Изменение: теперь nginx объединяет произвольные строки заголовков с
одинаковыми именами при отправке на FastCGI-, SCGI- и uwsgi-бэкенды,
в методе $r->header_in() модуля ngx_http_perl_module, и при доступе
через переменные "$http_...", "$sent_http_...", "$sent_trailer_...",
"$upstream_http_..." и "$upstream_trailer_...".
*) Исправление: если в заголовке ответа бэкенда было несколько строк
"Vary", при кэшировании nginx учитывал только последнюю из них.
*) Исправление: если в заголовке ответа бэкенда было несколько строк
"WWW-Authenticate" и использовался перехват ошибок с кодом 401 от
бэкенда или директива auth_request, nginx пересылал клиенту только
первую из этих строк.
*) Изменение: уровень логгирования ошибок SSL "application data after
close notify" понижен с уровня crit до info.
*) Исправление: соединения могли зависать, если nginx был собран на
Linux 2.6.17 и новее, а использовался на системах без поддержки
EPOLLRDHUP, в частности, на системах с эмуляцией epoll; ошибка
появилась в 1.17.5.
Спасибо Marcus Ball.
*) Исправление: nginx не кэшировал ответ, если строка заголовка ответа
"Expires" запрещала кэширование, а последующая строка заголовка
"Cache-Control" разрешала кэширование.
*) Стабильная ветка 1.22.x.
Изменения в nginx 1.21.6 25.01.2022

2
LICENSE
View file

@ -1,6 +1,6 @@
/*
* Copyright (C) 2002-2021 Igor Sysoev
* Copyright (C) 2011-2024 Nginx, Inc.
* Copyright (C) 2011-2022 Nginx, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without

2
auto/cc/conf
View file

@ -117,7 +117,7 @@ else
. auto/cc/acc
;;
msvc)
msvc*)
# MSVC++ 6.0 SP2, MSVC++ Toolkit 2003
. auto/cc/msvc

19
auto/cc/msvc
View file

@ -11,8 +11,8 @@
# MSVC 2015 (14.0) cl 19.00
NGX_MSVC_VER=`$NGX_WINE $CC 2>&1 | grep 'C/C++.* [0-9][0-9]*\.[0-9]' 2>&1 \
| sed -e 's/^.* \([0-9][0-9]*\.[0-9].*\)/\1/'`
NGX_MSVC_VER=`$NGX_WINE $CC 2>&1 | grep 'Compiler Version' 2>&1 \
| sed -e 's/^.* Version \(.*\)/\1/'`
echo " + cl version: $NGX_MSVC_VER"
@ -22,21 +22,6 @@ have=NGX_COMPILER value="\"cl $NGX_MSVC_VER\"" . auto/define
ngx_msvc_ver=`echo $NGX_MSVC_VER | sed -e 's/^\([0-9]*\).*/\1/'`
# detect x64 builds
case "$NGX_MSVC_VER" in
*x64)
NGX_MACHINE=amd64
;;
*)
NGX_MACHINE=i386
;;
esac
# optimizations
# maximize speed, equivalent to -Og -Oi -Ot -Oy -Ob2 -Gs -GF -Gy

2
auto/install
View file

@ -112,7 +112,7 @@ install: build $NGX_INSTALL_PERL_MODULES
test ! -f '\$(DESTDIR)$NGX_SBIN_PATH' \\
|| mv '\$(DESTDIR)$NGX_SBIN_PATH' \\
'\$(DESTDIR)$NGX_SBIN_PATH.old'
cp $NGX_OBJS/nginx$ngx_binext '\$(DESTDIR)$NGX_SBIN_PATH'
cp $NGX_OBJS/nginx '\$(DESTDIR)$NGX_SBIN_PATH'
test -d '\$(DESTDIR)$NGX_CONF_PREFIX' \\
|| mkdir -p '\$(DESTDIR)$NGX_CONF_PREFIX'

17
auto/lib/geoip/conf
View file

@ -64,23 +64,6 @@ if [ $ngx_found = no ]; then
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="GeoIP library in /opt/homebrew/"
ngx_feature_path="/opt/homebrew/include"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lGeoIP"
else
ngx_feature_libs="-L/opt/homebrew/lib -lGeoIP"
fi
. auto/feature
fi
if [ $ngx_found = yes ]; then
CORE_INCS="$CORE_INCS $ngx_feature_path"

16
auto/lib/google-perftools/conf
View file

@ -46,22 +46,6 @@ if [ $ngx_found = no ]; then
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="Google perftools in /opt/homebrew/"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lprofiler"
else
ngx_feature_libs="-L/opt/homebrew/lib -lprofiler"
fi
. auto/feature
fi
if [ $ngx_found = yes ]; then
CORE_LIBS="$CORE_LIBS $ngx_feature_libs"

6
auto/lib/libatomic/conf
View file

@ -7,8 +7,8 @@ if [ $NGX_LIBATOMIC != YES ]; then
have=NGX_HAVE_LIBATOMIC . auto/have
CORE_INCS="$CORE_INCS $NGX_LIBATOMIC/src"
LINK_DEPS="$LINK_DEPS $NGX_LIBATOMIC/build/lib/libatomic_ops.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBATOMIC/build/lib/libatomic_ops.a"
LINK_DEPS="$LINK_DEPS $NGX_LIBATOMIC/src/libatomic_ops.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBATOMIC/src/libatomic_ops.a"
else
@ -19,7 +19,7 @@ else
#include <atomic_ops.h>"
ngx_feature_path=
ngx_feature_libs="-latomic_ops"
ngx_feature_test="AO_t n = 0;
ngx_feature_test="long n = 0;
if (!AO_compare_and_swap(&n, 0, 1))
return 1;
if (AO_fetch_and_add(&n, 1) != 1)

11
auto/lib/libatomic/make
View file

@ -3,19 +3,14 @@
# Copyright (C) Nginx, Inc.
case $NGX_LIBATOMIC in
/*) ngx_prefix="$NGX_LIBATOMIC/build" ;;
*) ngx_prefix="$PWD/$NGX_LIBATOMIC/build" ;;
esac
cat << END >> $NGX_MAKEFILE
$NGX_LIBATOMIC/build/lib/libatomic_ops.a: $NGX_LIBATOMIC/Makefile
cd $NGX_LIBATOMIC && \$(MAKE) && \$(MAKE) install
$NGX_LIBATOMIC/src/libatomic_ops.a: $NGX_LIBATOMIC/Makefile
cd $NGX_LIBATOMIC && \$(MAKE)
$NGX_LIBATOMIC/Makefile: $NGX_MAKEFILE
cd $NGX_LIBATOMIC \\
&& if [ -f Makefile ]; then \$(MAKE) distclean; fi \\
&& ./configure --prefix=$ngx_prefix
&& ./configure
END

17
auto/lib/libgd/conf
View file

@ -65,23 +65,6 @@ if [ $ngx_found = no ]; then
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="GD library in /opt/homebrew/"
ngx_feature_path="/opt/homebrew/include"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lgd"
else
ngx_feature_libs="-L/opt/homebrew/lib -lgd"
fi
. auto/feature
fi
if [ $ngx_found = yes ]; then
CORE_INCS="$CORE_INCS $ngx_feature_path"

63
auto/lib/openssl/conf
View file

@ -5,19 +5,12 @@
if [ $OPENSSL != NONE ]; then
have=NGX_OPENSSL . auto/have
have=NGX_SSL . auto/have
have=NGX_OPENSSL_NO_CONFIG . auto/have
if [ $USE_OPENSSL_QUIC = YES ]; then
have=NGX_QUIC . auto/have
have=NGX_QUIC_OPENSSL_COMPAT . auto/have
fi
case "$CC" in
cl | bcc32)
have=NGX_OPENSSL . auto/have
have=NGX_SSL . auto/have
CFLAGS="$CFLAGS -DNO_SYS_TYPES_H"
CORE_INCS="$CORE_INCS $OPENSSL/openssl/include"
@ -40,6 +33,9 @@ if [ $OPENSSL != NONE ]; then
;;
*)
have=NGX_OPENSSL . auto/have
have=NGX_SSL . auto/have
CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
@ -122,58 +118,11 @@ else
. auto/feature
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="OpenSSL library in /opt/homebrew/"
ngx_feature_path="/opt/homebrew/include"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lssl -lcrypto"
else
ngx_feature_libs="-L/opt/homebrew/lib -lssl -lcrypto"
fi
ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"
. auto/feature
fi
if [ $ngx_found = yes ]; then
have=NGX_SSL . auto/have
CORE_INCS="$CORE_INCS $ngx_feature_path"
CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
OPENSSL=YES
if [ $USE_OPENSSL_QUIC = YES ]; then
ngx_feature="OpenSSL QUIC support"
ngx_feature_name="NGX_QUIC"
ngx_feature_test="SSL_set_quic_method(NULL, NULL)"
. auto/feature
if [ $ngx_found = no ]; then
have=NGX_QUIC_OPENSSL_COMPAT . auto/have
ngx_feature="OpenSSL QUIC compatibility"
ngx_feature_test="SSL_CTX_add_custom_ext(NULL, 0, 0,
NULL, NULL, NULL, NULL, NULL)"
. auto/feature
fi
if [ $ngx_found = no ]; then
cat << END
$0: error: certain modules require OpenSSL QUIC support.
You can either do not enable the modules, or install the OpenSSL library with
QUIC support into the system, or build the OpenSSL library with QUIC support
statically from the source with nginx by using --with-openssl=<path> option.
END
exit 1
fi
fi
fi
fi

15
auto/lib/openssl/make
View file

@ -7,24 +7,11 @@ case "$CC" in
cl)
case "$NGX_MACHINE" in
amd64)
OPENSSL_TARGET=VC-WIN64A
;;
*)
OPENSSL_TARGET=VC-WIN32
;;
esac
cat << END >> $NGX_MAKEFILE
$OPENSSL/openssl/include/openssl/ssl.h: $NGX_MAKEFILE
\$(MAKE) -f auto/lib/openssl/makefile.msvc \
OPENSSL="$OPENSSL" OPENSSL_OPT="$OPENSSL_OPT" \
OPENSSL_TARGET="$OPENSSL_TARGET"
OPENSSL="$OPENSSL" OPENSSL_OPT="$OPENSSL_OPT"
END

2
auto/lib/openssl/makefile.msvc
View file

@ -6,7 +6,7 @@
all:
cd $(OPENSSL)
perl Configure $(OPENSSL_TARGET) no-shared no-threads \
perl Configure VC-WIN32 no-shared \
--prefix="%cd%/openssl" \
--openssldir="%cd%/openssl/ssl" \
$(OPENSSL_OPT)

16
auto/lib/pcre/conf
View file

@ -182,22 +182,6 @@ else
. auto/feature
fi
if [ $ngx_found = no ]; then
# Homebrew on Apple Silicon
ngx_feature="PCRE library in /opt/homebrew/"
ngx_feature_path="/opt/homebrew/include"
if [ $NGX_RPATH = YES ]; then
ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lpcre"
else
ngx_feature_libs="-L/opt/homebrew/lib -lpcre"
fi
. auto/feature
fi
if [ $ngx_found = yes ]; then
CORE_INCS="$CORE_INCS $ngx_feature_path"
CORE_LIBS="$CORE_LIBS $ngx_feature_libs"

3
auto/lib/pcre/make
View file

@ -36,8 +36,7 @@ if [ $PCRE_LIBRARY = PCRE2 ]; then
pcre2_valid_utf.c \
pcre2_xclass.c"
ngx_pcre_test="pcre2_chkdint.c \
pcre2_convert.c \
ngx_pcre_test="pcre2_convert.c \
pcre2_extuni.c \
pcre2_find_bracket.c \
pcre2_script_run.c \

18
auto/make
View file

@ -2,19 +2,13 @@
# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.
basename_last2() {
local basename_1=`basename \`dirname $1\``
local basename_2=$(basename "$1")
echo $(printf "$basename_1/$basename_2" | sed 's/\.\.\///')
}
echo "creating $NGX_MAKEFILE"
mkdir -p $NGX_OBJS/src/core $NGX_OBJS/src/event $NGX_OBJS/src/event/modules \
$NGX_OBJS/src/event/quic \
$NGX_OBJS/src/os/unix $NGX_OBJS/src/os/win32 \
$NGX_OBJS/src/http $NGX_OBJS/src/http/v2 $NGX_OBJS/src/http/v3 \
$NGX_OBJS/src/http/modules $NGX_OBJS/src/http/modules/perl \
$NGX_OBJS/src/http $NGX_OBJS/src/http/v2 $NGX_OBJS/src/http/modules \
$NGX_OBJS/src/http/modules/perl \
$NGX_OBJS/src/mail \
$NGX_OBJS/src/stream \
$NGX_OBJS/src/misc
@ -179,7 +173,7 @@ ngx_all_srcs=`echo $ngx_all_srcs | sed -e "s/\//$ngx_regex_dirsep/g"`
for ngx_src in $NGX_ADDON_SRCS
do
ngx_obj="addon/`basename_last2 \`dirname $ngx_src\``"
ngx_obj="addon/`basename \`dirname $ngx_src\``"
test -d $NGX_OBJS/$ngx_obj || mkdir -p $NGX_OBJS/$ngx_obj
@ -418,7 +412,7 @@ if test -n "$NGX_ADDON_SRCS"; then
for ngx_src in $NGX_ADDON_SRCS
do
ngx_obj="addon/`basename_last2 \`dirname $ngx_src\``"
ngx_obj="addon/`basename \`dirname $ngx_src\``"
ngx_obj=`echo $ngx_obj/\`basename $ngx_src\` \
| sed -e "s/\//$ngx_regex_dirsep/g"`
@ -581,7 +575,7 @@ END
ngx_obj=$ngx_src
;;
*)
ngx_obj="addon/`basename_last2 \`dirname $ngx_src\``"
ngx_obj="addon/`basename \`dirname $ngx_src\``"
mkdir -p $NGX_OBJS/$ngx_obj
ngx_obj="$ngx_obj/`basename $ngx_src`"
;;
@ -643,7 +637,7 @@ END
ngx_obj=`echo $ngx_source | sed -e "s/\//$ngx_regex_dirsep/g"`
;;
*)
ngx_obj="addon/`basename_last2 \`dirname $ngx_source\``"
ngx_obj="addon/`basename \`dirname $ngx_source\``"
ngx_obj=`echo $ngx_obj/\`basename $ngx_source\` \
| sed -e "s/\//$ngx_regex_dirsep/g"`
;;

109
auto/modules
View file

@ -102,7 +102,7 @@ if [ $HTTP = YES ]; then
fi
if [ $HTTP_V2 = YES -o $HTTP_V3 = YES ]; then
if [ $HTTP_V2 = YES ]; then
HTTP_SRCS="$HTTP_SRCS $HTTP_HUFF_SRCS"
fi
@ -124,7 +124,6 @@ if [ $HTTP = YES ]; then
# ngx_http_header_filter
# ngx_http_chunked_filter
# ngx_http_v2_filter
# ngx_http_v3_filter
# ngx_http_range_header_filter
# ngx_http_gzip_filter
# ngx_http_postpone_filter
@ -157,7 +156,6 @@ if [ $HTTP = YES ]; then
ngx_http_header_filter_module \
ngx_http_chunked_filter_module \
ngx_http_v2_filter_module \
ngx_http_v3_filter_module \
ngx_http_range_header_filter_module \
ngx_http_gzip_filter_module \
ngx_http_postpone_filter_module \
@ -219,17 +217,6 @@ if [ $HTTP = YES ]; then
. auto/module
fi
if [ $HTTP_V3 = YES ]; then
ngx_module_name=ngx_http_v3_filter_module
ngx_module_incs=
ngx_module_deps=
ngx_module_srcs=src/http/v3/ngx_http_v3_filter_module.c
ngx_module_libs=
ngx_module_link=$HTTP_V3
. auto/module
fi
if :; then
ngx_module_name=ngx_http_range_header_filter_module
ngx_module_incs=
@ -423,6 +410,7 @@ if [ $HTTP = YES ]; then
if [ $HTTP_V2 = YES ]; then
have=NGX_HTTP_V2 . auto/have
have=NGX_HTTP_HEADERS . auto/have
ngx_module_name=ngx_http_v2_module
ngx_module_incs=src/http/v2
@ -438,32 +426,6 @@ if [ $HTTP = YES ]; then
. auto/module
fi
if [ $HTTP_V3 = YES ]; then
USE_OPENSSL_QUIC=YES
HTTP_SSL=YES
have=NGX_HTTP_V3 . auto/have
ngx_module_name=ngx_http_v3_module
ngx_module_incs=src/http/v3
ngx_module_deps="src/http/v3/ngx_http_v3.h \
src/http/v3/ngx_http_v3_encode.h \
src/http/v3/ngx_http_v3_parse.h \
src/http/v3/ngx_http_v3_table.h \
src/http/v3/ngx_http_v3_uni.h"
ngx_module_srcs="src/http/v3/ngx_http_v3.c \
src/http/v3/ngx_http_v3_encode.c \
src/http/v3/ngx_http_v3_parse.c \
src/http/v3/ngx_http_v3_table.c \
src/http/v3/ngx_http_v3_uni.c \
src/http/v3/ngx_http_v3_request.c \
src/http/v3/ngx_http_v3_module.c"
ngx_module_libs=
ngx_module_link=$HTTP_V3
. auto/module
fi
if :; then
ngx_module_name=ngx_http_static_module
ngx_module_incs=
@ -1166,16 +1128,6 @@ if [ $STREAM != NO ]; then
. auto/module
fi
if [ $STREAM_PASS = YES ]; then
ngx_module_name=ngx_stream_pass_module
ngx_module_deps=
ngx_module_srcs=src/stream/ngx_stream_pass_module.c
ngx_module_libs=
ngx_module_link=$STREAM_PASS
. auto/module
fi
if [ $STREAM_SET = YES ]; then
ngx_module_name=ngx_stream_set_module
ngx_module_deps=
@ -1320,63 +1272,6 @@ if [ $USE_OPENSSL = YES ]; then
fi
if [ $USE_OPENSSL_QUIC = YES ]; then
ngx_module_type=CORE
ngx_module_name=ngx_quic_module
ngx_module_incs=
ngx_module_deps="src/event/quic/ngx_event_quic.h \
src/event/quic/ngx_event_quic_transport.h \
src/event/quic/ngx_event_quic_protection.h \
src/event/quic/ngx_event_quic_connection.h \
src/event/quic/ngx_event_quic_frames.h \
src/event/quic/ngx_event_quic_connid.h \
src/event/quic/ngx_event_quic_migration.h \
src/event/quic/ngx_event_quic_streams.h \
src/event/quic/ngx_event_quic_ssl.h \
src/event/quic/ngx_event_quic_tokens.h \
src/event/quic/ngx_event_quic_ack.h \
src/event/quic/ngx_event_quic_output.h \
src/event/quic/ngx_event_quic_socket.h \
src/event/quic/ngx_event_quic_openssl_compat.h"
ngx_module_srcs="src/event/quic/ngx_event_quic.c \
src/event/quic/ngx_event_quic_udp.c \
src/event/quic/ngx_event_quic_transport.c \
src/event/quic/ngx_event_quic_protection.c \
src/event/quic/ngx_event_quic_frames.c \
src/event/quic/ngx_event_quic_connid.c \
src/event/quic/ngx_event_quic_migration.c \
src/event/quic/ngx_event_quic_streams.c \
src/event/quic/ngx_event_quic_ssl.c \
src/event/quic/ngx_event_quic_tokens.c \
src/event/quic/ngx_event_quic_ack.c \
src/event/quic/ngx_event_quic_output.c \
src/event/quic/ngx_event_quic_socket.c \
src/event/quic/ngx_event_quic_openssl_compat.c"
ngx_module_libs=
ngx_module_link=YES
ngx_module_order=
. auto/module
if [ $QUIC_BPF = YES -a $SO_COOKIE_FOUND = YES ]; then
ngx_module_type=CORE
ngx_module_name=ngx_quic_bpf_module
ngx_module_incs=
ngx_module_deps=
ngx_module_srcs="src/event/quic/ngx_event_quic_bpf.c \
src/event/quic/ngx_event_quic_bpf_code.c"
ngx_module_libs=
ngx_module_link=YES
ngx_module_order=
. auto/module
have=NGX_QUIC_BPF . auto/have
fi
fi
if [ $USE_PCRE = YES ]; then
ngx_module_type=CORE
ngx_module_name=ngx_regex_module

15
auto/options
View file

@ -45,8 +45,6 @@ USE_THREADS=NO
NGX_FILE_AIO=NO
QUIC_BPF=NO
HTTP=YES
NGX_HTTP_LOG_PATH=
@ -61,7 +59,6 @@ HTTP_CHARSET=YES
HTTP_GZIP=YES
HTTP_SSL=NO
HTTP_V2=NO
HTTP_V3=NO
HTTP_SSI=YES
HTTP_REALIP=NO
HTTP_XSLT=NO
@ -127,7 +124,6 @@ STREAM_GEOIP=NO
STREAM_MAP=YES
STREAM_SPLIT_CLIENTS=YES
STREAM_RETURN=YES
STREAM_PASS=YES
STREAM_SET=YES
STREAM_UPSTREAM_HASH=YES
STREAM_UPSTREAM_LEAST_CONN=YES
@ -153,7 +149,6 @@ PCRE_JIT=NO
PCRE2=YES
USE_OPENSSL=NO
USE_OPENSSL_QUIC=NO
OPENSSL=NONE
USE_ZLIB=NO
@ -171,8 +166,6 @@ USE_GEOIP=NO
NGX_GOOGLE_PERFTOOLS=NO
NGX_CPP_TEST=NO
SO_COOKIE_FOUND=NO
NGX_LIBATOMIC=NO
NGX_CPU_CACHE_LINE=
@ -218,8 +211,6 @@ do
--with-file-aio) NGX_FILE_AIO=YES ;;
--without-quic_bpf_module) QUIC_BPF=NONE ;;
--with-ipv6)
NGX_POST_CONF_MSG="$NGX_POST_CONF_MSG
$0: warning: the \"--with-ipv6\" option is deprecated"
@ -237,7 +228,6 @@ $0: warning: the \"--with-ipv6\" option is deprecated"
--with-http_ssl_module) HTTP_SSL=YES ;;
--with-http_v2_module) HTTP_V2=YES ;;
--with-http_v3_module) HTTP_V3=YES ;;
--with-http_realip_module) HTTP_REALIP=YES ;;
--with-http_addition_module) HTTP_ADDITION=YES ;;
--with-http_xslt_module) HTTP_XSLT=YES ;;
@ -338,7 +328,6 @@ use the \"--with-mail_ssl_module\" option instead"
--without-stream_split_clients_module)
STREAM_SPLIT_CLIENTS=NO ;;
--without-stream_return_module) STREAM_RETURN=NO ;;
--without-stream_pass_module) STREAM_PASS=NO ;;
--without-stream_set_module) STREAM_SET=NO ;;
--without-stream_upstream_hash_module)
STREAM_UPSTREAM_HASH=NO ;;
@ -454,11 +443,8 @@ cat << END
--with-file-aio enable file AIO support
--without-quic_bpf_module disable ngx_quic_bpf_module
--with-http_ssl_module enable ngx_http_ssl_module
--with-http_v2_module enable ngx_http_v2_module
--with-http_v3_module enable ngx_http_v3_module
--with-http_realip_module enable ngx_http_realip_module
--with-http_addition_module enable ngx_http_addition_module
--with-http_xslt_module enable ngx_http_xslt_module
@ -558,7 +544,6 @@ cat << END
--without-stream_split_clients_module
disable ngx_stream_split_clients_module
--without-stream_return_module disable ngx_stream_return_module
--without-stream_pass_module disable ngx_stream_pass_module
--without-stream_set_module disable ngx_stream_set_module
--without-stream_upstream_hash_module
disable ngx_stream_upstream_hash_module

17
auto/os/conf
View file

@ -110,26 +110,11 @@ case "$NGX_MACHINE" in
NGX_MACH_CACHE_LINE=64
;;
aarch64 | arm64)
aarch64 )
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=64
;;
ppc64* | powerpc64*)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=128
;;
riscv64)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=64
;;
s390x)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=256
;;
*)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=32

63
auto/os/linux
View file

@ -228,71 +228,8 @@ ngx_feature_test="struct crypt_data cd;
crypt_r(\"key\", \"salt\", &cd);"
. auto/feature
if [ $ngx_found = yes ]; then
CRYPT_LIB="-lcrypt"
fi
ngx_include="sys/vfs.h"; . auto/include
# BPF sockhash
ngx_feature="BPF sockhash"
ngx_feature_name="NGX_HAVE_BPF"
ngx_feature_run=no
ngx_feature_incs="#include <linux/bpf.h>
#include <sys/syscall.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="union bpf_attr attr = { 0 };
attr.map_flags = 0;
attr.map_type = BPF_MAP_TYPE_SOCKHASH;
syscall(__NR_bpf, 0, &attr, 0);"
. auto/feature
if [ $ngx_found = yes ]; then
CORE_SRCS="$CORE_SRCS src/core/ngx_bpf.c"
CORE_DEPS="$CORE_DEPS src/core/ngx_bpf.h"
if [ $QUIC_BPF != NONE ]; then
QUIC_BPF=YES
fi
fi
ngx_feature="SO_COOKIE"
ngx_feature_name="NGX_HAVE_SO_COOKIE"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
$NGX_INCLUDE_INTTYPES_H"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="socklen_t optlen = sizeof(uint64_t);
uint64_t cookie;
getsockopt(0, SOL_SOCKET, SO_COOKIE, &cookie, &optlen)"
. auto/feature
if [ $ngx_found = yes ]; then
SO_COOKIE_FOUND=YES
fi
# UDP segmentation offloading
ngx_feature="UDP_SEGMENT"
ngx_feature_name="NGX_HAVE_UDP_SEGMENT"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/udp.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="socklen_t optlen = sizeof(int);
int val;
getsockopt(0, SOL_UDP, UDP_SEGMENT, &val, &optlen)"
. auto/feature
CC_AUX_FLAGS="$cc_aux_flags -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64"

2
auto/os/win32
View file

@ -18,7 +18,7 @@ ngx_binext=".exe"
case "$NGX_CC_NAME" in
clang | gcc)
gcc)
CORE_LIBS="$CORE_LIBS -ladvapi32 -lws2_32"
MAIN_LINK="$MAIN_LINK -Wl,--export-all-symbols"
MAIN_LINK="$MAIN_LINK -Wl,--out-implib=$NGX_OBJS/libnginx.a"

5
auto/sources
View file

@ -83,14 +83,13 @@ CORE_SRCS="src/core/nginx.c \
EVENT_MODULES="ngx_events_module ngx_event_core_module"
EVENT_INCS="src/event src/event/modules src/event/quic"
EVENT_INCS="src/event src/event/modules"
EVENT_DEPS="src/event/ngx_event.h \
src/event/ngx_event_timer.h \
src/event/ngx_event_posted.h \
src/event/ngx_event_connect.h \
src/event/ngx_event_pipe.h \
src/event/ngx_event_udp.h"
src/event/ngx_event_pipe.h"
EVENT_SRCS="src/event/ngx_event.c \
src/event/ngx_event_timer.c \

48
auto/unix
View file

@ -448,54 +448,6 @@ ngx_feature_test="setsockopt(0, IPPROTO_IPV6, IPV6_RECVPKTINFO, NULL, 0)"
. auto/feature
# IP packet fragmentation
ngx_feature="IP_MTU_DISCOVER"
ngx_feature_name="NGX_HAVE_IP_MTU_DISCOVER"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="(void) IP_PMTUDISC_DO;
setsockopt(0, IPPROTO_IP, IP_MTU_DISCOVER, NULL, 0)"
. auto/feature
ngx_feature="IPV6_MTU_DISCOVER"
ngx_feature_name="NGX_HAVE_IPV6_MTU_DISCOVER"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="(void) IPV6_PMTUDISC_DO;
setsockopt(0, IPPROTO_IPV6, IPV6_MTU_DISCOVER, NULL, 0)"
. auto/feature
ngx_feature="IP_DONTFRAG"
ngx_feature_name="NGX_HAVE_IP_DONTFRAG"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_DONTFRAG, NULL, 0)"
. auto/feature
ngx_feature="IPV6_DONTFRAG"
ngx_feature_name="NGX_HAVE_IPV6_DONTFRAG"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
ngx_feature_test="setsockopt(0, IPPROTO_IP, IPV6_DONTFRAG, NULL, 0)"
. auto/feature
ngx_feature="TCP_DEFER_ACCEPT"
ngx_feature_name="NGX_HAVE_DEFERRED_ACCEPT"
ngx_feature_run=no

