summaryrefslogtreecommitdiff
path: root/www-servers
diff options
context:
space:
mode:
Diffstat (limited to 'www-servers')
-rw-r--r--www-servers/Manifest.gzbin5549 -> 5550 bytes
-rw-r--r--www-servers/caddy/Manifest4
-rw-r--r--www-servers/caddy/caddy-0.10.11.ebuild (renamed from www-servers/caddy/caddy-0.10.9.ebuild)2
-rw-r--r--www-servers/nginx/Manifest5
-rw-r--r--www-servers/nginx/files/njs-0.1.15-fix-o3-building.patch24
-rw-r--r--www-servers/nginx/nginx-1.13.8-r1.ebuild10
-rw-r--r--www-servers/nginx/nginx-1.13.9.ebuild1065
-rw-r--r--www-servers/tomcat/Manifest22
-rw-r--r--www-servers/tomcat/tomcat-7.0.82.ebuild5
-rw-r--r--www-servers/tomcat/tomcat-7.0.84.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-7.0.85.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-8.0.48.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-8.0.49.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-8.0.50.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-8.5.24.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-8.5.27.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-8.5.28.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-9.0.4.ebuild3
-rw-r--r--www-servers/tomcat/tomcat-9.0.5.ebuild3
-rw-r--r--www-servers/tornado/Manifest2
-rw-r--r--www-servers/tornado/tornado-4.5.1.ebuild4
-rw-r--r--www-servers/varnish/Manifest3
-rw-r--r--www-servers/varnish/files/varnish-5.2.0-fix-import.patch66
-rw-r--r--www-servers/varnish/varnish-5.2.1.ebuild103
24 files changed, 1313 insertions, 32 deletions
diff --git a/www-servers/Manifest.gz b/www-servers/Manifest.gz
index 2f589a475e0d..d55443e7f253 100644
--- a/www-servers/Manifest.gz
+++ b/www-servers/Manifest.gz
Binary files differ
diff --git a/www-servers/caddy/Manifest b/www-servers/caddy/Manifest
index f3ce317644bb..fb0eb693ed32 100644
--- a/www-servers/caddy/Manifest
+++ b/www-servers/caddy/Manifest
@@ -1,5 +1,5 @@
DIST caddy-0.10.10.tar.gz 2706112 BLAKE2B 23ba725f3e8530233bc604b8f16342782c349b58bc78db49412fe72885a872a200407e3b27d5c28b24c5d0e286cbb2886d9ea54d0c034839cd04075366024a17 SHA512 78152e01739ffbe6d36f5d10cab92ad0d112242d679064199c271c20fd22c24f8d51ed884ddef6d80291d15d41d4620d6431e9a6fb0e8c0eab66cc50d57d5b0d
-DIST caddy-0.10.9.tar.gz 2695894 BLAKE2B db6ecb92b199a28df730ceb17c17eb6ec7a61322df484d6962aface9fc18032aa454ec235acf3709ab33f05c615d1dc02c81350bbddf97711384293298bcb1b0 SHA512 dc61a059f1e1abacdf1e2baa154b4c53e68e32d27dabc9bf17157d5a54d92e0976539a90ebe9ba74f9f726660f17610dfa938f715b2466d3e4db514b1104098d
+DIST caddy-0.10.11.tar.gz 2860871 BLAKE2B 9050ee76a325c5ae183dcafec05b0d234a1308103f617908ec31a2bd8c3ce55c8d9ced9e30a36d616ff2c6f1581e1496bed4379a6f1ba3d0b5e7f9242edfabf8 SHA512 03539ae59f654d56ad0b441e7f67eb51135b1ffd539f9eb5953445089e72d3eab905ad9b08b001ef27e5054b760887a898b89ea85b48b4f852398b073e6e4924
EBUILD caddy-0.10.10.ebuild 744 BLAKE2B 23e13762e450d34482608dfa6f7e7f2ae9cbe9b3bc29135dd6904a84014d23457bdfd94bf6e4bbdf583a5661a4c021fc9c938fb79f88951c50732af9eb6d8ce4 SHA512 2b28a0c202d546845fd0106dd235cdb9fd1c45972948c1c190f4843c6ce9464914471308b2320281ee72e4a3ac9eac1c8399ad04ef2332447d1030cbe48b5df7
-EBUILD caddy-0.10.9.ebuild 744 BLAKE2B 23e13762e450d34482608dfa6f7e7f2ae9cbe9b3bc29135dd6904a84014d23457bdfd94bf6e4bbdf583a5661a4c021fc9c938fb79f88951c50732af9eb6d8ce4 SHA512 2b28a0c202d546845fd0106dd235cdb9fd1c45972948c1c190f4843c6ce9464914471308b2320281ee72e4a3ac9eac1c8399ad04ef2332447d1030cbe48b5df7
+EBUILD caddy-0.10.11.ebuild 744 BLAKE2B 6667f8e780c115a5548a6988c3eed2bf2c3e4865fb7d65a3283899bac5b7b2b5803334210cdb5c143e1e98568d8fc7efe3cba642776d327def355d1e79da19be SHA512 1d3e956993342ec4d392e6498cb76a5f1e0030c280265f9a2678f2b95cb3c272626737f82bc5ed71794bcb6faf75d681acbce8fbc4eacf2ad3342b80dceea6a7
MISC metadata.xml 322 BLAKE2B 9be0d4f042f76b24a5a65e432e0774531a5987d5b0fb9892f76aeb6ae623633ba9e3a2319154a74d1bd121b7519cf2d025e262d572ba26c9f82b11d7a9eaf60b SHA512 8e895cdf287f3edd1b77ee45c7bdb0bf3b0edff526086530e0110c32bb25c3e12381e47c89785c3382aa7ac2ff4e82a24f3da0d47560f32640282cbf2b82e282
diff --git a/www-servers/caddy/caddy-0.10.9.ebuild b/www-servers/caddy/caddy-0.10.11.ebuild
index 28d63e7aab2d..90366d4aca4c 100644
--- a/www-servers/caddy/caddy-0.10.9.ebuild
+++ b/www-servers/caddy/caddy-0.10.11.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=6
diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index 70ba34f62fa7..f1340288c7fe 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -9,9 +9,11 @@ AUX nginx.confd 1131 BLAKE2B fd9c9e620a0b8c630a609c3f38f91f62babfed12d4d8035f8c5
AUX nginx.initd-r4 2192 BLAKE2B b482b9cc473a1df06764d60c7ce5c99a3f680778028bf440a2612b86273936ac4dbb350b81ecbe646dfa67d375492259b1609f3953f1b456c7427a02dd282d37 SHA512 e641829466e54093ad01e9f6c57acd2f0505e489a32e67dfee9279d5da57b216052a92eb05eb0c9c122c12f8b7bf8274b520b6e02fda161cc03187ce7c0660f1
AUX nginx.logrotate-r1 257 BLAKE2B d62c57377efd5259b6c776861d921b6e4ea026387157d618abd9e578f2e432ac0cf653a0f3842a0620d405759216bdc17afd50b33aaec3ad0c6757dfac3e34d8 SHA512 4892fc1700817c9a459a531df0320fe606a51be7f8b4e3ddf5852fe33def70dbff36fcefd2fce247c6846d6315ea92f3421eb21299a162d082b85fa27572cd95
AUX nginx.service-r1 327 BLAKE2B 081c72f7f7b98e30b2b45aeb8b1e4ead935c5b9a558fcfc7c18c20a2c0f18711272e91f4688c04c7f0eb833be8f7daff2f7d01bd1a04981f03ed54a07fe1148c SHA512 9b6bcf74df2f74ae6a2c255ebf2d826ea92ed9921b9995da6c9a0c5656e2863a2fe5293ef8a656fbd36298602cc88ffc5d7acfbbf143c23a78c9689d61b05df9
+AUX njs-0.1.15-fix-o3-building.patch 536 BLAKE2B 74454c225493bdb25a22ef581042ccc227c0185befefd4507e762de91e617a9c7d47d4fbd49bec42c4c61fa9f726d2cd2a909759eeb883378aa4c7fee5d9d614 SHA512 1c9a5aae8c4e124f6d620592047d7768762a32041b8d0094dcc37fffcf5c85ee3b31d3cc8d968d437f0cc5a258148ad38398a3fc2ca23917296bc57a230fa004
DIST modsecurity-2.9.2.tar.gz 4298993 BLAKE2B 32a92148f0e1a1166cf888b8172fc55340c5712c9b770583703c74db450e77226629640c9db03f32e9f28397e6488669d06a89e4d31cb5ab5fff26b30ad843e0 SHA512 69c87ef6f7b6411f4803eb25af32969a1da59722121257c2edf345a3f5a4ab9ae8a49c886cbbfc722c5bda91c6d6ea55232f968c0a0407d7d7b3af53dc862c21
DIST nginx-1.12.2.tar.gz 981687 BLAKE2B cca2d2b2267fee6feac7e91a5aaec229251e829203b02c207a6a89644fd6b1f2003d75225fadde9fdfc8dda444dc53c7ff0033a1e15a0f25019c878fc716d83f SHA512 3faa2043e237a7e1d15cc5661ac9d002a965220a78c25a863be9f19e01007347e53f776b61c229f6bd3d916cc1ccf92de260811f7b8092ec1b747fba7c0061f7
DIST nginx-1.13.8.tar.gz 992237 BLAKE2B 268eebb98a1ae1acbc9fb3ae4e445b26cfff68d8833285527b86f73d5a076f43fb6840b2aad6ff0e8458b47abbe8a9883c43c8a6b40c65d040b3bff88c6910eb SHA512 f2a4d41941ec223afcb57a6deb6523e0d4f54f96c7362835d366fa04a4b4578f6c4f27aa7774c1ecd40a42087df83e5c03d024e72caba83c558ec7e580c756a1
+DIST nginx-1.13.9.tar.gz 994802 BLAKE2B 3a34cd87a7bcc51b44787a322569d3d475dc0b4892bf41af16d715c1fd2da544a2536a1e9bbbf37118747bb2d0dca13664fd8288499f9d728d70eb74eed885dc SHA512 92c34c182b59e0597a6b0af996770673b08b075f47285e2fbb9d8df59bb9c38fcca8e77bc6e3ca8e019500d041f96437b6b4f80d5dfd914a6f843ca919dac07b
DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 BLAKE2B 22225ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333 SHA512 ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19ccccbf4cf53973269
DIST nginx-auth-ldap-49a8b4d28fc4a518563c82e0b52821e5f37db1fc.tar.gz 17159 BLAKE2B f2209c8b5eb5616a362f2b532245167a5940faad6d66d98a94b3bf2d1e33a73492d42c60a9ddad347a592362a002ff38273a5d1f61f663984a09e14a3fe35e0f SHA512 323abd0ca8e90f5afcaf81a8ff1a8abe3dfcbff3d69f0dd4a1c005fe6436acbf3076c4c57a4df877b3d8e388cbea085d46301bb2df9c0752e2567817ff7cca92
DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570 SHA512 6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529
@@ -41,6 +43,7 @@ DIST ngx_rtmp-1.2.0.tar.gz 519895 BLAKE2B a5a888473dd2ba2320ff74017e8445d96fa3e3
DIST ngx_rtmp-1.2.1.tar.gz 519919 BLAKE2B 744ccb8031eb9653f158f9eceba64fc9c8af7b9a42e64ef996ab3bbbe1402e5ffd3efcc8e4aaca437eb5e208e4b6f2d8643fcca953b32f32543eaa1ae4d9505c SHA512 4a0af5e9afa4deb0b53de8de7ddb2cfa6430d372e1ef9e421f01b509548bd134d427345442ac1ce667338cc2a1484dc2ab732e316e878ac7d3537dc527d5f922
DIST njs-0.1.15.tar.gz 228982 BLAKE2B c880c911c32c7ce7495fcbdc8b003340cd7d4020d7b820275d023729c4367ddea93539978b724d45b965cde44e9c35a4d4dd66138a0765be3b1697fc69abaeb2 SHA512 dd1ff7c95f6a5dd8df2c4b8abc13fc32462d4403d4d4f0e0cf8d4cc16fdd4b97ee563aeee593fcf9e83a463b3131772e8789f015c8ec74b61d90fd4d8699cf2e
EBUILD nginx-1.12.2-r1.ebuild 37150 BLAKE2B 65fed3395350ccd46c82c77e42ca5b0407127832fae1b3a3b660fd5d6f13adc6aef65cd340d41c5a0212241881f23843f1cf849dfc46c972f3741e0facc2d5a8 SHA512 59897652e9dfd97468de4b447cbd080917f65d12507ffd2ec0037227c69b029242c8710aa20c041a6f3abe93d8ffd1e8678c131059b612697e1af1d6b702b31c
-EBUILD nginx-1.13.8-r1.ebuild 39471 BLAKE2B 75eac6ba8adec6705a642d899b7e0a044efe98d524a58c816a1c5cbff2877bef2bff12272a9b4437475fec8d319b5ebddb1e0e5e8faabe9f70a455cbc8c6fbd7 SHA512 520b1661744f802bb84f3a66c7e449bf23b5314d78e0555a5daeba0ca38ee6176abec02248f6f6b79578af08b6632085fddc24f6bd358af01cbebbeb2f46403c
