./www/nginx-devel, Lightweight HTTP server and mail proxy server

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.13.8, Package name: nginx-1.13.8, Maintainer: imil

Nginx (pronounced engine-x) is a free, open-source, high-performance HTTP
server and reverse proxy, as well as an IMAP/POP3 proxy server. Igor Sysoev
started development of Nginx in 2002, with the first public release in 2004.
Nginx now hosts nearly 12.18% (22.2M) of active sites across all domains.
Nginx is known for its high performance, stability, rich feature set, simple
configuration, and low resource consumption.

Nginx is one of a handful of servers written to address the C10K problem.
Unlike traditional servers, Nginx doesn't rely on threads to handle requests.
Instead it uses a much more scalable event-driven (asynchronous) architecture.
This architecture uses small, but more importantly, predictable amounts of
memory under load.
Even if you don't expect to handle thousands of simultaneous requests, you can
still benefit from Nginx's high-performance and small memory footprint.
Nginx scales in all directions: from the smallest VPS all the way up to
clusters of servers.

Nginx powers several high-visibility sites, such as Netflix, Hulu, Pinterest,
CloudFlare, Airbnb, WordPress.com, GitHub, SoundCloud, Zynga, Eventbrite,
Zappos, Media Temple, Heroku, RightScale, Engine Yard and NetDNA.


Required to run:
[devel/pcre]

Required to build:
[pkgtools/cwrappers]

Package options: inet6, pcre, ssl

Master sites:

SHA1: a1f9348c9c46f449a0b549d0519dd34191d30cee
RMD160: 413140bde6a075b98788a53ca5c1304437e60dcf
Filesize: 968.981 KB

Version history: (Expand)


CVS history: (Expand)


   2018-02-13 10:26:01 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
nginx-devel: updated to 1.13.8

Changes with nginx 1.13.8:

*) Feature: now nginx automatically preserves the CAP_NET_RAW capability
   in worker processes when using the "transparent" parameter of the
   "proxy_bind", "fastcgi_bind", "memcached_bind", \ 
"scgi_bind", and
   "uwsgi_bind" directives.

*) Feature: improved CPU cache line size detection.
   Thanks to Debayan Ghosh.

*) Feature: new directives in vim syntax highlighting scripts.
   Thanks to Gena Makhomed.

*) Bugfix: binary upgrade refused to work if nginx was re-parented to a
   process with PID different from 1 after its parent process has
   finished.

*) Bugfix: the ngx_http_autoindex_module incorrectly handled requests
   with bodies.

*) Bugfix: in the "proxy_limit_rate" directive when used with the
   "keepalive" directive.

*) Bugfix: some parts of a response might be buffered when using
   "proxy_buffering off" if the client connection used SSL.
   Thanks to Patryk Lesiewicz.

*) Bugfix: in the "proxy_cache_background_update" directive.

*) Bugfix: it was not possible to start a parameter with a variable in
   the "${name}" form with the name in curly brackets without enclosing
   the parameter into single or double quotes.
   2017-11-26 17:48:37 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
nginx-devel: updated to 1.13.7

Changes with nginx 1.13.7:
*) Bugfix: in the $upstream_status variable.
*) Bugfix: a segmentation fault might occur in a worker process if a
   backend returned a "101 Switching Protocols" response to a
   subrequest.
*) Bugfix: a segmentation fault occurred in a master process if a shared
   memory zone size was changed during a reconfiguration and the
   reconfiguration failed.
*) Bugfix: in the ngx_http_fastcgi_module.
*) Bugfix: nginx returned the 500 error if parameters without variables
   were specified in the "xslt_stylesheet" directive.
*) Workaround: "gzip filter failed to use preallocated memory" alerts
   appeared in logs when using a zlib library variant from Intel.
*) Bugfix: the "worker_shutdown_timeout" directive did not work when
   using mail proxy and when proxying WebSocket connections.
   2017-10-28 12:57:50 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
nginx-devel: updated to 1.13.6

Changes with nginx 1.13.6                                        10 Oct 2017

    *) Bugfix: switching to the next upstream server in the stream module
       did not work when using the "ssl_preread" directive.

    *) Bugfix: in the ngx_http_v2_module.
       Thanks to Piotr Sikora.

