04:15 osa 

Change location for third-party sticky module from bitbucket.org
to a fork on GH cause last one contains additional fixes.
Remove needless patch.

Bump PORTREVISION.

 

23:22 osa 

Upgrade from 1.15.0 to 1.15.1.

<ChangeLog>

*) Feature: the "random" directive inside the "upstream" block.

*) Feature: improved performance when using the "hash" and "ip_hash"
   directives with the "zone" directive.

*) Feature: the "reuseport" parameter of the "listen" directive now uses
   SO_REUSEPORT_LB on FreeBSD 12.

*) Bugfix: HTTP/2 server push did not work if SSL was terminated by a
   proxy server in front of nginx.

*) Bugfix: the "tcp_nopush" directive was always used on backend
   connections.

*) Bugfix: sending a disk-buffered request body to a gRPC backend might
   fail.

</ChangeLog>

 

23:15 osa 

Upgrade passenger and its third-party modules for www/nginx
and www/nginx-devel from 5.3.2 to 5.3.3.

 

20:40 osa 

Update third-party brotli module to its recent revision to
fix the socket leaks issue, please see next link for details:
https://github.com/eustas/ngx_brotli/issues/11

Bump PORTREVISION.

 

16:03 osa 

Upgrade passenger and its third-party modules for
www/nginx and www/nginx-devel from 5.3.1 to 5.3.2.

 

15:55 osa 

Upgrade third-party njs module to b4a58c4 (aka 0.2.2).

 

00:36 osa 

Upgrade from stable 1.14.0 release to recent release
from mainline - 1.15.0.

<ChangeLog>

*) Change: the "ssl" directive is deprecated; the "ssl" parameter of the
   "listen" directive should be used instead.

*) Change: now nginx detects missing SSL certificates during
   configuration testing when using the "ssl" parameter of the "listen"
   directive.

*) Feature: now the stream module can handle multiple incoming UDP
   datagrams from a client within a single session.

*) Bugfix: it was possible to specify an incorrect response code in the
   "proxy_cache_valid" directive.

*) Bugfix: nginx could not be built by gcc 8.1.

*) Bugfix: logging to syslog stopped on local IP address changes.

*) Bugfix: nginx could not be built by clang with CUDA SDK installed;
   the bug had appeared in 1.13.8.

*) Bugfix: "getsockopt(TCP_FASTOPEN) ... failed" messages might appear
   in logs during binary upgrade when using unix domain listen sockets
   on FreeBSD.

*) Bugfix: nginx could not be built on Fedora 28 Linux.

*) Bugfix: request processing rate might exceed configured rate when
   using the "limit_req" directive.

*) Bugfix: in handling of client addresses when using unix domain listen
   sockets to work with datagrams on Linux.

*) Bugfix: in memory allocation error handling.

</ChangeLog>

 

11:18 osa 

Upgrade to recent bugfix release 5.3.1.

 

01:56 osa 

Upgrade third-party redis module to recent 0.3.9 version.

Bump PORTREVISION.

<ChangeLog>

*) Feature: redis "AUTH" command support.
   Original idea from https://github.com/Yongke/ngx_http_redis-0.3.7
   Thanks to Wang Yongke.

</ChangeLog>

 

15:04 osa 

Upgrade third-party passenger module from 5.2.3 to 5.3.0.

While I'm here fix the issue with GSSAPIINCDIR variable, it's
been introduced as GSSAPINCDIR without a correct substitution
during the third-party auth_krb5 module's patch time.

Bump PORTREVISION.

 

14:24 osa 

Speed-up the port's build by enable multiple jobs build.

While I'm here update third-party vod module to recent 1.23 version.

Bump PORTREVISION.

PR:	228127

 

15:07 jbeich 

multimedia/ffmpeg: update to 4.0

- FFSERVER support was removed upstream
- libressl now uses libtls backend instead of patching openssl one
- Clang i386 no longer uses 16-byte aligned stack

Changes:	https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/n4.0:/Changelog
ABI:		https://abi-laboratory.pro/tracker/timeline/ffmpeg/
PR:		227726
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D15175

 

22:11 osa 

Cleanup Makefile.extmod file.
Upgrade third-party modules to their recent versions.

Bump PORTREVISION.

 

22:29 osa 

Merge from www/nginx and adopt next revisions:
	468201, 468240.

Update third-party modules to their recent versions.
Enable libxml usage for third-party vod module.

Bump PORTREVISION.

 

21:35 osa 

Merge from www/nginx and adopt next revisions:
	465814, 465851, 465931, 468031.

Bump PORTREVISION.

 

23:19 osa 

Upgrade from 1.13.12 to 1.14.0.

<ChangeLog>

*) 1.14.x stable branch.

</ChangeLog>

 

23:45 osa 

Upgrade from 1.13.11 to 1.13.12.

While I'm here add back modsecurity3 distinfo records.

