Commit Graph

35 Commits

Author SHA1 Message Date
Gustavo Zacarias
f6dfbfeb53 nginx: bump to version 1.10.2
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-10-19 17:38:05 +02:00
Adam Duskett
7f299f02b2 nginx-nasxi: new package
Naxsi is a third party nginx module reads a small subset of simple rules
containing a list of known patterns involved in website vulnerabilities.
This module behaves like a DROP-by-default firewall for nginx.

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
[Thomas:
 - include Config.in file directly from package/Config.in and not from
   package/nginx/Config.
 - improve Config.in help text with more details
 - rename the package prompt from ngx_http_naxsi_module to nginx-naxsi
 - remove NGINX_NAXSI_SOURCE, and fix the definition of
   NGINX_NAXSI_SITE
 - change license from GPLv3 to GPLv2+ with OpenSSL exception
 - cange license file from LICENSE to naxsi_src/naxsi_json.c. The
   LICENSE file exists in the latest Git master of the project, but
   not in the 0.54 tag that we're packaging.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-07-15 22:49:56 +02:00
Bimal Jacob
e103967d6f nginx-upload: new package
A module for nginx web server for handling file uploads using
multipart/form-data encoding (RFC 1867).

Signed-off-by: Bimal Jacob <bimal.jacob@rockwellcollins.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas:
 - rename from nginx-upload-module to nginx-upload. Indeed, we don't
   want all nginx modules to be suffixed with "-module"
 - include the module Config.in file directly from package/Config.in,
   like we do for Python, Perl, Lua or TCL modules.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-07-15 22:22:39 +02:00
Gustavo Zacarias
9f04805b61 nginx: security bump to version 1.10.1
Fixes:
CVE-2016-4450 - NULL pointer dereference while writing client request
body.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-06-05 22:21:48 +02:00
Martin Bark
2a59854aa7 package/nginx: fix patches titles
Changed [PATCH x/y] to [PATCH] at the beginning of the subject line
since the numbering is meaningless.

Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-16 22:04:19 +02:00
Martin Bark
4ab21916e1 package/nginx: add libatomic_ops support
Force the use of libatomics_ops on the sparc v8 and leon3 platforms to
allow nginx to build.  Optionally use libatomic_ops on other platforms.

This fixes:
 http://autobuild.buildroot.net/results/20dc41cd62887222d2569d81b5865893baeafaae/
 http://autobuild.buildroot.net/results/eb47af0c8df6fae82859865fb8b9912f45960444/

Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-13 23:21:14 +02:00
Martin Bark
7d02cc629c package/nginx: fix dlopen support
Only include dlfcn.h on systems that support it

This fixes:
 http://autobuild.buildroot.net/results/f72a9a81e21166af20332d835d71651be7c016c3/

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-13 23:21:01 +02:00
Martin Bark
65778b8700 package/nginx: fix libgd support
Change to using gdlib-config to find libgd and its dependencies.

This fixes:
 http://autobuild.buildroot.net/results/d1806140eccb1202cb8b223289510d64fb28acb6/

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-13 23:04:57 +02:00
Martin Bark
e0c8e18ed1 package/nginx: fix openssl support
Change to using pkg-config to find openssl and its dependencies.

This fixes:
 http://autobuild.buildroot.net/results/17db76c3a099e7592af343bbe119dfe717cd7999/

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-13 23:04:40 +02:00
Martin Bark
285f648658 package/nginx: fix libxslt support
Change to using pkg-config to find libxslt and it dependencies.