1
configure vendored
View file

@ -44,7 +44,6 @@ if test -z "$NGX_PLATFORM"; then
else
echo "building for $NGX_PLATFORM"
NGX_SYSTEM=$NGX_PLATFORM
NGX_MACHINE=i386
fi
. auto/cc/conf

69
configure.docker.sh
View file

@ -1,69 +0,0 @@
#!/bin/bash
./configure \
--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fPIC -D_FORTIFY_SOURCE=2 -I/tmp/build/quickjs/" \
--with-ld-opt="-Wl,-z,relro -Wl,-z,now -fPIC -L/tmp/build/quickjs/" \
--sbin-path=/usr/local/sbin/nginx \
--conf-path=/video_server/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx/nginx.lock \
--http-log-path=/var/log/nginx/access.log \
--http-client-body-temp-path=/tmp/nginx-client-body \
--with-compat \
--with-debug \
--with-pcre-jit \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_dav_module \
--with-http_slice_module \
--with-threads \
--with-http_addition_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_sub_module \
--with-mail_ssl_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-http_geoip_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_perl_module=dynamic \
--with-http_xslt_module=dynamic \
--with-mail=dynamic \
--with-stream=dynamic \
--with-stream_geoip_module=dynamic \
--add-module=./modules_deb/libnginx-mod-http-ndk-0.3.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-brotli-1.0.0~rc \
--add-dynamic-module=./modules_deb/libnginx-mod-http-cache-purge-2.5.3 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-echo-0.63 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-geoip2-3.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-headers-more-filter-0.38 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-memc-0.20 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-set-misc-0.33 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-srcache-filter-0.33 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-subs-filter-0.6.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-upstream-fair-0.0~git20120408.a18b409 \
--add-dynamic-module=./modules_deb/libnginx-mod-nchan-1.3.7+dfsg \
--add-dynamic-module=./modules/njs/nginx \
--add-dynamic-module=./modules/nginx-vod-module \
--add-module=./modules/media-framework/nginx-common \
--add-dynamic-module=./modules/nginx-stream-preread-str-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-in-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-out-module \
--add-dynamic-module=./modules/media-framework/nginx-rtmp-module \
--add-dynamic-module=./modules/media-framework/nginx-rtmp-kmp-module \
--add-dynamic-module=./modules/media-framework/nginx-mpegts-module \
--add-dynamic-module=./modules/media-framework/nginx-mpegts-kmp-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-cc-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-rtmp-module \
--add-dynamic-module=./modules/media-framework/nginx-live-module \
--add-dynamic-module=./modules/nginx-srt-module \
--add-dynamic-module=./modules/media-framework/nginx-pckg-module \
--add-dynamic-module=./modules/nginx-secure-token-module

66
configure.sh
View file

@ -1,66 +0,0 @@
#!/bin/bash
./configure \
--with-cc-opt="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fPIC -D_FORTIFY_SOURCE=2 -I/usr/local/include/quickjs/" \
--with-ld-opt="-Wl,-z,relro -Wl,-z,now -fPIC -L/usr/local/lib/quickjs/" \
--prefix=/usr/local/temp/nginx/ \
--error-log-path=stderr \
--lock-path=/var/lock/nginx.lock \
--pid-path=/run/nginx.pid \
--with-compat \
--with-debug \
--with-pcre-jit \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_dav_module \
--with-http_slice_module \
--with-threads \
--with-http_addition_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_sub_module \
--with-mail_ssl_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-http_geoip_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_perl_module=dynamic \
--with-http_xslt_module=dynamic \
--with-mail=dynamic \
--with-stream=dynamic \
--with-stream_geoip_module=dynamic \
--add-module=./modules_deb/libnginx-mod-http-ndk-0.3.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-brotli-1.0.0~rc \
--add-dynamic-module=./modules_deb/libnginx-mod-http-cache-purge-2.5.3 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-echo-0.63 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-geoip2-3.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-headers-more-filter-0.38 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-memc-0.20 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-set-misc-0.33 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-srcache-filter-0.33 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-subs-filter-0.6.4 \
--add-dynamic-module=./modules_deb/libnginx-mod-http-upstream-fair-0.0~git20120408.a18b409 \
--add-dynamic-module=./modules_deb/libnginx-mod-nchan-1.3.7+dfsg \
--add-dynamic-module=./modules/njs/nginx \
--add-dynamic-module=./modules/nginx-vod-module \
--add-module=./modules/media-framework/nginx-common \
--add-dynamic-module=./modules/nginx-stream-preread-str-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-in-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-out-module \
--add-dynamic-module=./modules/media-framework/nginx-rtmp-module \
--add-dynamic-module=./modules/media-framework/nginx-rtmp-kmp-module \
--add-dynamic-module=./modules/media-framework/nginx-mpegts-module \
--add-dynamic-module=./modules/media-framework/nginx-mpegts-kmp-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-cc-module \
--add-dynamic-module=./modules/media-framework/nginx-kmp-rtmp-module \
--add-dynamic-module=./modules/media-framework/nginx-live-module \
--add-dynamic-module=./modules/nginx-srt-module \
--add-dynamic-module=./modules/media-framework/nginx-pckg-module \
--add-dynamic-module=./modules/nginx-secure-token-module

1161
contrib/vim/syntax/nginx.vim
View file

File diff suppressed because it is too large Load diff

126
debian/changelog vendored
View file

@ -1,125 +1,17 @@
nginx (1.26.3-3) unstable; urgency=medium
nginx (1.22.1-9+deb12u2) bookworm; urgency=medium
[ Jan Mojžíš ]
* d/changelog: fix whitespace in 1.26.3-2 record
* d/control: add libnginx-mod-http-lua dependency for nginx-extras package
for riscv64 platform
* Non-maintainer upload by the LTS Team.
* Add upstream patches for CVE-2024-7347:
- mp4: fix buffer underread while updating stsz atom
- mp4: reject unordered chunks in stsc atom
[ Thomas Ward ]
* d/nginx-common.nginx.service: Add ConditionFileIsExecutable to
SystemD service file, prevents starting of service if nginx is
not installed (which can happen if nginx-common is installed
independently from `nginx` itself (Closes: #1098477)
-- Andrej Shadura <andrewsh@debian.org> Wed, 12 Mar 2025 18:55:08 +0100
-- Jan Mojžíš <janmojzis@debian.org> Thu, 15 May 2025 15:31:38 +0200
nginx (1.22.1-9+deb12u1) bookworm; urgency=medium
nginx (1.26.3-2) unstable; urgency=medium
* d/p/CVE-2025-23419.patch add, backport CVE-2025-23419 fix.
* Team upload
* Upload to unstable
-- Jérémy Lal <kapouer@melix.org> Fri, 07 Feb 2025 12:53:11 +0100
nginx (1.26.3-1) experimental; urgency=medium
* Team upload
* New upstream version 1.26.3
-- Jérémy Lal <kapouer@melix.org> Wed, 05 Feb 2025 19:08:02 +0100
nginx (1.26.2-1) experimental; urgency=medium
* Team upload
* New upstream version 1.26.2
* Add Sergey Kandaurov <s.kandaurov@f5.com> pgp public key
* Drop upstream patches
[ Jan Mojžíš ]
* d/gbp.conf: add upstream-signatures = on
* d/{control,copyright}: update my email to "janmojzis@debian.org"
* d/copyright: bump my copyright year
-- Jérémy Lal <kapouer@melix.org> Sun, 02 Feb 2025 21:08:45 +0100
nginx (1.26.0-3) unstable; urgency=medium
* d/control: Resolve dependency loop between nginx and nginx-common.
(Fixes: #1082373)
-- Thomas Ward <teward@ubuntu.com> Fri, 20 Sep 2024 21:35:42 -0400
nginx (1.26.0-2) unstable; urgency=medium
[ Jan Mojžíš ]
* d/rules: enable QUIC and HTTP/3 module (Closes: 1070488)
* d/control: bump Standards-Version: 4.7.0, no changes
* d/p/nginx-1.26.1.patch add, backport changes from the nginx 1.26.1 and fix
CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161
* d/p/CVE-2024-7347.patch add, backport CVE-2024-7347 fix (Closes: 1078971)
* d/libnginx-mod.abisubstvars updated comment when ABI needs to be changed
[ Thomas Ward ]
* d/conf/nginx.conf: Update default options for current security
practices and standards. SSL protos, disable prefer server
ciphers, hide server tokens/versions in responses.
-- Jan Mojžíš <jan.mojzis@gmail.com> Mon, 19 Aug 2024 18:46:30 +0200
nginx (1.26.0-1) unstable; urgency=medium
* New upstream version 1.26.0
* nginx ABI release: nginx-abi-1.26.0-1 (Closes: 1069997)
* d/libnginx-mod.abisubstvars: remove third-party modules version constraints
* d/u/signing-key.asc add Roman Arutyunyans PGP public key,
the key is used to sign the 1.26.0 release
* d/p/CVE-2023-44487.patch remove, fixed in upstream
* d/ufw/nginx update, add QUICK, thanks Marcus Bointon
* d/conf/mime.types add application/xslt+xml, thanks K. Widholm
* d/copyright: updated copyright related to new upstream version
* d/copyright: bump my copyright year
* d/conf/nginx.conf: add worker_cpu_affinity auto (Closes: 1063659)
* d/gbp.conf: add sign-tags = True, [pull] track-missing = True,
[import-orig] merge-mode = replace
-- Jan Mojžíš <jan.mojzis@gmail.com> Sun, 05 May 2024 18:48:05 +0200
nginx (1.24.0-2) unstable; urgency=medium
* d/control added dependency nginx-common to nginx (Closes: 1039905)
After nginx installation, the nginx-common package is installed
automatically due to its dependencies. The nginx-common package includes
the systemd unit, which becomes enabled and activated upon installation.
When the nginx is removed, nginx-common package and the systemd unit will
remain in the system. Adding a dependency nginx-common to nginx solves
this problem.
* d/control fixed binNMU safe dependency declaration nginx to nginx-common,
nginx is 'any', nginx-common is 'all' -> dependency '= ${source:Version}'
* d/rules removed override_dh_strip, migration to automatic debug symbols is
already done, fixes debug-symbol-migration-possibly-complete lint. warning
* d/po/ro.po added Romanian debconf translation. (Closes: 1033084),
Thanks to Remus-Gabriel Chelu
* d/po/sv.po added Swedish debconf translation. (Closes: 1050443),
Thanks to Peter Kvillegård
* d/conf/mime.types added video/ogg, video/x-matroska (Closes: 1028144)
* d/p/CVE-2023-44487.patch adds additional mitigations for CVE-2023-44487
that according to NGINX developers on nginx-devel are already suitably
mitigated with the default config options for keepalive. (Closes: 1053770)
* d/control added nginx-dev dependency on ${nginx:abi}
* d/debhelper/nginx_mod.pm automatic libnginx-mod-stream dependencies
-- Jan Mojžíš <jan.mojzis@gmail.com> Wed, 11 Oct 2023 01:17:51 +0200
nginx (1.24.0-1) unstable; urgency=medium
* New upstream version 1.24.0
* nginx ABI release: nginx-abi-1.24.0-1
* d/libnginx-mod.abisubstvars update version constraints of the 3rd party
modules
* d/p/bug-{1024605,973861}.patch removed, fixed in upstream
* d/copyright: updated copyright for files src/event/ngx_event_udp.h,
src/os/win32/ngx_dlopen
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 27 Jun 2023 23:19:31 +0200
-- Jan Mojžíš <janmojzis@debian.org> Mon, 17 Feb 2025 20:40:29 +0100
nginx (1.22.1-9) unstable; urgency=medium

179
debian/conf/mime.types vendored
View file

@ -1,101 +1,96 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xslt+xml xsl xslt;
application/xspf+xml xspf;
application/zip zip;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/ogg ogv;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-matroska mkv;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

7
debian/conf/nginx.conf vendored
View file

@ -1,6 +1,5 @@
user www-data;
worker_processes auto;
worker_cpu_affinity auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;
@ -19,7 +18,7 @@ http {
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
server_tokens off; # Recommended practice is to turn this off
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
@ -31,8 +30,8 @@ http {
# SSL Settings
##
ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3 (POODLE), TLS 1.0, 1.1
ssl_prefer_server_ciphers off; # Don't force server cipher order.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings

50
debian/control vendored
View file

@ -2,7 +2,7 @@ Source: nginx
Section: httpd
Priority: optional
Maintainer: Debian Nginx Maintainers <pkg-nginx-maintainers@alioth-lists.debian.net>
Uploaders: Jan Mojžíš <janmojzis@debian.org>
Uploaders: Jan Mojžíš <jan.mojzis@gmail.com>
Build-Depends: debhelper-compat (= 13),
libexpat-dev,
libgd-dev,
@ -13,7 +13,7 @@ Build-Depends: debhelper-compat (= 13),
libxslt1-dev,
po-debconf,
zlib1g-dev
Standards-Version: 4.7.0
Standards-Version: 4.6.2
Homepage: https://nginx.org
Vcs-Git: https://salsa.debian.org/nginx-team/nginx.git
Vcs-Browser: https://salsa.debian.org/nginx-team/nginx
@ -24,7 +24,8 @@ Architecture: any
Depends: ${misc:Depends},
${shlibs:Depends},
iproute2,
nginx-common (= ${source:Version}),
nginx-common (<< ${source:Version}.1~),
nginx-common (>= ${source:Version}),
Breaks: nginx-light (<< 1.22.1-6~), nginx-extras (<< 1.22.1-6~), nginx-core (<< 1.22.1-6~),
Replaces: nginx-light (<< 1.22.1-6~), nginx-extras (<< 1.22.1-6~), nginx-core (<< 1.22.1-6~),
Provides: httpd, httpd-cgi, ${nginx:abi}
@ -64,7 +65,6 @@ Package: nginx-dev
Architecture: all
Multi-Arch: foreign
Depends: ${misc:Depends}, ${S:Build-Depends},
${nginx:abi},
nginx (<< ${source:Version}.1~),
nginx (>= ${source:Version}),
Provides: dh-sequence-nginx
@ -121,13 +121,13 @@ Description: nginx web/proxy server (standard version)
Package: nginx-full
Architecture: all
Depends: libnginx-mod-http-auth-pam,
libnginx-mod-http-dav-ext,
libnginx-mod-http-echo,
libnginx-mod-http-geoip2,
libnginx-mod-http-subs-filter,
libnginx-mod-http-upstream-fair,
libnginx-mod-stream-geoip2,
Depends: libnginx-mod-http-auth-pam (>= ${libnginx-mod-http-auth-pam:Version}~),
libnginx-mod-http-dav-ext (>= ${libnginx-mod-http-dav-ext:Version}~),
libnginx-mod-http-echo (>= ${libnginx-mod-http-echo:Version}~),
libnginx-mod-http-geoip2 (>= ${libnginx-mod-geoip2:Version}~),
libnginx-mod-http-subs-filter (>= ${libnginx-mod-http-subs-filter:Version}~),
libnginx-mod-http-upstream-fair (>= ${libnginx-mod-http-upstream-fair:Version}~),
libnginx-mod-stream-geoip2 (>= ${libnginx-mod-geoip2:Version}~),
nginx (>= ${source:Version}),
nginx (<< ${source:Version}.1~),
${misc:Depends},
@ -159,7 +159,7 @@ Description: nginx web/proxy server (standard version with 3rd parties)
Package: nginx-light
Architecture: all
Depends: libnginx-mod-http-echo,
Depends: libnginx-mod-http-echo (>= ${libnginx-mod-http-echo:Version}~),
nginx (>= ${source:Version}),
nginx (<< ${source:Version}.1~),
${misc:Depends},
@ -191,19 +191,19 @@ Depends: nginx (= ${binary:Version}),
libnginx-mod-mail (= ${binary:Version}),
libnginx-mod-stream (= ${binary:Version}),
libnginx-mod-stream-geoip (= ${binary:Version}),
libnginx-mod-http-auth-pam,
libnginx-mod-http-cache-purge,
libnginx-mod-http-dav-ext,
libnginx-mod-http-echo,
libnginx-mod-http-fancyindex,
libnginx-mod-http-geoip2,
libnginx-mod-http-headers-more-filter,
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x riscv64 powerpc],
libnginx-mod-http-subs-filter,
libnginx-mod-http-uploadprogress,
libnginx-mod-http-upstream-fair,
libnginx-mod-nchan,
libnginx-mod-stream-geoip2,
libnginx-mod-http-auth-pam (>= ${libnginx-mod-http-auth-pam:Version}~),
libnginx-mod-http-cache-purge (>= ${libnginx-mod-http-cache-purge:Version}~),
libnginx-mod-http-dav-ext (>= ${libnginx-mod-http-dav-ext:Version}~),
libnginx-mod-http-echo (>= ${libnginx-mod-http-echo:Version}~),
libnginx-mod-http-fancyindex (>= ${libnginx-mod-http-fancyindex:Version}~),
libnginx-mod-http-geoip2 (>= ${libnginx-mod-geoip2:Version}~),
libnginx-mod-http-headers-more-filter (>= ${libnginx-mod-http-headers-more-filter:Version}~),
libnginx-mod-http-lua (>=${libnginx-mod-http-lua:Version}~) [amd64 arm64 armel armhf i386 mips64el mipsel s390x powerpc],
libnginx-mod-http-subs-filter (>= ${libnginx-mod-http-subs-filter:Version}~),
libnginx-mod-http-uploadprogress (>= ${libnginx-mod-http-uploadprogress:Version}~),
libnginx-mod-http-upstream-fair (>= ${libnginx-mod-http-upstream-fair:Version}~),
libnginx-mod-nchan (>= ${libnginx-mod-nchan:Version}~),
libnginx-mod-stream-geoip2 (>= ${libnginx-mod-geoip2:Version}~),
${misc:Depends},
${shlibs:Depends}
Description: nginx web/proxy server (extended version)

247
debian/copyright vendored
View file

@ -7,7 +7,60 @@ Copyright: Valentin V. Bartenev
Ruslan Ermilov
Roman Arutyunyan
Maxim Dounin
2011-2024, Nginx, Inc.
2011-2022, Nginx, Inc.
2002-2021, Igor Sysoev
2011-2022, Nginx, Inc.
2002-2021, Igor Sysoev
License: BSD-2-clause
Files: CHANGES
README
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Roman Arutyunyan
Maxim Dounin
2011-2022, Nginx, Inc.
2002-2021, Igor Sysoev
License: BSD-2-clause
Files: auto/*
Copyright: Nginx, Inc.
Igor Sysoev
License: BSD-2-clause
Files: auto/cc/clang
Copyright: Nginx, Inc.
License: BSD-2-clause
Files: auto/module
Copyright: Ruslan Ermilov
Nginx, Inc.
License: BSD-2-clause
Files: auto/threads
Copyright: Nginx, Inc.
License: BSD-2-clause
Files: conf/*
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Roman Arutyunyan
Maxim Dounin
2011-2022, Nginx, Inc.
2002-2021, Igor Sysoev
License: BSD-2-clause
Files: configure
Copyright: Nginx, Inc.
Igor Sysoev
License: BSD-2-clause
Files: contrib/*
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Roman Arutyunyan
Maxim Dounin
2011-2022, Nginx, Inc.
2002-2021, Igor Sysoev
License: BSD-2-clause
@ -16,7 +69,7 @@ Copyright: 2005, Andrei Nigmatulin
License: BSD-2-clause
Files: debian/*
Copyright: 2022-2025, Jan Mojžíš <janmojzis@debian.org>
Copyright: 2022, 2023, Jan Mojžíš <jan.mojzis@gmail.com>
2020-2022, Ondřej Nový <onovy@debian.org>
2019-2022, Thomas Ward <teward@ubuntu.com>
2013-2016, Christos Trochalakis <ctrochalakis@debian.org>
@ -40,27 +93,135 @@ Files: debian/debhelper/dh_nginx
Copyright: 2016, Christos Trochalakis <ctrochalakis@debian.org>
License: GPL-2+
Files: debian/ngx-conf/ngx-conf
Copyright: 2015, Michael Lustfield <michael@lustfield.net>
License: Expat
Files: debian/debhelper/nginx_mod.pm
Copyright: © 2022, Miao Wang
License: BSD-2-clause
Files: debian/help/examples/nginx_modsite
Copyright: 2010, Michael Lustfield <mtecknology@ubuntu.com>
License: BSD-2-clause
Files: man/*
Copyright: Nginx, Inc.
2010, 2019, Sergey A. Osokin
License: BSD-2-clause
Files: src/*
Copyright: Nginx, Inc.
Igor Sysoev
License: BSD-2-clause
Files: src/core/ngx_crypt.c
Copyright: Maxim Dounin
License: BSD-2-clause
Files: src/core/ngx_md5.c
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Roman Arutyunyan
Maxim Dounin
2011-2022, Nginx, Inc.
2002-2021, Igor Sysoev
License: BSD-2-clause
Files: src/core/ngx_module.c
src/core/ngx_module.h
Copyright: Nginx, Inc.
Maxim Dounin
Igor Sysoev
License: BSD-2-clause
Files: src/core/ngx_murmurhash.c
Copyright: Austin Appleby
License: public-domain
All MurmurHash versions are public domain software, and the author
disclaims all copyright to their code.
Files: src/core/ngx_proxy_protocol.c
src/core/ngx_proxy_protocol.h
Copyright: Roman Arutyunyan
Nginx, Inc.
License: BSD-2-clause
Files: src/core/ngx_rwlock.c
src/core/ngx_rwlock.h
Copyright: Ruslan Ermilov
Nginx, Inc.
License: BSD-2-clause
Files: src/core/ngx_sha1.c
Copyright: Nginx, Inc.
Maxim Dounin
License: BSD-2-clause
Files: src/core/ngx_syslog.c
src/core/ngx_syslog.h
Copyright: Nginx, Inc.
License: BSD-2-clause
Files: src/core/ngx_thread_pool.c
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Nginx, Inc.
License: BSD-2-clause
Files: src/core/ngx_thread_pool.h
Copyright: Valentin V. Bartenev
Nginx, Inc.
License: BSD-2-clause
Files: src/event/modules/ngx_win32_poll_module.c
Copyright: Nginx, Inc.
Maxim Dounin
Igor Sysoev
License: BSD-2-clause
Files: src/event/ngx_event_openssl_stapling.c
Copyright: Nginx, Inc.
Maxim Dounin
License: BSD-2-clause
Files: src/event/ngx_event_udp.c
Copyright: Roman Arutyunyan
Nginx, Inc.
License: BSD-2-clause
Files: src/http/modules/ngx_http_auth_request_module.c
src/http/modules/ngx_http_grpc_module.c
src/http/modules/ngx_http_upstream_keepalive_module.c
src/http/modules/ngx_http_upstream_least_conn_module.c
Copyright: Nginx, Inc.
Maxim Dounin
License: BSD-2-clause
Files: src/http/modules/ngx_http_gunzip_filter_module.c
Copyright: Nginx, Inc.
Maxim Dounin
Igor Sysoev
License: BSD-2-clause
Files: src/http/modules/ngx_http_mirror_module.c
src/http/modules/ngx_http_slice_filter_module.c
src/http/modules/ngx_http_upstream_hash_module.c
Copyright: Roman Arutyunyan
Nginx, Inc.
License: BSD-2-clause
Files: src/http/modules/ngx_http_scgi_module.c
Copyright: Nginx, Inc.
Manlio Perillo (manlio.perillo@gmail.com)
Igor Sysoev
License: BSD-2-clause
Files: src/http/modules/ngx_http_upstream_random_module.c
Copyright: Nginx, Inc.
License: BSD-2-clause
Files: src/http/modules/ngx_http_upstream_zone_module.c
Copyright: Ruslan Ermilov
Nginx, Inc.
License: BSD-2-clause
Files: src/http/modules/ngx_http_uwsgi_module.c
Copyright: Nginx, Inc.
Igor Sysoev
@ -68,17 +229,93 @@ Copyright: Nginx, Inc.
2008, Manlio Perillo (manlio.perillo@gmail.com)
License: BSD-2-clause
Files: src/http/modules/perl/typemap
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Roman Arutyunyan
Maxim Dounin
2011-2022, Nginx, Inc.
2002-2021, Igor Sysoev
License: BSD-2-clause
Files: src/http/ngx_http_huff_decode.c
Copyright: Valentin V. Bartenev
Nginx, Inc.
License: BSD-2-clause
Files: src/http/ngx_http_huff_encode.c
Copyright: Valentin V. Bartenev
Nginx, Inc.
2015, Vlad Krasnov
License: BSD-2-clause
Files: src/http/v2/*
Copyright: Valentin V. Bartenev
Nginx, Inc.
License: BSD-2-clause
Files: src/http/v2/ngx_http_v2_filter_module.c
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Nginx, Inc.
License: BSD-2-clause
Files: src/misc/*
Copyright: Valentin V. Bartenev
Ruslan Ermilov
Roman Arutyunyan
Maxim Dounin
2011-2022, Nginx, Inc.
2002-2021, Igor Sysoev
License: BSD-2-clause
Files: src/misc/ngx_google_perftools_module.c
Copyright: Nginx, Inc.
Igor Sysoev
License: BSD-2-clause
Files: src/os/unix/ngx_dlopen.c
src/os/unix/ngx_dlopen.h
Copyright: Nginx, Inc.
Maxim Dounin
License: BSD-2-clause
Files: src/os/unix/ngx_setaffinity.c
src/os/unix/ngx_setaffinity.h
Copyright: Nginx, Inc.
License: BSD-2-clause
Files: src/stream/ngx_stream.c
src/stream/ngx_stream.h
src/stream/ngx_stream_core_module.c
src/stream/ngx_stream_handler.c
src/stream/ngx_stream_proxy_module.c
src/stream/ngx_stream_return_module.c
src/stream/ngx_stream_upstream_hash_module.c
Copyright: Roman Arutyunyan
Nginx, Inc.
License: BSD-2-clause
Files: src/stream/ngx_stream_set_module.c
Copyright: Pavel Pautov
Nginx, Inc.
License: BSD-2-clause
Files: src/stream/ngx_stream_ssl_preread_module.c
src/stream/ngx_stream_upstream_random_module.c
Copyright: Nginx, Inc.
License: BSD-2-clause
Files: src/stream/ngx_stream_upstream_least_conn_module.c
Copyright: Nginx, Inc.
Maxim Dounin
License: BSD-2-clause
Files: src/stream/ngx_stream_upstream_zone_module.c
Copyright: Ruslan Ermilov
Nginx, Inc.
License: BSD-2-clause
License: BSD-2-clause
All rights reserved.
.