<ChangeLog>

*) Bugfix: connections with gRPC backends might be closed unexpectedly
   when returning a large response.

</ChangeLog>

 

21:11 osa 

Upgrade from 1.13.10 to 1.13.11.

While I'm here upgrade next third-party modules to their
recent version:
o) passenger;
o) njs.

<ChangeLog>

*) Feature: the "proxy_protocol" parameter of the "listen" directive now
   supports the PROXY protocol version 2.

*) Bugfix: nginx could not be built with OpenSSL 1.1.1 statically on
   Linux.

*) Bugfix: in the "http_404", "http_500", etc. parameters of the
   "proxy_next_upstream" directive.

</ChangeLog>

 

23:13 osa 

Upgrade from 1.13.9 to 1.13.10.
Upgrade third-party modules to their recent version.

<ChangeLog>

*) Feature: the "set" parameter of the "include" SSI directive now
   allows writing arbitrary responses to a variable; the
   "subrequest_output_buffer_size" directive defines maximum response
   size.

*) Feature: now nginx uses clock_gettime(CLOCK_MONOTONIC) if available,
   to avoid timeouts being incorrectly triggered on system time changes.

*) Feature: the "escape=none" parameter of the "log_format" directive.
   Thanks to Johannes Baiter and Calin Don.

*) Feature: the $ssl_preread_alpn_protocols variable in the
   ngx_stream_ssl_preread_module.

*) Feature: the ngx_http_grpc_module.

*) Bugfix: in memory allocation error handling in the "geo" directive.

*) Bugfix: when using variables in the "auth_basic_user_file" directive
   a null character might appear in logs.
   Thanks to Vadim Filimonov.

</ChangeLog>

 

17:38 brnrd 

Migrate USE_APACHE to USES= apache (category www)

 - Following migration of Mk/bsd.apache.mk to Mk/Uses/apache.mk

With hat:	apache

 

03:47 osa 

Upgrade from 1.13.8 to 1.13.9.
Upgrade third-party modules to their recent version.
Remove needless patches.

<ChangeLog>

*) Feature: HTTP/2 server push support; the "http2_push" and
   "http2_push_preload" directives.

*) Bugfix: "header already sent" alerts might appear in logs when using
   cache; the bug had appeared in 1.9.13.

*) Bugfix: a segmentation fault might occur in a worker process if the
   "ssl_verify_client" directive was used and no SSL certificate was
   specified in a virtual server.

*) Bugfix: in the ngx_http_v2_module.

*) Bugfix: in the ngx_http_dav_module.

</ChangeLog>

 

20:03 osa 

Upgrade from 1.13.7 to 1.13.8.

While I'm here remove needless patch.

<ChangeLog>

*) Feature: now nginx automatically preserves the CAP_NET_RAW capability
   in worker processes when using the "transparent" parameter of the
   "proxy_bind", "fastcgi_bind", "memcached_bind", "scgi_bind", and
   "uwsgi_bind" directives.

*) Feature: improved CPU cache line size detection.
   Thanks to Debayan Ghosh.

*) Feature: new directives in vim syntax highlighting scripts.
   Thanks to Gena Makhomed.

*) Bugfix: binary upgrade refused to work if nginx was re-parented to a
   process with PID different from 1 after its parent process has
   finished.

*) Bugfix: the ngx_http_autoindex_module incorrectly handled requests
   with bodies.

*) Bugfix: in the "proxy_limit_rate" directive when used with the
   "keepalive" directive.

*) Bugfix: some parts of a response might be buffered when using
   "proxy_buffering off" if the client connection used SSL.
   Thanks to Patryk Lesiewicz.

*) Bugfix: in the "proxy_cache_background_update" directive.

*) Bugfix: it was not possible to start a parameter with a variable in
   the "${name}" form with the name in curly brackets without enclosing
   the parameter into single or double quotes.

</ChangeLog>

 

00:56 osa 

Use @postexec keyword instead of deprecated @exec one in pkg-plist.
Bump PORTREVISION.

While I'm here upgrade third-party fancyindex module to the latest
version - 0.4.2.

 

03:49 osa 

Add third-party vts (virtual host traffic status) module.

Suggested by:	"Eugene M. Zheganin" <emz@norma.perm.ru>

 

03:17 osa 

Upgrade next third-party modules to their recent versions:
o) njs;
o) echo;
o) lua;
o) nchan;
o) redis2;
o) srcache;
o) tarantul;
o) vod.

Remove needless patches cause most of them have been added to their
upstreams.

 

02:09 osa 

Switch to fork that uses new brotli ABI.

Thanks to:	Evgenii Kliuchnikov <eustas@google.com>

PR:		224000

While I'm here add CONFLICTS_INSTALL and PORTSCOUNT.
Bump PORTREVISION.

