On Fri, Jun 03, 2022 at 12:52:48PM +0200, Omar Polo wrote: > Omar Polo <o...@openbsd.org> wrote: > > Hello, > > > > "Sergey A. Osokin" <o...@freebsd.org> wrote: > > > And here's the patch. > > > > (+cc robert@; please put the maintainer in Cc so it's easier for them to > > see the mail)
Thanks for the review, Omar. I've just updated the patch: o) remove upstreamed patches o) add DESCR-njs and PLIST-njs files o) removed sorting staff, will do that later While I'm here I've found a compiling issue with the third-party lua module, so I've just made some additional changes in that place as well. -- Sergey A. Osokin
Index: Makefile
===================================================================
RCS file: /cvs/ports/www/nginx/Makefile,v
retrieving revision 1.163
diff -u -p -r1.163 Makefile
--- Makefile 30 May 2022 08:17:34 -0000 1.163
+++ Makefile 3 Jun 2022 14:49:08 -0000
@@ -7,6 +7,7 @@ COMMENT-xslt= nginx XSLT filter module
COMMENT-mailproxy= nginx mail proxy module
COMMENT-stream= nginx TCP/UDP proxy module
COMMENT-naxsi= nginx web application firewall module
+COMMENT-njs= nginx JavaScript module
COMMENT-ldap_auth= nginx LDAP authentication module
COMMENT-lua= nginx lua scripting module
COMMENT-headers_more= nginx module for setting/adding/clearing headers
@@ -18,8 +19,9 @@ COMMENT-securelink= nginx HMAC secure li
VERSION= 1.22.0
DISTNAME= nginx-${VERSION}
CATEGORIES= www
+REVISION= 0
-VERSION-rtmp= 1.2.1
+VERSION-rtmp= 1.2.2
PKGNAME-main= ${DISTNAME}
PKGNAME-image_filter= nginx-image_filter-${VERSION}
@@ -35,6 +37,7 @@ PKGNAME-perl= nginx-perl-${VERSION}
PKGNAME-passenger= nginx-passenger-${VERSION}
PKGNAME-rtmp= nginx-rtmp-${VERSION}
PKGNAME-securelink= nginx-securelink-${VERSION}
+PKGNAME-njs= nginx-njs-${VERSION}
ONLY_FOR_ARCHS-passenger= aarch64 amd64 arm i386
@@ -47,13 +50,14 @@ DISTFILES= ${DISTNAME}${EXTRACT_SUFX}
_GH_MODS= \
openresty headers-more-nginx-module v0.33 \
- openresty lua-nginx-module v0.10.11 \
+ openresty lua-nginx-module v0.10.21 \
nbs-system naxsi 1.3 \
kvspb nginx-auth-ldap 83c059b73566c2ee9cbda920d91b66657cf120b7 \
arut nginx-rtmp-module v${VERSION-rtmp} \
- simpl ngx_devel_kit v0.3.0 \
+ vision5 ngx_devel_kit v0.3.1 \
leev ngx_http_geoip2_module 3.3 \
- nginx-modules ngx_http_hmac_secure_link_module 48c4625fbbf51ed5a95bfec23fa444f6c3702e50
+ nginx-modules ngx_http_hmac_secure_link_module 8c5449202cd5afd8970f316bd6828d28281dc9bc \
+ nginx njs 0.7.4
.for _a _p _c in ${_GH_MODS}
DISTFILES+= ${_p}-{${_a}/${_p}/archive/}${_c}.tar.gz:0
@@ -70,7 +74,7 @@ MULTI_PACKAGES = -main -naxsi -perl ${MO
MODULE_PACKAGES = -image_filter -geoip2 -xslt -mailproxy -stream \
-passenger -headers_more -ldap_auth -lua -rtmp \
- -securelink
+ -securelink -njs
FLAVOR ?=
PSEUDO_FLAVORS = no_lua no_passenger
@@ -93,6 +97,7 @@ WANTLIB-headers_more=
WANTLIB-perl= c m perl
WANTLIB-passenger= m pthread ${COMPILER_LIBCXX}
WANTLIB-securelink= crypto
+WANTLIB-njs=
LIB_DEPENDS-main= devel/pcre
LIB_DEPENDS-xslt= textproc/libxml \
@@ -132,9 +137,8 @@ CONFIGURE_STYLE= simple
MODULES+= perl
.if ${BUILD_PACKAGES:M-lua}
-MODULES+= lang/lua
-CONFIGURE_ENV+= MODLUA_INCL_DIR=${MODLUA_INCL_DIR} \
- MODLUA_LIB=${MODLUA_LIB}
