www/nginx-devel: fix dependences for some modules

HTTP_DAV_EXT module requires libraries, so let's define them
with a more canonical way.
While I'm here use the same way to define dependences for the
HTTP_XSLT module as well.

PR:	261134

www/nginx-devel: able to build with security/openssl-quictls

While I'm here fix a typo in a start-up template, introduced in
c42df2fcbbeccbfb2d57f4d6d7558493d512d732.

Bump PORTREVISION.

Differential Revision:	https://reviews.freebsd.org/D33773
Reviewed by:		pluknet

www/nginx-devel: remove rpath-specific configure options

Bump PORTREVISION.

www/nginx-devel: able to customize the stop signal

Bump PORTREVISION.

PR:	254962

www/nginx-devel: initial support for HTTPv3

Bump PORTREVISION.

Based on ideas from:	ashish

www/nginx-devel: update third-party opentracing module

Update third-party opentracing module to its recent commit.
Bump PORTREVISION.

www/nginx-devel: update third-party http_substitutions_filter module

Update the third-party module to its recent version to support
both PCRE1 and PCRE2 libraries.

Bump PORTREVISION.

Idea from:	http://hg.nginx.org/pkg-oss/rev/45cb552c6860
Thanks to:	Mikhail Isachenkov <mikhail.isachenkov@nginx.com>

www/nginx-devel: choose PCRE library for build

NGINX 1.21.5 adds support for PCRE2 library, in addition to
support PCRE1.  It's possible to choose regular expression
library for the port now.

Please note: several modules are required patching to support
PCRE2 library, so let's keep PCRE1 as default version for now.

Bump PORTREVISION.

www/nginx-devel: update from 1.21.4 to 1.21.5.

Please note: it's possible to build the recent version of nginx
with PCRE2 library, but several third-party modules have some
build issues, so let's keep www/nginx-devel depends on PCRE1
library for now, but keep in mind it needs to switched to the
modern, i.e. second, version of PCRE.

<Changelog>

Changes with nginx 1.21.5

*) Change: now nginx is built with the PCRE2 library by default.

*) Change: now nginx always uses sendfile(SF_NODISKIO) on FreeBSD.

framework: Add new USES 'magick' for graphics/ImageMagick*

A new USES has been added to depend on ImageMagick.

	USES=magick

adds a LIB_DEPENDS on graphics/ImageMagick${IMAGEMAGICK_DEFAULT}.

If a specific version is required, use for example

	USES=magick:6        resp.     USES=magick:7

If only a build, run or test is required, use for example

	USES=magick:build    resp.     USES=magick:6,build,test

www/nginx-devel: update third-party passenger module

Bump PORTREVISION.

www/nginx-devel: update from 1.21.3 to 1.21.4.

New kernel TLS feature is available starting with FreeBSD 13.0,
and it requires OpenSSL 3.0, compiled with "enable-ktls" option.
Further, KTLS needs to be enabled in kernel, and in OpenSSL,
either via OpenSSL configuration file or with

  ssl_conf_command Options KTLS;

in nginx configuration.

To enable kernel TLS on FreeBSD 13 and above:

  # kldload ktls_ocf
  # sysctl kern.ipc.tls.enable=1

www/nginx-devel: Update deprecated CPE_VENDOR nginx to f5

Approved by:	portmgr (blanket)

www/nginx-devel: fix the Kerberos5 implementation knob name (*)

No functional changes, so do not bump PORTREVISION.

Introduced:	adc7097c90ee5e8db0d063200faa689034ac91f0 (*)

www/nginx-devel: update third-party SPNEGO module to it recent commit

Notify that one of the implementation of Kerberos5 needs to be chosen.

Bump PORTREVISION.

www/nginx-devel: update NGINX JavaScript module to 0.7.0.

Bump PORTREVISION.

<ChangeLog>

nginx modules:

*) Feature: added HTTPS support for Fetch API.

*) Feature: added setReturnValue() method.

Core:

*) Feature: introduced Async/Await implementation.

*: fix tab vs. space issues, and comments according to the guide.

www/nginx-devel: update third-party passenger module to 6.0.11

Bump PORTREVISION.

www/nginx-devel: regenerate distinfo in full

www/nginx-devel: update third-party modules

o) http_push (aka nchan)
o) rtmp

Remove needless patches.
Bump PORTREVISION.

www/nginx-devel: update PORTSCOUT.