11
debian/debhelper/nginx_mod.pm vendored
View file

@ -35,18 +35,12 @@ sub _NDK_SRC_DIR {
sub new {
my $class=shift;
my $this= $class->SUPER::new(@_);
my $ngx_ver = `grep 'define NGINX_VERSION' /usr/share/nginx/src/src/core/nginx.h | sed -e 's/^.*"\\(.*\\)".*/\\1/'`;
chomp($ngx_ver);
$this->prefer_out_of_source_building(@_);
$this->{has_ndk} = $this->has_build_dep("libnginx-mod-http-ndk-dev");
$this->{has_stream} = $this->has_build_dep("libnginx-mod-stream");
foreach my $cur (getpackages('arch')) {
if ($this->{has_ndk} == 1) {
addsubstvar($cur, "misc:Depends", "libnginx-mod-http-ndk");
}
if ($this->{has_stream} == 1) {
addsubstvar($cur, "misc:Depends", "libnginx-mod-stream (>= $ngx_ver), libnginx-mod-stream (<< $ngx_ver.1~)");
}
}
return $this;
}
@ -69,7 +63,6 @@ sub configure {
--add-dynamic-module="$pwd_dir/$src_dir" \\
--builddir="$pwd_dir/$bld_dir" \\
' . ($this->{has_ndk} ? '--add-module=' . $this->_NDK_SRC_DIR : '') . ' \\
' . ($this->{has_stream} ? '--with-stream' : '') . ' \\
"$@"', "dummy", @_);
}
@ -86,10 +79,6 @@ sub test {
unshift @_, "ndk_http_module.so";
}
if ( $this->{has_stream} and !grep( /^ngx_stream_module.so$/, @_ ) ) {
unshift @_, "ngx_stream_module.so";
}
$this->doit_in_builddir("bash", "-e", "-o", "pipefail", "-c", '
tmp_conf=$(mktemp -p .)
for pre_dep in "$@"; do

10
debian/gbp.conf vendored
View file

@ -1,13 +1,5 @@
[DEFAULT]
debian-branch = main
pristine-tar = True
upstream-branch = upstream
upstream-tag = upstream/%(version)s
pristine-tar = True
sign-tags = True
upstream-signatures = on
[import-orig]
merge-mode = replace
[pull]
track-missing = True

30
debian/libnginx-mod.abisubstvars vendored
View file

@ -1,11 +1,23 @@
# ABI must be changed:
# - when upstream nginx version is changed
# - when module signature is changed (e.g. time_t change from 32bit integer to 64bit integer https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069997)
# - when symbols/structures/... (exported from header files) are changed
# update the ABI version when:
# - nginx upstream has changed
# - a patch might change the ABI
# - a build-dependency has changed
# note that debian revision can increase without breaking ABI
#
# ABI format: nginx-abi-{UPSTREAM_VERSION}-{SUFFIX}
# the {SUFFIX} provides a mechanism on rare cases when there have to be ABI
# changes without upgrading the upstream nginx version, e.g. security updates
# in oldstable
# TODO: use $(DEB_VERSION_UPSTREAM)
nginx:abi=nginx-abi-1.22.1-7
nginx:abi=nginx-abi-1.26.3-1
# ABI-compatible versions of third-party modules
libnginx-mod-http-auth-pam:Version=1:1.5.3-3
libnginx-mod-http-cache-purge:Version=1:2.3-4
libnginx-mod-http-dav-ext:Version=1:3.0.0-3
libnginx-mod-http-echo:Version=1:0.63-4
libnginx-mod-http-fancyindex:Version=1:0.5.2-3
libnginx-mod-http-geoip2:Version=1:3.4-3
libnginx-mod-http-headers-more-filter:Version=1:0.34-3
libnginx-mod-http-lua:Version=1:0.10.23-1
libnginx-mod-http-subs-filter:Version=1:0.6.4-4
libnginx-mod-http-uploadprogress:Version=1:0.9.2-3
libnginx-mod-http-upstream-fair:Version=1:0.0~git20120408.a18b409-3
libnginx-mod-nchan:Version=1:1.3.6+dfsg-2
libnginx-mod-geoip2:Version=1:3.4-3

1
debian/nginx-common.nginx.service vendored
View file

@ -15,7 +15,6 @@ Description=A high performance web server and a reverse proxy server
Documentation=man:nginx(8)
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
ConditionFileIsExecutable=/usr/sbin/nginx
[Service]
Type=forking

49
debian/patches/CVE-2024-7347-1.patch vendored Normal file
View file

@ -0,0 +1,49 @@
From: Roman Arutyunyan <arut@nginx.com>
Date: Mon, 12 Aug 2024 18:20:43 +0400
Subject: Mp4: fixed buffer underread while updating stsz atom.
While cropping an stsc atom in ngx_http_mp4_crop_stsc_data(), a 32-bit integer
overflow could happen, which could result in incorrect seeking and a very large
value stored in "samples". This resulted in a large invalid value of
trak->end_chunk_samples. This value is further used to calculate the value of
trak->end_chunk_samples_size in ngx_http_mp4_update_stsz_atom(). While doing
this, a large invalid value of trak->end_chunk_samples could result in reading
memory before stsz atom start. This could potentially result in a segfault.
Origin: upstream, https://github.com/nginx/nginx/commit/7362d01658b61184108c21278443910da68f93b4
---
src/http/modules/ngx_http_mp4_module.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c
index 4eff01e..460d091 100644
--- a/src/http/modules/ngx_http_mp4_module.c
+++ b/src/http/modules/ngx_http_mp4_module.c
@@ -3098,7 +3098,8 @@ static ngx_int_t
ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4,
ngx_http_mp4_trak_t *trak, ngx_uint_t start)
{
- uint32_t start_sample, chunk, samples, id, next_chunk, n,
+ uint64_t n;
+ uint32_t start_sample, chunk, samples, id, next_chunk,
prev_samples;
ngx_buf_t *data, *buf;
ngx_uint_t entries, target_chunk, chunk_samples;
@@ -3159,7 +3160,7 @@ ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4,
"samples:%uD, id:%uD",
start_sample, chunk, next_chunk - chunk, samples, id);
- n = (next_chunk - chunk) * samples;
+ n = (uint64_t) (next_chunk - chunk) * samples;
if (start_sample < n) {
goto found;
@@ -3181,7 +3182,7 @@ ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4,
"sample:%uD, chunk:%uD, chunks:%uD, samples:%uD",
start_sample, chunk, next_chunk - chunk, samples);
- n = (next_chunk - chunk) * samples;
+ n = (uint64_t) (next_chunk - chunk) * samples;
if (start_sample > n) {
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,

31
debian/patches/CVE-2024-7347-2.patch vendored Normal file
View file

@ -0,0 +1,31 @@
From: Roman Arutyunyan <arut@nginx.com>
Date: Mon, 12 Aug 2024 18:20:45 +0400
Subject: Mp4: rejecting unordered chunks in stsc atom.
Unordered chunks could result in trak->end_chunk smaller than trak->start_chunk
in ngx_http_mp4_crop_stsc_data(). Later in ngx_http_mp4_update_stco_atom()
this caused buffer overread while trying to calculate trak->end_offset.
Origin: upstream, https://github.com/nginx/nginx/commit/88955b1044ef38315b77ad1a509d63631a790a0f
---
src/http/modules/ngx_http_mp4_module.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c
index 460d091..dfada7c 100644
--- a/src/http/modules/ngx_http_mp4_module.c
+++ b/src/http/modules/ngx_http_mp4_module.c
@@ -3155,6 +3155,13 @@ ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4,
next_chunk = ngx_mp4_get_32value(entry->chunk);
+ if (next_chunk < chunk) {
+ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
+ "unordered mp4 stsc chunks in \"%s\"",
+ mp4->file.name.data);
+ return NGX_ERROR;
+ }
+
ngx_log_debug5(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0,
"sample:%uD, chunk:%uD, chunks:%uD, "
"samples:%uD, id:%uD",

70
debian/patches/CVE-2025-23419.patch vendored Normal file
View file

@ -0,0 +1,70 @@
From: =?utf-8?b?SmFuIE1vasW+w63FoQ==?= <jan.mojzis@gmail.com>
Date: Mon, 17 Feb 2025 20:39:22 +0100
Subject: CVE-2025-23419
Origin: https://github.com/nginx/nginx/commit/13935cf9fdc3c8d8278c70716417d3b71c36140e
SNI: added restriction for TLSv1.3 cross-SNI session resumption.
In OpenSSL, session resumption always happens in the default SSL context,
prior to invoking the SNI callback. Further, unlike in TLSv1.2 and older
protocols, SSL_get_servername() returns values received in the resumption
handshake, which may be different from the value in the initial handshake.
Notably, this makes the restriction added in b720f65 insufficient for
sessions resumed with different SNI server name.
Considering the example from b720f65, previously, a client was able to
request example.org by presenting a certificate for example.org, then to
resume and request example.com.
The fix is to reject handshakes resumed with a different server name, if
verification of client certificates is enabled in a corresponding server
configuration.
---
src/http/ngx_http_request.c | 27 +++++++++++++++++++++++++--
1 file changed, 25 insertions(+), 2 deletions(-)
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index a999ff5..4708719 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -909,6 +909,31 @@ ngx_http_ssl_servername(ngx_ssl_conn_t *ssl_conn, int *ad, void *arg)
goto done;
}
+ sscf = ngx_http_get_module_srv_conf(cscf->ctx, ngx_http_ssl_module);
+
+#if (defined TLS1_3_VERSION \
+ && !defined LIBRESSL_VERSION_NUMBER && !defined OPENSSL_IS_BORINGSSL)
+
+ /*
+ * SSL_SESSION_get0_hostname() is only available in OpenSSL 1.1.1+,
+ * but servername being negotiated in every TLSv1.3 handshake
+ * is only returned in OpenSSL 1.1.1+ as well
+ */
+
+ if (sscf->verify) {
+ const char *hostname;
+
+ hostname = SSL_SESSION_get0_hostname(SSL_get0_session(ssl_conn));
+
+ if (hostname != NULL && ngx_strcmp(hostname, servername) != 0) {
+ c->ssl->handshake_rejected = 1;
+ *ad = SSL_AD_ACCESS_DENIED;
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+ }
+
+#endif
+
hc->ssl_servername = ngx_palloc(c->pool, sizeof(ngx_str_t));
if (hc->ssl_servername == NULL) {
goto error;
@@ -922,8 +947,6 @@ ngx_http_ssl_servername(ngx_ssl_conn_t *ssl_conn, int *ad, void *arg)
ngx_set_connection_log(c, clcf->error_log);
- sscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_ssl_module);
-
c->ssl->buffer_size = sscf->buffer_size;
if (sscf->ssl.ctx) {

102
debian/patches/bug-1024605.patch vendored Normal file
View file

@ -0,0 +1,102 @@
Description: SSI: handling of subrequests from other modules
Author: User Ciel Zhao <i@ciel.dev>
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024605
Last-Update: 2022-11-21
Origin: https://hg.nginx.org/nginx/raw-rev/49e7db44b57c
Forwarded: not-needed
---
# HG changeset patch
# User Ciel Zhao <i@ciel.dev>
# Date 1669039294 -10800
# Node ID 49e7db44b57c9f4d54b87d19a696178b913aec5c
# Parent 42bc158a47ecb3c2bd0396c723c307c757f2770e
SSI: handling of subrequests from other modules (ticket #1263).
As the SSI parser always uses the context from the main request for storing
variables and blocks, that context should always exist for subrequests using
SSI, even though the main request does not necessarily have SSI enabled.
However, `ngx_http_get_module_ctx(r->main, ...)` is getting NULL in such cases,
resulting in the worker crashing SIGSEGV when accessing its attributes.
This patch links the first initialized context to the main request, and
upgrades it only when main context is initialized.
diff -r 42bc158a47ec -r 49e7db44b57c src/http/modules/ngx_http_ssi_filter_module.c
--- a/src/http/modules/ngx_http_ssi_filter_module.c Tue Nov 08 12:48:21 2022 +0300
+++ b/src/http/modules/ngx_http_ssi_filter_module.c Mon Nov 21 17:01:34 2022 +0300
@@ -329,7 +329,7 @@
static ngx_int_t
ngx_http_ssi_header_filter(ngx_http_request_t *r)
{
- ngx_http_ssi_ctx_t *ctx;
+ ngx_http_ssi_ctx_t *ctx, *mctx;
ngx_http_ssi_loc_conf_t *slcf;
slcf = ngx_http_get_module_loc_conf(r, ngx_http_ssi_filter_module);
@@ -341,6 +341,8 @@
return ngx_http_next_header_filter(r);
}
+ mctx = ngx_http_get_module_ctx(r->main, ngx_http_ssi_filter_module);
+
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_ssi_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
@@ -367,6 +369,26 @@
r->filter_need_in_memory = 1;
if (r == r->main) {
+
+ if (mctx) {
+
+ /*
+ * if there was a shared context previously used as main,
+ * copy variables and blocks
+ */
+
+ ctx->variables = mctx->variables;
+ ctx->blocks = mctx->blocks;
+
+#if (NGX_PCRE)
+ ctx->ncaptures = mctx->ncaptures;
+ ctx->captures = mctx->captures;
+ ctx->captures_data = mctx->captures_data;
+#endif
+
+ mctx->shared = 0;
+ }
+
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
@@ -379,6 +401,10 @@
} else {
ngx_http_weak_etag(r);
}
+
+ } else if (mctx == NULL) {
+ ngx_http_set_ctx(r->main, ctx, ngx_http_ssi_filter_module);
+ ctx->shared = 1;
}
return ngx_http_next_header_filter(r);
@@ -405,6 +431,7 @@
ctx = ngx_http_get_module_ctx(r, ngx_http_ssi_filter_module);
if (ctx == NULL
+ || (ctx->shared && r == r->main)
|| (in == NULL
&& ctx->buf == NULL
&& ctx->in == NULL
diff -r 42bc158a47ec -r 49e7db44b57c src/http/modules/ngx_http_ssi_filter_module.h
--- a/src/http/modules/ngx_http_ssi_filter_module.h Tue Nov 08 12:48:21 2022 +0300
+++ b/src/http/modules/ngx_http_ssi_filter_module.h Mon Nov 21 17:01:34 2022 +0300
@@ -71,6 +71,7 @@
u_char *captures_data;
#endif
+ unsigned shared:1;
unsigned conditional:2;
unsigned encoding:2;
unsigned block:1;

66
debian/patches/bug-973861.patch vendored Normal file
View file

@ -0,0 +1,66 @@
From 2485681308bd8d3108da31546cb91bb97813a3fb Mon Sep 17 00:00:00 2001
From: Maxim Dounin <mdounin@mdounin.ru>
Date: Thu, 2 Feb 2023 23:38:48 +0300
Subject: [PATCH] Lingering close for connections with pipelined requests.
Origin: https://hg.nginx.org/nginx/rev/cffaf3f2eec8
Forwarded: not-needed
This is expected to help with clients using pipelining with some constant
depth, such as apt[1][2].
When downloading many resources, apt uses pipelining with some constant
depth, a number of requests in flight. This essentially means that after
receiving a response it sends an additional request to the server, and
this can result in requests arriving to the server at any time. Further,
additional requests are sent one-by-one, and can be easily seen as such
(neither as pipelined, nor followed by pipelined requests).
The only safe approach to close such connections (for example, when
keepalive_requests is reached) is with lingering. To do so, now nginx
monitors if pipelining was used on the connection, and if it was, closes
the connection with lingering.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973861#10
[2] https://mailman.nginx.org/pipermail/nginx-devel/2023-January/ZA2SP5SJU55LHEBCJMFDB2AZVELRLTHI.html
---
src/core/ngx_connection.h | 1 +
src/http/ngx_http_request.c | 4 +++-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/core/ngx_connection.h b/src/core/ngx_connection.h
index 6d3348d9..36e1be27 100644
--- a/src/core/ngx_connection.h
+++ b/src/core/ngx_connection.h
@@ -172,6 +172,7 @@ struct ngx_connection_s {
unsigned timedout:1;
unsigned error:1;
unsigned destroyed:1;
+ unsigned pipeline:1;
unsigned idle:1;
unsigned reusable:1;
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 131a2c83..5e0340b2 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -2753,7 +2753,8 @@ ngx_http_finalize_connection(ngx_http_request_t *r)
|| (clcf->lingering_close == NGX_HTTP_LINGERING_ON
&& (r->lingering_close
|| r->header_in->pos < r->header_in->last
- || r->connection->read->ready)))
+ || r->connection->read->ready
+ || r->connection->pipeline)))
{
ngx_http_set_lingering_close(r->connection);
return;
@@ -3123,6 +3124,7 @@ ngx_http_set_keepalive(ngx_http_request_t *r)
c->sent = 0;
c->destroyed = 0;
+ c->pipeline = 1;
if (rev->timer_set) {
ngx_del_timer(rev);
--
2.30.2

4
debian/patches/nginx-fix-pidfile.patch vendored
View file

@ -7,7 +7,7 @@ Last-Update: 2020-06-24
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/src/core/nginx.c
+++ b/src/core/nginx.c
@@ -340,14 +340,21 @@
@@ -339,14 +339,21 @@
ngx_process = NGX_PROCESS_MASTER;
}
@ -30,7 +30,7 @@ This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
return 1;
}
@@ -360,8 +367,19 @@
@@ -359,8 +366,19 @@
#endif

4
debian/patches/nginx-ssl_cert_cb_yield.patch vendored
View file

@ -16,7 +16,7 @@ connections.
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -1914,6 +1914,23 @@
@@ -1832,6 +1832,23 @@
return NGX_AGAIN;
}
@ -40,7 +40,7 @@ connections.
err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
c->ssl->no_wait_shutdown = 1;
@@ -2050,6 +2067,21 @@
@@ -1968,6 +1985,21 @@
c->read->handler = ngx_ssl_handshake_handler;
c->write->handler = ngx_ssl_handshake_handler;

5
debian/patches/series vendored
View file

@ -1,3 +1,8 @@
0003-define_gnu_source-on-other-glibc-based-platforms.patch
nginx-fix-pidfile.patch
nginx-ssl_cert_cb_yield.patch
bug-1024605.patch
bug-973861.patch
CVE-2025-23419.patch
CVE-2024-7347-1.patch
CVE-2024-7347-2.patch

81
debian/po/ro.po vendored
View file

@ -1,81 +0,0 @@
# Mesajele în limba română pentru pachetul nginx.
# Romanian translation of nginx.
# Copyright © 2023 Christos Trochalakis
# This file is distributed under the same license as the nginx package.
# Christos Trochalakis <ctrochalakis@debian.org>, 2016.
#
# Remus-Gabriel Chelu <remusgabriel.chelu@disroot.org>, 2023.
#
# Cronologia traducerii fișierului „nginx”:
# Traducerea inițială, făcută de R-GC, pentru versiunea nginx 1.22.1-7(2016-10-04).
# Actualizare a traducerii pentru versiunea Y, făcută de X, Y(anul).
#
msgid ""
msgstr ""
"Project-Id-Version: nginx 1.22.1-7\n"
"Report-Msgid-Bugs-To: nginx@packages.debian.org\n"
"POT-Creation-Date: 2016-10-04 20:03+0300\n"
"PO-Revision-Date: 2023-03-13 12:29+0100\n"
"Last-Translator: Remus-Gabriel Chelu <remusgabriel.chelu@disroot.org>\n"
"Language-Team: Romanian <debian-l10n-romanian@lists.debian.org>\n"
"Language: ro\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n==0 || (n!=1 && n%100>=1 && "
"n%100<=19) ? 1 : 2);\n"
"X-Bugs: Report translation errors to the Language-Team address.\n"
"X-Generator: Poedit 3.2.2\n"
# R-GC, scrie:
# după revzarea fișierului, RA spune:
# „Unele fișiere jurnal de «nginx» parsă fie nesecurizate” → „... par să ...”
# ****
# Corecție aplicată!
#. Type: note
#. Description
#: ../nginx.templates:1001
msgid "Possible insecure nginx log files"
msgstr "Unele fișiere jurnal de «nginx» par să fie nesecurizate"
#. Type: note
#. Description
#: ../nginx.templates:1001
msgid ""
"The following log files under /var/log/nginx directory are symlinks owned by "
"www-data:"
msgstr ""
"Următoarele fișiere jurnal din directorul „/var/log/nginx” sunt legături "
"simbolice deținute de „www-data”:"
#. Type: note
#. Description
#: ../nginx.templates:1001
msgid "${logfiles}"
msgstr "${logfiles}"
# R-GC, scrie:
# după revzarea fișierului, RA spune:
# „Deoarece până la nginx 1.4.4-4 directorul „/var/log/nginx” a fost deținut de „www-data”. Ca rezultat, „www-data” ar putea crea legături simbolice ...”
# → aici avem o fraza incompleta. Acel "deoarece" are nevoie de un efect, de exemplu:
# „Deoarece până la nginx 1.4.4-4 directorul ... a fost deținut de „www-data”, ca rezultat, ...”
# *****
# Corecție aplicată, cu o corecție ;) →
# „... deținut de „www-data”; ca rezultat, ...”
# adică: , → ;
#. Type: note
#. Description
#: ../nginx.templates:1001
msgid ""
"Since nginx 1.4.4-4 /var/log/nginx was owned by www-data. As a result www-data "
"could symlink log files to sensitive locations, which in turn could lead to "
"privilege escalation attacks. Although /var/log/nginx permissions are now fixed "
"it is possible that such insecure links already exist. So, please make sure to "
"check the above locations."
msgstr ""
"Deoarece până la nginx 1.4.4-4 directorul „/var/log/nginx” a fost deținut de "
"„www-data”; ca rezultat, „www-data” ar putea crea legături simbolice a "
"fișierelor jurnal către locații sensibile, ceea ce, la rândul său, ar putea "
"duce la atacuri de escaladare a privilegiilor. Deși permisiunile directorului „/"
"var/log/nginx” sunt acum remediate, este posibil ca astfel de legături nesigure "
"să existe deja. Prin urmare, asigurați-vă că verificați locațiile de mai sus."

58
debian/po/sv.po vendored
View file

@ -1,58 +0,0 @@
# Swedish translation of nginx debconf messages
# Copyright (C) 2016 Christos Trochalakis
# This file is distributed under the same license as the nginx package.
# Christos Trochalakis <ctrochalakis@debian.org>, 2016.
# Peter Kvillegård <peterkvillegard@posteo.net>, 2023.
#
msgid ""
msgstr ""
"Project-Id-Version: nginx 1.24.0-1\n"
"Report-Msgid-Bugs-To: nginx@packages.debian.org\n"
"POT-Creation-Date: 2016-10-04 20:03+0300\n"
"PO-Revision-Date: 2023-08-21 19:01+0200\n"
"Last-Translator: Peter Kvillegård <peterkvillegard@posteo.net>\n"
"Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n"
"Language: sv\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
"X-Generator: Poedit 3.2.2\n"
#. Type: note
#. Description
#: ../nginx-common.templates:1001
msgid "Possible insecure nginx log files"
msgstr "Möjligen osäkra loggfiler för nginx"
#. Type: note
#. Description
#: ../nginx-common.templates:1001
msgid ""
"The following log files under /var/log/nginx directory are symlinks owned by "
"www-data:"
msgstr ""
"Följande loggfiler i katalogen /var/log/nginx är symboliska länkar som ägs "
"av www-data:"
#. Type: note
#. Description
#: ../nginx-common.templates:1001
msgid "${logfiles}"
msgstr "${logfiles}"
#. Type: note
#. Description
#: ../nginx-common.templates:1001
msgid ""
"Since nginx 1.4.4-4 /var/log/nginx was owned by www-data. As a result www-"
"data could symlink log files to sensitive locations, which in turn could "
"lead to privilege escalation attacks. Although /var/log/nginx permissions "
"are now fixed it is possible that such insecure links already exist. So, "
"please make sure to check the above locations."
msgstr ""
"Före nginx 1.4.4-4 ägdes /var/log/nginx av www-data, vilket innebar att www-"
"data kunde skapa loggfiler som var symboliska länkar till känsliga platser, "
"vilket i sin tur kunde leda till behörighetsintrång. Även om rättigheterna "
"för /var/log/nginx är fixade nu så är det möjligt att sådana osäkra länkar "
"finns kvar. Se till att kontrollera ovan nämnda platser."

17
debian/rules vendored
View file

@ -6,6 +6,14 @@ debian_cflags:=$(shell dpkg-buildflags --get CFLAGS) -fPIC $(shell dpkg-buildfla
debian_ldflags:=$(shell dpkg-buildflags --get LDFLAGS) -fPIC
FLAVOURS := bin
DYN_MODS := \
http-geoip \
http-image-filter \
http-perl \
http-xslt-filter \
mail \
stream \
stream-geoip
BASEDIR = $(CURDIR)
$(foreach flavour,$(FLAVOURS) src ,$(eval BUILDDIR_$(flavour) = $(CURDIR)/debian/build-$(flavour)))
@ -42,7 +50,6 @@ basic_configure_flags := \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_v3_module \
--with-http_dav_module \
--with-http_slice_module \
--with-threads
@ -79,6 +86,7 @@ bin_configure_flags := \
override_dh_auto_configure: $(foreach flavour,$(FLAVOURS),config.arch.$(flavour)) config.src
override_dh_auto_build: $(foreach flavour,$(FLAVOURS),build.arch.$(flavour)) build.src
override_dh_strip: $(foreach flavour,$(FLAVOURS),strip.arch.$(flavour)) $(foreach mod,$(DYN_MODS),strip.mods.$(mod))
override_dh_clean: $(foreach flavour,$(FLAVOURS),clean.$(flavour)) clean.src
dh_clean
@ -109,6 +117,13 @@ build.src:
echo "NGX_CONF_FLAGS=(" $(basic_configure_flags) ")" > $(BUILDDIR_src)/conf_flags
pod2man debian/debhelper/dh_nginx > $(BUILDDIR_src)/dh_nginx.1
strip.arch.%:
#dh_strip --package=nginx-$(*) -O--dbgsym-migration='nginx-$(*)-dbg (<< 1.10.1-3~)'
dh_strip --package=nginx -O--dbgsym-migration='nginx-dbg (<< 1.10.1-3~)'
strip.mods.%:
dh_strip --package=libnginx-mod-$(*) -O--automatic-dbgsym
config.arch.%:
dh_testdir
mkdir -p $(BUILDDIR_$*)

8
debian/tests/control vendored
View file

@ -31,7 +31,7 @@ Depends: nginx-core,
libnginx-mod-http-geoip2,
libnginx-mod-http-headers-more-filter,
libnginx-mod-http-image-filter,
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x riscv64 powerpc],
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x powerpc],
libnginx-mod-http-perl,
libnginx-mod-http-subs-filter,
libnginx-mod-http-uploadprogress,
@ -62,7 +62,7 @@ Depends: nginx-full,
libnginx-mod-http-geoip2,
libnginx-mod-http-headers-more-filter,
libnginx-mod-http-image-filter,
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x riscv64 powerpc],
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x powerpc],
libnginx-mod-http-perl,
libnginx-mod-http-subs-filter,
libnginx-mod-http-uploadprogress,
@ -93,7 +93,7 @@ Depends: nginx-light,
libnginx-mod-http-geoip2,
libnginx-mod-http-headers-more-filter,
libnginx-mod-http-image-filter,
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x riscv64 powerpc],
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x powerpc],
libnginx-mod-http-perl,
libnginx-mod-http-subs-filter,
libnginx-mod-http-uploadprogress,
@ -124,7 +124,7 @@ Depends: nginx-extras,
libnginx-mod-http-geoip2,
libnginx-mod-http-headers-more-filter,
libnginx-mod-http-image-filter,
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x riscv64 powerpc],
libnginx-mod-http-lua [amd64 arm64 armel armhf i386 mips64el mipsel s390x powerpc],
libnginx-mod-http-perl,
libnginx-mod-http-subs-filter,
libnginx-mod-http-uploadprogress,

5
debian/ufw/nginx vendored
View file

@ -12,8 +12,3 @@ ports=443/tcp
title=Web Server (Nginx, HTTP + HTTPS)
description=Small, but very powerful and efficient web server
ports=80,443/tcp
[Nginx QUIC]
title=Web Server (Nginx, HTTP + HTTPS + QUIC)
description=Small, but very powerful and efficient web server
ports=80,443/tcp|443/udp