+CONFIGURE_ENV+= LUAJIT_INC=${LOCALBASE}/include/luajit-2.0 \
+ LUAJIT_LIB=${LOCALBASE}/lib
CONFIGURE_ARGS+= --add-dynamic-module=${WRKSRC}/lua-nginx-module
.endif
Index: distinfo
===================================================================
RCS file: /cvs/ports/www/nginx/distinfo,v
retrieving revision 1.79
diff -u -p -r1.79 distinfo
--- distinfo 30 May 2022 08:17:34 -0000 1.79
+++ distinfo 3 Jun 2022 14:49:08 -0000
@@ -1,20 +1,22 @@
SHA256 (headers-more-nginx-module-v0.33.tar.gz) = o9y6sRepwQO8HqUgD8AKe30q+X/3/VJfFvisJjLjD78=
-SHA256 (lua-nginx-module-v0.10.11.tar.gz) = wPuR/P0cbn3sNMpkgm74H/66/e9hdNJURnY284BWZiY=
+SHA256 (lua-nginx-module-v0.10.21.tar.gz) = nbdWAAV4767LQ76k/Gz2MaqoCYjYb/5dOv65kniV/60=
SHA256 (naxsi-1.3.tar.gz) = Q5yGdzctJZe0Ngu8wQvIZJDeH8dWlbGTrV3xVKIU1ig=
SHA256 (nginx-1.20.1-chroot.patch) = SS1TB0j8N4/dn5pUTGT6WvkN3aAUuKz5+R0Nt+MG0gk=
SHA256 (nginx-1.22.0.tar.gz) = sz1Wmm8RoBQzpXzhfoOTXpU61Nx3zdTUD4lsiKwm61M=
SHA256 (nginx-auth-ldap-83c059b73566c2ee9cbda920d91b66657cf120b7.tar.gz) = aQxOW9sq4ZsP7nXNNW0YATRo20cmFrYJeloLvjRshGQ=
-SHA256 (nginx-rtmp-module-v1.2.1.tar.gz) = h6pZdACwtaBSdO4tI9jLgiThJoYiegq+MdeDs6ZF6jc=
-SHA256 (ngx_devel_kit-v0.3.0.tar.gz) = iOBamainQZBm9a51lm+x78QJutRSLRSYbaB0VUrmFhk=
+SHA256 (nginx-rtmp-module-v1.2.2.tar.gz) = B/Gbe//sXjV7uIIMY+UoHevUX1oubUaxY22SAsPgnXg=
+SHA256 (ngx_devel_kit-v0.3.1.tar.gz) = DpcRBeIQ0nKkl1Z/ouLCVvTjm4RaW6gNNz4muhq/vYU=
SHA256 (ngx_http_geoip2_module-3.3.tar.gz) = QTeEOMgz4xOhiGnQxKcnBLSDXDCsr3/WgBOrZzL/eKc=
-SHA256 (ngx_http_hmac_secure_link_module-48c4625fbbf51ed5a95bfec23fa444f6c3702e50.tar.gz) = ZXpA2rODS1enIREzlD1OqWwpWcv3NOUXH4eUOgOAmqg=
+SHA256 (ngx_http_hmac_secure_link_module-8c5449202cd5afd8970f316bd6828d28281dc9bc.tar.gz) = 4flk02zJ1fWoocHBmIwLTPPjq8mdxHyvsg9pr+Siw68=
+SHA256 (njs-0.7.4.tar.gz) = xHS1rfax6HVxALvvNeHcQDGD+NnA9Qv6sBcnt3d9ciU=
SIZE (headers-more-nginx-module-v0.33.tar.gz) = 28130
-SIZE (lua-nginx-module-v0.10.11.tar.gz) = 616653
+SIZE (lua-nginx-module-v0.10.21.tar.gz) = 690938
SIZE (naxsi-1.3.tar.gz) = 235626
SIZE (nginx-1.20.1-chroot.patch) = 8783
SIZE (nginx-1.22.0.tar.gz) = 1073322
SIZE (nginx-auth-ldap-83c059b73566c2ee9cbda920d91b66657cf120b7.tar.gz) = 18542
-SIZE (nginx-rtmp-module-v1.2.1.tar.gz) = 519919
-SIZE (ngx_devel_kit-v0.3.0.tar.gz) = 66455
+SIZE (nginx-rtmp-module-v1.2.2.tar.gz) = 519934
+SIZE (ngx_devel_kit-v0.3.1.tar.gz) = 66542
SIZE (ngx_http_geoip2_module-3.3.tar.gz) = 8509
-SIZE (ngx_http_hmac_secure_link_module-48c4625fbbf51ed5a95bfec23fa444f6c3702e50.tar.gz) = 6159
+SIZE (ngx_http_hmac_secure_link_module-8c5449202cd5afd8970f316bd6828d28281dc9bc.tar.gz) = 6380
+SIZE (njs-0.7.4.tar.gz) = 589203
Index: patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_certby_c
===================================================================
RCS file: patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_certby_c
diff -N patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_certby_c
--- patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_certby_c 11 Mar 2022 20:10:10 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,34 +0,0 @@
-Use SSL_version() instead of TLS1_get_version().
