| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Special thanks to: pluknet
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bump PORTREVISION for www/nginx-devel.
<ChangeLog>
* Adds support for arm (aarch64) rpm packages.
* Adds Ubuntu 23.04 "Lunar" packages, removes Ubuntu 22.10
"Kinetic" packages.
* Removes packages for Debian 9 "Stretch" (EOL June 2022).
* [RPM] Changes to building Nginx module packages for the latest
supported Nginx module stream instead of the default.
* [Ruby] Makes Passenger more resilient to invalid byte sequences
when loading the Ruby native extension. Contributed by Drew Wells.
* [Ruby] Add an `unhandled_exception_before_exit` event callback.
Contributed by James Tomson.
* [Nginx] Upgrades preferred Nginx to 1.24.0 from 1.22.1.
* Updated various library versions used in precompiled binaries
(used for e.g. gem installs):
- cmake: 3.25.1 -> 3.26.4
- curl: 7.87.0 -> 8.1.2
- git: 2.39.0 -> 2.41.0
- gnupg: 2.4.0 -> 2.4.2
- libgcrypt: 1.10.1 -> 1.10.2
- libgpg_error: 1.46 -> 1.47
- openssl: 3.0.7 -> 3.1.1
- rubygems: 3.4.3 -> 3.4.13
- zstd: 1.5.2 -> 1.5.5
- rubies:
- 2.7.7 -> 2.7.8
- 3.0.5 -> 3.0.6
- 3.1.3 -> 3.1.4
- 3.2.0 -> 3.2.2
</ChangeLog>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable HTTPv3 protocol by default.
Remove third-party clojure module due to a build issue.
The OpenSSL compatibility layer, which emulates BoringSSL
QUIC API for OpenSSL, is enabled by default, and 0-RTT is
not supported in this mode.
Alternativly, it's possible to build nginx with a third-party
library from ports tree, that provides QUIC support:
o) BoringSSL
o) LibreSSL
o) QuicTLS
<Changelog>
*) Feature: experimental HTTP/3 support.
</Changelog>
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
|
| |
o) clojure to 0.6.0;
o) vts to its recent commit on GH.
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
|
|
|
| |
Resurrect GSSAPI radio button for http_auth_krb5 module, last one
builds just fine with both implementations now.
While I'm here:
o) sort pkg-plist;
o) update portscout.
Bump PORTREVISION.
|
| |
|
|
|
|
| |
Remove the following broken third-party modules:
o) dynamic_hc
o) small_light
|
| |
|
|
|
|
| |
Bump PORTREVISION.
PR: 270523
|
| |
|
|
| |
Bump PORTREVISION for www/nginx-devel.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
| |
Remove the upstreamed patch.
Bump PORTREVISION.
|
| |
|
|
|
|
| |
Update third-party passenger module for www/nginx-devel. (*)
Bump PORTREVISION. (*)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update HTTPv3/QUIC patch.
<Changelog>
*) Bugfix: an error might occur when reading PROXY protocol version 2
header with large number of TLVs.
*) Bugfix: a segmentation fault might occur in a worker process if SSI
was used to process subrequests created by other modules.
Thanks to Ciel Zhao.
*) Workaround: when a hostname used in the "listen" directive resolves
to multiple addresses, nginx now ignores duplicates within these
addresses.
*) Bugfix: nginx might hog CPU during unbuffered proxying if SSL
connections to backends were used.
</Changelog>
|
| |
|
|
|
|
|
| |
It's possible now to build NGINX HTTPv3/QUIC implementation with
another the LibreSSL 3.6.0.
Bump PORTREVISION.
|
| |
|
|
| |
Update third-party Passenger module for www/nginx-devel.
|
| |
|
|
|
|
|
| |
o) update third-party lua module 0.10.21 -> 0.10.22
o) update third-party http_shibboleth to the recent commit
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
| |
Bump PORTREVISION.
PR: 265969
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the HTTPv3/QUIC patch.
<Changelog>
*) Feature: memory usage optimization in configurations with SSL
proxying.
*) Feature: looking up of IPv4 addresses while resolving now can be
disabled with the "ipv4=off" parameter of the "resolver" directive.
*) Change: the logging level of the "bad key share", "bad extension",
"bad cipher", and "bad ecpoint" SSL errors has been lowered from
"crit" to "info".
*) Bugfix: while returning byte ranges nginx did not remove the
"Content-Range" header line if it was present in the original backend
response.
*) Bugfix: a proxied response might be truncated during reconfiguration
on Linux; the bug had appeared in 1.17.5.
</Changelog>
|
| |
|
|
|
|
|
| |
Reported by: pluknet
Patch from: pluknet
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
| |
Bump PORTREVISION.
Thanks to pluknet.
|
| |
|
|
|
|
|
|
|
| |
Remove third-party clojure module.
Fix build for third-party upload_progress module. (*)
Obtained from: https://github.com/masterzen/nginx-upload-progress-module/files/8980323/nginx_1.23.0.patch.txt (*)
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
| |
Remove third-party http_response module, no updates since Jan 10, 2011.
