git: baa4deef3b42 - main - www/nginx: Update 3rd-party module
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 01 May 2023 08:44:44 UTC
The branch main has been updated by joneum: URL: https://cgit.FreeBSD.org/ports/commit/?id=baa4deef3b42cfeec46d9a2b3928368cd2a05ff5 commit baa4deef3b42cfeec46d9a2b3928368cd2a05ff5 Author: Jochen Neumeister <joneum@FreeBSD.org> AuthorDate: 2023-05-01 08:40:37 +0000 Commit: Jochen Neumeister <joneum@FreeBSD.org> CommitDate: 2023-05-01 08:44:38 +0000 www/nginx: Update 3rd-party module Resurrect GSSAPI radio button for http_auth_krb5 module, last one builds just fine with both implementations now. Obtained from: nginx-devel Sponsored by: Netzkommune GmbH --- www/nginx/Makefile | 16 ++++++- www/nginx/Makefile.extmod | 11 ++--- www/nginx/distinfo | 14 +++--- .../extra-patch-ngx_http_auth_spnego_module.c | 52 ---------------------- www/nginx/files/extra-patch-ngx_http_clojure_mem.h | 11 ----- ...xtra-patch-spnego-http-auth-nginx-module-config | 4 +- 6 files changed, 28 insertions(+), 80 deletions(-) diff --git a/www/nginx/Makefile b/www/nginx/Makefile index e72cbd5d5d8d..6a12caffdf67 100644 --- a/www/nginx/Makefile +++ b/www/nginx/Makefile @@ -1,6 +1,6 @@ PORTNAME= nginx PORTVERSION= 1.24.0 -PORTREVISION?= 2 +PORTREVISION?= 3 PORTEPOCH= 3 CATEGORIES= www MASTER_SITES= https://nginx.org/download/ \ @@ -87,6 +87,11 @@ OPTIONS_DEFAULT?= DSO FILE_AIO HTTP HTTP_ADDITION HTTP_AUTH_REQ HTTP_CACHE \ LIB_DEPENDS+= libpcre2-8.so:devel/pcre2 +OPTIONS_RADIO+= GSSAPI +OPTIONS_RADIO_GSSAPI= GSSAPI_HEIMDAL GSSAPI_MIT +GSSAPI_HEIMDAL_USES= gssapi:heimdal,flags +GSSAPI_MIT_USES= gssapi:mit + OPTIONS_SUB= yes .include "Makefile.options.desc" @@ -103,6 +108,9 @@ ${opt}_IMPLIES= HTTP ${opt}_IMPLIES= STREAM .endfor +GSSAPI_HEIMDAL_IMPLIES= HTTP_AUTH_KRB5 +GSSAPI_MIT_IMPLIES= HTTP_AUTH_KRB5 + # If the target is makesum, make sure that every distfile is fetched. .if ${.TARGETS:Mmakesum} OPTIONS_DEFAULT= ${OPTIONS_DEFINE} ${OPTIONS_GROUP_HTTPGRP} \ @@ -220,6 +228,12 @@ IGNORE= requires at least HTTP or MAIL to \ be defined. Please do 'make config' again .endif +.if ${PORT_OPTIONS:MHTTP_AUTH_KRB5} && (empty(PORT_OPTIONS:MGSSAPI_HEIMDAL) && empty(PORT_OPTIONS:MGSSAPI_MIT)) +IGNORE= required at least GSSAPI_HEIMDAL or \ + GSSAPI_MIT to be defined. Please do \ + 'make config' again +.endif + .if ${PORT_OPTIONS:MPASSENGER} && empty(PORT_OPTIONS:MDEBUG) CONFIGURE_ENV+= OPTIMIZE="yes" CFLAGS+= -DNDEBUG diff --git a/www/nginx/Makefile.extmod b/www/nginx/Makefile.extmod index 1bfb973a5f73..83bbd228729b 100644 --- a/www/nginx/Makefile.extmod +++ b/www/nginx/Makefile.extmod @@ -35,10 +35,9 @@ CACHE_PURGE_VARS= DSO_EXTMODS+=cache_purge CLOJURE_CATEGORIES+= java CLOJURE_USE= JAVA=yes JAVA_OS=native JAVA_VERSION=1.8 \ JAVA_VENDOR=openjdk JAVA_BUILD=yes JAVA_RUN=yes -CLOJURE_GH_TUPLE= nginx-clojure:nginx-clojure:4347955:clojure +CLOJURE_GH_TUPLE= nginx-clojure:nginx-clojure:v0.6.0:clojure CLOJURE_CONFIGURE_ENV= "JNI_INCS=-I${LOCALBASE}/openjdk8/include -I${LOCALBASE}/openjdk8/include/freebsd" CLOJURE_VARS= DSO_EXTMODS+=clojure