No functional changes.

www/nginx-devel: update from 1.21.2 to 1.21.3.

<Changelog>

*) Change: optimization of client request body reading when using
   HTTP/2.

*) Bugfix: in request body filters internal API when using HTTP/2 and
   buffering of the data being processed.

</Changelog>

www/nginx-devel: update from 1.21.1 to 1.21.2.

While I'm here, fix build of the third-party ajp module by changing
a distribution point.

<Changelog>

*) Change: now nginx rejects HTTP/1.0 requests with the
   "Transfer-Encoding" header line.

*) Change: export ciphers are no longer supported.

*) Feature: OpenSSL 3.0 compatibility.

*) Feature: the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines

www/nginx-devel: update NGINX JavaScript module to 0.6.2.

<ChangeLog>
nginx modules:

*) Bugfix: fixed CPU hog when js_filter is registered
   in both directions.

Core:

*) Feature: introduced AggregateError implementation.

*) Feature: added remaining Promise constructor methods.
   The following methods were added: Promise.all(),
   Promise.allSettled(), Promise.any(), Promise.race().

www/nginx-devel: update third-party opentracing module to a recent commit.

Bump PORTREVISION.

www/nginx-devel: update third-party modules

o) lua: from 0.10.19 to 0.10.20;
o) modsecurity3: from 1.0.1 to 1.0.2.

Bump PORTREVISION.

www/nginx-devel: update third-party Passenger module to 6.0.10.

www/nginx-devel: update from 1.21.0 to 1.21.1.

<Changelog>

*) Change: now nginx always returns an error for the CONNECT method.

*) Change: now nginx always returns an error if both "Content-Length"
   and "Transfer-Encoding" header lines are present in the request.

*) Change: now nginx always returns an error if spaces or control
   characters are used in the request line.

*) Change: now nginx always returns an error if spaces or control
   characters are used in a header name.

www/nginx-devel: update NGINX JavaScript module to 0.6.1.

<ChangeLog>

*) Bugfix: fixed RegExpBuiltinExec() with UTF-8 only regexps.
   The bug was introduced in 0.4.2.

*) Bugfix: fixed parsing of export default declaration with
   non-assignment expressions.
   Thanks to Artem S. Povalyukhin.

</ChangeLog>

www/nginx-devel: update NGINX JavaScript module to 0.6.0.

Bump PORTREVISION.

<ChangeLog for njs 0.5.3>

Core:

*) Feature: added let and const declaration support.

*) Feature: added RegExp.prototype[Symbol.split].

*) Feature: added sticky flag support for RegExp.

*) Bugfix: fixed heap-buffer-overflow in

www/nginx-devel: security update from 1.20.0 to 1.21.0.

Security:	0882f019-bd60-11eb-9bdd-8c164567ca3c
Security:	CVE-2021-23017

<Changelog>

*) Security: 1-byte memory overwrite might occur during DNS server
   response processing if the "resolver" directive was used, allowing an
   attacker who is able to forge UDP packets from the DNS server to
   cause worker process crash or, potentially, arbitrary code execution
   (CVE-2021-23017).

*) Feature: variables support in the "proxy_ssl_certificate",
   "proxy_ssl_certificate_key" "grpc_ssl_certificate",

Port should not change its name depending on options.

www/nginx-devel: welcome to the new stable release 1.20.0.

www/nginx-devel: update third-party vod module to 1.27

www/nginx-devel: move third-party module definition to Makefile.extmod.

www/nginx-devel: update from 1.19.9 to 1.19.10.

<Changelog>

*) Change: the default value of the "keepalive_requests" directive was
   changed to 1000.

*) Feature: the "keepalive_time" directive.

*) Feature: the $connection_time variable.

*) Workaround: "gzip filter failed to use preallocated memory" alerts
   appeared in logs when using zlib-ng.

</Changelog>

Update the patches for third-party passenger module.

The issue was introduced by:	2e741e74b8db691f3cae0abf8482ade801fb74f4
PR:	254824

all: Remove all other $FreeBSD keywords.

