From nobody Thu Jul 13 17:01:01 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R218Y6p6Mz4n2Ks; Thu, 13 Jul 2023 17:01:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4R218Y4tM6z3vjl; Thu, 13 Jul 2023 17:01:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1689267661; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TkY2nRWNhJA7uMrfB57gJtghXcw2PXQegXwlsDooh/8=; b=seeu8WMUqACg4gNVwhejsV9kUFp1Frga4OsEVrlGd8EGT6OPPVBVoB/KRHU88f/NV5m9Yg t01EH8KqlmNiQtCD9tR8aKmmx0+80feLWqiiofW/Ufyj0LoPlBzP+FaHDhjJv08G27dRC7 srSh++2jI2vNtvUH4FszHdqPB/C2J9FJz18rgZa3/6kreveQsXQF6k6MPWzGaQ05n1JxOa 3F+lL1EJxzXevXIW13DoC+6FwEYWHjT3OnRhzchhfz2137dTkMG2/z8r6vb61gAQbtG84C NLe+l5snaRwS4xb+OsQdEstZD/uqqajRJCic6ic/A/yVeAoRURBTEi52idF2UA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1689267661; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TkY2nRWNhJA7uMrfB57gJtghXcw2PXQegXwlsDooh/8=; b=RkRZPtZYyoS7A5gzMElp4AOHBhBLYndybiWUPLbVdv15zf4qVwrckTtCRnu3tafGs6VRF3 Jf5b0JiYiiWZDIOr12wyGqZ3JKyeZxBYpSrjRAfrUeQQqGVlSoJnCTwQxOxFX5nBWj/Baa wRLF6xo7YQyiU9GydjbHwpmPbBCvPxMrOGl6WWkBOqBPMR4aaSMJenzcyZ1/fqe/Y7Tyjc //Clis/bdVmL3H1eeHc3+XgU3D9w3YgK7bJPfHy7I7LrxfMnglNfg9BWgxArAc9W32ecqI mKE9oE9P0LAsDswWqQReMV8GeTo8OTO7zbAM7L4mlZWqsUwtubG+778KF51Wrg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1689267661; a=rsa-sha256; cv=none; b=KIrDcPT8J/0L9/1avKxHyPW4lSGTN2cOT8tkHVKViM1lmVg1D8NjTclxTxDDElnSAa7iu8 exl3sZTrcL9Nhf8vlrJThvw3qt+U3eFzQMSS9P+URD7a5qKWbIAbEQcDqmpjVeuP6tkpmx E+xfFKjq7pM8am1Oqt2ZV20wjjcFQvdoxOP3KybHmM9ThKzeyOnKjpAonrDoakuE12AZG3 M9gL3u8Cd4iCSIcwF0G6dlaiFdvEBaW3QaqrvUDrK8sGOpa9PWx9RjnPupRmrFyqSm9HJI F3FMkg7WS30gBEJx60Op0NVkqI30oFtyepx9x4UHTVeaCMc1HlUQQzsaTc/f8w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R218Y3gJWzymv; Thu, 13 Jul 2023 17:01:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 36DH11wj070777; Thu, 13 Jul 2023 17:01:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 36DH11pE070776; Thu, 13 Jul 2023 17:01:01 GMT (envelope-from git) Date: Thu, 13 Jul 2023 17:01:01 GMT Message-Id: <202307131701.36DH11pE070776@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Jochen Neumeister Subject: git: 29bb1a5806a6 - main - www/nginx: Moved Naxsi module List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: joneum X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 29bb1a5806a6e6084bbfb9b5856adac87e6d12ba Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by joneum: URL: https://cgit.FreeBSD.org/ports/commit/?id=29bb1a5806a6e6084bbfb9b5856adac87e6d12ba commit 29bb1a5806a6e6084bbfb9b5856adac87e6d12ba Author: Franco Fichtner AuthorDate: 2023-07-13 16:57:49 +0000 Commit: Jochen Neumeister CommitDate: 