This Fixes:
 http://autobuild.buildroot.net/results/382699bbed15f598625b9296e464d1349ef559f8

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-13 23:04:34 +02:00
Martin Bark
bdbb0c8112 package/nginx: add debug logging support
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-05 22:44:19 +02:00
Martin Bark
2748bc6b65 package/nginx: add thread pool support
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-05 22:30:06 +02:00
Martin Bark
621ec32677 package/nginx: add support for stream proxy modules
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-05 22:30:05 +02:00
Martin Bark
4dfc2cb5fe package/nginx: bump version to 1.10.0
The ngx_http_spdy_module has been superseded by the ngx_http_v2_module
so BR2_PACKAGE_NGINX_HTTP_SPDY_MODULE has changed to
BR2_PACKAGE_NGINX_HTTP_V2_MODULE

Signed-off-by: Martin Bark <martin@barkynet.com>
[Thomas: rewrap Config.in.legacy help text.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-05 22:23:34 +02:00
Martin Bark
8513761493 package/nginx: fix error is nginx.service
When using systemd nginx fails to start with the error

    /usr/bin/mkdir: invalid option -- 't'

This is due to a missing space before the semicolon in nginx.service.
For systemd to handle multiple commands in ExecStartPre it requires the
semicolon to be a separate word or the use of multiple ExecStartPre.

This commit splits the multiple commands into two ExecStartPre lines
which fixes the error and improves readability.

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-05 22:22:56 +02:00
Martin Bark
868955a2eb package/nginx: fix mail modules not building
Add the missing --with-mail configure option

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-05 22:22:53 +02:00
Gustavo Zacarias
77dd34bc79 nginx: security bump to version 1.8.1
Fixes:

CVE-2016-0742 - invalid pointer dereference might occur during DNS
server response processing if the "resolver" directive was used,
allowing anattacker who is able to forge UDP packets from the DNS server
to cause segmentation fault in a worker process.

CVE-2016-0746 - use-after-free condition might occur during CNAME
response processing if the "resolver" directive was used, allowing an
attacker who is able to trigger name resolution to cause segmentation
fault in a worker process, or might have potential other impact.

CVE-2016-0747 - CNAME resolution was insufficiently limited if the
"resolver" directive was used, allowing an attacker who is able to
trigger arbitrary name resolution to cause excessive resource
consumption in worker processes.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-01-27 21:37:11 +01:00
Noé Rubinstein
407d77e9c1 package/nginx: fix a typo
Signed-off-by: Noé Rubinstein <nrubinstein@aldebaran.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-11-04 21:48:36 +01:00
Maxime Hadjinlian
0f75b2635e package: Replace 'echo -n' by 'printf'
'echo -n' is not a POSIX construct (no flag support), we shoud use
'printf', especially in init script.

This patch was generated by the following command line:
git grep -l 'echo -n' -- `git ls-files | grep -v 'patch'` | xargs sed -i 's/echo -n/printf/'

Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-10-04 00:56:41 +02:00
Aurélien Chabot
112ab5f404 nginx: activate the systemd service
Signed-off-by: Aurélien Chabot <aurelien@chabot.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-07-13 22:28:09 +02:00
Danomi Manchego
fed646f164 nginx: bump to 1.8.0 (latest stable version)
Patches refreshed to apply with no shift or fuzz.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-06-28 23:02:21 +02:00
Danomi Manchego
f6d1d1518c nginx: fix nginx.old clean-up
The bin path for nginx is configured for /usr/sbin, so deleting
the nginx.old back-up from /usr/bin never works.  Fix path, and
also use "$(RM)" instead of "-$(RM)", as "rm -f" never fails.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Acked-by: Samuel Martin <s.martin49@gmail.com>
Tested-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-06-28 23:00:57 +02:00
Gustavo Zacarias
757e9c4c2a package: kill pointless text justification
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-23 09:47:08 +02:00
Gustavo Zacarias
79ce08bbdc packages: remove non-IPv6 dependencies and tweaks
Now that IPv6 is mandatory remove package dependencies and conditionals
for it.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-22 23:06:35 +02:00
Gustavo Zacarias
2a19986c07 nginx: bump to version 1.6.3
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-07 22:22:25 +02:00
Gustavo Zacarias
f4716f79a0 packages: remove (non-)lfs dependencies and tweaks
Now that largefile is mandatory removes package dependencies and
conditionals.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-01 22:47:22 +02:00
Gustavo Zacarias
cdfce42046 nginx: add hash file
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-20 20:50:22 +01:00
Samuel Martin
e935d6079f package/nginx: disallow AIO support on arc
The nginx AIO support cannot build on arc, because it hardcodes
the usage of SYS_eventfd(), while it should just use eventfd() from
the C library.