+EBUILD nginx-1.13.8-r1.ebuild 39667 BLAKE2B 7b29f50c4b3321da6970597a3e717ac30b5eae13ce43646e853eb350d16a625ad8074e9174ec3aa6303278d02b07d56e6051715967e83443f909aa2a3e9c48ac SHA512 d40c5f72ab6a409e4703a0a6705bb03b4f5438aba18bee94ae25fb65bfb826f4126e4a9b698e7dc85511ee7795d1495aae89ba1219561cecfc9d49edde03f1e9
EBUILD nginx-1.13.8.ebuild 37167 BLAKE2B 2dbdb6a067079729fe7f138035ae48a1bf701e27e466081e89469be458087671773beebf79e935bfd1bea6628843b5b228d633628609beb6fa1473094d2d58dd SHA512 f6f3cfa0edafa058b1ca894ff2722928f66039715c1da70f0d6c1287bd1764b7b2674a1d1576cc389749f570801994ec41cf0b28615d566ecd5b7cddf36b18b3
+EBUILD nginx-1.13.9.ebuild 39667 BLAKE2B 7b29f50c4b3321da6970597a3e717ac30b5eae13ce43646e853eb350d16a625ad8074e9174ec3aa6303278d02b07d56e6051715967e83443f909aa2a3e9c48ac SHA512 d40c5f72ab6a409e4703a0a6705bb03b4f5438aba18bee94ae25fb65bfb826f4126e4a9b698e7dc85511ee7795d1495aae89ba1219561cecfc9d49edde03f1e9
MISC metadata.xml 1309 BLAKE2B 9da8c2589e775e0ed57a344ba2d6c5e9d29908c253fd77306b2ea2f7392d9bda64ec18ee9120640e5d22e3624b79131377b3020e7e35a9603916ee8c6e8d663e SHA512 ea27337d56750dfa1c7a478eb0bdb4318cb03e181e16cee304e6beeb3261abde75cddb68a4249ceb97089d3e6740bcae10ff3441ac9f5e8a074409080313ca73
diff --git a/www-servers/nginx/files/njs-0.1.15-fix-o3-building.patch b/www-servers/nginx/files/njs-0.1.15-fix-o3-building.patch
new file mode 100644
index 000000000000..55b71368bc30
--- /dev/null
+++ b/www-servers/nginx/files/njs-0.1.15-fix-o3-building.patch
@@ -0,0 +1,24 @@
+Origin: https://hg.nginx.org/njs/rev/22cc52416e84
+
+Bug: https://bugs.gentoo.org/647958
+
+--- a/njs/njs_fs.c
++++ b/njs/njs_fs.c
+@@ -566,6 +566,8 @@
+ }
+
+ mode = NULL;
++ /* GCC complains about uninitialized flag.length. */
++ flag.length = 0;
+ flag.start = NULL;
+ encoding.length = 0;
+ encoding.start = NULL;
+@@ -753,6 +755,8 @@
+ }
+
+ mode = NULL;
++ /* GCC complains about uninitialized flag.length. */
++ flag.length = 0;
+ flag.start = NULL;
+ encoding.length = 0;
+ encoding.start = NULL;
diff --git a/www-servers/nginx/nginx-1.13.8-r1.ebuild b/www-servers/nginx/nginx-1.13.8-r1.ebuild
index 252999d3fe6f..82920e6b89df 100644
--- a/www-servers/nginx/nginx-1.13.8-r1.ebuild
+++ b/www-servers/nginx/nginx-1.13.8-r1.ebuild
@@ -153,7 +153,7 @@ HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
NJS_MODULE_PV="0.1.15"
NJS_MODULE_P="njs-${NJS_MODULE_PV}"
NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz"
-NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}/nginx"
+NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}"
# We handle deps below ourselves
SSL_DEPS_SKIP=1
@@ -373,6 +373,12 @@ src_prepare() {
cd "${S}" || die
fi
+ if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then
+ cd "${NJS_MODULE_WD}" || die
+ eapply "${FILESDIR}"/njs-0.1.15-fix-o3-building.patch
+ cd "${S}" || die
+ fi
+
if use nginx_modules_http_upstream_check; then
#eapply -p0 "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/check_1.11.1+.patch
eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch
@@ -576,7 +582,7 @@ src_configure() {
fi
if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then
- myconf+=( --add-module=${NJS_MODULE_WD} )
+ myconf+=( --add-module="${NJS_MODULE_WD}/nginx" )
fi
if use nginx_modules_http_brotli; then
diff --git a/www-servers/nginx/nginx-1.13.9.ebuild b/www-servers/nginx/nginx-1.13.9.ebuild
new file mode 100644
index 000000000000..82920e6b89df
--- /dev/null
+++ b/www-servers/nginx/nginx-1.13.9.ebuild
@@ -0,0 +1,1065 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+# Maintainer notes:
+# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite
+# - any http-module activates the main http-functionality and overrides USE=-http
+# - keep the following requirements in mind before adding external modules:
+# * alive upstream
+# * sane packaging
+# * builds cleanly
+# * does not need a patch for nginx core
+# - TODO: test the google-perftools module (included in vanilla tarball)
+
+# prevent perl-module from adding automagic perl DEPENDs
+GENTOO_DEPEND_ON_PERL="no"
+
+# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license)
+DEVEL_KIT_MODULE_PV="0.3.0"
+DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1"
+DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz"
+DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}"
+
+# ngx_brotli (https://github.com/eustas/ngx_brotli, BSD-2)
+HTTP_BROTLI_MODULE_PV="8cd9dd5fc232d3a01644584921e52dae99034779"
+HTTP_BROTLI_MODULE_P="ngx_brotli-${HTTP_BROTLI_MODULE_PV}"
+HTTP_BROTLI_MODULE_URI="https://github.com/eustas/ngx_brotli/archive/${HTTP_BROTLI_MODULE_PV}.tar.gz"
+HTTP_BROTLI_MODULE_WD="${WORKDIR}/ngx_brotli-${HTTP_BROTLI_MODULE_PV}"
+
+# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license)
+HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2"
+HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1"
+HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz"
+HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}"
+
+# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license)
+HTTP_HEADERS_MORE_MODULE_PV="0.33"
+HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}"
+HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz"
+HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}"
+
+# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license)
+HTTP_CACHE_PURGE_MODULE_PV="2.3"
+HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
+HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz"
+HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
+
+# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license)
+HTTP_SLOWFS_CACHE_MODULE_PV="1.10"
+HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
+HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz"
+HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
+
+# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license)
+HTTP_FANCYINDEX_MODULE_PV="0.4.2"
+HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
+HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz"
+HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
+
+# http_lua (https://github.com/openresty/lua-nginx-module, BSD license)
+HTTP_LUA_MODULE_PV="0.10.11"
+HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}"
+HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz"
+HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}"
+
+# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license)
+HTTP_AUTH_PAM_MODULE_PV="1.5.1"
+HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}"
+HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz"
+HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}"
+
+# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license)
+HTTP_UPSTREAM_CHECK_MODULE_PV="9aecf15ec379fe98f62355c57b60c0bc83296f04"
+HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}"
+HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz"
+HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}"
+
+# http_metrics (https://github.com/zenops/ngx_metrics, BSD license)
+HTTP_METRICS_MODULE_PV="0.1.1"
+HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}"
+HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz"
+HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}"
+
+# http_vhost_traffic_status (https://github.com/vozlt/nginx-module-vts, BSD license)
+HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV="0.1.15-gentoo"
+HTTP_VHOST_TRAFFIC_STATUS_MODULE_P="ngx_http_vhost_traffic_status-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}"
+HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI="https://github.com/Whissi/nginx-module-vts/archive/v${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}.tar.gz"
+HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD="${WORKDIR}/nginx-module-vts-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}"
+
+# naxsi-core (https://github.com/nbs-system/naxsi, GPLv2+)
+HTTP_NAXSI_MODULE_PV="0.55.3"
+HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}"
+HTTP_NAXSI_MODULE_URI="https://github.com/nbs-system/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz"
+HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src"
+
+# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license)
+RTMP_MODULE_PV="1.2.1"
+RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}"
+RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz"
+RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}"
+
+# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license)
+HTTP_DAV_EXT_MODULE_PV="0.1.0"
+HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}"
+HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz"
+HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}"
+
+# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license)
+HTTP_ECHO_MODULE_PV="0.61"
+HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}"
+HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz"
+HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}"
+
+# mod_security for nginx (https://modsecurity.org/, Apache-2.0)