339
debian/upstream/signing-key.asc vendored
View file

@ -1,257 +1,94 @@
# Previously used as signing key up through May 24, 2022
# and may be used in future. Keep this around intentionally as such.
# gpg: pub rsa2048/520A9993A1C052F8 2011-11-27 Maxim Dounin <mdounin@mdounin.ru>
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGZXLBYBEACxv3nUIdUtFCpH1G4hBB+eVSsWwnHVTDtSYfINHmN8dQfyGy22
XcX2DR6ZW9/I5e06McAz4e3hTuhD5+sF7zv4Dd/xEqxpra08liVvB3QlJ6kawBJa
Bn29s/N/A06yUrOVC1ZjhpDLshaHeyHjWDVLUX9ibLx1N3BQoeoH/5lgTmfF4JPk
LfnTMwHWQ5phT52MVE+B/XExldIPAn27m2ZfXHXnSUMKCRybQNypBiIp6OBfirwa
pyjaRO1AajwalSkbSV9o/fL3liluv1HimQ11/5y0rxMdi+aaeca9oA4Gvfdh/biO
MYcTeiZx72BKqDwMfJVXSjQ8XOYbfCjWp8dNkS5Yd4bmX+ITXRkZHqQxgmoKWr7B
9/i+asColt/qqsQ6PROa2y86TbQSfn/HM8L6c85BkJrI41abJ2QHShVzpk0e/464
hqxvnAZCrmdM+GBSuYfDDqHHHgxhIzHnKnyRX/MtfhZA/CUFUOe+m6j214KKtkMQ
6EpZzgH52FFD6Vi1NkQvfYx5pqEdmJfRKR9ABf8fYI8U8ryNgIq7f13bwoX4haZy
ql/fC4lTG6OEppgdQe7afyAmdi7G/w1pMcbz5Wwp91R+1372XifynBdeTrUsbK25
P42TH3OADC2Id+MaaGh1AjY1bFifOGRf48rnrcMn0Q4Lw3l56wgjou4MUQARAQAB
tCtuZ2lueCBzaWduaW5nIGtleSA8c2lnbmluZy1rZXktMkBuZ2lueC5jb20+iQIi
BBMBCgAWBQJmVywWCRAv0hMQtJ9rRgIbAwIZAQAAq08P/jeIVEj9/cJFzdOeBqjg
F9DNZljkR+2z5UAkQSHfkzWgHRbdAnjT1bc/ltLi6w/z/97kOZhaiSx6TLRg2mX/
5nuC4KijhT9rNc/d5j/BHS4U7lFK8c5ED5wxGvJZcF0VCSfeaiuxoO3QiNYX1iiD
qEyJ1XL/XHd7LjJ4gKxsohKL1rRLSuvtOkK799YArNit5ueATDWW6EUSZaxOiMNz
MaQFMEkjoiPVlj7jNwZN7KHNXkaJjiER0kmJ9XWDtkgSHOZrUNX2PHJpxxCtQj7d
YpOFM/DHvNUZ9dHXm3Ioo3R/MUcC4mbZpAvs4YwZ/yRqov/MX4WEUtvcCY36EL5t
hUDK09huMMBLBdM0jgVLsJnXn5ksMdVkpgFyeR/SKEaUTmQrgkCIwqvRxDegAkNN
lmAiNhxdKD+CrWws+EzQYOeWVRUO9aHKC5ttwhhQuxyvmNgoAMhd8x8Tcm7grC/m
ZOqYWzpEWd1DEyi9jaTkhrSWMd5jc5lvCwOHDRzVi1HmIJy+cybPbQpkbFY6vj/7
shx2Aa+QKRJs+33Ztg0drc3j+mDk9NJQy0KPIbqee0gy0pmaKNiJOxdIWI6ra3cM
3lh5OG+CGakga1X9YiCWv4/OgDYY/6cFTqEN0wXruFLNZ7P4iowJgPU1KZauvDZl
gfsgBoKJ35Nf6p9PdjcjcyW5iQEzBBABCAAdFiEEcziXMGntP0Q/TTffpk/VsXrb
OagFAmZXLlcACgkQpk/VsXrbOaiWowgAvU9HwLkK74VGjosmPpcjurRowUp+/KOA
HmIro2wQ6JVlUrSL2Rz+RIBJ1BKTgGnVZznkXywXHWK2LI4nL3aDoAuyyrzQk1pj
hO1ZJGJBvh9Zq/kGRgEdlTe2sXVX2G7fr4fhd6BcYYvUBQ5OWR6Hh6uS+G1QVw0y
Lu5Gp+7kyolyH6iYlgvxseche+EIqBPyHe5fyb1t8Zcu1uHoQHj9O90FvJSbq4dR
d0tTlqK1tDklT+Aod2UobBCurn45udjiAKtzH6Bg2dvF/oY4udSC9/HgNPbm7JuY
clEaLukWMdFOCEj9Xr6krHtUh7zTiU6pHvUL2SYMPhsJj6AKZRg52IkBMwQQAQgA
HRYhBFc7/Ws9j7xkEHmmq6v1vYJ72b9iBQJmVz0rAAoJEKv1vYJ72b9iVTwH/Awq
vgnXbJ5mCGbLdQgrDoUYe+1nw/qWbl7Hpn/px55BEIW5S0itI50c9sOS2QFQMdRh
YVqZ+YH4aH5pDNW2kFik4Y+CFoJI9QkrEUx66PYIMu3RVBEE7/HQEwND/IbEAeMg
PpGQdEfEDD8kevlinJTyDXJ3dfBa6HEDpK0wDYrBx3mbHP7ouACsZcxqSdx4kOyv
U2Xvlc5pVRsdvJ7AsVRhRaRdSO8YlqU1Ue/OM/Ejj+GZ1Qo8EDge5887HiY8gcjy
J4FS1n2+3839n990s5xDCFSB1G8KmwgkfbkS6gEpA5wf9nk3tiSPS+HMfjMb50GJ
SayUVrAyUupv/Sxvyo+JAjMEEAEIAB0WIQTWeGzjA9mpAimY3GzIRk1UmvdcCgUC
ZldKbQAKCRDIRk1UmvdcCn6EEACUhtMnJGtrunotTwywt/jfkqexA+lhQ+S9V5eF
IIK6Tlq1asFy0s+twYJBQzTXt+hmL8GrBgeQp26CA8wrbxmnUOrXO1K9ksaXXjj0
SRo9Xr/flCmeFKFRSSVy18UZVwf1vftFwF2lQspU+xZmj7vgr+2vKa3Z+81J8tHw
3/Sc5pt3EGB8GeCiEThe3zr49KpANejy/7feASSS+BBBUbNqnCFImfwLJ2V99mGx
GdejudbTYEXsn6jyVWTeKBcaLM4ArS20O0DJkqBcVC1Ymq+K3AGmKnrLJXDSwaV/
+yv5pyqApf6Lu9tx7wy6upBop8KroB9xiTN5UIiYhwtHBlpOLkmXB7K549CYX34y
aOHJjez8Txn1bDhbCOe8WOnPEDI8V4RQBr0/xePru6lfwSmSriquVuBGZSir6qxA
1folqrEuoF5aEuxFper6yC/zfVP85znqBOh8OaYTGBeb622UswzLTbW4y2M3E9Ws
KhaXzTqXgIn3INCJLCv4CHiGQQB6zN6meGdOkEV0IaZvq3O4iZOAVFmKbN3GZcKT
Kjxq295LNO15c0WCauik3FRjSppyvcAqoCEbr+LVAX3/ZV3oELhQPnkZCuAFQUB+
LKxTcTEIdjFKrPEvDgXLL9CNe747ANcLCV02SRRGYnfQ1aoxJNQlzbFw0unHjyDk
vKcD44kBswQQAQgAHRYhBBPIKmO2A1dhVuMKTqDqmBtmsNlnBQJmV1HlAAoJEKDq
mBtmsNlni3gMALfZSqIL7v66dMyjLQR81G4o6rEAixTuFc3B8xDmWDHKIjmdRMTN
mm2KGz0CG7VjdHSe3oOBYok4fDVS0o636EOxndOHszuB9cfhMMXNDFi4T1xcZCLm
UTdXCH88cagwTf6REsbfuXF8WiFemNNiPzMzLmnTlUe7Va2t+gKD/Q9vSlDLKz66
IZBMdDoAHDKHZTtvwlAKswnpO0cDIeZjO0C1+YFLLSJ1nYQbh6mH+hJvNLimWPKR
ZQCPAa5w0Gutz91cE9nv03yg3FMcjlEgklQ77g/nGGFJnQHAeMhfgUUfPLx1rI9/
5NON5w7Wf3PXOlTYWO25ieUVKESu8dUCFktKRMnzauej2vjnQlMFG0upzw8dhytn
E83WanvRzVynanK38PCNYQ3INsydN3wvJNetHpBdpyPfOa61dOUtu1TBvV80qcBR
wIe6vbWZx0WB59b3KV8Sc68j8OJxF6i3E0IRby4f0hcoqogBkry0NPK/rtL2HHnN
vcV0wl+DODz9hw==
=oWlI
mQENBE7SKu8BCADQo6x4ZQfAcPlJMLmL8zBEBUS6GyKMMMDtrTh3Yaq481HB54oR
0cpKL05Ff9upjrIzLD5TJUCzYYM9GQOhguDUP8+ZU9JpSz3yO2TvH7WBbUZ8FADf
hblmmUBLNgOWgLo3W+FYhl3mz1GFS2Fvid6Tfn02L8CBAj7jxbjL1Qj/OA/WmLLc
m6BMTqI7IBlYW2vyIOIHasISGiAwZfp0ucMeXXvTtt14LGa8qXVcFnJTdwbf03AS
ljhYrQnKnpl3VpDAoQt8C68YCwjaNJW59hKqWB+XeIJ9CW98+EOAxLAFszSyGanp
rCqPd0numj9TIddjcRkTA/ZbmCWK+xjpVBGXABEBAAG0IU1heGltIERvdW5pbiA8
bWRvdW5pbkBtZG91bmluLnJ1PokBOAQTAQIAIgUCTtIq7wIbAwYLCQgHAwIGFQgC
CQoLBBYCAwECHgECF4AACgkQUgqZk6HAUvj+iwf/b4FS6zVzJ5T0v1vcQGD4ZzXe
D5xMC4BJW414wVMU15rfX7aCdtoCYBNiApPxEd7SwiyxWRhRA9bikUq87JEgmnyV
0iYbHZvCvc1jOkx4WR7E45t1Mi29KBoPaFXA9X5adZkYcOQLDxa2Z8m6LGXnlF6N
tJkxQ8APrjZsdrbDvo3HxU9muPcq49ydzhgwfLwpUs11LYkwB0An9WRPuv3jporZ
/XgI6RfPMZ5NIx+FRRCjn6DnfHboY9rNF6NzrOReJRBhXCi6I+KkHHEnMoyg8XET
9lVkfHTOl81aIZqrAloX3/00TkYWyM2zO9oYpOg6eUFCX/Lw4MJZsTcT5EKVxLkB
DQRO0irvAQgA0LjCc8S6oZzjiap2MjRNhRFA5BYjXZRZBdKF2VP74avt2/RELq8G
W0n7JWmKn6vvrXabEGLyfkCngAhTq9tJ/K7LPx/bmlO5+jboO/1inH2BTtLiHjAX
vicXZk3oaZt2Sotx5mMI3yzpFQRVqZXsi0LpUTPJEh3oS8IdYRjslQh1A7P5hfCZ
wtzwb/hKm8upODe/ITUMuXeWfLuQj/uEU6wMzmfMHb+jlYMWtb+v98aJa2FODeKP
mWCXLa7bliXp1SSeBOEfIgEAmjM6QGlDx5sZhr2Ss2xSPRdZ8DqD7oiRVzmstX1Y
oxEzC0yXfaefC7SgM0nMnaTvYEOYJ9CH3wARAQABiQEfBBgBAgAJBQJO0irvAhsM
AAoJEFIKmZOhwFL4844H/jo8icCcS6eOWvnen7lg0FcCo1fIm4wW3tEmkQdchSHE
CJDq7pgTloN65pwB5tBoT47cyYNZA9eTfJVgRc74q5cexKOYrMC3KuAqWbwqXhkV
s0nkWxnOIidTHSXvBZfDFA4Idwte94Thrzf8Pn8UESudTiqrWoCBXk2UyVsl03gJ
blSJAeJGYPPeo+Yj6m63OWe2+/S2VTgmbPS/RObn0Aeg7yuff0n5+ytEt2KL51gO
QE2uIxTCawHr12PsllPkbqPk/PagIttfEJqn9b0CrqPC3HREePb2aMJ/Ctw/76CO
wn0mtXeIXLCTvBmznXfaMKllsqbsy2nCJ2P2uJjOntw=
=NeQn
-----END PGP PUBLIC KEY BLOCK-----
# First observed on May 24, 2022
#
# pub rsa3072 2018-05-07 [SC] [expires: 2027-05-17]
# 13C82A63B603576156E30A4EA0EA981B66B0D967
#uid [ unknown] Konstantin Pavlov <thresh@nginx.com>
#uid [ unknown] Konstantin Pavlov <k.pavlov@f5.com>
#sub rsa3072 2018-05-07 [E] [expires: 2027-05-17]
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBE5OMmIBCAD+FPYKGriGGf7NqwKfWC83cBV01gabgVWQmZbMcFzeW+hMsgxH
W6iimD0RsfZ9oEbfJCPG0CRSZ7ppq5pKamYs2+EJ8Q2ysOFHHwpGrA2C8zyNAs4I
QxnZZIbETgcSwFtDun0XiqPwPZgyuXVm9PAbLZRbfBzm8wR/3SWygqZBBLdQk5TE
fDR+Eny/M1RVR4xClECONF9UBB2ejFdI1LD45APbP2hsN/piFByU1t7yK2gpFyRt
97WzGHn9MV5/TL7AmRPM4pcr3JacmtCnxXeCZ8nLqedoSuHFuhwyDnlAbu8I16O5
XRrfzhrHRJFM1JnIiGmzZi6zBvH0ItfyX6ttABEBAAG0KW5naW54IHNpZ25pbmcg
a2V5IDxzaWduaW5nLWtleUBuZ2lueC5jb20+iQE+BBMBAgAoBQJOTjJiAhsDBQkJ
ZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCr9b2Ce9m/YpvjB/98uV4t
94d0oEh5XlqEZzVMrcTgPQ3BZt05N5xVuYaglv7OQtdlErMXmRWaFZEqDaMHdniC
sF63jWMd29vC4xpzIfmsLK3ce9oYo4t9o4WWqBUdf0Ff1LMz1dfLG2HDtKPfYg3C
8NESud09zuP5NohaE8Qzj/4p6rWDiRpuZ++4fnL3Dt3N6jXILwr/TM/Ma7jvaXGP
DO3kzm4dNKp5b5bn2nT2QWLPnEKxvOg5Zoej8l9+KFsUnXoWoYCkMQ2QTpZQFNwF
xwJGoAz8K3PwVPUrIL6b1lsiNovDgcgP0eDgzvwLynWKBPkRRjtgmWLoeaS9FAZV
ccXJMmANXJFuCf26iQFVBBMBCAA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIX
gBYhBFc7/Ws9j7xkEHmmq6v1vYJ72b9iBQJmULK1BQkdphrTAAoJEKv1vYJ72b9i
2+AH/RSX5voZXtSAl0fxVc9GDrGesOsykkSELnailOkWiFEHZS842U1EQst9Omki
OC14xk9fY36gK8bxXnLwww4hnnh/fpj7vJkJpVCi2uO3RKizyN6rp+7xbZ2lCKfp
5tsDg5U4iaaziTNtb4ISq79gLmLY/gqBwGksRozmChsl2QOVgg0KDTI5TP+41IwW
AFuO+XzHZ7OEegxwHta65KeVNipYjCarTRcRhGxA0rpLdBynkZ/OaI5+J6UZVfna
2eyDgHPlMo+v12+g/wOFOwShVWo4PwIsZw1jzBCLhspgezn7IolQFMHtVxCJAkgw
XhLgogChbe885HzTB6GlMowXclGJATMEEAEIAB0WIQRzOJcwae0/RD9NN9+mT9Wx
ets5qAUCZlcuRQAKCRCmT9Wxets5qD1GB/4/NIcvCRj3LvFbrtmtbExBoBP6Hv/8
U4wUpuJbAAxImJ9uNKKaH+cmvoshkWTSUBXTvNjAQW3SM9oW+V3G7wicUtH+7cnd
xExuqf5e6f6IGqKCgrV25g0WWvJZG6ynMDDkgnyu3fTE7GkVKwoWQ6qV6Akar8oV
29P+xe2U7AWPvw+O+SBghl32x8DA/nUjIyLbvBQuXb6BjHOxrTw3WOJDfwHwOyMd
P7NHe7RE70cSj/TNabuNw9c31H0+PAj+UWfvgs5diPVJ9Fd/PK4pWQoh/4poMEbc
/1Ol0G7SItUKO6v4aHn89g00xnqUxrfwbCWCEF9EjnfFtlsDbGSWIdz8iQE+BBMB
AgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCV2K1+AUJGB4fQQAKCRCr
9b2Ce9m/YloaB/9XGrolkocm7l/tsVjaBQCteXKuwsm4XhCuAQ6YAwA1L1UheGOG
/aa2xJvrXE8X32tgcTjrKoYoXWcdxaFjlXGTt6jV85qRguUzvMOxxSEM2Dn115et
N9piPl0Zz+4rkx8+2vJGF+eMlruPXg/zd88NvyLq5gGHEsFRBMVufYmHtNfcp4ok
C1klWiRIRSdp4QY1wdrN1O+/oCTl8Bzy6hcHjLIq3aoumcLxMjtBoclc/5OTioLD
wSDfVx7rWyfRhcBzVbwDoe/PD08AoAA6fxXvWjSxy+dGhEaXoTHjkCbz/l6NxrK3
JFyauDgU4K4MytsZ1HDiMgMW8hZXxszoICTTiQEcBBABAgAGBQJOTkelAAoJEKZP
1bF62zmo79oH/1XDb29SYtWp+MTJTPFEwlWRiyRuDXy3wBd/BpwBRIWfWzMs1gnC
jNjk0EVBVGa2grvy9JtxJKMd6l/PWXVucSt+U/+GO8rBkw14SdhqxaS2l14v6gyM
eUrSbY3XfToGfwHC4sa/Thn8X4jFaQ2XN5dAIzJGU1s5JA0tjEzUwCnmrKmyMlXZ
aoQVrmORGjCuH0I0aAFkRS0UtnB9HPpxhGVbs24xXZQnZDNbUQeulFxS4uP3OLDB
AeCHl+v4t/uotIad8v6JSO93vc1evIje6lguE81HHmJn9noxPItvOvSMb2yPsE8m
H4cJHRTFNSEhPW6ghmlfWa9ZwiVX5igxcvaIRgQQEQIABgUCTk5b0gAKCRDs8OkL
LBcgg1G+AKCnacLb/+W6cflirUIExgZdUJqoogCeNPVwXiHEIVqithAM1pdY/gca
QZmIRgQQEQIABgUCTk5fYQAKCRCpN2E5pSTFPnNWAJ9gUozyiS+9jf2rJvqmJSeW
uCgVRwCcCUFhXRCpQO2YVa3l3WuB+rgKjsSJAjMEEAEIAB0WIQTWeGzjA9mpAimY
3GzIRk1UmvdcCgUCZldKdQAKCRDIRk1UmvdcCj1hEACv1XfhwpsBPVNzcfzMIpfY
xAQF28m/VFLwD8FYKoVgb4rF2wLBtt9kaoPZxphEvV/FWHhpa3Tyr3L320r6sVk2
5Ou6G/AH6kNF6vYn98chEmbCc7DE2B03G1HFFuRSOmp0ZwafJ6MYUhjpDrf6fFDL
fmdkr/hjLwCYvFQsHXYiIWDFBPZ6RvVC6ozbdFr4eWj+CIPZM4jcGTgSI/u67tC6
8tOdX4a8/ujdkLDjyf2xgbWT8ZxY3o0fvfLFEQVpNMUsYtiW/kTPBsq48Gq2BWow
/2Ld86KjgBOyElnVy9kMLCB4d/DPnSdBkjHzWWDx2c/PDGWIGnES6O7NYvRQ9Sr0
bQwtr70nvai2OkpYVszVwOqyr4vDeTIt0GFKOMRDRrscVGmlGr2mpExiCEgGyAjR
Z/aZDCzEnsswfJ+6IARYzE5nB3+pbJnzQNvj9r/YL8T9HkWID4sWJnnNmaFoWEMF
m+yvI8vyVMGPSqfVtN9pEpx/pzV/Q525nFYuUlEsqGgaDydnwe6AV9gZsRyA+YjE
H3gI1gxGwRyupldmstzoYzTktb4o1KL/vGj/onUIk8mFKx8p1X9VPWW0+8LqnAYf
Ui3jDoXE/9avsF6ipS7y1k8ga81z01NOvuhai3c9pvMAIYrNTvoQVz8vTIOtJac1
PEoU6jdm8blCt2UjGp8A4okBswQQAQgAHRYhBBPIKmO2A1dhVuMKTqDqmBtmsNln
BQJmV1HrAAoJEKDqmBtmsNlntoEMANBPdskGMrU4ZxHMlOTd1JX74ucp5jez0Y2o
bwlxOiWroraYVBnWT9v150kNf1Tb5mDxi820qebiSPZxhlI1Kj7NrPFNxQkhhNzN
7Xr/M9OGpkwxosEpcMAiWfofyAdrnwos+MA/edu/EoyVRs6zpo75nP9GKUZwVcjH
KtvPMojkZYpxjxsio0aK8LW8VwDtsbwPIXDIHzE7sxUvThrMdXumrh7gKqaC6gep
HZB2lL5ES0kVE3/yjZR1khmcmF1zELeC0IddJjX2R9HMcSLixdJ2V8/VFsWMb2KQ
pGtDzCuRyyxbugzBIxiGV2Xb7XwOByaikc1duqFv3gtk7Vk8wgQN3YwLkZ6pztlK
vCbqy2b2wlPviGjApQ2GVd6EEmlCk2gKPkjrn2lxS2BXWorM+ANSswJT+eILi9yW
Q5zzmYK2vFTzL7FAMeqS/671jNhZQ8O7jvbY/mRhl66k2MY7/JgI+coP0cY+HHr2
ozw9yNdOZmnk2Prj7+mBuchbT3BJOQ==
=AgHy
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGZXO1wBEADEm061e/MGo2f7rpSqokI59in/egWbeQE26vwxB7vPu4e7j+cU
Vg3AezwCbf3nVRAE9DpJ+yuB0KVkM/0QszjOEEBuehZYJrUiwMyiY6jAk8xtqjpV
PsOMyZrypoJhwzg/sYNadUPw4UoHJ/xq4wNA2ZG9Xf0l8M3shYJPmKWLz/eefa5V
Ef/toQ7a55l0aJ7XyACTU6dv4bkHHqomDImK2C94s+KyCxaFyz6NgFz25V/j66Am
gB1m6UGGsvP4qYXW+KTsLz9XDvJeLLHWNcqQoyUO5Vs5C3hGozL7kEkyK/1qHcou
XXkeGN365z93ZeK+VdBZKJtsCswPk2wdDBByU9lAUNHYcLHf6S8fwCACeIqJ6LaY
MKmZUN2gR/boTyMERHEA8XnWXTDp7EsSNIc+LkU5AT8yesANcczH5k/XOI4hltJC
piEsSgg9V7FvO4eA2iQWGv/Y4nlUfw3lbRuRFvd7oqVQKlX4iIs++kVCCegBvtNA
1naxPbvTqrC4THvBSSZpOW/y/6XibAr/scCNNW1mEhwm5SPBHq9Sv35p6xKDTcgQ
8o3KLM8tKKt6kokAqlrXk9Nq6LYrZKwg5a9crFF7nCL2xgxZy1OJQVcPuhhZy5WT
WReE5RJdlF5VGRT9nMJ3B4Vlp5luQnMUFYXTAKQd6Cogbb99J4MjDttAlwARAQAB
tCtuZ2lueCBzaWduaW5nIGtleSA8c2lnbmluZy1rZXktM0BuZ2lueC5jb20+iQIi
BBMBCgAWBQJmVztcCRC83NijjYiiswIbAwIZAQAA9FMQAJ/e8F1egZGbRIV6qU/Q
bJD3EsKZZlitQSVXbBpxqDlkD+uzSFATGjiLGvJoTzfpJpJjI7FwrtO74lRkjCl9
wQUNJ+wm2Kod6rEEQc6lWkDsgxpjqAAGVS0lmMf+VPBGQ+kc8S3ZdCOWEeq7nThZ
/xWR+UuQQcz1vCKmEgwTrr5MJVcqDg4wiH1Z4lRVfjTezf9IWk+xeE3mV8h7Ltbr
N5ZvOkiw88JLrbQsurxx+lYEaGIZyIk3huiDE/KpsMdw9KXUfoDcBqWc7oDjqKL+
QEaq7TW6VetKyJaakP6Do+Opx0BtS3eH86PEZqtULEw9WifC86GtRr50iTXWBTfI
MFZo4AwigHXvZ5WrJvLfldY+scoU1rPMouYlZJ9W+6YHLjf/jpr4W1w6LKKXX3ah
h4VLtlOmrOLA21E7RQ0PwoE6nT7DAm1DsMFCXy7lyp3u5IXGahnJddWCb0Px3RTm
PZgOt+YAGJDsP46ngl5LxhilMK5f5R8v5n1lJ/XzFcXCEN4i/d8A1jx9DQx4CJN1
wp/WZzJ6GjnCqMCdOBlQ2eNmhR+q1bAI79kSv86ahaM/aS1FvHMz8ppzwkRhv5jY
eR9aRlAwaCPOjbWhYJt/xveOWmxCdg5ta+Pj5g+41wHZyNf9aqR314aKwsxo2AYH
uUe+PgpsHbe1sQTkb/W1OfSCiQEzBBABCAAdFiEEcziXMGntP0Q/TTffpk/VsXrb
OagFAmZXO+kACgkQpk/VsXrbOajGgwf8CAXJwSIhGOWFSgV6vpvZPChTsgteZxhT
8NrJJLxL8X34Rw5YctSli4akkchTonm5RRp/SlvI2fPe0o6q2ymF4BASPJ/oSI3p
Gs/jwctHz8hwaVN0xQ4SBXgquIFWrLRNOjCxEV/vMRJRzuF9jrrdv3vxZEugETI+
rnoEZu2Z2ZlMj7PPeiScf8dFXax67+Xi5S2KJCaXm1QGAJvttHrwsbBAIE9CVUg4
UmXwADQ6HkOKjY+QS5AP8Ak1dg8/oadgyMqB4GrcE44KUpo4YafP37XnwXfQNKpk
Rb0bO9Qm9lM/LhPulBY8WIPkmrFCVhGTE6K5ZvI59R4nECHHx24/LYkBMwQQAQgA
HRYhBFc7/Ws9j7xkEHmmq6v1vYJ72b9iBQJmVzzzAAoJEKv1vYJ72b9iPPIIAJ5k
hTz2d7CaJefHzoraogKSIeBnA3OR+nDgdDl9Mp8i2WLGu9YYhIrPU0iSVw8jqa8t
GIjCw4/bS9HN8oub2Ip802xDLugCz1Yz6CXjCXN2rlNPsdBV8IIKNHOv93qMvnZS
DwyBUAvAs4XzF7zbYgfZ30B0gRI0g0+Nt44oDOn3PfO/kNUJyBVPT9m7l3JUHuZT
FPOD8a0oJPvW+iYlSkmPELBvgehsX7MVLoeQ5qtS1KkuWr+y1wqD5kxqabMPcfdU
jAr4ssXs/pSsYJVyS4CuUWkY4FiCJm4KtU+XPDs1RCTzMkW6HHgSebocTZzLETYw
XsDx80qd21UAdGc116qJAjMEEAEIAB0WIQTWeGzjA9mpAimY3GzIRk1UmvdcCgUC
ZldKYgAKCRDIRk1UmvdcCoG/D/9qLmHYOGnsmedUbgtLmuBJOuA6oqnaWxYI45eV
+vaAaI2+QfRoJTrjklTXv29Pi4LTzN5YBySSIkv/z9ry5Xsz5yroNY9Xb6JdrqOt
fLa/U0wddNuJbmIom4gUPXGInhHUBbP6mNz+s6e2ukBEWvb2XIsGe5v291QXMohQ
/PT8zTIwNYaw2zVF6Sa/0spA9/9XA5BdUcrtl7xPgYL7pLVmKYGJlCf5TOaWfLDJ
mIMeeUznVK9vK+vT+YqUPfFyIqO7dvio/+MRFjePoD6csT4UBT009ugy8vrYg2YR
K9uaRxP3laz9b6xdUM648ycUQLoI4fLhyKAHwPU9/Q+4rOFdrL72ZGVKzv1XOB0H
VXf0/E4JmJBydM7AyXHNxIPDtNFydosGn6VZsEvSPZdQSCsCeBs9UuBWgwFb1XBB
61XiHGnheb3U3ZRkajS1ZNdxfohHrBzHnd8tbDkv5Rq+XoUmDauoeM0VcN15hl4a
M/JzkeOrHuJicn3mg+HRHxQSCl3D37bVQT7O36n7cff22GykT7XQUBBxMlhKzygD
SgdQUtSEt0eu7AXIvr6yl0kobgZQS3wzUIaY0JEuv2ahtEXXjoPzCVWB2OHIpPbu
D58cpyyEVqr+ZecaI4HlaO9lVShf+K0rf/6DC12rC2gNzzv/fCIinDiqiMsPTfEM
fduRSYkBswQQAQgAHRYhBBPIKmO2A1dhVuMKTqDqmBtmsNlnBQJmV1HlAAoJEKDq
mBtmsNlnhI4L/0MHtfCZ2nuKTF/BkxJ7oB3Uule0tWiFj5SU97GjcVj1LgawGY7Y
+zoyEd6Twpl6H/+QkZBB55Bf8+cTzRbDzH1Og0fSORu0pGC0uxWdYu1sTLeTnn93
mesXAvevHFNbsPchIWwsVJopTdzMWuAQS5hMMMtNb/14ZfnBadzhjvaJeH3DlZVK
0cGFp0qfbMfjr9yRJzQ1IkiXsS4G4uKg9T+KRsPr4+JalurWJgLnBXZGetNNjjUa
UCV1KZY/iWCAlZjkZ5z7yBRj5nUWLb5AVouEQPEDbn+i/0uEjukC+G6EMq2mgbrh
m0bFHbHAYBaf9EH0eP799HpoAx2aziDB5igAC516i3BnqxINI9mXHh92tU/H797I
oYZvpBsAHDWDHj6O74jwk5lXF5Qwri8gjA8aTudmuQX3uX4h0/FyGGQJW4/wWecH
/1fMuvHHyRtOSsJsheDwcSjrw5WlsyNjvSIbBPV2fIx60W2haVMUVX6CrxAeq44F
UYda9m8fOnaIew==
=TEOn
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGKE4psBEADpHSM/IxFD1nXBmnODYXzcl2A+6b6m9m1m2Y4Dlr0ed+y5Lxne
QidE9I74A2KSm6+eHW2yh4i1ZwZbmwpmQqM+j5BMt7axoXOdKSyN+fYtUakzNbBN
EDRKT79q/zIzkgTJradHkCQkwF1W3go+qPXjR2ZEnLma9dZED9VNI6PmOpeYaASo
IkEfbKbwa/vPrvnDSSYY6Y02RXSRk5U1NvQgVUTJP9WGK7NlPUcTBDELLQv6fFPU
kjBOel6MecsQ+v8iq4RJF2cbVF0hNjbAiNldjLV74Xd7yWVRlCbdb2agyvQjMNrD
jHSvbEMiNB3R8yBHVW2Zldv8q0XjcwoDfdiZYFJe3lRUYmv6I2p+/DptD4r/3ILI
peGZtSeOdQEw+vvODL/Ehq03anTrzcpZ6sDLfLrYJhYcrltj0/LMUnLDAjciwRUq
XI46EfxwqsdLeqoZFQeO3LOFsh0kJKR2xOrUHIVy84NJ4Gmro6WmUkb1NfdjyHzF
z8Lfbo46NKoTcwFsFF0q74jVVIVNUyIS91DusiMqLCsP8jqDOz/kyP4bOJQ+aUXf
BANn4Ll1TFWsJ417moxz+Pi5sTaI0na8z2XB1N9WPsSml3FS75hJPJshN2T3VIea
zB7GFWqk33ynSDt+cAisG5nsK9fFdcH+t5wm59oobyFbFhKxwX6ROuxlZwARAQAB
tCRTZXJnZXkgS2FuZGF1cm92IDxwbHVrbmV0QG5naW54LmNvbT6JAk4EEwEKADgW
IQTWeGzjA9mpAimY3GzIRk1UmvdcCgUCYoTimwIbAwULCQgHAwUVCgkICwUWAwIB
AAIeAQIXgAAKCRDIRk1UmvdcCqbOD/9Htgk3mWvUFmrApkWQTIDNmLACZ1Sw1PXj
Uqte8StYB0bYY+nmAXs7O5eC2h1ViParl7En1joEEMQQmH0qSnw4X1CM/hA8TAYW
mBPITTNWo/R52WoyWeWGFnFNIperQmuIZc+pXm0VEFVPiX/2DXbCIu+jaXySvlCN
LekmOD4VC7dJS8/ohoaXOR2T8ufS+1CsyPXomEb+COhqRZ3EVBa+k7pnElkFft3Y
a1fR0AgatZFQpy+ukePhK7s/M5RGhDJWHgSAZFkf+X2jVV4NRJ+XsY80gU5DD2ZX
QT6Je6Knxqk7FnWNSxkhReH6Ss5flZSoGDCmJ2AsPtGeUhus2fGqeN+waGKTZC35
die2V4/cro1SWswSI6Y5GFDZT1olIUztPmSXU/A3oyizJI7XZybwUbpk5kK83VXm
el3U/7Qr/VErlDWFefZWeUvT1RILZ8IRoNj4dv158RnKHt9G508A5qz4hUPKoSeq
SiXhYwfkc31WPzIJ4ev+X5Ka2sG/CKbEMJ7qwc0Kadiu+ePPfqqbXjpTWRyrbcRM
hRNcLNUi1SLWMBClOQG+5GNG1dPPHkbj4dO1OZuaUMwQdu8R8NlsGoVWS40bmVv5
pXstzYCl7k/UnC/Ytlq61GeAoq8ILa6jGj0EWqlhvi0ZNMN+fROhzrRlTzIr/+WE
Xf8EiVNFSbQlU2VyZ2V5IEthbmRhdXJvdiA8cy5rYW5kYXVyb3ZAZjUuY29tPokC
TgQTAQoAOBYhBNZ4bOMD2akCKZjcbMhGTVSa91wKBQJihO2zAhsDBQsJCAcDBRUK
CQgLBRYDAgEAAh4BAheAAAoJEMhGTVSa91wKgLQQANaf4UMndkWoefDQPkJ5qR4K
fuV0WRz59riZEApTkVpPXzl8Y1i8Rgt9pa1v1i12vPyIXKav1rJXQcuDEzqrhQ2G
yvuAE2U/t2mYaMUmwxWO2d8JA3slvBSgOkiYpbLooDizAdKMT5UQWGyw31Wm51iz
HjoztebsyXeXgq9VDjv3D8LUBr/OY3Hguj6HV+zRtC95qgXYadW2FiCtvBK6RTDb
iShTuseLSheGh9dZIUSnzaOiJpDA61ZDYtFZxSpe67vEzhSfHVsF+ZdCjoWhhVv+
+2wR4E0VQQtOM9uX1PMlZ5Ymr02/gidsXCM0ZjYXx4cDDhnq+nKomN64VloXWY9t
PIi86XmzcSWlGUd+Ac6LyW7/f64bUWs4Ih0Idl0PF0sAr/6axKUsIs1nbn5MEtXk
ZPAjcDLqLb9IIQaXRurm/il8v+bLXVBOJq33YUuGRuz8pu4vPA5Q97zglqhlIgbu
prHMJ9hl5q39JwS3As2rK0o6Q9VVKr29rqSEfk4wEttvk0QMMU5zEvVl8MtqPj42
qURqpHOadFbYMTwhUmRBUszRZPa5/pWqq0gWOtpyCWFVAsHFWQGJM1Eo6gGEyHZM
YgBp+d29p2p409r1+06U67GBnXvUy0RyIpkLQtU+lyOJ6vvrBmmsDs/gc69GnlSC
tZmCt0pLesJ7ZJzGdDkduQINBGKE4psBEADQr/enuDeVT11v6ejuYrg7aaZaGFUe
3i28bQ4pRUKNfxs7zVYDDHi2i2bhS5j2yQnbsQtGcgoenw6lapmdQRzr4vjQAz9o
kT6l4qpqvFFQM0wZTnigVDmmO9vTHR8Uk3iCKTd2ax3oko/xPWWYJautJ6ex8cOA
coHSDeOjuIWSxCKq0BDFp6LoxkM8nuyLAX2cbhI3LncaZhVveMeN+Fmcsv+WpkKs
yhX92umZuGwlraSyFy23FiRWSZPu9qVIxMMHvVrQJIgfhyWaHFzoF4M4qDoSKx92
uWfUWgFwPOxOJ6/YcPsX4T8qTl9htmwPN0BibPTlcWaIFXtiU5bE1MivUPeACrI/
gwUfCR3Mg+GYc13C6jzepREUhI7PLi3+A203PlMZd/aaSZkP6j+h4cwdapH5P4uF
7T1EQ0MSdx3neAvu5p0IM6JpriwxfT3HsG+Y952T6MIeXcjNRebsBrygJhJ0/vyr
wV5t8jL0yQty4CiE/QFnBs42l+rngi7K7Y1AZRBGK7JA09XaoLrfLmS+PrbYPsaJ
flkM8GzUB7BBCLozxDHPzmPkf/A1w3XHZnYuZmS+pvjWCIoKpLQHI99oSUGho/TR
gMRO4v7EAzluqCiepMl0xwFfHB115ND/mATazc4Pt6FxUsqffzfZrN01e1UVPrp5
4x6YLO80JnOY6QARAQABiQI2BBgBCgAgFiEE1nhs4wPZqQIpmNxsyEZNVJr3XAoF
AmKE4psCGwwACgkQyEZNVJr3XAp9ghAAgCgErxQYn/Lh/mzsxYXPnisggcBpceks
mGw7knj1EGkXqq9CHn3EjCw8dB5N857UFlUr++DHwpFL5O36PRQo33RIUFbmBypG
8C/xX1jWGu3xcaqS3P1ncsSSl6ckdvy9pjMxThm/RkXO0eJCn7FcanwPJXEB3Pbb
mm0wLI2OXl/m7l5QAr7kErnPvGNzcbX6G35Q/MY8mumBWQ9H53R5ZPpi+OS40Wfn
pZNKdh/Acwa7+2RokPqoOcJfxVdBOUigXTzb45qZgqEsSR7bkZAy2E80A/sJKPqs
OGjp9cog3rBYyNBn5dasfR9KeBtluKnjUbzutXsQoKUSECY00YGrtneSXMku5hoE
Dguk68w/L63ZApYHO/JTgJAYvqPOErAVUegPIw2CT1/2qi5vpClBcKkNS7RXrssA
X+lElE0zbzX3bNG+lQuXby7jNUFYltkEiz6vTtc4HuHy8u40DHMswzkoDr0T8IE0
7ZRAWXwV1nlA/dI337cHCsWMJyqem5wZZO13iqe07qaCg1uvBPeqDo81hOCn1us7
l5SYRUTlt7KSFEHZ+Sx4bmVneAuRi5okaQdmrepy/ss/vVpRwWuQxsPkvT8boS7s
mqOVsZFcNOuUJPUyOz1dHUL6FMYpk1dw+9n41gO4fLBzJekFTB/fxL6SRbYFWWn7
x0VGHDmuaYQ=
=HmVo
mQGNBFrwMiUBDADo56OlDknN+ReCMP+8CN1biK5izmGd755TxktHLI9nAP8ociIq
Hjrps22pBtAIQ6eZpwCFBys2mR/441rOgZW+O6uqBYrttbxTMvE43EmKYGuFCmuR
u0JGMPuqnzF3Y+6uoKzqMzazSrZIBWsBKAkNYTw8+yPlxGgffhBp1ueME7Lskglh
EV9gmrEM0QlWod7wSQvyruExPm5INx3MG63Xfvc0bPiWUOGKyMb7kXA5VgnWuzmS
BCMm17+A32vMyxhYcvSEgUayQjGghI1uPDSqBQBMEFTgSK2wWzvAXf/M45nxKBgQ
IEDmvoC8RM9JTtUr7RE/E1mjsuefF2vYYYsWBstRFGAlUV1/lPNNibu3NqbCug6b
1IWJuV1DX9T9/f81GZJrsPgYYKC6Ai8C1B0NGWjos7/GzgEFENQgf5duOhFPadQz
QbRxBoId4Fe/Uwe2HxI8ESCQMwsq8bowcCn6XRA2EYkAt17Kab6LH6tTP54XG9TL
bV7bAhyrvZAk1lUAEQEAAbQjS29uc3RhbnRpbiBQYXZsb3YgPGsucGF2bG92QGY1
LmNvbT6JAdcEEwEIAEECGwMFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AWIQQT
yCpjtgNXYVbjCk6g6pgbZrDZZwUCYoTfvAUJEPqvFwAKCRCg6pgbZrDZZxFYDADK
R02XgC+AoyrqMwBNXC8Y6aiilEsyppsgj+KwZcGKDYN488gEmff+/KIEdtglw3I3
tCMbo+FzFjHveeVCb0qrIMerWJg+o4YrxxqlQ9Q1InpduKLrIuGae0J1ybITS8+v
iYAmwzy1Wb2CDDuCnhCR/QDfOE1CvRILVqIKezC0tRrBTEvRO84m6YMBtJ1DP75Z
2cTNyjPos9+uxi4JcMKrMUBwZKya+z5i+Uxd66wuPj9KmggNG1x+bqMWmpTrSKUn
gbLabFUth+uWumpj3/7HBT8Ov7rPgzY/vn3Fn5mKdLQm+kRwSX9/FbtHAE3Qsm+f
6WW8CZ4XzL9ONfhQYwO2Jrq4HzgYloZkL+1Zs61X+zeEyr4o/mzt5DHbQRsD1UzQ
gnh7t3YdSAy6gBqevjPWkQlq9e8eoFRydN/htwjS7dleikOsYktSnTIKlRXAWGCm
jkRpQyZYuuPcWcGRt/0MVewRJmLemH6O+NviqhgGRePO9QR0R+yfdCwewPJEDk60
JEtvbnN0YW50aW4gUGF2bG92IDx0aHJlc2hAbmdpbnguY29tPokB1AQTAQgAPgIb
AwULCQgHAwUVCgkICwUWAwIBAAIeAQIXgBYhBBPIKmO2A1dhVuMKTqDqmBtmsNln
BQJihN+8BQkQ+q8XAAoJEKDqmBtmsNlncQ0L/0Yk1QejO06gWwV1J2eK9LmjbMof
y2ujZBgW1IGt/goo5R4PzC8lBBcsBtsKyN0Rsh7QdLrtKKLQrE/gpwMTMdKhJTdP
/c5tUY3EwgIdBMYVaxArZQiWlPgSnoKuKydnn6Rb+Qtrhvb9pjn5XlGd/VSbAXZe
8YTj6B8qjUa2YY+IreyB6wkPN/ytV5vcocbS7mzXaibGPVT35e0Pl1Be+xbJkbTm
JTSJCSPwyHm9t2Vuq4e/c3fMwhOUbBjfssspR103vo91XO5sY+v2aQJOctNrv4Zp
HMrwBH7MeqDISCWg9PICUv0ewHzAEGB+K0v342rVAzVNEctwM3Jic7fEJYsItdw+
Zk4r8NYqACoRCdSUEHqhP0DbYoWdthpUwD1J5ryWyKTCpTL4wNhKEMcNaiHH3qor
SssyMHMFRPoXKw9Pcay+Uo8NXc2KKxhEHTbQts0jYUNcq0yuWHoNQ4vhKkf9CHBr
b/vS22vfEJyd6FX6ZRYK56A3EFAV8hK0BvZAw7kBjQRa8DInAQwA2Rk7UdUgpCWl
+BMz9B9eKj0XtsNEciXHHKnSFYaSNCWNwib/FsiMfcPFh7xwUTof7e7HBFkvv0QE
MCEp7R1MVNBfMiGtG1ICFIt9nByznPsRk4VvbY/prK4DZy2AmlwhNcT2pQO3Aasc
gsCWdf6G+wcwnHg9tWCp0Xs9BNXuppmcRrpP4M1PPRIVeG1jeVXvuSHO2HjqPSXP
5DhGgSGN7uLOhiLTnPINd186vf6tqRdqYw3g0W1ImEjGXHeNQfnieIWdU3X4C8KT
EPsV3lvtmSAQCoge0CyKfz4cORi4j8Edp8JpDQlbAThe529+R3eKUw7I/3ESxJBd
qzLE/ItWvAcbGEserLDFrg9J1ojiKhsw3TVcDk+HIDzVakMz6HTd4ExSijMqTehz
gKSVHDL+l2jc0f4VSecI+xwC3/kNsNTBpiPoUYtXBbJllHgQAakREkSKQBas02eq
Ru8SlQ3yEn87zTtNW8L7xpe7ZVtxwUgp40PUrsb8uMDJG7ZP5rhLABEBAAGJAbwE
GAEIACYCGwwWIQQTyCpjtgNXYVbjCk6g6pgbZrDZZwUCYoTfwQUJEPqvGgAKCRCg
6pgbZrDZZ3oEDAC1J3BVwlkX+eoo8VsXAYxMXm8kIaTqOn/tHMOYepK+cWUdHaeC
H3N8LigwN4Ve2LtzLBqN3WRAxFNy0DIzdBfA7QdcAoDLnB2FNrWTmwvC9nXkCogF
fSCq7c+1oFHdn7M/VZNU4o0nhVOnqM8NLGcgzX3K3hr+WLYUgNQ9G6x0N9VU43tq
VwJhvNv4pyiRpRdLlmhOEf35a/sWE1dttSKdrBhyzTbptw4dXr4lUpvlswWs+dLp
SPPhWAuifORv/amWh3bxIxYEqE4o5NI/PQLJvJJLsJvMIIjpKlAGBJg5h3WCiIAk
l7H+BesOUIIg8ava5ZUyjlFdszBMaBosZvRgFAlfnYhSGqzhip6PvXfK1YokNv7k
qw43c0f1SmtSXZR43SRv/4vpXG7IqtTuqgSwn1qDJgr4yfs8QQykO/jG+cz7X+5O
KSAulWi9OoqLyDWlsm3WccPIcJfbm71P+I/ha7ESVQfOxC92fQ7HQAboj7NhecJ4
RLqjzrWSHmPGClI=
=J2qy
-----END PGP PUBLIC KEY BLOCK-----

