From nobody Fri Mar 29 00:10:46 2024 X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from apollo.thewebhostserver.com (apollomail.thewebhostserver.com [46.23.65.248]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id 78E24DC00B8 for ; Thu, 18 Sep 2014 03:21:45 +0000 (UTC) Received: from [81.4.121.188] (port=64252 helo=localhost.localdomain) by apollo.thewebhostserver.com with esmtpsa (UNKNOWN:AES128-SHA256:128) (Exim 4.82) (envelope-from ) id 1XUSHW-000LGS-0v; Thu, 18 Sep 2014 04:21:42 +0100 From: Stuart Cardall To: alpine-devel@lists.alpinelinux.org Cc: Stuart Cardall Subject: [alpine-devel] [PATCH] main/nginx-naxsi: new aport Date: Thu, 18 Sep 2014 03:20:50 +0000 Message-Id: <1411010450-6087-1-git-send-email-developer@it-offshore.co.uk> X-Mailer: git-send-email 2.1.0 X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - apollo.thewebhostserver.com X-AntiAbuse: Original Domain - lists.alpinelinux.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - it-offshore.co.uk X-Get-Message-Sender-Via: apollo.thewebhostserver.com: authenticated_id: developer@it-offshore.co.uk X-Source: X-Source-Args: X-Source-Dir: TkdJTlggd2l0aCBuYXhzaSBXQUYgc3VwcG9ydCBodHRwczovL2dpdGh1Yi5jb20vbmJzLXN5c3Rl bS9uYXhzaQ0KDQpCdWlsdCB3aXRoIHRoZSBzYW1lIG1vZHVsZXMgYXMgRGViaWFuICsgU3lzR3Vh cmQgZnJvbSBUZW5naW5lLg0KDQpOZ2lueCBwYXRjaGVkIHRvIGFub255bWlzZSBzZXJ2ZXIgc3Ry aW5ncy4NCg0KV2l0aCB0aGUgV0FGICYgU3lzR3VhcmQgZW5hYmxlZCBuZ2lueC1uYXhzaSBiZW5j aG1hcmtlZCBAIGFwcHJveA0KNjAwIGNvbm5lY3Rpb25zIC8gc2Vjb25kICh0aGUgc2FtZSBhcyB0 aGUgc3RhbmRhcmQgQWxwaW5lIG5naW54IHBrZykuDQpXaXRoIHRoZSBXQUYgZGlzYWJsZWQgNjQw IGNvbm5lY3Rpb25zIC8gc2Vjb25kIChhcyB0aGUgbWFpbCBtb2R1bGVzDQphcmUgcmVtb3ZlZCBh cyBwZXIgdGhlIG5heHNpIGF1dGhvcidzIHJlY29tbWVuZGF0aW9uKS4NCi0tLQ0KIG1haW4vbmdp bngtbmF4c2kvQVBLQlVJTEQgICAgICAgICAgICAgICAgfCAxMjcgKysrKysrKysrKysrKysrKysr KysrKysrKysrKysrKw0KIG1haW4vbmdpbngtbmF4c2kvYW5vbnltaXNlLnBhdGNoICAgICAgICAg fCAgNzYgKysrKysrKysrKysrKysrKysrDQogbWFpbi9uZ2lueC1uYXhzaS9pcHY2LnBhdGNoICAg ICAgICAgICAgICB8ICA0MiArKysrKysrKysrDQogbWFpbi9uZ2lueC1uYXhzaS9tdXNsLWNyeXB0 LWZpeC5wYXRjaCAgICB8ICAxMyArKysrDQogbWFpbi9uZ2lueC1uYXhzaS9uZ2lueC1uYXhzaS5w cmUtaW5zdGFsbCB8ICAgOSArKysNCiBtYWluL25naW54LW5heHNpL25naW54LW5heHNpLnByZS11 cGdyYWRlIHwgICAxICsNCiBtYWluL25naW54LW5heHNpL25naW54LmluaXRkICAgICAgICAgICAg IHwgIDQyICsrKysrKysrKysNCiBtYWluL25naW54LW5heHNpL25naW54LmxvZ3JvdGF0ZSAgICAg ICAgIHwgIDEyICsrKw0KIG1haW4vbmdpbngtbmF4c2kvc3lzZ3VhcmQucGF0Y2ggICAgICAgICAg fCAgMTAgKysrDQogOSBmaWxlcyBjaGFuZ2VkLCAzMzIgaW5zZXJ0aW9ucygrKQ0KIGNyZWF0ZSBt b2RlIDEwMDY0NCBtYWluL25naW54LW5heHNpL0FQS0JVSUxEDQogY3JlYXRlIG1vZGUgMTAwNjQ0 IG1haW4vbmdpbngtbmF4c2kvYW5vbnltaXNlLnBhdGNoDQogY3JlYXRlIG1vZGUgMTAwNjQ0IG1h aW4vbmdpbngtbmF4c2kvaXB2Ni5wYXRjaA0KIGNyZWF0ZSBtb2RlIDEwMDY0NCBtYWluL25naW54 LW5heHNpL211c2wtY3J5cHQtZml4LnBhdGNoDQogY3JlYXRlIG1vZGUgMTAwNjQ0IG1haW4vbmdp bngtbmF4c2kvbmdpbngtbmF4c2kucHJlLWluc3RhbGwNCiBjcmVhdGUgbW9kZSAxMjAwMDAgbWFp bi9uZ2lueC1uYXhzaS9uZ2lueC1uYXhzaS5wcmUtdXBncmFkZQ0KIGNyZWF0ZSBtb2RlIDEwMDY0 NCBtYWluL25naW54LW5heHNpL25naW54LmluaXRkDQogY3JlYXRlIG1vZGUgMTAwNjQ0IG1haW4v bmdpbngtbmF4c2kvbmdpbngubG9ncm90YXRlDQogY3JlYXRlIG1vZGUgMTAwNjQ0IG1haW4vbmdp bngtbmF4c2kvc3lzZ3VhcmQucGF0Y2gNCg0KZGlmZiAtLWdpdCBhL21haW4vbmdpbngtbmF4c2kv QVBLQlVJTEQgYi9tYWluL25naW54LW5heHNpL0FQS0JVSUxEDQpuZXcgZmlsZSBtb2RlIDEwMDY0 NA0KaW5kZXggMDAwMDAwMC4uYTdlYzVjYQ0KLS0tIC9kZXYvbnVsbA0KKysrIGIvbWFpbi9uZ2lu eC1uYXhzaS9BUEtCVUlMRA0KQEAgLTAsMCArMSwxMjcgQEANCisjIE1haW50YWluZXI6IENhbWVy b24gQmFudGEgPGNiYW50YUBnbWFpbC5jb20+DQorIyBDb250cmlidXRvcjogSmVmZiBCaWx5ayA8 amJpbHlrQGdtYWlsLmNvbT4NCisjIENvbnRyaWJ1dG9yOiBCYXJ0xYJvbWllaiBQaW90cm93c2tp IDxub3NwYW1AYnBpb3Ryb3dza2kucGw+DQorIyBDb250cmlidXRvcjogU3R1YXJ0IENhcmRhbGwg PGRldmVsb3BlckBpdC1vZmZzaG9yZS5jby51az4NCisNCitwa2duYW1lPW5naW54LW5heHNpDQor X3BrZ25hbWU9bmdpbngNCitwa2d2ZXI9MS42LjENCitfbmd4X25heHNpX3Zlcj0wLjUzLTINCitf bmd4X2NhY2hlX3B1cmdlX3Zlcj0yLjENCitwa2dyZWw9MA0KK3BrZ2Rlc2M9ImxpZ2h0d2VpZ2h0 IEhUVFAgYW5kIHJldmVyc2UgcHJveHkgc2VydmVyIHdpdGggTmF4c2kgV0FGIHN1cHBvcnQsIHNl ZSBhbHNvICduYXhzaS11dGlscyciDQordXJsPSJodHRwOi8vd3d3Lm5naW54Lm9yZyB8IGh0dHBz Oi8vZ2l0aHViLmNvbS9uYnMtc3lzdGVtL25heHNpIg0KK2FyY2g9ImFsbCINCitsaWNlbnNlPSJD dXN0b20iDQoraW5zdGFsbD0iJHBrZ25hbWUucHJlLWluc3RhbGwgJHBrZ25hbWUucHJlLXVwZ3Jh ZGUiDQorZGVwZW5kcz0iIW5naW54Ig0KK21ha2VkZXBlbmRzPSJwY3JlLWRldiBvcGVuc3NsLWRl diB6bGliLWRldiBwYXhjdGwiDQorc291cmNlPSJodHRwOi8vbmdpbngub3JnL2Rvd25sb2FkLyRf cGtnbmFtZS0kcGtndmVyLnRhci5neg0KKwluYXhzaS0kX25neF9uYXhzaV92ZXIudGFyLmd6Ojpo dHRwczovL2dpdGh1Yi5jb20vbmJzLXN5c3RlbS9uYXhzaS9hcmNoaXZlLyRfbmd4X25heHNpX3Zl ci50YXIuZ3oNCisJbmd4X2NhY2hlX3B1cmdlLSRfbmd4X2NhY2hlX3B1cmdlX3Zlci50YXIuZ3o6 Omh0dHBzOi8vZ2l0aHViLmNvbS9GUmlDS0xFL25neF9jYWNoZV9wdXJnZS9hcmNoaXZlLzIuMS50 YXIuZ3oNCisJdXBzdHJlYW0tZmFpci56aXA6Omh0dHBzOi8vZ2l0aHViLmNvbS9nbm9zZWsvbmdp bngtdXBzdHJlYW0tZmFpci9hcmNoaXZlL21hc3Rlci56aXANCisJc3lzZ3VhcmQuemlwOjpodHRw czovL2dpdGh1Yi5jb20vYWxpYmFiYS9uZ2lueC1odHRwLXN5c2d1YXJkL2FyY2hpdmUvbWFzdGVy LnppcA0KKw0KKwlhbm9ueW1pc2UucGF0Y2gNCisJbXVzbC1jcnlwdC1maXgucGF0Y2gNCisJaXB2 