+# keep the MODULE_P here consistent with upstream to avoid tarball duplication
+HTTP_SECURITY_MODULE_PV="2.9.2"
+HTTP_SECURITY_MODULE_P="modsecurity-${HTTP_SECURITY_MODULE_PV}"
+HTTP_SECURITY_MODULE_URI="https://www.modsecurity.org/tarball/${HTTP_SECURITY_MODULE_PV}/${HTTP_SECURITY_MODULE_P}.tar.gz"
+HTTP_SECURITY_MODULE_WD="${WORKDIR}/${HTTP_SECURITY_MODULE_P}"
+
+# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3)
+HTTP_PUSH_STREAM_MODULE_PV="0.5.4"
+HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}"
+HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz"
+HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}"
+
+# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2)
+HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42"
+HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}"
+HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2"
+HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42"
+
+# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2)
+HTTP_MOGILEFS_MODULE_PV="1.0.4"
+HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}"
+HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz"
+HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}"
+
+# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2)
+HTTP_MEMC_MODULE_PV="0.18"
+HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}"
+HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz"
+HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}"
+
+# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2)
+HTTP_LDAP_MODULE_PV="42d195d7a7575ebab1c369ad3fc5d78dc2c2669c"
+HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
+HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz"
+HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
+
+# njs-module (https://github.com/nginx/njs, as-is)
+NJS_MODULE_PV="0.1.15"
+NJS_MODULE_P="njs-${NJS_MODULE_PV}"
+NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz"
+NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}"
+
+# We handle deps below ourselves
+SSL_DEPS_SKIP=1
+AUTOTOOLS_AUTO_DEPEND="no"
+
+inherit autotools ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator multilib
+
+DESCRIPTION="Robust, small and high performance http and reverse proxy server"
+HOMEPAGE="https://nginx.org"
+SRC_URI="https://nginx.org/download/${P}.tar.gz
+ ${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz
+ nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz )
+ nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz )
+ nginx_modules_http_brotli? ( ${HTTP_BROTLI_MODULE_URI} -> ${HTTP_BROTLI_MODULE_P}.tar.gz )
+ nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz )
+ nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz )
+ nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz )
+ nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz )
+ nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz )
+ nginx_modules_http_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz )
+ nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz )
+ nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz )
+ nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz )
+ nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz )
+ nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz )
+ nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz )
+ nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz )
+ nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz )
+ nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 )
+ nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz )
+ nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz )
+ nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz )
+ nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz )
+ rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )"
+
+LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+
+ nginx_modules_http_security? ( Apache-2.0 )
+ nginx_modules_http_push_stream? ( GPL-3 )"
+
+SLOT="mainline"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd ~amd64-linux ~x86-linux"
+
+# Package doesn't provide a real test suite
+RESTRICT="test"
+
+NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif
+ fastcgi geo gzip limit_req limit_conn map memcached mirror proxy
+ referer rewrite scgi ssi split_clients upstream_hash
+ upstream_ip_hash upstream_keepalive upstream_least_conn
+ upstream_zone userid uwsgi"
+NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip
+ gzip_static image_filter mp4 perl random_index realip secure_link
+ slice stub_status sub xslt"
+NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients
+ upstream_hash upstream_least_conn upstream_zone"
+NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread"
+NGINX_MODULES_MAIL="imap pop3 smtp"
+NGINX_MODULES_3RD="
+ http_auth_ldap
+ http_auth_pam
+ http_brotli
+ http_cache_purge
+ http_dav_ext
+ http_echo
+ http_fancyindex
+ http_headers_more
+ http_javascript
+ http_lua
+ http_memc
+ http_metrics
+ http_mogilefs
+ http_naxsi
+ http_push_stream
+ http_security
+ http_slowfs_cache
+ http_sticky
+ http_upload_progress
+ http_upstream_check
+ http_vhost_traffic_status
+ stream_javascript
+"
+
+IUSE="aio debug +http +http2 +http-cache +ipv6 libatomic libressl luajit +pcre
+ pcre-jit rtmp selinux ssl threads userland_GNU vim-syntax"
+
+for mod in $NGINX_MODULES_STD; do
+ IUSE="${IUSE} +nginx_modules_http_${mod}"
+done
+
+for mod in $NGINX_MODULES_OPT; do
+ IUSE="${IUSE} nginx_modules_http_${mod}"
+done
+
+for mod in $NGINX_MODULES_STREAM_STD; do
+ IUSE="${IUSE} nginx_modules_stream_${mod}"
+done
+
+for mod in $NGINX_MODULES_STREAM_OPT; do
+ IUSE="${IUSE} nginx_modules_stream_${mod}"
+done
+
+for mod in $NGINX_MODULES_MAIL; do
+ IUSE="${IUSE} nginx_modules_mail_${mod}"
+done
+
+for mod in $NGINX_MODULES_3RD; do
+ IUSE="${IUSE} nginx_modules_${mod}"
+done
+
+# Add so we can warn users updating about config changes
+# @TODO: jbergstroem: remove on next release series
+IUSE="${IUSE} nginx_modules_http_spdy"
+
+CDEPEND="
+ pcre? ( dev-libs/libpcre:= )
+ pcre-jit? ( dev-libs/libpcre:=[jit] )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ http2? (
+ !libressl? ( >=dev-libs/openssl-1.0.1c:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ http-cache? (
+ userland_GNU? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ )
+ nginx_modules_http_brotli? ( app-arch/brotli:= )
+ nginx_modules_http_geoip? ( dev-libs/geoip )
+ nginx_modules_http_gunzip? ( sys-libs/zlib )
+ nginx_modules_http_gzip? ( sys-libs/zlib )
+ nginx_modules_http_gzip_static? ( sys-libs/zlib )
+ nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] )
+ nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= )
+ nginx_modules_http_rewrite? ( dev-libs/libpcre:= )
+ nginx_modules_http_secure_link? (
+ userland_GNU? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ )
+ nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt )
+ nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? ( dev-lang/luajit:2= ) )
+ nginx_modules_http_auth_pam? ( virtual/pam )
+ nginx_modules_http_metrics? ( dev-libs/yajl:= )
+ nginx_modules_http_dav_ext? ( dev-libs/expat )
+ nginx_modules_http_security? (
+ dev-libs/apr:=
+ dev-libs/apr-util:=
+ dev-libs/libxml2:=
+ net-misc/curl
+ www-servers/apache
+ )
+ nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] )"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-nginx )
+ !www-servers/nginx:0"
+DEPEND="${CDEPEND}
+ nginx_modules_http_brotli? ( virtual/pkgconfig )
+ nginx_modules_http_security? ( ${AUTOTOOLS_DEPEND} )
+ arm? ( dev-libs/libatomic_ops )
+ libatomic? ( dev-libs/libatomic_ops )"
+PDEPEND="vim-syntax? ( app-vim/nginx-syntax )"
+
+REQUIRED_USE="pcre-jit? ( pcre )
+ nginx_modules_http_lua? ( nginx_modules_http_rewrite )
+ nginx_modules_http_naxsi? ( pcre )
+ nginx_modules_http_dav_ext? ( nginx_modules_http_dav )
+ nginx_modules_http_metrics? ( nginx_modules_http_stub_status )
+ nginx_modules_http_security? ( pcre )
+ nginx_modules_http_push_stream? ( ssl )"
+
+pkg_setup() {
+ NGINX_HOME="/var/lib/nginx"
+ NGINX_HOME_TMP="${NGINX_HOME}/tmp"
+
+ ebegin "Creating nginx user and group"
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN}
+ eend $?
+
+ if use libatomic; then
+ ewarn "GCC 4.1+ features built-in atomic operations."
+ ewarn "Using libatomic_ops is only needed if using"
+ ewarn "a different compiler or a GCC prior to 4.1"
+ fi
+
+ if [[ -n $NGINX_ADD_MODULES ]]; then
+ ewarn "You are building custom modules via \$NGINX_ADD_MODULES!"
+ ewarn "This nginx installation is not supported!"
+ ewarn "Make sure you can reproduce the bug without those modules"
+ ewarn "_before_ reporting bugs."
+ fi
+
+ if use !http; then
+ ewarn "To actually disable all http-functionality you also have to disable"
+ ewarn "all nginx http modules."
+ fi
+
+ if use nginx_modules_http_mogilefs && use threads; then
+ eerror "mogilefs won't compile with threads support."
+ eerror "Please disable either flag and try again."