    *) Bugfix: nginx did not support dates after the year 2038 on 32-bit
       platforms with 64-bit time_t.

    *) Bugfix: in handling of dates prior to the year 1970 and after the
       year 10000.

    *) Bugfix: in the stream module timeouts waiting for UDP datagrams from
       upstream servers were not logged or logged at the "info" level
       instead of "error".

    *) Bugfix: when using HTTP/2 nginx might return the 400 response without
       logging the reason.

    *) Bugfix: in processing of corrupted cache files.

    *) Bugfix: cache control headers were ignored when caching errors
       intercepted by error_page.

    *) Bugfix: when using HTTP/2 client request body might be corrupted.

    *) Bugfix: in handling of client addresses when using unix domain
       sockets.

    *) Bugfix: nginx hogged CPU when using the "hash ... consistent"
       directive in the upstream block if large weights were used and all or
       most of the servers were unavailable.
   2017-07-23 23:31:09 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
Changes with nginx 1.13.3:

*) Security: a specially crafted request might result in an integer
   overflow and incorrect processing of ranges in the range filter,
   potentially resulting in sensitive information leak (CVE-2017-7529).

Changes with nginx 1.13.2:

*) Change: nginx now returns 200 instead of 416 when a range starting
   with 0 is requested from an empty file.

*) Feature: the "add_trailer" directive.

*) Bugfix: nginx could not be built on Cygwin and NetBSD; the bug had
   appeared in 1.13.0.

*) Bugfix: nginx could not be built under MSYS2 / MinGW 64-bit.

*) Bugfix: a segmentation fault might occur in a worker process when
   using SSI with many includes and proxy_pass with variables.

*) Bugfix: in the ngx_http_v2_module.

Changes with nginx 1.13.1:

*) Feature: now a hostname can be used as the "set_real_ip_from"
   directive parameter.

*) Feature: vim syntax highlighting scripts improvements.

*) Feature: the "worker_cpu_affinity" directive now works on DragonFly
   BSD.

*) Bugfix: SSL renegotiation on backend connections did not work when
   using OpenSSL before 1.1.0.

*) Workaround: nginx could not be built with Oracle Developer Studio
   12.5.

*) Workaround: now cache manager ignores long locked cache entries when
   cleaning cache based on the "max_size" parameter.

*) Bugfix: client SSL connections were immediately closed if deferred
   accept and the "proxy_protocol" parameter of the "listen" \ 
directive
   were used.

*) Bugfix: in the "proxy_cache_background_update" directive.

*) Workaround: now the "tcp_nodelay" directive sets the TCP_NODELAY
   option before an SSL handshake.
   2017-06-29 14:20:06 by Filip Hajny | Files touched by this commit (3)
Log message:
Install processed rather than template nginx man page. PKGREVISION++
Fixes joyent/pkgsrc/issues/515
   2017-06-17 21:54:47 by Joerg Sonnenberger | Files touched by this commit (2)
Log message:
Fix build on NetBSD.
   2017-05-02 14:31:43 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
* Update www/nginx-devel to 1.13.0.
* Update naxsi to 0.55.3

Changes with nginx 1.13.0                                        25 Apr 2017

- Change: SSL renegotiation is now allowed on backend connections.
- Feature: the "rcvbuf" and "sndbuf" parameters of the \ 
"listen"
  directives of the mail proxy and stream modules.
- Feature: the "return" and "error_page" directives can now \ 
be used to
  return 308 redirections.
  Thanks to Simon Leblanc.
- Feature: the "TLSv1.3" parameter of the "ssl_protocols" \ 
directive.
- Feature: when logging signals nginx now logs PID of the process which
  sent the signal.
- Bugfix: in memory allocation error handling.
- Bugfix: if a server in the stream module listened on a wildcard
  address, the source address of a response UDP datagram could differ
  from the original datagram destination address.