 

00:43 osa 

Update from 5.1.11 to 5.1.12:

o) www/rubygem-passenger;
o) third-party passenger modules for www/nginx and www/nginx-devel.

 

02:14 osa 

Upgrade from 1.13.6 to 1.13.7.

<ChangeLog>

*) Bugfix: in the $upstream_status variable.

*) Bugfix: a segmentation fault might occur in a worker process if a
   backend returned a "101 Switching Protocols" response to a
   subrequest.

*) Bugfix: a segmentation fault occurred in a master process if a shared
   memory zone size was changed during a reconfiguration and the
   reconfiguration failed.

*) Bugfix: in the ngx_http_fastcgi_module.

*) Bugfix: nginx returned the 500 error if parameters without variables
   were specified in the "xslt_stylesheet" directive.

*) Workaround: "gzip filter failed to use preallocated memory" alerts
   appeared in logs when using a zlib library variant from Intel.

*) Bugfix: the "worker_shutdown_timeout" directive did not work when
   using mail proxy and when proxying WebSocket connections.

</ChangeLog>

 

06:50 jbeich 

multimedia/ffmpeg: update to 3.4

Notable changes:
- i386/amd64 now depend on NASM per
https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/4f9297ac3b39
- NETCDF is now MYSOFA but the dependency doesn't exist in ports yet
- SCHROEDINGER is gone per
https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/220b24c7c9
- DRM, LIBRSVG2, LIBXML2 are new options
- ABI isn't completely compatible: some structs have changed

Minor cleanup:
- Don't pass --disable-{in,out}dev when it's already blocked by disabled
dependency
- Drop redundant "Enable" from option descriptions
- Switch CDIO_DESC to use Mk/bsd.options.desc.mk

Changes:	https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/n3.4:/Changelog
ABI:		https://abi-laboratory.pro/tracker/timeline/ffmpeg/
PR:		223057
Exp-run by:	antoine

 

16:58 osa 

Security (*) upgrade from 5.1.8 to 5.1.11:

o) www/rubygem-passenger;
o) third-party passenger module for www/nginx-devel;

MFH:	2017Q4

See
details:	https://blog.phusion.nl/2017/10/13/passenger-security-advisory-5-1-11/

 

15:57 mat 

Remove WANT_GNOME and HAVE_GNOME.

Approved by:	bapt kwm
Sponsored by:	Absolight
Differential Revision:	  https://reviews.freebsd.org/D12643

 

02:34 osa 

Upgrade from 1.13.5 to 1.13.6.

<ChangeLog>

*) Bugfix: switching to the next upstream server in the stream module
   did not work when using the "ssl_preread" directive.

*) Bugfix: in the ngx_http_v2_module.
   Thanks to Piotr Sikora.

*) Bugfix: nginx did not support dates after the year 2038 on 32-bit
   platforms with 64-bit time_t.

*) Bugfix: in handling of dates prior to the year 1970 and after the
   year 10000.

*) Bugfix: in the stream module timeouts waiting for UDP datagrams from
   upstream servers were not logged or logged at the "info" level
   instead of "error".

*) Bugfix: when using HTTP/2 nginx might return the 400 response without
   logging the reason.

*) Bugfix: in processing of corrupted cache files.

*) Bugfix: cache control headers were ignored when caching errors
   intercepted by error_page.

*) Bugfix: when using HTTP/2 client request body might be corrupted.

*) Bugfix: in handling of client addresses when using unix domain
   sockets.

*) Bugfix: nginx hogged CPU when using the "hash ... consistent"
   directive in the upstream block if large weights were used and all or
   most of the servers were unavailable.

</ChangeLog>

 

20:34 osa 

Do the port clean-up:

o) replace `!empty(PORT_OPTIONS:M...)' with `${PORT_OPTIONS:M...}';
o) http_accesskey was removed in r439844, cleanup it.

Do not bump PORTREVISION.

PR:	222338

 

21:15 osa 

Upgrade from 5.1.5 to 5.1.8:

o) www/rubygem-passenger;
o) third-party passenger module for www/nginx;       (*)
o) third-party passenger module for www/nginx-devel.

Approved by:	joneum (maintainer) (*)

 

18:12 joneum 

- www/nginx-devel: Update from 1.13.4 to 1.13.5
- Changelog:
    *) Feature: the $ssl_client_escaped_cert variable.

    *) Bugfix: the "ssl_session_ticket_key" directive and the "include"
       parameter of the "geo" directive did not work on Windows.

    *) Bugfix: incorrect response length was returned on 32-bit platforms
       when requesting more than 4 gigabytes with multiple ranges.

    *) Bugfix: the "expires modified" directive and processing of the
       "If-Range" request header line did not use the response last
       modification time if proxying without caching was used.

Approved by:	osa (maintainer)
Approved by:	tz (mentor)
Differential Revision:	https://reviews.freebsd.org/D12247

 

20:08 osa 

Upgrade third-party njs module from 0.1.10 to post-0.1.13.