Remove # $FreeBSD$ from Makefiles.

Update passenger and its nginx module from 6.0.7 to 6.0.8.

Bump PORTREVISION for www/nginx-devel.

Update from 1.19.8 to 1.19.9.

Update NGINX JavaScript module from 0.5.2 to 0.5.3.
Remove needless patches.

<ChangeLog for nginx 1.19.9>

*) Bugfix: nginx could not be built with the mail proxy module, but
   without the ngx_mail_ssl_module; the bug had appeared in 1.19.8.

*) Bugfix: "upstream sent response body larger than indicated content
   length" errors might occur when working with gRPC backends; the bug
   had appeared in 1.19.1.

*) Bugfix: nginx might not close a connection till keepalive timeout

Run NJS module's configure script in the configure phase.
While I'm here update the NJS module description.

Bump PORTREVISION.

Add another patch to fix build the mail module
without SSL support.

Update from 1.19.7 to 1.19.8.
Add the vendor's patch to build mail module without SSL support.

<Changelog>

*) Feature: flags in the "proxy_cookie_flags" directive can now contain
   variables.

*) Feature: the "proxy_protocol" parameter of the "listen" directive,
   the "proxy_protocol" and "set_real_ip_from" directives in mail proxy.

*) Bugfix: HTTP/2 connections were immediately closed when using
   "keepalive_timeout 0"; the bug had appeared in 1.19.7.

*) Bugfix: some errors were logged as unknown if nginx was built with
   glibc 2.32.

*) Bugfix: in the eventport method.

</Changelog>

Update NGINX JavaScript module from 0.5.1 to 0.5.2.

Bump PORTREVISION.

Remove redundant option descriptions that match the default ones

(ignoring case)

Reported by:	danfe (for net/mosquitto), portscan

Fix the port build by changing a third-party module
distribution on GH.
Bump PORTREVISION.

PR:	253700

Refresh the kernel TLS patch.

This functionality is available with the following prerequisites:
o) security/openssl built from ports with the kTLS options defined;
o) FreeBSD 13.

Bump PORTREVISION.

Submitted by:	jhb
Obtained from:	https://github.com/nginx/nginx/compare/master...bsdjhb:ktls.patch

Update from 1.19.6 to 1.19.7.
Update njs module from 0.5.0 to 0.5.1.
Update third-party auth_ldap module to its recent commit.

<Changelog>

Changes with nginx 1.19.7                                        16 Feb 2021

*) Change: connections handling in HTTP/2 has been changed to better
   match HTTP/1.x; the "http2_recv_timeout", "http2_idle_timeout", and
   "http2_max_requests" directives have been removed, the
   "keepalive_timeout" and "keepalive_requests" directives should be
   used instead.

*) Change: the "http2_max_field_size" and "http2_max_header_size"

Fix PROPFIND fail with 500 on simlinks to non exist file/dir
when nginx compiled with the third-party http_dav_ext module.

Bump PORTREVISION.

PR:	220871

Update the following third-party modules to their recent revisions:
o) drizzle
o) echo

Bump PORTREVISION.

Update the following third-party modules to their recent
commits or versions:

o) aws_auth
o) brotli
o) http_shibboleth
o) set_misc
o) srcache

Bump PORTREVISION.

Merge r558438 from www/nginx, i.e. update the following
third-party modules to their recent versions:
o) fancyindex
o) http_geoip2

Bump PORTREVISION.

Update from 1.19.5 to 1.19.6.

<Changelog>

*) Bugfix: "no live upstreams" errors if a "server" inside "upstream"
   block was marked as "down".

*) Bugfix: a segmentation fault might occur in a worker process if HTTPS
   was used; the bug had appeared in 1.19.5.

*) Bugfix: nginx returned the 400 response on requests like
   "GET http://example.com?args HTTP/1.0".

*) Bugfix: in the ngx_http_flv_module and ngx_http_mp4_module.
   Thanks to Chris Newton.

</Changelog>

Fix a worker process issue by adding the vendor's patch.
Bump PORTREVISION.

Reported by:	Peter Putzer <freebsd@mnd.sc>

<ChangeLog>
SSL: fixed SSL shutdown on lingering close.