CLOJURE_SUBDIR=/src/c -CLOJURE_EXTRA_PATCHES= ${PATCHDIR}/extra-patch-ngx_http_clojure_mem.h COOKIE_FLAG_GH_TUPLE= AirisX:nginx_cookie_flag_module:c4ff449:cookie_flag COOKIE_FLAG_VARS= DSO_EXTMODS+=cookie_flag @@ -90,11 +89,9 @@ HTTP_ACCEPT_LANGUAGE_VARS= DSO_EXTMODS+=accept_language HTTP_AUTH_DIGEST_GH_TUPLE= atomx:nginx-http-auth-digest:274490c:auth_digest HTTP_AUTH_DIGEST_VARS= DSO_EXTMODS+=auth_digest -HTTP_AUTH_KRB5_GH_TUPLE= stnoonan:spnego-http-auth-nginx-module:c626163:auth_krb5 +HTTP_AUTH_KRB5_GH_TUPLE= stnoonan:spnego-http-auth-nginx-module:3575542:auth_krb5 HTTP_AUTH_KRB5_VARS= DSO_EXTMODS+=auth_krb5 -HTTP_AUTH_KRB5_EXTRA_PATCHES= ${PATCHDIR}/extra-patch-spnego-http-auth-nginx-module-config \ - ${PATCHDIR}/extra-patch-ngx_http_auth_spnego_module.c -HTTP_AUTH_KRB5_USES= gssapi:mit +HTTP_AUTH_KRB5_EXTRA_PATCHES= ${PATCHDIR}/extra-patch-spnego-http-auth-nginx-module-config HTTP_AUTH_LDAP_GH_TUPLE= kvspb:nginx-auth-ldap:83c059b:http_auth_ldap HTTP_AUTH_LDAP_EXTRA_PATCHES= ${PATCHDIR}/extra-patch-ngx_http_auth_ldap_module.c @@ -317,7 +314,7 @@ VOD_LIB_DEPENDS= libxml2.so:textproc/libxml2 \ VOD_USES= iconv VOD_VARS= DSO_EXTMODS+=vod -VTS_GH_TUPLE= vozlt:nginx-module-vts:v0.2.1:vts +VTS_GH_TUPLE= vozlt:nginx-module-vts:bf64dbf:vts VTS_VARS= DSO_EXTMODS+=vts XSS_GH_TUPLE= openresty:xss-nginx-module:v0.06:xss diff --git a/www/nginx/distinfo b/www/nginx/distinfo index fc9e554a7903..47afcc274018 100644 --- a/www/nginx/distinfo +++ b/www/nginx/distinfo @@ -1,4 +1,4 @@ -TIMESTAMP = 1682355666 +TIMESTAMP = 1682928975 SHA256 (nginx-1.24.0.tar.gz) = 77a2541637b92a621e3ee76776c8b7b40cf6d707e69ba53a940283e30ff2f55d SIZE (nginx-1.24.0.tar.gz) = 1112471 SHA256 (nginx_mogilefs_module-1.0.4.tar.gz) = 7ac230d30907f013dff8d435a118619ea6168aa3714dba62c6962d350c6295ae @@ -19,8 +19,8 @@ SHA256 (google-ngx_brotli-9aec15e_GH0.tar.gz) = 0177b1158ff7092b9996346de28a0b29 SIZE (google-ngx_brotli-9aec15e_GH0.tar.gz) = 16194 SHA256 (torden-ngx_cache_purge-2b977cf_GH0.tar.gz) = 9de7dad5827edf37e803435ee764f6815562053daa0821aedaf539580307ff93 SIZE (torden-ngx_cache_purge-2b977cf_GH0.tar.gz) = 16739 -SHA256 (nginx-clojure-nginx-clojure-4347955_GH0.tar.gz) = 9f0fc3b479936fc5b20101c6d238bff5a6f4a32b28d8ec4a511f902abe2abc1f -SIZE (nginx-clojure-nginx-clojure-4347955_GH0.tar.gz) = 756519 +SHA256 (nginx-clojure-nginx-clojure-v0.6.0_GH0.tar.gz) = e8215cdebc3eb13f852c10e9bbbf315f2e1b75bb4dec015ca60ec29efcb86509 +SIZE (nginx-clojure-nginx-clojure-v0.6.0_GH0.tar.gz) = 786029 SHA256 (AirisX-nginx_cookie_flag_module-c4ff449_GH0.tar.gz) = 4b8c1c1e1ed59ed85751f4bd7d68026ad5051103c8b983e05ad17eb0cdab138e SIZE (AirisX-nginx_cookie_flag_module-c4ff449_GH0.tar.gz) = 4713 SHA256 (grahamedgecombe-nginx-ct-93e9884_GH0.tar.gz) = 72fdd125b9207cdda135f368095f85b943a78a4ff004d1cd217972e12b1571b2 @@ -47,8 +47,8 @@ SHA256 (dvershinin-nginx_accept_language_module-5683967_GH0.tar.gz) = a58feb576f SIZE (dvershinin-nginx_accept_language_module-5683967_GH0.tar.gz) = 3425 SHA256 (atomx-nginx-http-auth-digest-274490c_GH0.tar.gz) = 