Fixes:
  http://autobuild.buildroot.org/results/f3e/f3e2c7a937517a5444f8c6cc0b02692af897b3e0/

[Thomas: adjust comment as suggested by Yann.]

Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-12-07 21:27:49 +01:00
Samuel Martin
b11cbd9bba package/nginx: remove rtsig module support
rtsig module uses the deprecated sysctl syscall, which is not
implemented on some recent architecture (such as arc).

Also, rtsig module is almost considered as deprecated by some nginx
developers [1].

So, just remove this option.

Fixes:
  http://autobuild.buildroot.org/results/730/730105fc0a89b381b3b29192d07f28ef1f13cbb3/

[1] http://mailman.nginx.org/pipermail/nginx-devel/2014-November/006295.html

Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-12-03 13:32:21 +01:00
Samuel Martin
ed961f1128 package/nginx: rename patch to new convention
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-12-03 13:31:51 +01:00
Maxime Hadjinlian
1595d6b531 package/*/*.mk: Fix indent
Change LIBFOO_PERMISSIONS everywhere to be a space-separated list.
As nothing was specified in the manual but all our lists are space
separated, there is no reason that this one should be made an exception.

Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-11-19 23:23:35 +01:00
Samuel Martin
6476f9adcd package/nginx: fix build failure
Correctly set NGX_SYS_NERR, even when it is 0.

Fixes:
  http://autobuild.buildroot.org/results/666/666d780bf61e10c9f89f765bb04ddc1afc11d0d1/
  http://autobuild.buildroot.org/?reason=nginx-1.6.2&&arch=powerpc

Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-25 02:46:50 +02:00
Thomas Petazzoni
d6d8bac096 nginx: disallow AIO support on AArch64
The nginx AIO support cannot build on AArch64, because it hardcodes
the usage of SYS_eventfd(), while it should just use eventfd() from
the C library.

See https://bugs.launchpad.net/linaro-aarch64/+bug/1160013 for details.

Fixes:

  http://autobuild.buildroot.org/results/54b/54bb761f9e774d91066b78217efcd583fdd85ff3/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-12 19:25:05 +02:00
Yuvaraj Patil
c9737ee7f8 nginx: Depends on MMU
This package needs MMU. Hence added dependency on BR2_USE_MMU

Fixes:
http://autobuild.buildroot.net/results/224/2240f11fc52e07ff64913844078e2616842a63dc//

[Peter: also add dependency to menuconfig option]
Signed-off-by: Yuvaraj Patil <yuvaraj.patil@wipro.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-10 08:44:56 +02:00
Samuel Martin
390a144903 package/nginx: new package
nginx module selection is, by default, the same as the one sets by
the upstream configure script.

Patches improving the cross-compilation support have already been sent
upstream for integration [1-5].

All these patches are needed because nginx uses its own handwritten
build-system, which is cross-platform, but does not properly support
cross-compilation.

Fixes bug: #3427 [6]

[1] http://mailman.nginx.org/pipermail/nginx-devel/2014-August/005722.html
[2] http://mailman.nginx.org/pipermail/nginx-devel/2014-August/005724.html
[3] http://mailman.nginx.org/pipermail/nginx-devel/2014-August/005725.html
[4] http://mailman.nginx.org/pipermail/nginx-devel/2014-August/005723.html
[5] http://mailman.nginx.org/pipermail/nginx-devel/2014-August/005726.html
[6] https://bugs.uclibc.org/show_bug.cgi?id=3427

Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Cc: Daniele Salvatore Albano <info@daccii.it>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Johan Oudinet <johan.oudinet@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-05 14:24:27 +02:00