Ensure c->recv is properly reset to ngx_recv if SSL_shutdown()
blocks on writing.

The bug had appeared in 554c6ae25ffc.
</ChangeLog>

PR:	251664

Update njs module from 0.4.4 to 0.5.0.
Bump PORTREVISION.

<ChangeLog>
nginx modules:

*) Feature: introduced global "ngx" object.
   The following methods were added:
     ngx.log(level, msg)

   The following properties were added:
     ngx.INFO,
     ngx.WARN,
     ngx.ERR.

Update third-party naxsi module from 1.2 to 1.3.

ChangeLog:	https://github.com/nbs-system/naxsi/compare/1.2...1.3

Bump PORTREVISION.

Update third-party passenger module from 6.0.6 to 6.0.7.

ChangeLog:	https://github.com/phusion/passenger/compare/release-6.0.6...release-6.0.7

Bump PORTREVISION.

Update from 1.19.4 to 1.19.5.

<Changelog>

*) Feature: the -e switch.

*) Feature: the same source files can now be specified in different
   modules while building addon modules.

*) Bugfix: SSL shutdown did not work when lingering close was used.

*) Bugfix: "upstream sent frame for closed stream" errors might occur
   when working with gRPC backends.

*) Bugfix: in request body filters internal API.

</Changelog>

Update third-partu link function module from 3.2.3 to 3.2.4.

Bump PORTREVISION.

Update third-party naxsi module from 1.1a to 1.2.

Bump PORTREVISION.

Update third-partu lua module to the recent version.

Bump PORTREVISION.

Update the kernel TLS patch to make all hunks succeeded.
Bump PORTREVISION.

Update from 1.19.3 to 1.19.4.
Remove needless patches.

<Changelog>

*) Feature: the "ssl_conf_command", "proxy_ssl_conf_command",
   "grpc_ssl_conf_command", and "uwsgi_ssl_conf_command" directives.

*) Feature: the "ssl_reject_handshake" directive.

*) Feature: the "proxy_smtp_auth" directive in mail proxy.

</Changelog>

Update third-party naxsi module from 0.56 to 1.1a.
Bump PORTREVISION.

Bump PORTREVISION for www/libjwt shlib change

Actually add the patch for r550845.

Re-add the patch from r550699 to fix build with -fno-common for
the third-party nchan module.

Bump PORTREVISION.

Spotted by:	vanilla

Fix build with -fno-common.
Bump PORTREVISION.

Submitted by:	vanilla

Merge r549093 to fix build with -fno-common.
Bump PORTREVISION.

Spotted by:	vanilla

Update nginx from 1.19.2 to 1.19.3.
Update njs module from 0.4.3 to 0.4.4.

<Changelog for nginx 1.19.3>

*) Feature: the ngx_stream_set_module.

*) Feature: the "proxy_cookie_flags" directive.

*) Feature: the "userid_flags" directive.

*) Bugfix: the "stale-if-error" cache control extension was erroneously
   applied if backend returned a response with status code 500, 502,
   503, 504, 403, 404, or 429.

Add the corresponding library path to the patch for the
third-party http_auth_spnego module.

The third-party http_auth_spnego module may not work with
in-base Kerberos implementation because of gss_locaname()
function usage, so remove the GSSAPI_BASE option from the
GSSAPI radio button.

Bump PORTREVISION.

Update third-party tarantool module to its recent commit.

Bump PORTREVISION.

Update third-party spnego-http-auth module to its recent version.

Bump PORTREVISION.

Partially merge r545592 from www/nginx.

- Fix broken build after NJS update (missing USES+=libedit)

Bump PORTREVISION.

Partially revert back r533146 cause upstream_check third-party
dynamic module can't work as expected, so let's keep it static
for now.

Bump PORTREVISION.

PR:	247523

Update PLIST according to the recent change.

Bump PORTREVISION.

Update third-party dynamic_upstream module.
Add third-party dynamic_healthcheck module.

Bump PORTREVISION.

Update third-party modules to their recent releases:

o) ip2proxy-nginx
o) slact-nchan

Bump PORTREVISION.

Update nginx from 1.19.1 to 1.19.2.
Update njs module from 0.4.2 to 0.4.3.