Ni5wYXRjaA0KKwlzeXNndWFyZC5wYXRjaA0KKw0KKwluZ2lueC5pbml0ZA0KKwluZ2lueC5sb2dy b3RhdGUNCisJIg0KKw0KK19idWlsZGRpcj0iJHNyY2RpciIvJF9wa2duYW1lLSRwa2d2ZXINCisN CitwcmVwYXJlKCkgew0KKwlsb2NhbCBpDQorCWNkICIkX2J1aWxkZGlyIg0KKwlmb3IgaSBpbiAk c291cmNlOyBkbw0KKwkJY2FzZSAkaSBpbg0KKwkJKi5wYXRjaCkgbXNnICRpOyBwYXRjaCAtcDEg LWkgIiRzcmNkaXIiLyRpIHx8IHJldHVybiAxOzsNCisJCWVzYWMNCisJZG9uZQ0KK30NCisNCiti dWlsZCgpIHsNCisJY2QgIiRfYnVpbGRkaXIiDQorCS4vY29uZmlndXJlIFwNCisJCS0tYWRkLW1v ZHVsZT0iJHNyY2Rpci9uYXhzaS0kX25neF9uYXhzaV92ZXIvbmF4c2lfc3JjIiBcDQorCQktLWFk ZC1tb2R1bGU9IiRzcmNkaXIvbmdpbngtaHR0cC1zeXNndWFyZC1tYXN0ZXIiIFwNCisJCS0tcHJl Zml4PS91c3IgXA0KKwkJLS1jb25mLXBhdGg9L2V0Yy8kX3BrZ25hbWUvJF9wa2duYW1lLmNvbmYg XA0KKwkJLS1waWQtcGF0aD0vdmFyL3J1bi8kX3BrZ25hbWUucGlkIFwNCisJCS0tbG9jay1wYXRo PS92YXIvcnVuLyRfcGtnbmFtZS5sb2NrIFwNCisJCS0tZXJyb3ItbG9nLXBhdGg9L3Zhci9sb2cv JF9wa2duYW1lL2Vycm9yLmxvZyBcDQorCQktLWh0dHAtbG9nLXBhdGg9L3Zhci9sb2cvJF9wa2du YW1lL2FjY2Vzcy5sb2cgXA0KKwkJLS1odHRwLWNsaWVudC1ib2R5LXRlbXAtcGF0aD0vdG1wLyRf cGtnbmFtZS9jbGllbnQtYm9keSBcDQorCQktLWh0dHAtcHJveHktdGVtcC1wYXRoPS90bXAvJF9w a2duYW1lL3Byb3h5IFwNCisJCS0taHR0cC1mYXN0Y2dpLXRlbXAtcGF0aD0vdG1wLyRfcGtnbmFt ZS9mYXN0Y2dpIFwNCisJCS0tdXNlcj1uZ2lueCBcDQorCQktLWdyb3VwPW5naW54IFwNCisJCS0t d2l0aC1pcHY2IFwNCisJCS0td2l0aC1wY3JlLWppdCBcDQorCQktLXdpdGgtaHR0cF9zc2xfbW9k dWxlIFwNCisJCS0td2l0aC1odHRwX2d6aXBfc3RhdGljX21vZHVsZSBcDQorCQktLXdpdGgtaHR0 cF9zcGR5X21vZHVsZSBcDQorCQktLXdpdGhvdXQtbWFpbF9wb3AzX21vZHVsZSBcDQorCQktLXdp dGhvdXQtbWFpbF9zbXRwX21vZHVsZSBcDQorCQktLXdpdGhvdXQtbWFpbF9pbWFwX21vZHVsZSBc DQorCQktLXdpdGhvdXQtaHR0cF91d3NnaV9tb2R1bGUgXA0KKwkJLS13aXRob3V0LWh0dHBfc2Nn aV9tb2R1bGUgXA0KKwkJLS13aXRoLWh0dHBfcmVhbGlwX21vZHVsZSBcDQorCQktLXdpdGgtaHR0 cF9zdHViX3N0YXR1c19tb2R1bGUgXA0KKwkJLS13aXRoLWh0dHBfYXV0aF9yZXF1ZXN0X21vZHVs ZSBcDQorCQktLWFkZC1tb2R1bGU9IiRzcmNkaXIvbmd4X2NhY2hlX3B1cmdlLSRfbmd4X2NhY2hl X3B1cmdlX3ZlciIgXA0KKwkJLS1hZGQtbW9kdWxlPSIkc3JjZGlyL25naW54LXVwc3RyZWFtLWZh aXItbWFzdGVyIiBcDQorCQl8fCByZXR1cm4gMQ0KKwltYWtlIHx8IHJldHVybiAxDQorfQ0KKw0K K3BhY2thZ2UoKSB7DQorCWNkICIkX2J1aWxkZGlyIg0KKwltYWtlIERFU1RESVI9IiRwa2dkaXIi IGluc3RhbGwNCisNCisJbG9jYWwgcGF4ZmxhZ3M9Ii1tIg0KKwlbICIkQ0FSQ0giID0gIng4NiIg XSAmJiBwYXhmbGFncz0iLW1zcCINCisJcGF4Y3RsIC1jICRwYXhmbGFncyAiJHBrZ2RpciIvdXNy L3NiaW4vbmdpbnggfHwgcmV0dXJuIDENCisNCisJaW5zdGFsbCAtbTc1NSAtRCAiJHNyY2RpciIv JF9wa2duYW1lLmluaXRkICIkcGtnZGlyIi9ldGMvaW5pdC5kLyRfcGtnbmFtZQ0KKwlpbnN0YWxs IC1tNjQ0IC1EICIkc3JjZGlyIi8kX3BrZ25hbWUubG9ncm90YXRlICIkcGtnZGlyIi9ldGMvbG9n cm90YXRlLmQvJF9wa2duYW1lDQorDQorCWluc3RhbGwgLW02NDQgLUQgTElDRU5TRSAiJHBrZ2Rp ciIvdXNyL3NoYXJlL2xpY2Vuc2VzLyRwa2duYW1lL0xJQ0VOU0UNCisJaW5zdGFsbCAtbTY0NCAt RCAiJHNyY2RpciIvbmF4c2ktJF9uZ3hfbmF4c2lfdmVyL25heHNpX2NvbmZpZy9uYXhzaV9jb3Jl LnJ1bGVzICIkcGtnZGlyIi9ldGMvbmdpbngvbmF4c2lfY29yZS5ydWxlcw0KK30NCittZDVzdW1z PSI0NWU1YTExZjQ4YjAwMTY0NDY3NmY3NzY3OTgwYTJiZiAgbmdpbngtMS42LjEudGFyLmd6DQor MzQ4YjUwOTE0YTFlZWRhZWQwOWEyNTA5NjIxYWRmNDMgIG5heHNpLTAuNTMtMi50YXIuZ3oNCitl NjNjMGZmNjViZTIzZjg3N2E5OTc1YTY1Mjk4ZThmZSAgbmd4X2NhY2hlX3B1cmdlLTIuMS50YXIu Z3oNCisyYzg1MzdlMmM2ZWIxMWJhZWJkMjZkODYzZDUyOGQ2NCAgdXBzdHJlYW0tZmFpci56aXAN CithNzJhMGVjMTE3NmI0N2M2Y2VlY2MzYjMwYzg1ZDA3YyAgc3lzZ3VhcmQuemlwDQorYTA3NTY5 YjhhMDIzZjFiODlkY2QxMWUwYmVkYTRkZjYgIGFub255bWlzZS5wYXRjaA0KKzNhZWI0ODg5MjEx MDllNjBkMDJlZDY0ZDM2NzkwYWViICBtdXNsLWNyeXB0LWZpeC5wYXRjaA0KKzgwMWE4N2Y3Zjlk MjdmOGFkODViNDFhNzhiNGM0NDYxICBpcHY2LnBhdGNoDQorNTAzNTdiNzUwNDlkODc4YzBiY2Nl MTBkMGM2MGY5ZWQgIHN5c2d1YXJkLnBhdGNoDQorYTAwNDAzYTc2NDQ3OGY1NDU5ZDg1MGJiMzg3 Y2ExOWIgIG5naW54LmluaXRkDQorODgyMzI3NGE4MzQzMzJkM2RiNGY2MmJmN2RkMWZiN2QgIG5n aW54LmxvZ3JvdGF0ZSINCitzaGEyNTZzdW1zPSJmNWNmZTY4MmExYWVlZjQ2MDJjMmNhNzA1NDAy ZDUwNDliNzQ4Zjk0NjU2M2Y0MWQ4MjU2YzE4Njc0ODM2MDY3ICBuZ2lueC0xLjYuMS50YXIuZ3oN CiszZWFkZmYxZDkxOTk1YmVhZTQxYjkyNzMzYWRlMjgwOTFjMjA3NWEyNGFlMzcwNThmNGQ2YWE5 MGIwZjRiNjYwICBuYXhzaS0wLjUzLTIudGFyLmd6DQorYzhkNjdiOWMwZWQ3ZWMyMzMxNTA3MWRm MzUyZTk1YjY5ZTlmMTQyODVjZDdmODg4M2QyNmE3ZmRhMjM3YmQ4NyAgbmd4X2NhY2hlX3B1cmdl LTIuMS50YXIuZ3oNCitlN2M0MjA4ZjE5MTc1ZGI4OTZkZDJhZWRlOTMyNjk2MDMxNGZjMTMxYzNh ODgyOWIxOWQzMDI0ZDQ3NTU2MmNmICB1cHN0cmVhbS1mYWlyLnppcA0KKzgwMDUzNmViOWYyNjll MTQ3ODUwMDc1OGU4NTllZjdjNGI0Yzc4NTI1ODBmMmFlZWU4ZDdlYjRjMWZiNTFmMTggIHN5c2d1 YXJkLnppcA0KKzE5MjNlYmRiNGE2NGEyMmY4OTAzYzNkYTYxOTY3N2JkM2FhZjc2OWM5OWJlZTFh YTQyNjJlZGFjNThmMDViYTMgIGFub255bWlzZS5wYXRjaA0KKzhjMzk4NjQwYmQzNzljMWM2YTJm YWZjZDJiMzg0OGE3MjkwMmU0NzkyNGU4ZTI0OTBiMzEyYzE0MWVlYzVkNzAgIG11c2wtY3J5cHQt Zml4LnBhdGNoDQorYTI0ZWY1ODQzYWUwYWZhNTM4YjAwYzM3ZWI3ZGE3ODcwZjlkN2YxNDZmNTJh OTY2ODY3OGY3Mjk2Y2Y3MWQ5YiAgaXB2Ni5wYXRjaA0KKzE4MDkwMzI5NDM1YzMyZDkxNjIxYTU5 NDNhY2M1YjhiYmU4OWFhYTNjMmZhMzM0YzNhNGNkZWIwMGVmYjYyMjYgIHN5c2d1YXJkLnBhdGNo DQorNjdkZjc0OGJkN2VmNGYzYzNiNWVlZjlkZDdlM2IzNTJlZjY3MWRkN2NmYjlkYjU2ZTA5NmVl ZDc3YTQ0MmQ2NyAgbmdpbnguaW5pdGQNCitjZWEwYzZmOGRlNTVhNGMzYTNlY2NjNTc5MTBkZTFj MzExNjYzNDA4MmM4ZTViNjYwNjMwZmI5MjdhMjlmMzhkICBuZ2lueC5sb2dyb3RhdGUiDQorc2hh NTEyc3Vtcz0iMDc3NjJhN2IyNWI3NjI0MTQyZTlkODYzM2ViOTUyZTc2Mjc1MDFhMTgzYzgyZGU3 ZjMxYjIwMzM2ZjNmOTk3MTcxYjM2NjEyNGE0MWMwZmJjOGMyYTczZWQ2YzY4ZGIxYTA4NGNhODlj