0839c33c2f8d519f92daae274f62cf87eb68415d562c6500ee3e3721ce80557c SIZE (atomx-nginx-http-auth-digest-274490c_GH0.tar.gz) = 17815 -SHA256 (stnoonan-spnego-http-auth-nginx-module-c626163_GH0.tar.gz) = dac75d65453744ffe0f7af248f10f98fc89efca07303aa45a610805e57c588fc -SIZE (stnoonan-spnego-http-auth-nginx-module-c626163_GH0.tar.gz) = 24404 +SHA256 (stnoonan-spnego-http-auth-nginx-module-3575542_GH0.tar.gz) = 6d710f97bef58b2d5dc54445c0e48103786425f6d4ab18cf30a2168904d0ba62 +SIZE (stnoonan-spnego-http-auth-nginx-module-3575542_GH0.tar.gz) = 24680 SHA256 (kvspb-nginx-auth-ldap-83c059b_GH0.tar.gz) = e76e9e117ad51af578a68fa7a30c256178796bb271fa77f01c93281a92b09921 SIZE (kvspb-nginx-auth-ldap-83c059b_GH0.tar.gz) = 18547 SHA256 (sto-ngx_http_auth_pam_module-v1.5.3_GH0.tar.gz) = 882018fea8d6955ab3fe294aafa8ebb1fdff4eac313c29583fef02c6de76fae7 @@ -135,8 +135,8 @@ SHA256 (vozlt-nginx-module-sts-3c10d42_GH0.tar.gz) = 748b67ceb82b3b843ae915bf786 SIZE (vozlt-nginx-module-sts-3c10d42_GH0.tar.gz) = 352431 SHA256 (kaltura-nginx-vod-module-1.31_GH0.tar.gz) = ace04201cf2d2b1a3e5e732a22b92225b8ce61a494df9cc7f79d97efface8952 SIZE (kaltura-nginx-vod-module-1.31_GH0.tar.gz) = 470904 -SHA256 (vozlt-nginx-module-vts-v0.2.1_GH0.tar.gz) = 1a63d78d3ae4df18b3a57a616eeee006cdc0bd71aa7ea2947046004b123704f4 -SIZE (vozlt-nginx-module-vts-v0.2.1_GH0.tar.gz) = 179679 +SHA256 (vozlt-nginx-module-vts-bf64dbf_GH0.tar.gz) = d2782c75e39cb2ecf68453922b43ab2295adb6a35fa6a0f9c14173f70d22d7b1 +SIZE (vozlt-nginx-module-vts-bf64dbf_GH0.tar.gz) = 180394 SHA256 (tg123-websockify-nginx-module-c11bc9a_GH0.tar.gz) = aca454bffcee2476dc92682ebfb8c0378a271fda178be7e945d648419d220758 SIZE (tg123-websockify-nginx-module-c11bc9a_GH0.tar.gz) = 14646 SHA256 (openresty-xss-nginx-module-v0.06_GH0.tar.gz) = 0b12bbc53a41f3e3d6df419c173b8c87434be3e6cd255a8193aa91345a2de6cf diff --git a/www/nginx/files/extra-patch-ngx_http_auth_spnego_module.c b/www/nginx/files/extra-patch-ngx_http_auth_spnego_module.c deleted file mode 100644 index 40aea7e6e875..000000000000 --- a/www/nginx/files/extra-patch-ngx_http_auth_spnego_module.c +++ /dev/null @@ -1,52 +0,0 @@ ---- ../spnego-http-auth-nginx-module-c626163/ngx_http_auth_spnego_module.c.orig -+++ ../spnego-http-auth-nginx-module-c626163/ngx_http_auth_spnego_module.c -@@ -502,6 +502,7 @@ ngx_http_auth_spnego_headers_basic_only(ngx_http_request_t *r, - } - - r->headers_out.www_authenticate->hash = 1; -+ r->headers_out.www_authenticate->next = NULL; - r->headers_out.www_authenticate->key.len = sizeof("WWW-Authenticate") - 1; - r->headers_out.www_authenticate->key.data = (u_char *)"WWW-Authenticate"; - r->headers_out.www_authenticate->value.len = value.len; -@@ -538,6 +539,7 @@ ngx_http_auth_spnego_headers(ngx_http_request_t *r, - } - - r->headers_out.www_authenticate->hash = 1; -+ r->headers_out.www_authenticate->next = NULL; - r->headers_out.www_authenticate->key.len = sizeof("WWW-Authenticate") - 1; - r->headers_out.www_authenticate->key.data = (u_char *)"WWW-Authenticate"; - r->headers_out.www_authenticate->value.len = value.len; -@@ -559,6 +561,7 @@ ngx_http_auth_spnego_headers(ngx_http_request_t *r, - } - - r->headers_out.www_authenticate->hash = 2; -+ r->headers_out.www_authenticate->next = NULL; - r->headers_out.www_authenticate->key.len = - sizeof("WWW-Authenticate") - 1; - r->headers_out.www_authenticate->key.data = -@@ -758,6 +761,12 @@ ngx_http_auth_spnego_store_delegated_creds(ngx_http_request_t *r, - char *ccname = NULL; - char *escaped = NULL; - -+ if ((kerr = krb5_init_context(&kcontext))) { -+ spnego_log_error("Kerberos error: Cannot initialize kerberos context"); -+ spnego_log_krb5_error(kcontext, kerr); -+ goto done; -+ } -+ - if (!delegated_creds.data) { - spnego_log_error( - "ngx_http_auth_spnego_store_delegated_creds() NULL credentials"); -@@ -766,12 +775,6 @@ ngx_http_auth_spnego_store_delegated_creds(ngx_http_request_t *r, - goto done; - } - -- if ((kerr = krb5_init_context(&kcontext))) { -- spnego_log_error("Kerberos error: Cannot initialize kerberos context"); -- spnego_log_krb5_error(kcontext, kerr); -- goto done; -- } -- - if ((kerr = krb5_parse_name(kcontext, (char *)principal_name->data, - &principal))) { - spnego_log_error("Kerberos error: Cannot parse principal %s", diff --git a/www/nginx/files/extra-patch-ngx_http_clojure_mem.h b/www/nginx/files/extra-patch-ngx_http_clojure_mem.h deleted file mode 100644 index 8ccf7ea4ba2b..000000000000 --- a/www/nginx/files/extra-patch-ngx_http_clojure_mem.h +++ /dev/null @@ -1,11 +0,0 @@ ---- ../nginx-clojure-4347955/src/c/ngx_http_clojure_mem.h.orig 2022-07-11 13:38:32.426478000 -0400 -+++ ../nginx-clojure-4347955/src/c/ngx_http_clojure_mem.h 2022-07-11 13:38:45.346434000 -0400 -@@ -421,7 +421,7 @@ - #define NGX_HTTP_CLOJURE_HEADERSI_PASSWD_IDX 90 - #define NGX_HTTP_CLOJURE_HEADERSI_PASSWD_OFFSET offsetof(ngx_http_headers_in_t, passwd) - #define NGX_HTTP_CLOJURE_HEADERSI_COOKIE_IDX 91 --#define NGX_HTTP_CLOJURE_HEADERSI_COOKIE_OFFSET offsetof(ngx_http_headers_in_t, cookies) -+#define NGX_HTTP_CLOJURE_HEADERSI_COOKIE_OFFSET offsetof(ngx_http_headers_in_t, cookie) - #define NGX_HTTP_CLOJURE_HEADERSI_SERVER_IDX 92 - #define NGX_HTTP_CLOJURE_HEADERSI_SERVER_OFFSET offsetof(ngx_http_headers_in_t, server) - #define NGX_HTTP_CLOJURE_HEADERSI_CONTENT_LENGTH_N_IDX 93 diff --git a/www/nginx/files/extra-patch-spnego-http-auth-nginx-module-config b/www/nginx/files/extra-patch-spnego-http-auth-nginx-module-config index 7ea16b2ff99e..a54e89e58a23 100644 --- a/www/nginx/files/extra-patch-spnego-http-auth-nginx-module-config +++ b/www/nginx/files/extra-patch-spnego-http-auth-nginx-module-config @@ -1,5 +1,5 @@ ---- ../spnego-http-auth-nginx-module-c626163/config.orig 2020-08-27 07:59:28.423636000 -0400 -+++ ../spnego-http-auth-nginx-module-c626163/config 2020-08-27 08:01:42.152121000 -0400 +--- ../spnego-http-auth-nginx-module-3575542/config.orig 2020-08-27 07:59:28.423636000 -0400 ++++ ../spnego-http-auth-nginx-module-3575542/config 2020-08-27 08:01:42.152121000 -0400 @@ -1,8 +1,9 @@ ngx_addon_name=ngx_http_auth_spnego_module -ngx_feature_libs="-lgssapi_krb5 -lkrb5 -lcom_err"