www/nginx-devel: update JavaScript module to 0.7.5

Bump PORTREVISION.

<ChangeLog>

nginx modules:

*) Change: adapting to changes in nginx header structures.

*) Bugfix: fixed r.headersOut special getters when value
   is absent.

*) Change: returning undefined value instead of an empty string
   for Content-Type when the header is absent.

www/nginx-devel: update PORTSCOUT

www/nginx-devel: simplify patching for the third-party gridfs module

No functional changes.

www/nginx-devel: update third-party gridfs module

Bump PORTREVISION.

www/nginx-devel: update third-party nchan (aka http_push) module

Bump PORTREVISION.

www/nginx-devel: update third-party tarantool module

Bump PORTREVISION.

www/nginx-devel: third-party modsecurity module update to 1.0.3

www/nginx-devel: update third-party lua module to 0.10.21

Bump PORTREVISION.

PR:	264149

www/nginx-devel: update NGINX JavaScript module to 0.7.4

Bump PORTREVISION.

<ChangeLog>
nginx modules:

*) Feature: added extended directive to configure Fetch API.
   The following directives were added: "js_fetch_timeout",
   "js_fetch_verify", "js_fetch_buffer_size",
   "js_fetch_max_response_buffer_size".

*) Change: r.internalRedirect() now accepts escaped URIs.

*) Bugfix: fixed Response parsing with more than 8 headers

www/nginx-devel: update 1.21.6 -> 1.22.0

While I'm here update third-party ip2location to its recent commit.

<ChangeLog>

*) 1.22.x stable branch.

</ChangeLog>

www/nginx-devel: update third-party modules

o) nchan (also know as http_push) from 1.2.12 to 1.2.15;
o) opentracing to 0.24.0.

Bump PORTREVISION.

www/nginx-devel: update third-party upload module to the recent commit

Bump PORTREVISION.

www/nginx-devel: update NGINX JavaScript module to 0.7.3

Bump PORTREVISION.

<ChangeLog>

Core:

*) Feature: added support of module resolution callback.
   This feature allows a host environment to control
   how imported modules are loaded.

*) Bugfix: fixed backtraces while traversing imported user
   modules.

*) Bugfix: fixed Array.prototype.concat() when "this" is a slow
   array.

*) Bugfix: fixed frame allocation from an awaited frame.

*) Bugfix: fixed allocation of large array literals.

*) Bugfix: fixed interpreter when "toString" conversion fails.

</ChangeLog>

*/*: add new port NGINX JavaScript (njs) command line utility

NGINX JavaScript, also knows as njs, is a subset of the JavaScript
language that allows extending nginx functionality.  njs is created
in compliance with ECMAScript 5.1 (strict mode) with some ECMAScript 6
and later extensions.  It's easy to use njs command line utility to
develop and debug additional functionality.  Also, it's light-weight
and very useful as a shebang in some cases as the nodejs substitutor.

Remove build of njs command-line utlity from the www/nginx-devel (*)
process.

Bump PORTREVISION. (*)

www/nginx-devel: update third-party lua module

Update third-party lua module from v0.10.21rc1 to v0.10.21rc2.
Bump PORTREVISION.

www/nginx-devel: update third-party ngx_fancyindex module

Update third-party ngx-fancyindex module from v0.5.1 to v0.5.2.
Bump PORTREVISION.

www/nginx-devel: update HTTPv3/QUIC patch to the recent commit

www/nginx-devel: update third-party modules

o) lua from 0.10.20 to 0.10.21rc1
o) encrypted-session from 0.08 to 0.09

Bump PORTREVISION.

www/nginx-devel: update third-party vod module to 1.29

Update the list of dependences for the module.
Bump PORTREVISION.

www/nginx-devel: update third-party spnego-http-auth module

The Kerberos MIT implementation is the only one is supported by the
third-party spnego module, so remove needless staff.

Bump PORTREVISION.

www/nginx-devel: update from 1.21.5 to 1.21.6.

<Changelog>

*) Bugfix: when using EPOLLEXCLUSIVE on Linux client connections were
   unevenly distributed among worker processes.

*) Bugfix: nginx returned the "Connection: keep-alive" header line in
   responses during graceful shutdown of old worker processes.

*) Bugfix: in the "ssl_session_ticket_key" when using TLSv1.3.