ZjhjNWFkNGYyYmM1ZThlN2M3YmUxMDUgIG5naW54LTEuNi4xLnRhci5neg0KK2FkYTU5MmY1ZTdm ODBhNmQ1NDljYzQzNWVlODcyMGRmMDFhNzg4ZGM4OGNmMjdhN2Q1NTUyMWJiN2U0YzY2ZmExMWI5 ZWMyODIxNmFmZjdlMTNjNzBhNWZhZjEyY2I3NDViZDM5OGI4YTc4MmVkNGRlYTFlZWNkMDRiMDdl MjRjICBuYXhzaS0wLjUzLTIudGFyLmd6DQorOWM5NThjOWNiYzE2MjA2YzAyM2YyZTg3OWJmMzAx MDA1MTE3YTIzNTgxMDQ0Mzk1MTNjMWEzOTY1ODk0YmEyYzAzNWZjNjg1MThjZTdjN2E0ZTIzNTQ4 NDc3ODI2YWMwYzY0MzliZjFkYTRkNDU2MGM5NzJkOWE2YTc1ZjJhMDEgIG5neF9jYWNoZV9wdXJn ZS0yLjEudGFyLmd6DQorYmJlMTMzMGU4NmE5NjUwMzI2ODU4ZDg5M2ExMTQzZGY5YjQzMTg3MzA2 MmI2NGE4OWIwYmVmZGJhY2E5ZjEzNWU4NzIyMjVjN2E3ODc0MjMxNTM3Yzc0ZGE4NWNhOGM1NmFj M2Q4MDczOTIyNzcyMTI0NmMwOTZjZjRmMmI3ZGEgIHVwc3RyZWFtLWZhaXIuemlwDQorYjM2MWE4 MzE2ZDZlMWY0MTlkNjNmMjI5NzU2ZDNhZjA4YjMyZTIzNTE5OTI4NWExOGY4NDc4YmU0MmE1N2E5 YzBiMmZmMTI2ZTcwMThiYTc1MGM2ZTlkMWUzM2JiMDUzZjgzYWFjZDk2ZWJjNWQzYjg3NmJlZGI5 NzNhOTI3MTIgIHN5c2d1YXJkLnppcA0KKzU4OTkwOTdiNmI2ZWQwNGRlYjdhZTQ3NGZiNjUyMDVk OWM1MDg0M2YzMDkyOWMxMzcwYzBjMWQ3MGRmM2YwMmZlNTFiOGVhOTBkM2QyYzNiNGM1M2FlYjM4 OTU3MTc3MjllMGM5NzczYjg4MGNhNTI5ZTg5YTViMDdmYzI2YTViICBhbm9ueW1pc2UucGF0Y2gN CisyMTExNGM3NzVlNGJkZDFmN2I4YjlhYmMxNDMyODQ5NDVlOTZlZDFkOGM0OTkwNGRkZjkxOGFi YWQ4N2IxNjI1M2Y5MThiYTQ3OTc2Y2QyZGYzMmYwZmRiOGE3ZGFkMzk5ZDQyMDBlODc5ZGIyZGE2 Y2Y5M2EyOGFhYjIzNmE3NSAgbXVzbC1jcnlwdC1maXgucGF0Y2gNCis2OGQ2NGE4NDU2OGVjMmRm MDM2NjkyNWFiMjgyYTA1ZWJlMjFhODUwNDRiNmM3ODQ0YTQ3NTczY2ZkOGNjOGVkMTE5Y2M3NzIz NThiYzNmZmYzNmUyZDRmZGY1ODNhNzMwNTkyODI1ZjVmOTg2MzI5OTNjYTg2ZDFmODQzOGQ1ZiAg aXB2Ni5wYXRjaA0KKzJkY2EyYWM3NGZiOTJlMzMwZmRlN2I2YjYxMjBiMmZkMjU2NWMzNzdhNjI5 Yzk1MzZjZjc3YmVlYmU0MWFhNGIwOTJkNDIyOWQ1YjQ4N2IwZmIwMmJlNGYyY2M1Yjg5N2M0Mjlj ODdiYmJiYzdiMGQzMWUxY2JiOTQyMzFkZGNlICBzeXNndWFyZC5wYXRjaA0KKzljNmIzNTdjNDYw OTk4MTg3ZDdhMjZjMGYzYzhhYmM2OWM5MWI1MjNhNmYzNDBjMWY2ZWQzYzg2MzEwMWEzOWVlYjYx ZTkyYjRjZmVjNmEwNGFmMmI0OTVjMzU0YzMzZjIzMmNlNWU1OWVkMjllZGQ2ODU1ZTQzMGNhNzNk MTY4ICBuZ2lueC5pbml0ZA0KKzAxYjc3Y2ZmMTZmNmU4YmZkN2ZhMWQ0ZDIwZjYyNWJiY2RkZDA4 ZjA1MDkxNzM0NTJkMDYwYzM0MmM5M2RjMzE1YTdiMDU2MGY0NzM0MzIzYTVkMjllYTI5NGRlMDQ5 MWYyZTNmMzJlNTMzNzU3NGUxYTI4ZWJjMDA1ZWNlZWE4ICBuZ2lueC5sb2dyb3RhdGUiDQpkaWZm IC0tZ2l0IGEvbWFpbi9uZ2lueC1uYXhzaS9hbm9ueW1pc2UucGF0Y2ggYi9tYWluL25naW54LW5h eHNpL2Fub255bWlzZS5wYXRjaA0KbmV3IGZpbGUgbW9kZSAxMDA2NDQNCmluZGV4IDAwMDAwMDAu LmViZWRjN2YNCi0tLSAvZGV2L251bGwNCisrKyBiL21haW4vbmdpbngtbmF4c2kvYW5vbnltaXNl LnBhdGNoDQpAQCAtMCwwICsxLDc2IEBADQorLS0tIG5naW54LTEuNi4xL3NyYy9odHRwL25neF9o dHRwX2hlYWRlcl9maWx0ZXJfbW9kdWxlLmMNCisrKysgbmdpbngtMS42LjEvc3JjL2h0dHAvbmd4 X2h0dHBfaGVhZGVyX2ZpbHRlcl9tb2R1bGUuYw0KK0BAIC00Niw4ICs0Niw4IEBADQorIH07DQor IA0KKyANCistc3RhdGljIGNoYXIgbmd4X2h0dHBfc2VydmVyX3N0cmluZ1tdID0gIlNlcnZlcjog bmdpbngiIENSTEY7DQorLXN0YXRpYyBjaGFyIG5neF9odHRwX3NlcnZlcl9mdWxsX3N0cmluZ1td ID0gIlNlcnZlcjogIiBOR0lOWF9WRVIgQ1JMRjsNCisrc3RhdGljIGNoYXIgbmd4X2h0dHBfc2Vy dmVyX3N0cmluZ1tdID0gIiI7DQorK3N0YXRpYyBjaGFyIG5neF9odHRwX3NlcnZlcl9mdWxsX3N0 cmluZ1tdID0gIiI7DQorIA0KKyANCisgc3RhdGljIG5neF9zdHJfdCBuZ3hfaHR0cF9zdGF0dXNf bGluZXNbXSA9IHsNCitAQCAtMjc4LDggKzI3OCw4IEBADQorICAgICBjbGNmID0gbmd4X2h0dHBf Z2V0X21vZHVsZV9sb2NfY29uZihyLCBuZ3hfaHR0cF9jb3JlX21vZHVsZSk7DQorIA0KKyAgICAg aWYgKHItPmhlYWRlcnNfb3V0LnNlcnZlciA9PSBOVUxMKSB7DQorLSAgICAgICAgbGVuICs9IGNs Y2YtPnNlcnZlcl90b2tlbnMgPyBzaXplb2Yobmd4X2h0dHBfc2VydmVyX2Z1bGxfc3RyaW5nKSAt IDE6DQorLSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBzaXplb2Yobmd4X2h0 dHBfc2VydmVyX3N0cmluZykgLSAxOw0KKysgICAgICAgIGxlbiArPSBjbGNmLT5zZXJ2ZXJfdG9r ZW5zID8gc2l6ZW9mKG5neF9odHRwX3NlcnZlcl9mdWxsX3N0cmluZykgLSAwOg0KKysgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2l6ZW9mKG5neF9odHRwX3NlcnZlcl9zdHJp bmcpIC0gMDsNCisgICAgIH0NCisgDQorICAgICBpZiAoci0+aGVhZGVyc19vdXQuZGF0ZSA9PSBO VUxMKSB7DQorLS0tIG5naW54LTEuNi4xL3NyYy9odHRwL25neF9odHRwX3NwZHlfZmlsdGVyX21v ZHVsZS5jDQorKysrIG5naW54LTEuNi4xL3NyYy9odHRwL25neF9odHRwX3NwZHlfZmlsdGVyX21v ZHVsZS5jDQorQEAgLTE3NSwxMSArMTc1LDEyIEBADQorIA0KKyAgICAgY2xjZiA9IG5neF9odHRw X2dldF9tb2R1bGVfbG9jX2NvbmYociwgbmd4X2h0dHBfY29yZV9tb2R1bGUpOw0KKyANCistICAg IGlmIChyLT5oZWFkZXJzX291dC5zZXJ2ZXIgPT0gTlVMTCkgew0KKysvKiAgaWYgKHItPmhlYWRl cnNfb3V0LnNlcnZlciA9PSBOVUxMKSB7DQorICAgICAgICAgbGVuICs9IG5neF9odHRwX3NwZHlf bnZfbnNpemUoInNlcnZlciIpOw0KKyAgICAgICAgIGxlbiArPSBjbGNmLT5zZXJ2ZXJfdG9rZW5z ID8gbmd4X2h0dHBfc3BkeV9udl92c2l6ZShOR0lOWF9WRVIpDQorICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgOiBuZ3hfaHR0cF9zcGR5X252X3ZzaXplKCJuZ2lueCIpOw0KKyAg ICAgfQ0KKysqLw0KKyANCisgICAgIGlmIChyLT5oZWFkZXJzX291dC5kYXRlID09IE5VTEwpIHsN CisgICAgICAgICBsZW4gKz0gbmd4X2h0dHBfc3BkeV9udl9uc2l6ZSgiZGF0ZSIpDQorQEAgLTMy Niw3ICszMjcsNyBAQA0KKyANCisgICAgIGNvdW50ID0gMjsNCisgDQorLSAgICBpZiAoci0+aGVh ZGVyc19vdXQuc2VydmVyID09IE5VTEwpIHsNCisrIC8qIGlmIChyLT5oZWFkZXJzX291dC5zZXJ2 ZXIgPT0gTlVMTCkgew0KKyAgICAgICAgIGxhc3QgPSBuZ3hfaHR0cF9zcGR5X252X3dyaXRlX25h bWUobGFzdCwgInNlcnZlciIpOw0KKyAgICAgICAgIGxhc3QgPSBjbGNmLT5zZXJ2ZXJfdG9rZW5z DQorICAgICAgICAgICAgICAgID8gbmd4X2h0dHBfc3BkeV9udl93cml0ZV92YWwobGFzdCwgTkdJ TlhfVkVSKQ0KK0BAIC0zMzQsNiArMzM1LDcgQEANCisgDQorICAgICAgICAgY291bnQrKzsNCisg ICAgIH0NCisrKi8NCisgDQorICAgICBpZiAoci0+aGVhZGVyc19vdXQuZGF0ZSA9PSBOVUxMKSB7 