Subject: CVS commit: pkgsrc/www/nginx
From: Emile iMil Heitor
Date: 2013-04-25 13:10:49
Message id: 20130425111049.ED0CD175DD@cvs.netbsd.org

Log Message:
Updated nginx stable to 1.4.0. Notable improvements regarding latest stable
version are:

. SPDY protocol support
. WebSocket connections
. OCSP Stapling
. gunzip module
. flood prevention through rejection codes

Full changelog:

Changes with nginx 1.4.0                                         24 Apr 2013

    *) Bugfix: nginx could not be built with the ngx_http_perl_module if the
       --with-openssl option was used; the bug had appeared in 1.3.16.

    *) Bugfix: in a request body handling in the ngx_http_perl_module; the
       bug had appeared in 1.3.9.

Changes with nginx 1.3.16                                        16 Apr 2013

    *) Bugfix: a segmentation fault might occur in a worker process if
       subrequests were used; the bug had appeared in 1.3.9.

    *) Bugfix: the "tcp_nodelay" directive caused an error if a WebSocket
       connection was proxied into a unix domain socket.

    *) Bugfix: the $upstream_response_length variable has an incorrect value
       "0" if buffering was not used.
       Thanks to Piotr Sikora.

    *) Bugfix: in the eventport and /dev/poll methods.

Changes with nginx 1.3.15                                        26 Mar 2013

    *) Change: opening and closing a connection without sending any data in
       it is no longer logged to access_log with error code 400.

    *) Feature: the ngx_http_spdy_module.
       Thanks to Automattic for sponsoring this work.

    *) Feature: the "limit_req_status" and \ 
"limit_conn_status" directives.
       Thanks to Nick Marden.

    *) Feature: the "image_filter_interlace" directive.
       Thanks to Ian Babrou.

    *) Feature: $connections_waiting variable in the
       ngx_http_stub_status_module.

    *) Feature: the mail proxy module now supports IPv6 backends.

    *) Bugfix: request body might be transmitted incorrectly when retrying a
       request to the next upstream server; the bug had appeared in 1.3.9.
       Thanks to Piotr Sikora.

    *) Bugfix: in the "client_body_in_file_only" directive; the bug had
       appeared in 1.3.9.

    *) Bugfix: responses might hang if subrequests were used and a DNS error
       happened during subrequest processing.
       Thanks to Lanshun Zhou.

    *) Bugfix: in backend usage accounting.

Changes with nginx 1.3.14                                        05 Mar 2013

    *) Feature: $connections_active, $connections_reading, and
       $connections_writing variables in the ngx_http_stub_status_module.

    *) Feature: support of WebSocket connections in the
       ngx_http_uwsgi_module and ngx_http_scgi_module.

    *) Bugfix: in virtual servers handling with SNI.

    *) Bugfix: new sessions were not always stored if the "ssl_session_cache
       shared" directive was used and there was no free space in shared
       memory.
       Thanks to Piotr Sikora.

    *) Bugfix: multiple X-Forwarded-For headers were handled incorrectly.
       Thanks to Neal Poole for sponsoring this work.

    *) Bugfix: in the ngx_http_mp4_module.
       Thanks to Gernot Vormayr.

Changes with nginx 1.3.13                                        19 Feb 2013

    *) Change: a compiler with name "cc" is now used by default.

    *) Feature: support for proxying of WebSocket connections.
       Thanks to Apcera and CloudBees for sponsoring this work.

    *) Feature: the "auth_basic_user_file" directive supports \ 
"{SHA}"
       password encryption method.
       Thanks to Louis Opter.

Changes with nginx 1.3.12                                        05 Feb 2013

    *) Feature: variables support in the "proxy_bind", \ 
"fastcgi_bind",
       "memcached_bind", "scgi_bind", and \ 
"uwsgi_bind" directives.

    *) Feature: the $pipe, $request_length, $time_iso8601, and $time_local
       variables can now be used not only in the "log_format" directive.
       Thanks to Kiril Kalchev.

    *) Feature: IPv6 support in the ngx_http_geoip_module.
       Thanks to Gregor Kali¨nik.

    *) Bugfix: in the "proxy_method" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if
       resolver was used with the poll method.

    *) Bugfix: nginx might hog CPU during SSL handshake with a backend if
       the select, poll, or /dev/poll methods were used.

    *) Bugfix: the "[crit] SSL_write() failed (SSL:)" error.

    *) Bugfix: in the "client_body_in_file_only" directive; the bug had
       appeared in 1.3.9.

    *) Bugfix: in the "fastcgi_keep_conn" directive.

Changes with nginx 1.3.11                                        10 Jan 2013

    *) Bugfix: a segmentation fault might occur if logging was used; the bug
       had appeared in 1.3.10.