2023-07-13 17:00:39 +0000 www/nginx: Moved Naxsi module Moved the 3rd Madule Naxsi to a activ repository PR: 271963 Redorted by: David Armstrong Sponsored by: Netzkommune GmbH --- www/nginx/Makefile | 13 +++++++++++-- www/nginx/Makefile.extmod | 7 ++++--- www/nginx/distinfo | 6 +++--- www/nginx/files/extra-patch-naxsi_runtime.c | 23 ----------------------- 4 files changed, 18 insertions(+), 31 deletions(-) diff --git a/www/nginx/Makefile b/www/nginx/Makefile index ed76a30f3a42..55ea3ebe9cd2 100644 --- a/www/nginx/Makefile +++ b/www/nginx/Makefile @@ -1,6 +1,6 @@ PORTNAME= nginx PORTVERSION= 1.24.0 -PORTREVISION?= 6 +PORTREVISION?= 7 PORTEPOCH= 3 CATEGORIES= www MASTER_SITES= https://nginx.org/download/ \ @@ -266,6 +266,11 @@ pre-everything:: .endif @${ECHO_MSG} +post-extract-NAXSI-on: + @${MKDIR} ${WRKDIR}/naxsi-${NAXSI_NGINX_VER} + @${MV} ${WRKDIR}/naxsi_rules ${WRKDIR}/naxsi_src \ + ${WRKDIR}/naxsi-${NAXSI_NGINX_VER} + pre-patch-HTTPV3-on: @${MV} ${WRKSRC}/README ${WRKSRC}/README.1st @@ -307,6 +312,10 @@ post-patch-HTTP_ZIP-on: post-patch-ICONV-on: @${REINPLACE_CMD} 's!%%PREFIX%%!${LOCALBASE}!g' ${WRKSRC_iconv}/config +post-patch-NAXSI-on: + @${REINPLACE_CMD} 's!MSIZE!TOK_MSIZE!g' \ + ${WRKSRC_naxsi}/naxsi_src/libinjection/src/libinjection_sqli.c + post-patch-PASSENGER-on: @${REINPLACE_CMD} \ '177,179s!true!false!' \ @@ -370,7 +379,7 @@ do-install-LINK-on: do-install-NAXSI-on: ${INSTALL_DATA} \ - ${WRKDIR}/naxsi-${NAXSI_NGINX_VER}/naxsi_config/naxsi_core.rules \ + ${WRKDIR}/naxsi-${NAXSI_NGINX_VER}/naxsi_rules/naxsi_core.rules \ ${STAGEDIR}${ETCDIR} .endif diff --git a/www/nginx/Makefile.extmod b/www/nginx/Makefile.extmod index 2483f2c97a99..5782924cb8f0 100644 --- a/www/nginx/Makefile.extmod +++ b/www/nginx/Makefile.extmod @@ -242,10 +242,11 @@ MODSECURITY3_LIB_DEPENDS= libmodsecurity.so:security/modsecurity3 MODSECURITY3_GH_TUPLE= SpiderLabs:ModSecurity-nginx:v1.0.3:modsecurity3 MODSECURITY3_VARS= DSO_EXTMODS+=modsecurity3 -NAXSI_NGINX_VER= 29793dc -NAXSI_GH_TUPLE= nbs-system:naxsi:${NAXSI_NGINX_VER}:naxsi +NAXSI_NGINX_VER= 1.4 +NAXSI_MASTER_SITES= https://www.github.com/wargio/naxsi/releases/download/1.4/:naxsi +NAXSI_DISTFILES= naxsi-${NAXSI_NGINX_VER}-src-with-deps.tar.gz:naxsi NAXSI_VARS= DSO_EXTMODS+=naxsi NAXSI_SUBDIR=/naxsi_src -NAXSI_EXTRA_PATCHES= ${PATCHDIR}/extra-patch-naxsi_runtime.c +WRKSRC_naxsi= ${WRKDIR}/naxsi-${NAXSI_NGINX_VER} NJS_GH_TUPLE= nginx:njs:0.7.12:njs NJS_VARS= DSO_EXTMODS+=njs NJS_SUBDIR=/nginx diff --git a/www/nginx/distinfo b/www/nginx/distinfo index 95601fb73b4b..5a752448dc29 100644 --- a/www/nginx/distinfo +++ b/www/nginx/distinfo @@ -1,4 +1,4 @@ -TIMESTAMP = 1684343308 +TIMESTAMP = 1687522128 SHA256 (nginx-1.24.0.tar.gz) = 77a2541637b92a621e3ee76776c8b7b40cf6d707e69ba53a940283e30ff2f55d SIZE (nginx-1.24.0.tar.gz) = 1112471 SHA256 (chobits-ngx_http_proxy_connect_module-75febef_GH0.tar.gz) = 6169361f31607af0ec8c78b356e62c2aeb128649161d688d7ea92f4d2c1c39f9 @@ -9,6 +9,8 @@ SHA256 (nginx_mod_h264_streaming-2.2.7.tar.gz) = 6d974ba630cef59de1f60996c66b401 SIZE (nginx_mod_h264_streaming-2.2.7.tar.gz) = 44012 SHA256 (ngx_http_redis-0.3.9.tar.gz) = 21f87540f0a44b23ffa5df16fb3d788bc90803b255ef14f9c26e3847a6f26f46 SIZE (ngx_http_redis-0.3.9.tar.gz) = 13051 +SHA256 (naxsi-1.4-src-with-deps.tar.gz) = c4b9d752fbb70fa40fcc17aaaef6e0f19071a0e77ff74cac4b3da57a67868684 +SIZE (naxsi-1.4-src-with-deps.tar.gz) = 2274095 SHA256 (passenger-6.0.17.tar.gz) = 385559ed1d78eb83165222d568721dcc4222bb57c1939811ecd2c4ef33937ba7 SIZE (passenger-6.0.17.tar.gz) = 8422867 SHA256 (msva-nginx_ajp_module-fcbb2cc_GH0.tar.gz) = 522e94c59f5783f281d868ede2adf325bf2f8ffb9e62cf8451d4b9ac0516916c @@ -107,8 +109,6 @@ SHA256 (openresty-memc-nginx-module-v0.19_GH0.tar.gz) = 8c2bdbe875e4f5225d0778bf SIZE (openresty-memc-nginx-module-v0.19_GH0.tar.gz) = 34654 SHA256 (SpiderLabs-ModSecurity-nginx-v1.0.3_GH0.tar.gz) = 32a42256616cc674dca24c8654397390adff15b888b77eb74e0687f023c8751b SIZE (SpiderLabs-ModSecurity-nginx-v1.0.3_GH0.tar.gz) = 34063 -SHA256 (nbs-system-naxsi-29793dc_GH0.tar.gz) = 579df0e50ff32464f7bb152df9d93ea18c05c4aa3966ec4d8c603b5dd629be08 -SIZE (nbs-system-naxsi-29793dc_GH0.tar.gz) = 236932 SHA256 (nginx-njs-0.7.12_GH0.tar.gz) = 7a75a39022dfb58dbf461053903a07cc48dd4942f7d82a46601819c1b0077687 SIZE (nginx-njs-0.7.12_GH0.tar.gz) = 662554 SHA256 (opentracing-contrib-nginx-opentracing-v0.24.0_GH0.tar.gz) = 5328c5f37e0615b5252aed51b9cd40f3d14989d995ad54134076aeda4ab9b280 diff --git a/www/nginx/files/extra-patch-naxsi_runtime.c b/www/nginx/files/extra-patch-naxsi_runtime.c deleted file mode 100644 index c08dd1f92540..000000000000 --- a/www/nginx/files/extra-patch-naxsi_runtime.c +++ /dev/null @@ -1,23 +0,0 @@ ---- ../naxsi-29793dc/naxsi_src/naxsi_runtime.c.orig 2022-07-10 18:11:39.685243000 -0400 -+++ ../naxsi-29793dc/naxsi_src/naxsi_runtime.c 2022-07-10 18:14:53.935554000 -0400 -@@ -9,6 +9,11 @@ - #include "naxsi_macros.h" - #include "naxsi_net.h" - -+#if (NGX_PCRE2) -+#include -+#else -+#include -+#endif - /* used to store locations during the configuration time. - then, accessed by the hashtable building feature during "init" time. */ - -@@ -181,7 +186,7 @@ - unsigned char* - ngx_utf8_check(ngx_str_t* str); - --#if defined nginx_version && (nginx_version >= 1021005) -+#if (NGX_PCRE2) - /* - * variables to use pcre2 - */