0
modules/PLACEHOLDER
View file

1
modules/nginx-secure-token-module

@ -1 +0,0 @@
Subproject commit 24f7b99d9b665e11c92e585d6645ed6f45f7d310

1
modules/nginx-stream-preread-str-module

@ -1 +0,0 @@
Subproject commit 7326626fce5d6ec31ac892377e0a734e503d40e6

1
modules/njs

@ -1 +0,0 @@
Subproject commit 4fd3ff98e413ede57c88456cf84b116a8382061a

1
modules/quickjs

@ -1 +0,0 @@
Subproject commit 1fdc768fdc8571300755cdd3e4654ce99c0255ce

46
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/.travis.yml
View file

@ -1,46 +0,0 @@
# required for http2 support in curl.
dist: bionic
language: c
sudo: false
matrix:
include:
# unfortunately, gcc-4.9 is dropped in bionic
- os: linux
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- g++-5
env:
- MATRIX_EVAL="CC=gcc-5 && CXX=g++-5"
- os: linux
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- g++-6
env:
- MATRIX_EVAL="CC=gcc-6 && CXX=g++-6"
- os: linux
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- g++-7
env:
- MATRIX_EVAL="CC=gcc-7 && CXX=g++-7"
script:
- script/.travis-compile.sh
- script/.travis-before-test.sh
- script/.travis-test.sh
after_success:
- killall nginx
after_failure:
- killall nginx

27
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/CONTRIBUTING.md
View file

@ -1,27 +0,0 @@
# Contributing
Want to contribute? Great! First, read this page (including the small print at the end).
### Before you contribute
Before we can use your code, you must sign the
[Google Individual Contributor License Agreement](https://cla.developers.google.com/about/google-individual)
(CLA), which you can do online. The CLA is necessary mainly because you own the
copyright to your changes, even after your contribution becomes part of our
codebase, so we need your permission to use and distribute your code. We also
need to be sure of various other things—for instance that you'll tell us if you
know that your code infringes on other people's patents. You don't have to sign
the CLA until after you've submitted your code for review and a member has
approved it, but you must do it before we can put your code into our codebase.
Before you start working on a larger contribution, you should get in touch with
us first through the issue tracker with your idea so that we can help out and
possibly guide you. Coordinating up front makes it much easier to avoid
frustration later on.
### Code reviews
All submissions, including submissions by project members, require review. We
use Github pull requests for this purpose.
### The small print
Contributions made by corporations are covered by a different agreement than
the one above, the
[Software Grant and Corporate Contributor License Agreement](https://cla.developers.google.com/about/google-corporate).

27
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/LICENSE
View file

@ -1,27 +0,0 @@
/*
* Copyright (C) 2002-2015 Igor Sysoev
* Copyright (C) 2011-2015 Nginx, Inc.
* Copyright (C) 2015-2019 Google Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/

177
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/README.md
View file

@ -1,177 +0,0 @@
# ngx_brotli
Brotli is a generic-purpose lossless compression algorithm that compresses data
using a combination of a modern variant of the LZ77 algorithm, Huffman coding
and 2nd order context modeling, with a compression ratio comparable to the best
currently available general-purpose compression methods. It is similar in speed
with deflate but offers more dense compression.
ngx_brotli is a set of two nginx modules:
- ngx_brotli filter module - used to compress responses on-the-fly,
- ngx_brotli static module - used to serve pre-compressed files.
[![TravisCI Build Status](https://travis-ci.org/google/ngx_brotli.svg?branch=master)](https://travis-ci.org/google/ngx_brotli)
## Table of Contents
- [Status](#status)
- [Installation](#installation)
- [Configuration directives](#configuration-directives)
- [`brotli_static`](#brotli_static)
- [`brotli`](#brotli)
- [`brotli_types`](#brotli_types)
- [`brotli_buffers`](#brotli_buffers)
- [`brotli_comp_level`](#brotli_comp_level)
- [`brotli_window`](#brotli_window)
- [`brotli_min_length`](#brotli_min_length)
- [Variables](#variables)
- [`$brotli_ratio`](#brotli_ratio)
- [Sample configuration](#sample-configuration)
- [Contributing](#contributing)
- [License](#license)
## Status
Both Brotli library and nginx module are under active development.
## Installation
### Dynamically loaded
$ cd nginx-1.x.x
$ ./configure --with-compat --add-dynamic-module=/path/to/ngx_brotli
$ make modules
You will need to use **exactly** the same `./configure` arguments as your Nginx configuration and append `--with-compat --add-dynamic-module=/path/to/ngx_brotli` to the end, otherwise you will get a "module is not binary compatible" error on startup. You can run `nginx -V` to get the configuration arguments for your Nginx installation.
`make modules` will result in `ngx_http_brotli_filter_module.so` and `ngx_http_brotli_static_module.so` in the `objs` directory. Copy these to `/usr/lib/nginx/modules/` then add the `load_module` directives to `nginx.conf` (above the http block):
```nginx
load_module modules/ngx_http_brotli_filter_module.so;
load_module modules/ngx_http_brotli_static_module.so;
```
### Statically compiled
$ cd nginx-1.x.x
$ ./configure --add-module=/path/to/ngx_brotli
$ make && make install
This will compile the module directly into Nginx.
## Configuration directives
### `brotli_static`
- **syntax**: `brotli_static on|off|always`
- **default**: `off`
- **context**: `http`, `server`, `location`
Enables or disables checking of the existence of pre-compressed files with`.br`
extension. With the `always` value, pre-compressed file is used in all cases,
without checking if the client supports it.
### `brotli`
- **syntax**: `brotli on|off`
- **default**: `off`
- **context**: `http`, `server`, `location`, `if`
Enables or disables on-the-fly compression of responses.
### `brotli_types`
- **syntax**: `brotli_types <mime_type> [..]`
- **default**: `text/html`
- **context**: `http`, `server`, `location`
Enables on-the-fly compression of responses for the specified MIME types
in addition to `text/html`. The special value `*` matches any MIME type.
Responses with the `text/html` MIME type are always compressed.
### `brotli_buffers`
- **syntax**: `brotli_buffers <number> <size>`
- **default**: `32 4k|16 8k`
- **context**: `http`, `server`, `location`
**Deprecated**, ignored.
### `brotli_comp_level`
- **syntax**: `brotli_comp_level <level>`
- **default**: `6`
- **context**: `http`, `server`, `location`
Sets on-the-fly compression Brotli quality (compression) `level`.
Acceptable values are in the range from `0` to `11`.
### `brotli_window`
- **syntax**: `brotli_window <size>`
- **default**: `512k`
- **context**: `http`, `server`, `location`
Sets Brotli window `size`. Acceptable values are `1k`, `2k`, `4k`, `8k`, `16k`,
`32k`, `64k`, `128k`, `256k`, `512k`, `1m`, `2m`, `4m`, `8m` and `16m`.
### `brotli_min_length`
- **syntax**: `brotli_min_length <length>`
- **default**: `20`
- **context**: `http`, `server`, `location`
Sets the minimum `length` of a response that will be compressed.
The length is determined only from the `Content-Length` response header field.
## Variables
### `$brotli_ratio`
Achieved compression ratio, computed as the ratio between the original
and compressed response sizes.
## Sample configuration
```
brotli on;
brotli_comp_level 6;
brotli_static on;
brotli_types application/atom+xml application/javascript application/json application/rss+xml
application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype
application/x-font-ttf application/x-javascript application/xhtml+xml application/xml
font/eot font/opentype font/otf font/truetype image/svg+xml image/vnd.microsoft.icon
image/x-icon image/x-win-bitmap text/css text/javascript text/plain text/xml;
```
## Contributing
See [Contributing](CONTRIBUTING.md).
## License
Copyright (C) 2002-2015 Igor Sysoev
Copyright (C) 2011-2015 Nginx, Inc.
Copyright (C) 2015 Google Inc.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.