Changes with nginx 1.11.13                                       04 Apr 2017

- Feature: the "http_429" parameter of the "proxy_next_upstream",
  "fastcgi_next_upstream", "scgi_next_upstream", and
  "uwsgi_next_upstream" directives.
  Thanks to Piotr Sikora.
- Bugfix: in memory allocation error handling.
- Bugfix: requests might hang when using the "sendfile" and
  "timer_resolution" directives on Linux.
- Bugfix: requests might hang when using the "sendfile" and \ 
"aio_write"
  directives with subrequests.
- Bugfix: in the ngx_http_v2_module.
  Thanks to Piotr Sikora.
- Bugfix: a segmentation fault might occur in a worker process when
  using HTTP/2.
- Bugfix: requests might hang when using the "limit_rate",
  "sendfile_max_chunk", "limit_req" directives, or the \ 
$r->sleep()
  embedded perl method with subrequests.
- Bugfix: in the ngx_http_slice_module.

Changes with nginx 1.11.12                                       24 Mar 2017

- Bugfix: nginx might hog CPU; the bug had appeared in 1.11.11.

Changes with nginx 1.11.11                                       21 Mar 2017

- Feature: the "worker_shutdown_timeout" directive.
- Feature: vim syntax highlighting scripts improvements.
  Thanks to Wei-Ko Kao.
- Bugfix: a segmentation fault might occur in a worker process if the
  $limit_rate variable was set to an empty string.
- Bugfix: the "proxy_cache_background_update",
  "fastcgi_cache_background_update", \ 
"scgi_cache_background_update",
  and "uwsgi_cache_background_update" directives might work incorrectly
  if the "if" directive was used.
- Bugfix: a segmentation fault might occur in a worker process if
  number of large_client_header_buffers in a virtual server was
  different from the one in the default server.
- Bugfix: in the mail proxy server.

Changes with nginx 1.11.10                                       14 Feb 2017

- Change: cache header format has been changed, previously cached
  responses will be invalidated.
- Feature: support of "stale-while-revalidate" and \ 
"stale-if-error"
  extensions in the "Cache-Control" backend response header line.
- Feature: the "proxy_cache_background_update",
  "fastcgi_cache_background_update", \ 
"scgi_cache_background_update",
  and "uwsgi_cache_background_update" directives.
- Feature: nginx is now able to cache responses with the "Vary" header
  line up to 128 characters long (instead of 42 characters in previous
  versions).
- Feature: the "build" parameter of the "server_tokens" \ 
directive.
  Thanks to Tom Thorogood.
- Bugfix: "[crit] SSL_write() failed" messages might appear in logs
  when handling requests with the "Expect: 100-continue" request header
  line.
- Bugfix: the ngx_http_slice_module did not work in named locations.
- Bugfix: a segmentation fault might occur in a worker process when
  using AIO after an "X-Accel-Redirect" redirection.
- Bugfix: reduced memory consumption for long-lived requests using
  gzipping.
   2017-02-14 11:14:36 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update www/nginx-devel to 1.11.9.

Changes with nginx 1.11.9                                        24 Jan 2017

    *) Bugfix: nginx might hog CPU when using the stream module; the bug had
       appeared in 1.11.5.

    *) Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted
       even if it was not enabled in the configuration.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "ssl_verify_client" directive of the stream module was used.

    *) Bugfix: the "ssl_verify_client" directive of the stream module might
       not work.

    *) Bugfix: closing keepalive connections due to no free worker
       connections might be too aggressive.
       Thanks to Joel Cunningham.

    *) Bugfix: an incorrect response might be returned when using the
       "sendfile" directive on FreeBSD and macOS; the bug had appeared in
       1.7.8.

    *) Bugfix: a truncated response might be stored in cache when using the
       "aio_write" directive.

    *) Bugfix: a socket leak might occur when using the "aio_write"
       directive.

Changes with nginx 1.11.8                                        27 Dec 2016

    *) Feature: the "absolute_redirect" directive.

    *) Feature: the "escape" parameter of the "log_format" \ 
directive.

    *) Feature: client SSL certificates verification in the stream module.

    *) Feature: the "ssl_session_ticket_key" directive supports AES256
       encryption of TLS session tickets when used with 80-byte keys.

    *) Feature: vim-commentary support in vim scripts.
       Thanks to Armin Grodon.

    *) Bugfix: recursion when evaluating variables was not limited.

    *) Bugfix: in the ngx_stream_ssl_preread_module.