+ die "Can't compile mogilefs with threads support"
+ fi
+}
+
+src_prepare() {
+ eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
+ eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch"
+
+ if use nginx_modules_http_brotli; then
+ cd "${HTTP_BROTLI_MODULE_WD}" || die
+ eapply "${FILESDIR}"/http_brotli-detect-brotli.patch
+ cd "${S}" || die
+ fi
+
+ if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then
+ cd "${NJS_MODULE_WD}" || die
+ eapply "${FILESDIR}"/njs-0.1.15-fix-o3-building.patch
+ cd "${S}" || die
+ fi
+
+ if use nginx_modules_http_upstream_check; then
+ #eapply -p0 "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/check_1.11.1+.patch
+ eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch
+ fi
+
+ if use nginx_modules_http_cache_purge; then
+ cd "${HTTP_CACHE_PURGE_MODULE_WD}" || die
+ eapply "${FILESDIR}"/http_cache_purge-1.11.6+.patch
+ cd "${S}" || die
+ fi
+
+ if use nginx_modules_http_security; then
+ cd "${HTTP_SECURITY_MODULE_WD}" || die
+
+ eautoreconf
+
+ if use luajit ; then
+ sed -i \
+ -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \
+ configure || die
+ fi
+
+ cd "${S}" || die
+ fi
+
+ if use nginx_modules_http_upload_progress; then
+ cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die
+ eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch
+ cd "${S}" || die
+ fi
+
+ find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die
+ # We have config protection, don't rename etc files
+ sed -i 's:.default::' auto/install || die
+ # remove useless files
+ sed -i -e '/koi-/d' -e '/win-/d' auto/install || die
+
+ # don't install to /etc/nginx/ if not in use
+ local module
+ for module in fastcgi scgi uwsgi ; do
+ if ! use nginx_modules_http_${module}; then
+ sed -i -e "/${module}/d" auto/install || die
+ fi
+ done
+
+ eapply_user
+}
+
+src_configure() {
+ # mod_security needs to generate nginx/modsecurity/config before including it
+ if use nginx_modules_http_security; then
+ cd "${HTTP_SECURITY_MODULE_WD}" || die
+
+ ./configure \
+ --enable-standalone-module \
+ --disable-mlogc \
+ --with-ssdeep=no \
+ $(use_enable pcre-jit) \
+ $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security"
+
+ cd "${S}" || die
+ fi
+
+ local myconf=() http_enabled= mail_enabled= stream_enabled=
+
+ use aio && myconf+=( --with-file-aio )
+ use debug && myconf+=( --with-debug )
+ use http2 && myconf+=( --with-http_v2_module )
+ use libatomic && myconf+=( --with-libatomic )
+ use pcre && myconf+=( --with-pcre )
+ use pcre-jit && myconf+=( --with-pcre-jit )
+ use threads && myconf+=( --with-threads )
+
+ # HTTP modules
+ for mod in $NGINX_MODULES_STD; do
+ if use nginx_modules_http_${mod}; then
+ http_enabled=1
+ else
+ myconf+=( --without-http_${mod}_module )
+ fi
+ done
+
+ for mod in $NGINX_MODULES_OPT; do
+ if use nginx_modules_http_${mod}; then
+ http_enabled=1
+ myconf+=( --with-http_${mod}_module )
+ fi
+ done
+
+ if use nginx_modules_http_fastcgi; then
+ myconf+=( --with-http_realip_module )
+ fi
+
+ # third-party modules
+ if use nginx_modules_http_upload_progress; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_headers_more; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_cache_purge; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_slowfs_cache; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_fancyindex; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_lua; then
+ http_enabled=1
+ if use luajit; then
+ export LUAJIT_LIB=$(pkg-config --variable libdir luajit)
+ export LUAJIT_INC=$(pkg-config --variable includedir luajit)
+ else
+ export LUA_LIB=$(pkg-config --variable libdir lua)
+ export LUA_INC=$(pkg-config --variable includedir lua)
+ fi
+ myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} )
+ myconf+=( --add-module=${HTTP_LUA_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_auth_pam; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_upstream_check; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_metrics; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_naxsi ; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_NAXSI_MODULE_WD} )
+ fi
+
+ if use rtmp ; then
+ http_enabled=1
+ myconf+=( --add-module=${RTMP_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_dav_ext ; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_echo ; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_security ; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD}/nginx/modsecurity )
+ fi
+
+ if use nginx_modules_http_push_stream ; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_sticky ; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_mogilefs ; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_memc ; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_auth_ldap; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_vhost_traffic_status; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD} )
+ fi
+
+ if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then
+ myconf+=( --add-module="${NJS_MODULE_WD}/nginx" )
+ fi
+
+ if use nginx_modules_http_brotli; then
+ http_enabled=1
+ myconf+=( --add-module=${HTTP_BROTLI_MODULE_WD} )
+ fi
+
+ if use http || use http-cache || use http2 || use nginx_modules_http_javascript; then
+ http_enabled=1
+ fi
+
+ if [ $http_enabled ]; then
+ use http-cache || myconf+=( --without-http-cache )
+ use ssl && myconf+=( --with-http_ssl_module )
+ else
+ myconf+=( --without-http --without-http-cache )
+ fi
+
+ # Stream modules
+ for mod in $NGINX_MODULES_STREAM_STD; do
+ if use nginx_modules_stream_${mod}; then
+ stream_enabled=1
+ else
+ myconf+=( --without-stream_${mod}_module )
+ fi
+ done
+
+ for mod in $NGINX_MODULES_STREAM_OPT; do
+ if use nginx_modules_stream_${mod}; then
+ stream_enabled=1
+ myconf+=( --with-stream_${mod}_module )
+ fi
+ done
+
+ if use nginx_modules_stream_javascript; then
+ stream_enabled=1
+ fi
+
+ if [ $stream_enabled ]; then
+ myconf+=( --with-stream )
+ use ssl && myconf+=( --with-stream_ssl_module )
+ fi
+
+ # MAIL modules
+ for mod in $NGINX_MODULES_MAIL; do
+ if use nginx_modules_mail_${mod}; then
+ mail_enabled=1
+ else
+ myconf+=( --without-mail_${mod}_module )
+ fi
+ done
+
+ if [ $mail_enabled ]; then
+ myconf+=( --with-mail )
+ use ssl && myconf+=( --with-mail_ssl_module )
+ fi
+
+ # custom modules
+ for mod in $NGINX_ADD_MODULES; do
+ myconf+=( --add-module=${mod} )
+ done
+
+ # https://bugs.gentoo.org/286772
+ export LANG=C LC_ALL=C
+ tc-export CC
+
+ if ! use prefix; then
+ myconf+=( --user=${PN} )
+ myconf+=( --group=${PN} )
+ fi
+
+ local WITHOUT_IPV6=
+ if ! use ipv6; then
+ WITHOUT_IPV6=" -DNGX_HAVE_INET6=0"
+ fi
+
+ ./configure \
+ --prefix="${EPREFIX}"/usr \
+ --conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \
+ --error-log-path="${EPREFIX}"/var/log/${PN}/error_log \
+ --pid-path="${EPREFIX}"/run/${PN}.pid \
+ --lock-path="${EPREFIX}"/run/lock/${PN}.lock \
+ --with-cc-opt="-I${EROOT}usr/include${WITHOUT_IPV6}" \
+ --with-ld-opt="-L${EROOT}usr/$(get_libdir)" \
+ --http-log-path="${EPREFIX}"/var/log/${PN}/access_log \
+ --http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \
+ --http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \
+ --http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \
+ --http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \
+ --http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \
+ --with-compat \
+ "${myconf[@]}" || die "configure failed"
+
+ # A purely cosmetic change that makes nginx -V more readable. This can be
+ # good if people outside the gentoo community would troubleshoot and
+ # question the users setup.
+ sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die
+}
+
+src_compile() {
+ use nginx_modules_http_security && emake -C "${HTTP_SECURITY_MODULE_WD}"
+
+ # https://bugs.gentoo.org/286772
+ export LANG=C LC_ALL=C
+ emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}"
+}
+
+src_install() {
+ emake DESTDIR="${D%/}" install
+
+ cp "${FILESDIR}"/nginx.conf-r2 "${ED}"etc/nginx/nginx.conf || die
+
+ newinitd "${FILESDIR}"/nginx.initd-r4 nginx
+ newconfd "${FILESDIR}"/nginx.confd nginx
+
+ systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service
+
+ doman man/nginx.8
+ dodoc CHANGES* README
+
+ # just keepdir. do not copy the default htdocs files (bug #449136)
+ keepdir /var/www/localhost
+ rm -rf "${D}"usr/html || die
+
+ # set up a list of directories to keep
+ local keepdir_list="${NGINX_HOME_TMP}"/client
+ local module
+ for module in proxy fastcgi scgi uwsgi; do
+ use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}"
+ done
+
+ keepdir /var/log/nginx ${keepdir_list}
+
+ # this solves a problem with SELinux where nginx doesn't see the directories
+ # as root and tries to create them as nginx
+ fperms 0750 "${NGINX_HOME_TMP}"
+ fowners ${PN}:0 "${NGINX_HOME_TMP}"
+
+ fperms 0700 ${keepdir_list}
+ fowners ${PN}:${PN} ${keepdir_list}
+
+ fperms 0710 /var/log/nginx
+ fowners 0:${PN} /var/log/nginx
+
+ # logrotate
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/nginx.logrotate-r1 nginx
+
+ if use nginx_modules_http_perl; then
+ cd "${S}"/objs/src/http/modules/perl/ || die
+ emake DESTDIR="${D}" INSTALLDIRS=vendor
+ perl_delete_localpod
+ cd "${S}" || die
+ fi
+
+ if use nginx_modules_http_cache_purge; then
+ docinto ${HTTP_CACHE_PURGE_MODULE_P}
+ dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md}
+ fi
+
+ if use nginx_modules_http_slowfs_cache; then
+ docinto ${HTTP_SLOWFS_CACHE_MODULE_P}
+ dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md}
+ fi
+
+ if use nginx_modules_http_fancyindex; then
+ docinto ${HTTP_FANCYINDEX_MODULE_P}
+ dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst
+ fi
+
+ if use nginx_modules_http_lua; then
+ docinto ${HTTP_LUA_MODULE_P}
+ dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown
+ fi
+
+ if use nginx_modules_http_auth_pam; then
+ docinto ${HTTP_AUTH_PAM_MODULE_P}
+ dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog}
+ fi
+
+ if use nginx_modules_http_upstream_check; then
+ docinto ${HTTP_UPSTREAM_CHECK_MODULE_P}
+ dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES}
+ fi
+
+ if use nginx_modules_http_naxsi; then
+ insinto /etc/nginx
+ doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules
+ fi
+
+ if use rtmp; then
+ docinto ${RTMP_MODULE_P}
+ dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl}
+ fi
+
+ if use nginx_modules_http_dav_ext; then
+ docinto ${HTTP_DAV_EXT_MODULE_P}
+ dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README.rst
+ fi
+
+ if use nginx_modules_http_echo; then
+ docinto ${HTTP_ECHO_MODULE_P}
+ dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown
+ fi
+
+ if use nginx_modules_http_security; then
+ docinto ${HTTP_SECURITY_MODULE_P}
+ dodoc "${HTTP_SECURITY_MODULE_WD}"/{CHANGES,README.TXT,authors.txt}
+ fi
+
+ if use nginx_modules_http_push_stream; then
+ docinto ${HTTP_PUSH_STREAM_MODULE_P}
+ dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile}
+ fi
+
+ if use nginx_modules_http_sticky; then
+ docinto ${HTTP_STICKY_MODULE_P}
+ dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf}
+ fi
+
+ if use nginx_modules_http_memc; then
+ docinto ${HTTP_MEMC_MODULE_P}
+ dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown
+ fi
+
+ if use nginx_modules_http_auth_ldap; then
+ docinto ${HTTP_LDAP_MODULE_P}
+ dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf
+ fi
+}
+
+pkg_postinst() {
+ if use ssl; then
+ if [[ ! -f "${EROOT}"etc/ssl/${PN}/${PN}.key ]]; then
+ install_cert /etc/ssl/${PN}/${PN}
+ use prefix || chown ${PN}:${PN} "${EROOT}"etc/ssl/${PN}/${PN}.{crt,csr,key,pem}
+ fi
+ fi
+
+ if use nginx_modules_http_spdy; then
+ ewarn ""
+ ewarn "In nginx 1.9.5 the spdy module was superseded by http2."
+ ewarn "Update your configs and package.use accordingly."
+ fi
+
+ if use nginx_modules_http_lua; then
+ ewarn ""
+ ewarn "While you can build lua 3rd party module against ${P}"
+ ewarn "the author warns that >=${PN}-1.11.11 is still not an"
+ ewarn "officially supported target yet. You are on your own."
+ ewarn "Expect runtime failures, memory leaks and other problems!"