</Changelog>

www/nginx-devel: update NGINX JavaScript module to 0.7.2.

Bump PORTREVISION.

<ChangeLog>

Core:

*) Bugfix: fixed Array.prototype.join() when array is changed
   while iterating.

*) Bugfix: fixed Array.prototype.slice() when array is changed
   while iterating.

*) Bugfix: fixed Array.prototype.concat() when array is changed

www/nginx-devel: update HTTPv3/QUIC patch to the recent commit

Bump PORTREVISION.

www/nginx-devel: update HTTPv3/QUIC patch to the recent commit

Bump PORTREVISION.

*: Fix USE_GNOME usage

USE_GNOME no longer implies USES=gnome. USE_GNOME will not have
any effect unless you add USES=gnome yourself.

Reported by:	portscan

nginx-devel/Makefile: update HTTPv3 patch to the recent commit

The extra-patch-httpv3 contains the README file now, previously a
diff for that file was omitted.  To avoid a rejection for the README
file the original file from nginx distribution is going to be preserved.

Bump PORTREVISION.

www/nginx-devel: fix dependences for some modules

HTTP_DAV_EXT module requires libraries, so let's define them
with a more canonical way.
While I'm here use the same way to define dependences for the
HTTP_XSLT module as well.

PR:	261134

www/nginx-devel: able to build with security/openssl-quictls

While I'm here fix a typo in a start-up template, introduced in
c42df2fcbbeccbfb2d57f4d6d7558493d512d732.

Bump PORTREVISION.

Differential Revision:	https://reviews.freebsd.org/D33773
Reviewed by:		pluknet

www/nginx-devel: remove rpath-specific configure options

Bump PORTREVISION.

www/nginx-devel: able to customize the stop signal

Bump PORTREVISION.

PR:	254962

www/nginx-devel: initial support for HTTPv3

Bump PORTREVISION.

Based on ideas from:	ashish

www/nginx-devel: update third-party opentracing module

Update third-party opentracing module to its recent commit.
Bump PORTREVISION.

www/nginx-devel: update third-party http_substitutions_filter module

Update the third-party module to its recent version to support
both PCRE1 and PCRE2 libraries.

Bump PORTREVISION.

Idea from:	http://hg.nginx.org/pkg-oss/rev/45cb552c6860
Thanks to:	Mikhail Isachenkov <mikhail.isachenkov@nginx.com>

www/nginx-devel: choose PCRE library for build

NGINX 1.21.5 adds support for PCRE2 library, in addition to
support PCRE1.  It's possible to choose regular expression
library for the port now.

Please note: several modules are required patching to support
PCRE2 library, so let's keep PCRE1 as default version for now.

Bump PORTREVISION.

www/nginx-devel: update from 1.21.4 to 1.21.5.

Please note: it's possible to build the recent version of nginx
with PCRE2 library, but several third-party modules have some
build issues, so let's keep www/nginx-devel depends on PCRE1
library for now, but keep in mind it needs to switched to the
modern, i.e. second, version of PCRE.

<Changelog>

Changes with nginx 1.21.5

*) Change: now nginx is built with the PCRE2 library by default.

*) Change: now nginx always uses sendfile(SF_NODISKIO) on FreeBSD.

framework: Add new USES 'magick' for graphics/ImageMagick*

A new USES has been added to depend on ImageMagick.

	USES=magick

adds a LIB_DEPENDS on graphics/ImageMagick${IMAGEMAGICK_DEFAULT}.

If a specific version is required, use for example

	USES=magick:6        resp.     USES=magick:7

If only a build, run or test is required, use for example

	USES=magick:build    resp.     USES=magick:6,build,test

www/nginx-devel: update third-party passenger module

Bump PORTREVISION.

www/nginx-devel: update from 1.21.3 to 1.21.4.

New kernel TLS feature is available starting with FreeBSD 13.0,
and it requires OpenSSL 3.0, compiled with "enable-ktls" option.
Further, KTLS needs to be enabled in kernel, and in OpenSSL,
either via OpenSSL configuration file or with

  ssl_conf_command Options KTLS;

in nginx configuration.