-https://github.com/openresty/lua-nginx-module/commit/bb76eb123b4a80324e527062d71fe9d3f4c86d25
-
-Index: lua-nginx-module/src/ngx_http_lua_ssl_certby.c
---- lua-nginx-module/src/ngx_http_lua_ssl_certby.c.orig
-+++ lua-nginx-module/src/ngx_http_lua_ssl_certby.c
-@@ -549,13 +549,6 @@ ngx_http_lua_ssl_cert_by_chunk(lua_State *L, ngx_http_
- int
- ngx_http_lua_ffi_ssl_get_tls1_version(ngx_http_request_t *r, char **err)
- {
--#ifndef TLS1_get_version
--
-- *err = "no TLS1 support";
-- return NGX_ERROR;
--
--#else
--
- ngx_ssl_conn_t *ssl_conn;
-
- if (r->connection == NULL || r->connection->ssl == NULL) {
-@@ -569,11 +562,9 @@ ngx_http_lua_ffi_ssl_get_tls1_version(ngx_http_request
- return NGX_ERROR;
- }
-
-- dd("tls1 ver: %d", (int) TLS1_get_version(ssl_conn));
-+ dd("tls1 ver: %d", SSL_version(ssl_conn));
-
-- return (int) TLS1_get_version(ssl_conn);
--
--#endif
-+ return SSL_version(ssl_conn);
- }
-
-
Index: patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_ocsp_c
===================================================================
RCS file: patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_ocsp_c
diff -N patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_ocsp_c
--- patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_ocsp_c 11 Mar 2022 20:10:10 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,21 +0,0 @@
-Index: lua-nginx-module/src/ngx_http_lua_ssl_ocsp.c
---- lua-nginx-module/src/ngx_http_lua_ssl_ocsp.c.orig
-+++ lua-nginx-module/src/ngx_http_lua_ssl_ocsp.c
-@@ -456,6 +456,7 @@ ngx_http_lua_ffi_ssl_set_ocsp_status_resp(ngx_http_req
- u_char *p;
- SSL_CTX *ctx;
- ngx_ssl_conn_t *ssl_conn;
-+ int tlsext_status_type;
-
- if (r->connection == NULL || r->connection->ssl == NULL) {
- *err = "bad request";
-@@ -468,7 +469,8 @@ ngx_http_lua_ffi_ssl_set_ocsp_status_resp(ngx_http_req
- return NGX_ERROR;
- }
-
-- if (ssl_conn->tlsext_status_type == -1) {
-+ tlsext_status_type = SSL_get_tlsext_status_type(ssl_conn);
-+ if (tlsext_status_type == -1) {
- dd("no ocsp status req from client");
- return NGX_DECLINED;
- }
Index: patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_session_storeby_c
===================================================================
RCS file: patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_session_storeby_c
diff -N patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_session_storeby_c
--- patches/patch-lua-nginx-module_src_ngx_http_lua_ssl_session_storeby_c 11 Mar 2022 20:10:10 -0000 1.3
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,24 +0,0 @@
-Index: lua-nginx-module/src/ngx_http_lua_ssl_session_storeby.c
---- lua-nginx-module/src/ngx_http_lua_ssl_session_storeby.c.orig
-+++ lua-nginx-module/src/ngx_http_lua_ssl_session_storeby.c
-@@ -173,6 +173,8 @@ ngx_http_lua_ssl_sess_store_handler(ngx_ssl_conn_t *ss
- ngx_ssl_session_t *sess)
- {
- lua_State *L;
-+ const unsigned char *session_id;
-+ unsigned int session_id_length;
- ngx_int_t rc;
- ngx_connection_t *c, *fc = NULL;
- ngx_http_request_t *r = NULL;
-@@ -250,8 +252,9 @@ ngx_http_lua_ssl_sess_store_handler(ngx_ssl_conn_t *ss
- cctx->connection = c;
- cctx->request = r;
- cctx->session = sess;
-- cctx->session_id.data = sess->session_id;
-- cctx->session_id.len = sess->session_id_length;
-+ session_id = SSL_SESSION_get_id(sess, &session_id_length);
-+ cctx->session_id.data = (char *)session_id;
-+ cctx->session_id.len = session_id_length;
- cctx->done = 0;
-
- dd("setting cctx");
Index: pkg/DESCR-njs
===================================================================
RCS file: pkg/DESCR-njs
diff -N pkg/DESCR-njs
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ pkg/DESCR-njs 3 Jun 2022 14:49:08 -0000
@@ -0,0 +1,3 @@
+njs is a subset of the JavaScript language that allows extending nginx
+functionality. njs is created in compliance with ECMAScript 5.1
+(strict mode) with some ECMAScript 6 and later extensions.
Index: pkg/PLIST-njs
===================================================================
RCS file: pkg/PLIST-njs
diff -N pkg/PLIST-njs
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ pkg/PLIST-njs 3 Jun 2022 14:49:08 -0000
@@ -0,0 +1,2 @@
+@so ngx_http_js_module.so
+@so ngx_stream_js_module.so
signature.asc
Description: PGP signature