While I'm here soften some variables and target definitions to
prepare the port for a separate build of dynamic modules.

<Changelog for nginx 1.19.2>

*) Change: now nginx starts closing keepalive connections before all
   free worker connections are exhausted, and logs a warning about this
   to the error log.

*) Change: optimization of client request body reading when using
   chunked transfer encoding.

Update passenger and its third-party module for www/nginx-devel
from 6.0.5 to 6.0.6.

Update the following third-party modules to their new versions:
o) cache_purge
o) clojure

Bump PORTREVISION.

Update third-party brotli module to v1.0.0rc.

Bump PORTREVISION.

Update from 1.19.0 to 1.19.1.

<ChangeLog>

*) Change: the "lingering_close", "lingering_time", and
   "lingering_timeout" directives now work when using HTTP/2.

*) Change: now extra data sent by a backend are always discarded.

*) Change: now after receiving a too short response from a FastCGI
   server nginx tries to send the available part of the response to the
   client, and then closes the client connection.

*) Change: now after receiving a response with incorrect length from a
   gRPC backend nginx stops response processing with an error.

Update third-party modules:

o) lua from 0.10.15 to 0.10.17
o) njs from 0.4.1 to 0.4.2

Bump PORTREVISION.

<ChangeLog for njs 0.4.2>

Core:

*) Feature: added RegExp.prototype[Symbol.replace].

*) Feature: introduced line level backtrace.

Move NJS knob out of the HTTP group cause NGINX JavaScript module
distribution provides modules for http and stream (tcp/udp).

Bump PORTREVISION.

Add kernel TLS option.

It's possible to build nginx on FreeBSD13 with security/openssl
port, compiled with kernel TLS option as well.

Bump PORTREVISION.

Based
on:	https://github.com/nginx/nginx/compare/branches/stable-1.16...bsdjhb:ktls-1.16
Reviewed by:	jhb
Tested by:	jhb

Update passenger and its third-party module from
6.0.4 to 6.0.5.

Bump PORTREVISION for www/nginx-devel.

Merge r538002 from www/nginx.

Update 3rd party module nginx-link-function to 3.2.3.

Bump PORTREVISION.

Merge r537527 and r537550 from www/nginx:

1. Switch with the nginx-upload-module to fdintino, they support http/2:        
                                                       
https://github.com/fdintino/nginx-upload-module/.

2. Update 3rd party module nginx-link-function to 3.2.2.

Bump PORTREVISION.

PR:	246746 [1]
	246897 [2]

Update nginx from 1.18.0 to 1.19.0.

<ChangeLog>

*) Feature: client certificate validation with OCSP.

*) Bugfix: "upstream sent frame for closed stream" errors might occur
   when working with gRPC backends.

*) Bugfix: OCSP stapling might not work if the "resolver" directive was
   not specified.

*) Bugfix: connections with incorrect HTTP/2 preface were not logged.

</ChangeLog>

Update njs module from 0.4.0 to 0.4.1.

While I'm here add '--with-compat' option to the configure script
to enable dynamic modules compatibility.

<ChangeLog>

*) Feature: added support for multi-value headers in r.headersIn.

*) Feature: introduced raw headers API.

*) Feature: added TypedScript API description.

Core:

*) Bugfix: fixed Array.prototype.slice() for sparse arrays.

</ChangeLog>

Remove legacy third-party modules:

o) modsecurity2
o) fastdfs

All modules, including all third-party modules, are dynamic now.

Bump PORTREVISION.

Add third-party opentracing dynamic module.

Bump PORTREVISION.

Add cookie_flag third-party dynamic module.

While I'm here create a description for STREAM related
modules.

Bump PORTREVISION.

- update libgd to 2.3.0
- new option RAQM
- resurrect deprecated gdlib-config
- bump dependend ports

Convert third-party ngx_http_h264_streaming module to dynamic.

Bump PORTREVISION.

Add missing patches for r533146.

Pointy hat:	osa

Convert another 3 third-party modules to dynamic:

o) ngx_http_subs_filter
o) ngx_http_upstream_check
o) ngx_http_response

Bump PORTREVISION.

Convert another 3 third-party modules to dynamic:

o) http_json_status
o) http_mogilefs
o) http_notice

Bump PORTREVISION.