Do not bump PORTREVISION.

 

08:07 joneum 

- www/nginx-devel: Update from 1.13.3 to 1.13.4
- pet Portlint

- Changelog:
  *) Feature: the ngx_http_mirror_module.

  *) Bugfix: client connections might be dropped during configuration
       testing when using the "reuseport" parameter of the "listen"
       directive on Linux.

  *) Bugfix: request body might not be available in subrequests if it was
       saved to a file and proxying was used.

  *) Bugfix: cleaning cache based on the "max_size" parameter did not work
       on Windows.

  *) Bugfix: any shared memory allocation required 4096 bytes on Windows.

  *) Bugfix: nginx worker might be terminated abnormally when using the
       "zone" directive inside the "upstream" block on Windows.

Approved by:	osa (maintainer)
Approved by:	miwi (mentor)
MFH:		2017Q3
Differential Revision:	https://reviews.freebsd.org/D11951

 

11:17 osa 

Updade third-party ngx_brotli module to recent version, update
dependences.

No cookie for:	brnrd

 

00:21 osa 

Security upgrade to 1.13.3.

MFH:		2017Q3
Security:	CVE-2017-7529

 

15:44 osa 

Upgrade third-party clojure module from 0.4.4 to 0.4.5.

 

15:37 osa 

Update from 5.1.4 to 5.1.5:

o) www/rubygem-passenger;
o) third-party passenger modules for www/nginx and www/nginx-devel.

 

14:29 osa 

Upgrade from 1.13.1 to 1.13.2.

<ChangeLog>

*) Change: nginx now returns 200 instead of 416 when a range starting
   with 0 is requested from an empty file.

*) Feature: the "add_trailer" directive.
   Thanks to Piotr Sikora.

*) Bugfix: nginx could not be built on Cygwin and NetBSD; the bug had
   appeared in 1.13.0.

*) Bugfix: nginx could not be built under MSYS2 / MinGW 64-bit.
   Thanks to Orgad Shaneh.

*) Bugfix: a segmentation fault might occur in a worker process when
   using SSI with many includes and proxy_pass with variables.

*) Bugfix: in the ngx_http_v2_module.
   Thanks to Piotr Sikora.

</ChangeLog>

 

23:58 osa 

Add third-party vod module.

Requsted by:	Alexander Ushakov <alexander@tauruna.ru>

 

01:29 osa 

Upgrade from 1.13.0 to 1.13.1.

<ChangeLog>

*) Feature: now a hostname can be used as the "set_real_ip_from"
   directive parameter.

*) Feature: vim syntax highlighting scripts improvements.

*) Feature: the "worker_cpu_affinity" directive now works on DragonFly
   BSD.
   Thanks to Sepherosa Ziehau.

*) Bugfix: SSL renegotiation on backend connections did not work when
   using OpenSSL before 1.1.0.

*) Workaround: nginx could not be built with Oracle Developer Studio
   12.5.

*) Workaround: now cache manager ignores long locked cache entries when
   cleaning cache based on the "max_size" parameter.

*) Bugfix: client SSL connections were immediately closed if deferred
   accept and the "proxy_protocol" parameter of the "listen" directive
   were used.

*) Bugfix: in the "proxy_cache_background_update" directive.

*) Workaround: now the "tcp_nodelay" directive sets the TCP_NODELAY
   option before an SSL handshake.

</ChangeLog>

 

19:05 osa 

A customer has reported about an issue when unable to load a dynamic
module because of wrong order of those modules in the default confi-
guration file, so remove the auto generation of the load modules list.

Bump PORTREVISION.

 

20:34 osa 

Upgrade from 5.1.3 to 5.1.4:

o) www/rubygem-passenger;
o) third-party passenger module for www/nginx and www/nginx-devel.

 

21:22 osa 

Fix the build when libressl defined.
Bump PORTREVISION.

Reported by:	many

 

22:33 osa 

Upgrade third-party http_auth_pam module from 1.2 to 1.5.1.
Change upstream to github.
It's possible to build the module as dynamic now.

Do not bump PORTREVISION.

 

22:16 osa 

Upgrade third-party auth_digest module from cc61b4a to 519dc2a,
it's possible to build it as dynamic module.

Do not bump PORTREVISION.

 

22:03 osa 

Upgrade third-party memc module from 0.17 to 0.18.
Remove the needless patch (incorporated into upstream).

Do not bump PORTREVISION.

 

21:36 osa 

Upgrade from 5.1.2 to 5.1.3:

o) www/rubygem-passenger;
o) third-party passenger module for www/nginx and www/nginx-devel.

 

23:30 osa 

Fix third-party lua-nginx module build with LibreSSL.

While I'm here clean-up distinfo from the checksums of legacy
third-party modules.

Do not bump PORTREVISION.