To enable kernel TLS on FreeBSD 13 and above:

  # kldload ktls_ocf
  # sysctl kern.ipc.tls.enable=1

www/nginx-devel: Update deprecated CPE_VENDOR nginx to f5

Approved by:	portmgr (blanket)

www/nginx-devel: fix the Kerberos5 implementation knob name (*)

No functional changes, so do not bump PORTREVISION.

Introduced:	adc7097c90ee5e8db0d063200faa689034ac91f0 (*)

www/nginx-devel: update third-party SPNEGO module to it recent commit

Notify that one of the implementation of Kerberos5 needs to be chosen.

Bump PORTREVISION.

www/nginx-devel: update NGINX JavaScript module to 0.7.0.

Bump PORTREVISION.

<ChangeLog>

nginx modules:

*) Feature: added HTTPS support for Fetch API.

*) Feature: added setReturnValue() method.

Core:

*) Feature: introduced Async/Await implementation.

*: fix tab vs. space issues, and comments according to the guide.

www/nginx-devel: update third-party passenger module to 6.0.11

Bump PORTREVISION.

www/nginx-devel: regenerate distinfo in full

www/nginx-devel: update third-party modules

o) http_push (aka nchan)
o) rtmp

Remove needless patches.
Bump PORTREVISION.

www/nginx-devel: update PORTSCOUT.

No functional changes.

www/nginx-devel: update from 1.21.2 to 1.21.3.

<Changelog>

*) Change: optimization of client request body reading when using
   HTTP/2.

*) Bugfix: in request body filters internal API when using HTTP/2 and
   buffering of the data being processed.

</Changelog>

www/nginx-devel: update from 1.21.1 to 1.21.2.

While I'm here, fix build of the third-party ajp module by changing
a distribution point.

<Changelog>

*) Change: now nginx rejects HTTP/1.0 requests with the
   "Transfer-Encoding" header line.

*) Change: export ciphers are no longer supported.

*) Feature: OpenSSL 3.0 compatibility.

*) Feature: the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines

www/nginx-devel: update NGINX JavaScript module to 0.6.2.

<ChangeLog>
nginx modules:

*) Bugfix: fixed CPU hog when js_filter is registered
   in both directions.

Core:

*) Feature: introduced AggregateError implementation.

*) Feature: added remaining Promise constructor methods.
   The following methods were added: Promise.all(),
   Promise.allSettled(), Promise.any(), Promise.race().

www/nginx-devel: update third-party opentracing module to a recent commit.

Bump PORTREVISION.

www/nginx-devel: update third-party modules

o) lua: from 0.10.19 to 0.10.20;
o) modsecurity3: from 1.0.1 to 1.0.2.

Bump PORTREVISION.

www/nginx-devel: update third-party Passenger module to 6.0.10.

www/nginx-devel: update from 1.21.0 to 1.21.1.

<Changelog>

*) Change: now nginx always returns an error for the CONNECT method.

*) Change: now nginx always returns an error if both "Content-Length"
   and "Transfer-Encoding" header lines are present in the request.

*) Change: now nginx always returns an error if spaces or control
   characters are used in the request line.

*) Change: now nginx always returns an error if spaces or control
   characters are used in a header name.

www/nginx-devel: update NGINX JavaScript module to 0.6.1.

<ChangeLog>

*) Bugfix: fixed RegExpBuiltinExec() with UTF-8 only regexps.
   The bug was introduced in 0.4.2.

*) Bugfix: fixed parsing of export default declaration with
   non-assignment expressions.
   Thanks to Artem S. Povalyukhin.

</ChangeLog>

www/nginx-devel: update NGINX JavaScript module to 0.6.0.

Bump PORTREVISION.

<ChangeLog for njs 0.5.3>

Core:

*) Feature: added let and const declaration support.

*) Feature: added RegExp.prototype[Symbol.split].

*) Feature: added sticky flag support for RegExp.

*) Bugfix: fixed heap-buffer-overflow in

www/nginx-devel: security update from 1.20.0 to 1.21.0.

Security:	0882f019-bd60-11eb-9bdd-8c164567ca3c
Security:	CVE-2021-23017

<Changelog>

*) Security: 1-byte memory overwrite might occur during DNS server
   response processing if the "resolver" directive was used, allowing an
   attacker who is able to forge UDP packets from the DNS server to
   cause worker process crash or, potentially, arbitrary code execution
   (CVE-2021-23017).