DQorICAgICAgICAgbGFzdCA9IG5neF9odHRwX3NwZHlfbnZfd3JpdGVfbmFtZShsYXN0LCAiZGF0 ZSIpOw0KKy0tLSBuZ2lueC0xLjYuMS9zcmMvaHR0cC9uZ3hfaHR0cF9zcGVjaWFsX3Jlc3BvbnNl LmMNCisrKysgbmdpbngtMS42LjEvc3JjL2h0dHAvbmd4X2h0dHBfc3BlY2lhbF9yZXNwb25zZS5j DQorQEAgLTE5LDE0ICsxOSwxNCBAQA0KKyANCisgDQorIHN0YXRpYyB1X2NoYXIgbmd4X2h0dHBf ZXJyb3JfZnVsbF90YWlsW10gPQ0KKy0iPGhyPjxjZW50ZXI+IiBOR0lOWF9WRVIgIjwvY2VudGVy PiIgQ1JMRg0KKysiPGhyPjxjZW50ZXI+MTI3LjAuMC4xPC9jZW50ZXI+IiBDUkxGDQorICI8L2Jv ZHk+IiBDUkxGDQorICI8L2h0bWw+IiBDUkxGDQorIDsNCisgDQorIA0KKyBzdGF0aWMgdV9jaGFy IG5neF9odHRwX2Vycm9yX3RhaWxbXSA9DQorLSI8aHI+PGNlbnRlcj5uZ2lueDwvY2VudGVyPiIg Q1JMRg0KKysiPGhyPjxjZW50ZXI+bG9jYWxob3N0PC9jZW50ZXI+IiBDUkxGDQorICI8L2JvZHk+ IiBDUkxGDQorICI8L2h0bWw+IiBDUkxGDQorIDsNCmRpZmYgLS1naXQgYS9tYWluL25naW54LW5h eHNpL2lwdjYucGF0Y2ggYi9tYWluL25naW54LW5heHNpL2lwdjYucGF0Y2gNCm5ldyBmaWxlIG1v ZGUgMTAwNjQ0DQppbmRleCAwMDAwMDAwLi45YjA1ZjhmDQotLS0gL2Rldi9udWxsDQorKysgYi9t YWluL25naW54LW5heHNpL2lwdjYucGF0Y2gNCkBAIC0wLDAgKzEsNDIgQEANCistLS0gYS9zcmMv aHR0cC9uZ3hfaHR0cF9jb3JlX21vZHVsZS5jDQorKysrIGIvc3JjL2h0dHAvbmd4X2h0dHBfY29y ZV9tb2R1bGUuYw0KK0BAIC0yNDQyLDcgKzI0NDIsMTEgQEANCisgICAgIG5neF91aW50X3QgICAg ICAgICAgICAgICAgICAgaTsNCisgICAgIG5neF9jb25mX3QgICAgICAgICAgICAgICAgICAgcGNm Ow0KKyAgICAgbmd4X2h0dHBfbW9kdWxlX3QgICAgICAgICAgICptb2R1bGU7DQorKyNpZiAoTkdY X0hBVkVfSU5FVDYpDQorKyAgICBzdHJ1Y3Qgc29ja2FkZHJfaW42ICAgICAgICAgKnNpbjY7DQor KyNlbHNlDQorICAgICBzdHJ1Y3Qgc29ja2FkZHJfaW4gICAgICAgICAgKnNpbjsNCisrI2VuZGlm DQorICAgICBuZ3hfaHR0cF9jb25mX2N0eF90ICAgICAgICAgKmN0eCwgKmh0dHBfY3R4Ow0KKyAg ICAgbmd4X2h0dHBfbGlzdGVuX29wdF90ICAgICAgICBsc29wdDsNCisgICAgIG5neF9odHRwX2Nv cmVfc3J2X2NvbmZfdCAgICAqY3NjZiwgKipjc2NmcDsNCitAQCAtMjUyNiw2ICsyNTMwLDE5IEBA DQorICAgICBpZiAocnYgPT0gTkdYX0NPTkZfT0sgJiYgIWNzY2YtPmxpc3Rlbikgew0KKyAgICAg ICAgIG5neF9tZW16ZXJvKCZsc29wdCwgc2l6ZW9mKG5neF9odHRwX2xpc3Rlbl9vcHRfdCkpOw0K Kw0KKysjaWYgKE5HWF9IQVZFX0lORVQ2KQ0KKysgICAgICAgIHNpbjYgPSAmbHNvcHQudS5zb2Nr YWRkcl9pbjY7DQorKw0KKysgICAgICAgIHNpbjYtPnNpbjZfZmFtaWx5ID0gQUZfSU5FVDY7DQor KyNpZiAoTkdYX1dJTjMyKQ0KKysgICAgICAgIHNpbjYtPnNpbjZfcG9ydCA9IGh0b25zKDgwKTsN CisrI2Vsc2UNCisrICAgICAgICBzaW42LT5zaW42X3BvcnQgPSBodG9ucygoZ2V0dWlkKCkgPT0g MCkgPyA4MCA6IDgwMDApOw0KKysjZW5kaWYNCisrICAgICAgICBzaW42LT5zaW42X2FkZHIgPSBp bjZhZGRyX2FueTsNCisrDQorKyAgICAgICAgbHNvcHQuc29ja2xlbiA9IHNpemVvZihzdHJ1Y3Qg c29ja2FkZHJfaW42KTsNCisrI2Vsc2UNCisgICAgICAgICBzaW4gPSAmbHNvcHQudS5zb2NrYWRk cl9pbjsNCisNCisgICAgICAgICBzaW4tPnNpbl9mYW1pbHkgPSBBRl9JTkVUOw0KK0BAIC0yNTM3 LDYgKzI1NTQsNyBAQA0KKyAgICAgICAgIHNpbi0+c2luX2FkZHIuc19hZGRyID0gSU5BRERSX0FO WTsNCisNCisgICAgICAgICBsc29wdC5zb2NrbGVuID0gc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcl9p bik7DQorKyNlbmRpZg0KKw0KKyAgICAgICAgIGxzb3B0LmJhY2tsb2cgPSBOR1hfTElTVEVOX0JB Q0tMT0c7DQorICAgICAgICAgbHNvcHQucmN2YnVmID0gLTE7DQpkaWZmIC0tZ2l0IGEvbWFpbi9u Z2lueC1uYXhzaS9tdXNsLWNyeXB0LWZpeC5wYXRjaCBiL21haW4vbmdpbngtbmF4c2kvbXVzbC1j cnlwdC1maXgucGF0Y2gNCm5ldyBmaWxlIG1vZGUgMTAwNjQ0DQppbmRleCAwMDAwMDAwLi4yZjEx ZmUyDQotLS0gL2Rldi9udWxsDQorKysgYi9tYWluL25naW54LW5heHNpL211c2wtY3J5cHQtZml4 LnBhdGNoDQpAQCAtMCwwICsxLDEzIEBADQorLS0tIG5naW54LTEuNC40L3NyYy9vcy91bml4L25n eF91c2VyLmMub3JpZw0KKysrKyBuZ2lueC0xLjQuNC9zcmMvb3MvdW5peC9uZ3hfdXNlci5jDQor QEAgLTMxLDggKzMxLDEwIEBADQorICAgICBzdHJ1Y3QgY3J5cHRfZGF0YSAgIGNkOw0KKyANCisg ICAgIGNkLmluaXRpYWxpemVkID0gMDsNCisrI2lmZGVmIF9fR0xJQkNfXw0KKyAgICAgLyogd29y ayBhcm91bmQgdGhlIGdsaWJjIGJ1ZyAqLw0KKyAgICAgY2QuY3VycmVudF9zYWx0WzBdID0gfnNh bHRbMF07DQorKyNlbmRpZg0KKyANCisgICAgIHZhbHVlID0gY3J5cHRfcigoY2hhciAqKSBrZXks IChjaGFyICopIHNhbHQsICZjZCk7DQorIA0KZGlmZiAtLWdpdCBhL21haW4vbmdpbngtbmF4c2kv bmdpbngtbmF4c2kucHJlLWluc3RhbGwgYi9tYWluL25naW54LW5heHNpL25naW54LW5heHNpLnBy ZS1pbnN0YWxsDQpuZXcgZmlsZSBtb2RlIDEwMDY0NA0KaW5kZXggMDAwMDAwMC4uNTViNWJmYw0K LS0tIC9kZXYvbnVsbA0KKysrIGIvbWFpbi9uZ2lueC1uYXhzaS9uZ2lueC1uYXhzaS5wcmUtaW5z dGFsbA0KQEAgLTAsMCArMSw5IEBADQorIyEvYmluL3NoDQorDQorYWRkZ3JvdXAgLWcgODIgLVMg d3d3LWRhdGEgMj4vZGV2L251bGwNCithZGRncm91cCAtUyBuZ2lueCAyPi9kZXYvbnVsbA0KK2Fk ZHVzZXIgLVMgLUcgbmdpbnggLUggLWggL3Zhci93d3cvbG9jYWxob3N0L2h0ZG9jcyAtcyAvc2Jp bi9ub2xvZ2luIFwNCisJLUQgbmdpbnggMj4vZGV2L251bGwNCithZGRncm91cCBuZ2lueCB3d3ct ZGF0YSAyPi9kZXYvbnVsbA0KKw0KK2V4aXQgMA0KZGlmZiAtLWdpdCBhL21haW4vbmdpbngtbmF4 c2kvbmdpbngtbmF4c2kucHJlLXVwZ3JhZGUgYi9tYWluL25naW54LW5heHNpL25naW54LW5heHNp LnByZS11cGdyYWRlDQpuZXcgZmlsZSBtb2RlIDEyMDAwMA0KaW5kZXggMDAwMDAwMC4uMzY0ZTBi OQ0KLS0tIC9kZXYvbnVsbA0KKysrIGIvbWFpbi9uZ2lueC1uYXhzaS9uZ2lueC1uYXhzaS5wcmUt dXBncmFkZQ0KQEAgLTAsMCArMSBAQA0KK25naW54LW5heHNpLnByZS1pbnN0YWxsDQpcIE5vIG5l d2xpbmUgYXQgZW5kIG9mIGZpbGUNCmRpZmYgLS1naXQgYS9tYWluL25naW54LW5heHNpL25naW54 LmluaXRkIGIvbWFpbi9uZ2lueC1uYXhzaS9uZ2lueC5pbml0ZA0KbmV3IGZpbGUgbW9kZSAxMDA2 NDQNCmluZGV4IDAwMDAwMDAuLmNlMmI3YjgNCi0tLSAvZGV2L251bGwNCisrKyBiL21haW4vbmdp bngtbmF4c2kvbmdpbnguaW5pdGQNCkBAIC0wLDAgKzEsNDIgQEANCisjIS9zYmluL3J1bnNjcmlw dA0KKw0KK2V4dHJhX3N0YXJ0ZWRfY29tbWFuZHM9InJlbG9hZCINCitleHRyYV9jb21tYW5kcz0i Y29uZmlndGVzdCINCisNCitkZXBlbmQoKSB7DQorCW5lZWQgbmV0DQorCXVzZSBkbnMgbG9nZ2Vy