PR:	218595

 

20:56 osa 

Add IPV6 support knob back.

Remove obsolete third-party modules:

o) http_accesskey;
o) xrid_header. (*)

Bump PORTREVISION.

PR:	218956 (*)

 

23:30 osa 

Upgrade from 1.12.0 to latest "mainline" 1.13.0.

<ChangeLog>

*) Change: SSL renegotiation is now allowed on backend connections.

*) Feature: the "rcvbuf" and "sndbuf" parameters of the "listen"
   directives of the mail proxy and stream modules.

*) Feature: the "return" and "error_page" directives can now be used to
   return 308 redirections.
   Thanks to Simon Leblanc.

*) Feature: the "TLSv1.3" parameter of the "ssl_protocols" directive.

*) Feature: when logging signals nginx now logs PID of the process which
   sent the signal.

*) Bugfix: in memory allocation error handling.

*) Bugfix: if a server in the stream module listened on a wildcard
   address, the source address of a response UDP datagram could differ
   from the original datagram destination address.

</ChangeLog>

 

13:25 osa 

Move the patches for third-party lua module to lua code block.
Do not bump PORTREVISION.

PR:	218683

 

17:39 osa 

Remove IPV6 knob, IPv6 now compiled-in automatically if support is found.

Upgrade third-party upload module, enable it back.
Upgrade third-party http_auth_krb5 module to 0c6ff3f.
Upgrade third-party njs module to 0.1.10.

 

16:09 osa 

Enable third_party mod_zip module back by changing upstream.
Do not bump PORTREVISION.

 

15:55 osa 

Upgrade from 1.11.10 to 1.12.0.

ChangeLog:	http://nginx.org/en/CHANGES-1.12

Also, remove third-party modules:
o) udplog
o) statsd

Upgrade third-party modules:
o) lua to 0.10.8
o) upstream_fair to b5be36f (upstream has been changed)

Please see this comment in case of the production use of the lua module:
https://github.com/openresty/lua-nginx-module/pull/1017#issuecomment-294076002

Patches obtained from:
o)
https://github.com/openresty/lua-nginx-module/commit/0459a285ca0159d45e73da8bd1164edb5c57cde3
o)
https://github.com/SpiderLabs/ModSecurity/pull/1373/commits/d19df159043106a4d6dfd113696900b5b0dae24b

 

00:41 osa 

Upgrade from 1.11.9 to 1.11.10.

<ChangeLog>

*) Change: cache header format has been changed, previously cached
   responses will be invalidated.

*) Feature: support of "stale-while-revalidate" and "stale-if-error"
   extensions in the "Cache-Control" backend response header line.

*) Feature: the "proxy_cache_background_update",
   "fastcgi_cache_background_update", "scgi_cache_background_update",
   and "uwsgi_cache_background_update" directives.

*) Feature: nginx is now able to cache responses with the "Vary" header
   line up to 128 characters long (instead of 42 characters in previous
   versions).

*) Feature: the "build" parameter of the "server_tokens" directive.
   Thanks to Tom Thorogood.

*) Bugfix: "[crit] SSL_write() failed" messages might appear in logs
   when handling requests with the "Expect: 100-continue" request header
   line.

*) Bugfix: the ngx_http_slice_module did not work in named locations.

*) Bugfix: a segmentation fault might occur in a worker process when
   using AIO after an "X-Accel-Redirect" redirection.

*) Bugfix: reduced memory consumption for long-lived requests using
   gzipping.

</ChangeLog>

 

03:30 osa 

Upgrade third-party modules:

o) fancyindex from 0.3.6 to 0.4.1;
o) encrypted-session from 0.05 to 0.06.

 

22:46 osa 

Upgrade from 5.0.30 to 5.1.2:

o) www/rubygem-passenger;
o) third-party passenger module for www/nginx and www/nginx-devel.

 

21:20 tijl 

- Remove inclusion of bsd.default-versions.mk from ftp/curl/Makefile so
  bsd.default-versions.mk can rely on ARCH being defined.
- In bsd.port.mk move inclusion of bsd.default-versions.mk from the
  pre-makefile section to the options section so the variables can be used
  earlier.  Also put the bit of code sitting between the options section and
  the pre-makefile section into the options section.
- Remove last few cases where ports set WITH_OPENSSL_PORT.  This variable is
  handled in bsd.default-versions.mk and some ports were setting it after
  including bsd.port.options.mk.  After FreeBSD 9 EoL all but a few ports,
  and then only when setting non-default options, work without setting that
  variable.

PR:		215996
Exp-run by:	antoine
Approved by:	portmgr (antoine)

 

23:22 osa 

Upgrade third-party njs module from f8c642a (0.1.6+) to f106743 (aka 0.1.9).

 

23:09 osa 

Upgrade third-party ct module from f3cad5e (aka 1.2.0) to 1.3.2.

 

01:02 osa 

Upgrade from 1.11.8 to 1.11.9.