*) Feature: variables support in the "proxy_ssl_certificate",
   "proxy_ssl_certificate_key" "grpc_ssl_certificate",

Port should not change its name depending on options.

www/nginx-devel: welcome to the new stable release 1.20.0.

www/nginx-devel: update third-party vod module to 1.27

www/nginx-devel: move third-party module definition to Makefile.extmod.

www/nginx-devel: update from 1.19.9 to 1.19.10.

<Changelog>

*) Change: the default value of the "keepalive_requests" directive was
   changed to 1000.

*) Feature: the "keepalive_time" directive.

*) Feature: the $connection_time variable.

*) Workaround: "gzip filter failed to use preallocated memory" alerts
   appeared in logs when using zlib-ng.

</Changelog>

Update the patches for third-party passenger module.

The issue was introduced by:	2e741e74b8db691f3cae0abf8482ade801fb74f4
PR:	254824

all: Remove all other $FreeBSD keywords.

Remove # $FreeBSD$ from Makefiles.

Update passenger and its nginx module from 6.0.7 to 6.0.8.

Bump PORTREVISION for www/nginx-devel.

Update from 1.19.8 to 1.19.9.

Update NGINX JavaScript module from 0.5.2 to 0.5.3.
Remove needless patches.

<ChangeLog for nginx 1.19.9>

*) Bugfix: nginx could not be built with the mail proxy module, but
   without the ngx_mail_ssl_module; the bug had appeared in 1.19.8.

*) Bugfix: "upstream sent response body larger than indicated content
   length" errors might occur when working with gRPC backends; the bug
   had appeared in 1.19.1.

*) Bugfix: nginx might not close a connection till keepalive timeout

Run NJS module's configure script in the configure phase.
While I'm here update the NJS module description.

Bump PORTREVISION.

Add another patch to fix build the mail module
without SSL support.

Update from 1.19.7 to 1.19.8.
Add the vendor's patch to build mail module without SSL support.

<Changelog>

*) Feature: flags in the "proxy_cookie_flags" directive can now contain
   variables.

*) Feature: the "proxy_protocol" parameter of the "listen" directive,
   the "proxy_protocol" and "set_real_ip_from" directives in mail proxy.

*) Bugfix: HTTP/2 connections were immediately closed when using
   "keepalive_timeout 0"; the bug had appeared in 1.19.7.

*) Bugfix: some errors were logged as unknown if nginx was built with
   glibc 2.32.

*) Bugfix: in the eventport method.

</Changelog>

Update NGINX JavaScript module from 0.5.1 to 0.5.2.

Bump PORTREVISION.

Remove redundant option descriptions that match the default ones

(ignoring case)

Reported by:	danfe (for net/mosquitto), portscan

Fix the port build by changing a third-party module
distribution on GH.
Bump PORTREVISION.

PR:	253700

Refresh the kernel TLS patch.

This functionality is available with the following prerequisites:
o) security/openssl built from ports with the kTLS options defined;
o) FreeBSD 13.

Bump PORTREVISION.

Submitted by:	jhb
Obtained from:	https://github.com/nginx/nginx/compare/master...bsdjhb:ktls.patch

Update from 1.19.6 to 1.19.7.
Update njs module from 0.5.0 to 0.5.1.
Update third-party auth_ldap module to its recent commit.

<Changelog>

Changes with nginx 1.19.7                                        16 Feb 2021

*) Change: connections handling in HTTP/2 has been changed to better
   match HTTP/1.x; the "http2_recv_timeout", "http2_idle_timeout", and
   "http2_max_requests" directives have been removed, the
   "keepalive_timeout" and "keepalive_requests" directives should be
   used instead.

*) Change: the "http2_max_field_size" and "http2_max_header_size"

Fix PROPFIND fail with 500 on simlinks to non exist file/dir
when nginx compiled with the third-party http_dav_ext module.

Bump PORTREVISION.

PR:	220871

Update the following third-party modules to their recent revisions:
o) drizzle
o) echo

Bump PORTREVISION.

Update the following third-party modules to their recent
commits or versions:

o) aws_auth
o) brotli
o) http_shibboleth
o) set_misc
o) srcache

Bump PORTREVISION.

Merge r558438 from www/nginx, i.e. update the following
third-party modules to their recent versions:
o) fancyindex
o) http_geoip2

Bump PORTREVISION.