IG5ldG1vdW50DQorfQ0KKw0KK0NPTkZGSUxFPSR7Q09ORkZJTEU6LS9ldGMvbmdpbngvJHtTVkNO QU1FfS5jb25mfQ0KK1BJREZJTEU9JHtQSURGSUxFOi0vdmFyL3J1bi8ke1NWQ05BTUV9LnBpZH0N CisNCitjb25maWd0ZXN0KCkgew0KKwllYmVnaW4gIkNoZWNraW5nICR7U1ZDTkFNRX0gY29uZmln dXJhdGlvbiINCisJbWtkaXIgLXAgL3RtcC9uZ2lueA0KKwkvdXNyL3NiaW4vbmdpbnggLWMgJHtD T05GRklMRX0gLXQNCisJZWVuZCAkPyAiZmFpbGVkLCBwbGVhc2UgY29ycmVjdCBlcnJvcnMgYWJv dmUiDQorfQ0KKw0KK3N0YXJ0KCkgew0KKwljb25maWd0ZXN0IHx8IHJldHVybiAxDQorCWViZWdp biAiU3RhcnRpbmcgJHtTVkNOQU1FfSINCisJc3RhcnQtc3RvcC1kYWVtb24gLS1zdGFydCAtLXBp ZGZpbGUgIiR7UElERklMRX0iIFwNCisJCS0tZXhlYyAvdXNyL3NiaW4vbmdpbnggLS0gLWMgJHtD T05GRklMRX0gLWcgInBpZCAke1BJREZJTEV9OyINCisJZWVuZCAkPyAiRmFpbGVkIHRvIHN0YXJ0 ICR7U1ZDTkFNRX0iDQorfQ0KKw0KK3N0b3AoKSB7DQorCWNvbmZpZ3Rlc3QgfHwgcmV0dXJuIDEN CisJZWJlZ2luICJTdG9wcGluZyAke1NWQ05BTUV9Ig0KKwlzdGFydC1zdG9wLWRhZW1vbiAtLXN0 b3AgLS1waWRmaWxlICIke1BJREZJTEV9Ig0KKwllZW5kICQ/ICJGYWlsZWQgdG8gc3RvcCAke1NW Q05BTUV9Ig0KKwlybSAtZiAiJHtQSURGSUxFfSINCit9DQorDQorcmVsb2FkKCkgew0KKwljb25m aWd0ZXN0IHx8IHJldHVybiAxDQorCWViZWdpbiAiUmVmcmVzaGluZyAke1NWQ05BTUV9IGNvbmZp Z3VyYXRpb24iDQorCWtpbGwgLUhVUCAkKGNhdCAiJHtQSURGSUxFfSIpICY+L2Rldi9udWxsDQor CWVlbmQgJD8gIkZhaWxlZCB0byByZWxvYWQgbmdpbngiDQorfQ0KZGlmZiAtLWdpdCBhL21haW4v bmdpbngtbmF4c2kvbmdpbngubG9ncm90YXRlIGIvbWFpbi9uZ2lueC1uYXhzaS9uZ2lueC5sb2dy b3RhdGUNCm5ldyBmaWxlIG1vZGUgMTAwNjQ0DQppbmRleCAwMDAwMDAwLi43Nzc4YjExDQotLS0g L2Rldi9udWxsDQorKysgYi9tYWluL25naW54LW5heHNpL25naW54LmxvZ3JvdGF0ZQ0KQEAgLTAs MCArMSwxMiBAQA0KKyMgQ29weXJpZ2h0IDE5OTktMjAxMCBHZW50b28gRm91bmRhdGlvbg0KKyMg RGlzdHJpYnV0ZWQgdW5kZXIgdGhlIHRlcm1zIG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGlj ZW5zZSB2Mg0KKyMgJEhlYWRlcjogL3Zhci9jdnNyb290L2dlbnRvby14ODYvd3d3LXNlcnZlcnMv bmdpbngvZmlsZXMvbmdpbngubG9ncm90YXRlLHYgMS4xIDIwMTAvMDEvMDMgMjA6Mjk6NDAgZGpj IEV4cCAkDQorDQorL3Zhci9sb2cvbmdpbngvKi5sb2cgew0KKwltaXNzaW5nb2sNCisJc2hhcmVk c2NyaXB0cw0KKwlwb3N0cm90YXRlDQorCQlraWxsIC1VU1IxIGBjYXQgL3Zhci9ydW4vbmdpbngu cGlkYA0KKwllbmRzY3JpcHQNCit9DQorDQpkaWZmIC0tZ2l0IGEvbWFpbi9uZ2lueC1uYXhzaS9z eXNndWFyZC5wYXRjaCBiL21haW4vbmdpbngtbmF4c2kvc3lzZ3VhcmQucGF0Y2gNCm5ldyBmaWxl IG1vZGUgMTAwNjQ0DQppbmRleCAwMDAwMDAwLi5iZThiMGQyDQotLS0gL2Rldi9udWxsDQorKysg Yi9tYWluL25naW54LW5heHNpL3N5c2d1YXJkLnBhdGNoDQpAQCAtMCwwICsxLDEwIEBADQorLS0t IGEvc3JjL2h0dHAvbmd4X2h0dHBfcmVxdWVzdC5oDQorKysrIGIvc3JjL2h0dHAvbmd4X2h0dHBf cmVxdWVzdC5oDQorQEAgLTQ5OCw2ICs0OTgsNyBAQA0KKyAgICAgICovDQorICAgICB1bnNpZ25l ZCAgICAgICAgICAgICAgICAgICAgICAgICAgbGltaXRfY29ubl9zZXQ6MTsNCisgICAgIHVuc2ln bmVkICAgICAgICAgICAgICAgICAgICAgICAgICBsaW1pdF9yZXFfc2V0OjE7DQorKyAgICB1bnNp Z25lZCAgICAgICAgICAgICAgICAgICAgICAgICAgc3lzZ3VhcmRfc2V0OjE7DQorIA0KKyAjaWYg MA0KKyAgICAgdW5zaWduZWQgICAgICAgICAgICAgICAgICAgICAgICAgIGNhY2hlYWJsZToxOw0K LS0gDQoyLjEuMA0KDQoNCg0KLS0tDQpVbnN1YnNjcmliZTogIGFscGluZS1kZXZlbCt1bnN1YnNj cmliZUBsaXN0cy5hbHBpbmVsaW51eC5vcmcNCkhlbHA6ICAgICAgICAgYWxwaW5lLWRldmVsK2hl bHBAbGlzdHMuYWxwaW5lbGludXgub3JnDQotLS0NCg== From nobody Fri Mar 29 00:10:46 2024 X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from ncopa-desktop.alpinelinux.org (3.203.202.84.customer.cdi.no [84.202.203.3]) (using SSLv3 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: n@tanael.org) by mail.alpinelinux.org (Postfix) with ESMTPSA id C8FBEDC006B; Thu, 18 Sep 2014 09:46:51 +0000 (UTC) Date: Thu, 18 Sep 2014 11:46:47 +0200 From: Natanael Copa To: Stuart Cardall Cc: alpine-devel@lists.alpinelinux.org Subject: Re: [alpine-devel] [PATCH] main/nginx-naxsi: new aport Message-ID: <20140918114647.33da7f82@ncopa-desktop.alpinelinux.org> In-Reply-To: <1411010450-6087-1-git-send-email-developer@it-offshore.co.uk> References: <1411010450-6087-1-git-send-email-developer@it-offshore.co.uk> X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.23; x86_64-alpine-linux-musl) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Thu, 18 Sep 2014 03:20:50 +0000 Stuart Cardall wrote: > NGINX with naxsi WAF support https://github.com/nbs-system/naxsi >=20 > Built with the same modules as Debian + SysGuard from Tengine. >=20 > Nginx patched to anonymise server strings. >=20 > With the WAF & SysGuard enabled nginx-naxsi benchmarked @ approx > 600 connections / second (the same as the standard Alpine nginx pkg). > With the WAF disabled 640 connections / second (as the mail modules > are removed as per the naxsi author's recommendation). we have already nginx and nginx-lua. I don't think we want maintain 1000 nginx variants of all kinds of module combinations. problem is upstream nginx that does not really support dynamically linked plugins. I wonder if we could favor tengine which seems to be nginx-with-plugins-done-right. > --- > main/nginx-naxsi/APKBUILD | 127 +++++++++++++++++++++++++= ++++++ new aports should always got to testing first. I moved it there and updated the commit message Thanks! -nc > main/nginx-naxsi/anonymise.patch | 76 ++++++++++++++++++ > main/nginx-naxsi/ipv6.patch | 42 ++++++++++ > main/nginx-naxsi/musl-crypt-fix.patch | 13 ++++ > main/nginx-naxsi/nginx-naxsi.pre-install | 9 +++ > main/nginx-naxsi/nginx-naxsi.pre-upgrade | 1 + > main/nginx-naxsi/nginx.initd | 42 ++++++++++ > main/nginx-naxsi/nginx.logrotate | 12 +++ > main/nginx-naxsi/sysguard.patch | 10 +++ > 9 files changed, 332 insertions(+) > create mode 100644 main/nginx-naxsi/APKBUILD > create mode 100644 main/nginx-naxsi/anonymise.patch > create mode 100644 main/nginx-naxsi/ipv6.patch > create mode 100644 main/nginx-naxsi/musl-crypt-fix.patch > create mode 100644 main/nginx-naxsi/nginx-naxsi.pre-install > create mode 120000 main/nginx-naxsi/nginx-naxsi.pre-upgrade > create mode 100644 main/nginx-naxsi/nginx.initd > create mode 100644 main/nginx-naxsi/nginx.logrotate > create mode 100644 main/nginx-naxsi/sysguard.patch >=20 > diff --git a/main/nginx-naxsi/APKBUILD b/main/nginx-naxsi/APKBUILD > new file mode 100644 > index 0000000..a7ec5ca > --- /dev/null > +++ b/main/nginx-naxsi/APKBUILD > @@ -0,0 +1,127 @@ > +# Maintainer: Cameron Banta > +# Contributor: Jeff Bilyk > +# Contributor: Bart*omiej Piotrowski > +# Contributor: Stuart Cardall > + > +pkgname=3Dnginx-naxsi > +_pkgname=3Dnginx > +pkgver=3D1.6.1 > +_ngx_naxsi_ver=3D0.53-2 > +_ngx_cache_purge_ver=3D2.1 > +pkgrel=3D0 > +pkgdesc=3D"lightweight HTTP and reverse proxy server with Naxsi WAF supp= ort, see also 'naxsi-utils'" > +url=3D"http://www.nginx.org | https://github.com/nbs-system/naxsi" > +arch=3D"all" > +license=3D"Custom" > +install=3D"$pkgname.pre-install $pkgname.pre-upgrade" > +depends=3D"!nginx" > +makedepends=3D"pcre-dev openssl-dev zlib-dev paxctl" > +source=3D"http://nginx.org/download/$_pkgname-$pkgver.tar.gz > + naxsi-$_ngx_naxsi_ver.tar.gz::https://github.com/nbs-system/naxsi/archi= ve/$_ngx_naxsi_ver.tar.gz > + ngx_cache_purge-$_ngx_cache_purge_ver.tar.gz::https://github.com/FRiCKL= E/ngx_cache_purge/archive/2.1.tar.gz > + upstream-fair.zip::https://github.com/gnosek/nginx-upstream-fair/archiv= e/master.zip > + sysguard.zip::https://github.com/alibaba/nginx-http-sysguard/archive/ma= ster.zip > + > + anonymise.patch > + musl-crypt-fix.patch > + ipv6.patch > + sysguard.patch > + > + nginx.initd > + nginx.logrotate > + " > + > +_builddir=3D"$srcdir"/$_pkgname-$pkgver > + > +prepare() { > + local i > + cd "$_builddir" > + for i in $source; do > + case $i in > + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; > + esac > + done > +} > + > +build() { > + cd "$_builddir" > + ./configure \ > + --add-module=3D"$srcdir/naxsi-$_ngx_naxsi_ver/naxsi_src" \ > + --add-module=3D"$srcdir/nginx-http-sysguard-master" \ > + --prefix=3D/usr \ > + --conf-path=3D/etc/$_pkgname/$_pkgname.conf \ > + --pid-path=3D/var/run/$_pkgname.pid \ > + --lock-path=3D/var/run/$_pkgname.lock \ > + --error-log-path=3D/var/log/$_pkgname/error.log \ > + --http-log-path=3D/var/log/$_pkgname/access.log \ > + --http-client-body-temp-path=3D/tmp/$_pkgname/client-body \ > + --http-proxy-temp-path=3D/tmp/$_pkgname/proxy \ > + --http-fastcgi-temp-path=3D/tmp/$_pkgname/fastcgi \ > + --user=3Dnginx \ > + --group=3Dnginx \ > + --with-ipv6 \ > + --with-pcre-jit \ > + --with-http_ssl_module \ > + --with-http_gzip_static_module \ > + --with-http_spdy_module \ > + --without-mail_pop3_module \ > + --without-mail_smtp_module \ > + --without-mail_imap_module \ > + --without-http_uwsgi_module \ > + --without-http_scgi_module \ > + --with-http_realip_module \ > + --with-http_stub_status_module \ > + --with-http_auth_request_module \ > + --add-module=3D"$srcdir/ngx_cache_purge-$_ngx_cache_purge_ver" \ > + --add-module=3D"$srcdir/nginx-upstream-fair-master" \ > + || return 1 > + make || return 1 > +} > + > +package() { > + cd "$_builddir" > + make DESTDIR=3D"$pkgdir" install > + > + local paxflags=3D"-m" > + [ "$CARCH" =3D "x86" ] && paxflags=3D"-msp" > + paxctl -c $paxflags "$pkgdir"/usr/sbin/nginx || return 1 > + > + install -m755 -D "$srcdir"/$_pkgname.initd "$pkgdir"/etc/init.d/$_pkgna= me > + install -m644 -D "$srcdir"/$_pkgname.logrotate "$pkgdir"/etc/logrotate.= d/$_pkgname > + > + install -m644 -D LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE > + install -m644 -D "$srcdir"/naxsi-$_ngx_naxsi_ver/naxsi_config/naxsi_cor= e.rules "$pkgdir"/etc/nginx/naxsi_core.rules > +} > +md5sums=3D"45e5a11f48b001644676f7767980a2bf nginx-1.6.1.tar.gz > +348b50914a1eedaed09a2509621adf43 naxsi-0.53-2.tar.gz > +e63c0ff65be23f877a9975a65298e8fe ngx_cache_purge-2.1.tar.gz > +2c8537e2c6eb11baebd26d863d528d64 upstream-fair.zip > +a72a0ec1176b47c6ceecc3b30c85d07c sysguard.zip > +a07569b8a023f1b89dcd11e0beda4df6 anonymise.patch > +3aeb488921109e60d02ed64d36790aeb musl-crypt-fix.patch > +801a87f7f9d27f8ad85b41a78b4c4461 ipv6.patch > +50357b75049d878c0bcce10d0c60f9ed sysguard.patch > +a00403a764478f5459d850bb387ca19b nginx.initd > +8823274a834332d3db4f62bf7dd1fb7d nginx.logrotate" > +sha256sums=3D"f5cfe682a1aeef4602c2ca705402d5049b748f946563f41d8256c18674= 836067 nginx-1.6.1.tar.gz > +3eadff1d91995beae41b92733ade28091c2075a24ae37058f4d6aa90b0f4b660 naxsi-= 0.53-2.tar.gz > +c8d67b9c0ed7ec23315071df352e95b69e9f14285cd7f8883d26a7fda237bd87 ngx_ca= che_purge-2.1.tar.gz > +e7c4208f19175db896dd2aede9326960314fc131c3a8829b19d3024d475562cf upstre= am-fair.zip > +800536eb9f269e1478500758e859ef7c4b4c7852580f2aeee8d7eb4c1fb51f18 sysgua= rd.zip > +1923ebdb4a64a22f8903c3da619677bd3aaf769c99bee1aa4262edac58f05ba3 anonym= ise.patch > +8c398640bd379c1c6a2fafcd2b3848a72902e47924e8e2490b312c141eec5d70 musl-c= rypt-fix.patch > +a24ef5843ae0afa538b00c37eb7da7870f9d7f146f52a9668678f7296cf71d9b ipv6.p= atch > +18090329435c32d91621a5943acc5b8bbe89aaa3c2fa334c3a4cdeb00efb6226 sysgua= rd.patch > +67df748bd7ef4f3c3b5eef9dd7e3b352ef671dd7cfb9db56e096eed77a442d67 nginx.