<ChangeLog>

*) Bugfix: nginx might hog CPU when using the stream module; the bug had
   appeared in 1.11.5.

*) Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted
   even if it was not enabled in the configuration.

*) Bugfix: a segmentation fault might occur in a worker process if the
   "ssl_verify_client" directive of the stream module was used.

*) Bugfix: the "ssl_verify_client" directive of the stream module might
   not work.

*) Bugfix: closing keepalive connections due to no free worker
   connections might be too aggressive.
   Thanks to Joel Cunningham.

*) Bugfix: an incorrect response might be returned when using the
   "sendfile" directive on FreeBSD and macOS; the bug had appeared in
   1.7.8.

*) Bugfix: a truncated response might be stored in cache when using the
   "aio_write" directive.

*) Bugfix: a socket leak might occur when using the "aio_write"
   directive.

</ChangeLog>

 

00:54 osa 

Upgrade third-party lua module from 0.10.6 to 0.10.7.

 

17:06 amdmi3 

- Always check OPSYS along with OSVERSION

Approved by:	portmgr blanket

 

23:16 osa 

Upgrade from 1.11.7 to 1.11.8.

<ChangeLog>

*) Feature: the "absolute_redirect" directive.

*) Feature: the "escape" parameter of the "log_format" directive.

*) Feature: client SSL certificates verification in the stream module.

*) Feature: the "ssl_session_ticket_key" directive supports AES256
   encryption of TLS session tickets when used with 80-byte keys.

*) Feature: vim-commentary support in vim scripts.
   Thanks to Armin Grodon.

*) Bugfix: recursion when evaluating variables was not limited.

*) Bugfix: in the ngx_stream_ssl_preread_module.

*) Bugfix: if a server in an upstream in the stream module failed, it
   was considered alive only when a test connection sent to it after
   fail_timeout was closed; now a successfully established connection is
   enough.

*) Bugfix: nginx/Windows could not be built with 64-bit Visual Studio.

*) Bugfix: nginx/Windows could not be built with OpenSSL 1.1.0.

</ChangeLog>

 

16:56 osa 

Upgrade from 1.11.6 to 1.11.7.
Upgrade njs module from 8c01042 to f8c642a.

<ChangeLog>

*) Change: now in case of a client certificate verification error the
   $ssl_client_verify variable contains a string with the failure
   reason, for example, "FAILED:certificate has expired".

*) Feature: the $ssl_ciphers, $ssl_curves, $ssl_client_v_start,
   $ssl_client_v_end, and $ssl_client_v_remain variables.

*) Feature: the "volatile" parameter of the "map" directive.

*) Bugfix: dependencies specified for a module were ignored while
   building dynamic modules.

*) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
   directives client request body might be corrupted; the bug had
   appeared in 1.11.0.

*) Bugfix: a segmentation fault might occur in a worker process when
   using HTTP/2; the bug had appeared in 1.11.3.

*) Bugfix: in the ngx_http_mp4_module.
   Thanks to Congcong Hu.

*) Bugfix: in the ngx_http_perl_module.

</ChangeLog>

 

15:22 jbeich 

multimedia/ffmpeg: update to 3.2.2

Changes:	https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/n3.2.2:/Changelog
PR:		207547
Submitted by:	riggs, ebirth@b0ss.net (libressl fix)
Exp-run by:	antoine (3 tries)

 

18:45 osa 

Fix the build issues when:
o) the drizzle module can't find the libdrizzle headers;
o) the geoip2 can't find the libmaxminddb.

Do not bump PORTREVISION, those third-party modules are disabled by default.

 

01:49 osa 

Add and enable vendor's stream_ssl_preread module.
Bump PORTREVISION.

PR:	213661

 

15:52 robak 

www/nginx-devel: make the port slave friendly and update CONFLICTS

Approved by:	osa

 

11:18 mat 

Don't quote {} in find -exec calls.

Braces are not shell metacharacters, and they do not need to be quoted.
By the time find parses its arguments and dicovers them, the quoting
will have been removed by the shell anyway.

Sponsored by:	Absolight

 

21:32 osa 

Fix the functionality issue of the third-party modsecurity module.