    *) Bugfix: if a server in an upstream in the stream module failed, it
       was considered alive only when a test connection sent to it after
       fail_timeout was closed; now a successfully established connection is
       enough.

    *) Bugfix: nginx/Windows could not be built with 64-bit Visual Studio.

    *) Bugfix: nginx/Windows could not be built with OpenSSL 1.1.0.

Changes with nginx 1.11.7                                        13 Dec 2016

    *) Change: now in case of a client certificate verification error the
       $ssl_client_verify variable contains a string with the failure
       reason, for example, "FAILED:certificate has expired".

    *) Feature: the $ssl_ciphers, $ssl_curves, $ssl_client_v_start,
       $ssl_client_v_end, and $ssl_client_v_remain variables.

    *) Feature: the "volatile" parameter of the "map" directive.

    *) Bugfix: dependencies specified for a module were ignored while
       building dynamic modules.

    *) Bugfix: when using HTTP/2 and the "limit_req" or \ 
"auth_request"
       directives client request body might be corrupted; the bug had
       appeared in 1.11.0.

    *) Bugfix: a segmentation fault might occur in a worker process when
       using HTTP/2; the bug had appeared in 1.11.3.

    *) Bugfix: in the ngx_http_mp4_module.
       Thanks to Congcong Hu.

    *) Bugfix: in the ngx_http_perl_module.

Changes with nginx 1.11.6                                        15 Nov 2016

    *) Change: format of the $ssl_client_s_dn and $ssl_client_i_dn variables
       has been changed to follow RFC 2253 (RFC 4514); values in the old
       format are available in the $ssl_client_s_dn_legacy and
       $ssl_client_i_dn_legacy variables.

    *) Change: when storing temporary files in a cache directory they will
       be stored in the same subdirectories as corresponding cache files
       instead of a separate subdirectory for temporary files.

    *) Feature: EXTERNAL authentication mechanism support in mail proxy.
       Thanks to Robert Norris.

    *) Feature: WebP support in the ngx_http_image_filter_module.

    *) Feature: variables support in the "proxy_method" directive.
       Thanks to Dmitry Lazurkin.

    *) Feature: the "http2_max_requests" directive in the
       ngx_http_v2_module.

    *) Feature: the "proxy_cache_max_range_offset",
       "fastcgi_cache_max_range_offset", \ 
"scgi_cache_max_range_offset", and
       "uwsgi_cache_max_range_offset" directives.

    *) Bugfix: graceful shutdown of old worker processes might require
       infinite time when using HTTP/2.

    *) Bugfix: in the ngx_http_mp4_module.

    *) Bugfix: "ignore long locked inactive cache entry" alerts might \ 
appear
       in logs when proxying WebSocket connections with caching enabled.

    *) Bugfix: nginx did not write anything to log and returned a response
       with code 502 instead of 504 when a timeout occurred during an SSL
       handshake to a backend.

Changes with nginx 1.11.5                                        11 Oct 2016

    *) Change: the --with-ipv6 configure option was removed, now IPv6
       support is configured automatically.

    *) Change: now if there are no available servers in an upstream, nginx
       will not reset number of failures of all servers as it previously
       did, but will wait for fail_timeout to expire.

    *) Feature: the ngx_stream_ssl_preread_module.

    *) Feature: the "server" directive in the "upstream" \ 
context supports
       the "max_conns" parameter.

    *) Feature: the --with-compat configure option.

    *) Feature: "manager_files", "manager_threshold", and \ 
"manager_sleep"
       parameters of the "proxy_cache_path", \ 
"fastcgi_cache_path",
       "scgi_cache_path", and "uwsgi_cache_path" directives.

    *) Bugfix: flags passed by the --with-ld-opt configure option were not
       used while building perl module.

    *) Bugfix: in the "add_after_body" directive when used with the
       "sub_filter" directive.

    *) Bugfix: in the $realip_remote_addr variable.

    *) Bugfix: the "dav_access", "proxy_store_access",
       "fastcgi_store_access", "scgi_store_access", and \ 
"uwsgi_store_access"
       directives ignored permissions specified for user.

    *) Bugfix: unix domain listen sockets might not be inherited during
       binary upgrade on Linux.

    *) Bugfix: nginx returned the 400 response on requests with the "-"
       character in the HTTP method.