= initd > +cea0c6f8de55a4c3a3eccc57910de1c3116634082c8e5b660630fb927a29f38d nginx.= logrotate" > +sha512sums=3D"07762a7b25b7624142e9d8633eb952e7627501a183c82de7f31b20336f= 3f997171b366124a41c0fbc8c2a73ed6c68db1a084ca89cf8c5ad4f2bc5e8e7c7be105 ngi= nx-1.6.1.tar.gz > +ada592f5e7f80a6d549cc435ee8720df01a788dc88cf27a7d55521bb7e4c66fa11b9ec28= 216aff7e13c70a5faf12cb745bd398b8a782ed4dea1eecd04b07e24c naxsi-0.53-2.tar.= gz > +9c958c9cbc16206c023f2e879bf301005117a2358104439513c1a3965894ba2c035fc685= 18ce7c7a4e23548477826ac0c6439bf1da4d4560c972d9a6a75f2a01 ngx_cache_purge-2= .1.tar.gz > +bbe1330e86a9650326858d893a1143df9b431873062b64a89b0befdbaca9f135e872225c= 7a7874231537c74da85ca8c56ac3d80739227721246c096cf4f2b7da upstream-fair.zip > +b361a8316d6e1f419d63f229756d3af08b32e235199285a18f8478be42a57a9c0b2ff126= e7018ba750c6e9d1e33bb053f83aacd96ebc5d3b876bedb973a92712 sysguard.zip > +5899097b6b6ed04deb7ae474fb65205d9c50843f30929c1370c0c1d70df3f02fe51b8ea9= 0d3d2c3b4c53aeb3895717729e0c9773b880ca529e89a5b07fc26a5b anonymise.patch > +21114c775e4bdd1f7b8b9abc143284945e96ed1d8c49904ddf918abad87b16253f918ba4= 7976cd2df32f0fdb8a7dad399d4200e879db2da6cf93a28aab236a75 musl-crypt-fix.pa= tch > +68d64a84568ec2df0366925ab282a05ebe21a85044b6c7844a47573cfd8cc8ed119cc772= 358bc3fff36e2d4fdf583a730592825f5f98632993ca86d1f8438d5f ipv6.patch > +2dca2ac74fb92e330fde7b6b6120b2fd2565c377a629c9536cf77beebe41aa4b092d4229= d5b487b0fb02be4f2cc5b897c429c87bbbbc7b0d31e1cbb94231ddce sysguard.patch > +9c6b357c460998187d7a26c0f3c8abc69c91b523a6f340c1f6ed3c863101a39eeb61e92b= 4cfec6a04af2b495c354c33f232ce5e59ed29edd6855e430ca73d168 nginx.initd > +01b77cff16f6e8bfd7fa1d4d20f625bbcddd08f0509173452d060c342c93dc315a7b0560= f4734323a5d29ea294de0491f2e3f32e5337574e1a28ebc005eceea8 nginx.logrotate" > diff --git a/main/nginx-naxsi/anonymise.patch b/main/nginx-naxsi/anonymis= e.patch > new file mode 100644 > index 0000000..ebedc7f > --- /dev/null > +++ b/main/nginx-naxsi/anonymise.patch > @@ -0,0 +1,76 @@ > +--- nginx-1.6.1/src/http/ngx_http_header_filter_module.c > ++++ nginx-1.6.1/src/http/ngx_http_header_filter_module.c > +@@ -46,8 +46,8 @@ > + }; > +=20 > +=20 > +-static char ngx_http_server_string[] =3D "Server: nginx" CRLF; > +-static char ngx_http_server_full_string[] =3D "Server: " NGINX_VER CRLF; > ++static char ngx_http_server_string[] =3D ""; > ++static char ngx_http_server_full_string[] =3D ""; > +=20 > +=20 > + static ngx_str_t ngx_http_status_lines[] =3D { > +@@ -278,8 +278,8 @@ > + clcf =3D ngx_http_get_module_loc_conf(r, ngx_http_core_module); > +=20 > + if (r->headers_out.server =3D=3D NULL) { > +- len +=3D clcf->server_tokens ? sizeof(ngx_http_server_full_stri= ng) - 1: > +- sizeof(ngx_http_server_string) - 1; > ++ len +=3D clcf->server_tokens ? sizeof(ngx_http_server_full_stri= ng) - 0: > ++ sizeof(ngx_http_server_string) - 0; > + } > +=20 > + if (r->headers_out.date =3D=3D NULL) { > +--- nginx-1.6.1/src/http/ngx_http_spdy_filter_module.c > ++++ nginx-1.6.1/src/http/ngx_http_spdy_filter_module.c > +@@ -175,11 +175,12 @@ > +=20 > + clcf =3D ngx_http_get_module_loc_conf(r, ngx_http_core_module); > +=20 > +- if (r->headers_out.server =3D=3D NULL) { > ++/* if (r->headers_out.server =3D=3D NULL) { > + len +=3D ngx_http_spdy_nv_nsize("server"); > + len +=3D clcf->server_tokens ? ngx_http_spdy_nv_vsize(NGINX_VER) > + : ngx_http_spdy_nv_vsize("nginx"); > + } > ++*/ > +=20 > + if (r->headers_out.date =3D=3D NULL) { > + len +=3D ngx_http_spdy_nv_nsize("date") > +@@ -326,7 +327,7 @@ > +=20 > + count =3D 2; > +=20 > +- if (r->headers_out.server =3D=3D NULL) { > ++ /* if (r->headers_out.server =3D=3D NULL) { > + last =3D ngx_http_spdy_nv_write_name(last, "server"); > + last =3D clcf->server_tokens > + ? ngx_http_spdy_nv_write_val(last, NGINX_VER) > +@@ -334,6 +335,7 @@ > +=20 > + count++; > + } > ++*/ > +=20 > + if (r->headers_out.date =3D=3D NULL) { > + last =3D ngx_http_spdy_nv_write_name(last, "date"); > +--- nginx-1.6.1/src/http/ngx_http_special_response.c > ++++ nginx-1.6.1/src/http/ngx_http_special_response.c > +@@ -19,14 +19,14 @@ > +=20 > +=20 > + static u_char ngx_http_error_full_tail[] =3D > +-"
" NGINX_VER "
" CRLF > ++"
127.0.0.1
" CRLF > + "" CRLF > + "" CRLF > + ; > +=20 > +=20 > + static u_char ngx_http_error_tail[] =3D > +-"
nginx
" CRLF > ++"
localhost