Found by:	Rami Jebara <rami.jebara@tuangru.com> (in private mail)

 

07:46 jbeich 

www/nginx: drop unused ImageMagick dependency

nginx-video-thumbextractor-module-0.7.0/README.textile:

  h2(#0_5_0). v0.5.0
  * remove MagickWand dependency which cause memory leak

which saved it from being BROKEN by r358176:

  In file included from src/ngx_http_video_thumbextractor_module.c:3:
  src/ngx_http_video_thumbextractor_module_utils.c:5:10: fatal error:
'wand/magick_wand.h' file not found
  #include <wand/magick_wand.h>
	   ^
  1 error generated.
  *** Error code 1

Reported by:	antoine (via exp-run for www/tengine)

 

06:44 jbeich 

www/nginx: apply r390310

=======================<phase: lib-depends    >============================
===>   nginx-1.10.2_1,2 depends on shared library: libjpeg.so - not found
===>   Installing existing package /packages/All/jpeg-8_6.txz
Installing jpeg-8_6...
Extracting jpeg-8_6: .......... done
===>   nginx-1.10.2_1,2 depends on shared library: libjpeg.so - found
(/usr/local/lib/libjpeg.so)
===>   Returning to build of nginx-1.10.2_1,2
===>   nginx-1.10.2_1,2 depends on shared library: libavformat.so - not found
===>   Installing existing package /packages/All/ffmpeg-3.2,1.txz
Installing ffmpeg-3.2,1...
`-- Installing libv4l-1.6.3_2...
|   `-- Installing jpeg-turbo-1.5.1...
pkg-static: jpeg-turbo-1.5.1 conflicts with jpeg-8_6 (installs files into the
same place).  Problematic file: /usr/local/bin/cjpeg

Failed to install the following 1 package(s): /packages/All/ffmpeg-3.2,1.txz
*** Error code 70

PR:		207547
Reported by:	antoine (via exp-run)
Approved by:	portmgr blanket

 

02:52 osa 

Upgrade third-party njs module from ee84984 to 8c01042.

 

20:41 osa 

Remove IGNORE for drizzle and postgres third-party modules.

 

20:19 osa 

Remove IGNORE for memc and redis2 third-party modules.

Patches obtained from:
o)
https://github.com/openresty/memc-nginx-module/commit/c08cb7043440e427867838caf21cfd1e6cb2127a
o)
https://github.com/openresty/redis2-nginx-module/commit/8cc7304787ae9542db4feb50d9e27beb485caa0f

 

02:37 osa 

Upgrade from 1.11.5 to 1.11.6.

Mark following third-party modules with IGNORE, a patches require from
upstreams:
o) http_upstream_fair;
o) drizzle;
o) memc;
o) postgres;
o) redis2.

<ChangeLog>

*) Change: format of the $ssl_client_s_dn and $ssl_client_i_dn variables
   has been changed to follow RFC 2253 (RFC 4514); values in the old
   format are available in the $ssl_client_s_dn_legacy and
   $ssl_client_i_dn_legacy variables.

*) Change: when storing temporary files in a cache directory they will
   be stored in the same subdirectories as corresponding cache files
   instead of a separate subdirectory for temporary files.

*) Feature: EXTERNAL authentication mechanism support in mail proxy.
   Thanks to Robert Norris.

*) Feature: WebP support in the ngx_http_image_filter_module.

*) Feature: variables support in the "proxy_method" directive.
   Thanks to Dmitry Lazurkin.

*) Feature: the "http2_max_requests" directive in the
   ngx_http_v2_module.

*) Feature: the "proxy_cache_max_range_offset",
   "fastcgi_cache_max_range_offset", "scgi_cache_max_range_offset", and
   "uwsgi_cache_max_range_offset" directives.

*) Bugfix: graceful shutdown of old worker processes might require
   infinite time when using HTTP/2.

*) Bugfix: in the ngx_http_mp4_module.

*) Bugfix: "ignore long locked inactive cache entry" alerts might appear
   in logs when proxying WebSocket connections with caching enabled.

*) Bugfix: nginx did not write anything to log and returned a response
   with code 502 instead of 504 when a timeout occurred during an SSL
   handshake to a backend.

</ChangeLog>

 

01:06 osa 

Add third-party fastdfs module.

PR:	213979

 

14:22 osa 

Add one more third-party module:  ngx_http_geoip2, v.2.0.

PR:	210294

 

15:33 mat 

Fix the three ports not handling the ImageMagick-nox11 dependency
correctly.

Sponsored by:	Absolight

 

23:10 osa 

Use ImageMagick-nox11 instead of original one as it's more
convenient for the server-based product.

Do not bump PORTREVISION because this change affects disabled by
default third-party modules only.

 

11:53 osa 

Upgrade third-party headers_more and memc modules tp their latest versions.

 

00:44 osa 

Upgrade third-party upstream_sticky module to its latest version 08a395c66e42
to fix crashing with SIGSEGV.

PR:	213113

 

00:18 osa 

Upgrade third-party lua module from 0.10.6rc1 to 0.10.6.

 

00:10 osa 

Upgrade from 1.11.4 to 1.11.5.
Upgrade third-party njs module to its latest version ee84984.

<ChangeLog>

*) Change: the --with-ipv6 configure option was removed, now IPv6
   support is configured automatically.

*) Change: now if there are no available servers in an upstream, nginx
   will not reset number of failures of all servers as it previously
   did, but will wait for fail_timeout to expire.

*) Feature: the ngx_stream_ssl_preread_module.