34
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/config
View file

@ -1,34 +0,0 @@
# Copyright (C) 2019 Google Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
# Make sure the module knows it is a submodule.
ngx_addon_name=ngx_brotli
. $ngx_addon_dir/filter/config
# Make sure the module knows it is a submodule.
ngx_addon_name=ngx_brotli
. $ngx_addon_dir/static/config
# The final name for reporting.
ngx_addon_name=ngx_brotli

49
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/changelog
View file

@ -1,49 +0,0 @@
libnginx-mod-http-brotli (1.0.0~rc-6) unstable; urgency=medium
* d/control: update my email to janmojzis@debian.org
* d/copyright: update my email to janmojzis@debian.org
* d/control: bump Standards-Version: 4.7.2, no changes
* d/copyright: bump debian/* copyright year
* d/watch: use more generic template
-- Jan Mojžíš <janmojzis@debian.org> Fri, 11 Apr 2025 14:26:55 +0200
libnginx-mod-http-brotli (1.0.0~rc-5) unstable; urgency=medium
* d/control: remove Build-Depends nginx-abi-1.24.0-1
-- Jan Mojžíš <jan.mojzis@gmail.com> Sat, 07 Oct 2023 15:31:24 +0200
libnginx-mod-http-brotli (1.0.0~rc-4) unstable; urgency=medium
* NEW ABI: rebuild with nginx-abi-1.24.0-1
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 27 Jun 2023 23:16:35 +0200
libnginx-mod-http-brotli (1.0.0~rc-3) unstable; urgency=medium
* d/watch: updated uversionmangle to be more generic
* d/copyright: reformat text to be compatible with 'cme update dpkg-copyright'
* NEW ABI: rebuild with nginx-abi-1.22.1-7
-- Jan Mojžíš <jan.mojzis@gmail.com> Mon, 13 Feb 2023 12:56:11 +0100
libnginx-mod-http-brotli (1.0.0~rc-2) unstable; urgency=medium
* d/t/generic rework. The test now checks module after
installation/reload/restart.
* d/control: bump Standards-Version: 4.6.2, no changes
* d/p/0001-Fix-Vary-header.patch added (Closes: 1028153)
"brotli_static on;" causes "Vary: Accept-Encoding" to be added to every
file (including images, ...)
The patch fixes the problem and adds "Vary: Accept-Encoding" only to
responses when brotli static compression is used.
* d/changelog: bump my copyright year
-- Jan Mojžíš <jan.mojzis@gmail.com> Fri, 13 Jan 2023 17:45:13 +0100
libnginx-mod-http-brotli (1.0.0~rc-1) unstable; urgency=medium
* Initial release. (Closes: 1025515)
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 06 Dec 2022 10:25:40 +0100

41
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/control
View file

@ -1,41 +0,0 @@
Source: libnginx-mod-http-brotli
Section: httpd
Priority: optional
Maintainer: Debian Nginx Maintainers <pkg-nginx-maintainers@alioth-lists.debian.net>
Uploaders: Jan Mojžíš <janmojzis@debian.org>,
Build-Depends: debhelper-compat (= 13),
dh-sequence-nginx,
libbrotli-dev,
Standards-Version: 4.7.2
Homepage: https://github.com/google/ngx_brotli
Vcs-Git: https://salsa.debian.org/nginx-team/libnginx-mod-http-brotli.git
Vcs-Browser: https://salsa.debian.org/nginx-team/libnginx-mod-http-brotli
Rules-Requires-Root: no
Package: libnginx-mod-http-brotli-filter
Architecture: any
Multi-Arch: foreign
Depends: ${misc:Depends},
${shlibs:Depends},
Description: Brotli lossless compression support for Nginx - filter
Brotli is a generic-purpose lossless compression algorithm that compresses
data using a combination of a modern variant of the LZ77 algorithm, Huffman
coding and 2nd order context modeling, with a compression ratio comparable
to the best currently available general-purpose compression methods. It is
similar in speed with deflate but offers more dense compression.
.
ngx_brotli filter module - used to compress responses on-the-fly
Package: libnginx-mod-http-brotli-static
Architecture: any
Multi-Arch: foreign
Depends: ${misc:Depends},
${shlibs:Depends},
Description: Brotli lossless compression support for Nginx - static
Brotli is a generic-purpose lossless compression algorithm that compresses
data using a combination of a modern variant of the LZ77 algorithm, Huffman
coding and 2nd order context modeling, with a compression ratio comparable
to the best currently available general-purpose compression methods. It is
similar in speed with deflate but offers more dense compression.
.
ngx_brotli static module - used to serve pre-compressed files

72
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/copyright
View file

@ -1,72 +0,0 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: ngx-brotli
Source: https://github.com/google/ngx_brotli
Files: *
Copyright: 2015-2019, Google Inc.
2011-2015, Nginx, Inc.
2002-2015, Igor Sysoev
License: BSD-2-clause
Files: CONTRIBUTING.md
Copyright: Copyright (C) 2015 Google Inc.
Copyright (C) 2011-2015 Nginx, Inc.
Copyright (C) 2002-2015 Igor Sysoev
License: BSD-2-clause
Files: config
Copyright: 2015-2019, Google Inc.
License: BSD-2-clause
Files: debian/*
Copyright: 2022, Miao Wang <shankerwangmiao@gmail.com>
2022-2025, Jan Mojzis <janmojzis@debian.org>
License: BSD-2-clause
Files: filter/*
Copyright: 2015-2019, Google Inc.
License: BSD-2-clause
Files: filter/ngx_http_brotli_filter_module.c
Copyright: Nginx, Inc.
Igor Sysoev
Google Inc.
License: BSD-2-clause
Files: script/*
Copyright: Copyright (C) 2015 Google Inc.
Copyright (C) 2011-2015 Nginx, Inc.
Copyright (C) 2002-2015 Igor Sysoev
License: BSD-2-clause
Files: static/*
Copyright: 2015-2019, Google Inc.
License: BSD-2-clause
Files: static/ngx_http_brotli_static_module.c
Copyright: Nginx, Inc.
Igor Sysoev
Google Inc.
License: BSD-2-clause
License: BSD-2-clause
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.

9
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/gbp.conf
View file

@ -1,9 +0,0 @@
[DEFAULT]
debian-branch = main
upstream-branch = upstream
upstream-tag = upstream/%(version)s
pristine-tar = True
sign-tags = True
[import-orig]
merge-mode = replace

1
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/libnginx-mod-http-brotli-filter.install
View file

@ -1 +0,0 @@
/usr/lib/nginx/modules/ngx_http_brotli_filter_module.so

1
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/libnginx-mod-http-brotli-static.install
View file

@ -1 +0,0 @@
/usr/lib/nginx/modules/ngx_http_brotli_static_module.so

38
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/patches/0001-Fix-Vary-header.patch
View file

@ -1,38 +0,0 @@
From: Jan Mojzis <jan.mojzis@gmail.com>
Date: Fri, 13 Jan 2023 12:59:07 +0100
Subject: Fix 'Vary' header
The patch fixes problem described here:
https://github.com/google/ngx_brotli/issues/97
"brotli_static on;" causes "Vary: Accept-Encoding" to be added to every
file (including images, ...)
The patch fixes the problem and adds "Vary: Accept-Encoding" only to
responses when brotli static compression is used.
---
static/ngx_http_brotli_static_module.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/static/ngx_http_brotli_static_module.c b/static/ngx_http_brotli_static_module.c
index 8f96177..44f0cb0 100644
--- a/static/ngx_http_brotli_static_module.c
+++ b/static/ngx_http_brotli_static_module.c
@@ -168,7 +168,6 @@ static ngx_int_t handler(ngx_http_request_t* req) {
/* Ignore request properties (e.g. Accept-Encoding). */
} else {
/* NGX_HTTP_BROTLI_STATIC_ON */
- req->gzip_vary = 1;
rc = check_eligility(req);
if (rc != NGX_OK) return NGX_DECLINED;
}
@@ -227,6 +226,10 @@ static ngx_int_t handler(ngx_http_request_t* req) {
return NGX_DECLINED;
}
+ if (cfg->enable == NGX_HTTP_BROTLI_STATIC_ON) {
+ req->gzip_vary = 1;
+ }
+
/* So far so good. */
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, log, 0, "http static fd: %d",
file_info.fd);

1
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/patches/series
View file

@ -1 +0,0 @@
0001-Fix-Vary-header.patch

6
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/rules
View file

@ -1,6 +0,0 @@
#!/usr/bin/make -f
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
%:
dh $@

1
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/source/format
View file

@ -1 +0,0 @@
3.0 (quilt)

22
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/tests/control
View file

@ -1,22 +0,0 @@
Tests: generic
Restrictions: allow-stderr isolation-container needs-root
Depends: curl,
nginx,
nginx-core,
@,
Tests: static
Restrictions: allow-stderr isolation-container needs-root
Depends: brotli,
curl,
libnginx-mod-http-brotli-static,
nginx,
nginx-core,
Tests: filter
Restrictions: allow-stderr isolation-container needs-root
Depends: brotli,
curl,
libnginx-mod-http-brotli-filter,
nginx,
nginx-core,

44
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/tests/filter
View file

@ -1,44 +0,0 @@
#!/bin/sh
set -e
cat <<EOF > "/etc/nginx/sites-enabled/default"
server {
listen 80 default_server;
root /var/www/html;
location /helloworld {
default_type text/plain;
brotli on;
brotli_types text/plain;
brotli_min_length 10;
brotli_comp_level 11;
}
}
EOF
mkdir -p /var/www/html
echo 'hello world' > /var/www/html/helloworld
exp="content-encoding: br
hello world
response_code: 200"
nginx -t
invoke-rc.d nginx restart || { journalctl -n all -xu nginx.service; exit 1; }
out=`curl --compressed --fail -D- -w "response_code: %{http_code}\n" http://127.0.0.1/helloworld`
out=`echo "${out}" | sed 's/\r//'`
out=`echo "${out}" | awk '{print tolower($0)}'`
out=`echo "${out}" | grep '^content-encoding: \|^hello world$\|response_code: '`
if [ x"${out}" != x"${exp}" ]; then
echo "output:"
echo "====================="
echo "${out}"
echo "====================="
echo "expected output:"
echo "====================="
echo "${exp}"
echo "====================="
exit 1
fi

73
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/tests/generic
View file

@ -1,73 +0,0 @@
#!/bin/sh
# version 20221215
# generic test that only verifies that nginx is running with the given
# libnginx-... module
# - after installation
# - after nginx reload
# - after nginx restart
EX=0
CURL_CMD="curl --max-time 60 --silent --fail -o /dev/null"
#change directory to $AUTOPKGTEST_TMP
cd "${AUTOPKGTEST_TMP}"
echo -n "curl after installation: http status="
if $CURL_CMD -w "response_code: %{http_code}, ... " http://127.0.0.1/; then
echo "OK"
else
EX=1
echo "FAILED"
fi
echo -n "nginx reload ... "
if invoke-rc.d nginx reload; then
echo "OK"
else
EX=1
echo "FAILED"
fi
sleep 5
echo -n "curl after reload: http status="
if $CURL_CMD -w "response_code: %{http_code}, ... " http://127.0.0.1/; then
echo "OK"
else
EX=1
echo "FAILED"
fi
echo -n "nginx restart ... "
if invoke-rc.d nginx restart; then
echo "OK"
else
EX=1
echo "FAILED"
fi
sleep 5
echo -n "curl after restart: http status="
if $CURL_CMD -w "response_code: %{http_code}, ... " http://127.0.0.1/; then
echo "OK"
else
EX=1
echo "FAILED"
fi
if [ ${EX} -ne 0 ]; then
echo "=== journalctl ==="
journalctl -n all -xu nginx.service || :
echo "=== error.log ==="
if [ `wc -l /var/log/nginx/error.log | cut -d ' ' -f1` -gt 100 ]; then
head -n 50 /var/log/nginx/error.log
echo '...'
tail -n 50 /var/log/nginx/error.log
else
cat /var/log/nginx/error.log
fi
fi
exit ${EX}

36
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/tests/static
View file

@ -1,36 +0,0 @@
#!/bin/sh
set -e
cat <<EOF > "/etc/nginx/sites-enabled/default"
server {
listen 80 default_server;
root /var/www/html;
location /helloworld {
brotli_static on;
}
}
EOF
mkdir -p /var/www/html
echo 'hello world' | brotli -9 > /var/www/html/helloworld.br
exp="hello world
response_code: 200"
nginx -t
invoke-rc.d nginx restart || { journalctl -n all -xu nginx.service; exit 1; }
out=`curl --compressed --fail -w "response_code: %{http_code}\n" http://127.0.0.1/helloworld`
if [ x"${out}" != x"${exp}" ]; then
echo "output:"
echo "====================="
echo "${out}"
echo "====================="
echo "expected output:"
echo "====================="
echo "${exp}"
echo "====================="
exit 1
fi

4
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/upstream/metadata
View file

@ -1,4 +0,0 @@
---
Bug-Database: https://github.com/google/ngx_brotli/issues
Bug-Submit: https://github.com/google/ngx_brotli/issues/new
Repository-Browse: https://github.com/google/ngx_brotli

6
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/debian/watch
View file

@ -1,6 +0,0 @@
version=4
opts="\
uversionmangle=s/(\d)[_\.\-\+]?((RC|rc|pre|dev|beta|alpha|a|b)\d*)$/$1~$2/,\
" \
https://github.com/google/ngx_brotli/tags \
(?:.*?/)?v?@ANY_VERSION@@ARCHIVE_EXT@

132
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/filter/config
View file

@ -1,132 +0,0 @@
# Copyright (C) 2015-2016 Google Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
if [ "$ngx_addon_name" = "ngx_brotli" ]; then
BROTLI_MODULE_SRC_DIR="$ngx_addon_dir/filter"
else
BROTLI_MODULE_SRC_DIR="$ngx_addon_dir"
fi
ngx_addon_name=ngx_brotli_filter
if [ -z "$ngx_module_link" ]; then
cat << END
$0: error: Brotli module requires recent version of NGINX (1.9.11+).
END
exit 1
fi
ngx_module_type=HTTP_FILTER
ngx_module_name=ngx_http_brotli_filter_module
brotli="$ngx_addon_dir/deps/brotli/c"
if [ ! -f "$brotli/include/brotli/encode.h" ]; then
brotli="/usr/local"
fi
if [ ! -f "$brotli/include/brotli/encode.h" ]; then
brotli="/usr"
fi
if [ ! -f "$brotli/include/brotli/encode.h" ]; then
cat << END
$0: error: \
Brotli library is missing from the $brotli directory.
Please make sure that the git submodule has been checked out:
cd $ngx_addon_dir && git submodule update --init && cd $PWD
END
exit 1
fi
BROTLI_LISTS_FILE="$brotli/../scripts/sources.lst"
if [ -f "$BROTLI_LISTS_FILE" ]; then
BROTLI_LISTS=`cat "$BROTLI_LISTS_FILE" | grep -v "#" | tr '\n' '#' | \
sed 's/\\\\#//g' | tr -s ' ' '+' | tr -s '#' ' ' | \
sed 's/+c/+$brotli/g' | sed 's/+=+/=/g'`
for ITEM in ${BROTLI_LISTS}; do
VAR=`echo $ITEM | sed 's/=.*//'`
VAL=`echo $ITEM | sed 's/.*=//' | tr '+' ' '`
eval ${VAR}=\"$VAL\"
done
else # BROTLI_LISTS_FILE
BROTLI_ENC_H="$brotli/include/brotli/encode.h \
$brotli/include/brotli/port.h \
$brotli/include/brotli/types.h"
BROTLI_ENC_LIB="-lbrotlienc"
fi
ngx_module_incs="$brotli/include"
ngx_module_deps="$BROTLI_COMMON_H $BROTLI_ENC_H"
ngx_module_srcs="$BROTLI_COMMON_C $BROTLI_ENC_C \
$BROTLI_MODULE_SRC_DIR/ngx_http_brotli_filter_module.c"
ngx_module_libs="$BROTLI_ENC_LIB -lm"
ngx_module_order="$ngx_module_name \
ngx_pagespeed \
ngx_http_postpone_filter_module \
ngx_http_ssi_filter_module \
ngx_http_charset_filter_module \
ngx_http_xslt_filter_module \
ngx_http_image_filter_module \
ngx_http_sub_filter_module \
ngx_http_addition_filter_module \
ngx_http_gunzip_filter_module \
ngx_http_userid_filter_module \
ngx_http_headers_filter_module \
ngx_http_copy_filter_module \
ngx_http_range_body_filter_module \
ngx_http_not_modified_filter_module \
ngx_http_slice_filter_module"
. auto/module
if [ "$ngx_module_link" != DYNAMIC ]; then
# ngx_module_order doesn't work with static modules,
# so we must re-order filters here.
if [ "$HTTP_GZIP" = YES ]; then
next=ngx_http_gzip_filter_module
elif echo $HTTP_FILTER_MODULES | grep pagespeed_etag_filter >/dev/null; then
next=ngx_pagespeed_etag_filter
else
next=ngx_http_range_header_filter_module
fi
HTTP_FILTER_MODULES=`echo $HTTP_FILTER_MODULES \
| sed "s/$ngx_module_name//" \
| sed "s/$next/$next $ngx_module_name/"`
fi
CFLAGS="$CFLAGS -Wno-deprecated-declarations"
have=NGX_HTTP_BROTLI_FILTER . auto/have
have=NGX_HTTP_BROTLI_FILTER_MODULE . auto/have # deprecated

770
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/filter/ngx_http_brotli_filter_module.c
View file