+ fi
+
+ if use nginx_modules_http_lua && use http2; then
+ ewarn ""
+ ewarn "Lua 3rd party module author warns against using ${P} with"
+ ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see http://git.io/OldLsg"
+ fi
+
+ local _n_permission_layout_checks=0
+ local _has_to_adjust_permissions=0
+ local _has_to_show_permission_warning=0
+
+ # Defaults to 1 to inform people doing a fresh installation
+ # that we ship modified {scgi,uwsgi,fastcgi}_params files
+ local _has_to_show_httpoxy_mitigation_notice=1
+
+ local _replacing_version=
+ for _replacing_version in ${REPLACING_VERSIONS}; do
+ _n_permission_layout_checks=$((${_n_permission_layout_checks}+1))
+
+ if [[ ${_n_permission_layout_checks} -gt 1 ]]; then
+ # Should never happen:
+ # Package is abusing slots but doesn't allow multiple parallel installations.
+ # If we run into this situation it is unsafe to automatically adjust any
+ # permission...
+ _has_to_show_permission_warning=1
+
+ ewarn "Replacing multiple ${PN}' versions is unsupported! " \
+ "You will have to adjust permissions on your own."
+
+ break
+ fi
+
+ local _replacing_version_branch=$(get_version_component_range 1-2 "${_replacing_version}")
+ debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..."
+
+ # Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)?
+ # This was before we introduced multiple nginx versions so we
+ # do not need to distinguish between stable and mainline
+ local _need_to_fix_CVE2013_0337=1
+
+ if version_is_at_least "1.4.1-r2" "${_replacing_version}"; then
+ # We are updating an installation which should already be fixed
+ _need_to_fix_CVE2013_0337=0
+ debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!"
+ else
+ _has_to_adjust_permissions=1
+ debug-print "Need to adjust permissions to fix CVE-2013-0337!"
+ fi
+
+ # Do we need to inform about HTTPoxy mitigation?
+ # In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f
+ if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then
+ # Updating from <1.10
+ _has_to_show_httpoxy_mitigation_notice=1
+ debug-print "Need to inform about HTTPoxy mitigation!"
+ else
+ # Updating from >=1.10
+ local _fixed_in_pvr=
+ case "${_replacing_version_branch}" in
+ "1.10")
+ _fixed_in_pvr="1.10.1-r2"
+ ;;
+ "1.11")
+ _fixed_in_pvr="1.11.3-r1"
+ ;;
+ *)
+ # This should be any future branch.
+ # If we run this code it is safe to assume that the user has
+ # already seen the HTTPoxy mitigation notice because he/she is doing
+ # an update from previous version where we have already shown
+ # the warning. Otherwise, we wouldn't hit this code path ...
+ _fixed_in_pvr=
+ esac
+
+ if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then
+ # We are updating an installation where we already informed
+ # that we are mitigating HTTPoxy per default
+ _has_to_show_httpoxy_mitigation_notice=0
+ debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!"
+ else
+ _has_to_show_httpoxy_mitigation_notice=1
+ debug-print "Need to inform about HTTPoxy mitigation!"
+ fi
+ fi
+
+ # Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)?
+ # All branches up to 1.11 are affected
+ local _need_to_fix_CVE2016_1247=1
+
+ if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then
+ # Updating from <1.10
+ _has_to_adjust_permissions=1
+ debug-print "Need to adjust permissions to fix CVE-2016-1247!"
+ else
+ # Updating from >=1.10
+ local _fixed_in_pvr=
+ case "${_replacing_version_branch}" in
+ "1.10")
+ _fixed_in_pvr="1.10.2-r3"
+ ;;
+ "1.11")
+ _fixed_in_pvr="1.11.6-r1"
+ ;;
+ *)
+ # This should be any future branch.
+ # If we run this code it is safe to assume that we have already
+ # adjusted permissions or were never affected because user is
+ # doing an update from previous version which was safe or did
+ # the adjustments. Otherwise, we wouldn't hit this code path ...
+ _fixed_in_pvr=
+ esac
+
+ if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then
+ # We are updating an installation which should already be adjusted
+ # or which was never affected
+ _need_to_fix_CVE2016_1247=0
+ debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!"
+ else
+ _has_to_adjust_permissions=1
+ debug-print "Need to adjust permissions to fix CVE-2016-1247!"
+ fi
+ fi
+ done
+
+ if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then
+ # We do not DIE when chmod/chown commands are failing because
+ # package is already merged on user's system at this stage
+ # and we cannot retry without losing the information that
+ # the existing installation needs to adjust permissions.
+ # Instead we are going to a show a big warning ...
+
+ if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then
+ ewarn ""
+ ewarn "The world-readable bit (if set) has been removed from the"
+ ewarn "following directories to mitigate a security bug"
+ ewarn "(CVE-2013-0337, bug #458726):"
+ ewarn ""
+ ewarn " ${EPREFIX%/}/var/log/nginx"
+ ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}"
+ ewarn ""
+ ewarn "Check if this is correct for your setup before restarting nginx!"
+ ewarn "This is a one-time change and will not happen on subsequent updates."
+ ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'"
+ chmod o-rwx \
+ "${EPREFIX%/}"/var/log/nginx \
+ "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \
+ _has_to_show_permission_warning=1
+ fi
+
+ if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then
+ ewarn ""
+ ewarn "The permissions on the following directory have been reset in"
+ ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):"
+ ewarn ""
+ ewarn " ${EPREFIX%/}/var/log/nginx"
+ ewarn ""
+ ewarn "Check if this is correct for your setup before restarting nginx!"
+ ewarn "Also ensure that no other log directory used by any of your"
+ ewarn "vhost(s) is not writeable for nginx user. Any of your log files"
+ ewarn "used by nginx can be abused to escalate privileges!"
+ ewarn "This is a one-time change and will not happen on subsequent updates."
+ chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1
+ chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1
+ fi
+
+ if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then
+ # Should never happen ...
+ ewarn ""
+ ewarn "*************************************************************"
+ ewarn "*************** W A R N I N G ***************"
+ ewarn "*************************************************************"
+ ewarn "The one-time only attempt to adjust permissions of the"
+ ewarn "existing nginx installation failed. Be aware that we will not"
+ ewarn "try to adjust the same permissions again because now you are"
+ ewarn "using a nginx version where we expect that the permissions"
+ ewarn "are already adjusted or that you know what you are doing and"
+ ewarn "want to keep custom permissions."
+ ewarn ""
+ fi
+ fi
+
+ # Sanity check for CVE-2016-1247
+ # Required to warn users who received the warning above and thought
+ # they could fix it by unmerging and re-merging the package or have
+ # unmerged a affected installation on purpose in the past leaving
+ # /var/log/nginx on their system due to keepdir/non-empty folder
+ # and are now installing the package again.
+ local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX)
+ su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null
+ if [ $? -eq 0 ] ; then
+ # Cleanup -- no reason to die here!
+ rm -f "${_sanity_check_testfile}"
+
+ ewarn ""
+ ewarn "*************************************************************"
+ ewarn "*************** W A R N I N G ***************"
+ ewarn "*************************************************************"
+ ewarn "Looks like your installation is vulnerable to CVE-2016-1247"
+ ewarn "(bug #605008) because nginx user is able to create files in"
+ ewarn ""
+ ewarn " ${EPREFIX%/}/var/log/nginx"
+ ewarn ""
+ ewarn "Also ensure that no other log directory used by any of your"
+ ewarn "vhost(s) is not writeable for nginx user. Any of your log files"
+ ewarn "used by nginx can be abused to escalate privileges!"
+ fi
+
+ if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then
+ # HTTPoxy mitigation
+ ewarn ""
+ ewarn "This nginx installation comes with a mitigation for the HTTPoxy"
+ ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting"
+ ewarn "the HTTP_PROXY parameter to an empty string per default when you"
+ ewarn "are sourcing one of the default"
+ ewarn ""
+ ewarn " - 'fastcgi_params' or 'fastcgi.conf'"
+ ewarn " - 'scgi_params'"
+ ewarn " - 'uwsgi_params'"
+ ewarn ""
+ ewarn "files in your server block(s)."
+ ewarn ""
+ ewarn "If this is causing any problems for you make sure that you are sourcing the"
+ ewarn "default parameters _before_ you set your own values."
+ ewarn "If you are relying on user-supplied proxy values you have to remove the"
+ ewarn "correlating lines from the file(s) mentioned above."