Update third-party upload_progress module to its recent version,
a patch still requires to build with 1.23.0.
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
| |
Update third-party naxsi module to 29793dc, it's compatible with
nginx 1.23.0 now, also now it's possible to build the module with
PCRE2 support.
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Please note: the following third-party modules are require additional
patches (marked IGNORE):
o) clojure
o) headers_more
o) http_push_stream
o) http_redis
o) http_response
o) http_upload_progress
o) http_upstream_sticky
o) http_zip
o) lua
o) naxsi
o) srcache
o) vod
<Changelog>
*) Change in internal API: now header lines are represented as linked
lists.
*) Change: now nginx combines arbitrary header lines with identical
names when sending to FastCGI, SCGI, and uwsgi backends, in the
$r->header_in() method of the ngx_http_perl_module, and during lookup
of the "$http_...", "$sent_http_...", "$sent_trailer_...",
"$upstream_http_...", and "$upstream_trailer_..." variables.
*) Bugfix: if there were multiple "Vary" header lines in the backend
response, nginx only used the last of them when caching.
*) Bugfix: if there were multiple "WWW-Authenticate" header lines in the
backend response and errors with code 401 were intercepted or the
"auth_request" directive was used, nginx only sent the first of the
header lines to the client.
*) Change: the logging level of the "application data after close
notify" SSL errors has been lowered from "crit" to "info".
*) Bugfix: connections might hang if nginx was built on Linux 2.6.17 or
newer, but was used on systems without EPOLLRDHUP support, notably
with epoll emulation layers; the bug had appeared in 1.17.5.
Thanks to Marcus Ball.
*) Bugfix: nginx did not cache the response if the "Expires" response
header line disabled caching, but following "Cache-Control" header
line enabled caching.
</Changelog>
|
| |
|
|
| |
No functional changes.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
|
| |
o) nchan (also know as http_push) from 1.2.12 to 1.2.15;
o) opentracing to 0.24.0.
Bump PORTREVISION.
|
| | |
|
| |
|
|
|
| |
Update the list of dependences for the module.
Bump PORTREVISION.
|
| |
|
|
|
|
|
| |
The Kerberos MIT implementation is the only one is supported by the
third-party spnego module, so remove needless staff.
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
| |
The extra-patch-httpv3 contains the README file now, previously a
diff for that file was omitted. To avoid a rejection for the README
file the original file from nginx distribution is going to be preserved.
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
|
|
| |
While I'm here fix a typo in a start-up template, introduced in
c42df2fcbbeccbfb2d57f4d6d7558493d512d732.
Bump PORTREVISION.
Differential Revision: https://reviews.freebsd.org/D33773
Reviewed by: pluknet
|
| |
|
|
|
|
| |
Bump PORTREVISION.
PR: 254962
|
| |
|
|
|
|
| |
Bump PORTREVISION.
Based on ideas from: ashish
|
| |
|
|
|
| |
Update third-party opentracing module to its recent commit.
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New kernel TLS feature is available starting with FreeBSD 13.0,
and it requires OpenSSL 3.0, compiled with "enable-ktls" option.
Further, KTLS needs to be enabled in kernel, and in OpenSSL,
either via OpenSSL configuration file or with
ssl_conf_command Options KTLS;
in nginx configuration.
To enable kernel TLS on FreeBSD 13 and above:
# kldload ktls_ocf
# sysctl kern.ipc.tls.enable=1
to load a software backend, see man ktls(4) for details.
Also, please visit the following link to get more details
https://hg.nginx.org/nginx/rev/65946a191197
<Changelog>
*) Change: support for NPN instead of ALPN to establish HTTP/2
connections has been removed.
*) Change: now nginx rejects SSL connections if ALPN is used by the
client, but no supported protocols can be negotiated.
*) Change: the default value of the "sendfile_max_chunk" directive was
changed to 2 megabytes.
*) Feature: the "proxy_half_close" directive in the stream module.
*) Feature: the "ssl_alpn" directive in the stream module.
*) Feature: the $ssl_alpn_protocol variable.
*) Feature: support for SSL_sendfile() when using OpenSSL 3.0.
*) Feature: the "mp4_start_key_frame" directive in the
ngx_http_mp4_module.
Thanks to Tracey Jaquith.
*) Bugfix: in the $content_length variable when using chunked transfer
encoding.
*) Bugfix: after receiving a response with incorrect length from a
proxied backend nginx might nevertheless cache the connection.
Thanks to Awdhesh Mathpal.
*) Bugfix: invalid headers from backends were logged at the "info" level
instead of "error"; the bug had appeared in 1.21.1.
*) Bugfix: requests might hang when using HTTP/2 and the "aio_write"
directive.
</Changelog>
|
| |
|
|
|
|
| |
Notify that one of the implementation of Kerberos5 needs to be chosen.
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| |
|
|
|
|
|
|
| |
o) http_push (aka nchan)
o) rtmp
Remove needless patches.
Bump PORTREVISION.
|
| |
|
|
| |
Bump PORTREVISION.
|
| | |
|