@ -1,770 +0,0 @@
/*
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
* Copyright (C) Google Inc.
*/
#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_http.h>
#if (NGX_HAVE_BROTLI_ENC_ENCODE_H)
#include <brotli/enc/encode.h>
#else
#include <brotli/encode.h>
#endif
/* Brotli and GZip modules never stack, i.e. when one of them sets
"Content-Encoding" the other becomes a pass-through filter. Consequently,
it is almost legal to reuse this "buffered" bit.
IIUC, buffered == some data passed to filter has not been pushed further. */
#define NGX_HTTP_BROTLI_BUFFERED NGX_HTTP_GZIP_BUFFERED
/* Module configuration. */
typedef struct {
ngx_flag_t enable;
/* Supported MIME types. */
ngx_hash_t types;
ngx_array_t* types_keys;
/* Minimal required length for compression (if known). */
ssize_t min_length;
ngx_bufs_t deprecated_unused_bufs;
/* Brotli encoder parameter: quality */
ngx_int_t quality;
/* Brotli encoder parameter: (max) lg_win */
size_t lg_win;
} ngx_http_brotli_conf_t;
/* Instance context. */
typedef struct {
/* Brotli encoder instance. */
BrotliEncoderState* encoder;
/* Payload length; -1, if unknown. */
off_t content_length;
/* (uncompressed) bytes pushed to encoder. */
size_t bytes_in;
/* (compressed) bytes pulled from encoder. */
size_t bytes_out;
/* Input buffer chain. */
ngx_chain_t* in;
/* Output chain. */
ngx_chain_t* out_chain;
/* Output buffer. */
ngx_buf_t* out_buf;
/* Various state flags. */
/* 1 if encoder is initialized, output chain and buffer are allocated. */
unsigned initialized : 1;
/* 1 if compression is finished / failed. */
unsigned closed : 1;
/* 1 if compression is finished. */
unsigned success : 1;
/* 1 if out_chain is ready to be committed, 0 otherwise. */
unsigned output_ready : 1;
/* 1 if output buffer is committed to the next filter and not yet fully used.
0 otherwise. */
unsigned output_busy : 1;
unsigned end_of_input : 1;
unsigned end_of_block : 1;
ngx_http_request_t* request;
} ngx_http_brotli_ctx_t;
/* Forward declarations. */
/* Initializes encoder, output chain and buffer, if necessary. Returns NGX_OK
if encoder is successfully initialized (have been already initialized),
and requires objects are allocated. Returns NGX_ERROR otherwise. */
static ngx_int_t ngx_http_brotli_filter_ensure_stream_initialized(
ngx_http_request_t* r, ngx_http_brotli_ctx_t* ctx);
/* Marks instance as closed and performs cleanup. */
static void ngx_http_brotli_filter_close(ngx_http_brotli_ctx_t* ctx);
static void* ngx_http_brotli_filter_alloc(void* opaque, size_t size);
static void ngx_http_brotli_filter_free(void* opaque, void* address);
static ngx_int_t ngx_http_brotli_check_request(ngx_http_request_t* r);
static ngx_int_t ngx_http_brotli_add_variables(ngx_conf_t* cf);
static ngx_int_t ngx_http_brotli_ratio_variable(ngx_http_request_t* r,
ngx_http_variable_value_t* v,
uintptr_t data);
static void* ngx_http_brotli_create_conf(ngx_conf_t* cf);
static char* ngx_http_brotli_merge_conf(ngx_conf_t* cf, void* parent,
void* child);
static ngx_int_t ngx_http_brotli_filter_init(ngx_conf_t* cf);
static char* ngx_http_brotli_parse_wbits(ngx_conf_t* cf, void* post,
void* data);
/* Configuration literals. */
static ngx_conf_num_bounds_t ngx_http_brotli_comp_level_bounds = {
ngx_conf_check_num_bounds, BROTLI_MIN_QUALITY, BROTLI_MAX_QUALITY};
static ngx_conf_post_handler_pt ngx_http_brotli_parse_wbits_p =
ngx_http_brotli_parse_wbits;
static ngx_command_t ngx_http_brotli_filter_commands[] = {
{ngx_string("brotli"),
NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF |
NGX_HTTP_LIF_CONF | NGX_CONF_FLAG,
ngx_conf_set_flag_slot, NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_brotli_conf_t, enable), NULL},
/* Deprecated, unused. */
{ngx_string("brotli_buffers"),
NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF |
NGX_CONF_TAKE2,
ngx_conf_set_bufs_slot, NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_brotli_conf_t, deprecated_unused_bufs), NULL},
{ngx_string("brotli_types"),
NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF |
NGX_CONF_1MORE,
ngx_http_types_slot, NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_brotli_conf_t, types_keys),
&ngx_http_html_default_types[0]},
{ngx_string("brotli_comp_level"),
NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF |
NGX_CONF_TAKE1,
ngx_conf_set_num_slot, NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_brotli_conf_t, quality),
&ngx_http_brotli_comp_level_bounds},
{ngx_string("brotli_window"),
NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF |
NGX_CONF_TAKE1,
ngx_conf_set_size_slot, NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_brotli_conf_t, lg_win), &ngx_http_brotli_parse_wbits_p},
{ngx_string("brotli_min_length"),
NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF |
NGX_CONF_TAKE1,
ngx_conf_set_size_slot, NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_brotli_conf_t, min_length), NULL},
ngx_null_command};
/* Module context hooks. */
static ngx_http_module_t ngx_http_brotli_filter_module_ctx = {
ngx_http_brotli_add_variables, /* pre-configuration */
ngx_http_brotli_filter_init, /* post-configuration */
NULL, /* create main configuration */
NULL, /* init main configuration */
NULL, /* create server configuration */
NULL, /* merge server configuration */
ngx_http_brotli_create_conf, /* create location configuration */
ngx_http_brotli_merge_conf /* merge location configuration */
};
/* Module descriptor. */
ngx_module_t ngx_http_brotli_filter_module = {
NGX_MODULE_V1,
&ngx_http_brotli_filter_module_ctx, /* module context */
ngx_http_brotli_filter_commands, /* module directives */
NGX_HTTP_MODULE, /* module type */
NULL, /* init master */
NULL, /* init module */
NULL, /* init process */
NULL, /* init thread */
NULL, /* exit thread */
NULL, /* exit process */
NULL, /* exit master */
NGX_MODULE_V1_PADDING};
/* Variable names. */
static ngx_str_t ngx_http_brotli_ratio = ngx_string("brotli_ratio");
/* Next filter in the filter chain. */
static ngx_http_output_header_filter_pt ngx_http_next_header_filter;
static ngx_http_output_body_filter_pt ngx_http_next_body_filter;
static /* const */ char kEncoding[] = "br";
static const size_t kEncodingLen = 2;
static ngx_int_t check_accept_encoding(ngx_http_request_t* req) {
ngx_table_elt_t* accept_encoding_entry;
ngx_str_t* accept_encoding;
u_char* cursor;
u_char* end;
u_char before;
u_char after;
accept_encoding_entry = req->headers_in.accept_encoding;
if (accept_encoding_entry == NULL) return NGX_DECLINED;
accept_encoding = &accept_encoding_entry->value;
cursor = accept_encoding->data;
end = cursor + accept_encoding->len;
while (1) {
u_char digit;
/* It would be an idiotic idea to rely on compiler to produce performant
binary, that is why we just do -1 at every call site. */
cursor = ngx_strcasestrn(cursor, kEncoding, kEncodingLen - 1);
if (cursor == NULL) return NGX_DECLINED;
before = (cursor == accept_encoding->data) ? ' ' : cursor[-1];
cursor += kEncodingLen;
after = (cursor >= end) ? ' ' : *cursor;
if (before != ',' && before != ' ') continue;
if (after != ',' && after != ' ' && after != ';') continue;
/* Check for ";q=0[.[0[0[0]]]]" */
while (*cursor == ' ') cursor++;
if (*(cursor++) != ';') break;
while (*cursor == ' ') cursor++;
if (*(cursor++) != 'q') break;
while (*cursor == ' ') cursor++;
if (*(cursor++) != '=') break;
while (*cursor == ' ') cursor++;
if (*(cursor++) != '0') break;
if (*(cursor++) != '.') return NGX_DECLINED; /* ;q=0, */
digit = *(cursor++);
if (digit < '0' || digit > '9') return NGX_DECLINED; /* ;q=0., */
if (digit > '0') break;
digit = *(cursor++);
if (digit < '0' || digit > '9') return NGX_DECLINED; /* ;q=0.0, */
if (digit > '0') break;
digit = *(cursor++);
if (digit < '0' || digit > '9') return NGX_DECLINED; /* ;q=0.00, */
if (digit > '0') break;
return NGX_DECLINED; /* ;q=0.000 */
}
return NGX_OK;
}
/* Process headers and decide if request is eligible for brotli compression. */
static ngx_int_t ngx_http_brotli_header_filter(ngx_http_request_t* r) {
ngx_table_elt_t* h;
ngx_http_brotli_ctx_t* ctx;
ngx_http_brotli_conf_t* conf;
conf = ngx_http_get_module_loc_conf(r, ngx_http_brotli_filter_module);
/* Filter only if enabled. */
if (!conf->enable) {
return ngx_http_next_header_filter(r);
}
/* Only compress OK / forbidden / not found responses. */
if (r->headers_out.status != NGX_HTTP_OK &&
r->headers_out.status != NGX_HTTP_FORBIDDEN &&
r->headers_out.status != NGX_HTTP_NOT_FOUND) {
return ngx_http_next_header_filter(r);
}
/* Bypass "header only" responses. */
if (r->header_only) {
return ngx_http_next_header_filter(r);
}
/* Bypass already compressed responses. */
if (r->headers_out.content_encoding &&
r->headers_out.content_encoding->value.len) {
return ngx_http_next_header_filter(r);
}
/* If response size is known, do not compress tiny responses. */
if (r->headers_out.content_length_n != -1 &&
r->headers_out.content_length_n < conf->min_length) {
return ngx_http_next_header_filter(r);
}
/* Compress only certain MIME-typed responses. */
if (ngx_http_test_content_type(r, &conf->types) == NULL) {
return ngx_http_next_header_filter(r);
}
r->gzip_vary = 1;
/* Check if client support brotli encoding. */
if (ngx_http_brotli_check_request(r) != NGX_OK) {
return ngx_http_next_header_filter(r);
}
/* Prepare instance context. */
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_brotli_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ctx->request = r;
ctx->content_length = r->headers_out.content_length_n;
ngx_http_set_ctx(r, ctx, ngx_http_brotli_filter_module);
/* Prepare response headers, so that following filters in the chain will
notice that response body is compressed. */
h = ngx_list_push(&r->headers_out.headers);
if (h == NULL) {
return NGX_ERROR;
}
h->hash = 1;
ngx_str_set(&h->key, "Content-Encoding");
ngx_str_set(&h->value, "br");
r->headers_out.content_encoding = h;
r->main_filter_need_in_memory = 1;
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
ngx_http_weak_etag(r);
return ngx_http_next_header_filter(r);
}
/* Response body filtration (compression). */
static ngx_int_t ngx_http_brotli_body_filter(ngx_http_request_t* r,
ngx_chain_t* in) {
int rc;
ngx_http_brotli_ctx_t* ctx;
size_t available_output;
ptrdiff_t available_busy_output;
size_t input_size;
size_t available_input;
const uint8_t* next_input_byte;
size_t consumed_input;
BROTLI_BOOL ok;
u_char* out;
ngx_chain_t* link;
ctx = ngx_http_get_module_ctx(r, ngx_http_brotli_filter_module);
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http brotli filter");
if (ctx == NULL || ctx->closed || r->header_only) {
return ngx_http_next_body_filter(r, in);
}
if (ngx_http_brotli_filter_ensure_stream_initialized(r, ctx) != NGX_OK) {
ngx_http_brotli_filter_close(ctx);
return NGX_ERROR;
}
/* If more input is provided - append it to our input chain. */
if (in) {
if (ngx_chain_add_copy(r->pool, &ctx->in, in) != NGX_OK) {
ngx_http_brotli_filter_close(ctx);
return NGX_ERROR;
}
r->connection->buffered |= NGX_HTTP_BROTLI_BUFFERED;
}
/* Main loop:
- if output is not yet consumed - stop; encoder should not be touched,
until all the output is consumed
- if encoder has output - wrap it and send to consumer
- if encoder is finished (and all output is consumed) - stop
- if there is more input - push it to encoder */
for (;;) {
if (ctx->output_busy || ctx->output_ready) {
if (ctx->output_busy) {
available_busy_output = ngx_buf_size(ctx->out_buf);
} else {
available_busy_output = 0;
}
rc = ngx_http_next_body_filter(r,
ctx->output_ready ? ctx->out_chain : NULL);
if (ctx->output_ready) {
ctx->output_ready = 0;
ctx->output_busy = 1;
}
if (ngx_buf_size(ctx->out_buf) == 0) {
ctx->output_busy = 0;
}
if (rc == NGX_OK) {
if (ctx->output_busy &&
available_busy_output == ngx_buf_size(ctx->out_buf)) {
r->connection->buffered |= NGX_HTTP_BROTLI_BUFFERED;
return NGX_AGAIN;
}
continue;
} else if (rc == NGX_AGAIN) {
if (ctx->output_busy) {
/* Can't continue compression, let the outer filer decide. */
if (ctx->in != NULL) {
r->connection->buffered |= NGX_HTTP_BROTLI_BUFFERED;
}
return NGX_AGAIN;
} else {
/* Inner filter has given up, but we can continue processing. */
continue;
}
} else {
ngx_http_brotli_filter_close(ctx);
return NGX_ERROR;
}
}
if (BrotliEncoderHasMoreOutput(ctx->encoder)) {
available_output = 0;
out = (u_char*)BrotliEncoderTakeOutput(ctx->encoder, &available_output);
if (out == NULL || available_output == 0) {
ngx_http_brotli_filter_close(ctx);
return NGX_ERROR;
}
ctx->out_buf->start = out;
ctx->out_buf->pos = out;
ctx->out_buf->last = out + available_output;
ctx->out_buf->end = out + available_output;
ctx->bytes_out += available_output;
ctx->out_buf->last_buf = 0;
ctx->out_buf->flush = 0;
if (ctx->end_of_input && BrotliEncoderIsFinished(ctx->encoder)) {
ctx->out_buf->last_buf = 1;
r->connection->buffered &= ~NGX_HTTP_BROTLI_BUFFERED;
} else if (ctx->end_of_block) {
ctx->out_buf->flush = 1;
r->connection->buffered &= ~NGX_HTTP_BROTLI_BUFFERED;
}
ctx->end_of_block = 0;
ctx->output_ready = 1;
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"brotli out: %p, size:%uz", ctx->out_buf,
ngx_buf_size(ctx->out_buf));
continue;
}
if (BrotliEncoderIsFinished(ctx->encoder)) {
ctx->success = 1;
r->connection->buffered &= ~NGX_HTTP_BROTLI_BUFFERED;
ngx_http_brotli_filter_close(ctx);
return NGX_OK;
}
if (ctx->end_of_input) {
// Ask the encoder to dump the leftover.
available_input = 0;
available_output = 0;
ok = BrotliEncoderCompressStream(ctx->encoder, BROTLI_OPERATION_FINISH,
&available_input, NULL,
&available_output, NULL, NULL);
r->connection->buffered |= NGX_HTTP_BROTLI_BUFFERED;
if (!ok) {
ngx_http_brotli_filter_close(ctx);
return NGX_ERROR;
}
continue;
}
if (ctx->in == NULL) {
return NGX_OK;
}
/* TODO: coalesce tiny inputs, if they are not last/flush. */
input_size = ngx_buf_size(ctx->in->buf);
if (input_size == 0) {
if (!ctx->in->buf->last_buf && !ctx->in->buf->flush) {
link = ctx->in;
ctx->in = ctx->in->next;
ngx_free_chain(r->pool, link);
continue;
}
}
available_input = input_size;
next_input_byte = (const uint8_t*)ctx->in->buf->pos;
available_output = 0;
ok = BrotliEncoderCompressStream(
ctx->encoder,
ctx->in->buf->last_buf ? BROTLI_OPERATION_FINISH
: ctx->in->buf->flush ? BROTLI_OPERATION_FLUSH
: BROTLI_OPERATION_PROCESS,
&available_input, &next_input_byte, &available_output, NULL, NULL);
r->connection->buffered |= NGX_HTTP_BROTLI_BUFFERED;
if (!ok) {
ngx_http_brotli_filter_close(ctx);
return NGX_ERROR;
}
consumed_input = input_size - available_input;
ctx->bytes_in += consumed_input;
ctx->in->buf->pos += consumed_input;
if (consumed_input == input_size) {
if (ctx->in->buf->last_buf) {
ctx->end_of_input = 1;
} else if (ctx->in->buf->flush) {
ctx->end_of_block = 1;
}
link = ctx->in;
ctx->in = ctx->in->next;
ngx_free_chain(r->pool, link);
continue;
}
/* Should never happen, just to make sure we don't enter infinite loop. */
if (consumed_input == 0) {
ngx_http_brotli_filter_close(ctx);
return NGX_ERROR;
}
}
/* unreachable */
ngx_http_brotli_filter_close(ctx);
return NGX_ERROR;
}
static ngx_int_t ngx_http_brotli_filter_ensure_stream_initialized(
ngx_http_request_t* r, ngx_http_brotli_ctx_t* ctx) {
ngx_http_brotli_conf_t* conf;
BROTLI_BOOL ok;
size_t wbits;
if (ctx->initialized) {
return NGX_OK;
}
ctx->initialized = 1;
conf = ngx_http_get_module_loc_conf(r, ngx_http_brotli_filter_module);
/* Tune lg_win, if size is known. */
if (ctx->content_length > 0) {
wbits = BROTLI_MIN_WINDOW_BITS;
while ((wbits < conf->lg_win) && (ctx->content_length > (1 << wbits))) {
wbits++;
}
} else {
wbits = conf->lg_win;
}
ctx->encoder = BrotliEncoderCreateInstance(
ngx_http_brotli_filter_alloc, ngx_http_brotli_filter_free, r->pool);
if (ctx->encoder == NULL) {
ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0,
"OOM / BrotliEncoderCreateInstance");
return NGX_ERROR;
}
ok = BrotliEncoderSetParameter(ctx->encoder, BROTLI_PARAM_QUALITY,
(uint32_t)conf->quality);
if (!ok) {
ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0,
"BrotliEncoderSetParameter(QUALITY, %uD) failed",
(uint32_t)conf->quality);
return NGX_ERROR;
}
ok = BrotliEncoderSetParameter(ctx->encoder, BROTLI_PARAM_LGWIN,
(uint32_t)wbits);
if (!ok) {
ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0,
"BrotliEncoderSetParameter(LGWIN, %uD) failed",
(uint32_t)wbits);
return NGX_ERROR;
}
ctx->out_buf = ngx_calloc_buf(r->pool);
if (ctx->out_buf == NULL) {
return NGX_ERROR;
}
ctx->out_buf->temporary = 1;
ctx->out_chain = ngx_alloc_chain_link(r->pool);
if (ctx->out_chain == NULL) {
return NGX_ERROR;
}
ctx->out_chain->buf = ctx->out_buf;
ctx->out_chain->next = NULL;
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"brotli encoder initialized: lvl:%i win:%d", conf->quality,
(1 << wbits));
return NGX_OK;
}
static void* ngx_http_brotli_filter_alloc(void* opaque, size_t size) {
ngx_pool_t* pool = opaque;
void* p;
p = ngx_palloc(pool, size);
#if (NGX_DEBUG)
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, pool->log, 0, "brotli alloc: %p, size:%uz",
p, size);
#endif
return p;
}
static void ngx_http_brotli_filter_free(void* opaque, void* address) {
ngx_pool_t* pool = opaque;
#if (NGX_DEBUG)
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pool->log, 0, "brotli free: %p", address);
#endif
ngx_pfree(pool, address);
}
static void ngx_http_brotli_filter_close(ngx_http_brotli_ctx_t* ctx) {
ctx->closed = 1;
if (ctx->encoder) {
BrotliEncoderDestroyInstance(ctx->encoder);
ctx->encoder = NULL;
}
if (ctx->out_chain) {
ngx_free_chain(ctx->request->pool, ctx->out_chain);
ctx->out_chain = NULL;
}
if (ctx->out_buf) {
ngx_pfree(ctx->request->pool, ctx->out_buf);
ctx->out_buf = NULL;
}
}
static ngx_int_t ngx_http_brotli_check_request(ngx_http_request_t* req) {
if (req != req->main) return NGX_DECLINED;
if (check_accept_encoding(req) != NGX_OK) return NGX_DECLINED;
req->gzip_tested = 1;
req->gzip_ok = 0;
return NGX_OK;
}
static ngx_int_t ngx_http_brotli_add_variables(ngx_conf_t* cf) {
ngx_http_variable_t* var;
var = ngx_http_add_variable(cf, &ngx_http_brotli_ratio, 0);
if (var == NULL) {
return NGX_ERROR;
}
var->get_handler = ngx_http_brotli_ratio_variable;
return NGX_OK;
}
static ngx_int_t ngx_http_brotli_ratio_variable(ngx_http_request_t* r,
ngx_http_variable_value_t* v,
uintptr_t data) {
ngx_uint_t ratio_int;
ngx_uint_t ratio_frac;
ngx_http_brotli_ctx_t* ctx;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
ctx = ngx_http_get_module_ctx(r, ngx_http_brotli_filter_module);
/* Only report variable on non-failing streams. */
if (ctx == NULL || !ctx->success) {
v->not_found = 1;
return NGX_OK;
}
v->data = ngx_pnalloc(r->pool, NGX_INT32_LEN + 3);
if (v->data == NULL) {
return NGX_ERROR;
}
ratio_int = (ngx_uint_t)(ctx->bytes_in / ctx->bytes_out);
ratio_frac = (ngx_uint_t)((ctx->bytes_in * 100 / ctx->bytes_out) % 100);
/* Rounding; e.g. 2.125 to 2.13 */
if ((ctx->bytes_in * 1000 / ctx->bytes_out) % 10 > 4) {
ratio_frac++;
if (ratio_frac > 99) {
ratio_int++;
ratio_frac = 0;
}
}
v->len = ngx_sprintf(v->data, "%ui.%02ui", ratio_int, ratio_frac) - v->data;
return NGX_OK;
}
static void* ngx_http_brotli_create_conf(ngx_conf_t* cf) {
ngx_http_brotli_conf_t* conf;
conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_brotli_conf_t));
if (conf == NULL) {
return NULL;
}
/* ngx_pcalloc fills result with zeros ->
conf->bufs.num = 0;
conf->types = { NULL };
conf->types_keys = NULL; */
conf->enable = NGX_CONF_UNSET;
conf->quality = NGX_CONF_UNSET;
conf->lg_win = NGX_CONF_UNSET_SIZE;
conf->min_length = NGX_CONF_UNSET;
return conf;
}
static char* ngx_http_brotli_merge_conf(ngx_conf_t* cf, void* parent,
void* child) {
ngx_http_brotli_conf_t* prev = parent;
ngx_http_brotli_conf_t* conf = child;
char* rc;
ngx_conf_merge_value(conf->enable, prev->enable, 0);
ngx_conf_merge_value(conf->quality, prev->quality, 6);
ngx_conf_merge_size_value(conf->lg_win, prev->lg_win, 19);
ngx_conf_merge_value(conf->min_length, prev->min_length, 20);
rc = ngx_http_merge_types(cf, &conf->types_keys, &conf->types,
&prev->types_keys, &prev->types,
ngx_http_html_default_types);
if (rc != NGX_CONF_OK) {
return NGX_CONF_ERROR;
}
return NGX_CONF_OK;
}
/* Prepend to filter chain. */
static ngx_int_t ngx_http_brotli_filter_init(ngx_conf_t* cf) {
ngx_http_next_header_filter = ngx_http_top_header_filter;
ngx_http_top_header_filter = ngx_http_brotli_header_filter;
ngx_http_next_body_filter = ngx_http_top_body_filter;
ngx_http_top_body_filter = ngx_http_brotli_body_filter;
return NGX_OK;
}
/* Translate "window size" to window bits (log2), and check bounds. */
static char* ngx_http_brotli_parse_wbits(ngx_conf_t* cf, void* post,
void* data) {
size_t* parameter = data;
size_t bits;
size_t wsize;
for (bits = BROTLI_MIN_WINDOW_BITS; bits <= BROTLI_MAX_WINDOW_BITS; bits++) {
wsize = 1u << bits;
if (*parameter == wsize) {
*parameter = bits;
return NGX_CONF_OK;
}
}
return "must be 1k, 2k, 4k, 8k, 16k, 32k, 64k, 128k, 256k, 512k, 1m, 2m, 4m, "
"8m or 16m";
}

24
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/script/.travis-before-test.sh
View file

@ -1,24 +0,0 @@
#!/bin/bash
set -ex
# Setup shortcuts.
ROOT=`pwd`
FILES=$ROOT/script/test
# Setup directory structure.
cd $ROOT/script
if [ ! -d test ]; then
mkdir test
fi
cd test
if [ ! -d logs ]; then
mkdir logs
fi
# Download sample texts.
curl --compressed -o $FILES/war-and-peace.txt http://www.gutenberg.org/files/2600/2600-0.txt
echo "Kot lomom kolol slona!" > $FILES/small.txt
echo "<html>Kot lomom kolol slona!</html>" > $FILES/small.html
# Restore status-quo.
cd $ROOT

29
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/script/.travis-compile.sh
View file

@ -1,29 +0,0 @@
#!/bin/bash
set -ex
# Setup shortcuts.
ROOT=`pwd`
# Clone nginx read-only git repository.
if [ ! -d "nginx" ]; then
git clone https://github.com/nginx/nginx.git
fi
# Build nginx + filter module.
cd $ROOT/nginx
# Pro memoria: --with-debug
./auto/configure \
--prefix=$ROOT/script/test \
--with-http_v2_module \
--add-module=$ROOT
make -j 16
# Build brotli CLI.
cd $ROOT/deps/brotli
mkdir out
cd out
cmake ..
make -j 16 brotli
# Restore status-quo.
cd $ROOT

168
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/script/.travis-test.sh
View file

@ -1,168 +0,0 @@
#!/bin/bash
# Setup shortcuts.
ROOT=`pwd`
NGINX=$ROOT/nginx/objs/nginx
BROTLI=$ROOT/deps/brotli/out/brotli
SERVER=http://localhost:8080
FILES=$ROOT/script/test
HR="---------------------------------------------------------------------------"
if [ ! -d tmp ]; then
mkdir tmp
fi
rm tmp/*
add_result() {
echo $1 >&2
echo $1 >> tmp/results.log
}
get_failed() {
echo `cat tmp/results.log | grep -v OK | wc -l`
}
get_count() {
echo `cat tmp/results.log | wc -l`
}
expect_equal() {
expected=$1
actual=$2
if cmp $expected $actual; then
add_result "OK"
else
add_result "FAIL (equality)"
fi
}
expect_br_equal() {
expected=$1
actual_br=$2
if $BROTLI -dfk ./${actual_br}.br; then
expect_equal $expected $actual_br
else
add_result "FAIL (decompression)"
fi
}
################################################################################
# Start default server.
echo "Statring NGINX"
$NGINX -c $ROOT/script/test.conf
# Fetch vanilla 404 response.
curl -s -o tmp/notfound.txt $SERVER/notfound
CURL="curl -s"
# Run tests.
echo $HR
echo "Test: long file with rate limit"
$CURL -H 'Accept-encoding: br' -o tmp/war-and-peace.br --limit-rate 300K $SERVER/war-and-peace.txt
expect_br_equal $FILES/war-and-peace.txt tmp/war-and-peace
echo "Test: compressed 404"
$CURL -H 'Accept-encoding: br' -o tmp/notfound.br $SERVER/notfound
expect_br_equal tmp/notfound.txt tmp/notfound
echo "Test: A-E: 'gzip, br'"
$CURL -H 'Accept-encoding: gzip, br' -o tmp/ae-01.br $SERVER/small.txt
expect_br_equal $FILES/small.txt tmp/ae-01
echo "Test: A-E: 'gzip, br, deflate'"
$CURL -H 'Accept-encoding: gzip, br, deflate' -o tmp/ae-02.br $SERVER/small.txt
expect_br_equal $FILES/small.txt tmp/ae-02
echo "Test: A-E: 'gzip, br;q=1, deflate'"
$CURL -H 'Accept-encoding: gzip, br;q=1, deflate' -o tmp/ae-03.br $SERVER/small.txt
expect_br_equal $FILES/small.txt tmp/ae-03
echo "Test: A-E: 'br;q=0.001'"
$CURL -H 'Accept-encoding: br;q=0.001' -o tmp/ae-04.br $SERVER/small.txt
expect_br_equal $FILES/small.txt tmp/ae-04
echo "Test: A-E: 'bro'"
$CURL -H 'Accept-encoding: bro' -o tmp/ae-05.txt $SERVER/small.txt
expect_equal $FILES/small.txt tmp/ae-05.txt
echo "Test: A-E: 'bo'"
$CURL -H 'Accept-encoding: bo' -o tmp/ae-06.txt $SERVER/small.txt
expect_equal $FILES/small.txt tmp/ae-06.txt
echo "Test: A-E: 'br;q=0'"
$CURL -H 'Accept-encoding: br;q=0' -o tmp/ae-07.txt $SERVER/small.txt
expect_equal $FILES/small.txt tmp/ae-07.txt
echo "Test: A-E: 'br;q=0.'"
$CURL -H 'Accept-encoding: br;q=0.' -o tmp/ae-08.txt $SERVER/small.txt
expect_equal $FILES/small.txt tmp/ae-08.txt
echo "Test: A-E: 'br;q=0.0'"
$CURL -H 'Accept-encoding: br;q=0.0' -o tmp/ae-09.txt $SERVER/small.txt
expect_equal $FILES/small.txt tmp/ae-09.txt
echo "Test: A-E: 'br;q=0.00'"
$CURL -H 'Accept-encoding: br;q=0.00' -o tmp/ae-10.txt $SERVER/small.txt
expect_equal $FILES/small.txt tmp/ae-10.txt
echo "Test: A-E: 'br ; q = 0.000'"
$CURL -H 'Accept-encoding: br ; q = 0.000' -o tmp/ae-11.txt $SERVER/small.txt
expect_equal $FILES/small.txt tmp/ae-11.txt
echo "Test: A-E: 'bar'"
$CURL -H 'Accept-encoding: bar' -o tmp/ae-12.txt $SERVER/small.html
expect_equal $FILES/small.html tmp/ae-12.txt
echo "Test: A-E: 'b'"
$CURL -H 'Accept-encoding: b' -o tmp/ae-13.txt $SERVER/small.html
expect_equal $FILES/small.html tmp/ae-13.txt
echo $HR
echo "Stopping default NGINX"
# Stop server.
$NGINX -c $ROOT/script/test.conf -s stop
################################################################################
# Start default server.
echo "Statring h2 NGINX"
$NGINX -c $ROOT/script/test_h2.conf
CURL="curl --http2-prior-knowledge -s"
# Run tests.
echo $HR
echo "Test: long file with rate limit"
$CURL -H 'Accept-encoding: br' -o tmp/h2-war-and-peace.br --limit-rate 300K $SERVER/war-and-peace.txt
expect_br_equal $FILES/war-and-peace.txt tmp/h2-war-and-peace
echo "Test: A-E: 'gzip, br'"
$CURL -H 'Accept-encoding: gzip, br' -o tmp/h2-ae-01.br $SERVER/small.txt
expect_br_equal $FILES/small.txt tmp/h2-ae-01
echo "Test: A-E: 'b'"
$CURL -H 'Accept-encoding: b' -o tmp/h2-ae-13.txt $SERVER/small.html
expect_equal $FILES/small.html tmp/h2-ae-13.txt
echo $HR
echo "Stopping h2 NGINX"
# Stop server.
$NGINX -c $ROOT/script/test_h2.conf -s stop
################################################################################
# Report.
FAILED=$(get_failed $STATUS)
COUNT=$(get_count $STATUS)
echo $HR
echo "Results: $FAILED of $COUNT tests failed"
# Restore status-quo.
cd $ROOT
exit $FAILED

32
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/script/test.conf
View file

@ -1,32 +0,0 @@
events {
worker_connections 4;
}
daemon on;
error_log /dev/stdout info;
http {
access_log ./access.log;
error_log ./error.log;
gzip on;
gzip_comp_level 1;
gzip_types text/plain text/css;
brotli on;
brotli_comp_level 1;
brotli_types text/plain text/css;
server {
listen 8080 default_server;
listen [::]:8080 default_server;
root ./;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
}

32
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/script/test_h2.conf
View file

@ -1,32 +0,0 @@
events {
worker_connections 4;
}
daemon on;
error_log /dev/stdout info;
http {
access_log ./access.log;
error_log ./error.log;
gzip on;
gzip_comp_level 1;
gzip_types text/plain text/css;
brotli on;
brotli_comp_level 1;
brotli_types text/plain text/css;
server {
listen 8080 http2;
listen [::]:8080 http2;
root ./;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
}

54
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/static/config
View file

@ -1,54 +0,0 @@
# Copyright (C) 2015-2019 Google Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
if [ "$ngx_addon_name" = "ngx_brotli" ]; then
BROTLI_MODULE_SRC_DIR="$ngx_addon_dir/static"
else
BROTLI_MODULE_SRC_DIR="$ngx_addon_dir"
fi
ngx_addon_name=ngx_brotli_static
if [ -z "$ngx_module_link" ]; then
cat << END
$0: error: Brotli module requires recent version of NGINX (1.9.11+).
END
exit 1
fi
ngx_module_type=HTTP
ngx_module_name=ngx_http_brotli_static_module
ngx_module_incs=
ngx_module_deps=
ngx_module_srcs="$BROTLI_MODULE_SRC_DIR/ngx_http_brotli_static_module.c"
ngx_module_libs=
ngx_module_order=
. auto/module
have=NGX_HTTP_GZIP . auto/have
have=NGX_HTTP_BROTLI_STATIC . auto/have
have=NGX_HTTP_BROTLI_STATIC_MODULE . auto/have # deprecated

323
modules_deb/libnginx-mod-http-brotli-1.0.0~rc/static/ngx_http_brotli_static_module.c
View file