    *) Bugfix: the "proxy_pass" directive did not work with IP addresses
       without port specified; the bug had appeared in 1.3.10.

    *) Bugfix: a segmentation fault occurred on start or during
       reconfiguration if the "keepalive" directive was specified more than
       once in a single upstream block.

    *) Bugfix: parameter "default" of the "geo" directive \ 
did not set
       default value for IPv6 addresses.

Changes with nginx 1.3.10                                        25 Dec 2012

    *) Change: domain names specified in configuration file are now resolved
       to IPv6 addresses as well as IPv4 ones.

    *) Change: now if the "include" directive with mask is used on Unix
       systems, included files are sorted in alphabetical order.

    *) Change: the "add_header" directive adds headers to 201 responses.

    *) Feature: the "geo" directive now supports IPv6 addresses in CIDR
       notation.

    *) Feature: the "flush" and "gzip" parameters of the \ 
"access_log"
       directive.

    *) Feature: variables support in the "auth_basic" directive.

    *) Bugfix: nginx could not be built with the ngx_http_perl_module in
       some cases.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_xslt_module was used.

    *) Bugfix: nginx could not be built on MacOSX in some cases.
       Thanks to Piotr Sikora.

    *) Bugfix: the "limit_rate" directive with high rates might result in
       truncated responses on 32-bit platforms.
       Thanks to Alexey Antropov.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "if" directive was used.
       Thanks to Piotr Sikora.

    *) Bugfix: a "100 Continue" response was issued with "413 \ 
Request Entity
       Too Large" responses.

    *) Bugfix: the "image_filter", \ 
"image_filter_jpeg_quality" and
       "image_filter_sharpen" directives might be inherited incorrectly.
       Thanks to Ian Babrou.

    *) Bugfix: "crypt_r() failed" errors might appear if the \ 
"auth_basic"
       directive was used on Linux.

    *) Bugfix: in backup servers handling.
       Thanks to Thomas Chen.

    *) Bugfix: proxied HEAD requests might return incorrect response if the
       "gzip" directive was used.

Changes with nginx 1.3.9                                         27 Nov 2012

    *) Feature: support for chunked transfer encoding while reading client
       request body.

    *) Feature: the $request_time and $msec variables can now be used not
       only in the "log_format" directive.

    *) Bugfix: cache manager and cache loader processes might not be able to
       start if more than 512 listen sockets were used.

    *) Bugfix: in the ngx_http_dav_module.

Changes with nginx 1.3.8                                         30 Oct 2012

    *) Feature: the "optional_no_ca" parameter of the \ 
"ssl_verify_client"
       directive.
       Thanks to Mike Kazantsev and Eric O'Connor.

    *) Feature: the $bytes_sent, $connection, and $connection_requests
       variables can now be used not only in the "log_format" directive.
       Thanks to Benjamin Grössing.

    *) Feature: the "auto" parameter of the \ 
"worker_processes" directive.

    *) Bugfix: "cache file ... has md5 collision" alert.

    *) Bugfix: in the ngx_http_gunzip_filter_module.

    *) Bugfix: in the "ssl_stapling" directive.

Changes with nginx 1.3.7                                         02 Oct 2012

    *) Feature: OCSP stapling support.
       Thanks to Comodo, DigiCert and GlobalSign for sponsoring this work.

    *) Feature: the "ssl_trusted_certificate" directive.

    *) Feature: resolver now randomly rotates addresses returned from cache.
       Thanks to Anton Jouline.

    *) Bugfix: OpenSSL 0.9.7 compatibility.

Changes with nginx 1.3.6                                         12 Sep 2012

    *) Feature: the ngx_http_gunzip_filter_module.

    *) Feature: the "memcached_gzip_flag" directive.

    *) Feature: the "always" parameter of the "gzip_static" \ 
directive.

    *) Bugfix: in the "limit_req" directive; the bug had appeared in \ 
1.1.14.
       Thanks to Charles Chen.

    *) Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if
       the --with-ipv6 option was used.

Changes with nginx 1.3.5                                         21 Aug 2012

    *) Change: the ngx_http_mp4_module module no longer skips tracks in
       formats other than H.264 and AAC.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "map" directive was used with variables as values.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "geo" directive was used with the "ranges" parameter \ 
but without the
       "default" parameter; the bug had appeared in 0.8.43.
       Thanks to Zhen Chen and Weibin Yao.

    *) Bugfix: in the -p command-line parameter handling.

    *) Bugfix: in the mail proxy server.

    *) Bugfix: of minor potential bugs.
       Thanks to Coverity.

    *) Bugfix: nginx/Windows could not be built with Visual Studio 2005
       Express.
       Thanks to HAYASHI Kentaro.

Changes with nginx 1.3.4                                         31 Jul 2012

    *) Change: the "ipv6only" parameter is now turned on by default for
       listening IPv6 sockets.