*) Feature: the "server" directive in the "upstream" context supports
   the "max_conns" parameter.

*) Feature: the --with-compat configure option.

*) Feature: "manager_files", "manager_threshold", and "manager_sleep"
   parameters of the "proxy_cache_path", "fastcgi_cache_path",
   "scgi_cache_path", and "uwsgi_cache_path" directives.

*) Bugfix: flags passed by the --with-ld-opt configure option were not
   used while building perl module.

*) Bugfix: in the "add_after_body" directive when used with the
   "sub_filter" directive.

*) Bugfix: in the $realip_remote_addr variable.

*) Bugfix: the "dav_access", "proxy_store_access",
   "fastcgi_store_access", "scgi_store_access", and "uwsgi_store_access"
   directives ignored permissions specified for user.

*) Bugfix: unix domain listen sockets might not be inherited during
   binary upgrade on Linux.

*) Bugfix: nginx returned the 400 response on requests with the "-"
   character in the HTTP method.

</ChangeLog>

 

22:25 osa 

Do not littering /var/log by compiled-in error log.
Bump PORTREVISION.

PR:	212416

 

22:15 osa 

mod_zip: good-bye googlecode, welcome github!
Upgrade to the latest revision.

 

22:09 osa 

Upgrade from 1.11.3 to 1.11.4.

<ChangeLog>

*) Feature: the $upstream_bytes_received variable.

*) Feature: the $bytes_received, $session_time, $protocol, $status,
   $upstream_addr, $upstream_bytes_sent, $upstream_bytes_received,
   $upstream_connect_time, $upstream_first_byte_time, and
   $upstream_session_time variables in the stream module.

*) Feature: the ngx_stream_log_module.

*) Feature: the "proxy_protocol" parameter of the "listen" directive,
   the $proxy_protocol_addr and $proxy_protocol_port variables in the
   stream module.

*) Feature: the ngx_stream_realip_module.

*) Bugfix: nginx could not be built with the stream module and the
   ngx_http_ssl_module, but without ngx_stream_ssl_module; the bug had
   appeared in 1.11.3.

*) Feature: the IP_BIND_ADDRESS_NO_PORT socket option was not used; the
   bug had appeared in 1.11.2.

*) Bugfix: in the "ranges" parameter of the "geo" directive.

*) Bugfix: an incorrect response might be returned when using the "aio
   threads" and "sendfile" directives; the bug had appeared in 1.9.13.

</ChangeLog>

 

15:59 mat 

GOOGLE_CODE has gone away.

- If a port has another upstream, remove GOOGLE_CODE
- If a port only has GOOGLE_CODE mark it BROKEN

Some ports have a local mirror configured but for security reasons, it
is not considered upstream.

Sponsored by:	Absolight

 

16:15 osa 

Upgrade third-party njs module from f7d2d6f to the latest 0f11ace revision.

 

23:20 osa 

Upgrade third-party tarantool module from b852195 to 1278ee5.
Now it's possible to build it as dynamic module.

 

02:03 osa 

Upgrade third-party modules:

o) arrayvar from 0.03 to 0.05;
o) devel_kit from 0.2.19 to 0.3.0;
o) echo from 4f7aa50 to 46334b3;
o) encryptsession from 0.03 to 0.05;
o) forminput from 0.07 to 0.12;
o) iconv from 0.10 to 0.14;
o) lua from 0.10.5 to 0.10.6rc1;
o) set_misc from 6582fb4 to f808ef4;
o) sflow from 0.9.7 to 543c72a;
o) small_light from 0.6.15 to 0.8.0;
o) xss from 0.04 to 0.05.

Do not bump PORTREVISION.

 

23:05 osa 

Upgrade third-party rtmp module from 1.1.7 to 1.1.8.
Remove needless patch.

PR:	211487

 

03:56 osa 

Upgrade from 5.0.29 to 5.0.30:

o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.

 

03:39 osa 

Upgrade from 1.11.2 to 1.11.3.

<ChangeLog>

*) Change: now the "accept_mutex" directive is turned off by default.

*) Feature: now nginx uses EPOLLEXCLUSIVE on Linux.

*) Feature: the ngx_stream_geo_module.

*) Feature: the ngx_stream_geoip_module.

*) Feature: the ngx_stream_split_clients_module.

*) Feature: variables support in the "proxy_pass" and "proxy_ssl_name"
   directives in the stream module.

*) Bugfix: socket leak when using HTTP/2.

*) Bugfix: in configure tests.
   Thanks to Piotr Sikora.

</ChangeLog>

 

09:33 dinoex 

- update libgd to 2.2.2
- new MASTER_SITES
- add security patch
PR:		210913
Submitted by:	Piotr Kubaj
MFH:		2016Q3
Security: CVE-2015-8874
Security: CVE-2016-3074
Security: http://www.openwall.com/lists/oss-security/2016/07/12/4