@ -1,323 +0,0 @@
/*
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
* Copyright (C) Google Inc.
*/
#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_http.h>
/* >> Configuration */
#define NGX_HTTP_BROTLI_STATIC_OFF 0
#define NGX_HTTP_BROTLI_STATIC_ON 1
#define NGX_HTTP_BROTLI_STATIC_ALWAYS 2
typedef struct {
ngx_uint_t enable;
} configuration_t;
static ngx_conf_enum_t kBrotliStaticEnum[] = {
{ngx_string("off"), NGX_HTTP_BROTLI_STATIC_OFF},
{ngx_string("on"), NGX_HTTP_BROTLI_STATIC_ON},
{ngx_string("always"), NGX_HTTP_BROTLI_STATIC_ALWAYS},
{ngx_null_string, 0}};
/* << Configuration */
/* >> Forward declarations */
static ngx_int_t handler(ngx_http_request_t* req);
static void* create_conf(ngx_conf_t* root_cfg);
static char* merge_conf(ngx_conf_t* root_cfg, void* parent, void* child);
static ngx_int_t init(ngx_conf_t* root_cfg);
/* << Forward declarations*/
/* >> Module definition */
static ngx_command_t kCommands[] = {
{ngx_string("brotli_static"),
NGX_HTTP_MAIN_CONF | NGX_HTTP_SRV_CONF | NGX_HTTP_LOC_CONF |
NGX_CONF_TAKE1,
ngx_conf_set_enum_slot, NGX_HTTP_LOC_CONF_OFFSET,
offsetof(configuration_t, enable), &kBrotliStaticEnum},
ngx_null_command};
static ngx_http_module_t kModuleContext = {
NULL, /* preconfiguration */
init, /* postconfiguration */
NULL, /* create main configuration */
NULL, /* init main configuration */
NULL, /* create server configuration */
NULL, /* merge server configuration */
create_conf, /* create location configuration */
merge_conf /* merge location configuration */
};
ngx_module_t ngx_http_brotli_static_module = {
NGX_MODULE_V1,
&kModuleContext, /* module context */
kCommands, /* module directives */
NGX_HTTP_MODULE, /* module type */
NULL, /* init master */
NULL, /* init module */
NULL, /* init process */
NULL, /* init thread */
NULL, /* exit thread */
NULL, /* exit process */
NULL, /* exit master */
NGX_MODULE_V1_PADDING};
/* << Module definition*/
static const u_char kContentEncoding[] = "Content-Encoding";
static /* const */ char kEncoding[] = "br";
static const size_t kEncodingLen = 2;
static /* const */ u_char kSuffix[] = ".br";
static const size_t kSuffixLen = 3;
static ngx_int_t check_accept_encoding(ngx_http_request_t* req) {
ngx_table_elt_t* accept_encoding_entry;
ngx_str_t* accept_encoding;
u_char* cursor;
u_char* end;
u_char before;
u_char after;
accept_encoding_entry = req->headers_in.accept_encoding;
if (accept_encoding_entry == NULL) return NGX_DECLINED;
accept_encoding = &accept_encoding_entry->value;
cursor = accept_encoding->data;
end = cursor + accept_encoding->len;
while (1) {
u_char digit;
/* It would be an idiotic idea to rely on compiler to produce performant
binary, that is why we just do -1 at every call site. */
cursor = ngx_strcasestrn(cursor, kEncoding, kEncodingLen - 1);
if (cursor == NULL) return NGX_DECLINED;
before = (cursor == accept_encoding->data) ? ' ' : cursor[-1];
cursor += kEncodingLen;
after = (cursor >= end) ? ' ' : *cursor;
if (before != ',' && before != ' ') continue;
if (after != ',' && after != ' ' && after != ';') continue;
/* Check for ";q=0[.[0[0[0]]]]" */
while (*cursor == ' ') cursor++;
if (*(cursor++) != ';') break;
while (*cursor == ' ') cursor++;
if (*(cursor++) != 'q') break;
while (*cursor == ' ') cursor++;
if (*(cursor++) != '=') break;
while (*cursor == ' ') cursor++;
if (*(cursor++) != '0') break;
if (*(cursor++) != '.') return NGX_DECLINED; /* ;q=0, */
digit = *(cursor++);
if (digit < '0' || digit > '9') return NGX_DECLINED; /* ;q=0., */
if (digit > '0') break;
digit = *(cursor++);
if (digit < '0' || digit > '9') return NGX_DECLINED; /* ;q=0.0, */
if (digit > '0') break;
digit = *(cursor++);
if (digit < '0' || digit > '9') return NGX_DECLINED; /* ;q=0.00, */
if (digit > '0') break;
return NGX_DECLINED; /* ;q=0.000 */
}
return NGX_OK;
}
/* Test if this request is allowed to have the brotli response. */
static ngx_int_t check_eligility(ngx_http_request_t* req) {
if (req != req->main) return NGX_DECLINED;
if (check_accept_encoding(req) != NGX_OK) return NGX_DECLINED;
req->gzip_tested = 1;
req->gzip_ok = 0;
return NGX_OK;
}
static ngx_int_t handler(ngx_http_request_t* req) {
configuration_t* cfg;
ngx_int_t rc;
u_char* last;
ngx_str_t path;
size_t root;
ngx_log_t* log;
ngx_http_core_loc_conf_t* location_cfg;
ngx_open_file_info_t file_info;
ngx_table_elt_t* content_encoding_entry;
ngx_buf_t* buf;
ngx_chain_t out;
/* Only GET and HEAD requensts are supported. */
if (!(req->method & (NGX_HTTP_GET | NGX_HTTP_HEAD))) return NGX_DECLINED;
/* Only files are supported. */
if (req->uri.data[req->uri.len - 1] == '/') return NGX_DECLINED;
/* Get configuration and check if module is disabled. */
cfg = ngx_http_get_module_loc_conf(req, ngx_http_brotli_static_module);
if (cfg->enable == NGX_HTTP_BROTLI_STATIC_OFF) return NGX_DECLINED;
if (cfg->enable == NGX_HTTP_BROTLI_STATIC_ALWAYS) {
/* Ignore request properties (e.g. Accept-Encoding). */
} else {
/* NGX_HTTP_BROTLI_STATIC_ON */
rc = check_eligility(req);
if (rc != NGX_OK) return NGX_DECLINED;
}
/* Get path and append the suffix. */
last = ngx_http_map_uri_to_path(req, &path, &root, kSuffixLen);
if (last == NULL) return NGX_HTTP_INTERNAL_SERVER_ERROR;
/* +1 for reinstating the terminating 0. */
ngx_cpystrn(last, kSuffix, kSuffixLen + 1);
path.len += kSuffixLen;
log = req->connection->log;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, log, 0, "http filename: \"%s\"",
path.data);
/* Prepare to read the file. */
location_cfg = ngx_http_get_module_loc_conf(req, ngx_http_core_module);
ngx_memzero(&file_info, sizeof(ngx_open_file_info_t));
file_info.read_ahead = location_cfg->read_ahead;
file_info.directio = location_cfg->directio;
file_info.valid = location_cfg->open_file_cache_valid;
file_info.min_uses = location_cfg->open_file_cache_min_uses;
file_info.errors = location_cfg->open_file_cache_errors;
file_info.events = location_cfg->open_file_cache_events;
rc = ngx_http_set_disable_symlinks(req, location_cfg, &path, &file_info);
if (rc != NGX_OK) return NGX_HTTP_INTERNAL_SERVER_ERROR;
/* Try to fetch file and process errors. */
rc = ngx_open_cached_file(location_cfg->open_file_cache, &path, &file_info,
req->pool);
if (rc != NGX_OK) {
ngx_uint_t level;
switch (file_info.err) {
case 0:
return NGX_HTTP_INTERNAL_SERVER_ERROR;
case NGX_ENOENT:
case NGX_ENOTDIR:
case NGX_ENAMETOOLONG:
return NGX_DECLINED;
#if (NGX_HAVE_OPENAT)
case NGX_EMLINK:
case NGX_ELOOP:
#endif
case NGX_EACCES:
level = NGX_LOG_ERR;
break;
default:
level = NGX_LOG_CRIT;
break;
}
ngx_log_error(level, log, file_info.err, "%s \"%s\" failed",
file_info.failed, path.data);
return NGX_DECLINED;
}
if (cfg->enable == NGX_HTTP_BROTLI_STATIC_ON) {
req->gzip_vary = 1;
}
/* So far so good. */
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, log, 0, "http static fd: %d",
file_info.fd);
/* Only files are supported. */
if (file_info.is_dir) {
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, log, 0, "http dir");
return NGX_DECLINED;
}
#if !(NGX_WIN32)
if (!file_info.is_file) {
ngx_log_error(NGX_LOG_CRIT, log, 0, "\"%s\" is not a regular file",
path.data);
return NGX_HTTP_NOT_FOUND;
}
#endif
/* Prepare request push the body. */
req->root_tested = !req->error_page;
rc = ngx_http_discard_request_body(req);
if (rc != NGX_OK) return rc;
log->action = "sending response to client";
req->headers_out.status = NGX_HTTP_OK;
req->headers_out.content_length_n = file_info.size;
req->headers_out.last_modified_time = file_info.mtime;
rc = ngx_http_set_etag(req);
if (rc != NGX_OK) return NGX_HTTP_INTERNAL_SERVER_ERROR;
rc = ngx_http_set_content_type(req);
if (rc != NGX_OK) return NGX_HTTP_INTERNAL_SERVER_ERROR;
/* Set "Content-Encoding" header. */
content_encoding_entry = ngx_list_push(&req->headers_out.headers);
if (content_encoding_entry == NULL) return NGX_HTTP_INTERNAL_SERVER_ERROR;
content_encoding_entry->hash = 1;
ngx_str_set(&content_encoding_entry->key, kContentEncoding);
ngx_str_set(&content_encoding_entry->value, kEncoding);
req->headers_out.content_encoding = content_encoding_entry;
/* Setup response body. */
buf = ngx_pcalloc(req->pool, sizeof(ngx_buf_t));
if (buf == NULL) return NGX_HTTP_INTERNAL_SERVER_ERROR;
buf->file = ngx_pcalloc(req->pool, sizeof(ngx_file_t));
if (buf->file == NULL) return NGX_HTTP_INTERNAL_SERVER_ERROR;
buf->file_pos = 0;
buf->file_last = file_info.size;
buf->in_file = buf->file_last ? 1 : 0;
buf->last_buf = (req == req->main) ? 1 : 0;
buf->last_in_chain = 1;
buf->file->fd = file_info.fd;
buf->file->name = path;
buf->file->log = log;
buf->file->directio = file_info.is_directio;
out.buf = buf;
out.next = NULL;
/* Push the response header. */
rc = ngx_http_send_header(req);
if (rc == NGX_ERROR || rc > NGX_OK || req->header_only) {
return rc;
}
/* Push the response body. */
return ngx_http_output_filter(req, &out);
}
static void* create_conf(ngx_conf_t* root_cfg) {
configuration_t* cfg;
cfg = ngx_palloc(root_cfg->pool, sizeof(configuration_t));
if (cfg == NULL) return NULL;
cfg->enable = NGX_CONF_UNSET_UINT;
return cfg;
}
static char* merge_conf(ngx_conf_t* root_cfg, void* parent, void* child) {
configuration_t* prev = parent;
configuration_t* cfg = child;
ngx_conf_merge_uint_value(cfg->enable, prev->enable,
NGX_HTTP_BROTLI_STATIC_OFF);
return NGX_CONF_OK;
}
static ngx_int_t init(ngx_conf_t* root_cfg) {
ngx_http_core_main_conf_t* core_cfg;
ngx_http_handler_pt* handler_slot;
core_cfg = ngx_http_conf_get_module_main_conf(root_cfg, ngx_http_core_module);
handler_slot =
ngx_array_push(&core_cfg->phases[NGX_HTTP_CONTENT_PHASE].handlers);
if (handler_slot == NULL) return NGX_ERROR;
*handler_slot = handler;
return NGX_OK;
}

22
modules_deb/libnginx-mod-http-cache-purge-2.5.3/.astylerc
View file

@ -1,22 +0,0 @@
# astylerc
align-pointer=name
align-reference=name
break-after-logical
#indent=spaces=2
max-code-length=120
style=google
suffix=none
# Indent
indent-preproc-block
# Padding
pad-header
unpad-paren
# Formatting:
add-brackets
#convert-tabs
# Output:
formatted

14
modules_deb/libnginx-mod-http-cache-purge-2.5.3/.format.sh
View file

@ -1,14 +0,0 @@
#!/bin/sh
# Search in the script folder
pushd "$(dirname $0)" >/dev/null
CWD="$(pwd -P)"
popd >/dev/null
FILES='ngx_cache_purge_module.c'
# The file format in accordance with the style defined in .astylerc
astyle -v --options='.astylerc' ${FILES} || (echo 'astyle failed'; exit 1);
# To correct this, the issuance dos2unix on each file
# sometimes adds in Windows as a string-endins (\r\n).
dos2unix --quiet ${FILES} || (echo 'dos2unix failed'; exit 2);

1
modules_deb/libnginx-mod-http-cache-purge-2.5.3/.gitattributes vendored
View file

@ -1 +0,0 @@
*.t linguist-language=Text

49
modules_deb/libnginx-mod-http-cache-purge-2.5.3/.travis.yml
View file

@ -1,49 +0,0 @@
sudo: required
os: linux
dist: trusty
language: c
compiler:
- gcc
- clang
cache:
apt: true
directories:
- download-cache
env:
global:
- JOBS=4
- NGINX_PREFIX=/opt/nginx
matrix:
- NGINX_VERSION=1.18.0
- NGINX_VERSION=1.19.2
before_install:
- mkdir --parents download-cache
- sudo apt-get update -qq
- sudo apt-get install -qq zlib1g-dev libpcre3-dev cpanminus
# Get OpenSSL 1.0.2 from Ubuntu Xenial
# https://packages.ubuntu.com/xenial-updates/libssl1.0.0
- test -f download-cache/libssl1.0.0_1.0.2g-1ubuntu4.16_amd64.deb || wget -O download-cache/libssl1.0.0_1.0.2g-1ubuntu4.17_amd64.deb "http://de.archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.0.0_1.0.2g-1ubuntu4.17_amd64.deb"
# https://packages.ubuntu.com/xenial/libssl-dev
- test -f download-cache/libssl-dev_1.0.2g-1ubuntu4.16_amd64.deb || wget -O download-cache/libssl-dev_1.0.2g-1ubuntu4.17_amd64.deb "http://de.archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_1.0.2g-1ubuntu4.17_amd64.deb"
- sudo dpkg -i download-cache/libssl*_amd64.deb
# Test::Nginx
- git clone https://github.com/openresty/test-nginx.git test-nginx
- cd test-nginx/ && sudo cpanm . && cd ..
# NGINX source
- test -f download-cache/nginx-$NGINX_VERSION.tar.gz || wget -O download-cache/nginx-$NGINX_VERSION.tar.gz http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz
install:
- tar -xzf download-cache/nginx-${NGINX_VERSION}.tar.gz
- cd nginx-${NGINX_VERSION}/
- ./configure --prefix=${NGINX_PREFIX} --with-debug --with-http_ssl_module --add-module=${PWD}/..
- make -j${JOBS}
- sudo make install
- cd ..
- export PATH="${NGINX_PREFIX}/sbin:$PATH"
# - export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}
script:
- nginx -V
- ldd $(which nginx)
- prove t

103
modules_deb/libnginx-mod-http-cache-purge-2.5.3/CHANGES
View file

@ -1,103 +0,0 @@
2020-06-27 VERSION 2.5.1
* fix: empty key check - it coredumps when cache key is empty, Tuğrul Topuz
* fix: purge report calloc fix - Report template has not cache file path but it's length is use in buffer memory allocation, Tuğrul Topuz
2018-08-04 VERSION 2.5
* feat/docs: cache_purge_response_type directive, selecting response type (html|json|xml|text)
* break: changed status of HTTP code 404 (Not Found) to 412 (Precondition Failed)
* fix: remove path information of response body (#4, 3a8c08a, #11)
2020-06-27 VERSION 2.4.3
* fix: empty key check - it coredumps when cache key is empty, Tuğrul Topuz
2017-09-28 VERSION 2.4.2
* fix: segfault in call to `ngx_read_file` of partial key purge, Frankie Dintino
* fix: segfault in `cplcf->conf->purge_all` with separate location syntax, Frankie Dintino
2017-02-21 VERSION 2.4.1
* Fix compatibility with nginx-1.11.6+, Sułowicz Paweł
2016-11-20 VERSION 2.4
* Fix compatibility with nginx-1.7.12+.
* explain the purge logic
* feat(purge all): Include option to purge all the cached files
This option can be slow if a lot of content is cached, or if the
storage used for the cache is slow. But you really should be using
RAM as your cache storage.
* feat(partial keys): Support partial keys to purge multiple keys.
Put an '*' at the end of your purge cache URL.
e.g:
proxy_cache_key $scheme$host$uri$is_args$args$cookie_JSESSIONID;
curl -X PURGE https://example.com/pass*
This will remove every cached page whose key cache starting with:
httpsexample.com/pass*
Be careful not passing any value for the values after the $uri, or put
it at the end of your cache key.
* Convert a config file to build a dynamic module
2014-12-23 VERSION 2.3
* Fix compatibility with nginx-1.7.9+.
2014-12-02 VERSION 2.2
* Fix compatibility with nginx-1.7.8+.
2014-05-19
* Fix build on Solaris with SunCC (Solaris Studio).
Reported by Jussi Sallinen.
2013-03-19 VERSION 2.1
* When enabled, cache purge will now catch all requests with
PURGE (or specified) method, even if cache isn't configured.
Previously, it would pass such requests to the upstream.
2012-12-07 VERSION 2.0
* Add alternative "same location" syntax.
From CloudFlare.
2012-07-02 VERSION 1.6
* Fix compatibility with nginx-1.3.2+.
Reported by MagicBear, patch from Ruslan Ermilov.
2011-12-20 VERSION 1.5
* Fix on-disk cache size calculation.
Since the initial release, recorded on-disk cache size was
decreased twice for purged content (once during cache purge
and once during subsequent cache update).
This resulted in recorded on-disk cache size being much
smaller than in reality, which could lead to on-disk cache
outgrowing defined "max_size" parameter.
Patch from Pyry Hakulinen.
2011-10-05 VERSION 1.4
* Add AIO support.
Requested by Emin Hasanov.
2011-05-03 VERSION 1.3
* Fix compatibility with nginx-1.0.1.
Reported by Sergey A. Osokin and Markus Linnala.
2010-08-29
* Fix compatibility with nginx-0.8.0 and versions older than
nginx-0.7.60.
2010-08-11 VERSION 1.2
* Fix various build scenarios with disabled upstream modules.
Reported by Johan Bergstroem.
* Add ability to purge content from SCGI's cache.
Requested by Johan Bergstroem.
2010-06-08 VERSION 1.1
* Fix compatibility with nginx-0.8.40+.
* Add ability to purge content from uWSGI's cache.
2010-01-10 VERSION 1.0
* Initial module release.
2009-11-17
* Fix patch compatibility with nginx-0.8.11+.
Reported by Bing Ran.
2009-08-11
* Initial patch release.

26
modules_deb/libnginx-mod-http-cache-purge-2.5.3/LICENSE
View file

@ -1,26 +0,0 @@
Copyright (c) 2009-2014, FRiCKLE <info@frickle.com>
Copyright (c) 2009-2014, Piotr Sikora <piotr.sikora@frickle.com>
All rights reserved.
This project was fully funded by yo.se.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

283
modules_deb/libnginx-mod-http-cache-purge-2.5.3/README.md
View file

@ -1,283 +0,0 @@
About
=====
`ngx_cache_purge` is `nginx` module which adds ability to purge content from
`FastCGI`, `proxy`, `SCGI` and `uWSGI` caches. A purge operation removes the
content with the same cache key as the purge request has.
Sponsors
========
Work on the original patch was fully funded by [yo.se](http://yo.se).
Status
======
This module is production-ready.
Configuration directives (same location syntax)
===============================================
fastcgi_cache_purge
-------------------
* **syntax**: `fastcgi_cache_purge on|off|<method> [purge_all] [from all|<ip> [.. <ip>]]`
* **default**: `none`
* **context**: `http`, `server`, `location`
Allow purging of selected pages from `FastCGI`'s cache.
proxy_cache_purge
-----------------
* **syntax**: `proxy_cache_purge on|off|<method> [purge_all] [from all|<ip> [.. <ip>]]`
* **default**: `none`
* **context**: `http`, `server`, `location`
Allow purging of selected pages from `proxy`'s cache.
scgi_cache_purge
----------------
* **syntax**: `scgi_cache_purge on|off|<method> [purge_all] [from all|<ip> [.. <ip>]]`
* **default**: `none`
* **context**: `http`, `server`, `location`
Allow purging of selected pages from `SCGI`'s cache.
uwsgi_cache_purge
-----------------
* **syntax**: `uwsgi_cache_purge on|off|<method> [purge_all] [from all|<ip> [.. <ip>]]`
* **default**: `none`
* **context**: `http`, `server`, `location`
Allow purging of selected pages from `uWSGI`'s cache.
Configuration directives (separate location syntax)
===================================================
fastcgi_cache_purge
-------------------
* **syntax**: `fastcgi_cache_purge zone_name key`
* **default**: `none`
* **context**: `location`
Sets area and key used for purging selected pages from `FastCGI`'s cache.
proxy_cache_purge
-----------------
* **syntax**: `proxy_cache_purge zone_name key`
* **default**: `none`
* **context**: `location`
Sets area and key used for purging selected pages from `proxy`'s cache.
scgi_cache_purge
----------------
* **syntax**: `scgi_cache_purge zone_name key`
* **default**: `none`
* **context**: `location`
Sets area and key used for purging selected pages from `SCGI`'s cache.
uwsgi_cache_purge
-----------------
* **syntax**: `uwsgi_cache_purge zone_name key`
* **default**: `none`
* **context**: `location`
Sets area and key used for purging selected pages from `uWSGI`'s cache.
Configuration directives (Optional)
===================================================
cache_purge_response_type
-----------------
* **syntax**: `cache_purge_response_type html|json|xml|text`
* **default**: `html`
* **context**: `http`, `server`, `location`
Sets a response type of purging result.
Partial Keys
============
Sometimes it's not possible to pass the exact key cache to purge a page. For example; when the content of a cookie or the params are part of the key.
You can specify a partial key adding an asterisk at the end of the URL.
curl -X PURGE /page*
The asterisk must be the last character of the key, so you **must** put the $uri variable at the end.
Sample configuration (same location syntax)
===========================================
http {
proxy_cache_path /tmp/cache keys_zone=tmpcache:10m;
server {
location / {
proxy_pass http://127.0.0.1:8000;
proxy_cache tmpcache;
proxy_cache_key "$uri$is_args$args";
proxy_cache_purge PURGE from 127.0.0.1;
}
}
}
Sample configuration (same location syntax - purge all cached files)
====================================================================
http {
proxy_cache_path /tmp/cache keys_zone=tmpcache:10m;
server {
location / {
proxy_pass http://127.0.0.1:8000;
proxy_cache tmpcache;
proxy_cache_key "$uri$is_args$args";
proxy_cache_purge PURGE purge_all from 127.0.0.1 192.168.0.0/8;
}
}
}
Sample configuration (separate location syntax)
===============================================
http {
proxy_cache_path /tmp/cache keys_zone=tmpcache:10m;
server {
location / {
proxy_pass http://127.0.0.1:8000;
proxy_cache tmpcache;
proxy_cache_key "$uri$is_args$args";
}
location ~ /purge(/.*) {
allow 127.0.0.1;
deny all;
proxy_cache tmpcache;
proxy_cache_key "$1$is_args$args";
}
}
}
Sample configuration (Optional)
===============================================
http {
proxy_cache_path /tmp/cache keys_zone=tmpcache:10m;
cache_purge_response_type text;
server {
cache_purge_response_type json;
location / { #json
proxy_pass http://127.0.0.1:8000;
proxy_cache tmpcache;
proxy_cache_key "$uri$is_args$args";
}
location ~ /purge(/.*) { #xml
allow 127.0.0.1;
deny all;
proxy_cache tmpcache;
proxy_cache_key "$1$is_args$args";
cache_purge_response_type xml;
}
location ~ /purge2(/.*) { # json
allow 127.0.0.1;
deny all;
proxy_cache tmpcache;
proxy_cache_key "$1$is_args$args";
}
}
server {
location / { #text
proxy_pass http://127.0.0.1:8000;
proxy_cache tmpcache;
proxy_cache_key "$uri$is_args$args";
}
location ~ /purge(/.*) { #text
allow 127.0.0.1;
deny all;
proxy_cache tmpcache;
proxy_cache_key "$1$is_args$args";
}
location ~ /purge2(/.*) { #html
allow 127.0.0.1;
deny all;
proxy_cache tmpcache;
proxy_cache_key "$1$is_args$args";
cache_purge_response_type html;
}
}
}
Solve problems
==============
* Enabling [`gzip_vary`](https://nginx.org/r/gzip_vary) can lead to different results when clearing, when enabling it, you may have problems clearing the cache. For reliable operation, you can disable [`gzip_vary`](https://nginx.org/r/gzip_vary) inside the location [#20](https://github.com/nginx-modules/ngx_cache_purge/issues/20).
Testing
=======
`ngx_cache_purge` comes with complete test suite based on [Test::Nginx](http://github.com/agentzh/test-nginx).
You can test it by running:
`$ prove`
License
=======
Copyright (c) 2009-2014, FRiCKLE <info@frickle.com>
Copyright (c) 2009-2014, Piotr Sikora <piotr.sikora@frickle.com>
All rights reserved.
This project was fully funded by yo.se.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
See also
========
- [ngx_slowfs_cache](http://github.com/FRiCKLE/ngx_slowfs_cache).
- http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#purger
- http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_cache_purge
- https://github.com/wandenberg/nginx-selective-cache-purge-module
- https://github.com/wandenberg/nginx-sorted-querystring-module
- https://github.com/ledgetech/ledge
- [Faking Surrogate Cache-Keys for Nginx Plus](https://www.innoq.com/en/blog/faking-surrogate-cache-keys-for-nginx-plus/) ([gist](https://gist.github.com/titpetric/2f142e89eaa0f36ba4e4383b16d61474))
- [Delete NGINX cached md5 items with a PURGE with wildcard support](https://gist.github.com/nosun/0cfb58d3164f829e2f027fd37b338ede)

31
modules_deb/libnginx-mod-http-cache-purge-2.5.3/config
View file

@ -1,31 +0,0 @@
if [ "$HTTP_PROXY" = "YES" ]; then
have=NGX_HTTP_PROXY . auto/have
fi
if [ "$HTTP_FASTCGI" = "YES" ]; then
have=NGX_HTTP_FASTCGI . auto/have
fi
if [ "$HTTP_SCGI" = "YES" ]; then
have=NGX_HTTP_SCGI . auto/have
fi
if [ "$HTTP_UWSGI" = "YES" ]; then
have=NGX_HTTP_UWSGI . auto/have
fi
ngx_addon_name=ngx_http_cache_purge_module
CACHE_PURGE_SRCS="$ngx_addon_dir/ngx_cache_purge_module.c"
if [ -n "$ngx_module_link" ]; then
ngx_module_type=HTTP
ngx_module_name="$ngx_addon_name"
ngx_module_srcs="$CACHE_PURGE_SRCS"
. auto/module
else
HTTP_MODULES="$HTTP_MODULES $ngx_addon_name"
NGX_ADDON_SRCS="$NGX_ADDON_SRCS $CACHE_PURGE_SRCS"
fi
have=NGX_CACHE_PURGE_MODULE . auto/have

74
modules_deb/libnginx-mod-http-cache-purge-2.5.3/debian/changelog
View file

@ -1,74 +0,0 @@
libnginx-mod-http-cache-purge (1:2.5.3-3) unstable; urgency=medium
* d/control: update my email to janmojzis@debian.org
* d/copyright: update my email to janmojzis@debian.org
* d/control: bump Standards-Version: 4.7.2, no changes
* d/copyright: bump debian/* copyright year
* d/watch: use more generic template
-- Jan Mojžíš <janmojzis@debian.org> Fri, 11 Apr 2025 14:26:56 +0200
libnginx-mod-http-cache-purge (1:2.5.3-2) unstable; urgency=medium
* d/changelog fix closed bug number 1019003 -> 1055742 (Closes: 1055742)
-- Jan Mojžíš <jan.mojzis@gmail.com> Fri, 21 Jun 2024 19:34:05 +0200
libnginx-mod-http-cache-purge (1:2.5.3-1) unstable; urgency=medium
* switch to a new upstream
https://github.com/nginx-modules/ngx_cache_purge
(Closes: 1072836) (Closes: 1055742)
* d/p/dynamic-module.patch remove, fixed in upstream
* d/p/segfault-1.11.6.patch remove, fixed in upstream
* d/t/purgetest added
* d/copyright: bump my copyright year
* d/gbp.conf: add [pull] track-missing = True
* d/control: bump Standards-Version: 4.7.0, no changes
-- Jan Mojžíš <jan.mojzis@gmail.com> Fri, 21 Jun 2024 13:36:53 +0200
libnginx-mod-http-cache-purge (1:2.3-6) unstable; urgency=medium
* d/control: remove Build-Depends nginx-abi-1.24.0-1
-- Jan Mojžíš <jan.mojzis@gmail.com> Sat, 07 Oct 2023 15:31:25 +0200
libnginx-mod-http-cache-purge (1:2.3-5) unstable; urgency=medium
* NEW ABI: rebuild with nginx-abi-1.24.0-1
-- Jan Mojžíš <jan.mojzis@gmail.com> Tue, 27 Jun 2023 23:16:35 +0200
libnginx-mod-http-cache-purge (1:2.3-4) unstable; urgency=medium
* d/t/generic rework. The test now checks module after
installation/reload/restart.
* d/control: bump Standards-Version: 4.6.2, no changes
* d/gbb.conf: switched to debian branch main (debian-branch = main)
* d/copyright: bump my copyright year
* d/copyright: reformat text to be compatible with 'cme update dpkg-copyright'
* NEW ABI: rebuild with nginx-abi-1.22.1-7
-- Jan Mojžíš <jan.mojzis@gmail.com> Mon, 13 Feb 2023 12:56:14 +0100
libnginx-mod-http-cache-purge (1:2.3-3) unstable; urgency=medium
* d/copyright: fixed typo (empty line ngx_cache_purge_module.c)
-- Jan Mojžíš <jan.mojzis@gmail.com> Fri, 09 Dec 2022 14:50:48 +0100
libnginx-mod-http-cache-purge (1:2.3-2) experimental; urgency=medium
* d/control: added Multi-Arch: foreign
* d/copyright: add Igor Sysoev + Nginx, Inc.
-- Jan Mojžíš <jan.mojzis@gmail.com> Mon, 05 Dec 2022 21:15:13 +0100
libnginx-mod-http-cache-purge (1:2.3-1) experimental; urgency=medium
* Initial release. (Closes: 1024213)
* Additional info: The separate package libnginx-mod-http-cache-purge ships
newest version of ngx_cache_purge (Closes: 911099)
-- Jan Mojžíš <jan.mojzis@gmail.com> Wed, 30 Nov 2022 14:46:45 +0100

23
modules_deb/libnginx-mod-http-cache-purge-2.5.3/debian/control
View file

@ -1,23 +0,0 @@
Source: libnginx-mod-http-cache-purge
Section: httpd
Priority: optional
Maintainer: Debian Nginx Maintainers <pkg-nginx-maintainers@alioth-lists.debian.net>
Uploaders: Jan Mojžíš <janmojzis@debian.org>,
Build-Depends: debhelper-compat (= 13),
dh-sequence-nginx,
Standards-Version: 4.7.2
Homepage: https://github.com/FRiCKLE/ngx_cache_purge
Vcs-Git: https://salsa.debian.org/nginx-team/libnginx-mod-http-cache-purge.git
Vcs-Browser: https://salsa.debian.org/nginx-team/libnginx-mod-http-cache-purge
Rules-Requires-Root: no
Package: libnginx-mod-http-cache-purge
Architecture: any
Multi-Arch: foreign
Depends: ${misc:Depends},
${shlibs:Depends},
Recommends: nginx,
Description: Purge content from Nginx caches
Cache Purge module adds purging capabilities to Nginx. It allows purging
content from caches used by all of Nginx proxy modules, like FastCGI, Proxy,
SCGI and uWSGI.

36
modules_deb/libnginx-mod-http-cache-purge-2.5.3/debian/copyright
View file

@ -1,36 +0,0 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: ngx_cache_purge
Upstream-Contact: FRiCKLE <info@frickle.com>
Source: https://github.com/FRiCKLE/ngx_cache_purge
Files: *
Copyright: 2009-2014, Piotr Sikora <piotr.sikora@frickle.com>
2009-2014, FRiCKLE <info@frickle.com>
License: BSD-2-clause
Files: debian/*
Copyright: 2022, Miao Wang <shankerwangmiao@gmail.com>
2022-2025, Jan Mojzis <janmojzis@debian.org>
License: BSD-2-clause
License: BSD-2-clause
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

12
modules_deb/libnginx-mod-http-cache-purge-2.5.3/debian/gbp.conf
View file

@ -1,12 +0,0 @@
[DEFAULT]
debian-branch = main
upstream-branch = upstream
upstream-tag = upstream/%(version)s
pristine-tar = True
sign-tags = True
[import-orig]
merge-mode = replace
[pull]
track-missing = True

Some files were not shown because too many files have changed in this diff Show more