" CRLF > + "" CRLF > + "" CRLF > + ; > diff --git a/main/nginx-naxsi/ipv6.patch b/main/nginx-naxsi/ipv6.patch > new file mode 100644 > index 0000000..9b05f8f > --- /dev/null > +++ b/main/nginx-naxsi/ipv6.patch > @@ -0,0 +1,42 @@ > +--- a/src/http/ngx_http_core_module.c > ++++ b/src/http/ngx_http_core_module.c > +@@ -2442,7 +2442,11 @@ > + ngx_uint_t i; > + ngx_conf_t pcf; > + ngx_http_module_t *module; > ++#if (NGX_HAVE_INET6) > ++ struct sockaddr_in6 *sin6; > ++#else > + struct sockaddr_in *sin; > ++#endif > + ngx_http_conf_ctx_t *ctx, *http_ctx; > + ngx_http_listen_opt_t lsopt; > + ngx_http_core_srv_conf_t *cscf, **cscfp; > +@@ -2526,6 +2530,19 @@ > + if (rv =3D=3D NGX_CONF_OK && !cscf->listen) { > + ngx_memzero(&lsopt, sizeof(ngx_http_listen_opt_t)); > + > ++#if (NGX_HAVE_INET6) > ++ sin6 =3D &lsopt.u.sockaddr_in6; > ++ > ++ sin6->sin6_family =3D AF_INET6; > ++#if (NGX_WIN32) > ++ sin6->sin6_port =3D htons(80); > ++#else > ++ sin6->sin6_port =3D htons((getuid() =3D=3D 0) ? 80 : 8000); > ++#endif > ++ sin6->sin6_addr =3D in6addr_any; > ++ > ++ lsopt.socklen =3D sizeof(struct sockaddr_in6); > ++#else > + sin =3D &lsopt.u.sockaddr_in; > + > + sin->sin_family =3D AF_INET; > +@@ -2537,6 +2554,7 @@ > + sin->sin_addr.s_addr =3D INADDR_ANY; > + > + lsopt.socklen =3D sizeof(struct sockaddr_in); > ++#endif > + > + lsopt.backlog =3D NGX_LISTEN_BACKLOG; > + lsopt.rcvbuf =3D -1; > diff --git a/main/nginx-naxsi/musl-crypt-fix.patch b/main/nginx-naxsi/mus= l-crypt-fix.patch > new file mode 100644 > index 0000000..2f11fe2 > --- /dev/null > +++ b/main/nginx-naxsi/musl-crypt-fix.patch > @@ -0,0 +1,13 @@ > +--- nginx-1.4.4/src/os/unix/ngx_user.c.orig > ++++ nginx-1.4.4/src/os/unix/ngx_user.c > +@@ -31,8 +31,10 @@ > + struct crypt_data cd; > +=20 > + cd.initialized =3D 0; > ++#ifdef __GLIBC__ > + /* work around the glibc bug */ > + cd.current_salt[0] =3D ~salt[0]; > ++#endif > +=20 > + value =3D crypt_r((char *) key, (char *) salt, &cd); > +=20 > diff --git a/main/nginx-naxsi/nginx-naxsi.pre-install b/main/nginx-naxsi/= nginx-naxsi.pre-install > new file mode 100644 > index 0000000..55b5bfc > --- /dev/null > +++ b/main/nginx-naxsi/nginx-naxsi.pre-install > @@ -0,0 +1,9 @@ > +#!/bin/sh > + > +addgroup -g 82 -S www-data 2>/dev/null > +addgroup -S nginx 2>/dev/null > +adduser -S -G nginx -H -h /var/www/localhost/htdocs -s /sbin/nologin \ > + -D nginx 2>/dev/null > +addgroup nginx www-data 2>/dev/null > + > +exit 0 > diff --git a/main/nginx-naxsi/nginx-naxsi.pre-upgrade b/main/nginx-naxsi/= nginx-naxsi.pre-upgrade > new file mode 120000 > index 0000000..364e0b9 > --- /dev/null > +++ b/main/nginx-naxsi/nginx-naxsi.pre-upgrade > @@ -0,0 +1 @@ > +nginx-naxsi.pre-install > \ No newline at end of file > diff --git a/main/nginx-naxsi/nginx.initd b/main/nginx-naxsi/nginx.initd > new file mode 100644 > index 0000000..ce2b7b8 > --- /dev/null > +++ b/main/nginx-naxsi/nginx.initd > @@ -0,0 +1,42 @@ > +#!/sbin/runscript > + > +extra_started_commands=3D"reload" > +extra_commands=3D"configtest" > + > +depend() { > + need net > + use dns logger netmount > +} > + > +CONFFILE=3D${CONFFILE:-/etc/nginx/${SVCNAME}.conf} > +PIDFILE=3D${PIDFILE:-/var/run/${SVCNAME}.pid} > + > +configtest() { > + ebegin "Checking ${SVCNAME} configuration" > + mkdir -p /tmp/nginx > + /usr/sbin/nginx -c ${CONFFILE} -t > + eend $? "failed, please correct errors above" > +} > + > +start() { > + configtest || return 1 > + ebegin "Starting ${SVCNAME}" > + start-stop-daemon --start --pidfile "${PIDFILE}" \ > + --exec /usr/sbin/nginx -- -c ${CONFFILE} -g "pid ${PIDFILE};" > + eend $? "Failed to start ${SVCNAME}" > +} > + > +stop() { > + configtest || return 1 > + ebegin "Stopping ${SVCNAME}" > + start-stop-daemon --stop --pidfile "${PIDFILE}" > + eend $? "Failed to stop ${SVCNAME}" > + rm -f "${PIDFILE}" > +} > + > +reload() { > + configtest || return 1 > + ebegin "Refreshing ${SVCNAME} configuration" > + kill -HUP $(cat "${PIDFILE}") &>/dev/null > + eend $? "Failed to reload nginx" > +} > diff --git a/main/nginx-naxsi/nginx.logrotate b/main/nginx-naxsi/nginx.lo= grotate > new file mode 100644 > index 0000000..7778b11 > --- /dev/null > +++ b/main/nginx-naxsi/nginx.logrotate > @@ -0,0 +1,12 @@ > +# Copyright 1999-2010 Gentoo Foundation > +# Distributed under the terms of the GNU General Public License v2 > +# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx.logrota= te,v 1.1 2010/01/03 20:29:40 djc Exp $ > + > +/var/log/nginx/*.log { > + missingok > + sharedscripts > + postrotate > + kill -USR1 `cat /var/run/nginx.pid` > + endscript > +} > + > diff --git a/main/nginx-naxsi/sysguard.patch b/main/nginx-naxsi/sysguard.= patch > new file mode 100644 > index 0000000..be8b0d2 > --- /dev/null > +++ b/main/nginx-naxsi/sysguard.patch > @@ -0,0 +1,10 @@ > +--- a/src/http/ngx_http_request.h > ++++ b/src/http/ngx_http_request.h > +@@ -498,6 +498,7 @@ > + */ > + unsigned limit_conn_set:1; > + unsigned limit_req_set:1; > ++ unsigned sysguard_set:1; > +=20 > + #if 0 > + unsigned cacheable:1; --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---