+ ewarn ""
+ fi
+}
diff --git a/www-servers/tomcat/Manifest b/www-servers/tomcat/Manifest
index 86d6b5f788bb..e1d75f12d77e 100644
--- a/www-servers/tomcat/Manifest
+++ b/www-servers/tomcat/Manifest
@@ -24,15 +24,15 @@ DIST apache-tomcat-8.5.27-src.tar.gz 5123614 BLAKE2B 0051a7b5a9d3529a012338e0b12
DIST apache-tomcat-8.5.28-src.tar.gz 5128929 BLAKE2B fe862a44fe57a50502b95d6f31863567b5596b183355a75fb7b75827a697299878920cc5ca5c24ffcdabae885a893266f40f174c76c32f449bec31e7a1be489b SHA512 55970e8babc1fde783e6e9f67a221012cae88e871391aa751e3c87c0fc7e58cd45662f025dc286dd529caced317dada48bb65786f87b44abbc9ce16f0d8fb0b5
DIST apache-tomcat-9.0.4-src.tar.gz 5073991 BLAKE2B 7efffbba395d78d5ab051dd2bdb7a1491cb04159421bec17deebcb901bbca5cfec67a651f8e1fcd9a394ba3e0650fc61e7da039f0f979ae60a87f477bc4bc3b8 SHA512 bb8777f6fff861a53381b15a4196053abd9cc01e080f0511032f69eb6f57f5c6ed0eafd8a94155f19a4654bce4fad39e0fcaa2e5473cb269bceeb46a2ea43557
DIST apache-tomcat-9.0.5-src.tar.gz 5077379 BLAKE2B db345767f6c35557054c33d789fc40b1d2071501130bec57df41bb3fdf6f8be5260c0faed317b9fe6fa40474f9de1f29c6a71039eb0b7d07fee4ee0109ac16e4 SHA512 4d0b24dcf26b94f4280382f64bcdeb74f24b69b86b1410ad40d4a0284d6787809485f7c2501b66126d778a73a5c3eb155856ac6d3b3e2a477d1742d8588c1e84
-EBUILD tomcat-7.0.82.ebuild 4279 BLAKE2B 21c8b0b0d3823ed1535276a03ed63b2afd840648036a1175f52babf19e3801f85d6bfb0822ef8a30aad1e731428511c2816d77d0afdd7587777775c33072fd86 SHA512 3f366efa7559235ef48b8dc297cafa6af9854f7ea6e4bce0e03e1be956590f3fa34fdbeeb5fd8ac7bd4e7ed43a4bda381a3c2b7f2b3e5a0e1ae50523ce5d5def
-EBUILD tomcat-7.0.84.ebuild 4168 BLAKE2B 13d55a2939d6e532abc64c985a2a83ace8fc4b865cb4abccd9b054c012cf3c090570fad4eaa6d9e2101bb7ba2a20fbb53c064a20163ac73af1ac02c46384dad1 SHA512 67bebe9a934570b75c6c69d3395213f8bfe4f433ee201743900469111a663a794402726502bc154a515e9ea96d528daa79265ea5ff61c878b6933b916c3a34c6
-EBUILD tomcat-7.0.85.ebuild 4168 BLAKE2B 13d55a2939d6e532abc64c985a2a83ace8fc4b865cb4abccd9b054c012cf3c090570fad4eaa6d9e2101bb7ba2a20fbb53c064a20163ac73af1ac02c46384dad1 SHA512 67bebe9a934570b75c6c69d3395213f8bfe4f433ee201743900469111a663a794402726502bc154a515e9ea96d528daa79265ea5ff61c878b6933b916c3a34c6
-EBUILD tomcat-8.0.48.ebuild 4471 BLAKE2B e644b15681482a9a89e0f8f598f6a4344824ed616302e9d76d86fc556a6c8d0cae243c163cab00797afe63d064fddb74b8721763646bbd62933a8a3b49935cfb SHA512 f9d2c7a69c10474acf5379ccb53f029d493987c204bb3cb1e2a2351e2b312196aad5743e961f9863c28ad95786239b2afd0ce79a18b56ae3271bf0fc533b5a94
-EBUILD tomcat-8.0.49.ebuild 4472 BLAKE2B adc088c5195c8ee33e73ec195114cd347dec109bd9b43844bf4104761a5f62f9373d0b7031b16f2cc073b8909fc2c0364206d7218169a9bb57b84065a1d60a79 SHA512 8eaf07510458087946fc4d8655de962d67e5c550c9270608b35ead3fe0bbbe8be0445d9ce5fdcffce9f3bde2933c874fd369f409949b7eef1aaa041792c15e32
-EBUILD tomcat-8.0.50.ebuild 4472 BLAKE2B adc088c5195c8ee33e73ec195114cd347dec109bd9b43844bf4104761a5f62f9373d0b7031b16f2cc073b8909fc2c0364206d7218169a9bb57b84065a1d60a79 SHA512 8eaf07510458087946fc4d8655de962d67e5c550c9270608b35ead3fe0bbbe8be0445d9ce5fdcffce9f3bde2933c874fd369f409949b7eef1aaa041792c15e32
-EBUILD tomcat-8.5.24.ebuild 4519 BLAKE2B 6a298cd733ce5cb37928a8fa8b3fb86be1811222c90edf6265bf91fd3b3320578ff694a092283b07b7c55b2b2cafaff9faf3a49ec553754f50dffe24721732a5 SHA512 dd929c7657a1b3496ce321e3dc9bfa2b0c135b3c9e2257387b6e1bbbb6d490b8dd835e3d2ab0d883f3059854fd762f65808a8a7e69111c5940d885011b1e9ae5
-EBUILD tomcat-8.5.27.ebuild 4520 BLAKE2B dd196056f5a9573c3a96ade1d2002d8c2941d7184fabadc08679f5cc3f4c22251c1f7e33e98aacde15e8f9d24fece6e0a82dc9389c1ff0145ae8fe2369cb0770 SHA512 9090868c52a1b844202618651eab855e9e7ef48fcb5f6b0ad546c9c223d4835ca3cb3047e44906298312359d3cabd54d7a19c1e02c9b19b361e8e6431536a43d
-EBUILD tomcat-8.5.28.ebuild 4520 BLAKE2B dd196056f5a9573c3a96ade1d2002d8c2941d7184fabadc08679f5cc3f4c22251c1f7e33e98aacde15e8f9d24fece6e0a82dc9389c1ff0145ae8fe2369cb0770 SHA512 9090868c52a1b844202618651eab855e9e7ef48fcb5f6b0ad546c9c223d4835ca3cb3047e44906298312359d3cabd54d7a19c1e02c9b19b361e8e6431536a43d
-EBUILD tomcat-9.0.4.ebuild 4500 BLAKE2B 0b9a6f855b524697ba5c99d96600eb479e140d03a6719b148c17870188c76f63cf71d829a3f277b16e8804aa839380692842354b2e8196d234102d54f80a433e SHA512 7c27fbeddc1a1e1ddeb1630a722473c6f8d29ef43f62c63490f643e2cad12288f0d6fbfcd71629fd18eb1b350dace1db2f3e61169cad34915e943060dd025cb7
-EBUILD tomcat-9.0.5.ebuild 4500 BLAKE2B 0b9a6f855b524697ba5c99d96600eb479e140d03a6719b148c17870188c76f63cf71d829a3f277b16e8804aa839380692842354b2e8196d234102d54f80a433e SHA512 7c27fbeddc1a1e1ddeb1630a722473c6f8d29ef43f62c63490f643e2cad12288f0d6fbfcd71629fd18eb1b350dace1db2f3e61169cad34915e943060dd025cb7
+EBUILD tomcat-7.0.82.ebuild 4337 BLAKE2B e5c731a5144ba84663d1a161167afc3c318e2f5bbcdff922bdc86eec16d120b9dafc9c6ee4c1a216215f18b3913bf895af8c7d7ba1ae04216b456075eddfd5b6 SHA512 ebf08288d0eab4611ad2fbf8e90d4a376d4b6bf631285e53de82690e99dcd2825fa6df0e19272fb8c0f809fc39fedd67e0a7d055bd8dc1956cfa2a4c76fdec20
+EBUILD tomcat-7.0.84.ebuild 4226 BLAKE2B 6f76edf2c56f84c2c6ed81abbbeef59d1688607e09b8b4416015b4f3deb0569d9ab41ada2300e67b198dd46fc679237b68d6d3d3546e80cb5ad0c9fc2ba3170d SHA512 340a279e2e3421ab3736cd040a01372d0b7822c664a8177e440ee7089305ed7b686f0e7ea9cc8d55290127b957eeeee96d5517cdd23c34f148c315f48b21baba
+EBUILD tomcat-7.0.85.ebuild 4226 BLAKE2B 6f76edf2c56f84c2c6ed81abbbeef59d1688607e09b8b4416015b4f3deb0569d9ab41ada2300e67b198dd46fc679237b68d6d3d3546e80cb5ad0c9fc2ba3170d SHA512 340a279e2e3421ab3736cd040a01372d0b7822c664a8177e440ee7089305ed7b686f0e7ea9cc8d55290127b957eeeee96d5517cdd23c34f148c315f48b21baba
+EBUILD tomcat-8.0.48.ebuild 4529 BLAKE2B f72552331f8a1688251a15f4f427f2e8a15c65050c8acfa7467fbea3899232d7f0390890a1868cf866a38961530a7e9caee80afeb7bd4703fa06e1d972ed6c46 SHA512 6744d87a843fb3e2bf71887ac94675de5e76f57bcda57b08936045deece3b643396051fbe3addca953f71abe6858ca5e9adf23a9b96fad84f9e445486f8dd2f3
+EBUILD tomcat-8.0.49.ebuild 4530 BLAKE2B fc0b3ee548236b8bf844f89a326dc423904a1ecd4be6d8f6a7b5a36f25b9c733b01500d5c2398886bd4f93307c6682a8053a116027ab1cf8b080463e2aa3ee33 SHA512 26f8e2f86f2f81c339b04ad50d72bb2b6b60b4c4af18eadcc64f4b98f9c0e68412374a8ee4fcfd458d489c7b0218f9a557b5513993ac3248a82fb2354657400c
+EBUILD tomcat-8.0.50.ebuild 4530 BLAKE2B fc0b3ee548236b8bf844f89a326dc423904a1ecd4be6d8f6a7b5a36f25b9c733b01500d5c2398886bd4f93307c6682a8053a116027ab1cf8b080463e2aa3ee33 SHA512 26f8e2f86f2f81c339b04ad50d72bb2b6b60b4c4af18eadcc64f4b98f9c0e68412374a8ee4fcfd458d489c7b0218f9a557b5513993ac3248a82fb2354657400c
+EBUILD tomcat-8.5.24.ebuild 4577 BLAKE2B 165a298ee88010600781a06f9941120c5a374f3b3836cb8e59b0b43eb04cb7594b327729846849903b8dc74827a9210fac08ceb9b6fb17947b28d9602732acc7 SHA512 05c68e5c8f446d1ea1588eef3d1e6797268a4f0364a9d0ade06c8ff5d963e8f04f1426302aec754095b27b7840046578813b6203e21e7069e863e9ae229d2943
+EBUILD tomcat-8.5.27.ebuild 4578 BLAKE2B 2986403aa13572b28d489957b738064b23e3a5fb62e00ef10ed88af7283501c4cb7e2d4cf95b1db61a4827eb00de27dbc5a14ae1fdaef6d7d8d760db7c860cc8 SHA512 b1f94fdbfe5171c55262831b39a1f019881f8c47169e96eee1d83fd89900849d661ba7786294bbc13ca71eb1d7bb3dd0315ee89a2e7738ec5ef9fa5e0ef3ce64
+EBUILD tomcat-8.5.28.ebuild 4578 BLAKE2B 2986403aa13572b28d489957b738064b23e3a5fb62e00ef10ed88af7283501c4cb7e2d4cf95b1db61a4827eb00de27dbc5a14ae1fdaef6d7d8d760db7c860cc8 SHA512 b1f94fdbfe5171c55262831b39a1f019881f8c47169e96eee1d83fd89900849d661ba7786294bbc13ca71eb1d7bb3dd0315ee89a2e7738ec5ef9fa5e0ef3ce64
+EBUILD tomcat-9.0.4.ebuild 4558 BLAKE2B af9028adf56f9fbbcaac1613bc3e6abc1acb063db7051910f54dc8ba27982dc5d75bd1b04f91a7d76ae5bff0317506b82412ad1064e767db4c1b4aac237b7bb5 SHA512 172557f1285876f2094b9958b7c48212da56a83d2444ede600e7a4a60d59ae7364b83be318cebe255e402a8575a41e340760e9c9424132d2a280f2b4b49f9ea4