Update from 1.19.5 to 1.19.6.

<Changelog>

*) Bugfix: "no live upstreams" errors if a "server" inside "upstream"
   block was marked as "down".

*) Bugfix: a segmentation fault might occur in a worker process if HTTPS
   was used; the bug had appeared in 1.19.5.

*) Bugfix: nginx returned the 400 response on requests like
   "GET http://example.com?args HTTP/1.0".

*) Bugfix: in the ngx_http_flv_module and ngx_http_mp4_module.
   Thanks to Chris Newton.

</Changelog>

Fix a worker process issue by adding the vendor's patch.
Bump PORTREVISION.

Reported by:	Peter Putzer <freebsd@mnd.sc>

<ChangeLog>
SSL: fixed SSL shutdown on lingering close.

Ensure c->recv is properly reset to ngx_recv if SSL_shutdown()
blocks on writing.

The bug had appeared in 554c6ae25ffc.
</ChangeLog>

PR:	251664

Update njs module from 0.4.4 to 0.5.0.
Bump PORTREVISION.

<ChangeLog>
nginx modules:

*) Feature: introduced global "ngx" object.
   The following methods were added:
     ngx.log(level, msg)

   The following properties were added:
     ngx.INFO,
     ngx.WARN,
     ngx.ERR.

Update third-party naxsi module from 1.2 to 1.3.

ChangeLog:	https://github.com/nbs-system/naxsi/compare/1.2...1.3

Bump PORTREVISION.

Update third-party passenger module from 6.0.6 to 6.0.7.

ChangeLog:	https://github.com/phusion/passenger/compare/release-6.0.6...release-6.0.7

Bump PORTREVISION.

Update from 1.19.4 to 1.19.5.

<Changelog>

*) Feature: the -e switch.

*) Feature: the same source files can now be specified in different
   modules while building addon modules.

*) Bugfix: SSL shutdown did not work when lingering close was used.

*) Bugfix: "upstream sent frame for closed stream" errors might occur
   when working with gRPC backends.

*) Bugfix: in request body filters internal API.

</Changelog>

Update third-partu link function module from 3.2.3 to 3.2.4.

Bump PORTREVISION.

Update third-party naxsi module from 1.1a to 1.2.

Bump PORTREVISION.

Update third-partu lua module to the recent version.

Bump PORTREVISION.

Update the kernel TLS patch to make all hunks succeeded.
Bump PORTREVISION.

Update from 1.19.3 to 1.19.4.
Remove needless patches.

<Changelog>

*) Feature: the "ssl_conf_command", "proxy_ssl_conf_command",
   "grpc_ssl_conf_command", and "uwsgi_ssl_conf_command" directives.

*) Feature: the "ssl_reject_handshake" directive.

*) Feature: the "proxy_smtp_auth" directive in mail proxy.

</Changelog>

Update third-party naxsi module from 0.56 to 1.1a.
Bump PORTREVISION.

Bump PORTREVISION for www/libjwt shlib change

Actually add the patch for r550845.

Re-add the patch from r550699 to fix build with -fno-common for
the third-party nchan module.

Bump PORTREVISION.

Spotted by:	vanilla

Fix build with -fno-common.
Bump PORTREVISION.

Submitted by:	vanilla

Merge r549093 to fix build with -fno-common.
Bump PORTREVISION.

Spotted by:	vanilla

Update nginx from 1.19.2 to 1.19.3.
Update njs module from 0.4.3 to 0.4.4.

<Changelog for nginx 1.19.3>

*) Feature: the ngx_stream_set_module.

*) Feature: the "proxy_cookie_flags" directive.

*) Feature: the "userid_flags" directive.

*) Bugfix: the "stale-if-error" cache control extension was erroneously
   applied if backend returned a response with status code 500, 502,
   503, 504, 403, 404, or 429.

Add the corresponding library path to the patch for the
third-party http_auth_spnego module.

The third-party http_auth_spnego module may not work with
in-base Kerberos implementation because of gss_locaname()
function usage, so remove the GSSAPI_BASE option from the
GSSAPI radio button.

Bump PORTREVISION.

Update third-party tarantool module to its recent commit.

Bump PORTREVISION.

Update third-party spnego-http-auth module to its recent version.

Bump PORTREVISION.