    *) Feature: the Clang compiler support.

    *) Bugfix: extra listening sockets might be created.
       Thanks to Roman Odaisky.

    *) Bugfix: nginx/Windows might hog CPU if a worker process failed to
       start.
       Thanks to Ricardo Villalobos Guevara.

    *) Bugfix: the "proxy_pass_header", "fastcgi_pass_header",
       "scgi_pass_header", "uwsgi_pass_header", \ 
"proxy_hide_header",
       "fastcgi_hide_header", "scgi_hide_header", and \ 
"uwsgi_hide_header"
       directives might be inherited incorrectly.

Changes with nginx 1.3.3                                         10 Jul 2012

    *) Feature: entity tags support and the "etag" directive.

    *) Bugfix: trailing dot in a source value was not ignored if the "map"
       directive was used with the "hostnames" parameter.

    *) Bugfix: incorrect location might be used to process a request if a
       URI was changed via a "rewrite" directive before an internal \ 
redirect
       to a named location.

Changes with nginx 1.3.2                                         26 Jun 2012

    *) Change: the "single" parameter of the "keepalive" \ 
directive is now
       ignored.

    *) Change: SSL compression is now disabled when using all versions of
       OpenSSL, including ones prior to 1.0.0.

    *) Feature: it is now possible to use the "ip_hash" directive to \ 
balance
       IPv6 clients.

    *) Feature: the $status variable can now be used not only in the
       "log_format" directive.

    *) Bugfix: a segmentation fault might occur in a worker process on
       shutdown if the "resolver" directive was used.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_mp4_module was used.

    *) Bugfix: in the ngx_http_mp4_module.

    *) Bugfix: a segmentation fault might occur in a worker process if
       conflicting wildcard server names were used.

    *) Bugfix: nginx might be terminated abnormally on a SIGBUS signal on
       ARM platform.

    *) Bugfix: an alert "sendmsg() failed (9: Bad file number)" on HP-UX
       while reconfiguration.

Changes with nginx 1.3.1                                         05 Jun 2012

    *) Security: now nginx/Windows ignores trailing dot in URI path
       component, and does not allow URIs with ":$" in it.
       Thanks to Vladimir Kochetkov, Positive Research Center.

    *) Feature: the "proxy_pass", "fastcgi_pass", \ 
"scgi_pass", "uwsgi_pass"
       directives, and the "server" directive inside the \ 
"upstream" block,
       now support IPv6 addresses.

    *) Feature: the "resolver" directive now supports IPv6 addresses and an
       optional port specification.

    *) Feature: the "least_conn" directive inside the \ 
"upstream" block.

    *) Feature: it is now possible to specify a weight for servers while
       using the "ip_hash" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "image_filter" directive was used; the bug had appeared in 1.3.0.

    *) Bugfix: nginx could not be built with ngx_cpp_test_module; the bug
       had appeared in 1.1.12.

    *) Bugfix: access to variables from SSI and embedded perl module might
       not work after reconfiguration.
       Thanks to Yichun Zhang.

    *) Bugfix: in the ngx_http_xslt_filter_module.
       Thanks to Kuramoto Eiji.

    *) Bugfix: memory leak if $geoip_org variable was used.
       Thanks to Denis F. Latypoff.

    *) Bugfix: in the "proxy_cookie_domain" and \ 
"proxy_cookie_path"
       directives.

Changes with nginx 1.3.0                                         15 May 2012

    *) Feature: the "debug_connection" directive now supports IPv6 \ 
addresses
       and the "unix:" parameter.

    *) Feature: the "set_real_ip_from" directive and the \ 
"proxy" parameter
       of the "geo" directive now support IPv6 addresses.

    *) Feature: the "real_ip_recursive", "geoip_proxy", and
       "geoip_proxy_recursive" directives.

    *) Feature: the "proxy_recursive" parameter of the "geo" \ 
directive.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "resolver" directive was used.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "fastcgi_pass", "scgi_pass", or \ 
"uwsgi_pass" directives were used and
       backend returned incorrect response.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "rewrite" directive was used and new request arguments in a
       replacement used variables.

    *) Bugfix: nginx might hog CPU if the open file resource limit was
       reached.

    *) Bugfix: nginx might loop infinitely over backends if the
       "proxy_next_upstream" directive with the "http_404" \ 
parameter was
       used and there were backup servers specified in an upstream block.

    *) Bugfix: adding the "down" parameter of the "server" \ 
directive might
       cause unneeded client redistribution among backend servers if the
       "ip_hash" directive was used.

    *) Bugfix: socket leak.
       Thanks to Yichun Zhang.

    *) Bugfix: in the ngx_http_fastcgi_module.

Files:
RevisionActionfile
1.36modifypkgsrc/www/nginx/Makefile
1.27modifypkgsrc/www/nginx/distinfo