+EBUILD tomcat-9.0.5.ebuild 4558 BLAKE2B af9028adf56f9fbbcaac1613bc3e6abc1acb063db7051910f54dc8ba27982dc5d75bd1b04f91a7d76ae5bff0317506b82412ad1064e767db4c1b4aac237b7bb5 SHA512 172557f1285876f2094b9958b7c48212da56a83d2444ede600e7a4a60d59ae7364b83be318cebe255e402a8575a41e340760e9c9424132d2a280f2b4b49f9ea4
MISC metadata.xml 712 BLAKE2B 3e0a9b1bd07334015006678c0e1d933dc3d7b65291425754f7bcaec673f2316ba85b2e7df2c79a90f0d53dfbc443329cbea8ddfde7d4c93a1635b6140a3b18b6 SHA512 bc7c894d5f945a732078cc4d9a7fa9d0374ebb6aec449487f8968b22aed07bc5e20094448fda9be7516206121d0dfec8c6d6e48ee818786999703ea778a82109
diff --git a/www-servers/tomcat/tomcat-7.0.82.ebuild b/www-servers/tomcat/tomcat-7.0.82.ebuild
index 77f95ae48755..6e42aeda702e 100644
--- a/www-servers/tomcat/tomcat-7.0.82.ebuild
+++ b/www-servers/tomcat/tomcat-7.0.82.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -144,5 +144,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-7.0.84.ebuild b/www-servers/tomcat/tomcat-7.0.84.ebuild
index 4ce5c4efd222..bebf2f0f8144 100644
--- a/www-servers/tomcat/tomcat-7.0.84.ebuild
+++ b/www-servers/tomcat/tomcat-7.0.84.ebuild
@@ -142,5 +142,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-7.0.85.ebuild b/www-servers/tomcat/tomcat-7.0.85.ebuild
index 4ce5c4efd222..bebf2f0f8144 100644
--- a/www-servers/tomcat/tomcat-7.0.85.ebuild
+++ b/www-servers/tomcat/tomcat-7.0.85.ebuild
@@ -142,5 +142,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-8.0.48.ebuild b/www-servers/tomcat/tomcat-8.0.48.ebuild
index 3af577f397b6..f48bfc74c0ac 100644
--- a/www-servers/tomcat/tomcat-8.0.48.ebuild
+++ b/www-servers/tomcat/tomcat-8.0.48.ebuild
@@ -153,5 +153,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-8.0.49.ebuild b/www-servers/tomcat/tomcat-8.0.49.ebuild
index badb0b2ee129..5f9b5faf7803 100644
--- a/www-servers/tomcat/tomcat-8.0.49.ebuild
+++ b/www-servers/tomcat/tomcat-8.0.49.ebuild
@@ -153,5 +153,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-8.0.50.ebuild b/www-servers/tomcat/tomcat-8.0.50.ebuild
index badb0b2ee129..5f9b5faf7803 100644
--- a/www-servers/tomcat/tomcat-8.0.50.ebuild
+++ b/www-servers/tomcat/tomcat-8.0.50.ebuild
@@ -153,5 +153,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-8.5.24.ebuild b/www-servers/tomcat/tomcat-8.5.24.ebuild
index 959e4f90437e..a9d17b4ed6a0 100644
--- a/www-servers/tomcat/tomcat-8.5.24.ebuild
+++ b/www-servers/tomcat/tomcat-8.5.24.ebuild
@@ -153,5 +153,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-8.5.27.ebuild b/www-servers/tomcat/tomcat-8.5.27.ebuild
index 17a74d0fb02b..889da8d4f238 100644
--- a/www-servers/tomcat/tomcat-8.5.27.ebuild
+++ b/www-servers/tomcat/tomcat-8.5.27.ebuild
@@ -153,5 +153,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-8.5.28.ebuild b/www-servers/tomcat/tomcat-8.5.28.ebuild
index 17a74d0fb02b..889da8d4f238 100644
--- a/www-servers/tomcat/tomcat-8.5.28.ebuild
+++ b/www-servers/tomcat/tomcat-8.5.28.ebuild
@@ -153,5 +153,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-9.0.4.ebuild b/www-servers/tomcat/tomcat-9.0.4.ebuild
index bb86ba9675bc..9b79ebaf9473 100644
--- a/www-servers/tomcat/tomcat-9.0.4.ebuild
+++ b/www-servers/tomcat/tomcat-9.0.4.ebuild
@@ -153,5 +153,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tomcat/tomcat-9.0.5.ebuild b/www-servers/tomcat/tomcat-9.0.5.ebuild
index bb86ba9675bc..9b79ebaf9473 100644
--- a/www-servers/tomcat/tomcat-9.0.5.ebuild
+++ b/www-servers/tomcat/tomcat-9.0.5.ebuild
@@ -153,5 +153,6 @@ pkg_postinst() {
ewarn "tomcat-dbcp.jar is not built at this time. Please fetch jar"
ewarn "from upstream binary if you need it. Gentoo Bug # 144276"
-# einfo "Please read https://www.gentoo.org/proj/en/java/tomcat6-guide.xml for more information."
+ einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
+ einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
}
diff --git a/www-servers/tornado/Manifest b/www-servers/tornado/Manifest
index 4cc4c8c3b5d3..e7e2956dcb4e 100644
--- a/www-servers/tornado/Manifest
+++ b/www-servers/tornado/Manifest
@@ -4,5 +4,5 @@ AUX 4.5.1-drop-intersphinx.patch 717 BLAKE2B e9a2ea61b68302b796aa2e7bd7d7745d0f8
DIST tornado-4.4.2.tar.gz 460193 BLAKE2B 4586397e8899af19582e07ac9ecdf56980a552a8c15458f1c16d83dc8ec7bf73b6a1eb341a5402d8555319c3d7528702567d13c4b56a995597e7dba4576f694b SHA512 f330bc62433576708e3c566577cede07c54c19996f374df82d5abc19a669ade549e7b6c27dcae3d421921fec506fae39473443cdb04692553c5ea2f8ec11a327
DIST tornado-4.5.1.tar.gz 483225 BLAKE2B 261a5da8a7cc43b11b8504162a030fdad9c3c1409d653f86ab37deb5e4398f39ac05bee1da58944c2d1a2fa92dd5894256b748910f90926834305d6c6adf7ab4 SHA512 b31b3572bf58df8b758694c32b2233c547d6600b0c27f56cff3521abaad38a1646a528d2c2dfcf13214159bf5ba0f59470ba3d538edf16dc014a8b03f0d3bb87
EBUILD tornado-4.4.2-r1.ebuild 1861 BLAKE2B 89b4ed430ad82598327d723b2bc4de0513e95de0f64e7a0a74bc08e40b54b22042cc3628eff6c932f4e4d2fa3361e3084b87a54deac5075737de34adc485859b SHA512 12d2fa8ad9f1e08c0e5e278aa91565c94585009cade64f1f4db2cc968b68e8719ba98288d87d753de7924d71fa98bc810f1b2026b55f2366e3608cbac02318a3
-EBUILD tornado-4.5.1.ebuild 1856 BLAKE2B 8945c7f15f0e49ec5a12dc8a3898142048cb2b4cbc3e5e13f1fa91cdf2c6dc8edf37a1e1ac184abda991c704b5863ccf8272ba84bfc91d6bf0a8a0dd83021441 SHA512 d85325a283fd8ec51ada90450eb38b0eb39347f72b90645e02fbaa67eb04c3024651dcca98de65a5cf45aa8bfcee3ca6491203a855bd6260d6d82ff66ec7134e
+EBUILD tornado-4.5.1.ebuild 1868 BLAKE2B 722e23f6ecdb3d110a61cb074933b2b61b080bc21948fd42fae4099275f8c4114aeed18c6635aa1c569581c2364105c86278f31769dba27dd9d826aa95c29964 SHA512 a844f5b5b52ae13ada511f50c3979b1a96683bb81f52c93d71d89d38da98817e677bccc41113941d996594622e4dd312254a93c636c77d951f31c5b900312447
MISC metadata.xml 493 BLAKE2B d383e25addffcf446c56a850fb911035d70ba154b3f55583ba7b0ca79983c9d3fbf572c2d4b204e89129d4a220cad6fa30522e5cd55dceea60e37c57c3ce6502 SHA512 0b5a841c865a3a539ec5592ecb6c725c0f337e0fdf55a0075a27f94364ad6fd8dbf6e344808dcebbbc4953d30e51be34b9a7daaa8a9e75e656a6f74c62664d48
diff --git a/www-servers/tornado/tornado-4.5.1.ebuild b/www-servers/tornado/tornado-4.5.1.ebuild
index 23317435e308..455bb5303a0c 100644
--- a/www-servers/tornado/tornado-4.5.1.ebuild
+++ b/www-servers/tornado/tornado-4.5.1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -14,7 +14,7 @@ SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
LICENSE="Apache-2.0"
SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux"
IUSE="doc examples test"
CDEPEND="
diff --git a/www-servers/varnish/Manifest b/www-servers/varnish/Manifest
index 6b870d1fdb4d..46cfde2105cc 100644
--- a/www-servers/varnish/Manifest
+++ b/www-servers/varnish/Manifest
@@ -1,4 +1,5 @@
AUX fix-build-x86.patch 871 BLAKE2B 2d08a9e541ce5cc23910124d6bba677bd17287e7158f20395d61bcae3c92fb1a813244051561af71a8482ad47d22659df37f8bd00a54df169e84d4c2ce7a7bd2 SHA512 b46ab9cbfc5e7e4a75d1caf624fab453338531a19a8653550347fc233652199977ea907ba79e4db7822cb5c24f12f48aa765e4d582ba1bbd43edaf88d6b05d7c
+AUX varnish-5.2.0-fix-import.patch 1743 BLAKE2B 7b5e428653b419219a3001a95f57bf4b473a1d11c47e66f821a77e90b235467847a356e4c08c5a95e2f33e78e0d1c95ddcd4d461ad28867b4827b99e2573a0ad SHA512 bb64ddd0c15279b448a091b20aff4b36270b42b4d3e7389f98d0c9e54303d47d676eb90e1735e614bcede788466c291a8f809bdea733ddef8ad4f24bd645daf0
AUX varnishd.confd-r4 519 BLAKE2B 18d867add08324ad9ea8b829a747e21c450d6c1f724e18c4318d21ba1647250073d443ea63d721585dc2a274d490a9fb76f14d5e725cc62f483b45be45220463 SHA512 98c8901e53f3c6adb908b9eb01fd441ea53f3c54d4a79aecb1fb1eddfa2fc93de3d0de403a4464a9baff15873b3a20623837e3a37cb225e924a329e32b9e37d6
AUX varnishd.initd-r4 1573 BLAKE2B 79a6583ea337857c58eafcf6dff5cd9646a871116adca6aa5a956bf25b8474394d850afb3c296cc5c920bad0176ca144a486b7202d3a94e7ab7e4688c552be5d SHA512 5ac7867e85cbd721f903c524ed4b524423d9dada4acfeefb0e543214a208828df5cc4efe2f012991bea6b38c2b223c24b17d3890ec4ed2c57d2b441b8e5a6900
AUX varnishd.logrotate-r2 470 BLAKE2B c44ccd8198458031b977e3d0d1b6ef1a0c824554b7b1d9745e6bbbcddb7cf1c9ba23bd72472361bfda803f9691276433f3af422819aa3e6e8e5436f66cc47097 SHA512 51cc6d46ff7439de93977ab87dfb0af399458c1e446475696f73342ae7a0c1a8ca8fc6e79e593659f1af30716a5f8a1ee5e3b1f5e7b35df40b45d47e7b0f2ffd
@@ -10,7 +11,9 @@ AUX varnishncsa.initd 716 BLAKE2B 33fd6b044ab50aef629fa4501eb4a78bd3d690db52b86a
DIST varnish-4.0.5.tgz 1947888 BLAKE2B d921dc6f2abae7b0bd1816470fd41f8555c02a02607b49bf8f36a0b778dd926ea0f5e8cf8a60aaceb097bd4193e22fc7d718c1f13a4f8502b57b797277c66f5a SHA512 a08259f6f9c6fffa188b26c1f8c630de5e6d2f6d52f6efa9d5d8239cdd8721c53e2be3379f8100efb537e74416eadd6c865f4cc687db1c5a9f757bb3f73abeda
DIST varnish-4.1.8.tgz 2254772 BLAKE2B acadf4079d58bb8f0dc5e24713aba7f2786ca6f06a683465b1564bacd986e209d858f9a3100cfb7586fa5d17f7e5f4d8425ece10c609bb3412d3adafa6ad0d05 SHA512 c642359118d87e8713d2ccf817da317a454a0f9ae6f7a07da1d10b5076aa7e5d7dcc203ef71ae19d56b7592db0c66b4ca96cb43d5fa0e6aa588d1dc8e03e026e
DIST varnish-5.1.3.tgz 2643223 BLAKE2B 85bae87785da1284d7d916b8948a0984eea9cf07e96012255435ba04c28e8078e5dad893946bbc12da6cbe9326699458f0e3af6be55cb5e7bba4e622724ddac2 SHA512 a10c317dc38ddff139ca8153f6388955df449c3abeb4d4f069b632ba2b32064a2827ab05fa8515994b251a68507fc3a7bf4e08eacc991fc03283ab234b9efd0a
+DIST varnish-5.2.1.tgz 2827676 BLAKE2B 6f50a55a9b16d137eaec59aea98a0179b808bb67fc3de26c9b0924b9937a3688b7f9db45d2f0a71be2b7c6f77bfd47cd22e7b898348b5236114572b5bb33ff22 SHA512 2e979983c7f2325e289768752cc474dc3032c3420de65ccfd5871098c076aecf18e962b04308ecb1860f542fd6f6418dc79220fdd6cf4a75f7476a733faa589c
EBUILD varnish-4.0.5.ebuild 2053 BLAKE2B fe89edbd9be61d6e0d9492f92b66778373eda0dca0d05af3d4ab6400b93ad977ce2611e79c4588e5ac67364332524799514b4e205db5f7747bfc362f882a810c SHA512 b25494d96fdc186add8c86f4d97fd8357f9d98fff6f466db32a5f5fe1f6670bb421206edc859a00978f27f23ece1d15f34a09a1619195e426245d8c18f779a75
EBUILD varnish-4.1.8.ebuild 2211 BLAKE2B 67e3be2c4749a707de437f0bdd20298e816e4beca0fae142ae2fa06ae5f47dc6f0fd197260e5e60ae1bc308c3d506d16de91e13431fb62bf6b4cff3a68edcbc3 SHA512 50406243450dff96b7d50684fd0be71dd972b03afccdd3d550b13f45ac04732e0eadd92bc42512a8b4196759125be93f8e4bb09ebd606ee7343c0a75dce96836
EBUILD varnish-5.1.3.ebuild 2216 BLAKE2B 42c69830b206782e10cec132b863c1fa2bcac9f6af27bb5266230571fdbdc5cfd17504a571f271e6668848fb59c040b53d05ccc80ea3a8bee554ae05b131c58e SHA512 1e93b34978c8f554520f673f7bdc6a8acca307735fcd4361aeb125887a9efb9912a9aaba7f4d0a6d61ad768b903d8ed46bf43f8b546d346c4b16783d231047d1
+EBUILD varnish-5.2.1.ebuild 2270 BLAKE2B 4d6f096b4cfecb61fee72d9e184f498fb99ef8bff52be08d43ec751433990b407ba7897c9301de62d37e487da0a1b90e1352c400ecaec0acb318047ec1d4db1f SHA512 605b4d2f480aad4644a1363b4190053143e3d0eaf0de20eec35cd85cb43e9c40f590f1d2a592ad0cce9824317cc2562bb2b91d08a37c254ce5e3835b7348dfb8
MISC metadata.xml 1258 BLAKE2B 7022b186f4fcffa296f034811c1bc037c29f6d21b990d2c80771cca9243ed8406341908a2ee32ded7ac97573b6a809798cadbb9aa6c9ad9f100a7b7e251fb720 SHA512 052377552103c4ee337e931cc84d5e86d1381473484bb2f1133143219cb3d9ba9b4a78cdd411f3523c424f7637df51bbd2b9c0c9a22520314152f811644f04b7
diff --git a/www-servers/varnish/files/varnish-5.2.0-fix-import.patch b/www-servers/varnish/files/varnish-5.2.0-fix-import.patch
new file mode 100644
index 000000000000..f83385a3f8e7
--- /dev/null
+++ b/www-servers/varnish/files/varnish-5.2.0-fix-import.patch
@@ -0,0 +1,66 @@
+From 17c92e43fda114bf5341e51d752e882238b8fe8c Mon Sep 17 00:00:00 2001
+From: Nils Goroll <nils.goroll@uplex.de>
+Date: Thu, 5 Oct 2017 13:39:23 +0200
+Subject: [PATCH] hack up vsctool to work with python 2 and 3
+
+StringIO does not exist any more in python3, yet requiring 2.7 would
+not pave the path forward, so try to be compatible with both.
+
+Works for me on Python 2.7.9 and Python 3.4
+
+I would appreciate if someone more fluent in serpentinous programming
+language reviewed and/or rewrote this.
+---
+ lib/libvcc/vsctool.py | 24 ++++++++++++++++++++----
+ 1 file changed, 20 insertions(+), 4 deletions(-)
+
+diff --git a/lib/libvcc/vsctool.py b/lib/libvcc/vsctool.py
+index 854968e3b..829c6e518 100644
+--- a/lib/libvcc/vsctool.py
++++ b/lib/libvcc/vsctool.py
+@@ -37,7 +37,10 @@
+ import json
+ import sys
+ import gzip
+-import StringIO
++try:
++ import StringIO
++except ImportError:
++ import io
+ import collections
+ import struct
+
+@@ -54,9 +57,22 @@
+ "format": [ "integer", FORMATS],
+ }
+
++# http://python3porting.com/problems.html#bytes-strings-and-unicode
++if sys.version_info < (3,):
++ def b(x):
++ return x
++else:
++ import codecs
++ def b(x):
++ return codecs.latin_1_encode(x)[0]
++
+ def gzip_str(s):
+- out = StringIO.StringIO()
+- gzip.GzipFile(fileobj=out, mode="w").write(s)
++ try:
++ out = StringIO.StringIO()
++ except NameError:
++ out = io.BytesIO()
++
++ gzip.GzipFile(fileobj=out, mode="w").write(b(s))
+ out.seek(4)
+ out.write(struct.pack("<L", 0x12bfd58))
+ return out.getvalue()
+@@ -285,7 +301,7 @@ class rst_vsc(directive):
+ def __init__(self, s):
+ super(rst_vsc, self).__init__(s)
+
+- for i,v in PARAMS.iteritems():
++ for i,v in PARAMS.items():
+ if v is not True:
+ self.do_default(i, v[0], v[1])
+
diff --git a/www-servers/varnish/varnish-5.2.1.ebuild b/www-servers/varnish/varnish-5.2.1.ebuild
new file mode 100644
index 000000000000..3a01a4558676
--- /dev/null
+++ b/www-servers/varnish/varnish-5.2.1.ebuild
@@ -0,0 +1,103 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} pypy )
+
+inherit user autotools systemd python-r1
+
+DESCRIPTION="Varnish is a state-of-the-art, high-performance HTTP accelerator"
+HOMEPAGE="http://www.varnish-cache.org/"
+SRC_URI="http://varnish-cache.org/_downloads/${P}.tgz"
+
+LICENSE="BSD-2 GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~mips ~ppc ~ppc64 ~x86"
+IUSE="jemalloc jit static-libs"
+
+CDEPEND="
+ sys-libs/readline:0=
+ dev-libs/libpcre[jit?]
+ jemalloc? ( dev-libs/jemalloc )
+ sys-libs/ncurses:0="
+
+#varnish compiles stuff at run time
+RDEPEND="
+ ${PYTHON_DEPS}
+ ${CDEPEND}
+ sys-devel/gcc"
+
+DEPEND="
+ ${CDEPEND}
+ dev-python/docutils
+ virtual/pkgconfig"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+
+RESTRICT="test" #315725
+
+pkg_setup() {
+ ebegin "Creating varnish user and group"
+ enewgroup varnish
+ enewuser varnish -1 -1 /var/lib/varnish varnish
+ eend $?
+}
+
+src_prepare() {
+ # Remove -Werror bug #528354
+ sed -i -e 's/-Werror\([^=]\)/\1/g' configure.ac
+
+ # Upstream doesn't put varnish.m4 in the m4/ directory
+ # We link because the Makefiles look for the file in
+ # the original location
+ ln -sf ../varnish.m4 m4/varnish.m4
+
+ eapply "${FILESDIR}"/${PN}-5.2.0-fix-import.patch
+
+ eapply_user
+
+ eautoreconf
+}
+
+src_configure() {
+ econf \
+ $(use_enable static-libs static) \
+ $(use_enable jit pcre-jit ) \
+ $(use_with jemalloc)
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ python_replicate_script "${D}/usr/share/varnish/vmodtool.py"
+
+ newinitd "${FILESDIR}"/varnishlog.initd varnishlog
+ newconfd "${FILESDIR}"/varnishlog.confd varnishlog
+
+ newinitd "${FILESDIR}"/varnishncsa.initd varnishncsa
+ newconfd "${FILESDIR}"/varnishncsa.confd varnishncsa
+
+ newinitd "${FILESDIR}"/varnishd.initd-r4 varnishd
+ newconfd "${FILESDIR}"/varnishd.confd-r4 varnishd
+
+ insinto /etc/logrotate.d/
+ newins "${FILESDIR}/varnishd.logrotate-r2" varnishd
+
+ diropts -m750
+
+ dodir /var/log/varnish/
+
+ systemd_dounit "${FILESDIR}/${PN}d.service"
+
+ insinto /etc/varnish/
+ doins lib/libvmod_std/vmod.vcc
+ doins etc/example.vcl
+
+ dodoc README.rst
+ dodoc doc/changes.rst
+
+ fowners root:varnish /etc/varnish/
+ fowners varnish:varnish /var/lib/varnish/
+ fperms 0750 /var/lib/varnish/ /etc/varnish/
+}